Open topic with navigation

DNP3

Define Which Function Codes are Critical

With devices that use DNP3 Secure Authentication, any request to perform a function that is deemed to be critical is ‘challenged’. Such a request is only processed once the correct reply has been received to that challenge. (With Aggressive Mode, the sending device anticipates a challenge and so includes the necessary authentication data in the same message as the critical request.)

Use the check boxes in the relevant DNP3 Security section of the Geo SCADA Expert Server Configuration Tool to specify which function codes are deemed to be critical.

The DNP3 standard mandates that certain function codes (such as ‘Cold Restart’) to always be deemed critical. The check boxes for these function codes are ‘grayed out’ to indicate that they cannot be cleared.

With the remaining check boxes, select the boxes of those function codes that are critical. Ensure that the check boxes of any non-critical function codes are clear. Non-critical function codes are processed in the normal way without being challenged or sent using Aggressive Mode.

With DNP3 devices with which Geo SCADA Expert communicates using a DNP3 Extension Driver, that extension driver may have further mandatory critical function codes to those shown in the figure above. Use the relevant section of the Geo SCADA Expert ServerConfiguration Tool to specify the criticality of such function codes. The relevant DNP3 extension driver guide will mention any server settings that are specific to the extension driver.

Use the check boxes on the DNP3 Master section of the Geo SCADA Expert Server Configuration Tool to determine the criticality of function codes for systems on which Geo SCADA Expert is the DNP3 master. Set the function codes’ criticality so that it matches that of your outstations. For example, if your outstations are configured to challenge ‘Read’ requests, select the ‘Read’ check box on the DNP3 Master section of the Tool. With this section of the Tool, all but the last two check boxes determine the criticality of function codes that Geo SCADA Expert sends to any DNP3 outstations and therefore which functions Geo SCADA Expert sends using Aggressive Mode. The last two check boxes (‘Response’ and ‘Unsolicited Response’) determine the criticality of, and therefore whether Geo SCADA Expert challenges, the solicited and unsolicited responses that it receives from the DNP3 outstations.

Use the check boxes on the DNP3 Slave section of the Geo SCADA Expert Server Configuration Tool to determine the criticality of function codes for systems on which Geo SCADA Expert is operating as a DNP3 slave. Set the function codes’ criticality so that it matches that of your DNP3 master(s). For example, if your DNP3 master(s) are configured to challenge ‘Unsolicited Responses’, select the ‘Unsolicited Responses’ check box on the DNP3 Slave section of the Tool. With this section of the Tool, all but the last two check boxes determine the criticality of function codes that Geo SCADA Expert receives from its DNP3 master(s) and therefore which function codes Geo SCADA Expert challenges. The last two check boxes (‘Response’ and ‘Unsolicited Response’) determine the criticality of solicited and unsolicited responses that Geo SCADA Expert sends to its DNP3 master(s) and therefore whether the Slave (Geo SCADA Expert) sends those functions using Aggressive Mode.

Further Information

Configure a DNP3 master outstation to use Aggressive Mode: see Specify Whether Aggressive Mode is Used.

Configure a DNP3 slave outstation to use Aggressive Mode: see Specify Whether Aggressive Mode is Used.

Disclaimer

Geo SCADA Expert 2020

© 2020 AVEVA Group Plc.  All Rights Reserved.

The Schneider Electric industrial software business and AVEVA have merged to trade as AVEVA Group plc, a UK listed company. Schneider Electric, Life is On Schneider Electric and EcoStruxure are trademarks and the property of Schneider Electric SE and are being licensed to AVEVA by Schneider Electric.