IEC 60870-5-104 TESTING using PROTESTING360

PROTESTING360 includes a testing engine that can be used for testing any IEC 60870-5-104 remote terminal unit following the testing procedures specified by IEC TS 60870-5-604 or any utility specific communication profile.

 

IEC TS 60870-5-604. Telecontrol equipment and systems – Part 5-604: Conformance test cases for the IEC 60870-5-104 companion standard

Up to date, PROTESTING360 includes all the scripts needed to perform the testing procedures specified by IEC TS 60870-5-104:2016 (the latest IEC test specification available).

PROTESTING360 also generates all the logs and captured traffic to keep evidence of the testing process.

IEC 60870-5-604 OUTSTATION TESTING

Here you can see here the complete test plan with all the testing sections supported.

The detailed test script list is the following:

5.3.2.1 – IP FRAME – IP Header, IP Fragment Re-assembling

5.3.2.2 – IP FRAME- Source Address, Destination Address

5.3.2.3 – TCP FRAME – TCP Header, TCP Control field (specifically ACK, RST, SYN, FIN) TCP Sequencing

5.3.2.4 – TCP FRAME – Controlled station uses port 2404

5.3.2.5 – TCP FRAME – Active open

5.3.2.6 – TCP FRAME – Active close

5.3.2.7 – TCP FRAME – No problem detected on TCP/IP level.

5.3.2.10 – CS104 APDU FRAME LAYOUT – Start character of APUD 0x68

5.3.2.11 – CS104 APDU FRAME LAYOUT – Configured number of octets

5.3.2.12 – CS104 APDU FRAME LAYOUT – 4 octet control field

5.3.2.20 – CS104 I-Format APDU

5.3.2.25 – CS104 S-Format APDU

5.3.2.30 – CS104 U-Format APDU

5.3.2.50 – Transmission procedure

5.3.2.70 – Transmission control using start-stop

5.3.2.90 – Timeout intervals

5.3.3.1 – Type identification

5.3.3.10 – COT – Originator address

5.3.4.10 – M_SP_NA_1 – ASDU 1 Single-point information

5.3.4.30 – M_DP_NA_1 – ASDU 3 – Double point information

5.3.4.50 – M_ST_NA_1 – ASDU 5 – Step position information

5.3.4.70 – M_BO_NA_1 – ASDU 7 – Bitstring of 32 bits

5.3.4.90 – M_ME_NA_1 – ASDU 9 – Measured value normalized value

5.3.4.110 – M_ME_NB_1 – ASDU 10 – Measured value, scaled value

5.3.4.130 – M_ME_NC_1 – ASDU 11 – Measured value, short floating point number

5.3.4.150 – M_IT_NA_1 – ASDU 15 – Integrated totals

5.3.4.170 – M_PS_NA_1 – ASDU 20 – Packed single-point information with status change detection

5.3.4.190 – M_ME_ND_1 – ASDU 21 – Measured value, normalized value without quality descriptor

5.3.4.210 – M_SP_TB_1 – ASDU 30 – Single point information with CP56Time2a

5.3.4.230 – M_DP_TB_1 – ASDU 31 – Double point information with CP56Time2a

5.3.4.250 – M_ST_TB_1 – ASDU 32 – Step position information with CP56Time2a

5.3.4.280 – M_BO_TB_1 – ASDU 33 – Bitstring of 32 bit with time-tag CP56Time2a

5.3.4.310 – M_ME_TD_1 – ASDU 34 – Measured value, normalised value information with CP56Time2a

5.3.4.340 – M_ME_TE_1 – ASDU 35 – Measured value, scaled value information with CP56Time2a

5.3.4.370 – M_ME_TF_1 – ASDU 36 – Measured value, short floating point number with CP56Time2a

5.3.4.400 – M_IT_TB_1 – ASDU 37 – Integrated totals with time tag CP56Time2a

5.3.4.430 – M_EP_TD_1 – ASDU 38 – event of protection equipment with time-tag CP56Time2a

5.3.4.460 – M_EP_TE_1 – ASDU 39 – Packed start events of protection equipment with time-tag CP56Time2a

5.3.4.490 – M _EP_TF_1 – ASDU 40 – Packet output circuit information of protection equipmente with time tag CP56Time2a

5.3.5.1 – C_SC_NA_1 – ASDU 45 – Single command

5.3.5.10 – C_DC_NA_1 – ASDU 46 – Double command

5.3.5.20 – C_RC_NA_1 – ASDU 47 – Regulating step command

5.3.5.30 – C_SE_NA_1 – ASDU 48 – Set point command, normalised value

5.3.5.40 – C_SE_NB_1 – ASDU 49 – Set point command, scaled value

5.3.5.50 – C_SE_NC_1 – ASDU 50 – Set point command, short floating point value

5.3.5.60 – C_BO_NA_1 – ASDU 51 – Bitstring of 32 bits command

5.3.5.70 – C_SC_TA_1 – ASDU 58 – Single command with time tag CP56Time2a

5.3.5.90 – C_DC_TA_1 – ASDU 59 – Double command with time tag CP56Time2a

5.3.5.110 – C_RC_TA_1 – ASDU 60 – Regulating step command with time tag CP56Time2a

5.3.5.130 – C_SE_TA_1 – ASDU 61 – Set point command, normalised value with time tag CP56Time2a

5.3.5.150 – C_SE_TB_1 – ASDU 62 – Set point command, scaled value with time tag CP56Time2a

5.3.5.170 – C_SE_TC_1 – ASDU 63 – Set point command, short floating point value with time tag CP56Time2a

5.3.5.190 – C_BO_TA_1 – ASDU 64 – Bitstring of 32 bits command with time tag CP56Time2a

5.3.6.1 – M_EI_NA_1 – ASDU 70 – End of initialisation

5.3.7.1 – C_IC_NA_1 – ASDU 100 – Interrogation command

5.3.7.10 – C_CI_NA_1 – ADSU 101 – Counter interrogation command

5.3.7.20 – C_RD_NA_1 – ASDU 102 – Read command

5.3.7.30 – C_CS_NA_1 – ASDU 103 – Clock synchronisation command

5.3.7.60 – C_RP_NA_1 – ASDU 105 – Reset process command

5.3.7.70 – C_TS_TA_1 – ASDU 107 – Test command with time tag CP56Time2a

5.3.8.1 – P_ME_NA_1 – ASDU 110 – Parameter of measured value, normalised value

5.3.8.10 – P_ME_NB_1 – ASDU 111 – Parameter of measured value, scaled value

5.3.8.20 – P_ME_NC_1 – ASDU 112 – Parameter of measured value, short floating point number

5.3.8.30 – P_AC_NA_1 – ASDU 113 – Parameter activation

5.3.9.1 – F_FR_NA_1 – ADU 120 – File Ready

5.3.9.10 – F_SR_NA_1 – ASDU 121 – Section ready

5.3.9.30 – F_SC_NA_1 – ASDU 122, Call directory, select file, call file, call section

5.3.9.40 – F_LS_NA_1 – ASDU 123 – Last section, last segment

5.3.9.50 – F_AF_NA_1 – ASDU 124, ACK file, ACK section

5.3.9.60 – F_SG_NA_1 – ASDU 125 – Segment

5.3.9.70 – F_DR_TA_1 – ASDU 126 – Directory

5.4.10.1 – Type identification

5.4.10.5 – Cause of transmission

5.4.10.10 – Common Address Of ASDU

5.4.11.1 – Object Address

5.4.12.1 – Local initialisation of the controlling station: (re)boot

5.4.12.10 – Local initialisation of the controlled station: (re)boot

5.4.12.20 – Remote initialisation of the controlled station

5.4.12.21 – Reset of pending information with time tag of the event buffer

5.4.12.30 – Re-establishing a lost started connection when no other connections are available

5.4.13.1 – Periodic check of all redundant connections

5.4.13.10 – Re-establishing a lost started connection when redundant connections are available: (automatic switch over)

5.4.13.20 – Re-establishing a lost redundant connection

5.4.13.30 – Manual switching over the started connection to another redundant stopped connection (manual switch over)

5.4.14.1 – Cyclic data transmission – Sequential procedure – Periodic/cyclic

5.4.14.2 – Cyclic data transmission – Sequential procedure – Background scan

5.4.14.9 – Cyclic data transmission – Activation and deactivation

5.4.15.1 – Data acquisition through read function – Sequential procedure

5.4.16.1A – Acquisition of events function – COT<3> for each type identifier

5.4.16.1B – Acquisition of events function – Event buffer

5.4.16.1C – Acquisition of events function – Events without time tag

5.4.16.1D – Acquisition of events function – Events with no correlative IOAs

5.4.16.1E – Acquisition of events function – Events with correlative IOAs

5.4.16.1F – Acquisition of events function – Time stamp

5.4.16.1G – Acquisition of events function conformance test procedures – Resynchronization

5.4.17.1A – Outstation interrogation – one Logical Remote Unit (LRU) avaiable on the controlled station – Global

5.4.17.1B – Outstation interrogation – one Logical Remote Unit (LRU) avaiable on the controlled station – Groups

5.4.17.1C – Outstation interrogation – one Logical Remote Unit (LRU) avaiable on the controlled station – GI represents actual status

5.4.17.10A – Outstation interrogation – more than one Logical Remote Unit (LRU) avaiable on the controlled station – Global

5.4.17.10B – Outstation interrogation – more than one Logical Remote Unit (LRU) avaiable on the controlled station – Groups

5.4.17.20 – General interrogation – Reactivate a running Outstation interrogation. Option 1: the running GI continues

5.4.17.30 – General interrogation – Reactivate a running Outstation interrogation. Option 2: the running GI is stopped and the second GI is started

5.4.17.40 – General interrogation – Reactivate a running Outstation interrogation. Option 3: the running GI continues and after activation termination (COT 10) the second GI is started

5.4.17.50 – General interrogation – Deactivate a running Outstation interrogation

5.4.18.1 – Clock synchronisation – Sequential procedure

5.4.18.10 – Clock synchronisation – Change the clock

5.4.18.15 – Clock synchronization – Broadcast

5.4.19.1A – Command transmission – Select and Execute normal procedure – Single Command

5.4.19.1B – Command transmission – Select and Execute normal procedure – Double Command

5.4.19.1C – Command transmission – Select and Execute normal procedure – Regulating step command

5.4.19.1D – Command transmission – Select and Execute normal procedure – Set-point normalized

5.4.19.1E – Command transmission – Select and Execute normal procedure – Set-point scaled

5.4.19.1F – Command transmission – Select and Execute normal procedure – Set-point float

5.4.19.7A – Command transmission – Execute with different parameters than Select is rejected – Single command

5.4.19.7B – Command transmission – Execute with different parameters than Select is rejected – Double command

5.4.19.7C – Command transmission – Execute with different parameters than Select is rejected – Regulating step command

5.4.19.7D – Command transmission – Execute with different parameters than Select is rejected – Setpoint normalized

5.4.19.7E – Command transmission – Execute with different parameters than Select is rejected – Setpoint scaled

5.4.19.7F – Command transmission – Execute with different parameters than Select is rejected – Setpoint float

5.4.19.10A – Command transmission – Select and Deactivation – Single command

5.4.19.10B – Command transmission – Select and Deactivation – Double command

5.4.19.10C – Command transmission – Select and Deactivation – Regulating step command

5.4.19.10D – Command transmission – Select and Deactivation – Setpoint command normalized

5.4.19.10E – Command transmission – Select and Deactivation – Setpoint command scaled

5.4.19.10F – Command transmission – Select and Deactivation – Setpoint command float

5.4.19.20A – Command transmission – Direct execute – Single command

5.4.19.20B – Command transmission – Direct execute – Double command

5.4.19.20C – Command transmission – Direct execute – Regulating step command

5.4.19.20D – Command transmission – Direct execute – Setpoint command normalized

5.4.19.20E – Command transmission – Direct execute – Setpoint command scaled

5.4.19.20F – Command transmission – Direct execute – Setpoint command float

5.4.19.30A – Command transmission – Select with Negative Confirmation by Controlled station (Abort) – Single command

5.4.19.30B – Command transmission – Select with Negative Confirmation by Controlled station (Abort) – Double command

5.4.19.30C – Command transmission – Select with Negative Confirmation by Controlled station (Abort) – Regulating step command

5.4.19.30D – Command transmission – Select with Negative Confirmation by Controlled station (Abort) – Setpoint normalized

5.4.19.30E – Command transmission – Select with Negative Confirmation by Controlled station (Abort) – Setpoint scaled

5.4.19.30F – Command transmission – Select with Negative Confirmation by Controlled station (Abort) – Setpoint float

5.4.19.40A – Command transmission – Execute after select timeout – Single command

5.4.19.40B – Command transmission – Execute after select timeout – Double command

5.4.19.40C – Command transmission – Execute after select timeout – Regulating step command

5.4.19.40D – Command transmission – Execute after select timeout – Setpoint normalized

5.4.19.40E – Command transmission – Execute after select timeout – Setpoint scaled

5.4.19.40F – Command transmission – Execute after select timeout – Setpoint float

5.4.19.50A – Command transmission – Sequential procedure: Direct execute with negative confirmation by controlled station – Single command

5.4.19.50B – Command transmission – Sequential procedure: Direct execute with negative confirmation by controlled station – Double command

5.4.19.50C – Command transmission – Sequential procedure: Direct execute with negative confirmation by controlled station – Regulating step command

5.4.19.50D – Command transmission – Sequential procedure: Direct execute with negative confirmation by controlled station – Setpoint normalized

5.4.19.50E – Command transmission – Sequential procedure: Direct execute with negative confirmation by controlled station – Setpoint scaled

5.4.19.50F – Command transmission – Sequential procedure: Direct execute with negative confirmation by controlled station – Setpoint float

5.4.19.60A – Command transmission – Sequential procedure: Command received WITHIN configured delay – Single command

5.4.19.60B – Command transmission – Sequential procedure: Command received WITHIN configured delay – Double command

5.4.19.60C – Command transmission – Sequential procedure: Command received WITHIN configured delay – Regulating step command

5.4.19.60D – Command transmission – Sequential procedure: Command received WITHIN configured delay – Set point normalized

5.4.19.60E – Command transmission – Sequential procedure: Command received WITHIN configured delay – Set point scaled

5.4.19.60F – Command transmission – Sequential procedure: Command received WITHIN configured delay – Set point float

5.4.19.70A – Command transmission – Sequential procedure: Command received AFTER configured delay – Single command

5.4.19.70B – Command transmission – Sequential procedure: Command received AFTER configured delay – Double command

5.4.19.70C – Command transmission – Sequential procedure: Command received AFTER configured delay – Regulating step command

5.4.19.70D – Command transmission – Sequential procedure: Command received AFTER configured delay – Setpoint normalized

5.4.19.70E – Command transmission – Sequential procedure: Command received AFTER configured delay – Setpoint scaled

5.4.19.70F – Command transmission – Sequential procedure: Command received AFTER configured delay – Setpoint float

5.4.19.75A – Command transmission – Sequential procedure: Command received with time tag in the future – Single command

5.4.19.75B – Command transmission – Sequential procedure: Command received with time tag in the future – Double command

5.4.19.75C – Command transmission – Sequential procedure: Command received with time tag in the future – Regulating step command

5.4.19.75D – Command transmission – Sequential procedure: Command received with time tag in the future – Setpoint normalized

5.4.19.75E – Command transmission – Sequential procedure: Command received with time tag in the future – Setpoint scaled

5.4.19.75F – Command transmission – Sequential procedure: Command received with time tag in the future – Setpoint float

5.4.19.85A – Command transmission – Command with or without time tag – Single command

5.4.19.85B – Command transmission – Command with or without time tag – Double command

5.4.19.85C – Command transmission – Command with or without time tag – Regulating step command

5.4.19.85D – Command transmission – Command with or without time tag – Setpoint normalized

5.4.19.85E – Command transmission – Command with or without time tag – Setpoint scaled

5.4.19.85F – Command transmission – Command with or without time tag – Setpoint float

5.4.19.86A – Command transmission – Command received during GI – Single command

5.4.19.86B – Command transmission – Command received during GI – Double command

5.4.19.86C – Command transmission – Command received during GI – Regulating step command

5.4.19.86D – Command transmission – Command received during GI – Setpoint normalized

5.4.19.86E – Command transmission – Command received during GI – Setpoint scaled

5.4.19.86F – Command transmission – Command received during GI – Setpoint float

5.4.20.1 – Mode A – Local freeze with spontaneous transmission

5.4.20.10 – Mode B – Local freeze with Counter Interrogation

5.4.20.10 – Mode B – Local freeze with Counter Interrogation – Groups

5.4.20.10 – Mode B – Local freeze with Counter Interrogation – Broadcast address

5.4.20.20 – Mode C – Remote initiated freeze with Counter Interrogation

5.4.20.20 – Mode C – Remote initiated freeze with Counter Interrogation – Groups

5.4.20.20 – Mode C – Remote initiated freeze with Counter Interrogation – Broadcast address

5.4.20.30 – Mode D – Remote initiated freeze with spontaneous transmission

5.4.20.30 – Mode D – Remote initiated freeze with spontaneous transmission – Groups

5.4.20.30 – Mode D – Remote initiated freeze with spontaneous transmission – Broadcast address

5.4.21.1 – Parameter loading – Load and activate parameter

5.4.21.10 – Parameter loading – Load and activate parameter with Negative Confirmation by Controlled station

5.4.21.15 – Parameter loading – Parameter activation

5.4.22.1 – Test procedure – Sequential procedure

5.4.23.1 – File transfer procedure (monitor direction) – Sequential procedure

5.4.23.10 – File transfer procedure – (control direction) – Sequential procedure

5.4.23.14 – File transfer procedure – (control direction) – ASDU with wrong IOA

5.4.23.15A – File transfer procedure – Query Log – RangeStartTime available and RangeStopTime available

5.4.23.15B – File transfer procedure – Query Log – RangeStartTime 0 and RangeStopTime available

5.4.23.15C – File transfer procedure – Query Log – RangeStartTime available and RangeStopTime 0

5.4.23.15D – File transfer procedure – Query Log – RangeStartTime 0 and RangeStopTime 0

5.4.24.1A – Out of service behaviour – Controlled station power supply interrupt

5.4.24.1B – Out of service behaviour – Disconnection of the controlled system physical communication

5.4.24.1C – Out of service behaviour – Disconnection of the controlling system physical communication

5.4.24.1D – Out of service behaviour – Controlled station power supply interrupt with basic application running (as general interrogation)

5.4.24.1E – Out of service behaviour – Disconnection of the controlled system physical communication with basic application running (as general interrogation)

5.4.24.1F – Out of service behaviour – Disconnection of the controlling system physical communication with basic application running (as general interrogation)

5.4.24.10 – Miscellaneous

5.4.25.1 – TCP/IP connection with unknown IP address

5.4.25.2 – Quality descriptor

5.4.25.3 – Command transmission

5.4.25.4 – Summer time – Summer time bit is taken into account when using commands and events

---

Avoid deviation in the final test with the maximum test automation

Providing a complete automation of the test cases, the pretest and test stage of the conformance testing process are always performed exactly the same way with the minimum human intervention during the process.

Secondary injection devices

Maximum script automation controlling secondary injection devices to generate the stimulus need to change digital and analog values in the IED under test.

 

 

Ethernet switch automation

Several test cases check the communication lost and recovering when a link is broken. PROTESTING360 script engine controls the ethernet switch enabling and disabling port so no human intervention is required connecting and disconnecting ethernet cables.

 

Configuration exchange

PROTESTING360 script engine can exchange configuration files or modify device behavior using web services, ftp, telnet or ssh connections.

Capture frame validation in the script

PROTESTING360 scripting engine access to the captured frames and it can be programmed to check any flag or field value of the packets exchange. Automated packed review can save hours of testing review in several test cases and can detect errors that are difficult to detect for a human being when the script exchanges hundreds of frames.

---

Keep evidence to review

PROTESTING360 scripts include information about the execution details and the captured files for each test case in PCAP (Wireshark). All the trace files can be reviewed and we include graphical views to help visualizing the communication exchange.

---

Generate reports without effort

One the test session is over PROTESTING360 generates the test report and statistics to detect which test cases required higher resources or effort.

 

---

---