support several standard protocols such as MODBUS, IEC IEC 60870-2-1:1995 Operating conditions - Section
60870, and DNP3. [5]. 1: Power supply and electromagnetic compatibility
IEC 60870-2-2:1996 Operating conditions - Section
2: Environmental conditions (climatic, mechanical and
B. Communications protocols
other non-electrical influences)
The posibility of implement Substation Automatization IEC 60870-3:1989 Interfaces (electrical
Systems (SAS), rests on the strong development of circuits characteristics)
That have led to the current availability of advanced faster and IEC 60870-4:1990 Performance requirements
powerful microprocessors. The result was an evolution of
substation secondary equipment, the electro-mechanical
devices turn in to digital devices. This give the possibility of 2.) IEC 60870-5 parts:
implement decentralized SAS, using various intelligent
electronic devices (IEDs) to do functions of protection,
control, local and remote monitoring, etc. Due, emerged the IEC 60870 part 5, known as Transmission
necessity of efficient communications between IEDs, protocols, [1] provides a communication profile for sending
especially through a standard protocol. [13] basic telecontrol messages between two systems, which uses
permanent directly connected data circuits between the
The objective of the normalization of automatization the systems. The IEC TC 57 WG3 have developed
substations is develop a communication standard complying a protocol standard for telecontrol, teleprotection, and
the requirements and costs that support the future technologic associated telecommunications for electric power systems.
develops. The communication standard should support the The result of this work is IEC 60870-5. Five documents
operative functions of the substation and get own a specify the base IEC 60870-5:
communication profile, in the individual levels of OSI, based
on exist standards IEC/ISO/OSI. IEC 60870-5-1 Transmission Frame Formats
In electrical engineering and power system automation,
IEC 60870-5-2 Data Link Transmission Services
the International Electrotechnical Commission 60870
standards define systems used for telecontrol (supervisory IEC 60870-5-3 General Structure of Application
control and data acquisition). Such systems are used for Data
controlling electric power transmission grids and other
geographically widespread control systems. By use of IEC 60870-5-4 Definition and Coding of Information
standardized protocols, equipment from many different Elements
suppliers can be made to interoperate. IEC standard 60870 has IEC 60870-5-5 Basic Application Functions
six parts, defining general information related to the standard,
operating conditions, electrical interfaces, performance IEC 60870-5-6 Guidelines for conformance testing
requirements, and data transmission protocols. The 60870 for the IEC 60870-5 companion standards
standards are developed by IEC Technical Committee 57. IEC TS 60870-5-7 Security extensions to IEC 60870-
5-101 and IEC 60870-5-104 protocols (applying IEC
62351)
1.) List of IEC 60870 parts:
The IEC TC 57 has also generated companion standards:
IEC TR 60870-1-1:1988 General considerations.
IEC 60870-5-101 Transmission Protocols -
Section One: General principles
companion standards especially for basic telecontrol tasks
IEC 60870-1-2:1989 General considerations. Section
IEC 60870-5-102 Transmission Protocols -
Two: Guide for specifications
Companion standard for the transmission of integrated
IEC TR 60870-1-3:1997 General considerations - totals in electric power systems (this standard is not
Section 3: Glossary widely used)
IEC TR 60870-1-4:1994 General considerations - IEC 60870-5-103 Transmission Protocols -
Section 4: Basic aspects of telecontrol data transmission Companion standard for the informative interface of
and organization of standards IEC 870-5 and IEC 870-6 protection equipment
IEC TR 60870-1-5:2000 General considerations - IEC 60870-5-104 Transmission Protocols - Network
Section 4: Influence of modem transmission procedures access for IEC 60870-5-101 using standard transport
with scramblers on the data integrity of transmission profiles
systems using the protocol IEC 60870-5
3
IEC TC 57 WG3 also generated standards for telecontrol For link level, the associated standards are the IEC 60870-5
protocols compatible with ISO standards and ITU-T and IEC 60870-5-2 publications. The first standard, allows
recommendations. These standards include: segment standard format that provides the requirement data
integrity with the maximum available efficiency in function of
IEC 60870-6-1 Application context and organization service type to implement. The IEC 60870-5-2 publication,
of standards gives a link transmission procedures selection, using one
control and optional direction camps. If the links between
IEC 60870-6-2 Use of basic standards (OSI layers 1 master and diverse telecontrolled stations, share a physic
4) channel, so the links must to be operated in unbalanced mode,
IEC 60870-6-501 TASE.1 Service definitions for avoid the possibility that more than one station try to
transmit in channel, at same time. The sequence which
IEC 60870-6-502 TASE.1 Protocol definitions guarantees different tellecontrolled stations access to transmit
in the channel is determined for one process on the application
IEC 60870-6-503 TASE.2 Services and protocol
level, in master station. Associated standard specifies if it is
IEC 60870-6-504 TASE.1 User conventions due use balanced or unbalanced transmission mode, jointly
with link process type (SEND/NO REPLY, SEND/CONFIRM
IEC TR 60870-6-505 TASE.2 User guide and REQUEST/RESPOND).
IEC 60870-6-601 Functional profile for providing the In application level, IEC 60870-5-3 standard, describes the
connection-oriented transport service in an end system general information of application structure, without specify
connected via permanent access to a packet switched data details about information camps and his content. Specify the
network general structure of ASDUs (Application Service Data Units),
used for the application process.
IEC 60870-6-602 TASE transport profiles In the IEC 60870-5-4 publication, define the codification
IEC 60870-6-701 Functional profile for providing the specifications for information individual elements that are
TASE.1 application service in end systems frequently used in telecontrol applications.
60870-5-5 publication, define basic application functions that
IEC 60870-6-702 Functional profile for providing the are making the standard process for telecontrol systems. This
TASE.2 application service in end systems functions are application process which are located under the
7 level of the reference model ISO and uses the standard
IEC 60870-6-802 TASE.2 Object models [13]
services of the level.
4.) EPA reference model:
5.) DATA TRANMISSION PROTOCOLS BASED ON
OSI reference model (Open System Interconnection), bring a IEC 60870-5-101 THREE LEVEL MODEL
general description of the necessary functions to realize
reliable communications between heterogeneous systems. The IEC 60870-5-101 standard, is the IEEE recommended model
model, its organized in seven layers, each one have a specific for the communication between master stations, RTUs and
function in the communication. 1 to 4 layer (physical, IEDs.
datalink, red and transport), define necessary functions to data Use the plot FT 1.2 format, defined in IEC 60870-5-1
transmission between systems, while 5 to 7 layer (session, document, fulfilling with the data integrity requirements I2
presentation and application), define oriented functions to class, that specify hamming distance, d= 4, which it involves
user. EPA model (Enhancer Performance Architecture), uses that 4 bit errors, should not cause undetectable messages
only three of the seven layers. errors.
The next table show EPA model, with standards associated to Plot format, can be changeful, between 0 and 255 characters
the IEC 60870-5 series, for each one layers or levels. [2] (user data octets), or immovable. Fig 2. [2], show plot format
with variable or fixed block length, respectively.
4
Each character, are composed by: Star bit (value = 0), Stop Bit
(value = 1), eight data bit and parity bit (P). Each plot has
one checksum composed by eight bits, module 256. Some
of protocols based on this reference model are:
5.1.) Distributed Network Protocol 3.0(DNP 3.0). Fig 3. Server-user relation and brings a simple scheme of
data vases and involved process. [2]
DNP 3.0 is an industrial protocol for communications between
IEDs and controlled stations, components of SCADA systems. User and server has similar data bases, the objective is keep it
Was created in 1990 for Westronic Inc., actually GE Harris. In update for different purposes, such as: show system states,
1993 was in public domain. alarm notification, do close loop control, etc. [14]
The protocol is based in the IEC 60870-5 standard, and
therefore adopt OSI 3 levels EPA model.
Physic level, support RS 485 and required interface. Link 5.2.) Modbus RTU.
level, has as main characteristic, changeable length, with
maximum 255 characters; use the FT3 plot format, hamming Modbus RTU is an open, serial (RS-232 or RS-485) protocol
distance, d = 4; possess collision avoidance in unsolicited derived from the Master/Slave architecture. It is a widely
mode; use the unbalanced transmission mode, to allow accepted protocol due to its ease of use and reliability.
spontaneous transmission from remote stations, and the link Modbus RTU is widely used within Building Management
process Send/Confirm, Send/No Reply, Request/respond and Systems (BMS) and Industrial Automation Systems (IAS).
confirm. Possess pseudotransport functions or limit transport This wide acceptance is due in large part to MODBUS RTUs
function, allowing data and block information transfer. ease of use.
Application level, define the APDU (Application Protocol MODBUS RTU messages are a simple 16-bit CRC (Cyclic-
Data Unit) format and services, based on IEC 60870-and 5-3 Redundant Checksum). The simplicity of these messages is to
60870-5-4 documents. Structurally the application level PDU ensure reliability. Due to this simplicity, the basic 16-bit
(Protocol Data Unit), it fits at ASDU (Application Service MODBUS RTU register structure can be used to pack in
Data Unit) IEC description. Support Request/Response floating point, tables, ASCII text, queues, and other unrelated
formats. Remote station can decide to transmit data.
spontaneously information. For master stations, can accept
an unsolicited response meanwhile the transaction is carried MODBUS is considered an application layer messaging
out. For one remote station, Request/Response transaction protocol, providing Master/Slave communication between
must be completed before anyone requirement be accepted or devices connected together through buses or networks. On the
unsolicited response be sent. In this level, also are defined OSI model, MODBUS is positioned at level 7. MODBUS is
diverse priority information classes, such as high, medium, intended to be a request/reply protocol and delivers services
any, exception information. [14] specified by function codes. The function codes of MODBUS
Between the important protocol characteristics, can be are elements of MODBUS request/reply PDUs (Protocol
mentioned the next ones: Request, manifold information types Data Unit).
answer in the same message; message segmentation in
multiple plots, to ensure excellent detection and error In order to build the MODBUS application data unit, the client
recovery; change inclusion only in response messages; must initiate a MODBUS transaction. It is the function which
unsolicited response; priority assignment to information items informs the server as to which type of action to perform. The
and recurring request of the information items; time format of a request initiated by a Master is established by the
synchronization and standard time format support; it allows MODBUS application protocol. The function code field is
multiple master operations and peer-to-peer; permit objects then coded into one byte. Only codes within the range of 1
define by user, transfer data includes. User-server terms are through 255 are considered valid, with 128-255 being
applicable to DNP3.0. It can define a server, such as device or reserved for exception responses. When the Master sends a
5
message to the Slave, it is the function code field which Ethernet, and MODBUS TCP/IP) is that MODBUS TCP runs
informs the server of what type of action to perform. on an Ethernet physical layer and Modbus RTU is a serial
level protocol. Modbus TCP also uses a 6 byte header to allow
To define multiple actions, some functions will have sub- routing.
function codes added to them. For instance, the Master is able
to read the ON/OFF states of a group of discreet outputs or Bit Structure in the Byte
inputs. It could also read/write the data contents of a group of The Bit of least importance is sent and received first. All
MODBUS registers. When the Master receives the Slave devices within the network must interpret each transmitted
response, the function code field is used by the Slave to byte analogously in this manner. There are no methods for
indicate either an error-free response or an exception automated recognition of baud rates is not assigned and the
response. The Slave echoes to the request of the initial same baud rate must be utilized by the Server as well as all
function code in the case of a normal response. [15] clients connected to the bus. No specific baud rate is specified
by the MODBUS: typical baud rates are 9600 or 19200.
5.2.1.) Data object properties
MODBUS RTU packets are only intended to send data; they 5.2.5.) Modbus RTU memory map
do not have the capability to send parameters such as point
name, resolution, units, etc. If the ability to send such
parameters is needed, one should investigate a BACnet,
Ethernet/IP, or other modern protocols.
transmission mode, meaning MODBUS ASCII cannot RTUs This technology allows a reliable, secure and
communicate with MODBUS RTU and vice versa. [15] scalable communication in a short time over IIOTs
platforms such device WISE, Fusion Connect,
In MODBUS/ASCII, messages are encoded with hexadecimal IPwebcontrol, SCADA IQ Web so that through
value, represented with comprehensive ASCII characters. The software, third parties can connect without problems
characters used for this encoding are 09 and AF. For and achieve monitor equipment control.
every byte of information, two communication-bytes are used
OpenVPN .is a VPN technology that allows
because every communication-byte can only define 4 bits in
the hexadecimal system. MODBUS RTU, however, to establish encrypted VPN tunnels
exchanges data in binary format where each byte of data is generating security in the remote
coded in one communication-byte. transmission of data.
SCADALink VPN. Technology that
The MODBUS messages on a serial connection are not Provides secure VPN access to RTUs for
broadcast in plain format. They are constructed in a way that SCADA data communications, putting into
allows receivers an easy way to detect the beginning and end service, maintenance and troubleshooting.
of a message. The characters start and end a frame when in
ASCII mode. To flag the start of a message, a colon : is
used, and each message is ended with a CR/LF combination.
MODBUS RTU uses a different method. In RTU, framing is D. Lenguajes de programacin
constructed by measuring gaps of silence on the
communication line. Before each message, there must be a An RTU or PLC in a SCADA system, fulfills a specific
minimum gap of 3.5 characters. To prepare for new messages, task apart from the reception and transmission of information;
the receiver clears the buffer when a gap of 1.5 characters is this task performs a specific function that is provided by code
detected. One of the main differences between instructions to the machine, so as to allow the conditions of
MODBUS/ASCII and MODBUS RTU is that ASCII allows activation of outputs or timings, etc., to control each process.
gaps between the bytes of a message with a maximum length To program such instructions, each software manufacturer
of 1 second. With MODBUS RTU, continuous streams of provides machine languages for programming the logical
messages must be sent sequence of the process. This routine will run continuously on
the PLC while be in "Run" mode, performing the instructions
and activations provided in the programming.
C. Technologies that incorporate RTUs The IEC through IEC 61131-3 [IEC, 2013] established five
programming languages for programmable controllers: [9]
1) GPS (global positioning system). Technology that [11]
aims to synchronize in the RTUs the storage and
backup of a high number of events located in
different areas.
2) Wireless Transmission Media.
PSTN (public switched telephone network)
network Traditional circuit switching that
allows remote communication of industrial
processes.
GSM-2G(global system for mobile
communications)GSM modem allows
interconnection between PLCS, SCADA,
RTUs through SIM cards of any public
network that support this technology. Data
can be transferred via two ways: SMS,
telephone connection.
Radio. The RTU radio system offers a perfect
solution for controlling distributed irrigation Fig 4. Programming Languages Representation Table.
systems when the use of cables is impossible [12]
or unwanted. RTU radio can also serve as a
repeater for remote RTUs and thus multiply 1) Ladder logic (LD):
the range of communication.
3) Industrial Internet of Things (IIOT) Cloud Models networks of functions of simultaneous
Connectivity .Red Lions RAM industrial cellular electromechanical elements such as relays and coils, timers,
7
Fig 6. Representation of an (FBD) Flow Diagram. From: Fig 8. Representation of an (IL) Programming.
http://www.scielo.org.co/scielo.php?script=sci_arttext&pid=S
0123-921X2011000200010
5) Sequential Functions Diagram (SFC):
Description:
The IEC 61131-3 standard [IEC, 2013] states that a program of 2.) Sicam AK (Siemens).[16]
instructions for application in processes, can be created in any of
the 5 programming languages and executed as specific files in
the PLC. Which can be copied to any other PLC and executed
correctly (if the parameters have been defined the same). [9]
[11]
A fundamental restriction of the standard is the interfaces
between the different tools, for which a specific file format is
required. For example, for the portability of programs developed
in graphic languages such as FBD, LD and SFC, the source The innovative SICAM AK 1703 ACP automation component
code must be in one of the text languages. It should be noted provides a high level of flexibility and functionality, making
that the application software should be compiled in the assembly for a successful automation system. Comprehensive options
language of the target processor, rather than IL or structured for communication, telecontrol and for connecting peripheral
text. equipment are included.
Internal modem
[6] F. Enejo, Review of Remote Terminal Unit (RTU) and Gateways for
Digital Oilfield delpoyments, vol. 3, no.8, 2012.
b) Analog input modules
An analog input signal is generally a [7] Sumathi S. and Surekha.P. LabVIEW based advances instrumentation
voltage or current that varies over a sustems. Springer, 2007. pp 242 246.
defined value range, in direct
[8] Patrick, D.R. and Fardo, S.W. Electricity and electronics fundamentals.
proportion to a physical process Fiarmont Press, Inc, 2008.
measurement [6].
[9] Linda Karina Duran Bautista, Plataforma Hardware/Software abierta
c) Analog Output Module para aplicaciones industriales de automatizacin, by PhD. Carlos Ivn
Camargo Bareo, Universidad Nacional de Colombia Bogot D.C.,
Colombia 2014.
Analog Output modules function is to
convert a digital value supplied by the [10] https://infosys.beckhoff.com/espanol.php?content=../content/1034/tcplcc
CPU to an analog value by means of a ontrol/html/tcplcctrl_languages%20sfc.htm&id=
digital to analog converter [7]
[11] http://www.emb.cl/electroindustria/articulo.mvc?xid=1303&tip=7
d) Digital Input Modules
[12] http://www.infoplc.net/files/documentacion/automatas/infoPLC_net_len
guajes_programacion_V4.pdf
11