SCADA Data Gateway

The SCADA Data Gateway (SDG) is a Windows™ application used by System Integrators and Utilities to collect data from OPC, IEC 60870-6 (TASE.2/ICCP), IEC 61850, IEC 60870-5, DNP3, or Modbus Server/Slave devices and then supplies this data to other control systems supporting OPC, IEC 60870-6 (TASE.2/ICCP) Client, IEC 60870-5, DNP3, and/or Modbus Client/Master communication protocols.

IEC 60870-5 Secure Authentication

The SCADA Data Gateway supports Secure Authentication as defined in the IEC 60870-5-7 standard which is based on the cyber-security standard IEC 62351 (Parts 5 and 8).

TLS encryption is also supported by following the defined cipher suites, algorithms, and connection duration defined by IEC 62351-3.  
 
  • Support for Secure Authentication for IEC 101 and IEC 104
  • Can be deployed in the substation or control center to provide a secure link for telecontrol
  • Supports both symmetric and asymmetric keys as well as x.509 certificates
  • Supports both serial and IP based networks
  • Supports Role Based Access Control (RBAC) - multiple users and roles (engineers, operators, viewers, admin)
  • Configure privileges(view, read, security, etc.) for each role
  • Users can be added, modified, or removed
Secure Authentication testing can be performed using the Communication Protocol Test Harness


IEC 101 and IEC 104 Security with SDG

Security for SCADA

The SCADA Data Gateway can be used to integrate with IEC 101 or IEC 104 systems which support or are upgrading to Secure Authentication based on IEC 62351.  The following use cases are supported:

  • Integrating an existing SCADA system with IEDs or RTUs which support Secure Authentication
  • Integrating existing IEDs with a SCADA system which supports Secure Authentication
  • Adding Secure Authentication on both sides to form secure channel from SCADA to substation
  • Data concentrator for IEC 101/104 systems that support Secure Authentication
  • Translating from IEC 61850 or other protocols to IEC 101 or IEC 104 with security


Example of Aggressive Mode Secure Authentication Challenge Reply Sequence

Example of IEC 104 Secure Authentication - Aggressive Mode Request



 
© 2013 Triangle MicroWorks, Inc. All rights reserved.