SCADA communication protocol

Question

I am a software engineer by trait and have very little knowledge of communication protocols inside surrounding PLC's. Not even sure I have a PLC at this point.

I have bought a battery, a quiet big battery, which I intend to communicate with.

On the battery there is a SCADA server - a piece of hardware - that communicates IEC-104, Modbus over TCP and I also have the possibility to access the hardware through an Ethernet cable.

So far so good. The SCADA server is exposing "something" on a local IP address, which I believe is the place I need to "suck" information from - the signals from SCADA i suppose is the correct terminology.

Being a software person, my approach would be to set up a VPN and access the local IP on the SCADA system through the ethernet connection and from there apply a listener on perhaps a socket or maybe even poll for messages/signals.

But the critical points for me is what to expect from the SCADA server.

How does it deliver messages/signals? Is it polling? Can I stream data?

Do I need to write an interpreter for the signals or is there an API on top of the SCADA server perhaps - depending on the hardware vendor?

So my goal is to establish a connection to the SCADA server and start receiving information signals on it's state of health.

All pointers are much appreciated.

Thank you

Answer 1

Without knowing exactly what battery we are talking about, I can only offer generalities based on the little information you have provided.

IEC104 is not a protocol I am familiar with. According to Wikipedia it is via TCP.

You mention modbus TCP. This is a protocol I am familiar with. Being TCP, we would expect this is via Ethernet.

As for the SCADA server, normally I'd expect the server to be elsewhere and connect to the battery to extract data like the voltage, current, temperature etc. If we knew the part number of the battery we would be able to read and interpret the datasheet for you.

If we assume the battery is a slave device that we can talk to via TCP over the Ethernet connection, you'd need a Modbus TCP server which is a piece of software that knows how to talk Modbus (www.modbus.org). There's plenty of examples in the usual languages like javascript and python for example. You can write code to request the values you require from the battery via the Modbus protocol and you might be able to command the battery to disconnect the load.

Assuming this is part of a PV system, the inverter normally runs the show and talks to the batteries to manage them.

Answer 2

A SCADA system is something like supervising software, if you ever seen a control room, like NASA center, power plant supervision, factory,... the SCADA visualizes, stores data in database, it can retrieve history, it shows alarms,...etc

Perhaps your battery is just a dumb device, that can provide a connection to the SCADA system over a known protocol:

• Modbus TCP/IP: your device is a server, SCADA is a client. SCADA has to poll data of the interest - you do configure on SCADA which data are to be monitored.

• IEC-104: Is special protocol that needs a large amount of memory on the device. The SCADA polls the data, but at slower rate than Modbus, because the data are stored in the memory buffer. In case of network disconnection the device can store data up to several hours and then all the data is transferred upon re-connection. This implies a special database, that can store data in the past.

Usual SCADA system has the ability to store the data at arrival with a local timestamp, therefore storing the past data is not possible. SCADA systems for DNP3, IEC-104 are made to store also past data. These SCADA systems were built by petrochemical industries. You will find them in waste water treatment, energy distribution, ...