Fork me on GitHub
Keith's Blog

[archives] [tags]

Blogroll

2016-09-24

Permalink: 2016-09-24 19:00:00-05:00 by Keith Gray in work tags: GOOSE python IEC 61850

Generating GOOSE Messages

I want to be able to generate GOOSE messages as part of my network simlulation testing described in previous posts. My goal is to be able to show how VLANs and multicast filtering can affect the reception of GOOSE messages.

I had heard of the scapy Python library previously but never found a need to deploy it. I knew that it made it possible to construct network packets from scratch, bypassing the network stack of the operating system. I thought that generating GOOSE messages would be a great application for scapy.

I started playing with scapy and reached a point where I needed to learn how the data was encoded in the message. A future post will describe more about scapy. This post continues with details about encoding the data in the GOOSE message.

GOOSE Data Encoding

I read IEC 61850-8-1 and saw that data was encoded using ASN.1. According to Wikipedia, ASN.1 "...describes rules and structures for representing, encoding, transmitting, and decoding data...". Various ways to encode/decode the data are provided by ASN.1. GOOSE messaging has chosen to use BER. BER is specified in ITU-T standard X.690. Data encoded in BER consists of three pieces of information.

  1. Type
  2. Length
  3. Contents (or Values)

This is sometimes referred to as the (T, L, V) triple. You can see Wikipedia for more information about ber.

I looked for a Python library that could do the BER encoding/decoding and found pyasn1. The next step was to find the ASN.1 model used by GOOSE.

Searching around led me to this IEC 61850 ASN.1 encodings page. I was able to use those definitions, along with the pyasn1 documentation to build the GOOSE definitions. The GOOSE definitions are made up of two main components.

  1. IECGoosePdu
  2. Data

The GOOSE definitions also rely on some subtypes.

Implementation

The implementation of these ASN.1 rules can be found on github. The goose_asn file contains the GOOSE ASN.1 definitions along with some test code located in the if __name__ == '__main__' block at the end of the file. The test code builds the same GOOSE messages that is located in the packet capture shown in the goose_txt file. The goose_txt capture was taken from a lab test from an actual IED being used in a project. The test code can recreate the GOOSE message exactly.

Note

This implementation is known to be incomplete. There are unimplemented features of the GOOSE description. Also, it has only ever been tested against a single captured GOOSE message.

Next Steps

The next step in this experiment will be to use this GOOSE message in a network packet created with scapy and transmit it on a network simulated using Linux Network Namespaces, as described in earlier posts.

Comments