ipConv

Universal protocol converter for highest degree of flexibility

  • ipConvLite_stage.png

    ipConv is a universal protocol conversion solution for coupling a wide range of different protocols. Its architecture (ipConv Architecture) ensures maximum independence between the different protocols used. As protocols are kept completely separate with respect to data transmission methods and information representation, the solution greatly facilitates system planning and commissioning. For instance, the different protocols can be tested separately.

    These ipConv Use Cases show the wide range of applications for ipConv.

    ipConv provides the foundation for specialized products such as ipConvLite and ipConvOPC. Even ipRoute is based on ipConv. The universal solution ipConv has been designed for cases where special project-specific requirements exceed the capabilities of these specialized products.

    For centralized use ipConv is available with the most powerful hardware platforms IPC191V5 19" 1U and IPC191X1 19" 1U, which can be equipped with further interfaces via PCIe expansion slots. For customers who already have the necessary hardware, we offer the Windows software package ipConvOPC, and ipConv/VM for virtual machines, for universal protocol conversion.

Characteristics
    • Security at the highest level
    • Communication between multiple data sources
    • Simultaneous use of diverse protocols
    • User-defined mapping of information
    • Intelligent information processing
    • No programming required
    • Redundancy
Cyber Security
    • Secure access to all administrative services (HTTPS, SSH, SFTP)
    • Role-based access protection with login and password
    • User administration for local users
    • Central user administration via Active Directory (LDAP) and/or RADIUS
    • PKI and Crypto Store for certificate management
    • Creation of self-signed certificates and Certificate Signing Requests (CSRs)
    • Import and export of certificates
    • Configuration of VPN tunnels (OpenVPN and IPsec)
    • Firewall
    • Safeguarded real-time Linux operating system
    • IEC 62351-3 TLS protection for IEC 60870-5-104, IEC 61850, DNP 3.0, TASE.2 protocol stacks
Network Features
    • Assigning multiple IP addresses to one physical Ethernet interface
    • Network management using an integrated SNMP agent
    • NTP based clock synchronization
    • HTTPS/SSH/SFTP access
    • DHCP
    • Bonding
    • PRP
    • VLAN
Configuration
  • System configuration is completely executed in a web browser. No other special configuration tools are required, a normal notebook with a network interface card and web browser are all that is needed.

    ipConv in its current version 4 enables encrypted communication between web server and browser via the HTTPS protocol.

    ipConv main menu

    The main menu provides access to all relevant functions of ipConv, showing the overall system status at a glance.

    The following functions are available:

    • Switching operating mode OPERATIONAL (unattended station) or MAINTENANCE (allows full access to all ipConv functions)
    • Backup and restore the complete configuration
    • License management (ADMIN)
      Installation of (DEMO-) licenses, (un-) limited and (un-) restricted licenses
    • Software upgrade (ADMIN)
    • Import configuration information from tables
      The Excel file can be imported directly (Supported formats: .xlsx, .xlsm, .csv)
    • Edit configuration parameters
    • Release and versioning of a station configuration
    • Start up and stop the system
    • Access diagnostic data (see also diagnostics)
    • Access process image and data simulation (see also simulation)
    • Creation of own logbooks
      Changes of normalized information are selectively documented in configurable logbooks for tracing or logging reasons over a period of time.
    • Access current logfiles (see also logging)

    The following example shows the configuration of a protocol stack (here   IEC 60870-5-101, Master). All parameters are shown with their configured values, relevant measurement units, and short descriptions.
    A parameter value can be changed by clicking on the parameter name. A detailed description is also shown, if available. The entered value is checked for the permissible value range, or a selection list offers a pre-selection of permissible values.

    ipConv protocol stack configuration

    Only relevant parameters are displayed, for instance, if the link layer type is set to "unbalanced", only the corresponding parameters are shown.

    ipConv enables fast and efficient processing of large volumes of data points by allowing data import from tables. These tables are based on templates and may be processed with various spreadsheet programs, such as Microsoft Excel. The extended use of formulae minimizes the data volume, substantially reducing the number of errors.

    ipConv datapoint table import

Diagnostics
  • With protocol converters it is essential that the state of all interfaces can be determined at a glance. This is all the more important, if the available personnel at the facility does not have particular knowledge of the system.

    The diagnostic data can be accessed with the DIAGNOSTICS button in the main menu. The most important information is provided subdivided and in plain text with time stamps. Colored highlights indicate whether a state is OK or not.

    ipConv diagnostics

    You can configure the type of information, descriptions and colors.

    Plain messages, measured values, and also control commands, such as a button for initiating a general poll, can be shown.

Logging
  • With all communication applications, it is always essential to know which data is transmitted via the protocol and how the data is converted from one protocol to another. And it is even more important when problems occur with transmission. ipConv features logging and archiving functions for all data traffic.

    ipConv allows you to keep track of the system state and information flow inside the converter by recording and archiving all information passing through a module for a given time period. This data can be recorded:

    • All data to/from ipConv sent and received via the relevant communication module
    • System messages, i.e. connection abortion, communication error messages etc.
    • Configuration and software error messages
    ipConv data logging

    The range of data recorded is defined by the logging level. This can be changed dynamically (at runtime) or statically (in the configuration) for each module.

    The logging level defines the representation format for the sent or received information. Data can be represented either in hexadecimal code or in decoded, symbolic form or both. This example shows the content of a logfile generated from an IEC 60870-5-101, Master protocol stack.

    Data is stored directly in the easy to read ASCII format. Logfiles can be displayed, searched, or downloaded for offline diagnosis via the web interface.

    All recorded data is archived cyclically, enabling you to keep track of communication over a period of days or even weeks (depending on the data volume).

    29.01.20 11:38:15 IECAppl3 communication with link layer established !
    29.01.20 11:38:15 cid=1 open !
    29.01.20 11:38:15 cid=3 open !
    29.01.20 11:38:15 cid=4 open !
    29.01.20 11:38:15 cid=1 connected !
    29.01.20 11:38:15 CA=1: starting GI ...
    (2): << 15.473 [1] C_IC_NA_1 SQ=0 NUM=1 T=0 P/N=0 CT=<act> ORG=<0> CA=<65535>
                   0: QOI=<14> 
    29.01.20 11:38:15 CA=2: starting GI ...
    (2): >> 15.526 [1] M_DP_TB_1 SQ=0 NUM=4 T=0 P/N=0 CT=<spon> ORG=<0> CA=<1>
                 115: DIQ=<OFF  Q=OK> BT7=<29.01.20 11:38:04.980 STD> 
                 116: DIQ=<OFF  Q=OK> BT7=<29.01.20 11:38:04.980 STD> 
                 117: DIQ=<OFF  Q=OK> BT7=<29.01.20 11:38:04.981 STD> 
                 118: DIQ=<OFF  Q=OK> BT7=<29.01.20 11:38:04.981 STD> 
    (2): >> 15.527 [1] M_ME_NA_1 SQ=0 NUM=4 T=0 P/N=0 CT=<spon> ORG=<0> CA=<2>
                 142: NVA=<27944> QDS=<OK> 
                 143: NVA=<27968> QDS=<OK> 
                 144: NVA=<28013> QDS=<OK> 
                 145: NVA=<28095> QDS=<OK> 
    (2): >> 15.527 [1] M_DP_TB_1 SQ=0 NUM=1 T=0 P/N=0 CT=<spon> ORG=<0> CA=<1>
                 114: DIQ=<OFF  Q=OK> BT7=<29.01.20 11:38:06.982 STD> 
    (2): >> 15.527 [1] M_ME_NC_1 SQ=0 NUM=2 T=0 P/N=0 CT=<spon> ORG=<0> CA=<2>
                 135: SFP=<267> QDS=<OK> 
                 136: SFP=<140> QDS=<OK> 
    (2): >> 15.527 [1] M_SP_TB_1 SQ=0 NUM=1 T=0 P/N=0 CT=<spon> ORG=<0> CA=<133>
             7750142: SIQ=<OFF Q=OK> BT7=<29.01.20 11:38:07.430 STD> 
    29.01.20 11:38:15 ERROR: ASDU from CA=133, unknown CA or received on unexpected connection !
    (2): >> 15.527 [1] M_DP_TB_1 SQ=0 NUM=2 T=0 P/N=0 CT=<spon> ORG=<0> CA=<2>
                 118: DIQ=<ON   Q=OK> BT7=<29.01.20 11:38:07.981 STD> 
                 119: DIQ=<ON   Q=OK> BT7=<29.01.20 11:38:07.981 STD>
    (2): >> 15.527 [1] M_ME_NC_1 SQ=0 NUM=3 T=0 P/N=0 CT=<spon> ORG=<0> CA=<2>
                 137: SFP=<120> QDS=<OK> 
                 138: SFP=<226> QDS=<OK> 				 
    		
Simulation
  • ipConv is capable of representing and simulating all signals in a simple project-specific form, a functionality which is particularly useful for signal tests during commissioning. This greatly facilitates tracking down wiring and configuration errors.

    All data points can be shown in a hierarchical form defined by the configuration. Names, nesting depth and signal range can be freely chosen and configured for each project. This enables personnel not familiar with ipConv or the relevant protocol to access information.

    testing signals, data and control commands with ipConv

    The signal name, information type, value, quality identifier and time stamp (if available) are shown.

    At the same time, data and commands can be simulated directly in the web browser. This functionality is very useful, if only one communication partner is connected (control station or RTU). Pretests can thus eliminate most configuration errors, even if the complete communication path is not yet available.

Redundancy
  • To meet even increased security requirements, ipConv is fully capable of redundancy in combination with a second device.

    • Line redundancy
    • Information redundancy
    • Device redundancy (hot-standby, parallel operation)

    With redundant protocol converters, reliability can be ensured, based on the "hot standby" principle. At any one time only one device assumes the active role, while the passive device monitors the active one and takes the initiative if it fails.
    This minimizes downtime due to maintenance work or component and interface outages, for example.

    redundancy with ipConv

    The redundancy coupling can be realized via Ethernet as well as over serial connections. If separate serial communication connections must be connected to both redundant devices, the CS channel switch will be applied.

Further Information
Flyer
Available Protocol Stacks

ADLP-80, Slave

ANSI X3.28, Master

BACnet, Client

BACnet, Server

Conitel-2020, Slave

CDC Type II, Slave

CDC Type I, Slave

Database, Client

DNP V3.00, Master

DNP V3.00, Slave

ELCOM-90 Initiator, Client

ELCOM-90 Responder, Server

Simatic Fetch/Write, Master

Fuji, Slave

GI74, Slave

Dr. Graband & Partner GmbH, Master

HN Z 66 S 11/15, T63, Master

HN Z 66 S 11/15, T63, Slave

HITACHI HC4300, Master

HITACHI HC4300, Slave

Harris-5000/6000, Slave

Indactic 21, Master

Indactic 23, Master

Indactic 23, Slave

Indactic 33/41, 2033, Master

Indactic 33/41, 2033, Slave

IEC 60870-5-101, Dialup Master

IEC 60870-5-101, Master

IEC 60870-5-101, Slave

IEC 60870-5-103, Master

IEC 60870-5-103, Slave

IEC 60870-5-104, Master

IEC 60870-5-104, Slave

IEC 61850, Client

IEC 61850, Server

Kafka, Producer

MQTT, Publisher

MQTT, Subscriber

Modbus, Master

Modbus, Slave

Modbus TCP/IP, Master

Modbus TCP/IP, Slave

OPC DAXML 1.01, Server

OPC UA 1.02, Client

OPC UA 1.02, Server

Profibus-DP, Slave (ORSI)

P6008, Master

P6008, Slave

Profibus-DP, Master

Profibus-DP, Slave

Profibus-DPV0, Slave (Extended Version)

SISA, QD2 Slave

RP 570, Master

RP 570, Slave

Recon, Slave

S7 Protocol, Client

Sinaut 8FW (PCM), Master

Sinaut 8FW (PCM), Slave

Sinaut 8FW (PDM), Master

Sinaut 8FW (PDM), Slave

SC1801, Slave

SEAB 1F, Master

SEAB 1F, Slave

SNMP, Client

Simadyn-D, Master

Sinaut ST1, Slave

TASE.2, Client

TASE.2, Server

Simatic TDC, Master

Telegyr 065, Master

Telegyr 102, Master

Telegyr 809, Master

Telegyr 809, Slave

Tracec 32, 62, 92, 92P, 122, 130 & 142 Master

XMAT, Master

Hardware
  • IPC191V5 19
    IPC191V5 19" 1U

    Successor of the industrial PC IPC191V4 19" 1U

  • IPC191X1 19
    IPC191X1 19" 1U

    Successor of the industrial PC IPC191I7 19" 1U

  • TCT
    TCT

    Telecontrol converter for pulse-code and pulse-length modulated protocols

  • CS
    CS

    Channel switch for coupling of two redundant devices to one communication line

  • RS-232 Isolator
    RS-232 Isolator

    4 kV isolated RS-232 transceiver for the protection against external influences in compliance with standard IEC 61850-3

References
  • Project CFE
    Project CFE, Mexico

    Products: ipConv
    Protocol Stacks: Conitel-2020, Slave DNP V3.00, Slave DNP V3.00, Master Harris-5000/6000, Slave Recon, Slave Indactic 33/41, 2033, Slave Fuji, Slave XMAT, Master

  • ELIA
    ELIA, Belgium

    Products: ipConv
    Protocol Stacks: Modbus TCP/IP, Master IEC 60870-5-104, Slave Telegyr 065, Master Telegyr 102, Master Telegyr 809, Master Tracec 32, 62, 92, 92P, 122, 130 & 142 Master

  • Storebælt
    Storebælt, Denmark

    Products: ipConv
    Protocol Stacks: IEC 60870-5-104, Master IEC 60870-5-104, Slave Simatic TDC, Master Modbus TCP/IP, Master

  • Ballia-Bhiwadi
    Ballia-Bhiwadi, India

    Products: ipConv
    Protocol Stacks: IEC 60870-5-101, Master IEC 60870-5-101, Slave Simatic TDC, Master

  • SEC SVC
    SEC SVC, Saudi Arabia

    Products: ipConv
    Protocol Stacks: IEC 60870-5-101, Slave IEC 60870-5-104, Slave IEC 61850, Client Simatic TDC, Master

  • I-SHAPE
    I-SHAPE, Thailand

    Products: ipConv
    Protocol Stacks: IEC 60870-5-101, Slave XMAT, Master

  • BLS Lötschbergtunnel II
    BLS Lötschbergtunnel II, Switzerland

    Products: ipConv ipRoute
    Protocol Stacks: IEC 60870-5-104, Master IEC 60870-5-104, Slave SNMP, Client

  • BLS AlpTransit - Lötschbergtunnel
    BLS AlpTransit - Lötschbergtunnel, Switzerland

    Products: ipConv ipRoute
    Protocol Stacks: OPC DA 3.0, Server IEC 60870-5-104, Slave IEC 60870-5-101, Master IEC 60870-5-104, Master SNMP, Client