SCADA Decorder

[Project25_MASTR]

As stated, there is no SCADA standard format. There are about a dozen common data formats which are used to transport SCADA data and they are a mix of serial and IP based.

For wireless data there are many different solutions out there for example while I was working in the West Texas oil patch I dealt with:

• GE/MDS TransNet 900 MHz FHSS serial radios
• GE/MDS iNET 900 MHz FHSS hybrid radios (serial data or IP)
• GE/MDS iNET II 900 MHz hybrid radios (serial data or IP)
• Midians DTMF SCADA modules (basic I/O using DTMF status)
• 4RF Narrow Band IP radios (licensed LMR product)

While working for a Motorola MR I dealt with:

• Using paging/call alerts to open community gates on Astro 25
• Setups based on MDC1200
• Station alerting using P25 or two-tone
• Two tone for emergency shut-offs in mining application
• DTMF for tornado siren alerting
• Raw serial data transport via P25 and DMR CAI's
• Raw serial data transport with Maxon data radios using their built in FSK and GMSK modems

Of course none of this is really standardized and modulation protocols differ with every vendor.

 

[KC2CQD]

And I have looked at things (figured out the codig myself) as obtuse as institution clock broadcast at 72 MHz and 460's MHz just to goive an example. (Yes, also done ADS-B, ACARS, AIS, and various INMARSAT modes.) Add in monitoring TPMS (tire pressure monitoring systems), home weather stations, my electric and water meters. Personally, often more interesting than listen to the dead air between public service transmissions.

or when one of the County senior Services van drivers signs off for the weekend, drops the mic and leaves a hot mic transmitting until the batter tender kills all the power before the battery dies.

 

[KC2CQD]

SCADA is somewhat of a generic term and does not refer to a particular radio protocol. In fact SCADA can be transmitted across many communication mediums including radio, analog wireline, digital wireline, Ethernet or fiber. Complex SCADA systems often use a mix of communication mediums.

Most modern SCADA data radios use proprietary encoding methods and only the same make and model of radio will communicate. Some SCADA systems use the data bearing capabilities of standardized formats like P25 or DMR, especially if there's an existing voice system to piggyback on. Older systems often used Bell 103 or 202 compatible modems. As you can see there's no standard SCADA decoder because there's no such thing as a 'standard' SCADA system.

The data transmitted across the communications link is often Modbus, DNP3 or some proprietary format. Assuming you could decode this data you're not going to find any kind of descriptive text in the messages. Messages would be something like "Set coil 17 on" or "Input register 5=0x1F40". Without having access to the facility documentation it's going to be tough to correlate these I/O points to real world values.

As other have noted many of these systems are implementing encryption on the communications links. Most current data radios for the SCADA market include encryption built in. External encryption devices can be inserted between the data radio and the RTU to retrofit existing installations.

Would encryption likely apply even if the transmissions were NFM analog?
It sounds like an ACARS burst but longer and much narrower.