DLMSPart 2 Ref
DLMSPart 2 Ref
HDLC(Implemented in Modem) ,
TCPWRAPPER (Implemented in Hexing and Genus SM's)
DLMS – Part2
Encrition Key , Authentication Key ,IPV6 Address of Meter. Will be provided by Meter
Manufaturer.
Public Client :
No Authentication No Encryption Required.
We can only read general information like MeterNumber, RTC, Invocation
Counter,etc.,
Meater Reader:
No Authentication Required Only Encryption Required.
Utility Setter:
Both Authentication and encryption required.
Required to read MeterNumber and Invocation Counter with Public client to frame system title and
Invocation vector.
System title : 3 digit manufacturer code and 5 digit is last 5 digits of Meternumber.
Meter No : 12345678
Manufaturer name : LNT
IC = 1
IV = LNT456780001
GET: 0xC0
To get data from Meter
SET: 0xC1
To set daata to meter like rtc,demand integration period, load survey interval etc.,
ACTION: 0xC3
To do some action like relay ON or OFF.
Need to consider challenge bytes(16) from AARE i.e, response of AARQ command. And the
same should be encrypted with AES_ECB128 encryption.
Command should be encrypted and send to meter . The response to be decrypted to validate the frames
for futher reading in case of profiles.and normal validation for individual data reading.
Kindly Refer to DLMS Green Book for any further clarification. (Page No 439 for direct reference)
//////////////////////////////////////////////////////////////////////////////////////////////////
Key = 000102030405060708090A0B0C0D0E0F
IV = 4D4D4D0000BC614E01234567
CT = 558e556213f7405e6d6262920e
AAD = D0D1D2D3D4D5D6D7D8D9DADBDCDDDEDF
Tag = ecf73134
PT = C0010000080000010000FF0200
[Keylen = 128]
[IVlen = 96]
[PTlen = 104]
[AADlen = 128]
[Taglen = 32]
Count = 0
Key = 000102030405060708090A0B0C0D0E0F
IV = 4D4D4D0000BC614E01234567
CT = 558e556213f7405e6d6262920e
AAD = D0D1D2D3D4D5D6D7D8D9DADBDCDDDEDF
Tag = ecf73134
PT = C0010000080000010000FF0200
//////////////////////////////////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////////////////////////
7E A0 5A 00 02 04 01 41 10 7E 14 E6 E6 00
60 36
A1 09 06 07 60 85 74 05 08 01 03 A6
0A 04
08 31 32 33 34 35 36 37 38
8A 02 07 80 8B 07 60 85 74 05 08 02 01 AC
0A 80
08 31 31 31 31 31 31 31 31
BE
23
04
21
21 1F 20 00 00 01 51 2A A3 55 F3 AE 2D 37 85 EB F9 97 E0
21 1F 2000000151 2AA355F3AE2D3785EBF997E01AD2
A5 D1 7E
7E A0 4D 41 00 02 04 01 30 9E 63 E6 E7 00
61 3C
A1 09 06 07 60 85 74 05 08 01 03 A2 03 02 01 00 A3 05 A1 03 02 01 00 A4
0A 04 08 4C 47 5A 00 00 00 08 56
BE
17
04
15
28 13 20 00 00 01 4E 5E D1 E2 47 FB 6E 56 6F 70 D8 95 CB BC 5D
28 13 200000014E 5ED1E247FB6E566F70D895CBBC5D
CA 8B 7E
System Title(Sys-T) 4D4D4D0000BC614E (here, the five last octets contain the
manufacturing number in hexa) 8 64
Frame Counter-(FC) 01234567
4 32
Initialization Vector(IV) Sys-T || FC 4D4D4D0000BC614E01234567
12 96
Inputs
xDLMS APDU to be protected
APDU 01011000112233445566778899AABBCC
DDEEFF0000065F1F0400007E1F04B0 31 188
Plaintext(P) 01011000112233445566778899AABBCC
DDEEFF0000065F1F0400007E1F04B0 31 188
Associated data(A) SC || AK 30D0D1D2D3D4D5D6D7D8D9DADBDCDDDEDF
17 136
Outputs
Ciphertext(C) 801302FF8A7874133D414CED25B42534
D28DB0047720606B175BD52211BE68 31 188
Authentication tag(T) 41DB204D39EE6FDB8E356855
12 96
ex: C8 0F 10 0D C0 01 00 00 08 00 00 01 00 00 FF 02 00
REQUEST
7E A0 23 00 02 04 01 41 32 1B 46 E6 E6 00
C8 - TAG CIPHER REQ
12 - LEN
20 - SECURITY HEADER (SC||FC)
0100000
00 00 01 52 - FC
49 7D DE 37 01 7F 80 AB 12 3F CF D0 B4 - ENC DATA
D4 4F - cheksum
7E
RESONSE
7E A0 24 41 00 02 04 01 52 36 C6 E6 E7 00
CC - TAG CIPHER RES
13 - LEN
20 -
00 00 01 4F
5D FB 10 6E 34 F8 7C EE 1B 67 15 63 B7 CE
82 E9 7E
A = AAD
IV = Initialization vector
96 BITS 12 OCTETS
64 BITS - SYSTEM TITLE - LEADING BITS -
3 BYTES LETTER MANF ID
5 BYTES
32 BITS - INVOCATION FIELD - TRAILING BITS - FRAME COUNTER
AK =Authentication key
P = Plaintext
C = Ciphertext
SC = Security control byte:
SC-A: Authentication only AAD = SC-A || AK || APDU
TAG LEN SC-A FC UN-CIPHERAPDU T
SC-E: Encryption only AAD = NULL
TAG LEN SC-E FC CIPHERAPDU
SC-AE: Authenticated encryption AAD = SC-AE || AK
TAG LEN SC-AE FC CIPHERAPDU T
EK = Encryption key
Sys-T = System title
FC = Frame counter
T = Authentication tag LEN MUST BE 96 BITS 12 BYTE
xDLMS
xDLMS APDU
to be protected- APDU C0010000080000010000FF0200
13 104
(Get-request, attribute 2 of the Clock object)