Example: DNP3 Key Management
This example shows a DNP3 system that leverages Secure Authentication and Transport Layer Security (TLS) for data encryption. In this system, all communications between the DNP3 Masters and Outstations run over TLS. In addition, DNP3 Secure Authentication is used to guarantee that only authorized users are able to access critical functions. An external DNP3 Authority manages users, roles, and keys for the entire system.
Test coverage in this example includes verification that session keys, update keys, and certificates are managed correctly by the Key Management Authority. In order to test a real DNP3 Master in this system, the simulated Master can be replaced with a real device. Likewise, a real DNP3 Outstation device could be added to the simulated system.
The communications between the DTM Administrator and the simulated Masters and Oustations can be configured to be on a separate network. This allows the DNP3 traffic to be separate from the DTM test coordination messages. This is useful for network monitoring tests where the SCADA network is being monitored by devices like a Intrusion Detection System.