DNP3
A communication protocol used in energy and critical infrastructure for reliable data exchange between master stations and field devices over unreliable links.
What is DNP3?
DNP3 (Distributed Network Protocol 3) is a communication protocol developed in the 1990s by Harris (now GE), designed for reliable communication in SCADA environments. It is widely used in the energy sector, water and wastewater utilities and pipeline transport systems.
The DNP3 protocol was designed for environments where communication links are unreliable - radio links, satellite connections, telephone lines. It supports acknowledgement mechanisms, message segmentation, event-driven reporting and multi-drop addressing. Unlike Modbus, DNP3 supports a complex data model with multiple object types.
The DNP3 Secure Authentication (SA) version introduces HMAC-based authentication mechanisms that verify whether commands originate from an authorised source. This is a significant improvement over the original protocol version, which provided no security mechanisms whatsoever.
Why does it matter?
DNP3 is one of the key protocols in power grids and water networks. Attacks on infrastructure using DNP3 - such as manipulating switching commands at electrical substations - could cause power outages across large areas. SCADA security audits should verify whether DNP3 SA has been deployed and whether DNP3 traffic is monitored for anomalies.
Related topics
Related terms
Related SEQRED services
Need help in this area?
Our experts will help you assess the risk and plan next steps.