UMAS Protocol - visibility of Engineering and configuration activity toward Schneider Electric PLCs

Document created by Shlomi Feldman Employee on Jun 13, 2018
Version 1Show Document
  • View in full screen mode

I wanted to update you about a new protocol functions and commands just added to our Application control blade. This enhancement is a new level in securing the OT environment, as the protocol is responsible for engineering and configuration and isn’t a “runtime” protocol (similar to the rest of our SCAD/ICS protocols in APPI). It means that current APPI is capable to detect and event prevent if required, such engineering  activities.

 

Schneider Electric devices, mainly PLCs, might support  number of Industrial Protocols (Modbus, Ethernet-IP, Canopen, etc). However, in order to be configured they use a proprietary protocol which is based on the Modbus Protocol.

The protocol (which is called UMAS), is based on the old Xway Unite protocol, used by old Telemechanique PLCs. The Umas protocol is used to configure and monitor the Schneider-Electric PLCs. It is based on the well-known modbus protocol and uses one of the reserved Function Codes specified in the Modbus Protocol Specification (Function Code 90 or 0x5A in hexadecimal). When Schneider Electric PLCs receive a modbus packet, it checks if the Function Code is 0x5A (function 90) and if so, some specific libraries are used, otherwise, the modbus request is treated normally, returning or modifying the specified register(s) or coil(s) of the PLC.

 

What UMAS functions our APPI currently support?

The Unity protocol (UMAS ) - Check PLC

The Unity protocol (UMAS ) - End Strategy Download

The Unity protocol (UMAS ) - Initialize Download

The Unity protocol (UMAS ) - M580 Read Memory

The Unity protocol (UMAS ) - OK response

The Unity protocol (UMAS ) - Read Card Info

The Unity protocol (UMAS ) - Read ID

The Unity protocol (UMAS ) - Read Memory Block

The Unity protocol (UMAS ) - Read PLC Info (GETPLCSTATUS)

The Unity protocol (UMAS ) - Read Project Info

The Unity protocol (UMAS ) - Response PLC is OFF

The Unity protocol (UMAS ) - Response PLC is ON

 

Currently none of the traditional competition (PAN, Fortinet, Cisco)  support this protocol with their Application control. In addition I want to use the occasion and to thank the APPI team for this important development

2 people found this helpful

Attachments

    Outcomes