Interrogation of counters technical accounting for GSM channel
Task: schedule a device for technical metering of electricity using a GSM modem.
I did not choose iron, they chose it before me, but I got to blind from this system of remote polling. So, the source of information about the wasted electricity was Socomec Diris A40 (hereinafter - the meter).
')
The device can measure a lot of things, I stopped at reading hundreds of registers, starting with the decimal address 1792 to 1891. The interface is also not the piece of hardware I have chosen: the communication module is an RS485 gateway using the JBUS / MODBUS® protocol. Protocol "Modbus-like" with distinction in register numbering.
GSM modems manufactured by Siemens - MC35i (hereinafter simply modems). Like these ones:
There are a lot of articles about them, it is easy to find documentation. Managed by AT commands. No longer available. Cinterion MC52iT Terminal came to replace him. It still seems to be buy. Power supply and antenna included. For the RS232toRS485 conversion, such a generally cheap piece of hardware was chosen. She copes with her task.
The block diagram of the planned system will look as follows:
I called a straight cable a cable where all the pins match each other at the beginning and at the end. For example, pin 2 is connected to pin 2. I called a cross-over cable, where pin 2 is connected to pin 3, and pin 3 with pin 2.
For the survey, it was supposed to use MasterOPC Universal Modbus Server, which lives here and is free if you want to poll no more than 32 tags (some say “tags”, I like “tags” more). Its beauty is that it has settings that allow you to use a modem for polling. Such a two in one. This is the only program I have found with such features. For example, in ibaPDA I did not find such opportunities.
Nothing happened with MasterOPC Universal Modbus Server. Rather, it turned out to be half: when connected to the meter by wire, everything is fine, when connected via modem, the received packets for some reason (it's still a mystery to me, who knows, write) look like this:
Request: 05/13/2016 14: 12: 56.408 Notebook :: DirisA40 (adr5) :( COM5) Tx: [0008] 05 03 07 0A 00 01 A4 F8
Answer: 05/13/2016 14: 12: 56.401 Notebook :: DirisA40 (adr5) :( COM5) Rx: [0013] F1 EB FF FD B7 00 05 03 02 13 86 C5 16
As you can see from the answer, the necessary information is present there: 05 03 02 13 86 C5 16. It is also clear that there is also an outsider: F1 EB FF FD B7 00.
If you are interested, a parser can be used to decrypt packets. I, for example, use CAS_Modbus_RTU_Parser. It's free and that’s great. There are also online parsers. For example: http://modbus.rapidscada.net/ .
I did not know how to get rid of this “garbage”, so I wrote a program on LabView (perhaps it would be more correct to say “painted”). It cuts off unnecessary bits from the received packet and then decrypts the Modbus packet. What is this LabView can be read here . In general, to my surprise, to my surprise, there were quite a few articles about LabView. This is the result of this interface:
The help text is as follows. The program is designed to poll counters DirisA40. You must install the LabVIEW Run-Time Engine (once) before running the executable file. The program can work in two modes:
1) direct survey
2) modem polling
The default polling mode: polling 100 registers starting with register 1792.
The format of the data registers is word.
Modbus default address is 5.
Direct polling is started by pressing the START button.
A modem poll is scheduled (5 minutes by default) and starts after pressing the “START” and “Record” buttons. The poll schedule should not be less than 1 minute and more than 60 minutes. In the pressed state, the “START” button is signed as “Polling in progress”. In the pressed state, the “Write” button is signed as “Recording in progress”.
The checkbox "Consider conversion factors" is intended for scaling the read register value by the formula X * Factor + Offset. The values ​​of Factor and Offset are recorded in the same columns of the table of settings and selection of registers for recording. The recording takes place in a text file in the same directory where the executable file of the following format is located - date date data.txt (For example: 05/21/2016 22_12 data.txt). If the recording was made using a modem, the data file name will look like this: 06/08/2016 9_47 data__modem.txt. When you first try to write a file, you can change the file name. The recording is made in the same file until the button “Recording in progress” is pressed. Registers with checked checkboxes in the settings table are written to the file. You can change the status of the checkbox in the settings table using a double click. The resulting register values ​​are displayed in the settings table with the column "Value". On the “Charts” tab, you can configure the display of any register value from the settings table. The color of the graphic curve corresponds to the color of the frame around the selected tag. Tags that need to be turned off from the build must be set to “save” or any other register with a value of 0. The device's web interface is published _http: // computername: 8000 / DirisA40.html and is available only through explorer if LabVIEW Run-Time is installed Engine.
In the process of writing / drawing the following auxiliary programs were used.
To emulate the operation of the counter, a free DevEmu program was used. I learned about it from the blog of Alexei , who described her work and application well. For which he thanks a lot.
For emulation of the connection with the meter, trial versions of various programs were used, which are called Serial Port Splitter. There are quite a few of them, the trial period of two such splitters was enough for me to write the above program.
PS: While I was writing this opus, apparently, a colleague, wrote an article on the same topic: geektimes.ru/post/277358 .
I did not choose iron, they chose it before me, but I got to blind from this system of remote polling. So, the source of information about the wasted electricity was Socomec Diris A40 (hereinafter - the meter).
')
The device can measure a lot of things, I stopped at reading hundreds of registers, starting with the decimal address 1792 to 1891. The interface is also not the piece of hardware I have chosen: the communication module is an RS485 gateway using the JBUS / MODBUS® protocol. Protocol "Modbus-like" with distinction in register numbering.
GSM modems manufactured by Siemens - MC35i (hereinafter simply modems). Like these ones:
There are a lot of articles about them, it is easy to find documentation. Managed by AT commands. No longer available. Cinterion MC52iT Terminal came to replace him. It still seems to be buy. Power supply and antenna included. For the RS232toRS485 conversion, such a generally cheap piece of hardware was chosen. She copes with her task.
The block diagram of the planned system will look as follows:
I called a straight cable a cable where all the pins match each other at the beginning and at the end. For example, pin 2 is connected to pin 2. I called a cross-over cable, where pin 2 is connected to pin 3, and pin 3 with pin 2.
For the survey, it was supposed to use MasterOPC Universal Modbus Server, which lives here and is free if you want to poll no more than 32 tags (some say “tags”, I like “tags” more). Its beauty is that it has settings that allow you to use a modem for polling. Such a two in one. This is the only program I have found with such features. For example, in ibaPDA I did not find such opportunities.
Nothing happened with MasterOPC Universal Modbus Server. Rather, it turned out to be half: when connected to the meter by wire, everything is fine, when connected via modem, the received packets for some reason (it's still a mystery to me, who knows, write) look like this:
Request: 05/13/2016 14: 12: 56.408 Notebook :: DirisA40 (adr5) :( COM5) Tx: [0008] 05 03 07 0A 00 01 A4 F8
Answer: 05/13/2016 14: 12: 56.401 Notebook :: DirisA40 (adr5) :( COM5) Rx: [0013] F1 EB FF FD B7 00 05 03 02 13 86 C5 16
As you can see from the answer, the necessary information is present there: 05 03 02 13 86 C5 16. It is also clear that there is also an outsider: F1 EB FF FD B7 00.
If you are interested, a parser can be used to decrypt packets. I, for example, use CAS_Modbus_RTU_Parser. It's free and that’s great. There are also online parsers. For example: http://modbus.rapidscada.net/ .
I did not know how to get rid of this “garbage”, so I wrote a program on LabView (perhaps it would be more correct to say “painted”). It cuts off unnecessary bits from the received packet and then decrypts the Modbus packet. What is this LabView can be read here . In general, to my surprise, to my surprise, there were quite a few articles about LabView. This is the result of this interface:
The help text is as follows. The program is designed to poll counters DirisA40. You must install the LabVIEW Run-Time Engine (once) before running the executable file. The program can work in two modes:
1) direct survey
2) modem polling
The default polling mode: polling 100 registers starting with register 1792.
The format of the data registers is word.
Modbus default address is 5.
Direct polling is started by pressing the START button.
A modem poll is scheduled (5 minutes by default) and starts after pressing the “START” and “Record” buttons. The poll schedule should not be less than 1 minute and more than 60 minutes. In the pressed state, the “START” button is signed as “Polling in progress”. In the pressed state, the “Write” button is signed as “Recording in progress”.
The checkbox "Consider conversion factors" is intended for scaling the read register value by the formula X * Factor + Offset. The values ​​of Factor and Offset are recorded in the same columns of the table of settings and selection of registers for recording. The recording takes place in a text file in the same directory where the executable file of the following format is located - date date data.txt (For example: 05/21/2016 22_12 data.txt). If the recording was made using a modem, the data file name will look like this: 06/08/2016 9_47 data__modem.txt. When you first try to write a file, you can change the file name. The recording is made in the same file until the button “Recording in progress” is pressed. Registers with checked checkboxes in the settings table are written to the file. You can change the status of the checkbox in the settings table using a double click. The resulting register values ​​are displayed in the settings table with the column "Value". On the “Charts” tab, you can configure the display of any register value from the settings table. The color of the graphic curve corresponds to the color of the frame around the selected tag. Tags that need to be turned off from the build must be set to “save” or any other register with a value of 0. The device's web interface is published _http: // computername: 8000 / DirisA40.html and is available only through explorer if LabVIEW Run-Time is installed Engine.
In the process of writing / drawing the following auxiliary programs were used.
To emulate the operation of the counter, a free DevEmu program was used. I learned about it from the blog of Alexei , who described her work and application well. For which he thanks a lot.
For emulation of the connection with the meter, trial versions of various programs were used, which are called Serial Port Splitter. There are quite a few of them, the trial period of two such splitters was enough for me to write the above program.
PS: While I was writing this opus, apparently, a colleague, wrote an article on the same topic: geektimes.ru/post/277358 .
Source: https://habr.com/ru/post/395421/
All Articles