What is IEC 60870-5-104?
IEC 60870-5-104 (often abbreviated as IEC 104) is an international communication protocol used for telecontrol communication between SCADA systems and underlying equipment in electricity and energy systems.
It is an extension of IEC 60870-5-101, but uses TCP/IP instead of serial communication.
🔌 What is IEC 104 used for?
IEC 104 is used in applications where reliable, continuous control and Monitoring of critical infrastructure is required, such as:
- Electricity distribution and transmission networks
- Hydropower plants, wind farms, solar parks
- Substations and transformer stations
- Energy management and load balancing systems
⚙️ Key features of IEC 104
| Feature | Description |
|---|---|
| Based on IEC 101 | Same application layer, but now over TCP/IP |
| Transport over Ethernet | Works on standard network infrastructure (IPv4, TCP) |
| Real-time communication | For status updates, alarms, measurements and operation |
| Master/slave or client/server | Typical in SCADA architectures |
| ASDU structure | Application Service Data Units for data packets |
🛡️ Security and OT implications
IEC 104 was originally not designed with Security in mind. It is therefore essential to apply security measures such as:
- Firewalls and network segmentation
- Applying the Zone and Conduits model
- Use of VPN or TLS tunnels for encryption
- Monitoring with IDS and SIEM systems
- Compliance with standards such as IEC 62443 or ISO 27001
⚠️ Many cyberattacks against energy companies have exploited unprotected IEC 104 connections.
📌 In summary
IEC 60870-5-104 is a widely used protocol in the energy sector, allowing SCADA systems to remotely operate and monitor devices and installations over TCP/IP. It is powerful, but must be properly secured within a modern OT infrastructure.