Technical FAQs

Ask a Question

SCADAPack E Security Options Setup



Setting up Security Configuration for SCADAPack RTU is a challenging process, which requires good level of understanding of the security basics and also right usage of different components.


Product Line






Windows OSes, E Configurator, Remote Command Line, Telent




This resolution provides detailed summary of the security setup combinations, required licenses, master keys and specific firmware for the AGA12 security.


SCADAPack E RTU's have two different mechanisms to provide security measures:

  • secure authentication mechanism (SAv2 or Secure Authentication version 2, based on IEC 62351-5
  • AGA12 encryption.


Detailed explanation of the methods is outside of the scope of this article and advanced level of familiarity with variety security techniques is required before applying security configurations.
During the security setup communications to the RTU could be lost due to configuration mistakes. Before applying any security configuration double check the it and make an RTU configuration backup before applying it to an RTU.

Before starting the configuration ensure that Security Options are licensed:

The same information could be obtained in the Remote Command Line by using status command.

Depending on the required secure measures (SAv2 or AGA12, or combination of both) licenses for RTU and Security Administrator can be ordered.

If AGA12 Encryption for DNP3 status shown as Not Available this indicates that specific firmware has to be used. Please contact Telemetry Support team to obtain the firmware with AGA12 engine.

After the obtaining a suitable license and firmware (if needed) security configuration and master key should be generated.

Master key has to be loaded before applying the security configuration.

State of the master key could be checked via status command in Remote Command Line or Telnet:

Please note if the AGA12 is not needed, standard firmware can be used and AGA12 status will be shown as not available:

After the master key transfer Security Configuration can be loaded and checked in Remote Command Line:

Double check the security configuration before transferring it to the RTU. If the security configuration is not correct RTU can be locked and factory reset is need to regain the access to it.
Was this helpful?
What can we do to improve the information ?