Introduction

Purpose

As part of the IP-Train project, two new protocols namely TRDP-PD (Process Data) and TRDP-MD (Message Data) are intended to be supported by the Wireshark tool. The support is envisaged to be made available in the form of a plug-in.

The existing GUI of the Wireshark is not modified. The plug-in TRDP-SPY shall be available as a DLL for Windows platform and shared library for TRDP-spy for Linux platform.

Intended Audience

The TRDP-SPY will be used primarily by TRDP Engineers.

Design Description

System

TRDP Wire Protocol Analysis tool (TRDP-SPY) shall provide qualitative and quantitative analysis of TRDP streams, in order to verify system behaviour during qualification tests (level 2 and level 3) and provide help in problem analysis during train integration and debugging.

Operational Environment

The plug-in shall be compatible with Windows and Linux implementation of Wireshark. Standard behavior of Wireshark for all other protocols than WP shall not be influenced in any way by the TRDPWP analysis plug-in.

The plug-in shall be delivered as a DLL (Windows), shared Library (.so files for Linux) along with the plugin source.

Development Environment for Windows

Following specifications are used for development of the TRDP PD and TRDP MD plug-in for Wireshark.

• Operating System: Windows
• Tool : Wireshark V3.0.1
• Programming Language: C
• TRDP Wire Protocol

Steps to compile for Windows

Prerequisites:

• source from repository
• Follow the README.txt in the root source folder
• and check the online guide https://www.wireshark.org/docs/wsdg_html_chunked/ChSetupWin32.html#ChWin32Build

This will generate the trdp_spy.dll or trdp_spy.so

Development Environment for Linux

Following specifications are used for development of the TRDP PD and TRDP MD plug-in for Wireshark.

• Operating System: GNU/Linux Debian 10
• Tool : Wireshark v2.6.8, v3.0.1, v3.2
• Programming Language: C

Steps to compile and install Wireshark on Linux:

Prerequisites:

• source from repository
• Follow the README.txt in the root source folder

Interface

The plug-in shall be delivered as a DLL i.e. trdp_spy.dll for Windows platform and shared library trdp_spy.so files for Linux platform. For Application Data decoding the TRDP_config.xml file is required that contains the details of the Data-sets corresponding to each frame that is captured or logged by Wireshark.

Overall interface of the system can be explained as shown in the figure below:

Interface Diagram

Usecase

The TRDP-SPY plugin is integrated into Wireshark as described:

Live Functionality Sequence Diagram

On startup the plugin is registered in Wireshark, so the corresponding TCP and UDP packets are sent to this plugin. Each fitting packet is analyzed by the trdp_dissect .