CheckOCPP is a Wireshark dissector for the Open Charge Point Protocol (OCPP). It provides an efficient and scalable solution for passive compliance audits by automatically detecting OCPP versions, validating message structures, and flagging non-compliant packets.
- Automatic OCPP version detection: Identifies whether captured traffic corresponds to OCPP 1.6J, 2.0J, or 2.0.1J.
- Protocol compliance validation: Checks message structure and schema conformity.
- Non-compliant packet highlighting: Flags invalid packets to aid debugging and compliance verification.
- IPv4/IPv6 traffic distinction: Provides a visual indicator for OCPP packets transmitted over IPv4.
- Selectable procotol version:
- option All versions: Processes OCPP packets without distinguishing between versions.
- option specific version: Dissects only one specific protocol version and adds expert information for more precise analysis.
- Ensure you have Wireshark installed on your system.
- Ensure the
wiresharkcommand is available from your system's PATH variable. - Ensure you have
luarocks, a C compiler (needed by luarocks) and the correct version of the Lua interpreter installed on your system. - Ensure the
luarockscommand is available from your system's PATH variable. - The correct version of the Lua interpreter depends on the version of Wireshark you have installed. That is: For Wireshark 4.2.x and below Lua 5.2 is necessary. For Wireshark 4.3.0 and later Lua 5.4 is necessary. (see https://www.wireshark.org/docs/wsdg_html_chunked/wsluarm.html)
- Along with the Lua interpreter, ensure that the Lua development files are installed. They are available in the
libluaX.Y-devon Linux systems and usually shipped by default on Windows installations. - Ensure that the Lua interpreter is either available from your system's PATH variable, or it is added to the luarocks configuration by calling
luarocks --lua-version X.Y variables.LUA <path/to/lua-executable> - Optionally, a
Pythoninstallation can be used to retrieve the jsonschemas necessary by the plugin. The schemas might also be downloaded elsewhere. - Depending on your system either the
installWin.cmdorinstallLinux.shscript should be used to download the necessary lua libraries, add the paths to theLUA_PATHandLUA_CPATHenvironment variables and store the dissector to Wireshark's plugin folder. The script must be called the following way:install(Win.cmd|Linux.sh) (local|global) [verbose]localas first argument will install the dissector to Wireshark's local lua plugin pathglobalas first argument will install the dissector to Wireshark's global lua plugin path. Note that for a global installation the script must be run with elevated privileges.verboseas second argument will enable verbose output
- and go back here
- Restart Wireshark to load the dissector.
- You might get an error message from Wireshark, especially on Windows systems, that some lua libraries were not found. If that happens, please restart Wireshark again.
- Open the dissector preferences, navigate to the OCPP protocol and specify the path to the OCPP schemas. If you have no OCPP schemas installed yet, you can do that by calling
pip install ocpp.
- Open Wireshark
- Navigate to
Edit > Preferences > Protocols > OCPPand ...- ... modify the path to the schemas, and
- ... choose the protocol version to be dissected
- Start capturing network traffic.
- Apply the filter
ocppto isolate OCPP traffic. - Add the coloring rules.
- Expand the OCPP protocol details to inspect message type, message ID, and payload validation results.
- Look for highlighted packets to identify non-compliant or misconfigured OCPP messages.
- CheckOCPP only works with unencrypted traffic. If TLS is enabled, decryption keys are required.
- It only validates OCPP JSON version, not SOAP version.
- The
installWin.cmdandinstallLinux.shscript replaces the librarieslua-cjson,andnet-urlwith the version necessary for this plugin if they were already installed before the script started. This might break some other programs if one makes heavy use of lua.- Possible Workaround: Install the plugin manually and also install the necessary lua libraries manually with luarocks by creating a new rock. Afterwards, add the newly created rock to the LUA_PATH and LUA_CPATH variables.
- An introduction to Batch programming (Windows): https://tutorialreference.com/batch-scripting/batch-script-introduction
- Information on Batch command expansion (Windows): https://stackoverflow.com/questions/4094699/how-does-the-windows-command-interpreter-cmd-exe-parse-scripts/4095133#4095133