GOOSE protocol questions come up on every multi-vendor substation project — usually in the form of “why can’t we just use DNP3 for this?” or “can Modbus handle this signal?” The protocols used in a modern substation are not interchangeable. Each one was designed for a specific job in the communication hierarchy, and understanding which protocol belongs where is a core competency for any engineer working on IEC 61850 projects.
What GOOSE Protocol Is — and What It Is Not
GOOSE (Generic Object Oriented Substation Event) is defined in IEC 61850-8-1. It is a publisher-subscriber multicast protocol that runs directly on Ethernet (Layer 2 — no IP, no TCP, no UDP). This is intentional. By bypassing the IP stack, GOOSE achieves the deterministic, sub-millisecond performance required for protection signalling.
GOOSE is designed for horizontal communication — IED to IED, at bay level or across bays. Trip signals, blocking signals, inter-trip commands, breaker status, interlocking logic. When a protection relay publishes a GOOSE dataset, every subscribed IED on that VLAN receives it. Retransmission is handled by a rapid burst mechanism: after an event, the GOOSE frame is re-sent at increasing intervals until the next event. This means even a subscriber that misses the initial frame will receive the updated state quickly.
What GOOSE is not designed for: communication through routers (it is non-routable by design), communication to SCADA or control centres, or carrying large datasets. That is MMS’s job.
MMS, DNP3, IEC 104, and Modbus — Where Each One Belongs
| Protocol | Layer | Direction | Typical Use |
|---|---|---|---|
| GOOSE (IEC 61850-8-1) | L2 Ethernet | Horizontal (IED↔IED) | Protection trip/block, interlocking, fast binary signals |
| MMS (IEC 61850-8-1) | L7 over TCP/IP | Vertical (IED↔HMI/gateway) | Supervisory control, measurements, event logs, configuration |
| IEC 60870-5-104 | L7 over TCP/IP | Vertical (gateway↔SCADA) | Telecontrol — substation to control centre over WAN |
| DNP3 | L7 over TCP/IP or serial | Vertical (IED↔master) | North American standard equivalent of IEC 104 — SCADA master to RTU/IED |
| Modbus RTU/TCP | L2/L7 | Vertical (master↔slave) | Legacy metering, energy meters, non-IEC devices |
IEC 60870-5-104 (IEC 104) is the protocol that carries substation telemetry and control from the gateway to the SCADA/EMS. It runs over TCP/IP, which means it can traverse routers and WAN links. It is the standard for telecontrol in GCC and India. DNP3 is the North American equivalent — functionally similar, different frame structure.
Modbus (RTU or TCP) is still present in almost every substation for legacy devices — energy meters, power quality analysers, older IEDs that predate IEC 61850 adoption. It is a polling protocol (master reads each slave sequentially), which means it has no inherent event mechanism and scales poorly. It belongs on the serial or Modbus TCP leg of the gateway, not in the protection scheme.
Defending Protocol Choices on a Multi-Vendor Project
On a project with IEDs from multiple manufacturers, the question of which protocol handles which signal is often left open too late. The typical problem: the GOOSE dataset mapping between IED A (protection relay) and IED B (bay controller from a different vendor) is defined on paper, but the ExtRef binding in the SCL is not validated until FAT. Interoperability that looked straightforward in the specification turns into a configuration session.
The practical rule: for any horizontal signal that has a protection application (trip, block, inter-trip), GOOSE is the only correct answer. For anything going vertical to the HMI or gateway, MMS. For anything going to SCADA over IP, IEC 104 or DNP3 depending on the control centre standard. Modbus only for legacy devices with no IEC 61850 native port.
Security Across the Protocol Stack — IEC 62351
Every protocol in the table above has a corresponding security specification under IEC 62351, developed by WG15 of IEC TC 57. This is worth understanding at the protocol selection stage — not just at the cybersecurity review stage — because the security architecture of a multi-protocol substation needs to account for each protocol’s 62351 coverage.
IEC 62351-3 covers TLS for TCP/IP-based protocols: MMS over TCP, IEC 60870-5-104, and DNP3 over TCP. IEC 62351-6 addresses authentication for GOOSE and Sampled Values at Layer 2 — where there is no TCP session to protect, the security mechanism is fundamentally different. Understanding these distinctions early prevents the common mistake of assuming a single security control (such as a perimeter firewall) covers all protocols uniformly.
For a full breakdown of IEC 62351 across the TC 57 protocol family — including 60870-5, 60870-6, 61850, 61970, and 61968 — a dedicated article is planned as a Phase 2 post on the Signarid blog.
Internal links: For the network design that supports GOOSE multicast performance, see [Substation Network Design for IEC 61850]. For the IEC 61850 architecture context, see [Station Bus vs. Process Bus]. For the OT cybersecurity framework that governs these protocols, see [Substation OT Cybersecurity].
Signarid’s training covers multi-vendor IEC 61850 protocol configuration — including GOOSE dataset mapping, SCL ExtRef binding, IEC 104 gateway configuration, and IEC 62351 security implementation. Enquire about a training programme.