EnerOS v0.52.0 — IEC 61850 Server + GOOSE Publisher + CIM XML + Deep Verification
Highlights
Phase 1-4: New Features
- IEC 61850 MMS Server — Full server-side COTP/Session/Presentation/ACSE/MMS stack (TCP 102). Answers Initiate/Read/Write/GetNameList from a live IedModel tree.
- GOOSE Publisher — IEC 61850-8-1 Layer-2 publisher via Linux AF_PACKET. ASN.1 BER PDU encoding (tag 0x61), stNum/sqNum state machine, T1/T2/T3 retransmission backoff. >=1000 fps encoding throughput.
- CIM XML Production Import — Replaced hand-written parser with quick-xml 0.41 event stream. Added 6 CIM 16/17 types (OperationalLimit, GeographicalRegion, etc.).
- v0.51.0 Deferred Items — AC OPF (IEEE 30/118), FD solver (IEEE 118), proptest (15 properties x 256 cases = 3840 cases, 0 failure).
Phase 5/6/7: Deep Verification & Security Hardening
Spec: verify-v0520-comprehensive-validation (11 phases V1-V11, ~80 tasks, ~90 checkpoints)
2 correctness bugs fixed:
- GOOSE Publisher doctest Arc wrapping fix
- clippy needless_question_mark fix
3 HIGH-risk remote DoS vulnerabilities fixed:
- BER deep-nesting stack overflow — 4 recursive BER walker functions had no depth limit. Fixed with MAX_BER_DEPTH=16 (MMS negotiates data-structure-nesting=10, 16 leaves safety margin).
- max_connections unenforced — ServerConfig::max_connections existed but run_accept_loop ignored it (unlimited task spawning). Fixed with Arc RAII permit pattern.
- Slowloris no timeout — Zero timeout calls in entire server. Fixed with dual-layer tokio::time::timeout (30s overall + 10s per-read).
4 new security tests added.
Quality Gates (all pass)
- cargo fmt --all -- --check: 0 diff
- cargo build --workspace: 0 error / 0 warning
- cargo clippy --workspace --all-targets -- -D warnings: 0 warning
- cargo test --workspace: ~7700+ tests pass (exit 0)
- cargo deny check: advisories/bans/licenses/sources all ok
- cargo audit: 0 Critical (14 Warning-level, 2 new: ttf-parser + cxx, both in deny.toml ignore list, deferred to v0.53.0)
Dependency Governance
- deny.toml: +RUSTSEC-2026-0192 (ttf-parser unmaintained) +RUSTSEC-2026-0202 (cxx unsound)
- Both Warning severity, low real risk (not exposed to untrusted input), deferred to v0.53.0
Spec
- Build: .trae/specs/add-v0520-iec61850-server-cim-xml/
- Verification: .trae/specs/verify-v0520-comprehensive-validation/
Full changelog: CHANGELOG.md