dtsstreaming/README.md

# PCAP Analyzer for IRIG106 Chapter 10 and IEEE1588 PTP

A Python tool for analyzing Wireshark PCAP files containing IRIG106 Chapter 10 streaming data and IEEE1588 PTP frames.

## Features

- **Chapter 10 Analysis**: Parses IRIG106 Chapter 10 headers and displays packet details in tabular format
- **PTP Analysis**: Analyzes IEEE1588 PTP messages (Sync, Announce, Delay_Req, etc.)
- **Statistical Analysis**: Provides timing statistics and detects intermittent issues such as:
  - Timing outliers and jitter
  - Sequence number gaps and duplicates
  - Message distribution analysis

## Installation

1. Install dependencies:
```bash
python3 -m venv venv
source venv/bin/activate
pip install -r requirements.txt
```

## Usage

### Basic Analysis
```bash
python3 pcap_analyzer.py "1 PTPGM.pcapng"
```

### Options
- `--ch10-only`: Show only Chapter 10 analysis
- `--ptp-only`: Show only PTP analysis  
- `--stats-only`: Show only statistical analysis
- `--summary-only`: Show only summary information (no detailed tables or stats)
- `--no-tables`: Skip detailed packet tables (show summaries and stats only)
- `--tmats`: Display TMATS (Telemetry Attributes Transfer Standard) content
- `--tmats-only`: Show only TMATS content

### Examples
```bash
# Analyze only PTP packets
python3 pcap_analyzer.py --ptp-only "1 PTPGM.pcapng"

# Show only statistics
python3 pcap_analyzer.py --stats-only "1 PTPGM.pcapng"

# Show only summaries (quick overview)
python3 pcap_analyzer.py --summary-only "1 PTPGM.pcapng"

# Show summaries and statistics but skip detailed tables
python3 pcap_analyzer.py --no-tables "1 PTPGM.pcapng"

# Display TMATS metadata content
python3 pcap_analyzer.py --tmats "1 PTPGM.pcapng"

# Show only TMATS content
python3 pcap_analyzer.py --tmats-only "1 PTPGM.pcapng"
```

## Output

The tool provides five types of analysis:

1. **Protocol Summaries**: High-level overview with packet counts, time spans, and distribution statistics
2. **Detailed Packet Tables**: Complete packet-by-packet analysis (Chapter 10 and PTP)
3. **Statistical Analysis**: Timing statistics, outlier detection, and intermittent issue identification
4. **TMATS Content**: Assembled telemetry metadata and scaling information from Chapter 10 TMATS frames

### Summary Output
- **Chapter 10 Summary**: Packet counts, channel distribution, data type distribution, size statistics, and data rates
- **PTP Summary**: Message type distribution, domain analysis, source IP breakdown, and timing rates
- **TMATS Output**: Complete assembled ASCII metadata with frame counts and statistics

## Chapter 10 Header Fields

- **Sync Pattern**: Should be 0xEB25 for valid Ch10 packets
- **Channel ID**: Identifies the data source
- **Sequence Number**: Packet sequence (0-255, wraps around)
- **Data Type**: Type of data payload
- **Packet/Data Length**: Size information
- **Flags**: Status and configuration flags

## PTP Message Types

- **Sync**: Master clock synchronization
- **Follow_Up**: Precise timing information
- **Delay_Req**: Slave delay measurement request
- **Delay_Resp**: Master delay measurement response
- **Announce**: Clock quality and hierarchy information

## TMATS (Telemetry Attributes Transfer Standard)

TMATS frames contain ASCII metadata that describes the telemetry setup, channel configurations, and scaling information:

- **Automatic Assembly**: Combines multiple TMATS frames into complete metadata
- **ASCII Display**: Clean formatting of telemetry attributes
- **Statistics**: Frame counts, total length, attribute and comment line counts
- **Mixed Frame Support**: Handles both full Chapter 10 headers and continuation frames

## Statistical Features

- **Timing Analysis**: Interval statistics, jitter detection
- **Sequence Analysis**: Gap detection, duplicate identification  
- **Distribution Analysis**: Message type frequency
- **Outlier Detection**: Identifies packets with unusual timing
- **Frame Number Reporting**: Shows actual PCAP frame numbers for easy Wireshark correlation