Wednesday, August 24, 2022

ISA99 - New Working Group "Electric Energy OT Security Profile"

"The U.S. Department of Energy (DOE), global equipment suppliers, and other stakeholders announced the establishment of the Electric Energy OT Security Profile working group hosted by the International Society of Automation ISA99 standards committee.

The Electric Energy OT Security Profile will be a cybersecurity work product utilizing the ISA/IEC 62443 series of standards. The final product will be a formal ISA/IEC 62443 application guide, recognized globally as the consensus work product for securing various control systems used in electric energy generation, transmission, and distribution operations.

...

The ISA Electric Energy OT Security Profile working group is seeking participation from industry groups, including the Institute of Electrical and Electronics Engineers (IEEE), the International Electrotechnical Commission (IEC), the International Council on Large Electric Systems (CIGRE), and other industry stakeholders to ensure consideration of and alignment with other cybersecurity work product development efforts. ... "

Click HERE for the press release.

Thursday, January 27, 2022

Netze BW Erprobt FNN-Steuerboxen mit IEC 61850

In mehreren Pilotprojekten erprobt die Netze BW den Einsatz der FNN-Steuerboxen. Die Steuerboxen kommunizieren mit dem Steuerbox Administrator-System mittels IEC 61850. 

"„Die Erkenntnisse aus den Prüfungen im Karlsruher Labor und aus der gemeinsamen Arbeit fließen laufend in den Fortgang der Standardisierung zurück und dienen beispielsweise dazu, die Spezifikation zu präzisieren“, erklärt Jana Brandt, die in diesem Bereich zuständige Projektleiterin ist. ... Die Projektleiterin ist überzeugt: „Für den Bereich Technik & Innovation der Netze BW erweitern sich durch die Erkenntnisse die Optionen für die Netzintegration der E-Mobilität.“ ... Jana Brandt: „Zusammengefasst geht es um einen Beitrag zu Stabilität und Sicherheit im Verteilnetz, die Vermeidung von Kosten für den Netzausbau und somit letztlich zum Gelingen der Energiewende.“"

Klick HIER, um zum Beitrag zu gelangen.

Thursday, January 20, 2022

How To Bring Plant Engineers To The Table When Cyber Issues Are Discussed?

In my career as electrical and IT engineer I have experienced that engineers are quite often not invited to discuss the measures and plans for critical infrastructure protection with IT personnel.

It is completely different compared to the world of electric power system protection - I mean the applications of protection relays. Protection engineers are (in my understanding) the most crucial engineers. They are very important for the reliable delivery of electric power. Protection engineers are likely to attend any meeting when it comes to the reliability of the power flows. Protection engineers know what to do ... software people may help to implement the "what" and the IT personnel may help to solve the communication issues ... but the crucial parts are dominated by protection engineers!

Mr. Vytautas Butrimas, a globally well known engineer involved in cyber security of control systems has briefly discussed the "Berlin wall" between IT personnel and plant engineers.  

Click HERE for the four page paper written by Mr. Butrimas.

Either of the groups involved believes that his or her group is the center of universe. There is little communication between the IT personnel and the engineers. 

There are so many semipermeable walls between, e.g., politicians, company lawyers, economists, IT experts, and plant engineers. There is usually no way that experts from any layer are allowed to talk to the experts from the other layers. In the end: Each layer feels independent of the other layers ... which leads to what we see these days ... and may be even more in the future. Have you heard of a discussion between a power protection engineer and a lawyer or even a medical doctor?

It would help medical doctors to understand the basics of electric power system reliability ... and so on. Because medical doctors (and all other people of a society) depend 100% on available power.

So in the end: (Electrical) Engineers should be honored by the society ... the problem may be that the engineers are not wearing white coats but wear safety boots, safety helmets, goggles,  protective gloves, ... a single doctor may harm a few people ... a protection engineer may harm millions of people during a blackout caused by a misconfiguration of protection equipment.

Wednesday, January 12, 2022

How Does Time Impact Our Life?

 I remember well the discussion on understanding and using UTC Time in IEC 61850 ... a very time consuming discussion. There are still discussions going on ... should UTC be replaced by something else?

Whatever format and scale you are using or inventing ... you will see problems over a longer period of use.

These days we see even cars may have crucial issues with processing of time:

Honda, Acura cars hit by Y2K22 bug that rolls back clocks to 2002:

The report starts with: "Honda and Acura cars have been hit with a Year 2022 bug, aka Y2K22, that resets the navigation system's clock to January 1st, 2002, with no way to change it."

True? Yes, it seems to be true.

A well known issue is related to the year 2038: Year 2038 problem

Many other time formatting and storage bugs!! 

Use the time you have in 2022 to spent more of it for or with your family, friends, ... stay safe in 2022!

Happy new year! 

Lesson learned: Don't expect that more automation, more programs, more smart phones, ... give you any additional time in your life! I guess they will consume a lot of your free time to find and fix bugs of many kinds ... 

Wednesday, December 1, 2021

Just published: IEC 61850-7-420 Basic Communication Structure – Distributed Energy Resources And Distribution Automation Logical Lodes

IEC TC 57 just published one of the most crucial parts of the standard series IEC 61850:

This second edition of the 548 pages long bilingual standard (EN/FR) has been developed over a period of - I guess more than 10 years - taking into account the experience with IEC 61850 in general and with distributed power systems.

Now it is time to implement and use the standard in conjunction with the other core parts like IEC 61850-6, 7-1, -7-2, -7-3, and 7-4.

Click HERE for details on IEC 61850-7-420.

Click HERE for the preview.

Please note that the syntax of the object models is available for free download:

Click HERE for the download of the light name space document [zip, 30 KB] 

Excerpt of the light name space:

Sample code for Battery Monitoring LN with Cell Voltage Lo Alarm and Hi Alarm:

Note that the description (Semantic) is only available in the Full name space document that comes with the standard when you buy the standard.

It is recommended to purchase the standard in case you want to study the full content and to figure out the benefit ...!

Thursday, November 18, 2021

Four Additional Light Namespace Documents For IEC 61850 Series Are Available For Free Access

 Please note that the following four namespace documents have been published the other day:


Click HERE to access these four and the other 22 name space documents.

  1. IEC 61850-90-9: Object models for electrical energy storage
  2. IEC 61850-90-4: Network engineering guidelines for substations
  3. IEC 61850-90-11: Methodologies for modelling of logics for IEC 61850 based applications
  4. IEC 61850-7-420: Communications systems for distributed energy resources (DER) - Logical nodes

Enjoy!

Monday, November 8, 2021

Critical Infrastructure Ransomware Dataset V 11.6 Available For Download

 Aunshul Rege announced the latest Critical Infrastructure Ransomware Dataset (Friday Nov 05, 2021):

"Dear all,

I hope everyone is doing well.

My team and I have updated our dataset of critical infrastructures ransomware incidents (CIRW) that have been publicly disclosed in the media or security reports. CIRW dataset version 11.6 now has 1066 incidents, which are assembled from publicly disclosed incidents between November 2013 and October end 2021. 

Also, community members can now submit a CIRW that you would like to see included into this dataset!

To download the dataset or submit a CIRW incident, please visit https://sites.temple.edu/care/ci-rw-attacks/. Please ensure that you enter your email address correctly, and note that we do not reply to personal email addresses (protonmail, gmail, etc.). And please give us a few days to respond to your request."

The Report "IT-Security-Situation-in-Germany-2020" describes three German ransomware cases:
  1. Ransomware Attack on the Council Offices of a Mid-sized German City
  2. Ransomware in Hospitals
  3. Ransomware Attack on a University
Click HERE to access the Report [PDF, 1.72 MB] ... worth to read.

Friday, November 5, 2021

Siemens SIPROTEC 5 Relays With Various CPU Variants Have Security Issues

Please note the following information made public by US-Cert_CISA ... in case you use SIPROTEC 5 Relays:

EXECUTIVE SUMMARY

CVSS v3 9.8

ATTENTION: Exploitable remotely/low attack complexity

Vendor: Siemens

Equipment: SIPROTEC 5 relays

Vulnerabilities: Classic Buffer Overflow

Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition or trigger a remote code execution.

Click HERE for the complete just updated report.

Wednesday, October 27, 2021

Power Outage In Frankfurt Area (Germany) - And People That Need A Breathing Ventilator

I just read that in the western part of the city Frankfurt (Main, Germany) the electric power was down for more than 10,000 customers. A current transformer (CT, for measuring the current) blow up ... and produced a lot of smoke. The power went off from 17:15 on Tuesday 2021-10-26. The restoration took some eight hours!

The Hessenschau (de) reported that nine (9!) people that depend on breathing ventilators had been hospitalized. This critical situation tells us, that the ventilators did likely not have battery backup power - either in the devices or external. The devices we use for my wife have both two internal batteries which give (rated!) power for 16 hours for each device.

This brings two questions up in my mind:

  1. Why is it not required by law that all breathing ventilators have battery power for at least 24 hours?
  2. Why don't we have to have external batteries and inverters that would give power for several days?

Instead of bringing patients with the ambulances to the hospital, it would be much easier (faster and cheaper) to bring an emergency power supply package (batterie plus inverter) to the patients! Or?

There seems to be a wide area of improving the quality of life.

By the way, why did the CT (current transformer) crash? Was it too old or not ... or? I hope that my friend Andrea Bonetti (one of the most experienced protection engineers on this planet) will comment on the importance of CTs!

Any comment?

Add on (2021-10-30): 

First: The utility has told that more than 100 workers are involved in fixing the problem ... the current fix is provisionary only! 100+ workers means: It must be a big problem that needs so many people to fix. 

Second: It was reported that in an elderly care home the nurses had to use their mobile phone's flash light to look for the elderly people ... no emergency light! Hmm ... strange. A few 12V batteries and some 12V LEDs would have done a good job! Cheap and useful ... lifesaving! ... if somebody would care for their maintenance. The management has obviously decided to purchase a hand lamp per floor ... 👍 something is better than nothing. Note: A battery leak (AA or AAA batteries) may damage a flash light that is not used often ... or only in case of emergency. Non leaking batteries are available: Lithium Batteries are the right choice for emergency devices. I have replaced the typical AA and AAA batteries with Lithium batteries for all flashlights and outdoor devices like thermometer ... they withstand cold weather and do not leak ... life time likely 10+ years ...

Click HERE for the extended Hessenschau (de) report.

Tuesday, October 26, 2021

Want To Know What The IEC 61850 Tissue Process Is All About?

Please click HERE to find a good description of the IEC 61850 Tissue process as defined by IEC TC 57 - written by Christoph Brunner.

The tissue database was designed by my son Michael Schwarz and myself in 2004. At that time we exchanged tissues, questions, discussions, results ... by email ... and somebody took note of the discussion and wrote something into the tissues word document ... huch ... which was the latest version ...? Quite confusing.

NettedAutomation wanted to offer a free of charge service to the community that allows everybody to post any new tissue on a single entry point ... and to get a single, always up-to-date list ... Since then we have improved the tissue database according to the experience made by the global community.

Nowadays the tissue database is an integral part of the IEC 61850 and related standard series like IEC 61400-25 ... all new editions of any part of these series has a list of tissues taken into account in the new edition, e.g., in the name space document of part 7-4:

IEC 61850-7-2 2007A3 NSD light code component, see the IEC 61850-7-2:2010 for full legal notices:

Click HERE to download that name space document. That document lists the tissues taken into account since version 2007/A:








    
Click HERE for tissue 1652.
So, the tissue process is a core service offered by IEC to the global community! In case you have a comment on the tissue database, let me know.
In case you would be interested in such a tissue database for your standards or other projects, let me know please ... we could provide you an offer.

Note that there are 22 name space documents available for free download.☝

Click HERE to access the name space documents.

Monday, October 25, 2021

Basics For The Future Electric Power Systems – Some Thoughts

Smart Grids, Energiewende, renewable energy, ... Digitalisierung (digitization) der Energiewende, ... are buzzwords for some years. What is really needed for the future electric power systems?

Against the background of the ongoing discussions by engineers, lawyers, politicians, other people ... with a degree in the social or natural sciences, graduate engineers, medical doctors, lawyers, and graduates of business studies and economics, it may be helpful to look at the real needs that are related to the physics ...

I have written a one page document:

Basics for the future electric power systems – some thoughts 

It starts (de and en):

"Das zentraleuropäische Verbundnetz UCTE ist eine der größten Maschinen (oder gar bezüglich der Leistungsfähigkeit der Energiebereitstellung weltweit die größte Maschine) auf unserem Planeten. Bezüglich der Ausdehnung wird dieses elektrische Netz nur von dem inzwischen weltweit ausgedehnten Kommunikationsnetz übertroffen. Alle diese technischen Netze folgen dabei strikt physikalischen Gesetzen – egal, von wem sie und zu was sie genutzt werden oder auch welche Ideen am Markt gerade en vogue sind..."

"The central European interconnected network UCTE is one of the largest machines (or even the world's largest machine in terms of the performance of energy supply) on our planet. In terms of expansion, this electrical network is only surpassed by the communications network that has now expanded worldwide. All these technical networks strictly follow physical laws - regardless of who uses them and for what they are used or which ideas are currently in vogue on the market..."

Click HERE to download the above mentioned document [pdf, 108 KB de/en]

Sunday, October 24, 2021

Some Information About My Personal Situation

You may be surprised about the fact that I posted very few information on this blog for some time. Let me explain our family situation here at home. I received an email today from a colleague and follower of this blog. This email encouraged me to publish excerpts from the emails we exchanged and to add some thoughts at the end of this post:

Email I received on 2021-10-16:

"Dear Karlheinz,

Perhaps you remember me, I've long been a keen follower of your blog on IEC 61850, and we have exchanged e-mails a few times in the past. ... I am writing to you because 

I remain looking forward to any news from you ... Kind Regards ..."

Email I sent on 2021-10-16:

"Dear ...,

I am sorry to read these lines ... 

I have changed my work (now being retired) to nurse my wife 24/7 … she was diagnosed ALS in January 2017. We are happy that the Lord Jesus has helped us to do that work together with one of our daughters. My wife needs non-invasive ventilation around the clock … we are still together … which is very good.

So, as a consequence I have more or less stopped my business …

Have a great weekend!

Best Regards,
Karlheinz"

Email I received on 2021-10-24:

"Dear Karlheinz,

I am very sorry to learn that you stopped your business because your wife is seriously ill.

To be honest I had realized that the frequency of your posts had declined in the last months... Your blog was a wonderful source of information and it will be missed by the smart grid community. Your posts were real, technical, relevant, useful stuff and not the usual buzzword-laden, over-hyped bullshit we are all used to read these days.

Given the circumstances, I believe no one will say you didn't do what was your duty.

I wish all the best to you and your family."

Some Thoughts to think about:

  • Have you ever thought about the electric power in your personal life or the life of the people around you 👪?

  • What could we do to help keeping the power flow? It is more than IEC 61850 ... 

  • Smart(er) Grids are nice ... more important is the need for power in situations where the public grid is down ... In our case we need power for the breathing ventilator 24/7, power for the lifter to lift my wife from chair to wheel chair ... to bed ... power for the nursing bed (move it up and down), power for light, power for heating and cooking, ... and so on. It is more than emergency power ... we need at least some power 24/7 ... we use just PV, batteries and inverters, ... 

  • Did you know that (in Germany) we had in 2019 some 4,100,000 care-dependent people that needed nursing ... 3,310,000 nursed at home (usually in families), 818,000 in nursing homes, ... even in nursing homes it is not required to have emergency power !! ... some have. What about the many homes that need electric power 24/7 to survive ... I guess most of them believe that there is always power ... except for a few minutes per year ... 
    Click HERE for the source of the German nursing situation.

  • One of the most crucial challenges in the future is to provide permanent available power to those homes that nurse people ... 

  • Try to contact your neighborhood, your police station, nearby hospital, fire station, power utility, ... to figure out how and where you could get power to operate the breathing ventilator or other medical devices in case of a blackout! You may be surprised what you get ... almost nothing.

  • It seems to be more important (or interesting) to install hundreds of super charger stations along the German Autobahn ... than to care about a minimum of power to help care-dependent people to survive.

  • We need all-over more electric storages ... small and big ones ... for various applications ... in order to have electric power whenever and wherever we need some ...

  • Let me know what you think ... or report about your experiences ... Thanks.


Tuesday, October 12, 2021

IEC 61850 For Electrical Testing

Megger AB, Stockholm, Sweden is using IEC 61850 for various reasons in the electrical testing domain.

Andrea Bonetti is senior specialist in relay protection and IEC 61850 applications at Megger. Andrea has written a very interesting article in the latest issue of Electrical Tester magazine of Megger:

The importance of IEC 61850 in relation to the smart grid

He concludes: "Economic electricity supply: We need to study and get used to IEC 61850 methods, but once this is done, the economic advantage is evident: reusability of previous projects, shared understanding, focus of the technical community on solving common problems, and concentration of the resources.

In conclusion, I hope it is now clear that IEC 61850 is not just a communication protocol but a complete philosophy for electrical systems. So, next time you have a smart grid project, please try to answer this question: How much of IEC 61850 am I using in my project?"

Click HERE to download the latest issue of the Magazine (101 MB) or click HERE to view the magazine online.

The abbreviation "IEC 61850" could be found 100 times throughout the magazine! ... in conjunction with testing, smart grid, ...

Enjoy!

Monday, July 12, 2021

Updated Mains Frequency Information Service Has Been Launched

Please not that the updated Mains frequency information service has been launched yesterday. 

The mains frequency info service is now active. 

You will now receive messages about unusual mains frequency behaviour.

For information on the messages, please refer to the website www.pc-projekte.de.

The website offers non-commercial information newsletter for the continental European network RG-CE (UCTE)

In this test group, you can register for an automated newsletter "Netzfrequenzinformation Verbundnetz RG-CE (UCTE)", which will provide you with the latest information on network frequency measurements.
Experience has shown that the measuring systems recognize and report approx. 4-6 messages per week on a daily basis.
You can find much more information about the grid frequency HERE
This service is a very huge offer to the power systems communities in Europe. I haven't seen anything comparable ... and all for free!

List of UCA IEC 61850 Certificates

The UCAIUG users group has reorganized the access to the 1200+ IEC 61850 certificates:

Click HERE to freely access the certificates.

Click HERE for additional information related to the conformance testing.

Click HERE for IEC 61850 User Feedback Task Force 

Unfortunately these issues are independent of the official IEC TC 57 / IEC 61850 tissue database

The tissue database offers a new service to filter and show tissues by status, e.g., for those accepted 

  

Thursday, June 17, 2021

The Top 20 PLC tips and practices for better, more secure PLC programming

Jake Brodsky wrote the other day:

"Among the tribes of engineers, there are certain things we just have to learn by doing. One of them is PLC programming. Somehow, we engineers are expected to emerge from college knowing good practices for programming a PLC. Some of us older engineers learned to program using FORTRAN. If we were lucky, we learned about structured programming. The millennial engineers may have had the benefit of learning about object oriented programming. Maybe it was a class in C++. But data structures were something that they were just “supposed to know.” And engineering educations today? If we’re lucky, they’ll see a course in how to sling code in Python. That’s what my son did when he was studying in a pre-engineering course.

My point is that most engineers discover good programming practices the hard way. We learn on the job. I stumbled across this many years ago. I started collecting tips, tricks, and experiences from my colleagues ..."

Check out his collected writings - worth to read:

The Top 20 PLC tips and practices for better, more secure PLC programming are now online:

Click HERE for the website.

Monday, February 15, 2021

IEC 61850 To Help Securing Process Automation Systems

A Hacker Tried to Poison a Florida City's Water Supply ... the attacker upped sodium hydroxide levels in the Oldsmar, Florida, water supply to extremely dangerous levels ... Within seconds, the intruder was attempting to change the water supply's levels of sodium hydroxide, also known as lye or caustic soda, moving the setting from 100 parts per million to 11,100 parts per million

Click HERE for a news report.

How could that happen? Who knows!

There are a lot of discussions complaining about missing security measures like VPN, etc.

Independent of the communication security it is a big mistake that the value could be set to such a BIG number: 11,100 ppm.

IEC 61850 could help to prevent such a situation by applying Analogue Setting model:














At the City of Oldsmar water treatment facility, the "maxVal" of Sodium Hydroxide injection may have been limited to 500 ppm ... as a consequence, there would be no way to configure this to 11,000 ppm.

And: in case somebody changed the value at all, the setMag would change and dchg would become true issuing a report or log entry ...

With the SCL (System Configuration Language, IEC 61850) it could also be configured (in SCL notation) that a particular configuration value could not be changed at all (Fix), changed by a service (Dyn), or changed by SCL only (Conf).

For Input signals there are many specific configuration attributes defined ... 

It is very difficult to convince programmers, managers, R&D people, any other group ... to apply the IEC 61850 Tool.

Hope that will slowly change ... 

Additional discussion by Jake Brodsky click HERE ... summarizing: "... The more self integrity features we include, the more reasonable process limits that we include, the safer we will be."


Saturday, January 23, 2021

Looking for an Open Source Multi Protocol Gateway for IEC 104, TASE.2/ICCP, IEC 61850, OPC-UA ...?

The standards IEC 60870-5-104, IEC 60870-6 (TASE.2, ICCP), IEC 61850, OPC-UA and other (often legacy solutions) are crucial for the power delivery systems all over!

Therefore the ability to translate from one protocol to another is a key feature for every TSO (Transmission System Operator). As the needs are growing and the number of use cases are flourishing (e.g. RTE needs thousands of instances of MPG (Multi Protocol Gateways), they are incented to look for a highly cost effective solution. On this observation, Swissgrid and RTE decided to take over that challenge by initiating a Proof of Concept on an open source basis - according to a news published at LinkedIn the other day.

Title: "First step toward an Open Source multiprotocol Gateway initiated by Swissgrid and RTE"

Click HERE for more information posted at LinkedIn.

Sebastien HENRY (Directeur SI & Télécommunications chez RTE Réseau de Transport d'Electricité) said: "RTE is committed to invest in open source for the development of an ecosystem of IT solutions for the energy sector. I am very confident in the fact that with the multiprotocol gateway, a small piece of software widely needed in our infrastructures, will demonstrate this strategy worth being followed."