Default Passwords May Cause Some Issues - Change Them As Soon As Possible

 A friend of mine reported the following in a SCADA and cyber-security related group:

"The recent cyber-attack on that small water facility outside of Pittsburg is getting increased attention (certainly on this list) . The model and manufacturer of the device in question are known.  The manufacturer's web site has some  documentation on the device, but I do not think they provide the  device's default password.

No need to look hard, it is listed in plain site on CISA's bulletin (below)."

Exploitation of Unitronics PLCs used in Water and Wastewater Systems Release Date November 28, 2023 

Oops.

Up-to-Date IEC 61850 Trial Tools Available From InfoTech (Poland)

Have you ever tried to send or receive messages according to IEC 61850 or IEC 61400-25: Operate, Report, Get, ... GOOSE, Sampled Values, ... try the following updated trial tools ... from InfoTech (Poland) 

Use of Sampled Value Publisher (Sender) according to IEC 61850-9-2LE:

Window for various parameter that can be modified and applied:

Wireshark trace of a SV message:

Access several presentations and the link for the trial versions:

Client/Server, GOOSE Sender & Receiver, SV Sender & Receiver

visualization on a flow diagram and on-line monitoring of GOOSE based on SCD file as input

Simulator of a network of server IEDs based on SCL files (ICD/CID/IID/SCD)  +  creator/editor of ICD

Overview of the Library which we license as source code or as derived binary DLLs for PC/MS Windows

This is the link to the trial version of all tools

Enjoy.

Bundesnetzagentur fordert Steuerbarkeit von Wärmepumpen und E-Mobilen ab Januar 2024

Die Bundesnetzagentur hat heute mitgeteilt, wie ab dem 1. Januar 2024 steuerbare Verbrauchseinrichtungen (z.B. Wärmepumpen und Ladeeinrichtungen für E-Mobile) sicher und zügig in das Stromnetz integriert werden können.

"Die Bundesnetzagentur bittet die Netzbetreiber, gemeinsam mit anderen relevanten Markteilnehmern Empfehlungen für die Standardisierung und massengeschäftstaugliche Umsetzung der netzorientierten Steuerung auszuarbeiten. Das ist ein Beitrag zur effizienten Umsetzung der notwendigen Prozesse, aber keine Voraussetzung für deren Start."

Click hier, um zur Pressemitteilung der Bundesnetzagentur vom 27.11.2023 zu gelangen.

Die Bitte der Bundesnetzagentur wurde bereits vor etwa 10 Jahren von den Netzbetreibern und Herstellern von Steuerungssystemen im Voraus "gehört". Das Ergebnis der Lösung (FNN-Steuerbox mit IEC 61850 als Anwendungsschnittstelle) ist bereits heute verfügbar (siehe Lösung von Vivavis in Ettlingen).

IEC 61850 (MMS) Messages Traced with Wireshark, Local Host, and Loopback

Have you tried to trace some IEC 61850 (MMS) messages with Wireshark? 

Usually you expect to run Client and Server on different machines to have communication going through an Ethernet Network! Yes! No!

You could easily run the two on one PC and trace the traffic using Wireshark and select the TCP loopback adapter as the interface for Wireshark to look at !!! It is simple.

The address for the server is:

The Client and Server using the IEDScout 5.2 from Omicron:

Trace:

Some Impressions From The MATPOST Conference 2023 in Lyon (France)

Andrea Bonetti has posted some impression from the "Digital Twin" world demonstrated at the conference.

Click HERE for the brief report.

What is the difference of a digital device and its twin? In the IEC 61850 domain, a IED (Intelligent Electronic Device) hosts a virtual IED (the models, services, bridges to the applications, ... applications). The host may be a protection device or any other computer platform that can run the software. Why do we talk about twins? We could have triplets or even quadruplets of the same virtual device ... when we run the software on three or four or more platforms.

A digital twin is a digital twin of a digital twin ... the crucial term here is: Virtual Device - this is what an IED in IEC 61850 is!

An IED in the IEC 61850 world could be:

1. A configuration of an IED section in an SCL document
2. An IED section of an SCL document hosted, e.g., in a relay or any other controller
3. A physical relay installed in a cabinet

Note that this virtualization was applied in MMS (Manufacturing Message Specification, ISO 9506) and used in IEC 61850-8-1. In MMS the virtual IED was named VMD - Virtual Manufacturing Device ... some 40 years ago ... hahaha ...

The following may help you to understand what virtual means:

If it's there and you can see it      It's REAL
If it's there and you can't see it    It's TRANSPARENT
If it's not there and you can see it      It's VIRTUAL
If it's not there and you can't see it      It's GONE

Roy Wills

Any question?

International Conference on Substation Equipment in Lyon (F); 22.-24. Nov 2023

Please note that the 7th European Conference on Substation Equipment (Matpost 2023) with the focus on 

Major infrastructure projects for a carbon-free world and their impact on Substation equipment 

will welcome you in Lyon (France) next week: 22.-24. November 2023.

Click HERE for the program.

There is also a paper presentation on IEC 61850 ... check the program.

IEC 61850 Conformance Certification of IEC 61850 Core Documents with Ed2.0 About to End

Richard Schimmel (IEC 61850 Certification Manager at DNV ( former KEMA)) just reported a very crucial information at LinkedIn:

"IEC 61850 certification for Edition 2 will be phased out by the UCAiug. From January 2024 UCAiug will only allow new Edition 2 certificates after passing the Edition 2 with Amendment 1 (Ed2.1)!

If you want to certify IEC 61850 Edition 2, we (DNV) need to show the UCAiug that we received the purchase order before 1st January 2024."

Click HERE for the post a LinkedIn.

Be aware that Edition 2.1 refers just to the yellow marked core parts of IEC 61850 (see IEC 61850 Tissue Database):

 

Note that EACH part has its own Edition numbering ... there is no IEC 61850 Edition x at all!

The Tissue Database provides the tissues posted, discussed, and solved of the previous editions for each part. This gives you the possibility to see which comments let to a new edition. Comments to Edition 2.1 of the core parts will finally lead to Edition 3.0 of these parts ... Edition 2.1 of the core parts will be valid for the next years ... this is my personal expectation.

IEC 61850 Integration Into Beckhoff PLC

Beckhoff - a well known German PLC manufacturer - successfully offers IEC 61850 modelling, configuration, and information exchange for IEC 61850 and IEC 61400-25. 

Excerpt from their website ... worth to read:

"Application example: 

In this case, the use of IEC 61400-25 [mapping according to IEC 61400-25-4 IEC 61850-8-1, MMS] enables all wind turbines from different manufacturers in a wind farm to communicate with a central station.

Standardization avoids the use of vendor-specific protocols, which would lead to increased application expenditure. BECKHOFF supports this method with the implementation of IEC 61850 or IEC 61400-25 respectively in the TwinCAT Automation suite."

Beckhoff has a very nice and easy to read (and understand) online documentation.

Click HERE (English) and HERE (Deutsch) to find the details of the implementation of Client, Server, GOOSE Publisher and Subscriber.

Just give it a try.

Are IEC 61850 based Systems Cyber-Secure?

Often you hear arguments that IEC 61850 based systems are not cyber-secure ... is that true?

The truth is: The standards series IEC 61850 refers to the standard series IEC 62351. Example:

Power Systems Management and Associated Information Exchange – Communication network and system security – Part 4: Profiles including MMS and derivatives

IEC 61850-8-1 (Mapping to MMS) requires to use TLS ... as defined in IEC 62351-6 !!

Click HERE to access the preview of IEC 61850-8-1 (referring to IEC 62351) and HERE for the preview of IEC 62351-6.

Another issue to protect your IEC 61850 based system is to monitor the traffic and compare it with the configured communication relations and contents:

Click HERE to watch a brief video from Omicron that shows some means to support cyber-security in IEC 61850 based systems. 

There is a lot of activities going on to increase the cyber-security in automation systems.

New Book on IEC 61850

Please note that there is a quite new book (400+ pages) about IEC 61850 for electric power systems:

IEC 61850 Principles and Applications to Electric Power Systems

Editors: Peter Bishop, Nirmal-Kumar C. Nair

Click HERE for details.

The basic approach of the IEC 61850 standard series is to some degree independent of electric power systems and applicable in most automation domains.

Example: Monitoring of a process measurement

The following sketch shows an excerpt of a series of presentations I conducted recently.

A instantaneous measurement (in IEC 61850 xxxx.instMag) can be read at any time by some computer (on the left). The value could come with a quality information saying: Value is ok; and a timestamp.

Instead of polling the value, you may want to receive the value every 10 seconds automatically without polling. Next you may want to receive the value when it changes by +/- 10 % compared to the last reported value. Or you may want to receive a report in case the quality of the value changes from good to bad ... and so on.

IEC 61850 information exchange services for monitoring process values offer many additional possibilities to receive spontaneously sent information. The information to be sent can represent measurements you find in building automation, heating systems, diesel generators, pressure systems, car manufactoriing, ...

Click HERE for papers co-written by Nirmal-Kumar C. Nair (co-author of the new book) and myself (Karlheinz Schwarz). You will be surprised what we published more than 10 years ago! (some papers may not easily be accessible! ... sorry for that).

Stay tuned to the blog to see more on this in the future. 

IEC 61850: Communication Interfaces for Mobile Battery Energy Storage Applications

A. Bonetti ... NO, NOT Andrea Bonetti, but his son Alessandro wrote a very remarkable Master Thesis at KTH, School of Electrical Engineering and Computer Science (EECS) (Stockholm, Sweden):

Communication Interfaces for Mobile Battery Energy Storage Applications

Alessandro, Congratulation! Excellent!

You wrote: "Then, I give my sincere appreciation to Karlheinz Schwarz for answering my questions regarding modeling, and maintaining an open blog with comments and thoughts regarding power system automation."

You are welcome!

Excerpt from the Abstract:

"This thesis project, carried out at Northvolt Systems, aims to analyze the existing and readily used communication interfaces for a specific set of mobileBESS applications. The analysis is performed by a literature review of typical mobile BESS applications with the identified corresponding communication interfaces. Among the identified interfaces is the IEC 61850 standard, which shows suitability in smart grid applications, enabling interoperability,vendor-independence, and standardization. To provide a real-life analysis of the IEC 61850 benefits and applicability to mobile BESS, an integration of the standard to a Northvolt mobile BESS was performed."

Click HERE to access the abstract and the download link.

Click HERE to watch a nice video from Andrea Bonetti about IEC 61850 for power systems.

Andrea, You could be proud of your son Alessandro!

IEC CDV files available for Public Commenting - circulation date 2023-08-11

 Dear Friends of IEC standards, I just remember you that IEC lets you comment on published CDVs (Committe Draft for Vote) ... 

Click HERE for general rules, :

IEC Public Commenting

Help shape international standards if you have the requisite technical expertise. Public commenting on draft IEC Standards is open for a two month period

Currently the following IEC 61850 document is open for comments ... you have to login with your IEC account or register for an account:

57/2602/CDV 

IEC 61850-6/AMD2 ED2: Amendment 2 -
Communication networks and systems for power utility automation -
Part 6: Configuration description language for communication in electrical substations related to IEDs 

CLOSING DATE FOR VOTING: 2023-11-03

Please take your time to review the document ... You may agree with me that part 6 (SCL) is a crucial part of the series IEC 61850!

Updated my LinkedIn Profile

 Please note that I have updated my LinkedIn profile today:

Klick HERE to access my LinkedIn profile.

IEC 61850 Online-Seminar im Frühjahr 2023

Die FGH Akademie (Mannheim) bietet ein Online-Seminar "Basics IEC 61850" bestehend aus neun (9) Blöcken je 2,5 Stunden an.

Datum: 06. - 31.03.2023

Hier klicken, um zu weiteren Informationen zu gelangen.

Falls Sie Interesse an einem In-House-Seminar zu IEC 61850 haben, können Sie mich gerne ansprechen - mein umfangreicher Erfahrungsschatz (den ich von 1982 bis heute aufgebaut habe) steht Ihnen zur Verfügung!

Education Regarding IEC 61850 in 2023

Dear All,

Andrea Bonetti (now with Megger) and I have conducted many training sessions all over ... we are both convinced that after three years of Corona pandemic there are many people that are waiting for comprehensive training on IEC 61850 and related standards.

Click HERE for some LinkedIn discussion on the need for training ...

Click HERE for another LinkedIn discussion ...

You can see Karlheinz Schwarz in action during a seminar for the project "Future Intelligent Transmission Network Substation (FITNESS)" in Scotland:

Click HERE for the report ... you will see me presenting on the left side in the photo on page 15.

UPDATE On My Personal Situation After My Wife Passed Away On October 25, 2022

Dear All,

You may remember my post dated October 24, 2021: 

https://blog.nettedautomation.com/2021/10/some-information-about-my-personal.html

One year and one day later:

My wife Ingeruth passed away on October 25, 2022 after a long lasting and serious illness at the age of 69. Ingeruth suffered ALS which was diagnosed in January 2017. One of our daughters and I nursed her 24/7 since then. She needed air ventilation all day and night … and electric power 24/7 …

I really miss my wife ... 

I have been contacted by several people that asked me, if I would be available for some consultancy work or training ... and even travel again. During the last years I have done training and consultancy work by phone and online ... YES, I am available ...

I also hope to spent some time to post useful information on this blog.

Note that I am planning to attend the DistribuTech 2023 in San Diego (Febr 7-9).

Ingeruth and I planned to travel to San Diego in January 2017, six years ago. But the doctors told us on January 6, 2017 the diagnosis ALS … we cancelled the trip immediately. So, I am now catching up (alone) on what we missed to do together … 

Please contact me in case you have a question ...

ISA99 - New Working Group "Electric Energy OT Security Profile"

"The U.S. Department of Energy (DOE), global equipment suppliers, and other stakeholders announced the establishment of the Electric Energy OT Security Profile working group hosted by the International Society of Automation ISA99 standards committee.

The Electric Energy OT Security Profile will be a cybersecurity work product utilizing the ISA/IEC 62443 series of standards. The final product will be a formal ISA/IEC 62443 application guide, recognized globally as the consensus work product for securing various control systems used in electric energy generation, transmission, and distribution operations.

...

The ISA Electric Energy OT Security Profile working group is seeking participation from industry groups, including the Institute of Electrical and Electronics Engineers (IEEE), the International Electrotechnical Commission (IEC), the International Council on Large Electric Systems (CIGRE), and other industry stakeholders to ensure consideration of and alignment with other cybersecurity work product development efforts. ... "

Click HERE for the press release.

Netze BW Erprobt FNN-Steuerboxen mit IEC 61850

In mehreren Pilotprojekten erprobt die Netze BW den Einsatz der FNN-Steuerboxen. Die Steuerboxen kommunizieren mit dem Steuerbox Administrator-System mittels IEC 61850. 

"„Die Erkenntnisse aus den Prüfungen im Karlsruher Labor und aus der gemeinsamen Arbeit fließen laufend in den Fortgang der Standardisierung zurück und dienen beispielsweise dazu, die Spezifikation zu präzisieren“, erklärt Jana Brandt, die in diesem Bereich zuständige Projektleiterin ist. ... Die Projektleiterin ist überzeugt: „Für den Bereich Technik & Innovation der Netze BW erweitern sich durch die Erkenntnisse die Optionen für die Netzintegration der E-Mobilität.“ ... Jana Brandt: „Zusammengefasst geht es um einen Beitrag zu Stabilität und Sicherheit im Verteilnetz, die Vermeidung von Kosten für den Netzausbau und somit letztlich zum Gelingen der Energiewende.“"

Klick HIER, um zum Beitrag zu gelangen.