Friday, December 29, 2017

New Merging Unit Development Kit

A new Merging Unit Development Kit based on the NovTech IoT Smart Grid Platform with Intel Cyclone V SoC Core is available for your next project.
Utility companies are adapting their infrastructures to support bidirectional energy flow to handle the emergence of DER (Distributed Energy Resources) via microgrids, photovoltaic panels, and local energy storage. As distributed energy generation increases, new intelligence of sensors, measurement and protection equipment will be required to process data at the edge. Also with the increase in variable DER, it is more challenging for substations to deliver sinusoidal and predictable steady-state voltage and current. Utility companies rely on substation metering of secondary voltage (VT) and current transformer (CT) circuits to detect performance issues and to provide vital information in real time to distributed digital protection nodes.

To satisfy this need, SystemCORP and Intel developed an IEC 61850-9-2LE compliant merging unit solution in form of a demonstrator/development platform.

This development kit consists of 6 parts:

  1. NovTech IoT Octopus Smart Grid IoT Platform
  2. SystemCORP VT/CT Interface board
  3. SystemCORP IEC 61850-9-2LE Sample Value software stack (PIS-11) on ARM Cortex A9 core 1
  4. SystemCORP IEC standard 61850 server/client software stack (PIS-10) on ARM Cortex A9 core 2 (optional)
  5. Flexibilis embedded FPGA analogue front-end IP core
  6. Flexibilis Ethernet PRP/HSR FPGA IP core (optional) 

Click HERE for more information.

Saturday, December 9, 2017

IEC TC 57 Publishes Draft for Basic Application Profiles (BAPs)

IEC TC 57 just published Draft for Basic Application Profiles (BAPs):

Development of IEC TR 61850-7-6 (57/1946/DC):
Communication networks and systems for power utility automation
Part 7-6: Guideline for definition of Basic Application Profiles (BAPs) using IEC 61850

Different types are possible:

  1. User profile –defined subset that is valid for a specific user / community of users (e.g. utility)
  2. Domain profile - defined subset for a specific domain and relevant use cases (e.g. asset management)
  3. Basic Application Profile (BAP) – standardized subset defining an atomic application function (e.g. reverse blocking)
  4. Application profile - profile covering a specific application mostly based by aggregating BAPs e.g. busbar protection)
  5. Device profile – profile covering a typical IED functionality e.g. Merging Unit, IEC 61869-9)
  6. Product profile – implemented subset in a specific vendor product

Comments on this draft are due by 2018-01-19.

How many employees will drive an electric vehicle?

A German manager recently said that 500 employees of his company drive by car to the company every workday. He expects that in the future 250 will use electric cars and will charge their cars within the first hour after they arrived. The company would need 10 times more power than today!
Ok! Hm!?
What do you think about these assumptions? 250 EVs charging in the first hour!?
As an engineer I am wondering that experts come up with such examples. First of all, I do not expect that 50 per cent of the car owners will buy an electric car in the next years. Even if they would do, why do 250 car drivers want to charge at the companies car park in the morning when they arrive?
He concludes that "we engineers have not yet thought through to the end".
I guess a lot of engineers have thought through to the end - but not many engineers or politicians are listening!

Click HERE for the report "Netzstabilität braucht Digitalisierung und Automatisierung" in the vdi nachrichten (German).

These discussions remind me of the situation in the early 80s when we had the discussion on CSMA/CD (Ethernet, IEEE 802.3) versus Token Passing (IEEE 802.4). Under the assumption that we have a shower of messages to be sent by all attached devices at the same time, we found that Ethernet could not efficiently manage the communication due to many collisions. Token Passing was understood to manage such a situation very well. Ok.
Another assumption, high load from one device only, could easily be managed by CSMA/CD - but Token Passing would end up in very low throughput ... many other assumptions could be made.
So, what is the realistic assumption for communication? Nobody knows - it all depends.
Finally Switched Ethernet (a major new development) solved the collision problem ... and Token Passing more or less became obsolete in the automation world.

In the energy domain we need first to find the future new mix of power generation and how to store, transmit, distribute, and use the power - then we can think about automation and communication. The most crucial issue may be: Who is paying for all the changes?

By the way: We (many engineers) know how to communicate: IEC 61850 is one of the most crucial solution ... and how (not yet what) to automate.

Tuesday, November 21, 2017

Cigré -- Free of Charge Download of Publications related to IEC 61850

Non Cigré Members can download free of charge publications that are over three years old. Cigé is the international association and body of knowledge for the power sector:

Click HERE for a list of IEC 61850 related publications - many are older than three years.


Monday, November 13, 2017

IEC 61850 Training in Deutsch mit Jubiläumsrabatt

An alle an IEC 61850 Interessierten,
NettedAutomation bietet das viertägige IEC 61850 Intensiv-Training
vom 05 bis 08. Dezember 2017 
in Karlsruhe
zu einem ***unschlagbaren Jubiläums-Sonderpreis*** von 750 Euro (netto) an!

Hier für das Anmeldeformular klicken.

Bei der Anmeldung bitte den Sonderpreis vermerken!

Weitere Termine:
14.-17. Mai 2018
04.-07. Dezember 2018

Wir haben mehr als 4.300 Experten in mehr als 240 Kursen geschult - überall auf der Welt!

Wir bieten Ihnen auch gerne ein Inhouse-Seminar an.

Wir würden uns freuen, Sie am 05.12. in Karlsruhe - direkt neben dem Weihnachtsmarkt - begrüßen zu können!

Saturday, November 11, 2017

First Amendment of IEC 61850-4: System and Project Management

IEC TC 57 just published the IEC 61850-4 Amendment 1 (57/1922/CDV)
– Communication networks and systems for power utility automation
Part 4: System and project management

The main extensions of the edition 2 are:
  1. New sub-chapter 5.3.6 describes the engineering tool workflow and its chronology (which SCL files are exchanged in between configuration tools) through 3 use cases: the classical use case, the change of system tool and the interaction between 2 projects.
  2. New sub-chapter 6.4 talks about backward compatibility and deals with replacement or extension whatever the component is provided by the same or different manufacturer. To do so, it scrutinizes through 4 use cases, what kind of impacts could be acceptable for IED or tools.
The ballot closes 2018-02-02.
The CDV (committee draft for vote) is accessible for PUBLIC comments by every interested person.

Note that the amendment has already been blended into the edition 2 document for easier reading: 57/1923/INF

These extensions answer a couple of questions that come up during every seminar and in many discussions. They are extending the explanations of SCL (part 6).
The document is worth to study.

Friday, November 3, 2017

What happens during a blackout - Comprehensive Report of the German Parliament's study

published in 20111 a very comprehensive report:

What happens during a blackout - 
Consequences of a prolonged and wide-ranging power outage

Infrastructures such as a reliable energy supply, functioning water-supply and wastewater-disposal systems, efficient modes of transport and transport routes and also information technology and telecommunications technology that can be accessed at all times represent the lifeblood of high-technology industrialised nations. The Committee on Education, Research and Technology Assessment therefore commissioned the Office of Technology Assessment at the German Bundestag (TAB) to investigate the possible effects of a prolonged and widespread power blackout on highly critical infrastructures such as drinking water, wastewater, information and communications systems, financial services and health services, especially against a backdrop where the blackout has a cascading effect spanning state and national boundaries.
In Germany, several recent natural disasters and technical malfunctions (Elbe and Oder floods in 2002/2005, power blackout in the Münsterland in 2005, the Kyrill storm in 2007) have highlighted the population’s dependence on such (critical) infrastructures. Supply bottlenecks, public safety problems and disruptions to road and rail transport have revealed the vulnerability of modern societies and made extreme demands on health, emergency and rescue services...."

Click HERE for the 250 page report [English].
Click HERE for the German version.

The report is one of the best descriptions I have seen. It is really worth to read, to understand and to follow.

If you want to understand what power outages could mean to a society (in a warm region - not in c(o)ld Germany), study the following reports:
Click HERE for the report "Puerto Rico 'heartbreaking' five weeks post-storm"
Click HERE for the report "Puerto Rico Struggles With Power Recovery ..."
Click HERE for further information

I hope something like that will not happen during winter time in Germany.
Note that we have more than natural disasters: Man-made aging infrastructures and aging workforce. 

Thursday, November 2, 2017

Port Scanning in a Substation - May be a No-Go

Security is more than a buzzword these days. You should be very serious about the security of your substation protection and automation system.
Joe Weiss asked yesterday:
Are the Good Guys as Dangerous as the Bad Guys – an Almost Catastrophic Failure of the Transmission Grid
What happened? A port scanning tool in an IEC 61850 GOOSE based substation protection system had a very negative impact on the GOOSE publisher and subscriber: The Relays stopped to operate!! They had to be manually rebooted.
Port scanning may provide a lot (too much) of stress to the devices and communication system. Such a crucial load has to be taken into account during the design of the devices and of the whole system. Theoretically this payload should be taken into account as part of the system engineering ... part of the System Configuration Description (SCD). Any unexpected traffic avalanche may have a serious impact on the stability of the system!
Click HERE for Joe's report.

I guess that the GridEx network monitor would have raised the red flag seeing the message avalanche in the transmission substation.

Lesson to be learned:
Any non-operational load on a critical network should be treated very careful. IT and OT people have to work together and make sure that such test tools do not put too much stress onto the devices connected in a substation or any other system:
Teamwork makes the dream work - and keeps the power flowing!

Click HERE for a discussion of port scanning ... written long time ago (2001 !!)
Click HERE for a worth to read report on how to apply IEC 62443.

My friend Andrea Bonetti (FMTP) responded as follows:

Dear Karlheinz!
What you have described is unfortunately a known problem.
It is really not at all the first time that it happens in the last 10 years, but it is maybe the first time that it is presented to the public.
I would like to stress-out that this problem is NOT related to IEC 61850 but it is related to the correct usage of digital technology.
Similar situations happened also “before” when proprietary digital technology was used. Maybe they were just more difficult to disclose because also the tools were proprietary.
Regarding GridEx, it would have detected the loss of communication among the devices, as it performs the supervision of the GOOSE messages. This would have been written in its report.
GridEx performs also network load calculations, but in the case you have described this would not have helped probably. Anyway that information would also have been written in the report.
Let me point out that GridEx is an “IEC 61850 passive tool”.
GridEx does not talk to any device, does not send any IEC 61850 message…. it can only listen to what happens, without interacting with the system.
Also the time synchronization of GridEx can be performed completely independently from the system, with its own independent GPS receiver accessory.
Also GridEx works without a PC, so you do not connect the PC to the substation network system.
As GridEx doesn’t interact to the system where it is connected to, it cannot cause any damage and it can be connected to the network while the system is in service.

Saturday, October 28, 2017

Wow: IEC Goes XML and PSON

IEC provides access to crucial standardized information by modern web technologies:
The content of the Electropedia (The World's Online Electrotechnical Vocabulary) is now made accessible by XML documents and PSON (REST) through the opendata gateway.
“A json version of all subject areas (or IEV parts) in the Electropedia is available by calling the REST endpoint: “ 

I expect that the PSON option will be made available for the complete vocabulary soon.
More to come!

Draft TR IEC 62351-90-2: Deep Packet Inspection (DPI) of Encrypted Communication

IEC TC 57 just published the document 57/1939/DTR:

Power systems management and associated information exchange –
Data and communications security –
IEC TR 62351-90-2: Deep Packet Inspection (DPI) of encrypted communications

This technical report analyses the impact of encrypted communication channels in power systems introduced with IEC 62351. As defined in IEC 62351 an encrypted channel can be employed when communicating with IEDs and encryption can be adopted at message level as well. For example, the use of encrypting TLS setups according to IEC 62351-3 introduces some issues when Deep Packet Inspection (DPI) is needed to inspect the communication channel for monitoring, auditing and validation needs.
In this report we analyze different techniques that can be employed to circumvent this issues when DPI of communications is required.

The voting closes 2017-12-22

Sunday, October 8, 2017

ABB Presents the Benefits of Substation Digitalization with IEC 61850

A nice video by ABB (Steven Kunsman) explains "all the benefits of substation digitalization ... it’s little wonder there’s so much interest in the shift to this technology. Supported by the open communication capabilities derived from IEC 61850’s, substation assets are providing a growing volume of health and operational data that’s enabling higher levels of both reliability and performance. This excerpt from an ABB Automation & Customer World Workshop provides key highlights of how the digital substation is also safer, smaller, and simpler to commission and operate than traditional substations."

Click HERE for the video.

Saturday, October 7, 2017

IEC TC 57 published Two Documents Related to Security Measures (IEC 62351)

IEC TC 57 just published the following two documents:

IEC 62351-100-3: Conformance test cases for the IEC 62351-3, the secure communication extension for profiles including TCP/IP

The scope is to specify common available procedures and definitions for conformance and/or interoperability testing of the requirements of IEC 62351-3, the security extension for profiles including TCP/IP.

Proposed revision of IEC TS 62351-6 ED1 and conversion into an International Standard (Power systems management and associated information exchange - Data and communications security - Part 6: Security for IEC 61850)

Both documents indicate that the security measures defined by the series IEC 62351 are becoming more important! Hope that more experts in the power delivery domain will understand the impact!

Draft TR IEC 61850-90-6 for Distribution Automation Published

IEC TC 57 WG 17 just published the 277 page (!) draft TR 57/1929/DTR:

IEC 61850-90-6: Use of IEC 61850 for Distribution Automation Systems

Commenting period and ballot closes 2017-12-01.

This technical report provides basic aspects that need to be considered when using IEC 61850 for information exchange between systems and components within MV network automation. In particular, the report:
  • Defines use cases for typical DA applications that require information exchange between two or more components/systems
  • Provides modelling of components commonly used in DA applications
  • Proposes new logical nodes and the extensions to the existing logical nodes that can be used in typical DA applications.
  • Provides guidelines for the communication architecture and services to be used in DA applications
  • Provides configuration methods for IEDs to be used in DA systems.
Basic function for which models will be selected or defined cover:
  • Fault Passage Indication and report
  • FLISR (Fault Location, Isolation and Service Restoration)
  • VVC (Voltage and Var Control)
  • Anti-Islanding Protection Based on Communications
  • Automatic Switch Transfer
  • Monitoring Energy Flow
  • Environment Situation Awareness
A Distribution Automation System (DAS) can have up to tens of thousands of IEDs spreading
over a wide area distribution network.

Multiple new Logical Node Classes and extensions for existing LNs are proposed:

This draft is very detailed and easy to read.

Conflicting Use of TCP Port 102 for IEC 61850 and Simatic S7

IEC 61850-8-1 defines how the abstract IEC 61850 services (ACSI) are mapped to MMS (ISO 9506). The MMS protocol runs on ISO/OSI Transport Layer, ISO/OSI Session Layer, ... For IEC 61850 it has been decided to use TCP/IP as transport protocol.

TCP has to be "extended" by some definitions to get the same services and protocol features as provided by ISO/OSI Transport Layer class 0: The IETF RFC 1006 defines how to use TCP for MMS. RFC 1006 defines among other issues to use TCP Port number 102 for the MMS Server role. Any IEC 61850 Server role has to run on port 102 - independent of the platform it is running on: protection device, control device or a Windows PC.

Siemens SIMATIC S7 PLCs use RFC 1006 entitled "ISO Transport Service on top of the TCP" (ISO-on-TCP) as a protocol extension for the TCP protocol for connection between two systems.

RFC 1006 (and thus Port 102) is used for standard connections in the SIMATIC environment.

  • STEP 7 remote programming via LAN
  • ISO-on-TCP connections
  • S7 connections via Industrial Ethernet

I have come across situations where PCs are running SIMATIC S7 tools that are using Port 102! In that case you cannot run an IEC 61850 Server role on the same PC (with the same IP address) - because Port 102 is already in use!!

If you have trouble running an IE 61850 Server role on your computer - check also if Port 102 is already in use. In one case we figured out this situation with a server model (SCL) that we tried to simulate with the Omicron IED Scout! IED Scout reported an error: TCP Port 102 already in use. We stopped the SIMATIC S7 application to free the Port 102.

This is another use case where the IEDScout reports very useful error information!

Here is an example of the command "netstat -a" (may use as well "netstat -a -b") to figure out, if the port 102 is used or not: Waiting for port "102": 

Click HERE for the Server demo (shown on the right).

Click HERE for a list of ports used by Siemens SIMATIC S7.

Tuesday, October 3, 2017

Are Devices Using IEC 61850 Vulnerable?

Devices that implement IEC 61850 may be vulnerable - depending on the measures (not) implemented to protect your SYSTEM! There are many layers of security that can be build into the system to make is less vulnerable. IEC 61850 needs special security measures to hide the semantics of the information being exchanged in a system.

IEC 61850 has well defined models for controlling switch gears: Logical Node CSWI.Pos for operating any kind of switchgears liek circuit breaker, dis-connector or earthing switches. If a client (SCADA, RTU, Proxy, ...) has "open" access to an IED, it could use the self-description and figure out which CSWI instances are available ... and could try to use MMS Write to open or close a switch gear. In a bad system design, this may work.

A high level of security would not (easily) allow other clients (except those that are designed to operate) to operate a switch gear.

Security measures have to be implemented to prevent misuse of the self-description. Even without the self-description, it may be possible that somebody gets access to the SCL file of the system to "read" the models from an XML file. As a consequence: XML files need to be secured as well ...!

You will find solutions for many of the known security problems in the standard series IEC 62351!

The definitions have to be implemented - the paper standards do not protect your systems!

A very new, comprehensive and up-to-date report on security has been published the other day:


Click HERE for the report [pdf, 20 pages].

By the way, the report mentions IEC 60870-5-101/104, IEC 61850 and OPC UA.
Worth to read.

Monday, October 2, 2017


Orientado a la proteccion, control y automatizacion de subestaciones electricas, haciendo uso de: GOOSE Sampled Values, SCADA y el lenguaje de configuracion SCL.

EI estandar IEC 61850 es aplicado desde hace varios anos en el diseno de nuevas subestaciones alrededor del mundo. Durante el seminario, los mäs experimentados y reconocidos ingenieros especialistas a nivel global le ensenarän como utilizar y aplicar la norma IEC 61850 en el diseno, supervision y control de subestaciones digitales para el sector electrico. Se harän aplicaciones präcticas utilizando herramientas de prueba, software e IEDs de diferentes fabricantes.

NM Lima Hotel
Av. Pardo y Aliaga N° 330
San lsidro 15073
Dei 27 al 30 de Noviembre del 2017.
Horarlo: De 09:00 a 17:30 horas.

Organized by: Nakama Solutions, FMTP, and NettedAutomation

Click HERE for the brochure.
Click HERE for the program.

Friday, September 22, 2017

IEC 61850: Usage of XML Schemata for Model Name Space Definitions

One of the crucial challenges in dealing with IEC 61850 is the sheer unlimited amount of Models (Logical Nodes, Data Objects, Data Attributes, Data Attribute Types, ... and related Services). How to manage these? How to figure out which model was valid last year, which model details are currently valid, ... questions, questions ...
What are the answers to these questions? Simply: good documentation of content, modifications, extensions, and changes.
The IEC TC 57 WG 10 has published a document that defines the rules for model content of IEC 61850 based core data model in IEC 61850-7-2, IEC 61850-7-3 and IEC 61850-7-4. Other domains (like DER, Hydro, Wind, etc.) could define their own data model based on IEC 61850 core data model to be able to use IEC 61850 core parts as a common layer.

The published 70 page document 57/1925/DTS contains the new draft rules:

Communication networks and systems for power utility automation –
Part 7-7: Basic communication structure –
Machine-processable format of IEC 61850-related data models for tools

The voting and commenting period closes 2017-12-15

"Year after year the IEC 61850 data models are extended both in depth with hundreds of new data items, and in width with tens of new parts.
In order to foster an active tool market with good quality, and at the end to improve IEC 61850 interoperability, we need a machine-processable file describing data model related parts of the standard as input. This is the purpose the new language Name Space Definition (NSD) defined by this part of IEC 61850.
This will avoid the need for any engineering tool related to the IEC 61850 data models to get the content of the standard manually entered, with the highest risk of mistakes. This will also help spreading easily any corrections to the data model, as requested to reach interoperability. Tool vendors will be able to integrate NSD in their tools to distribute the standard data models directly to end users."

This new document seems to be crucial for all experts that deal with models and their implementation in Tools and IEDs.

Sunday, September 17, 2017

IEC 61850 Logical Node Group Designation

IEC 61850 uses a well defined designation of Logical Node Groups like MMXU for 3phase electrical measurements. The following groups are defined:

A   Automatic control
C   Supervisory control
D   DER (Distributed Energy Resources)
F   Functional blocks
G   Generic function references
H   Hydro power
I    Interfacing and archiving
K   Mechanical and non-electrical primary equipment
L    System logical nodes
M   Metering and measurement
P    Protection functions
Q    Power quality events detection related
R    Protection related functions
S    Supervision and monitoring
T    Instrument transformer and sensors
W   Wind power
X    Switchgear
Y    Power transformer and related functions
Z    Further (power system) equipment

A total of several hundred of Logical Nodes are already defined and published.

Machine Processable SCL/XML Schema Available for Download

Please note that the SCL Schema Edition 1 and 2 are available for download from the IEC Website.

Click HERE for more details.

There will be more machine processable documents of the series IEC 61850 available in the near future.

I highly recommend to stay tuned to this IEC 61850 Blog ... just Subscribe to it (details can be found on the top right of the site).

First Document of Series IEC 61850 Published as Edition 2.1 FDIS

IEC TC 57 has just published the FDIS of IEC 61850-6/AMD1 ED2:

Amendment 1 – Communication networks and systems for power utility automation –
Part 6: Configuration description language for communication in power utility automation systems related to IEDs

The voting ends: 2017-10-27

Amendment 1 means finally Part 6 Edition 2.1:

The present FDIS reflects amendment 1 to IEC 61850-6 Ed. 2. TC 57 WG 10 has also developed a so-called consolidated edition 2.1 based on the present amendment and the existing Edition 2. The consolidated edition is circulated in parallel under reference 57/1919/INF, so that national committees can see the implementation of the amendment in the existing edition.
Once the present FDIS is approved, the consolidated edition will be published together with the amendment under reference IEC 61850-6 Ed. 2.1.

Machine processable Schema available!!

Note that the Schemata for Edition 1 and 2 of part 6 could be downloaded from the IEC Website:

The availability of the machine readable schemata is a very great progress in getting IEC 61850 applied in more and new application domains. More to come.


Saturday, September 16, 2017

IEC 61850: Training for Protection, Control, and SCADA experts

FMTP and NettedAutomation offer one of the most wanted

Training for Protection, Control, and SCADA based on systems according to IEC 61850

10.-13. October 2017
Karlsruhe/Germany (just one hour south of Frankfurt International Airport)

We have a few seats available - one for you and maybe one for your colleague.

Click HERE for details and registration information.
Click HERE for further training opportunities.

Saturday, September 9, 2017

TÜV SÜD Offers Interoperability Tests - What comes next?

The UCAIUG (UCA International Users Group) has issued 800 Certificates for IEC 61850 devices and tools. Congratulation for the success.

The global market has accepted the new technology standardized since 1995! No question!

In multi vendor projects quite often devices from different manufacturers or from different device firmware versions show interoperability issues. Device A and B may conform to the standard series - but device A may support options that are not supported by device B. This ends up in interoperability problems ... discussions and frustrations.

It is highly recommended that devices used in a multi vendor project are tested for interoperability! Interoperability tests are usually organized by users, e.g., big utilities. The UCAIUG organizes interoperability tests every second yer - far away from being sufficient! The next one is planned for being conducted in New Orleans (USA) in November. It requires a lot of resources to go there ... I guess European utilities may send very few experts only ... and small vendors are likely not travelling across the Atlantic.

So, what to do? I have recommended early to TÜV SÜD to offer interoperability test services.

TÜV SÜD (Munich, Germany) is offering interoperability test ... contact them to figure out how your device can interoperate with other devices.

Interoperable components save time and money during integration into complex systems - and help to reduce frustrations when struggling with implemented or not implemented options, with different interpretations by vendors, ...

And note this: Traveling to Munich (Germany) is easier and cheaper than flying around the globe!

Partners in the industrial automation domain have learned that interoperability (for easier integration) is a crucial means to save a lot of resources ... they are partnering:

Open Integration Partner program for practical testing of multi-vendor automation topologies

Endress + Hauser is proposing the following: “Open Integration validates the interplay of all products in a reference topology by mutual integration tests.” in a permanent lab environment.

I hope that some companies and organizations in the Power Industry will also implement such permanently available “LAT” (Lab Acceptance Tests) that would offer 24x7 support services to the power industry.

Maybe you are interested to discuss this with TÜV SÜD or ... or myself. Please feel free to contact me.

Thanks to TÜV SÜD to offer the interoperability test services. I look forward to see more in the near future - the whole energy market would appreciate it.

Tuesday, September 5, 2017

IEC 61850 Tissue Database is Crucial for Improving the Quality of IEC 61850

The Tissue (technical issues) Database is one of the most important means to improve the quality of the standard series IEC 61850.
When IEC published the first parts of the series in 2004 the editors used a Word document to keep track of technical issues reported to the key experts and the results of their discussions. NettedAutomation developed the Tissue Database to offer a public tool to support the standardization and quality assurance process.

The following parts have an entry in the Database:

We just added an entry to part 90-2 (Substation to Control Center communication).
Please note that the almost 1,500 entries play a crucial role in the latest parts published and in the UCAIUG testing specification. Excerpt of IEC 61850-6 Amendment 1 to Edition 2:

This list has 50+ entries referring to the Tissue Database.

Products that claim conformance with IEC 61850 have to be accompanied by the so-called "TICS" Technical Issues Conformance Statement. This is a list that describes which Technical Issues have been implemented in a specific product. It is quite important to understand, that a specific Technical Issue that has an impact on client and server (publisher and subscriber) has to be implemented on both sides!!

The test labs for IEC 61850 have to test Technical Issues - when required by the testcase. The UCAIUG maintains a list of all "green" Tissues that are integral part of UCAIUG Testing requirements.

If you have an issue with IEC 61850 I recommend to check the Database and search for the topic you are looking for. Maybe your concern has already been solved ... you find a lot of good discussions in many tissues.

NetteAutomation will continue to offer the Tissue Database for the next parts to be published, e.g., Edition 2.1 of the core documents.

Enjoy the Database.

Monday, September 4, 2017


NAKAMA SOLUCIONES S.A.C., FMTP, and NettedAutomation conduct a 5 days course on


in Lima (Peru), NM Lima Hotel, Av. Pardo y Aliaga N° 330, San Isidro 15073

Del 13 al 17 de Noviembre del 2017

Horario: De 09:00 a 17:00 horas

Click HERE for general information.
Click HERE for the full program.

Saturday, August 26, 2017

The Cassandra Coefficient and ICS Cyper - Some Thoughts

Do you have a idea what "The Cassandra Coefficient" is all about and how it relates to ICS cyber security? Joe Weiss discusses the issues in a recent publication:

Cassandra coefficient and ICS cyber – is this why the system is broken

Brief extract from the publication:
Joe Weiss writes: " ... What I have found is that each time another IT cyber event occurs more attention goes to the IT at the expense of ICS cyber security. The other common theme is “wait until something big happens or something happens to me, then we can take action”. Because there are minimal ICS cyber forensics and appropriate training at the control system layer (not just the network), there are very few publicly documented ICS cyber cases. However, I have been able to document more than 950 actual cases resulting in more than 1,000 deaths and more than $50 Billion in direct damages. I was recently at a major end-user where I was to give a seminar. The evening before I had dinner with their OT cyber security expert who mentioned he had been involved in an actual malicious ICS cyber security event that affected their facilities. For various reasons the event was not documented. Consequently, everyone from the end-user, other that the OT cyber expert involved, were unaware of a major ICS cyber event that occurred in their own company. So much for information sharing."

My personal experience in this and in many other areas is: People tend to hide information instead of sharing information. I found many times that SCADA experts do not really talk to RTU people, substation automation or protection engineers ... and not at all to the people that are responsible for the communication infrastructure. Most engineers likely tend to focus on their (restricted) tasks and not looking at the SYSTEM and its lifetime. Am I contributing to solve the challenges to build a quite secure system - or am I part of the problem?

I repeat what I have said many times: Teamwork makes the dream work! Become a team player!

Click HERE for the publication.

This publication is worth to read ... some definition of what Cassandra Coefficient is could be found HERE.

Wednesday, August 23, 2017

ICS-Security Für Kleine Unternehmen Machbar Machen

Industrielle Automatisierungssysteme (Industrial Automation and Control Systeme, IACS) durchdringen viele Bereiche der kritischen Infrastrukturen wie Versorgungssysteme für Strom, Gas, Wasser, Abwasser, ...).

Mittlerweile wächst so langsam das Bewußtsein, dass viele dieser Systeme aus vielerlei Gründen nur unzureichend (im Sinne von Informationssicherheit) geschützt sind. Gründe können sein, dass Verantwortliche noch nicht die Notwendigkeit für mehr Schutzanforderungen sehen oder dass die installierten Systeme "altersschwach" sind und nur durch Austausch geschützt werden können, und und ...

Wasserversorgungsunternehmen zusammen mit dem BSI und der RWTH Aachen haben eine Masterarbeit begleitet, die besonders kleinen Versogungsunternehmen den Blick für mehr Sicherheit in der Informations- und Automatisierungstechnik öffnen könnte:

Sarah Fluchs hat die folgende Masterarbeit geschrieben:

Erstellung eines IT-Grundschutz-Profils für ein Referenzunternehmen (kleines/mittelständisches Unternehmen, KMU) mit automatisierter Prozesssteuerung (Industrial Control System, ICS)
ICS-Security für kleine Unternehmen machbar machen

Die Arbeit und ein Anhang sind öffentlich zugänglich:

HIER für den Hauptteil der Arbeit klicken.
HIER für den Anhang "IT-Grundschutz-Pilotprofil bzw. IT-Grundschutz-Profil für die Wasserwirtschaft

Diese Masterarbeit ist absolut lesens- und beachtenswert!

Die Einleitung beginnt mit einer Aussage von Ralph Langer:

For many complex IACS networks, there is no longer any single person who fully understands the system, […] and neither is there accurate documentation.

Dieser Aussage stelle ich eine viel ältere von Rene Descartes (1596-1650) voran:

"Hence we must believe that all the sciences [all the aspects of a distributed Automation System; vom Verfasser des Blogposts eingefügt] are so interconnected, that it is much easier to study them all together than to isolate one from all others. If, therefore, anyone wishes to search out the truth of things in serious ernest, he ought not to select one special science (aspect), for all the sciences (aspects) are cojoined with each other and interdependent."

Die Herausforderungen der heutigen und zukünftigen Generationen bestehen darin, ganzheitlich zu denken und zu handeln sowie die vielen überlieferten und damit auch vielfältigen Erfahrungen von unseren Vorfahren, besonders aber von solchen Menschen zu berücksichtigen, die unmittelbar in der Praxis tätig waren und gegenwärtig sind! [Aussage wurde von einem guten Freund ergänzt].

Teamwork makes the dream work.

In diesem Sinne geht mein Dank an Frau Fluchs, die mit ihrer Masterarbeit einen Grundstein gelegt hat. Symptomatisch ist, dass oft grundlegende Arbeiten "nur" von Studenten durchgeführt werden. Schade! Die angesprochenen Themen betreffen uns ALLE!

Eine Aussage in ihrem Fazit und Ausblick würde ich gerne korrigieren:

"Die übergeordnete Thematik der vorliegenden Arbeit ist die ICS-Security. Das Thema besetzt im Vergleich zu der „gewöhnlichen“ IT-Security bislang eine Nische. Vor allen produzierende Unternehmen und Betreiber kritischer Infrastrukturen müssen sich damit befassen – Otto Nor-malverbraucher bekäme zwar die Auswirkungen eines Security Incidents potenziell zu spüren, hat aber keinen direkten Einfluss auf die ICS-Netze und deren Sicherheit."

Wir als Otto-Normalverbraucher haben einen sehr großen direkten Einfluss auf die Sicherheit unserer Infrastrukturen: Indem wir bereit sind, mehr für unsere Grund-Versorgung zu bezahlen!!

Tuesday, August 22, 2017

No Gas No Electric Power - Yes, it Happend

Taiwan was hit recently by a massive blackout caused by simply closing two gas valves that powered six power generators with a total capacity of some 4,0000 MW or 4 GW!
How could that happen? The peak generation did not have reserve power. So the 4 GW tripped could not be compensated by other generations. It happens so fast!
The general stress was one aspect - another was an error made by humans, "almost 9 per cent of the island’s generation capacity, stopped after workers accidentally shut off its natural gas supply".

I am not aware of any details of the human error. One thing is clear: Our infrastructure is really under stress! It will take some efforts to get it fixed.

Click HERE for a news report.

We have really problems with existing and new infrastructures:

Check the pictures from the problems of the new train tunnel project in Rastatt (close to my home town Karlsruhe/Germany) ... you may read German as well ...

What happened? Who knows? Maybe the cheapest offer was awarded a contract ...
There is almost no redundancy in the Rhine river valley rail system ... redundancy costs money ...

It is a pity that new build infrastructure collapses and destroys old (still working) infrastructures.

Monday, August 21, 2017

New Application Example for EvaDeHon Package

We have posted a new example extending the use of the Evaluation, Demonstration and Hands-On (EvaDeHon) Package.

We will publish from time to time additional models and documentation for interesting applications. The objective is to help you to understand the various topologies and possibilities to use the IEC 61850 technology for the process information exchange.

One focus is on the application of the IXXAT (HMS) Smart Grid Gateways.

The example offers polling and reporting (Server on PC, Client on IXXAT WEB-PLC Gateway). The download contains the client CID for the gateway, the server CID and the JSON file for the PC. The gateway polls every 2 seconds and receives reports every 5 seconds - these intervals can be configured. Additionally it includes some specific documentation.

Click HERE for more information.

Saturday, August 19, 2017

Smart Cars Under Attack- What Does it Mean for Power Systems?

We are quite often looking for smart things: cars, phones, power grids, ... expecting they make life easier or more comfortable. May be ... or may not be.
We have to understand and take into account that most of these smart things are under enormous pressure to become hacked.
Researchers have reported that "Smart car makers are faced with a potentially lethal hack that cannot be fixed with a conventional software security update. The hack is believed to affect all smart cars and could enable an attacker to turn off safety features, such as airbags, ABS brakes and power-steering or any of a vehicle’s computerised components connected to its controller area network (Can) bus. ... The hack is “currently indefensible by modern car security technology, and to completely resolve it would require broad, sweeping changes in standards and the ways in-vehicle
networks and devices are made,”"
Click HERE for the full report on computerweekly.
Click HERE for another detailed report also worth to read and FOLLOW.

Hm, that is no good news!

I hope that the power industry is using appropriate (security) standards to dramatically reduce the risk to hack devices used in power automation systems. One of them is IEC 62351. There are many other measures discussed on this block, e.g., the German BDEW Whitebook.
How many more wake-up calls do we need to change our ways how to secure energy delivery services? The more devices are brought into operation the more we need to care about security.

A lethal position of the management would be: "It could not happen to our systems - they are all safe. Really?

In the first years of open systems interconnection (OSI) ... early 1980s, I was quite unhappy with the Ethernet CSMA/CD method and the token bus solution. As a young engineer at Siemens here in Karlsruhe, I spent many hours and days of my free time (at home) to figure out how to improve the CSMA/CD to make the access deterministic - yes I found a solution! My colleagues and the management was supporting Tokenbus only ;-)

So, my patent was not used by Siemens ... but later I figured out that the CAN bus used the same algorithm I developed for my patent.

At that time almost nobody was expecting that years later people would intentionally hack media access protocols!! I remember one person complaining about OSI in the early 80s. He said (in German): "Wer offene Systeme haben will, der ist nicht ganz dicht!" This is not easily to be translated in English - I will try. "Offene Systeme" is "Open Systems". "Dicht" means "close" - and if someone is "nicht dicht" means: you are crazy. So: "If you want to have Open Systems - you must be crazy."

Click HERE to have a look at my patent (EP0110015).

I am really wondering that the old and for long time used protocols like CAN make that lethal trouble 30 years later! What will be next?

By the way, any Ethernet multicast shower in a subnetwork has the potential to crash a "smart" device. If the Ethernet controller has to filter out too many multicast messages it may stop to work.

Resume: Any system needs to be carefully designed, engineered and configured. Do you want to have a problem? No Problem!

The industry has to learn that a lot of changes in the way we automate today has to come!! That requires SMART People - and a lot more resources ... the costs of our living will definitely increase.

I question, if we have really made a lot of progress since the early 80s. Open Sytsems are too "open" ... we have to find ways to close the points where hacker could tap and "re-use" the messages in order to stop talking.

Friday, August 18, 2017

Draft of First Amendment to IEC 62351-3 (power system security) Published

Draft IEC 62351-3/AMD1 ED1 (57/1894/CDV)
Amendment 1 – Power systems management and associated information exchange – Data and communications security – Part 3: Communication network and system security – Profiles including TCP/IP
The crucial amendment has been prepared by IEC TC57 Working Group 15 in order to address the following:

  1. Definition of additional security warnings for TLS versions 1.1 and 1.0
  2. Alignment of handling of revoked or expired certificates for TLS session resumption and TLS session renegotiation
  3. Clarification regarding session resumption and session renegotiation invocation based on session time.
  4. Enhancement of session resumption approach with the option of session tickets to better align with the upcoming new version of TLS
  5. Enhancement of the utilized public key methods for signing and key management with ECDSA based algorithms
  6. Update of the requirements for referencing standards
  7. Update of bibliograph
The CDV ballot ends 2017-11-03

Drei IEC-61850-Hands-On-Trainingskurse in Deutsch in Karlsruhe (2017 und 2018)

Die NettedAutomation GmbH (Karlsruhe) bietet drei Termine für das aktuelle IEC61850-Hands-On-Training in Karlsruhe an:
05.-08. Dezember 2017 
14.-17. Mai 2018
04.-07. Dezember 2018

Diese unschlagbar günstigen Trainingskurse vermitteln über 30 Jahre Erfahrungen mit Informationsaustausch-Systemen basierend auf internationalen Normenreihen wir IEC 61850 (allgemeine Anwendungen in der Energietechnik, Schaltanlagen, Transport- und Verteilnetze, Wasserkraft, Kraft-Wärmekopplung, Speicher, ...), IEC 61400-25 (Wind), IEC 60870-5-10x (traditionelle Fernwirktechnik), IEC 61158 (Feldbus), IEC 62351 (Sicherheit in der Informationstechnik) und vielen anderen.

Planen Sie schon heute das entsprechende Budget für das Jahr 2018!

Clicken Sie HIER für Inhalte, Preise und Anmeldeinformationen.

Thursday, August 17, 2017

SMA Inverter and Cyber Security Issues

Recently a study on cyber security threads regarding PV inverters was published, in which SMA was mentioned. The topic has also since been seized upon by other media outlets. Unfortunately, the claim has caused serious concern for SMA customers. SMA does not agree with this article, as some of the statements are not correct or greatly exaggerated.

Click HERE for the complete response by SMA.
HIER geht es zur deutschen Seite.

I hope that all vendors of network connected devices are as serious as SMA when it comes to security.

Thursday, August 10, 2017

Fuzzing Communication Protocols - Some Thoughts About a New Report

Have you heard about FUZZING?

Wikipedia explains:"Fuzzing or fuzz testing is an automated software testing technique that involves providing invalid, unexpected, or random data as inputs to a computer program. The program is then monitored for exceptions such as crashes, or failing built-in code assertions or for finding potential memory leaks. ..." Wow!

Is there any link to IEC 60870-5-104, OPC UA or IEC 61850? Yes there are people that have used the technique to test these and many other protocols.

The "State of Fuzzing 2017" report just published by SYNOPSIS (San Francisco) wants to make us belief that, e.g., the above mentioned protocols are weak and may crash easily. What?

The best is to read the report and my comments below. Other experts have commented similarly.

Click HERE to download the report.

Any kind of testing to improve IMPLEMENTATIONS of protocols is helpful. You can test implementations only – not the protocols or stacks per se.

One of the crucial questions I have with the fuzz testing report is: Which IMPLEMENTATION(s) did they test? Did they test 10 different or 100? Open source implementations only? New implementations or old? Or what?

Testing is always a good idea … more testing even a better approach. At the end of the day, customers have to pay for it (e.g., higher rates per kWh).

I would like to see more vendor-independent tests of any kind … but the user community must accept the higher costs. Are you ready to pay more? How much more would you accept to pay? 50%?

As long as vendors have the possibility to self-certify their products we will see more problems in the future.

Anyway: The best approach would be to use a different protocol for each IED … ;-)

What about testing the wide spectrum of application software? Not easy to automate … to fuzz.

You may have a protocol implementation without any error within one year … but an application that easily crashes … a holistic testing approach would be more helpful. IEC TC 57 WG 10 has discussed many times to define measures for functional tests … without any useful result so far. Utility experts from all over the world should contribute to that project – go and ask you manager to get approval for the next trips to New Orleans, Seoul, New York, Frankfurt, Brisbane, Tokyo, …  to contribute to functional testing. In case you do not attend – don’t complain in the future when IEDs crash …

The more complex an application is, the more likely it is that there will be serious and hard to find problems.

Crashing the protocol handler and application is one thing - what if they don’t crash but bad data gets through?

The report is a nice promotion for the fuzzing tools offered by Synopsis.
The last page states: "Synopsys offers the most comprehensive solution for building integrity—security and quality—into your SDLC and supply chain. We’ve united leading testing technologies, automated analysis, and experts to create a robust portfolio of products and services. ... our platform will help ensure the integrity of the applications that power your business."

Testing is very crucial and very complex. I hope that users of devices applying well known protocols in power system automation will soon better understand HOW important testing is - require various tests for devices they purchase and are willing to pay for it!
Start with an education phase as soon as possible - before it is too late.

Wednesday, August 9, 2017

Analysis Of The Malware Reportedly Used in the December 2016 Ukrainian Power System Attack

Senior experts of SANS ICS and E-ISAC have released a very good report:

ICS Defense Use Case No. 6:
Modular ICS Malware
August 2, 2017

This document contains a summary of information compiled from multiple publicly available sources, as well as analysis performed by the SANS Industrial Control Systems (ICS) team in relation to this event. Elements of the event provide an important learning opportunity for ICS defenders.

The sharing of this report is very much appreciated. It is very rare to get such a professional publicly available analysis about a significant and terrifying event in the control system world.

The report closes with this very important statement:

Defenders must take this opportunity to conduct operational and engineering discussions as suggested in this DUC and enhance their capabilities to gain visibility in to their ICS networks and hosts. The community must learn as much as it can from real world incidents and not delay; we expect adversaries to mature their tools and enhance them with additional capabilities.

I recommend you to study this document and get trained by the real experts - for the good of your country! Don't accept the decision of your HR ... not providing you the budget for training. Quite often HR managers believe that our systems are secure - no need for training on security, communication standards, etc.

Click HERE for the full report.

By the way, the SCADASEC blog (as a crucial platform for ICS defenders and other people) is a nice place to visit, discuss and learn issues related to the topics discussed in the paper.

Tuesday, August 8, 2017

Draft for Role Based Access Control (RBAC) Published (IEC 62351-90-1)

IEC TC 57 published the IEC TR 62351-90-1 Draft for Role Based Access Control (RBAC) [57/1905/DTR]:

IEC 62351 Data and communications security –
Part 90-1: Guidelines for handling role-based access control in power systems

The voting period closes on 2017-09-29.

"The power system sector is adopting security measures to ensure the reliable delivery of energy. One of these measures comprises Role-based Access Control (RBAC), allowing utility operators, energy brokers and end-users to utilize roles to restrict the access to equipment and energy automation functionalities on a need-to-handle basis. The specific measures to realize this functionality have been defined in the context of IEC 62351-8. It defines 3 profiles for the transmission of RBAC related information. This information is, but not limited to, being contained in public key certificates, attribute certificates, or software tokens. Moreover, especially for IEC 61850, it defines a set of mandatory roles and associated rights. The standard itself also allows the definition of custom roles and associated rights, but this is not specified in a way to ensure interoperability."

Data and communication security is a crucial issue in the communication between multiple IEC 61850 clients and an IED with a single IEC 61850 Server. The administration of the roles and further behavior requires a highly complex (centralized!?) administration and a complex functionality in each IED implementing RBAC.

The following aspects have a big impact on implementations:
  1. TCP/IP Networking,
  2. General security measures like TLS,
  3. RBAC, 
  4. MMS,
  5. IEC 61850 Services, Models and Configuration, and
  6. Power system functionalities (key for the power delivery system) on top
The bulk of resources needed are mainly independent of the MMS protocol and services. People that want to use other protocols cannot really expect that the cost for getting secure communication and data will be lowered - the most efforts are related to non-protocol issues.
The second, third, fifth, and sixth bullet are most crucial.
In addition to the cost of implementing RBAC (including the other required parts of the series IEC 62351) one has to understand that the operation, management, engineering, and configuration of RBAC consumes a relatively huge amount of resources of the embedded controllers or other platforms.
That is one of the crucial reasons why many IEDs installed today cannot (and likely will not) be upgraded for measures defined in the IEC 62351 series.

Recommendation: As soon as possible get started to understand the impact of the measures defined in IEC 62351 and how to implement some or many of these measures.

Related documents of the series IEC 62351 IEC/TS 62351, Power systems management and associated information exchange – Data and communications security – are:

Part 1: Communication network and system security – Introduction to security issues
Part 3: Communication network and system security – Profiles including TCP/IP
Part 4: Profiles including MMS
Part 5: Security for IEC 60870-5 and derivatives
Part 8: Role-based Access Control

Monday, August 7, 2017

IEC 61850, Sensors, and Cyber Threats

Sensors all over will be more important in the future: First to automate processes and second to monitor the automation systems.
The other day I found a very serious report on compromising automation systems under the title:

ICS cyber threats are morphing into compromise of plant functionality – do we have the right tools? 

The report by Joe Weiss is worth to read.

Click HERE for reading the complete report.

The discussion is about compromising an actuator (Valve, ...)  and let the physics do the damage!

Joe resumes: "Without sensor monitoring, it is NOT possible to see the precursor to these kinds of conditions until it is too late."

I have discussed the reported issues with an expert of valves in industrial process control applications. He confirmed that the cavitation (bubble or Wasserblasen) effect is known for long. But there are only a relatively few applications of (vibration) sensors installed to measure the noise produced by cavitation (see video at Youtube) to figure out that something is going wrong.

IEC 61850 has a bunch of models and services to support sensors:

and event reporting:

The quality attributes that come with all values could be used to flag that the value is valid or not. Additionally the sensor may have a health problem (figured out by a diagnosis routine) that can be reported using the TTMP.EEHealth.stVal attribute (EE - external equipment).

All models and services have to rely on good hardware and software! Or we get: Garbage in - Garbage out!

In our seminars and hands-on training courses we discuss these and many other topics in detail.

IEC 61850 Europe 2017 Conference and Exhibition in September 2017

The largest conference and exhibition on IEC 61850 and related topics invites you:

Multi-Vendor Multi-Edition IEC 61850
Implementation & Operation
3-Day Conference, Exhibition & Networking Forum
26-28 September 2017 
Novotel Amsterdam City
The Netherlands

Now firmly established as the European end-user forum for IEC 61850 experts and implementation leaders, this dedicated 3-day conference, exhibition and networking forum provides the information, inspiration, and connections you need to propel your IEC 61850 deployments further faster!

This year’s end-user driven programme explores the opportunities and challenges presented by sophisticated multi-vendor multi-edition IEC 61850 implementation, operation and maintenance. Utility experiences of advanced functionalities such as Process Bus, GOOSE Messaging, PRP & HSR, and Time Synchronisation are evaluated in the context of digital substations, as well as inter-substation, substation to SCADA systems, substation to metering infrastructure, and substation to DER.

Click HERE for the details of the event.

Attending this conference will give you a flavor of the market for IEC 61850 based systems.

After the conference you may have a lot of questions and my look for some senior experts that will guide you vendor-independently into the magic of the standard series.

Please have a look what kind of training FMTP and NettedAutomation offer you in October and December 2017 in Karlsruhe (Germany).

ENTSO-E Just Published a New Update on Activities Related to IEC 61850

ENTSO-E is actively supporting the application of IEC 61850.

They believe that "The IEC 61850 Standard for the design of electrical substation automation addresses many crucial aspects of TSO communications, data modeling and engineering in order to reach seamless interoperability of different vendors’ subsystems within the TSO system management architecture."

ENTSO-E published an Update on their activities related to IEC 61850 in July 2017.

ENTSO-E Ad Hoc Group IEC 61850 continued to intensively work on the improvement of the IEC 61850 standard interoperability on two main domains:
  1. At information level (data semantic), the development of the ENTSO-E profile through the Interoperability Specification Tool (ISTool)
  2. At engineering level, by consolidating ENTSO-E requirements that have been formalized into a DC (Document for Comment), approved through the IEC National Committees (NC) voting process, and now encapsulated in the action plan of several task forces of the IEC TC 57 WG10
Click HERE for reading the complete the report.

Comparison of IEC 60870-5-10x, DNP3, and IEC 60870-6-TASE.2 with IEC 61850

In 2008 I published the 3rd version of the document:

Comparison of IEC 60870-5-101/-103/-104, DNP3, and IEC 60870-6-TASE.2 with IEC 61850

This is really the most downloaded document since then - and still in 2017!

Click HERE for getting a copy.

It is interesting that so many people are still interested to see the difference between IEC 61850 and the other IEC TC 57 standard series.

Now, in 2017 we have learned that IEC 61850 goes far beyond the other standard series.

The RTU standards like 104 or DNP3 are still in widespread use. Utilities are expecting that many vendors of RTUs will start to discontinue to supporting these standards.
That is one of many reasons why more utilities are starting to get involved in understanding IEC 61850.

IEC PC 118 Has Published Two CDV Documents Dealing With Smart Grid Communication

IEC PC 118 "SMART GRID USER INTERFACE" has published two new CDV documents available for PUBLIC comments:

Systems interface between customer energy management system and the power management system – Part 10-1: Open Automated Demand Response [118/75/CDV] with 87 pages

Systems interface between customer energy management system and the power management system – Part 10-3: Adapting smart grid user interface to IEC CIM [118/76/CDV] with 27 pages

Both CDV (committee draft for vote) are accessible for PUBLIC comments (

These documents of IEC PC 118 are likely to have an impact on the work done and under development of IEC TC 57 and IEC TC 65. With your comments a duplication of work may be prevented.

Please use the opportunity to provide your comments through the IEC channel.

IEC 61850-90-9 Models for Electrical Energy Storage Systems

IEC 61850 Part 90-9: Use of IEC 61850 for Electrical Energy Storage Systems is progressing these days. The latest draft describes the basic functions of Electric Energy Storage System (EESS) and the information model of the interface to integrate EESS in intelligent grids and establish the necessary communication with standardised data objects. The next official draft is expected to be published soon.
This draft  is  connected  with  IEC 61850-7-420,  as  well  as  IEC 61850-7-4:2010, explaining how the control system and other functions in a battery based electric energy storage unit utilizes logical nodes and information  exchange services  within the IEC 61850 framework to specify the information exchanged between functions as well as information that individual functions need and generate. The first Edition of IEC 61850-7-420 provides an information model for batteries which was derived from the proposed data objects of part 7-4. Those data objects follow the requirements of batteries that are supposed to be used in substations as an auxiliary power system and as backup power supplies. For this purpose it was sufficient to only model the discharge function. Therefore it is necessary to prepare new logical nodes to be applicable for grid connected electrical energy storage systems.
This draft provides necessary information within 61850 based object model in order to model functions of a battery based electrical energy storage system as a DER unit. For intelligently operated and/or automated grids, storing energy for optimising the grid operation is a core function. Therefore shorter periods of storing energy with charging and discharging capability is also an indispensable function. Charging and discharging operations need to be modelled thoroughly and are in the focus of this technical report.

The draft lists several use-cases found in the real world:

UC1 Retrieve current status and capabilities of EESS
UC2 Set charging power to EESS
UC3 Set discharging power to EESS
UC4 Set Operating mode/ schedule  to EESS
UC5 EESS Alarm / Asset Monitoring

UC1 current capability /status information as an example:

1-2-1 EESS Generic Status Reporting
•  ES-DER on or off
•  Storage available or not available
•  Inverter/converter active power output
•  Inverter/converter reactive output
•  Storage remaining capacity (% and/or kW)
•  Storage Free capacity (% and/or kW)

1-2-2 EESS inverter /converter status
•  Current connect mode:  connected or disconnected at its ECP
•  Inverter on, off, and/or in stand-by status: inverter is switched on (operating), off
(not able to operate), or in stand-by
•  mode, e.g. capable of operating but currently not operating
•  DC current level available for operation: there is sufficient current to operate
•  Value of the output power setpoint
•  Value of the output reactive power setpoint
•  Value of the power factor setpoint as angle (optional)
•  Value of the frequency setpoint (optional)

1-2-3 EESS (battery) internal status
 •  Amp-hour capacity rating
•  Nominal voltage of battery
•  Maximum battery discharge current
•  Maximum battery charge voltage
•  High and Low battery voltage alarm level
•  Rate of output battery voltage change
•  Internal battery voltage
•  Internal battery current
•  State of charge (energy % of maximum charge level)
•  Reserve (Minimum energy charge level allowed, % of maximum charge level)
•  Available Energy (State of charge – Reserve)
•  Type of battery

1-2-4 Power measurements
•  Total Active Power (Total P): Value, High and Low Limits
•  Total Reactive Power (Total Q): Value, High and Low Limits
•  Average Power factor (Total PF): Value, High and Low Limits, and averaging time
•  Phase to ground voltages (VL1ER, …): Value, High and Low Limits

More to come ...

Wednesday, July 26, 2017

IEC TC 88 Published Edition 2 Documents for the Series IEC 61400-25

IEC TC 88 has published the edition 2 of the following two parts of the series IEC 61400-25:

IEC 61400-25-4: Wind energy generation systems -
Part 25-4: Communications for monitoring and control of wind power plants -
Mapping to communication profile
The mappings specified in this part of IEC 61400-25 comprise:
  •  SOAP-based web services,
  •  OPC/XML-DA,
  •  IEC 61850-8-1 MMS,
  •  IEC 60870-5-104,
  •  DNP3.
Click HERE for the Preview.

IEC 61400-25-6: Wind power generation systems -
Part 25-6: Communications for monitoring and control of wind power plants -
Logical node classes and data classes for condition monitoring

Click HERE for the Preview

Note that the mapping to MMS according to IEC 61850-8-1 is the most used communication protocol for applications in the Wind Power Industry.
The modeling approach and the models are now in general compatible with those defined in IEC 61850-7-x. This is a major step forward.
General gateway solutions for IEC 61850 could be used for wind energy generation systems to bridge from Profibus, ProfiNet, Modbus, CAN bus, ... to IEC 60870-5-104 or IEC 61850-8-1.

Friday, July 21, 2017

Data and Communications Security: IEC TC 57 Just Published IEC 62351-7

IEC TC 57 just published IEC 62351-7:2017:
Power systems management and associated information exchange - Data and communications security - Part 7: Network and System Management (NSM) data object models

IEC 62351-7:2017 defines network and system management (NSM) data object models that are specific to power system operations. These NSM data objects will be used to monitor the health of networks and systems, to detect possible security intrusions, and to manage the performance and reliability of the information infrastructure. The goal is to define a set of abstract objects that will allow the remote monitoring of the health and condition of IEDs (Intelligent Electronic Devices), RTUs (Remote Terminal Units), DERs (Distributed Energy Resources) systems and other systems that are important to power system operations. This new edition constitutes a technical revision and includes the following significant technical changes with respect to IEC TS 62351-7 (2010): NSM object data model reviewed and enriched; UML model adopted for NSM objects description; SNMP protocol MIBs translation included as Code Components.
The Code Components included in this IEC standard are also available as electronic machine readable file.
Click HERE for the Preview.
Click HERE for the Code Components.
The standard series IEC 61850 will also come with Code Components when the various 7-x parts will be published as International Standard. This will ease the development and maintenance of engineering and configuration tools ... tremendously.
Check HERE for Code Components ... coming later in 2017 or 2018 ...

Again Security: How do you Protect your Industrial Control System from Electronic Threats?

Industrial Control System (ICS) need to be protected from Electronic Threats - one of the most crucial challenge yesterday, today, and in the future. Joseph Weiss (PE, CISM - one of the real senior experts in the field) uses the term “electronic threats” rather than cyber security because there are many electronic threats to Industrial Control Systems beyond traditional cyber threats (as he says).

Joe Weiss has written a book with more than 300 pages published in 2010 worth to study (and more important TO IMPLEMENT): "Protecting Industrial Control Systems from Electronic Threats"
List of contents:
  1. Industrial Control System Descriptions
  2. Convergence of Industrial Control Systems and Information Technology
  3. Differences between Industrial Control Systems and Information Technology
  4. Electronic Threats to Industrial Control Systems
  5. Myths
  6. Current Personnel Status and Needs
  7. Information Sharing and Disclosure
  8. Industrial Control System Cyber Risk Assessments
  9. Selected Industry Activities
  10. Industrial Control System Security Trends and Observations
  11. Industrial Control System Cyber Security Demonstrations
  12. Selected Case Histories: Malicious Attacks
  13. Selected Case Histories: Unintentional  Incidents
  14. Industrial Control System Incident Categorization
  15. Recommendations
As long as you can read this blog post you could assume that there is enough power for all computers involved in the chain from the server holding this bog to your computer.
When you will see the following message on your screen: "Sorry, we are out power!" don't worry that much - because the only message you CANNOT SEE ON YOUR SCREEN IS: "SORRY; WE ARE OUT OF POWER. No power no screen display. ;-) 
Click HERE for more details on the book.
I guess Joe would have spent another 100 or so pages to talk about IoT vulnerability if he would have written the book now. 
In a report published the other day by Wired you can read:
"On Tuesday, the internet-of-things-focused security firm Senrio revealed a hackable flaw it's calling "Devil's Ivy" a vulnerability in a piece of code called gSOAP widely used in physical security products, potentially allowing faraway attackers to fully disable or take over thousands of models of internet-connected devices from security cameras to sensors to access-card readers.
Using the internet-scanning tool Shodan, Senrio found 14,700 of XXXX's cameras alone that were vulnerable to their attack-at least, before XXXX patched it. And given that's one of the dozens of ONVIF companies alone that use the gSOAP code, Senrio's researchers estimate the total number of affected devices in the millions."
Click HERE for the full Wired report.
How long will you wait to implement more measures to protect your industrial control system?
Start now - latest next Monday.

Tuesday, July 18, 2017

IXXAT (HMS) Offers New POWERFUL Smart Grid Gateways for IEC 61850, IEC 60870-5, Profibus and more

Under the IXXAT brand, HMS delivers connectivity solutions for embedded control, energy, safety and automotive testing.
The new and very powerful IIoT gateways from HMS allow industrial equipment to communicate with power grids based on IEC 60870-5-104 and IEC 61850. In addition they also include Modbus TCP Client/Server and Modbus RTU Master/Slave

IXXAT SG-gateways...
  • enable easy remote control and management of electrical systems
  • allow to log and display application data and energy consumption
  • provide IEC 61850 client/server and IEC 60870-5-104 server support
  • have in-built Modbus TCP Client/Server and Modbus RTU Master/Slave interfaces
  • provide connectivity for CAN Bus, I/O, M-Bus, PROFIBUS, PROFINET and EtherNet/IP based devices
Click HERE for more details in English
Hier klicken für Details in Deutsch