IEC 61850 - What does Free allocation of the Logical Nodes mean?

Often people ask the question: Where should I allocate a specific function (and the corresponding Logical Node) in the hierarchy of: process, bay, substation, regional control center, central control center? 

In the following you will find some description from the Standard IEC 61850-5, a paper from 2001, a question I received the other day, my own brief answer to that question, and two answers from two good friends: Andrea Bonetti (Megger) and Joachim Lange (Solvay).

IEC 61850-5 (Communication requirements for functions and device models; Ed 2022) describes that the allocation is free to allow different architectures and levels were a function (respective a corresponding LN) can be allocated (means implemented).

Excerpt of Clause 9.2.1 Free allocation of Logical Nodes

"The free (arbitrary) allocation of functions or Logical Nodes respectively is not restricted to the common level structure."

The following excerpt of clause 10.1 Need for a formal system description is one of the crucial clauses in the whole standard series IEC 61850:

"Where the data is coming from (sending Logical Node) and is going to (receiving Logical Node), i.e. the static structure of the communication system, has to be engineered or negotiated during the set-up phase of the system. All functions in the IEDs have to know what data to send when and what data they need from functions in other IEDs to be able to fulfill their functions. To control the free allocation of functions respectively Logical Nodes and to create interoperable systems, a strong formal device and system description for communication engineering shall be provided. Such a description (System Configuration description Language) is defined in Part 6 of this standard (IEC 61850-6). This formal description shall also support the data exchange between different tools if applicable."

Be aware that the Logical Nodes are to be understood as a wrapper around a function. In most cases the function as such is behind the facade of the Logical Node. One exception is the Logical Node class FSCH (Schedule). The definition of FSCH contains a well defined state machine that is part of the function of a scheduler.

An old paper from the year 2001 may help you to understand the approach of IEC 61850

The Impact of the coming Standard IEC61850 on the Life-cycle of Open Communication Systems in Substations

By Lars Andersson, Klaus-Peter Brand, Wolfgang Wimmer; ABB Power Automation Ltd., Switzerland

Excerpt from the paper:

1. Free allocation of functions [KHS: and therefore free allocation of Logical Nodes]
2. Extension rules to support new functionality
3. Separation of communication from application issues in a well defined manner
4. Description of the station from the application communication point of view.

Click HERE for the paper published in the year 2001.

Question:

Hi Karlheinz,
I’m a system engineer with a question on IEC 61850 in substation automation.
In a ring with all IEDs and two RTUs, are the RTUs only SCADA gateways, or can they also host SAS control logic (e.g., with a T500’s basic logic capability)?
Should a SAS operate autonomously from SCADA or higher-level PLCs, and if so, should the IEC 61850 RTUs implement control logic for outage restoration, load shedding, etc., to ensure autonomy?

Answer from Karlheinz Schwarz

Dear xx,
Thanks for contacting me.
IEC 61850 is independent from centralized or decentralized approach. It depends on the philosophy of the utility how to architect the system. Functions could be in the multi-functional IED (Relay), bay controller, substation controller, SCADA, control center, ...
IEC 61850 may be used to run schedules in control IED right behind the electrical connecting point of a home, factory, ... using the LN FSCH - Scheduling.
In Germany we have the so-called FNN Steuerbox that uses schedules for limiting the power usage ...
Hope that helps.

Answer from Andrea Bonetti

IEC 61850 does not prescribe where control logic must be located (read it as the famous sentence "free allocation of the Logical Nodes").
The decision is up to the system designer and the utility’s operational requirements. If autonomy of the HV ring is desired, logic may be placed in RTUs, bay controllers, or other IEDs so that the system operates without SCADA. Any such requirement would come from utility or regulatory specifications, not from the IEC 61850 standard.

There is no IEC 61850 requirement that mandates where control logic must be located — whether in RTUs, IEDs, or higher-level systems.
IEC 61850 specifies how devices exchange information and how to engineer all of that (SCL engineering), not where the logic resides.
Whether the HV ring is autonomous is purely a system design choice defined by the utility’s operational philosophy, national regulations, or internal standards — not by IEC 61850 itself.
If autonomy is required (e.g., for outage restoration or load shedding without SCADA), the designer can choose to implement logic in RTUs, bay controllers, or other IEDs so they can function without higher-level supervision.
Obviously it depends also on the voltage level. Usually, higher voltage level –> less integration. Lower voltage level à more integration.
But there are exceptions to this rule like always.

Answer from Joachim Lange

In case of classical terminals, neither the terminal number nor the terminal function is defined in any standard. Personally, in case of CFC implication I use UDx baycontrol blocks, defining „my signals“ and a group with the  "GOOSE exchange" signals
- in case of blocking signals like in double busbar structures I do this as well, because I use busbar selective reverse blocking in dependance of position information,
- this means that disconnector positions enables/disables the blocking transmission to its circuit breaker protection.
It is even useful to avoid that a send out blocking signals triggers during test a not involved feeder.
Some grid companies use f.e. blocking signal in combination with breaker failure. This means when signal is not reset in time they trigger the breaker failure protection.
So the CFC function is really case wise.
We have in our house in the UD1 group all signals which are used for bay supervision.
Philosophy: I decentralise load shedding and automation functions into the bay control level ( discrete frequency / voltage levels with hysteresis).
Such bay controller measures autonomously its conditions.
I provide from above (Scada) the enabling/ disabling signals or mode selections ( power level ) or setpoint correction signals.
The advantage is that a single device failure may not impact a hole system.

Note that Andrea Bonetti (Megger), Joachim Lange (Solvay), Dr. Ghada Elbez (KIT), and I will conduct a comprehensive training starting 09.-13. March 2026 Karlsruhe (Germany) and 21.-25. September 2026 Karlsruhe (Germany).
We will provide the details in the next weeks. Stay tuned.

Here are the logos for that training:

Do you know the PAC World Magazine? You should!

The PAC World Magazine - "Protection, Automation & Control World" - is a great global forum for the corresponding community:

https://www.pacw.org/

There you will find great discussions and use-cases on IEC 61850 ... and hints you don't find in the standards! 

Another source of background information is buried in the IEC 61850 Tissue Database:

https://iec61850.tissue-db.com/default.mspx

Enjoy!

Critical Infrastructure Ransomware Dataset V 11.6 Available For Download

 Aunshul Rege announced the latest Critical Infrastructure Ransomware Dataset (Friday Nov 05, 2021):

"Dear all,

I hope everyone is doing well.

My team and I have updated our dataset of critical infrastructures ransomware incidents (CIRW) that have been publicly disclosed in the media or security reports. CIRW dataset version 11.6 now has 1066 incidents, which are assembled from publicly disclosed incidents between November 2013 and October end 2021. 

Also, community members can now submit a CIRW that you would like to see included into this dataset!

To download the dataset or submit a CIRW incident, please visit https://sites.temple.edu/care/ci-rw-attacks/. Please ensure that you enter your email address correctly, and note that we do not reply to personal email addresses (protonmail, gmail, etc.). And please give us a few days to respond to your request."

The Report "IT-Security-Situation-in-Germany-2020" describes three German ransomware cases:

1. Ransomware Attack on the Council Offices of a Mid-sized German City
2. Ransomware in Hospitals
3. Ransomware Attack on a University

Click HERE to access the Report [PDF, 1.72 MB] ... worth to read.

Hybrid Warfare Against Critical Energy Infrastructure: The Case Of Ukraine

A new 175 pages report
"Hybrid warfare against Critical Energy Infrastructure: The Case of Ukraine"
has just been published.

This study identifies and analyses the success of different hybrid warfare tools used by Russia in the Ukrainian energy sector between 2014 and 2017, namely different types of malicious acts against critical energy infrastructure, the implication of these events for Ukraine and the lessons to be learned for NATO security.

Click HERE for the full report [pdf, 6 MB]

Repository of Ransomware Incidents Against Critical Infrastructures

Aunshul Rege, Ph.D., Associate Professor Trusted CI Open Science Cybersecurity Fellow 2019 Department of Criminal Justice | Temple University

wrote today:

"I'd like to share a potentially useful FREE resource that my team and I have created. In September 2019, we started a repository of ransomware incidents against critical infrastructures. These are based on publicly disclosed incidents in the media or security reports. This repository now has 642 records assembled from publicly disclosed incidents between 2013 and June 2020. So far, we have had download requests from industry, researchers, faculty, undergraduate and graduate students, so we hope that this repository might be of use to this community.

Please visit https://sites.temple.edu/care/downloads/ to request a download. Funded by my NSF CAREER Award #1453040. "

The Version 9 of the repository (I received today) lists the following numbers of ransomware incidents:

2 for 2013
6 for 2014
9 for 2015
82 for 2016
99 for 2017
68 for 2018
202 for 2019
173 for 2010 (until 20 June)

The total amount paid is unbelievable high! Even most amounts are undisclosed!

It is unbelievable!

Again Security: How do you Protect your Industrial Control System from Electronic Threats?

Industrial Control System (ICS) need to be protected from Electronic Threats - one of the most crucial challenge yesterday, today, and in the future. Joseph Weiss (PE, CISM - one of the real senior experts in the field) uses the term “electronic threats” rather than cyber security because there are many electronic threats to Industrial Control Systems beyond traditional cyber threats (as he says).

Joe Weiss has written a book with more than 300 pages published in 2010 worth to study (and more important TO IMPLEMENT): "Protecting Industrial Control Systems from Electronic Threats"
List of contents:

1. Industrial Control System Descriptions
2. Convergence of Industrial Control Systems and Information Technology
3. Differences between Industrial Control Systems and Information Technology
4. Electronic Threats to Industrial Control Systems
5. Myths
6. Current Personnel Status and Needs
7. Information Sharing and Disclosure
8. Industrial Control System Cyber Risk Assessments
9. Selected Industry Activities
10. Industrial Control System Security Trends and Observations
11. Industrial Control System Cyber Security Demonstrations
12. Selected Case Histories: Malicious Attacks
13. Selected Case Histories: Unintentional  Incidents
14. Industrial Control System Incident Categorization
15. Recommendations

As long as you can read this blog post you could assume that there is enough power for all computers involved in the chain from the server holding this bog to your computer.

When you will see the following message on your screen: "Sorry, we are out power!" don't worry that much - because the only message you CANNOT SEE ON YOUR SCREEN IS: "SORRY; WE ARE OUT OF POWER. No power no screen display. ;-) 

Click HERE for more details on the book.

I guess Joe would have spent another 100 or so pages to talk about IoT vulnerability if he would have written the book now. 

In a report published the other day by Wired you can read:

"On Tuesday, the internet-of-things-focused security firm Senrio revealed a hackable flaw it's calling "Devil's Ivy" a vulnerability in a piece of code called gSOAP widely used in physical security products, potentially allowing faraway attackers to fully disable or take over thousands of models of internet-connected devices from security cameras to sensors to access-card readers.

Using the internet-scanning tool Shodan, Senrio found 14,700 of XXXX's cameras alone that were vulnerable to their attack-at least, before XXXX patched it. And given that's one of the dozens of ONVIF companies alone that use the gSOAP code, Senrio's researchers estimate the total number of affected devices in the millions."

Unbelievable!!
Click HERE for the full Wired report.

How long will you wait to implement more measures to protect your industrial control system?

Start now - latest next Monday.

How Much Will The Implementation Of Security Measures Cost?

Almost everybody is talking about security measures in the context of automation and communication systems in factories, power plants, substations, hospitals, ... Talking about the topic is one thing - what's about implementing and sustainable use of secure systems? Hm, a good question.
A news report published on June 13, 2017, under the title
"The “Internet of Things” is way more vulnerable
than you think—and not just to hackers
points out that many - maybe most - devices that communicate using internet technologies are not capable to carry the load needed for reasonable security measures. One paragraph referring to Joe Weiss (a well known expert) is eye-catching:
"Weiss believes that the first step in securing the IoT is to build entirely new devices with faster processors and more memory. In essence, hundreds of billions of dollars’ worth of machines need to be replaced or upgraded significantly."

Click HERE to read the complete report.

I would like to see - at least - more powerful platforms when it comes to new installations. Be aware that the cost of a new platform with implemented state-of-the-art security measures is one thing. Another thing is to implement a more centralized security infrastructures to manage the security.
IEC 62351-9 specifies cryptographic key management, namely how to generate, distribute, revoke, and handle X.509 digital certificates and cryptographic keys to protect digital data and its communication.
Primary goals of the series IEC 62351 are considered for the use of cryptography:

• Verifying the claimed identity of a message sender (authentication);
• Verifying that the sender has the right to access the requested data (authorization);
• Ensuring no one has tampered with a message during transit (integrity);
• Obscuring the contents of a message from unintended recipients (confidentiality);
• Associating specific actions with the entity that performed them (non-repudiation).

It is recommended for vendors and users to pay more attention to IEC 62351 (and other standards) and to listen carefully to the experts involved in protecting our infrastructures.
A reasonable white paper on the matter has been published by the BDEW (Germany): "Requirements for Secure Control and Telecommunication Systems".
Click HERE to access the BDEW white paper.
Click HERE for further information (some documents are in English).
Click HERE for a paper discussing the BDEW white paper.

When will Hackers Take Control Over Substations?

I guess most people belief that our power delivery infrastructure is very secure - yes, I agree that this is (still) the case. What's next? There are some publicly visible efforts to change this - obviously.
One of the attempts to approach the power delivery control systems has been made public the other day with the headline:
Attack on Critical Infrastructure Leverages Template Injection
"Attackers are continually trying to find new ways to target users with malware sent via email. Talos has identified an email-based attack targeting the energy sector, including nuclear power, that puts a new spin on the classic word document attachment phish. Typically, malicious Word documents that are sent as attachments to phishing emails will themselves contain a script or macro that executes malicious code. In this case, there is no malicious code in the attachment itself. The attachment instead tries to download a template file over an SMB connection so that the user's credentials can be silently harvested. In addition, this template file could also potentially be used to download other malicious payloads to the victim's computer."
Click HERE to read the full report.
Click HERE for NYTimes report.

What is a Critical Infrastructure?

According to Wikipedia:
"Critical infrastructure is a term used by governments to describe assets that are essential for the functioning of a society and economy - the infrastructure."

The first three infrastructures listed are:

1. electricity generation, transmission and distribution;
2. gas production, transport and distribution;
3. oil and oil products production, transport and distribution;
4. ...

Many other areas could be taken into account - all domains where we have some automation in one form or another you may or may NOT TRUST. So far we have trusted our teachers, our employers, our parents, our car, our friends, our banks, our electric power delivery system ... There seems to be a change coming step by step.

What could we all do about it? 

For our family we have just decided to install a 9,8 kWp Photo Voltaic system on our roof. This is - hopefully - a power harvesting machine we could trust ... as long as the sun is shining.

The latest issue discussed is on "Election Systems" according to the FederalNewsRadio:

"The Homeland Security Department is actively considering whether it should add the nation’s election system — or the individual systems that 9,000 local and state jurisdictions use to collect, tally and report votes — as an entity that needs DHS protection from cybersecurity attacks."

What if we put it all under the new term "Critical Everything" (CE)?
All depends on human beings we have to trust! I want to be such a person - my wife, my family, our friends, you, ... can trust.

When we engineers develop something, we should pay a lot of attention to make the "something" robust, safe, ... better safe than sorry.

Let's do our best in the interest of all our societies.

FERC is about to Strengthen the Critical Infrastructure Protection (CIP) Requirements

Security is (so far) likely the most crucial key word in 2016. We all want to live in a secure world with a secure power delivery system and many other infrastructures.
There are many rules set by well known standard setting organizations. One is the US Federal Energy Regulatory Commission (FERC). They have published the Critical Infrastructure Protection (CIP) Reliability Standards years ago. Usually the rules are improved after something serious happened. What happend some months ago? Yes, the Dec 23, 2015 cyber attack on the electric grid in Ukraine.
A lot of reports have been published recently.
FERC seeks comments (in this summer) on possible modifications to the CIP Reliability Standards - and any potential impacts on the operation of the Bulk-Power System resulting from such modifications - to address the following matters:

1. separation between the Internet and BES Cyber Systems in Control Centers performing transmission operator functions; and
2. computer administration practices that prevent unauthorized programs from running, referred to as “application whitelisting,” for cyber systems in Control Centers.

Click HERE to access the FERC Docket No. RM16-18-000 that has all the details.

Security standards are one measure to improve the protection of technical systems - but the most crucial issue is: TRUST! Trust is what it's really all about. I hope that all readers of this IEC 61850 blog trust me! I do my best!

By the way, the security requirements on paper or in a PDF document do not protect any system. It is the human beings (you can trust) that have to understand the complexity of the power delivery system, the software applications, communication, and administration of the hardware and software. This requires well educated people - educated in many different (or even all) domains -, sufficient resources, and decisions to implement what is needed.

Rene Descartes (1596-1650) understood it already very well what we have to do: "Hence we must believe that all the sciences are so interconnected, that it is much easier to study them all together than to isolate one from all others. If, therefore, anyone wishes to search out the truth of things in serious ernest, he ought not to select one special science, for all the sciences are cojoined with each other and interdependent."

And: Teamwork makes the dream work!

Stay safe!

How to Protect Electric Power Delivery Systems?

These days we see a lot of discussions on security in the domain of electric power delivery systems. One thing is for sure: The power delivery infrastructure is under heavy stress ... just to list a few issues:

1. Aging equipment (primary and secondary).
2. Increasing cyber attacks.
3. Increasing physical attacks.
4. Aging Workforce.
5. Political objective to reduce the rate per kWh of electric power consumed.
6. ...

A lot has been discussed recently regarding these and other issues.

Today I would like to have a brief look on the third bullet "Physical Attack". The Wall Street Journal (WSJ) published the other day a report on physical attacks of substations in the US: "Grid Attack: How America Could Go Dark". After reading these news I decided not to post anything about that report. But: When I got up this morning I read the (bad) news about the tragic attack on humans in Nice (France) last night with 80 people on the death toll of 80, I said to myself, I have to talk about these physical attacks.

First of all, our prayers are for the French people in general and especially for those that have lost one of their loved one, for those that are insured, and those that have experienced this attack.

Second, please read the WSJ report to understand the situation of our - partly very unprotected - electric power delivery system:

Click HERE for the report.

More or less the same could be reported about many substations worldwide.

Next time we may see a truck driving into a major substation, power plant, or high voltage transmission tower, ... How can we protect ourselves and the technical systems that are needed every second in our life?

2. Timothy 3:1-5 says: "1 But understand this, that in the last days there will come times of difficulty. 2 For people will be lovers of self, lovers of money, proud, arrogant, abusive, disobedient to their parents, ungrateful, unholy, 3 heartless, unappeasable, slanderous, without self-control, brutal, not loving good, 4 treacherous, reckless, swollen with conceit, lovers of pleasure rather than lovers of God, 5 having the appearance of godliness, but denying its power."

It is unlikely that all humans will understand the importance of the electric power delivery system (and other critical infrastructures) and to control themselves NOT TO TOUCH the system (AND of course other humans)! So, we have to do our best to better physically protect the crucial stations - which is better than do nothing. Attacks will continue to happen - but we have to spent more resources to increase the physical security.

We all have to accept the increase in your electric power bill - if we want to continue using power whenever we need it - 24/7. I hope that we learn better what the real value of our electric power infrastructure is for our daily life!

Security: A Never Ending or a not Yet Started Story?

Everybody talks about security! Who is working on it? Some people are working on meeting compliance requirements like those defined in NERC CIP. Very few are dealing with measures to make and keep systems secure.

What's the difference between compliance and security? Does being compliant also mean being secure? NO – not at all. Being compliant may let you sleep better …

Two excellent publications touch on these issues:

1. NERC CIP v5 Suggests Compliance Does Not Equal Security

2. What effective legislation would you write for CI ICS

The first article closes:

“Compliance means you won't be fined. Security means you won't end up in the headlines. A friendly security suggestion would be to look beyond CIP compliance and use it as a baseline for your security policies.”

and the second:

“Hopefully, industry can get behind some sort of meaningful control system
security legislation before we end up with a catastrophic attack on a control
system.”

Since most people likely not yet have tried to implement security measures … the following sign (I purchased the other day) wouldn’t help either:

Try it again or the first time. But don’t give up before you have a process for a higher level of security in operation. And never give up to improve.

What about security for SCADA systems?

Since the early 80s we have discussions on open systems. I remember well people saying in 1984: If you want open systems – you must be crazy. True! If you don’t shut the doors of the access and let only those in that are allowed to.

There are measures to secure the access – but they have to be implemented and used. There are a lot of concerns about embedded systems on the internet and security.

Read this up-to-date story – and you may not sleep tonight:

Journalists warned system owners and Norwegian NSA of 2500 critical data flaws

How two journalists set out on a mission to test the data security in the whole of Norway

Excerpt:

“Thus far, they have found:
• 290 vulnerable control systems, in banks, schools, nursing homes - and a military camp
• 2048 surveillance cameras in private homes, night clubs, shops and restaurants
• 2500 control systems connected to the Internet with minimal or no security
• 500 of these control industrial or critical infrastructure
• Thousands of data bases and servers that give away content without passwords

These are all found in Norway. Guess if it is any better in your country?”

Click HERE for the report.

And YOU? Become more serious about security!!! For the good of you and all of us – all over.

And do not blame IEC 61850 not providing security measures! It has: IEC 62351 shall be applied – but you gave to do it! Do it!

http://blog.iec61850.com/2015/02/standard-iec-62351-3-communication.html

High Level of Interoperability of Devices in the Power Utility Domain

There are no (almost no) competing solutions in reaching interoperability of monitoring, protection and control devices in the various areas of the power delivery domain. There is no need for a (FERC, EU, …) mandate for interoperability standards ... we have already a high level of interoperability and acceptance of standard families like IEC 60870-6 ICCP, IEC 61968/70, IEC 61850, IEC 61400-25, IEC 62351, ... for the process and for the control center level in transmission, distribution, and generation.

Compare it with the international Field Bus standard IEC 61158 – there are little competing international standards for field busses!! YES!! BUT: There are some 60 solutions competing in ONE SINGLE standard: IEC 61158. See:

http://blog.iec61850.com/2008/10/iec-fieldbus-edition-2008.html

Have you ever seen such a (non) standard? I have seen it when I took the photo of the stack on my desk in my office in 2008! ;-)

We could be very lucky in the power utility world!!

I am happy to read FERC’s encouragement of “…utilities, smart grid product manufacturers, regulators, and other smart grid stakeholders to actively participate in the NIST interoperability framework process to work on the development of interoperability standards and to refer to that process for guidance on smart grid standards.”

Smart(er) grids need to be build on interoperable standards – Because there is one huge interconnected, interoperable application to be monitored, protected, and controlled: The interconnected power delivery system. The largest machine globally is the European interconnected system. So, interoperability (of the electric power system) is a key objective in the power world.

We need standards for IEDs that are as interoperable as a power generator (or inverter) from Alstom and a transformer from Siemens producing 400/230 V and 50 Hz and a hair dryer from GE that consumes 230 V and 50 Hz.

Electrical Engineers should understand the need of interoperability of IEDs. Just require the same for monitoring, protection and control IEDs.

How to Secure the Smart Grid Network Infrastructure?

Andrew K. Wright, Paul Kalv, and Rodrick Sibery have published an excellent paper with the title "Interoperability and Security for Converged Smart Grid Networks".

The conclude: " While modern computing and technologies are now widely used throughout control centers and utility enterprise environments, field communications equipment largely uses outdated technologies. By deploying a converged smart grid network, utilities like ... can modernize their communications infrastructure, deploy new applications such as AMI and Distribution Automation, and adopt an architecture that is based on standards and supports interoperability based on Internet Protocol. Interoperability will allow them to replace individual subsystems that become out of date as technology evolves, without requiring forklift upgrades. Converged smart grid networks will require strong logical separation of traffic to ensure security of smart grid applications, and this will be best provided by a defense-in-depth architecture that considers security across all layers of the IP stack."

Click HERE for downloading the excellent paper [pdf, 1.5MB]

Recall the following statement I posted the other day "NAMUR expects that this clear statement and the requirements formulated will enable all those involved in the standardisation process to work together constructively with a view to achieving a converged [added by Karlheinz - Wireless Fieldbus] standard.")

Click HERE for the discussion of the Wireless Fieldbus (NAMUR, ...).

From the view point of information models, configuration Language, information exchange services and (IP-based) protocols we have reached a very high level of convergence with IEC 61850 - including the security measures as defined in IEC 62351.

NERC - Supports IEC 61850 to keep the Transmission and Distribution Grid reliable

NERC (North American Reliability Corporation) has just published an interesting comprehensive analysis of the impact of Smart Grids on the reliability of the transmission grids:

Reliability Considerations from Integration of Smart Grid
December 2010

The report recommends that the interoperability of devices and systems is one of the crucial issues in future electric power systems - including industrial sites and buildings. There is obviously one standard that supports the interoperability to a high extend on all voltage levels: IEC 61850.

On page 82 the report states: "An important example of why smart grid standards need to recognize the interoperability between equipments used in transmission and distribution, is the requirement of mapping of Distributed Network Protocol 3 (DNP3) with IEC 61850. DNP3 is the legacy communication protocol that is followed for large volume data exchanges between equipment. However, IEC 61850 is recognized to be a better standard suited for smart grid communications. To bridge the gap between the legacy DNP3 protocols and the newer IEC 61850, a mapping is required when exchanging certain data types. The goal is to ensure that data are seamlessly transported between devices regardless of their adopted communication standards. DNP3 has recently been adopted in IEEE Standard 1815. An IEEE standard and an SGIP PAP working group are currently supporting the mapping effort between IEC 61850 and the IEEE 1815/DNP3 standards."

Click HERE to download the full NERC report.

Free Cyber Security Training

Several Cyber-Security Training courses are now available on the TEEX Domestic Preparedness Campus. This DHS/FEMA Certified Cyber-Security Training is designed to ensure that the privacy, reliability, and integrity of the information systems that power our global economy remain intact and secure.

The 10 courses are offered through three discipline-specific tracks targeting everyday non-technical computer users, technical IT professionals, and business managers and professionals.

These courses are offered at no cost and students earn a DHS/FEMA Certificate of completion along with Continuing Education Units (CEU) at the completion of each course.

Click HERE for more information and how to use the material.

System Control & Supervision - and Peopleware

The Washington Post reported on October 23, 2010, that the lack of training could cause very severe situations in the energy transmission and distribution systems. The recent event of the San Bruno gas pipeline burst (that killed several people) has "speed up adoption of a rule to ensure that workers doing similar jobs at companies across the country are well-trained ...".

"If somebody is not trained, it could be very dangerous. If they don't properly respond to an alarm situation, it can cause an explosion. It can
cause leaks. The damage could be very large."

"Although pipeline companies boast an impressive array of technology, he said, at many such firms, "there is a lack of recognition that people
have to operate that equipment.""

My experience after training of more than 2.000 people form more than 500 companies and more than 50 countries with regard to advanced communication and information systems using IEC 61850 is this: There is a very huge lack of recognition that people have to design, engineer, commission, operate, diagnose, and maintain these comprehensive and complex systems in substations and many other applications. More often I see the following: Utilities purchase turnkey systems - without having their own technical people (from the field with many years experience in the power system) consulted or trained to work with the new technology. One year later when the warranty is finished, they have to take over the full responsibility for the whole system! Good luck!

Impact of IEC 61850 on System Engineering, Tools, Peopleware and the Role of the System Integrator: more on that issue in a [paper] and on [slides]

Click HERE for the full report in the Washington Post.

Security: Hackers to take control of Power System Automation?

Security is one of most crucial aspects in Power System Automation - in order to keep to power flowing. Hackers have started to take over control of critical infrastructures like power plants using Windows operating systems.

According to AP "The latest computer worm, dubbed Stuxnet, was an even more alarming progression. Now hackers are creating codes to actually take over the critical systems."

Click HERE to read more details.

It is highly recommended that intelligent devices that will be used to make the Power Systems smarter use the needed security measures. One of the key issues is that people deciding on how much money should be spend to ruggedize the systems are willing to develop the measures; and people that purchase devices only when they are secure.

Crucial Impact on Power System Automation

While the power industry is struggling with the retiring workforce as well as educating and recruiting power system engineers (see IEEE Power & Energy Magazine issue 7/8 2010) there are two other crucial influences on power systems on my radar screen:

• Manufacturers of (non-utility) Industrial Automation Systems
• Manufacturers of (non-utility) IP Network Infrastructures

Whoever wants to make his living from building a future Smart(er) Grids has to keep in mind that such smart(er) networks are power systems - that still need being designed, build, operated, and maintained by smart power system engineers.

The 11th VDI Congress on Automation Technology in Baden-Baden (Germany) May 2010 had a very interesting motto "Leading through Automation". Manufacturers of products and systems for industrial Automation applications are proud of their success in automation of factories (car production, machines of any kind, chemical processes, ...). There was not that much to automate in the power (distribution and distributed generation) systems - so far. That seems to change all in a sudden: The discussions and activities in the domain of power systems to implement smart(er) grids has infected the industrial automation experts.

During the last 20 years there was very little automation in the power industry influenced by factory automation vendors and their solutions. This will change in a fast pace: One of the leading experts (Roland Bent, CEO of Phoenix Contact) stated during the VDI Congress that the market for automation systems in the utility domain (electric power, water, ..., clean and green technologies) will be three times bigger in 2030 than today's factory automation.

There is the second crucial influence on the future of utility systems: The industry that offers the IP Network infrastructure for smart(er) grids. Read how, e.g., CISCO sees the future: "The smart grid promises a more efficient way of supplying and consuming energy. In essence, the smart grid is a data communications network ...".

CISCO states also that IEC 61850 plays a major role in the future: "The existing supervisory control and data acquisition (SCADA) and remote terminal unit (RTU) systems located inside the substation cannot scale and evolve to support next generation intelligence. Since flexible IEC 61850–compliant intelligent electronic devices (IEDs) and utility-grade
rugged IP routers and Ethernet switches have become more widely available, many utilities are now ready to transform their communications networks from serial to IP-based communications." With a single standard they can sell their standard-compliant products all over! They do not need to develop and maintain tenth of solutions. This benefit of a single protocol stack (IEC 61850) is also what IBM and other IT companies like.

Click HERE for the white paper from CISCO on their vision to build smart(er) grids.

So, the utility industry will soon see a lot of new solutions offered by companies experienced mainly in non-utility markets. I hope that the management in the utility domains understand that the future of the utility systems must be controlled by smart power system engineers!! And not mainly influenced by the focus on share holder value, general automation and network infrastructure.

The future of the automation in the smart(er) grids requires TEAMWORK of many disciplines - led by smart power engineers. One of the crucial tasks is to get more education on topics like Network Infrastructure and IEC 61850 for power engineers. Since IEC 61850 is much more than any of the field busses or DNP3 it requires comprehensive education by well experienced trainers.

The power engineers have to take care that the utility automation systems will not be flooded by a myriad of field busses from the industrial automation domain (see discussion on IEC Fieldbus). Getting cheap automation devices with one of the many different fieldbusses does not automatically mean to get low life-cycle cost!

Smart People are the most crucial asset for Smart Power Systems