Communication Network Interdependencies in Smart Grids: A comprehensive Study

Communication network interdependencies in smart grids is a crucial issue to be discussed in the context of the European Market.The European Union Agency for Network and Information Security (ENISA) has just published a comprehensive report on the above issue.

The main concerns that were expressed by the 20+ experts involved can be sorted into two main categories, technical recommendations (1./2.) and organizational recommendations (3.):

1. Regarding smart grid devices, these devices are now exposed to different networks, and therefore their periodic update becomes essential in order to ensure that they are protected against the latest threats that appear. Furthermore, these devices should also implement by default security measures to protect them (such as authentication, encryption or frame counters), as implementing such measures in the deployment phase is much more costly and does not reach the same level of security.
2. Regarding the communications interdependencies, the main concern is with the protocols used on the smart grids. There is an urgent need to harmonize the current situation by establishing common interconnection protocols to be used by all devices, and ensure that these protocols implement by default enough security measures to protect the data whilst it is in transit (such as encryption or mutual authentication).
3. Finally there is the need to align policies, standards and regulations across EU Member States to ensure the overall security of smart grids. This is now even more important due to the risk that cascading failures can cause; as smart grid communication networks are no longer limited by physical or geographical barriers, and an attack on one country could translate into another.

Recommendation 2 states: Manufacturers and vendors should foster intercommunication protocol compatibility between devices from different manufacturers and vendors. Currently, many manufacturers and vendors, due to the lack of standards, make use of their own proprietary protocols and communication systems for the intercommunication between their devices. 

The experts state: There are several common technologies and protocols that are used for the intercommunication between these devices and the rest of the transmission grid network. One of the most relevant ones is the IEC 61850 protocol family, which is applicable to this grid section. 

Ok! I fully agree with these statements!

Click HERE for the full report [pdf, 50+ pages].

The First Official IEC 61850 Edition 2 Client Certificate Goes to? - Siemens

Siemens is the first company in the world to receive an IEC 61850 Edition 2 client certificate, issued by DNV GL on behalf of the UCA International User Group (UCA), for their SICAM PAS/PQS system (basically a PC application that acts as a 61850 client).

Click HERE for the news.

There are other vendors underway to get an IEC 61850 Edition 2 client certificate. TÜV SÜD (Munich) has also been accredited for testing conformance of Edition 2 clients.

More to come. Stay tuned.

UCAIUG Interoperability Report (Munich 2013) available – And Now?

IEC 61850 defines Modeling Methods, Information Models, Abstract Services, Service Mapping to MMS, Configuration Language to specify a whole System composed of several substations et cetera. Some 10 years after the publication of the first edition of the core parts (3, 6, 7-1, 7-2, 7-3, 7-4, 8-1 and 9-2) we expect the edition 2.1 of the core documents early 2014. There is a lot of progress during these 10 years of applications!

The well accepted tissue process has helped to increase the consistency of the various parts of the series and to help to reach a high level of conformity of devices and tools:

www.tissues.iec61850.com

In addition to Conformance tests it is obvious that Interoperability is one of the crucial issues that is expected by the users community. Many organizations are involved to further increase the Interoperability between the products provided by many vendors. One major step towards a higher level of interoperability is the UCAIUG Interoperability Test Session that was conducted at TÜV SÜD (Munich, Germany) the week of 27. October – 01. November 2013.

Click HERE to download the 240 page Report [pdf, 5.8 MB].

One of the crucial lessons I (and many other experts) have learned trough my long-term involvement in the standardization groups and more than 200 training courses is this: In case you are planning to use the new (IEC 61850) Technology in one of your next projects:

1. Get education and training from neutral trainers
2. Purchase or lent the devices and tools you are about to use in the real world: protection & control devices, SCADA systems, RTUs, Network Infrastructure like Switches and Routers, and Tools … and test them as a kind of “Multivendor Interoperability Test”
3. You can speed up this process by cooperating with FMTP Power Systems and NettedAutomation: They could come to you and provide the most well known and used devices and Tools and introduce Theory and Practice!!
   This helps to keep the cost low – you don’t need to figure out what to purchase … and how to use the Technology when you start.
   You would get the right support for a fast start … the most efficient way!

Please check these dates and locations:

Special Protection & Control Hands-On Training: 08.-10. Dec 2014 in Prague (Czech Republic)	Click HERE for the details
Special Protection & Control Hands-On Training: 16.-19. December 2014 in Guayaquil (Ecuador):	Click HERE for the details [pdf]
Common Hands-On Training in German: 24.-26. November 2014 (Karlsruhe) 12.-14. Januar 2015 (Karlsruhe) 23.-25. März 2015 (Karlsruhe)	Click HERE for more details

I look forward to meeting you there.

TÜV SÜD offers tests for IEC 61850 Client, Server, publisher, and subscriber

TÜV SÜD (Munich, Germany) offers a wide range of testing services covering all crucial aspects to help you reaching a high level of interoperability of your device with other devices.

Their services could reduce the risk of non-interoperation on site dramatically! They have experience with edition 1 and edition 2 of the IEC 61850 core parts as well with IEC 61400-25.

Click HERE for a brochure that describes what they offer.

Note that they cover much more than just certification conformance tests. They offer a comprehensive range of support.

Do we need Blackouts to Expose Flaws in the Grid?

From the viewpoint of a engineers: No! There are many engineers or other technicians that are aware of the condition of the whole system – including the aging work force. From the viewpoint of many people in charge to make decisions to invest or not to invest: Yes!

The New York Times published yesterday an article about the biggest power outage in the history of Northern America: the 2003 blackout. Since then a lot has improved – enough to keep the power flowing at mid November 2013. Is it enough for the years to come? We will see if the improvements payoff or not.

The article states: “The improvements were ideas that engineers had always liked, but had trouble persuading utility executives and public service commissions to pay for.”

Click HERE to read the article.

I hope that the voice of the engineers will convince more decision-makers to allocate sufficient resources for keeping the aging power infrastructure running, the power flowing, the grass green, and the sky blue.

Some 10 years after the first substation automation systems have been equipped with IEC 61850 based devices, a lot of smart engineers see the need to invest into defining a second layer on top of the standards and the many options they provide. This second layer could be named: Interoperability Profile Specifications. The standards comprise several hundred of options (in models, services, and extensions) that lead to a proliferation of implementations. A growing number of engineers is struggling to let two or more devices from multiple vendors understand each other.

I look forward to seeing more decision-makers from all stake-holders to provide the needed resources for the development of Interoperability Profile Specifications.

I always say in my courses that IEC 61850 is very scalable – BUT YOU have to SCALE each and every device! Scaling needs to be done in a way that for a given application ALL devices apply THE VERY SAME SCALE!! The scales have to be negotiated and applied by all participants of a system.

When does the users community want to get there? If the answer is: as soon as possible – you should invite experienced people to help you.

New IEC 61850/UCAIUG Test Labs accredited

17 Aug 2013
Level A - IEC 61850 Server
Korea Electrotechnology Research Institute (KERI)
111, Hanggaul-ro, Sangnok-gu, Ansan-si,
Gyeonggi-do, 426-910, Republic of Korea

15 Oct 2013
Level A - IEC 61850 Client
Korea Testing Laboratory
87, Digital 26-gil, Guro-gu, Seoul, Korea

15 Oct 2013
Level A - IEC 61850 Conformance Testing for Edition 2 Server Products
KEMA Nederland B.V.
Utrechtseweg 310
6812 AR Arnhem

The number of tested and certified IEDs (2013-10-18):

  33 Clients (Ed1)
367 Server (Ed1)
   2 Server (Ed2)
  11 Merging Units (9-2LE)

Siemens Siprotec 5: IEC 61850 Edition 2 certified

The Siprotec 5 protection devices are the first devices of their kind on the market worldwide to be certified under IEC 61850, Edition 2. Thanks to the certification under IEC 61850, Edition 2, these Siemens products have the "future built right in," for long-term investment security.

All Siemens protection device series provide two new Ethernet redundancy protocols – HSR (high-availability seamless redundancy) and PRP (parallel redundancy protocol).

These new products prove that IEC 61850 is THE standard for energy delivery systems.

Click HERE for the press release.

More on Siprotec 5 could be found HERE.

Crucial Lessons learned from a MV Substation Project at a Huge Power Plant

Recently I discussed the issue of interoperability of IEDs in the context of a crucial non-interoperability problem of two vendors’ IEDs. Click here for the discussion.

Now, three months later, the utility has decided to replace two protection IEDs in summer 2013 in order to get fully interoperable IEDs for the power plant control system.

The whole process of discussing back and forth over a period of nine (9!) months has frustrated many engineers and other people involved in the project. We had meetings with almost 20 people from several companies involved – could you believe it?

The utility (power plant operator) finally ordered a one day training on IEC 61850 to get a much better understanding what the (relatively small) issue was all about and to get an overview about IEC 61850.

The crucial lessons learned by the utility engineers are:

1. If you want to use IEC 61850 in your plant, specify to some extent what you want to get delivered.
2. When you get the offer from vendors, check in detail what they offer.
3. Once you have almost selected one or more vendors, make sure that all IEDs that have to speak IEC 61850 are interoperability tested one way or the other.
4. Once you have signed the contract with one or more vendors, organize interoperability tests in a lab in due time prior to the commissioning process on site.

Note that conformance testing is required – but not sufficient!!

Utilities must take a firm position in favor of a genuine open international standard in the energy market, leaving behind once and for all the outmoded notion of great champions of vendors with many proprietary bells and whistles.

In case utility management and engineers involved in a project follow these recommendations it is likely that the problems that may occur on site later on will be tremendously minimized.

The utility I was involved with told me, that they will contract with me again, as soon as they have to build another MV substation in a power plant using IEC 61850 IEDs.

Good luck!

What do you think about an IEC 61850 Open Source Implementation?

I have been asked off and on, if there is an Open Source Implementation for IEC 61850 or one with a reasonable price. Yes these are available these days. There is a simple subset of IEC 61850 implemented in Java licensed under the LGPL implemented by Fraunhofer Institute ISE (Freiburg, Germany). This solution is a result of the e-Energy eTelligence research project funded by Germany's Federal Ministry of Economics and Technology (2009-2012).

There is at least one other affordable solution available that provides a full subset of IEC 61850 even applicable at small embedded controllers – from SystemCorp.

The Open Source IEC 61850 Server supports:

• MMS Associations
• (MMS) GetDirectory and (MMS) GetDataDefinition services
• (MMS) GetDataValues and (MMS) SetDataValues
• (MMS) DATA-SET model services
• Interpretation of ICD-File to build model

IEC 61850 Client supports in addition to Servers:

• Receiving (MMS) Reports

Visit the home page of the openIEC61850 Implementation.

We have tested the open source solution to some extend to see what it provides. The solution is mainly a MMS (ISO 9506) implementation. IEC 61850 contributes to the solution with its information models (logical devices, logical nodes, data objects, data attributes, …). The hierarchical information maps perfectly to MMS NamedVariables (NV)!! The corresponding MMS Services allow to manage retrieving the MMS object model (NVs), writing to the NVs and reading from NVs. Since MMS fits well to the information model of IEC 61850, it is natural that the MMS NV and NV services provide the needed services for IEC 61850 information model management.

IEC 61850-7-2 (ACSI) provides more elaborated services (not supported by the open source solution), e.g., Reporting, Logging, GOOSE, Sampled Value exchange, Control Model, and File transfer. The most comprehensive (complex) model is the buffered Report Control model. This model allows the optimized usage of bandwidth by providing a spontaneous (event) driven mechanism. A specific status information will be transmitted only when its value changes or when – for an analogue value – a configured limit is violated. This reduces the traffic tremendously and meeting a critical timeliness need.

Polling a huge number of devices in a huge distributed system does not scale at all. There is a crucial difference in applying polling or event driven reporting.

Sure, for accessing some values in a remote device once an hour or once a day or so, could be realized with polling.

If your need is focusing on fast (medium and hard real-time) information exchange, then you need high efficient reporting, GOOSE and Sampled Value exchange.

The OpenIEC61850 implementation uses the external access path (the complete path from LD/LN.DO,DA. …) also for the internal access of the real information in the application. The application uses the path at the boundary between communication and application. The application has to analyze the text strings (up to 2 x 64 characters) for each element to be written or read. An API that maps between the external name path and a kind of an internal pointer (maybe just a linear index) is therefore more efficient. One of the crucial objectives of IEC 61850 is to use a standardized model independent of the internal organization of the real data values.

It would be interesting to see a first device that implements the OpenIEC61850 solution to get an IEC 61850 Conformance Certificate. The current solution does not yet support the Control Model, which is required as a mandatory service. MMS does not have a model that is equivalent to the IEC 61850 Control Model. That’s why the IEC 61850 solution has to implement all the needed features of the Control Model according to IEC 61850-7-2 and IEC 61850-8-1. Having MMS does not mean that it is easy to implement the Control Model – I have seen many experts struggling with the Control Model.

The main reason why there was a decision made to implement an openIEC61850 using Java was (from my experience and understanding) simply because there was not a single software solution available that was affordable for R&D projects. Usually the solutions came in source code … meaning to spent a lot of efforts (money and time) to get what people (researchers, students, Phd students, …) were looking for.

This has changed a lot during the recent years. These days you could build on ready-to-go solutions that allow implementing affordable devices interoperable with other devices.

There is a FREE IEC 61850 evaluation software (Client and Server) available that could be used for building compliant clients and server: A DLL plus application software (executable and source code for the application).

http://blog.iec61850.com/2012/08/c-server-and-client-application-source.html

The DLL runs for six months … but could be purchased as well.

IEC 61850 – Is Interoperability of Devices reached?

Increased and Sustainable Interoperability of intelligent devices in the power delivery domain is one of the crucial objectives of IEC 61850 and IEC 61400-25 (Wind Power). Interoperability is reached to a quite high degree – sure, there are a few examples where we see some challenges to improve one or the other technical problem!
My personal experience is that there is still some room for improvements – in the standard series IEC61850 and IEC 61400-25 and in the implementations and use of various vendors’ devices. One reason that causes headaches is linked to the many options in the standards. Vendors very often interpret the mandatory (m) and optional (o) designation as m=minimum, o=oops there is something we can ignore. Users often expect that they can decide to use mandatory and optional definitions – they expect that vendors have to implement almost all options.
There is – of course – a huge lack of understanding what and how to implement IEC 61850 and how to use standard compliant devices; and to figure out what goes wrong. Education of vendors and users is one of the most highly recommended actions to improve interoperability!
The other day I was called to help solving a six months’ discussion between two vendors of IEC 61850 compliant products, a third vendor using their devices, the project management and the user.

It took me (with a helmet and security jacket and security shoes) less than a day on the site (a medium voltage substation in a new coal fired 920 MW power plant) to figure out the reason of a non-interoperable behavior of the power plant control system (IEC 61850 client) that had a problem with one device type. The control system wants to set the TrgOps (trigger options) of the report control blocks in all devices. It sends a SetURCBValues service with the value [x111 11xx]. All but one devices accept this value (even they do not support one of the 5 bits that can be set to 1). One device supports only three out of the five [x100 11xx] – setting 3rd and 4th Bit true is not accepted and causes a negative SetURCBValues message (according to the definition in IEC 61850-7-2).
This minor issue causes a big trouble because the client (power plant control system) cannot set the General Interrogation to true – and cannot use it !!
I expect that this non-conformity will be fixed soon. It is not a big issue – but it caused six months trouble and created a lot of frustrations!
If the right expertise would get involved in such discussions at an early stage it is likely that many of the non-conformities would be solved very soon. Comprehensive education is required when it comes to IEC 61850 – the earlier the better. Be aware: IEC 61850 is not just another protocol.
Some complaints about the many options in the standard series are discussed in a paper published the other day.
“… the world needs — there is a user group already associated with IEC 61850 — is some type of organization that will work through 61850, come up with a subset that eliminates all the options and drive that down to the vendors and say, "here, do this." ”
This is a great approach. The main reason this has not yet been done is mainly the absence of users in the many discussions in the standardization working groups and the UCAIUG (UCA international users group), and in other discussions – and the lack in education of the users community.
Some pressure from the utilities on the vendors community to fix the relatively few known non-conformities in existing devices and tools would help to get rid of a lot of frustrations and to reach a higher level of interoperability. Many users are – not yet – in a position to figure out which device is conformant and which is not! A lot of these issues are independent of the question optional or mandatory and could easily be solved.
Recommendation #1:
People implementing and using the standard need (more) education.
Recommendation #2:
See recommendation #1.
Some discussion on Education.
Read statement of Vattenfall on Education for IEC 61850 [2007!!]

What does a PIXIT provide?

PIXIT stands for “Protocol Implementation eXtra Information for Testing”. The objective is to provide crucial information for the test lab.

One example is the value for the “Maximum number of clients that can set-up a 2-party association simultaneously”, e.g., value=16. Does this mean that the maximum number of clients is restricted to 16? No! The value of 16 is used by the Testlab to run test cases. The number can be much bigger!

The PIXIT document for a SystemCorp IEC 61850 IED lists for the stack/API ina value of 16 – BUT the stack/API and the IED supports up to 255 clients!

If you want to know what a device supports, you should read technical specifications of the IED. A lot of vendors use the PIXIT also as a kind of technical specification. The PIXIT documents should contain a note that the values given in the PIXIT document may be restricted for testing purposes only. PIXIT documents should also show the limits of the IED when applied in real applications.

Download PIXIT Document for a specific IED.

Open Position: IEC 61850 and TÜV SÜD expand into the North American Market

TÜV SÜD is a well known authority in the testing of IEC 61850 IEDs with regard to IEC 61850 Conformance Tests, Functional Tests, Security Tests, and Safety Tests. They have been accredited from the UCAIUG as an IEC 61850 test lab.

TÜV SÜD is currently expanding its service portfolio in the field of embedded systems, focusing on safety and security in the certification of machinery and installation control systems as well as networked embedded systems. In this context we focus on the following sectors: the energy industry (e.g. smart grid, smart meters and conformity/interoperability of communication networks and systems for distributed energy resources in accordance with IEC 61850), factory automation, chemical, oil and gas industry and rail (advanced security aspects).

TÜV SÜD is offering a new position for a Project Engineer for their Industrial IT Security and Smart Metering services in the USA.

Please check the full description of the position.

TÜV SÜD lädt zur zweiten IEC61850-Laborbegehung ein

TÜV SÜD lädt zur zweiten IEC61850-Laborbegehung ein (Anmeldung bis Mittwoch, 12:00 Uhr möglich):

Interesse? Bitte kontaktieren Sie Frau Ana Dominguez

TÜV SÜD AG
Embedded Systems (V-INM)
Barthstr. 16
80339 München / Munich
Phone: +49 89 5791 2195 (Munich)
mailto: ana.dominguez@tuev-sued.de
http://www.tuev-sued.de/embedded

Successful IEC 61850 Training in Seoul (South Korea)

The two day training on IEC 61850 in Seoul (South Korea) was attended by some 60 experts from South Korea and the Philippines – a big success:

Entrance at the KTL building:

 

Auditorium:

Discussing (very good) questions:

The training was well received. The questions and discussions indicate that the industry is now in the process of implementing and using the new technology IEC 61850 and IEC 61400-25.

TÜV SÜD (one of the organizing companies) focused on the interoperability tests and functional tests of devices like PV inverter. TÜV SÜD offers services to test IEC 61850 conformity, PV inverter functions defined in part IEC 61850-90-7, security, and EMC/EMI requirements. One Test Lab – for many requirements.

TÜV SÜD Conformance Test Lab for IEC 61850 accredited

TÜV SÜD (Munich, Germany) has been authorized on August 24, 2012 to perform IEC 61850 Conformance Testing (for servers) in accordance with the Users Group Quality Assurance Testing Program Procedures. TÜV SÜD is a third party test lab that offers Level A tests.

Congratulation!

TÜV SÜD
Barthstrasse 16
80339 München / Munich
Mr. Peter Pfisterer
+49-(0)89-5791-3372
mailto:Peter.Pfisterer@tuev-sued.de

It could be expected that this new test lab will speed up the tests for IEDs with IEC 61850 server functionalities – and it is likely that the total cost for a certificate will be lower than before.

The first tests run have already helped to improve the quality of products.

IEC 61850 Editions – Help to Prevent Confusions

After my recent Newsletter on IEC 61850 many experts visited the blog post of the first discussion on Editions which summarizes:

BUT there will be not an EDITION 2 of the standard SERIES IEC 61850 per se!! Various parts (of the first 16 parts) will be revised and extended and then published tagged as EDITION 2.

New parts will be published with the tag EDITION 1, e.g., IEC 61850-80-1 (Guideline to exchanging information from a CDC-based data model using IEC 60870-5-101 or IEC 60870-5-104) - IEC/TS 61850-80-1, Edition 1.0, 2008-12

Click HERE for the complete post.

There are a lot of confusions when people talk about Editions of IEC 61850.

In a new paper it is reported: “Edition 2.0 of IEC 61850 Standard has been released considering valid technical issues and future aspects of protocol usage. … compares the IEC 61850 Edition 2.0 specification to its predecessor Edition 1.0.”

Click HERE for that paper.

There is hope that experts will use more precise language when it comes to editions of the many parts of IEC 61850 and related documents.

In addition to the question of the Edition of the standard there is another question, when it comes to the Devices that implement IEC 61850: Does this or that Device conform to IEC 61850 Edition 1 or Edition 2?

Since there is NO EDITION 2 of the STANDARD, a Device could NOT be characterized as an IEC 61850 Edition 2 Device!!

We have to differentiate the various aspects of the Standard: Which Logical Nodes, Common Data Classes, Services, which subset of the Configuration Language Edition 2, et cetera are implemented.

Edition 2 of any part of IEC 61850 can mean the following:

1. (Usually: Most) Definitions of parts tagged Edition 1 have been taken over in the same parts tagged Edition 2 without any change.
2. (Some) Definitions of parts tagged Edition 1 have been taken over in parts tagged Edition 2 with fixes or minor changes. During the tissue process the parts tagged Edition 1 have already been “fixed” to some extend.
3. (Less or more) New Definitions have been added in parts tagged Edition 2. [Service tracking in IEC 61850-7-2, many new LNs in IEC 61850-7-4, …]
4. (Some) Definitions of parts tagged Edition 1 have been moved to parts tagged Edition 2 without changes. [e.g., LN STMP from IEC 61850-7-410 Ed1 to IEC 61850-7-4 Ed2; Substitution has been moved from IEC 61850-7-2 Ed1 to IEC 61850-7-3 Ed2, …] 

A Device A that implements those definitions from several parts tagged Edition 1 that have not changed in Edition 2 of these parts is compliant to edition 2 of these parts without any modifications! If a Device B implements some new features of one or more parts tagged Edition 2, then these new features have to be listed in some detail to understand the situation. Some detail means that the implemented features per part tagged Edition 1 and/or Edition 2 have to be listed.

Examples:

1. A Device may just implement a new LN from Edition 2 of part IEC 61850-7-2; the other definitions are used as defined in Edition 1 of the other parts like IEC 61850-7-3, 7-2, 8-1, … So, is this an Edition 1 or Edition 2 Device? Both! But we better do NOT TAG a Device being Edition 1 or Edition 2. It’s a Device implementing the services according to the PICS of part IEC 61850-7-2 Edition 1 (the subset used may be unchanged in Edition 2), IEC 61850-8-1 Edition 1, … and the STMP LN of IEC 61850-7-4 Edition 2.).
2. The same Device could be understood as implementing the STMP LN according to a part that is tagged Edition1: The STMP LN is still officially published in IEC 61850-7-410 Edition 1. Edition 2 of 7-410 will not have the STMP LN any more – it is already moved to 7-4 Edition 2.

Users should not wait until a Device or the Communication Stack is compliant to Edition 2 of the Standard IEC 61850!! You will never get such a Device because there is NO Edition 2 of IEC 61850. You may want to use one or the other new service of IEC 61850-7-2 Edition 2 (like Service tracking of control block services) or a new LN from IEC 61850-7-2 Edition 2 or from IEC 61850-7-420 Edition 1 or IEC 61850-90-7 Edition 1 …

Always list some details what has been implemented from the various parts tagged Edition 1 or Edition 2 – if you want to prevent confusion. 

Additional discussions on this topic will follow – time permitted.

Stay tuned.