What if Remote Control Fails?

The year 2015 is almost over ... here in Karlsruhe (Germany) we are just 13 h and 13 min away from 2016. Have you looked back to the many lucky and bad situations you have experienced or you have seen during the year 2015?

I guess we all understand that we need more serious engineers that take care of the many processes and systems we need in our modern life. Our generation sees a lot of good solutions going away ... replaced by modern technologies. There is a need to use more communication systems to keep the lights on, the grass green and the sky blue.

Volkswagen has demonstrated that adaptive closed loop control can take the situation (in which a car is) into account and react in different directions - to the good of the company and share holders ... not to the good of the environment.

I have just seen what happens, when a control system does not take the situation into account: The locomotive at the end of a long multiple unit train did not stop pushing when the driver of the leading locomotive decided to stop. The wireless communication to carry the stop-command via a radio channel failed to reach the control system of the locomotive at the end of train.

Click HERE to see how the spinning wheel dug into the tracks ... for hours I guess. The control system did not check the speed which was zero for hours and did not automatically stop the wheels spinning. Obviously there was a use-case that was not taken into account: What to do when the stop command does not make it through to the locomotive at the end of the train?

At the door steps to 2016 I wish everybody reading this post a successful year 2016 ... helping to keep the power flowing.

German Standardization Roadmap Industrie 4.0 (Version 2)

Several groups within Germany have written a 70+ page Standardization Roadmap Industrie 4.0 (Version 2, Oct 2015). The document lists a lot of topics relevant for standardization related to the future industrial automation. It contains a lot of issues that “should” or “must” be considered in the standardization of the future.

I was a bit surprised that the industrial automation world seems to lack of many basic standards that would support interoperability and inter-workability. Guess the authors have understood that the myriad of fieldbusses seems not to solve the needs for the future automation process – fieldbusses lead to many islands that can not talk together.

The power world has decided already some 20 years ago to build the foundation of interoperable systems based on a well defined huge “dictionary” of semantic terms (the hundreds of logical nodes for almost all power domains).

With IEC 61850 we change from “bits” to “well defined terms and messages”:

All the messages exchanged could be based on a well standardized semantic, like the temperature supervision model “STMP”: Trip =  “STMP1.Trip.stVal” or the current temperature = “STMP1.Tmp.mag.i”.

The various layers are shown in the following figure:

These values can be reported by a DataSet and a GOOSE message (in real-time … in some 3 to 5 msec):

The smart grid efforts within IEC are tremendously supported by IEC TC 57 … especially with the standards series IEC 61850. This series is part of the “IEC smart grid standards roadmap”.

This roadmap has really attracted the Industrie 4.0 supporters! They write in their roadmap:

“Empfehlung, eine Normenlandkarte (standardisation map) für Industrie 4.0/Smart manufacturing elektronisch zu beschreiben. Die Normenlandkarte wird ein im Vergleich zum Smart Grid Mapping Tool (http://smartgridstandardsmap.com) äquivalentes elektronisches Werkzeug darstellen.”

They recommend to “copy” the “IEC smart grid standards roadmap” and name it “IEC Industry 4.0 / Smart Manufacturing Roadmap).

Click HERE to see the IEC smart grid standards roadmap.

Click HERE to access the Standardization Roadmap Industrie 4.0 (Version 2, Oct 2015, German only).

I hope that they will “copy” more than just a roadmap … refer to IEC 61850 some time down the road.

By the way: HMS is bridging the semantic-less fieldbusses to the semantic defined in IEC 61850 …

http://www.hms-networks.com/about/labs/smart-grid/labline-sg

An Approach to Developing Power Grid Control Systems with IEC 61850 and IEC 61499 and Holonic Control

An interesting paper discusses the combined use of IEC 61850 and IEC 61499:

An Approach to Developing Power Grid Control Systems with IEC
61850, IEC 61499 and Holonic Control

by Valentin Vlad, Corneliu Buzduga, and Calin Ciufudean (University of Suceava, Romania)

WSEAS TRANSACTIONS on SYSTEMS, Volume 13, 2014

This paper presents some models and concepts for developing smart power grid control systems based on holonic concepts and the open standards IEC 61850, IEC 61499. Along with the proposed holonic models for different levels of control, we present a simple fault protection application illustrating how the IEC 61499 artifacts can be used for modeling and implementation of IEC 61850 compliant applications.

Click HERE for the above paper.

Additional information of using IEC 61850 and IEC 61499 in Distributed Power Systems:

Distributed Power System Automation With IEC 61850, IEC 61499, and Intelligent Control (Neil Higgins, Member, IEEE, Valeriy Vyatkin, Senior Member, IEEE, Nirmal-Kumar C. Nair, Senior Member, IEEE, and Karlheinz Schwarz, Member, IEEE; IEEE TRANSACTIONS ON SYSTEMS, MAN, AND CYBERNETICS, 2010)

Multi-agent Smart Grid Automation Architecture based on IEC 61850/61499 Intelligent Logical Nodes (G. Zhabelova, V. Vyatkin, Senior Member IEEE; IEEE Transactions on Industrial Electronics, 2011)

More to come.

BDEW Whitepaper on Security for the Power Industry has been updated

Whitepaper V 1.1
Anforderungen an sichere Steuerungs- und Telekommunikationssysteme

White Paper V 1.1
Requirements for Secure Control and Telecommunication Systems

This updated white paper specifies essential security measures for control and telecommunication systems for the power industry. The purpose of this document is to sufficiently protect the operation of these systems against security threats. The security measures described in this document are recommended for all newly procured control and telecommunication systems. The strategic goal of this white paper is to favourably influence the future development for aforementioned systems with regard to IT security. Furthermore the document should establish a mutual understanding for the protection issues of these systems throughout the industry.

Click HERE for a copy of the whitepaper.

Click HERE for related documents.

Could a Power Outage of an Airplane happen in the Air?

Yes, a power outage of an modern airplane could be caused by a simple software problem – related likely to a wrong assumption. What does this mean for the future power systems?

The following official report from the U.S. Government FAA, dated May 01, 2015 says that a

“Boeing Model 787 airplane that has been powered continuously for 248 days can lose all alternating current (AC) electrical power due to the generator control units (GCUs) simultaneously going into failsafe mode. This condition is caused by a software counter internal to the GCUs that will overflow after 248 days of continuous power. …

The software counter internal to the generator control units (GCUs) will overflow after 248 days of continuous power, causing that GCU to go into failsafe mode. If the four main GCUs (associated with the engine mounted generators) were powered up at the same time, after 248 days of continuous power, all four GCUs will go into failsafe mode at the same time, resulting in a loss of all AC electrical power regardless of flight phase.”

Click HERE for the full report.

What is the lesson we can learn from this situation? I guess simply this: If you have to program something you need to know precisely under which assumptions the “something” should work. Usually you have to make firm assumption under which the “something” will work. If you would assume (for example) that an airplane of model 787 would never be powered continuously longer than 90 days, then the counter would not overflow under normal conditions.

But: If this assumption is wrong, then the counter could overflow.

I guess that we quite often design systems under assumptions that may be valid at time of the design – but that may show later that they were quite wrong! Some 40-50 years ago it was not assumed that the traffic in 2015 would be as is is now. Or?

The power utilities assumed some 15 years ago that PV-Power (mainly installed on roofs) should just be understood and treated as negative power connected to the grid – so that there was no need to invest in power management and automation systems. I remember such discussions in the German national standardization (DKE). Within a short time period they had to learn that the assumption was wrong! Now we have almost 40 GW of installed PV systems.

The next wrong assumption could likely be the number of Batteries connected to the power grid. The needed investment in the future power system will highly depend on the assumption on how fast the installation of batteries will happen! I have talked recently to utility experts that they fear a fast growth of network connected batteries. The batteries behave different compared to Wind Turbines and PV systems – batteries can import and export energy. They can change their behavior within very short time. A sudden huge power flow change of millions of battery systems could cause power outages.

So, MUST we assume that this could easily happens or not? Depending on our answer, we have do spent more or less Euros or Dollars … Experts that don’t want to invest a lot more will argue, that it is unlikely to happen.

The (wrong) assumptions of today could likely be the reasons of power outages in the near future. The bad side of the assumption that the installation of battery systems will grow fast is: It will require a lot of more efforts to keep the power system reliable.

I guess we will see increasing numbers of batteries being installed after yesterdays announcement (May 01, 2015) of the new Partnership for Global Energy Transformation: LichtBlick (Germany) integrates Tesla Battery Storage (US) into Energy Markets.

A crucial key component in the future power systems is related to information management and standardized information exchange with IEC 60870-5-104 and IEC 61850. VHPready is an important step to support LichtBlick and many other companies.

Will Information Networks become the “Backbone” of the Power System?

Information sharing between any kind of intelligent devices is a crucial need for today’s an the future Power Delivery Systems. It requires a huge infrastructure to send information back and forth.

Who do you think will put a lot of efforts into the infrastructure to get control over the information to be shared? Will protection engineers or mechanical engineers (e.g., of wind turbines) gain control over the information infrastructure? I guess that it will work the other way around: The specialists of network infrastructure will have a big impact on how the information will be shared in future.

One of the many activities is supported by a special group within the IETF (Internet Engineering Task Force): Energy Management (EMAN)

Excerpt from the current Applicability Statement

“Abstract

The objective of Energy Management (EMAN) is to provide an energy management framework for networked devices. This document presents the applicability of the EMAN information model in a variety of scenarios with cases and target devices. These use cases are useful for identifying requirements for the framework and MIBs.

…

1. Introduction

The focus of the Energy Management (EMAN) framework is energy monitoring and management of energy objects [RFC7326]. The scope of devices considered are network equipment and their components, and devices connected directly or indirectly to the network. The EMAN framework enables monitoring of heterogeneous devices to report their energy consumption and, if permissible, control. There are multiple scenarios where this is desirable, particularly considering the increased importance of limiting consumption of finite energy resources and reducing operational expenses.”

Click HERE for the current “Energy Management (EMAN) Applicability Statement, draft-ietf-eman-applicability-statement-10”

From an information sharing point of view there is no difference between information of a router or Ethernet Switch and a protection, monitoring or control IED (Intelligent Electronic Device) in the sense of a Fieldbus, DNP3, IEC 60870-5-104 and IEC 61850.

Finally IETF could play a major role in the world of networked devices – including everything that is believed today as somehow special: Field devices on one of the hundreds of fieldbusses, IEDs in the Power delivery systems, etc.

If you are looking for a unique (single standard) that is accepted and used all over the globe: It is IEC 61850. Use the ORIGINAL. A mapping of the IEC 61850 objects (IEC 61850 Logical Nodes and DataObjects) onto a MIB and SNMP could make sense – especially when the structures are used unchanged. The same is true for a mapping of specific MIBs for Ethernet Switches and Routers. This is already happening in IEC 61850-7-4 Ed2 for some network related information, e.g., in:

LN LCCH: Physical communication channel supervision:

More to come.

The motto of NettedAutomation GmbH since 2000 is: “The Net is The Automation”.

Secure Power Delivery Systems and Secure Communication

The power utility domain is facing a lot of challenges these days. There are environmental, technical, political, security-related, and market-related issues that require a new design of the whole chain of design, procurement, installation, operation and maintenance of systems that are needed to provide the needed power to the users of power.

There are tons of lists that require this and that. Take the cyber security aspect: You will find many documents that could help you to procure the right solution. One of the latest documents provides helpful text to write down the needs for “Cyber security of Power Delivery Systems”:

“Cybersecurity Procurement Language for Energy Delivery Systems”

Written by US-Experts and published last year.

Click HERE for a copy.

Many (likely most) publications on securing our infrastructure are assuming a mainly hierarchical and centralized Power Delivery and Automation Systems as described in the following (excerpt from the above document, page 1):

“Energy delivery systems comprise the following:

• The sensors and actuators used for monitoring and controlling energy delivery processes.
• The computer-based systems that analyze and store data.
• The communication pathways and networks that interconnect the various computer systems.

Cybersecurity threats, whether malicious or unintentional, pose a serious and ongoing challenge for the energy sector. Today’s highly reliable and flexible energy infrastructure depends on the ability of energy delivery systems to provide timely, accurate information to system operators and automated control over a large, dispersed network of assets and components.”

The cyber security requirements could be lowered dramatically in case we think of a more de-centralized Power System that would need a de-centralized Automation System over a small local system of assets and components – requiring a minimum of operational communication with the next hierarchy level.

It seems to be in the interest of manufacturers of network infrastructure to implement huge systems to control a large, dispersed network of assets and components. Sure: This would require a huge, secure network infrastructure – a huge and long-term business case. Cyber-Security seems to be a new support programme to the vendors of communication and automation infrastructure.

As we have experienced, more or less (intended!) simultaneous control commands to a huge number of assets could danger the stability of the power network. I guess that the risk in using a highly cyber-secure network (for monitoring and control) in a large hierarchical power system is much bigger than the risk of a “less” secure network (for monitoring and control) in small de-centralized, self-organizing power systems.

A cyber-secure network is one issue – the (physical and technical!) architecture of our future Power Delivery System is another.

Why don’t we pay more attention to distributed Power Delivery Systems that require distributed monitoring and control? Exchanging measurements, status, settings, and control commands in a huge hierarchical automation system will always be compromised by some people.

Would you trust an avalanche of measurements and status points arriving from millions of sensors communicated in a second? Would you trust that a setting going to millions of controllers will be interpreted in the same way? Or what’s about a control commands send out to ALL actuators? The un-thinkable is already a reality. It happened already last year in Bavaria and Austria.

I experienced the mis-interpretation of the power of my green laser pointer when I went through security of an international airport. My pointer has a power of “<1mW”. I was near to be arrested because the police officer was reading “one MegaWatt” … Fortunately I could help to translate “m” to “Milli”. Finally I had to check-in the pointer before I could go onboard.

I guess that one of the biggest challenges is to find an architecture of our future power delivery system that requires just a few or no measurements, status, settings, and control commands being exchanged between millions of interconnected intelligent devices and systems.

How to get prepared using IEC 61850?

How to get prepared using IEC 61850? This is one of the crucial questions these days. Fortunately there is an increasing number of organizations that understand the challenge with the IEC 61859 technology – and get training and education.

The A.C. electric power system is a very dynamic physical system. Could you remember the exam on Electro Dynamics when you were a student? Oh, don’t remind you … it was (is) a horror for many electrical engineers – also for me. Even some 40 years later, we have the same challenge with the dynamics of the electrical system. It is more complex these days because of the integration of thousands and millions of “power stations” into the system. The need for a good base knowledge of the electric system COMBINED with the need to get familiar of using an increasing information exchange to monitor and control the electrical system will be the prerequisites for the future electrical engineers.

I  have seen several utilities, vendors, and institutes that are very serious when it comes to the use of IEC 61850 based IEDs in substation designs. A lot of money has been invested in building network simulation systems that can be used in a lab to test IEC 61850 based protection, control and remote monitoring schemas. This is the only way to prove the concepts for a particular application domain. The financial situation of many utilities does not allow to invest into a comprehensive lab.

The education of students is very crucial. I was quite happy to read about a new lab at the Victoria University (VU) in Melbourne. They are “about to become a cornerstone for integrating smart grid technology into Australia’s electricity supply market, with the development of one of the world’s only (if not first) Zone Substation Simulator Centre (VZSSC).

The Centre will simulate 66 to 22 KV substation environments (specifically a two-transformer zone substation with dual MV buses), control and protection schemes using the IEC 61850 technology standard for the automation and control designs.
Whilst a breaker and a half configuration will define the sub-transmission side, the protection and control setup will encompass a specific X & Y protection scheme.”

Congratulation to Dr Akhtar Kalam and Graeme McClure that succeeded in convincing enough people to spend money to make this happen!

There is another group of people that need education in IEC 61850: Senior and junior protection and electrical engineers that have long term experience in substation automation, protection, and remote access.

Many of these engineers may have heard some stories about the use of IEC 61850 for power systems – but may have only a chance to read the many parts of the IEC 61850 standards … good luck. Reading the standards? It is more efficient to get a training conducted by senior engineers that could help you to speed up.

Click HERE to see what two senior engineers provide: Protection engineer Andrea Bonetti (FMTP) and communication engineer Karlheinz Schwarz.

Click HERE for a full description of the lab at the Victoria University (VU) in Melbourne.

Additional information of using IEC 61850 and IEC 61499 in Distributed Power Systems .. zone substations …:

Distributed Power System Automation With IEC 61850, IEC 61499, and Intelligent Control (Neil Higgins, Member, IEEE, Valeriy Vyatkin, Senior Member, IEEE, Nirmal-Kumar C. Nair, Senior Member, IEEE, and Karlheinz Schwarz, Member, IEEE; IEEE TRANSACTIONS ON SYSTEMS, MAN, AND CYBERNETICS, 2010)

Multi-agent Smart Grid Automation Architecture based on IEC 61850/61499 Intelligent Logical Nodes (G. Zhabelova, V. Vyatkin, Senior Member IEEE; IEEE Transactions on Industrial Electronics, 2011)

Objectives of IETF EMAN – Energy Management Working Group

The IETF Energy Management (EMAN) defines an Energy Management Framework for Networked Devices. Networked Devices could comprise many different devices: Router, Switch, Battery, Printer, … by the way: the variety of monitoring, control, protection and automation devices in power systems could be understood a “Networked Devices”. So: the scope of IETF EMAN could be quite wide. Yes!

A new document provides the “Applicability Statement” from the IETF viewpoint.

It lists several use-cases for identifying requirements for the framework and MIBs. Further, it describes the relationship of the EMAN framework to relevant other energy monitoring standards and architectures.

One thing is sure: Electrical Power is one of the crucial issues to be dealt with in 2015 and beyond!

Click HERE for the “Applicability Statement”.

On my radar screen I see a lot more IEC 61850 applications that hid the street in 2015! Wherever there is a need to unify the information exchange of crucial information about the electrical system and related information IEC 61850 has them (almost) all standardized.

Please note: The many international standards setting organizations are more or less all independent – this means, every group can define a standard for energy management … There is one big difference between the various standards available today: IEC 61850 has been defined internationally by experienced senior Electrical Engineers.

Can IEC 61850 be Applied in the Industrial Automation Domain?

Sure: It can. Why? Because IEC 61850 uses native standards like Ethernet, Ethertype, TCP/IP, UDP/IP, XML, MMS, … defines a dictionary of common information models, like MMXU (electrical measurements of a 3-phase AC system) that are applicable wherever a 3-phase AC System provides measurements like phase voltage or phase-to-phase voltages.

A motor with 3 phases is a motor with 3 phases everywhere! Or?

A very interesting paper by Dustin Tessier (Canada) discusses that IEC 61850 could be used in the power and industrial domain:

The Dual-Domains of IEC 61850 – Power vs Industrial Domains

“ … Despite the popular belief that the “power” domain and “industrial” domain have
intrinsically unique principles, this paper suggests the gap is decreasing, and through the
use of IEC 61850 we can adopt a single strategy that capitalizes on a common
technology platform.

… Whether it’s the SAS, DCS or PLC applications, these all share a common goal of collecting, processing, distributing and visualizing the data.

… No longer is the day where we ask, "Is this an industrial product or a utility
product?, and the same applies to system integration services. IEC 61850 may have been
designed for the power domain, but it won't be long before we see it revolutionize the
industrial domain.”

Click HERE for the paper [pdf, 100 KB]

Wherever there is electricity, IEC 61850 will be be involved one way or the other!

Click HERE for further discussion on the topic: Industrial and Power domain.

Cyber Security in Industrial Control Systems – Is this enough?

Cyber security is more than a hype. Is this enough to reach a secure and stable power system? No!

I found a very good documentation on cyber security measure:

Since February 2013, industrial stakeholders (final users, vendors, integrators, professional organizations, etc.) and French governmental entities have been working together on elaborating concrete and practical proposals to improve the cyber security of critical infrastructures.

The first results of this working group are the following two documents:

• The first document describes a classification method for industrial control systems and the key measures to improve their cyber security.
• The second one gives a more in-depth description of applicable cyber security measures.

Click HERE for the website with the links to the two documents. Nice reading!

These measures (comparable to those listed by many other organizations and groups) will help to improve the cyber security of critical infrastructures. No question.

Do these measures help to keep the power flowing, help to keep a stable and highly available power system? To some extend these measures solve mainly issues that are caused by new control system solutions based on standards like Ethernet and TCP/IP.

But: What’s about the power system stability? Let’s assume that we have a 100 per cent cyber secure ICS managing the power generation, transmission, distribution, storages, and loads. This “secure” systems may be used in many different ways – taking the physical laws seriously into account or ignoring some basic requirements to keep the power system stable.

One very critical impact on the electrical system is the change of power flow. Each change (more or less generation or load) has to be controlled in a bunch of close loop control systems. If the amount of change in a short time (within seconds) is too high, then the systems is likely to black-out.

A highly secure ICS may be used to configure schedules for feeding power into the power system (generator or storage) or drawing power from the system. The power flow change caused by schedules may exceed the maximum value that can be automatically managed by primary power control systems … risking a power outage.

Who is now responsible that the maximum allowable power flow change in an interconnected power system will be taken into account when we have millions of such schedules? Maybe too may schedules are configured to draw power or feed in starting at 14:00 h today. As a consequence the power flow change could be far beyond the maximum amount that can automatically be managed by the primary power control system (as we have them today in all systems).

Cyber security of ICS is one aspect – system stability of the power system is another. Secure ICS’s are important. A high level of power systems stability is more important and requires secure information and communication systems AND the need of understanding of the power system physics. 

We have to make sure that any new ICS approach does not allow a huge sudden power flow change! This is true also for all solutions based on standards like IEC 60870-5-10x, DNP3, IEC 61850, or …

These standards would allow to disseminate immediate control commands or specify schedules.

WHO is in charge to have the big picture in mind – to configure power systems in a way that they do not blackout because of commands and settings communicated by highly secure ICS’s? The power system could not differentiate if these commands or settings are intended or caused by hackers.

It is highly recommended to keep an eye on the power system physics and prevent any ICS action (secure or insecure) to danger the stability of the power system!

Optical Fibre for Temperature Measurement in Power Systems

Optical fibres are known to be used in power systems because they withstand the rough conditions in high voltage environments – as such they are used in Substations for carrying messages, e.g., according to IEC 61850.

There is another very interesting use case of optical fibres in power systems: in generation, transport, distribution, and loads. One of the crucial measurements that can be applied to more efficiently use of electric power is measuring temperatures. But you may state that installing a lot of temperature sensors could be quite expensive!

With the application of optical fibre for measuring temperatures it seems to be a very promising approach to reduce the amount of power needed for many critical process like in huge data centers, high voltage lines and cables, transformers, switch gears, to name a few.

According to alquist (a UK based company specializing on measurement systems using fibres) there are many advantages of fibre as a temperature sensor:

• Simultaneously measures temperature and position over long distances
• Low cost – the sensor is made from standard 50/125 optical fibre zip cord - very cost effective
• Immune to shock/vibration and electromagnetic interference
• No electronics, wireless, batteries or moving parts in monitoring zone. Totally passive, minimal maintenance.
• Inherent high reliability (fibre has a design life of 30+ years)
• High temperature range -200°c to +500°c
• Extremely small for access in legacy areas with restricted space
• Easily installed in without any downtime or interruption of service

There are an incredible number of applications for fibre optics beyond their use as a simple communications links.

Download a very useful presentation given by Andrew Jones (alquist) [pdf, 2.8 MB]

The availability of myriads of “measurement signals” from various processes allows to more efficiently use energy, i.e., to reduce the amount of energy we need to consume to service our needs for modern life.

What ever will be measured in energy supply systems could be modeled and communicated with IEC 61850 – The Communication Standard for power system automation. One crucial focus of IEC 61850 is on measurements!

SCADA Security at Iberdrola – Be serious about Security!

Iberdrola has been awarded a 2012 European SCADA Security Innovation Award.

“Iberdrola is the largest energy company in Spain and operates multiple types of energy production plants (gas, coal, water, eolic, nuclear) in multiple countries in the European Union and Latin America. … The history of Iberdrola is one of innovation. In early 2000 Iberdrola decided to create the CMDS, a 24x7 Monitoring Center for the operations of their Critical Infrastructure. Inside the scope of the CMDS, and with a codename of AURA, a long-term security program for the in-depth security of their SCADA networks was put in motion. … In 2011, Iberdrola started two of the latest and most innovative projects to date: AURA.MARS and AURA CONSEG. ...”

Read the press release from SANS.

Comprehensive presentation from Iberdrola “Step by Step: The Journey to Secure SCADA Systems” [pdf, 5,3 MB]

It is really crucial to be serious about Security!!

Cyber Security issues for the Energy Systems

The U.S. Rice University has published a report on cyber security issues for the U.S. energy systems. This report repeats saying that the industry needs to do something – guess that is very true.

Here is the report on Cyber Security.

BDEW Whitepaper on Security in Power Systems

The well-accepted dual-language BDEW Whitepaper

- Requirements for Secure Control and Telecommunication Systems
- Anforderungen an sichere Steuerungs- und Telekommunikationssysteme

is now available at a new link:

Download Security Whitepaper [pdf].

Analysis of Indian Power Outage end of July 2012 published the other day

Guess you remember the biggest blackout that ever happened in India end of July 2012 – leaving several 100 Million people without power for some time!

A first comprehensive report has been published:

REPORT OF THE ENQUIRY COMMITTEE
ON GRID DISTURBANCE
IN NORTHERN REGION

16th AUGUST 2012
NEW DELHI

What happened on the 30th and 31st of July? A lot!

The Substation Protection Automation systems, for example, all over worked quite well. The report lists 100+ tripping events of protection devices !! That means many lines were taken out of service in order to protect the lines, switches, transformers, generators, … Before a line is damaged by overload, it is disconnected from the power flow – it operates like a “smart” fuse. Indian people should be thankful that most protection functions worked well.

My summary of the report is:

• Experts figured out that the power delivery systems in India are very huge and very complex.
• Investments to maintain and operate these complex systems and to keep them stable with the growing demand were far too low.
• A list of short, medium and long term actions are suggested to prevent such events in the future.

One issue regarding communication is very interesting, the report states that: “The existing communication network should be maintained properly. RTUs and communication equipments should have uninterrupted power supply with proper battery back up so that in case of total power failure, supervisory commands & control channels do not fail.”

My personal experience in the early 1970s was that battery back up systems are often badly maintained. I was responsible for a brand-new centralized fire alarm system with 6,500 manual fire alarm detectors. The control system crashed at least once a week. As a young man (21) I could not accept that the manufacturer of that huge fire protection system did not act properly to investigate what the problem was; the customer was quite angry. I was too young to do my own deep inside analysis of the problem. I didn’t even have the instruments to do it. So, I quit my job and went back to school and university … and came back to the same company after 7 1/2 years (and father of four kids). I started as an engineer in 1981 – in the area of communication for process automation (IEEE 802.3 Ethernet, IEEE 802.4 Token Bus, MAP, Profibus, … ).

Later somebody reported to me what the cause of the problems of the centralized system was: BADLY MAINTAINED Back-Up Power Supply before it was installed! The batteries were stored in the basement for one year – without anybody keeping an eye on it. The physical laws hit back after the batteries were installed.

A system is as weak as its weakest link.

I guess the results of the investigation are not new. Many engineers have warned all over all the time that more investment is needed to keep the lights on.

Download the complete 70 page report [pdf, 830 KB].

Power Outage in India for some 600,000,000 people

It is a national (better a global) tragedy what happened in India yesterday and today! Some 600.000.000 people are out of power within two days! … and IEC 61850 would not have prevented such a power outage. ;-)

Guess there are many reasons: technical, political, personal, …

One technical (and social) issue is the theft of electric power along the lines. It was reported today that “Losses in electricity transmission and distribution are also among the world’s highest, 24 percent to 40 percent, because of inefficiencies and theft.”. When you see the following pictures, you could understand why it is so easy to tap the wires:

How many wires tap these lines? If the electric network would be modeled with SCL (single line diagram) you could “see” it … I am kidding.

On the next photo (taken near Agra) you can see that the wires can easily be taped (1.5 m above ground …):

Some more (dump) meters would allow to figure out what amount of energy is put into the grid and what amount is being paid …

I hope that more people in charge understand that the electrical system is very complex and that is requires improvements and maintenance all time! A badly maintained system will hit back !! with power outages. The bad side of this is that it costs a lot of money!!

Some people think that they could treat the electric power system like their car or bike – they run them until they break … maintenance often does not make them more reliable. A broken car may block a lane at the highway – a broken transformer may cause a cascading outage … leaving millions of people in the dark!

Electrical engineers should educate more people in order to help them to understand what to do. But who is listening to an engineer? Hm!

I wish that the people living in India get power back very soon! And people living all over that the electric power systems will be better understood and treated.

Denver (CO): Workshop on International Standards for Smart Grids and SCADA Application Domains

A two day Workshop on International Standards for Smart Grids and SCADA Application Domains will be conducted by two gurus of standards for power systems on

September 18 – 19, 2012 – Hyatt Regency Denver (CO) Tech Center

Topics are among others: NIST SGIP standards catalog, IEC 61850, IEC 62351 (security), DNP3, … security measures, solutions, and needs, as well as the global market penetration of standards in power systems, …

Details and registration information for the Smart Grid Standards Workshop can be found here.

If you want to have a specific topic presented and discussed during the workshop, please let me know.

Australia: The Dutch Disease and IEC 61850!?

Dustin Tessier suggests in his paper the increased application of IEC 61850 in Australia as a means against the Dutch Disease – a very interesting paper. He states:
“With a bit of sponsorship from the government, this cost saving technology [IEC 61850] established in 2004 - could immediately translate into production efficiencies throughout the utility, LNG, and industrial sectors. This is but one example of low lying fruit that have yet to be picked in the Australian productivity domain.”

The Dutch Disease is a serious threat against nations that have a high dependency on their exportable resource commodities; which explains the apparent relationship between the increase in exploitation of natural resources and a decline in the manufacturing sector.  Nations that are victim to low productivity rates, are more vulnerable than others, and it is these nations that must first seek the "low lying fruit" when trying to stimulate efficiencies within their economy. The answer? IEC 61850! This is an attractive technology, as it applies across most industries, be it utilities, LNG, metals and mining, desalination plants, etc. With a bit of sponsorship from the government, this cost – saving technology established in 2004 – could immediately translate into production efficiencies throughout the utility, LNG, and industrial sectors. This is but one example of low lying fruit that have yet to be picked in the Australian productivity domain. This is likely true for Canada, Brazil, …

According to Wikipedia “the Dutch disease is a concept that explains the apparent relationship between the increase in exploitation of natural resources and a decline in the manufacturing sector. The mechanism is that an increase in revenues from natural resources (or inflows of foreign aid) will make a given nation's currency stronger compared to that of other nations (manifest in an exchange rate), resulting in the nation's other exports becoming more expensive for other countries to buy, making the manufacturing sector less competitive.”

Download the Document Death To The Dutch Disease: The Century of the Surplus [pdf, 1.2 MB]

IEC 61850 on every Pole?

Pole mounted power distribution equipment and communication could be found all over in big cities like the one shown in the following picture I took in Seoul:

In the future you may see many pole mounted boxes that function as routers supporting the hybrid grids (power, gas, heat, …), traffic control, … and may other applications.

Several companies are offering the needed communication infrastructure that connects many of the millions of devices.

One of these comprehensive solutions is the “Cisco Connected Grid – Deliver More Value from Your Operations Over a Single, Intelligent, Secure Platform”. A key element in this platform is IEC 61850.

Click HERE for a presentation on “Cisco Connected Grid” [pdf, 25 pages]