Are you looking for IEC 61850 TICS, PICS, PIXIT, … Documents?

I talked the other day to experts of a big user. We shared our experience of increased “information hiding” when it comes to the availability and accessibility of the various documents like PICS, PIXIT, TICS, … Product handbooks, manuals, … When you checked websites of major vendors some years ago, you could find a bunch of technical material … I have figured out that these documents are quite often hidden … or not anymore available online.

I found still good examples for downloading many of the these crucial documents:

Click HERE for a Website of ABB to find PICS and other documents

Click HERE for a Website of Alstom Grid to find PICS …

Click HERE for a Website of Schneider Electric to find PICS and other documents.

Click HERE for a Website of Siemens to find some 30 PIXIT documents.
Click HERE to see a list of some 40 references to IEC 61850 Ethernet Module EN100.

Congratulation to the IEC 61850 Teams!

Enjoy the documents. Are you looking for help to understand these documents? Why do we need these at all? Isn’t IEC 61850 a standard? … and then all these documents …

Click HERE to get help!

Sensitive, Critical Infrastructure is Not Sufficiently Protected

Recently it was reported that the Stadtwerke Ettlingen (Southwestern Germany – some 15 km from my hometown Karlsruhe), came very close to shutting down the power, water and gas supply of Ettlingen. “The experiment has shown that sensitive, critical infrastructure is not sufficiently protected,” said Eberhard Oehler, managing director of the utility, Stadtwerke Ettlingen.

Click HERE for a brief Report in English and Here for one Report in German.

Just published FDIS IEC 62351-3 Communication network and system security – Profiles including TCP/IP

Security is discussed all over. IEC TC 57 has just published the following Final Draft International Standard:

FDIS IEC 62351-3 (57/1498/FDIS):
Power systems management and associated information exchange – Data and
communications security – Part 3: Communication network and system security – Profiles including TCP/IP

This part 3 was a Technical Specification. The just published FDIS will – once approved as standard cancel and replace IEC TS 62351-3:2007.

The voting on the FDIS closes 2014-10-10. Please check with your TC 57 national mirror committee to get a copy of the draft for comments.

The standard will cover the following:

A crucial definition of this standard will be to require “TLS v1.2 as defined in RFC 5246 (sometimes referred to as SSL v3.3) or higher shall be supported.”

Be smart and build-in security measures like the ones defined in the IEC 62351-3 Standard! You have to ask for it if you are a user – or you must implement it if you are a manufacturer of smart devices.

MMS & ASN.1 & XER & XMPP selected as the second SCSM of IEC 61850

The second SCSM for the ACSI Client-Server information exchange service models will be the mapping of the ACSI service models to MMS ASN.1 XER and XMPP. IEC TC 57 just released the 122 page document 57/1497/DC:

Draft IEC 61850-80-3 TR, Communication networks and systems for power utility automation – Part 80-
3: Mapping to web protocols – Requirement analysis and technology assessment

The document mainly lists the crucial needs and why the mapping to “MMS ASN.1 XER and XMPP” has been chosen to be published as IEC 61850-8-2 soon.

Chapter 7 presents the future SCSM 8-2, including an overview of the main selected technology: XMPP.

The following goals have been particularly considered for the definition of this SCSM:

• Identify a single profile supporting all the services required by the domains and defined today in ACSI.
• Cover the full life cycle of a IEC 61850 system, in collaboration with the System Management work in WG10 (from configuration, through conformance testing, down to maintenance). For this purpose, the present document may recommend some changes in other parts of IEC 61850 like part 6, part 10, etc.
• Deploy cyber-security to ensure a secure environment (in conjunction with IEC TC 57 WG 15 work).
• Propose rules for cohabitation with other mappings such as IEC 61850-8-1 and IEC 61850-9-2, and possibly recommend communication profiles depending on specific application context (pole-top equipment, inside DER, connection of DER, …).

Check with your national IEC TC 57 mirror committee for a copy of the above mentioned document.

Congratulation for the tremendous success of the web service mapping team!!! Great work!

That means: IEC 61850 will be the preferred solution in substations and many applications outside!!

New 3-day Public Seminar and Hands-On Training on IEC 61850 and IEC 60870-5-104

NettedAutomation is entering into a new phase of training: Using real devices and solutions to work with during the public 3 days general training courses. The reorganized and extended program of the 3 days course is as follows:

1 1/2 days	Introduction and Basics on IEC 61850 (and brief comparison with IEC 60870-5-104)
1/2 day	Hands-on training on designing ICD and CID documents, analyzing SCD documents
1/2 day	Configuring and using Server devices for monitoring and control using IEC 61850 and IEC 60870-5-104
1/2 day	Configuring and using Client devices for IEC 61850 and gateways to IEC 60870-5-104 and proxy server to IEC 61850; demonstration of IEC61850 Client to OPC UA Server

The next public courses are scheduled for:

Frankfurt (Germany), 15.-17. October 2014
Frankfurt (Germany), 06.-08. May 2015

Get a Special Price due to the 10th anniversary of the training courses offered by NettedAutomation ... after 3.600+ experts trained:

Click HERE for the new program and registration information.

List of courses conducted in 2013 (with 400+ attendees):

As you can see, the most courses are conducted as in-house events.

Ask for us for an offer for you and your people.

Do You Really Want to Use Your Phone for Remote Control?

Kim Zetter reported on 31 July that “Hackers Can Control Your Phone Using a
Tool That’s Already Built Into It”.

Would you like to be controlled by somebody else? Somebody you don’t know?

The report starts: “ … Two researchers have uncovered such built-in vulnerabilities in a large number of smartphones that would allow government spies and sophisticated hackers to install malicious code and take control of the device.”

Click HERE for the full report.

I hope that you are not planning to use smart phones in any critical infrastructure! Be smart! Any remote control in the energy automation could be very dangerous. Automation systems that highly depend on control commands from a central unit are in danger to be hacked or compromised by errors – independent of smart phones.

We have to thing towards more autonomous automation. Inputs to remote stations may be limited mainly to set-points that allow the algorithms in the remote units to check against the physical measurements and other information (situational awareness).

Water Infrastructure in Los Angeles under “pressure”

Eight to 10 million gallons of (fresh!) water had been lost after major water main ruptured in Los Angeles yesterday.

Hm, the more than 90-year-old riveted steel pipe carries an estimated 75,000 gallons per minute … that’s a bit.

Click HERE for a report and video by Reuters.

The un-thinkable happened! Which part of the world-wide infrastructures breaks next?

Power Utility Automation Or Power Automation?

The title of IEC 61850 is “Communication networks and systems for power utility automation”. The restriction to power utility is an artificial one required by the standardization organization – it is not set by the industry.

In fact the scope of the IEC 61850 series is: “Communication networks and systems for power automation”.

Wherever power is generated, transported, distributed, and used, IEC 61850 provides the needed tools to provide a standardized interface for information, information engineering, and information exchange. There is no difference between a 3-phase AC system in a distribution system inside an Industrial Facility or outside in an utility grid. I guess you agree, that voltage phase A is voltage phase A.

All crucial information models for electrical systems are defined in IEC 61850-7-4 (core), IEC 61850-7-410 (hydro), IEC 61850-7-420 (DER), IEC 61850-90-7 (inverters), IEC 61850-90-17 (power quality), … It would be in the interest of keeping the reliability of power delivery high, to use ONE standard for all power related applications (in public utilities and in any factory or other plant or site).

There seem some people to apply the “fieldbus approach” … publishing new standards for power systems inside Industrial Facilities AND for an interface between the two domains (between Industrial Facilities and Power Utilities). Fortunately the power does not care if it is flowing inside or outside an Industrial Facility. Why not just use ONE standard (IEC 61850) for applications inside Industrial Facilities, inside Power Utilities, and between the both domains.

The IEC TC 65 has published a Committee Draft to open the door for a new standard:

IEC 65/555/CD: IEC/TS 62872 Ed. 1.0:
System interface between Industrial Facilities and the Smart Grid

Click HERE for a brief project description.
Contact your National Committee for a copy.

Navigation Light System for Offshore Wind Farms managed by IEC 61850

The Sabik NavAid Controller is part of the control and monitoring system for the marking of offshore wind
farms. It is used for controlling and monitoring of illuminating and marking components on
offshore structures:

• Activation and generation of the flash code for all of the attached 5 nautical miles lanterns
• Activation and generation of an intensity control signal for spotlights
• Current consumption monitoring for all components of the navigation light system, as well as error
  detection and reporting

The communication supports Modbus and IEC 61850.

Click HERE for a two page NavAid Controller brochure.
Click HERE for the Gateway used in the NavAid Controller.

The Sabik Logo is enhanced by the slogan: WE SHOW THE WAY … with the application of IEC 61850 (IEC 61400-25) Sabic shows also the way how to apply IEC 61850 for many applications outside substations.

New: Hands-On Training with Real Devices and Process Signals

19 years after IEC 61850 standardization started, 10 years after publication of the first set of IEC 61850 core documents, and 10 years after intensive training worldwide, we are now facing a new challenge: Can everybody do hands-on work with the new technology without spending a lot of money?

Yes, You can – if you work with NettedAutomation GmbH.

NettedAutomation GmbH is entering into a new phase of training: using real devices and solutions to work with in the public 3 days general training courses. The program of the 3 days courses is as follows:

• 1 1/2 days Introduction and basics on IEC 61850 (and briefly on IEC 60870-5-104)
• 1/2 day Hands-on training on designing ICD and CID documents
• 1/2 day Configuring and using Server devices for monitoring and control using IEC 61850 and IEC 60870-5-104
• 1/2 day Configuring and using Client devices for IEC 61850 and gateways to IEC 60870-5-104 and proxy server to IEC 61850

The first new training session according to this program will be conducted from October 15-17, 2014 in Frankfurt (Germany). The hands-on sessions using real devices, as depicted in the following figure, show the devices involved. Further evaluation software running under Windows (offered for free) will be provided at the beginning of the course.

On request we are preparing the above evaluation package with one com.tom 3.1S (104 Server, 61850 client and server), one com.tom 5.1 (104 Server, 61850 Server, Modbus client), a simple meter with Modbus RTU, 24 V power supply, relay to operate a fan, and a fan - mounted on DIN Rail. The com.tom (application, communication, and gateways) are configured via a web browser and a CID file – no programming or extra tools required.

Contact NettedAutomation GmbH to receive an offer for the above evaluation set, for the training in Frankfurt in October, or for an in-house training.

NettedAutomation will provide several evaluation sets for the hands-on training in October. For in-house hands-on training NettedAutomation can offer communication with these and other devices – even: bring your own devices.

By the way, beginning in fall 2014, NettedAutomation will also offer (with senior power and protection engineers) intensive 3 days Seminars on Protection and Control with IEC 61850 for HV/MV substations using GOOSE, SV, SCADA, … SCL:

• IEC 61850 Introduction and experience. Where are we today?
• Return of experience and application: with Protection and Control (mainly in medium and high voltage) Substation Automation and with SCADA systems.

All Presentations will be supported by practical examples

Contact NettedAutomation for further details on the special protection and SCADA training courses.

Please stay tuned.

Security for XML based System and Device Configuration Information

Discussion on the protection of configuration information can be found HERE (just one blog post down). Please note that IEC TC 57 is working on a new part for series IEC 62351 (Data and communications security):

IEC 62351-11 Ed.1:
Power systems management and associated information exchange - Data and communications security – Part 11: Security for XML Files

The key objectives of this proposal are:

• Provide a mechanism to authenticate the source of the file.
• Provide a mechanism for tamper detection.
• Provide these security mechanisms in a manner that maintains as much compatibility with the current CIM, SCL, and other XML formats as possible.
• Provide a mechanism so that a source of data can identify what data may or may not be made available to other entities in addition to the initial receiving entity.

It is crucial for the whole industry to support these kinds of standardization projects. The user communities have to pay anyway: now or later.

We have that many good standards and draft material that should be implemented soon to make sure that we can keep control over a wide range of infrastructures.

Click HERE to download an White Paper on Security Standards in IEC TC57 written by Frances Cleveland, WG 15 Convenor [pdf].

Just published: Draft 61850-90-17 – Using IEC 61850 to transmit power quality data

IEC TC 57 has just published the 52 page Draft IEC Technical Report 61850-90-17 – Using IEC 61850 to transmit power quality data (57/1488/DC).

The document is available for comments until 2014-10-10.

Contact your TC 57 National Committee for a copy.

Phenomena considered in the draft are related to:

• Power frequency
• Magnitude of the supply voltage
• Flicker
• Supply voltage dips and swells.
• Voltage interruptions
• Transient voltages
• Supply voltage unbalance
• Voltage harmonics
• Voltage interharmonics
• Mains signalling voltage on the supply voltage
• Rapid Voltage Changes (RVC)
• Underdeviation and overdeviation
• Magnitude of current
• Current recording
• Harmonic currents
• Interharmonic currents
• Current unbalance
• Frequency deviation
• Supply voltage variations
• Voltage unbalance
• Harmonic voltage
• Interharmonic voltage
• Voltage fluctuation and flicker
• Mains signalling and voltages

This draft is intended to increase the interoperability between power quality monitoring systems and any application that needs the corresponding information for operation or post mortem analysis.

Are Object Names like “CircuitBreakerMainStreet” a Security Problem?

Security is a very crucial issue in the power management and automation. There are standards and other specifications that help to “close” the automations, information and communication systems. Several blog posts discuss these issues.

In a discussion recently the problem with semantic names like “CircuitBreakerMainStreet” for process information (signals) was understood as crucial. Would such names make it easier for somebody to attack a system? Why should the problem be in the Name? If you keep the doors to your device or engineering system wide open – you should not be surprised if your system will be hacked and the infrastructure be damaged.

Is there really a difference (from a security point of view) if the identification is “CircuitBreakerMainStreet” or “Staus1829” or just “1829”? There would be an issue if somebody could retrieve the name from the device by a “too open” communication protocol. Even with IEC 61850 it should be prevented that everybody could just retrieve the self-description. Keep the door to the model closed … allow only the configuration engineer to access it. This would require to implement IEC 62351-8 (Role based access) or something similar.

The easiest access to the model (SCL file or any other configuration Excel Sheet) is likely hacking the engineering computer and download the corresponding configuration files – or to work at the engineering company and copy the files ... It does not matter what is communicated later at run-time, if you get the signal designation and the used identifiers in the protocol you can understand the bits on the wire. This applies to all protocols! DNP3, IEC 60870-5-104, Modbus, IEC 61850, CIM, … Profibus, ProfiNet, …

We have to keep an eye on the whole chain – not just look at the protocol and how signals are designated:

The main objective of the IEC 61850 based engineering process resulting in a comprehensive model description like a SCD File (System Configuration Description according to IEC 61850-6, SCL) is to get a system document that is consistent, has less errors and less omissions! Part of the SCD content can be retrieved by self description service of IEC 61850-8-1 – not.

Let’s now look at two persons that use such a comprehensive system document: first person is authorized person using the document and second person is UN-authorized person using the document. Let’s look at two use cases:

Case A: Provide and use “open”, comprehensive SCD File.
Case B: Use proprietary system configuration description.

… and discuss the situation:

	authorized person	UN-authorized person
Case A	Can properly monitor and control the system because the operation is using a consistent and well documented system configuration. Needs to be maintained.	In the (hopeful very unlikely) event of gaining access to the system configuration it may harm the system.
Case B	E.g., especially after some years in operation and after operators have been replaced by new staff, then it may be possible that the operators are not able to properly operate the system!	It is unlikely that the UN-authorized person can do a lot of harm.

I believe that Case A is the preferred one that should be implemented: the possibility to properly operate the system by an authorized person outweighs the potential harm that can be done by an UN-authorized person.

One thing is for sure: Protect the system!! Don’t allow anybody to get on your network or systems, implement authentication, and many more …

What do you think? What is your experience? Are you aware of any analysis on this?

I would appreciate receiving your feedback – or you may just post a comment online.

Finally: One more detail on names:

Just a reminder: The IEC 61850 reporting messages and the GOOSE messages do not need to exchange these names like “CircuitBreakerMainStreet”. The content of these messages is specified by the corresponding DataSets. For Reporting see this blog post.

We have to focus on the WHOLE System!

PhD Thesis about IEC 61850 Process Bus application in High Voltage Substations

A few hours after my offer to post links to further thesis that discuss applications related to IEC 61850, I received very useful information from David Ingram (PhD RPEQ MIEAust CPEng(Aus) SMIEEE, Electrical Engineer). He wrote:

“ …my PhD thesis was on process bus networks looking at SV and PTP. It is freely available for those that are interested.

Title: Assessment of precision timing and real-time data networks for digital substation automation

This project researched the performance of emerging digital technology for high voltage electricity substations that significantly improves safety for staff and reduces the potential impact on the environment of equipment failure. The experimental evaluation used a scale model of a substation control system that incorporated real substation control and networking equipment with real-time simulation of the power system.
The outcomes confirm that it is possible to implement Ethernet networks in high voltage substations that meet the needs of utilities; however component-level testing of devices is necessary to achieve this. The assessment results have been used to further develop international standards for substation communication and precision timing.”

Click HERE to download the full PhD thesis [pdf, 17 MB]. It is quite interesting that his thesis has been downloaded 3 times per day (on average)! He has something important to tell you!

Visit his website with further results of his investigations … you will find many papers related to IEC 61850 for free download.

Dear David, Thanks for your very valuable contributions. Keep going!

Transformer Load Tap Changer Control using GOOSE

Nelli Sichwart wrote 2012 her Thesis

TRANSFORMER LOAD TAP CHANGER CONTROL USING IEC 61850 GOOSE MESSAGING

“… IEC 61850 has many benefits including great flexibility and improved interoperability and
promises to be more widely implemented in the United States with time as is already the case in
many other parts of the world.
This research shows that LTC operation using IEC 61850 is reliable and brings with it all
the benefits that the implementation of IEC 61850 has to offer. Above all, due to elimination of
the majority of copper wiring, the proposed method is very flexible and can be implemented
using a variety of different devices …”

Click HERE to download the thesis [pdf].

Many other thesis related to IEC 61850 have been written:

• IEC 61850 to ZigBee Gateway,
• Implementation of the IEC61850 international protocol for accurate fault location in overhead transmission lines
• Use of Semantic models in Integrated Operations for Oil & Gas and New Energy
• …

Just GOOGLE for further master thesis … You will be surprised.

If you find some other interesting publications (papers, presentations, thesis, …) let me know in order to post it on the blog.

Thanks!

IEC 61850 (MMS) running over LTE

Giang T. Pham did some research on running IEC 61850 (MMS) over LTE. The result is a Master Thesis at the University of Twente:

“Integration of IEC 61850 MMS and LTE to support smart metering communications”

“… The objective of this research is to integrate IEC 61850 MMS and LTE to support communications between smart meters and the central meter data management system. The research includes a literature study of IEC 61850 MMS protocol, focusing on its requirements to support smart metering communication, and simulation-based performance evaluation of IEC 61850 MMS smart metering traffic over LTE network. …

… Since both MMS and LTE support the use of TCP/IP communication profile, the mapping of MMS over LTE to support remote control communication is feasible … the simulation results prove that the integration of IEC 61850 MMS and LTE is not only possible but also provides good performance in term of delay, throughput and packet loss.

Click HERE to download the Master Thesis [pdf].

Why does Security often have a low priority?

During a conversation with a manager of a vendor of Energy Management Systems (EMS) today, I was surprised hearing that they offered a training course on Security measures in 2013 – but had to cancel the course because of too less registrations! Could that be true in 2013?

Here is some information on security measures easy to read and understand – maybe hard to implement:

Whitepaper
Anforderungen an sichere Steuerungs- und Telekommunikationssysteme

White Paper
Requirements for Secure Control and Telecommunication Systems

Click HERE for the bilingual document [pdf]

There is also a companion document (in German) available that gives further guidelines on how to apply the requirements for control center level systems, for communication infrastructure level, and for substations and RTUs:

“Anforderungen an sichere Steuerungs- und Telekommunkationssysteme
Ausführungshinweise zur Anwendung des BDEW Whitepaper”

These requirements are mandatory for vendors!!

Click HERE for the document [pdf, DE].

Every expert in the energy automation business should read, understand, and apply these requirements.

On page 58 you can read (in German):

“Entsprechend den technischen Möglichkeiten sollten in allen Bereichen standardisierte IEC-Protokolle angewendet werden. Der private Bereich dieser Kommunikationsprotokolle sollte nach Möglichkeit nicht verwendet werden.
Eine Verschlüsselung der Protokolle nach IEC 62351 sollte durch den Betreiber geprüft werden, wobei ggf. auftretende Einschränkungen bei der Fehlerdiagnose sowie die notwendige Infrastruktur und Prozesse zur Schlüsselverwaltung berücksichtigt werden sollten.
Dort, wo aktuelle Systeme und Geräte noch nicht die Möglichkeit der Verschlüsselung nach IEC 62351 bieten, sollte die Fernwirkübertragung daher auf den unterlagerten Netzwerkebenen geschützt werden, z.B. durch Nutzung von VPN-Technologie oder SSL/TLS-Tunnelung.
Insbesondere für IP-basierte Protokolle sollten entsprechend sichere Netzwerkstrukturen vorgesehen werden (siehe 2.3).”

By the way, the whitepaper can be used by English speaking experts to learn German – and vice versa ;-)

infoteam software supports IEC 61850

Programming application software using OpenPCS (infoteam implementation of IEC 61131-3) is one of the well known options in the PLC world. OpenPCS also incorporates IEC 61850 client/server and publisher/subscriber roles as well as SCL configuration. The result is, for example, a powerful “Smart Grid Controller”:

Click HERE for more information [EN].
Click HERE for more information [DE].