FDIS of Edition 2 of IEC 61400-25-2 and IEC 61400-25-3 approved

Two final draft international standards of the series IEC 61400-25 have been approved by 100 % of the members on 2015-05-22:

IEC 61400-25-2 Ed.2: Wind turbines -
Part 25-2: Communications for monitoring and control of wind power plants -
Information models

IEC 61400-25-3 Ed.2: Wind turbines -
Part 25-3: Communications for monitoring and control of wind power plants -
Information exchange models

This situation proofs that the core parts of the standard series IEC 61850 and IEC 61400-25 are mature and available.

It is very likely that those vendors and users that were waiting for the second edition are now speeding up to implement and use IEC 61400-25.

Draft IEC 61850-90-2 for Substation to Control Center Communication published

The substation (or power plant or …) to control center communication is historically based on hundreds of protocols. Among those you will find also protocols like IEC 60870-5-101, IEC 60870-5-104 or DNP3. The original scope of IEC 61850 was (politically) restricted to substations. From a technical point of view it was expected from the very beginning of the work on IEC 61850 that it could be used also for this and many other use-cases.

After several years of work on the official document it is now available for final vote:

57/1578/DTR (164 pages):
IEC 61850-90-2 TR Ed.1
Communication networks and systems for power utility automation –
Part 90-2: Using IEC 61850 for the communication between substations and control centres

The voting ends on 2015-07-24

This document is very important for the communication with control centers. It covers crucial aspects:

1. Information modeling (proxy/gateway),
2. Information models (use of existing models and extensions)
3. Configuration language and engineering,
4. Information exchange services (redundancy, …)
5. Security aspects

for the following use-cases:

1. Telecontrol
2. Synchrophasor
3. Disturbance
4. Counting
5. Power Quality
6. Asset
7. Parameter configuration

The document contains many examples that help to understand the different use-cases.

This document closes one crucial gap in the information exchange of many different systems, e.g., substations, power plants, hierarchical control centers, with control centers.

The most crucial aspect is the application and extension of SCL (System Configuration Language – IEC 61850-6).

Several useful extensions are defined, e.g., the link between a proxy/gateway model and the original model. To support end to end testing through the Proxy/Gateway functional links between the data objects in the Proxy/Gateway server and the original source of information in a substation IED can be expressed as the following example shows:

<LN lnClass="MMXU" lnType="MMXU" inst="1">
   <Private type="eTr-IEC61850-90-2">
      <eTr-IEC61850-90-2:ProxyOf externalScl="Substation" iedName="IED2" ldInst="MEAS"
      lnClass="MMXU" lnInst="1"/>
   </Private>
</LN>

Links can be created on each level of the data model using the element:

eTr-IEC61850-90-2:ProxyOf

This new part contributes to the vision of a SINGLE seamless information exchange solution for the whole domain of power delivery (generation, transmission, distribution, use).

Just started: Grid 3.0

Have you heard about “Grid 3.0”? This seems to be the next phase of the power delivery system. Recently several U.S. organizations have discussed the future of the power delivery system. According to their view there are 3 phases so far:

• “Grid 1.0” can be thought of as the legacy grid of the 20th century
• “Grid 2.0” is the emergence of the smart grid with automation and information technology improvements, and
• “Grid 3.0” is what comes next: for example, a future grid with advanced grid operations and greater interactions with consumers and other infrastructures.

Click HERE to access a list of presentations from the

Grid 3.0 Workshop
March 26 to March 27
at NIST, Gaithersburg, MD

Click HERE for a workshop summary.

We are currently in all three phases at the same time. Most of the systems are still legacy (for the next 20+ years), a few start to use automation and information technology, and some start to think about the future … power engineers have always thought about the future (even 130 years ago). One of the big issues in Grid 2.0 and Grid 3.0 is the need for interoperable of systems. We can reach a high level of interoperability – if we want! This is less a technical issue. It all depends on decisions to be made by humans. If we decide to get it, we can get it. Some may not like interoperability at all. Or?

Anyway, let’s assume we get there: Would we then generate Data Tsunamis all over? It is likely that people start to push every data into the cloud – expecting that somebody may use it.

Make sure that you understand your needs – before you look for a protocol or a data model. We have a single protocol for most near-real-time data (IEC 61850-8-1) and data models for almost everything. But does everybody need everything? No!

The big question is: What do you need? To answer this: You need to understand your application.

IEC 61850 meets Fieldbus: Bridge between Profinet and IEC 61850

Industrial automation systems highly rely on many different fieldbusses – one of the crucial Ethernet-based fieldbusses is the Profinet IO (defined in IEC 61158). IEC 61850 is THE standard for information modeling, information models, system and device configuration, soft-realtime communication (GOOSE and SV), and SCADA communication (event reporting, control, exchange self-descrition online from device, logging, statistical and historical statistical information, alarms, ….recording).

Information exchange between (1) power system protection and automation in power transmission, distribution, and power generation (central and distributed) and (2) industrial automation systems is one of the crucial needs for energy efficiency and smart(er) grids.

A new bridge between the two domains is now offered by HMS (gateway SG-40): bridging Profinet to IEC 61850.

HMS – a Swedish based company with 370 employees worldwide – has delivered products integrated in millions of devices around the world.

Key features of the SG-40 Profinet Gateway are:

• Web based programming with predefined function blocks
• Optional IEC61131-3 compliant CODESYS softPLC programming 
• PROFINET IO slave
• Additional industrial Ethernet networks supported with Anybus technology
• Modbus TCP client
• Modbus RTU master
• IEC61850 client/server
• IEC60870-5-104 server
• OpenVPN client
• Integrated firewall

The family of the smart grid supporting devices offered by HMS comprises the following the device types (for many different applications):

Click HERE for more information you can find at the HMS website.

The SG-40 supports a variety of mappings between several protocols:

1. IEC 61850 device information mapped to Profinet IO to expose IEC 61850 information to the industrial automation world:

2. Profinet IO information mapped to IEC 61850 device information to expose fieldbus information to the power delivery automation IEC 61850:

3. Many other mappings are supported (to/from Modbus, IEC 60870-5-104, DNP3, …).

All signals can be mapped in both directions.

The SG-10, SG-11, and SG-40 devices are using a Web-Browser for a very simple graphical programming tool. No other tools – except Web-Browser – are needed.

A 15 minute video explains the basic concepts of the gateways SG-10, SG-11 and SG-40. These devices provide a highly standardized and easy approach of bridging signals between multiple standard information exchange systems.

The configuration of the devices is very simple … no tool other than a web browser is needed to configure the input and output signals coming from (going to) the devices connected to various communication systems.

The devices can play one or all roles of IEC 61850 (Server, Client, Publisher, or Subscriber) in parallel. This allows to “collect”, e.g., many signals from a substation as a client and expose them into a Profinet network; or “collect” signals from the Profinet slaves and master and map them to an IEC 61850 Server.

This allows a very short time-to-market integration of the information of power related information into the industrial automation and vice versa.

One key-point is: The standard series IEC 61850 is the ONLY standard that offers a very comprehensive information model for all crucial power delivery system needs!

Are You Looking for IEC 61850 Related Publications?

Here is a very interesting link to a database (GetInfo - The Portal for Science and Technology) that lists some 830 publications related to IEC 61850. You can search for authors and contributors.

Click HERE for a search on “IEC 61850”.

Renewable Energies and Energy efficiency in your Neighborhood

I just came about the following interesting website showing a map of thousands of renewable resources in Europe:

http://www.repowermap.org/index.php?ln=en

You may search for Frankfurt or other cities:

The map shows some 60,000 examples. You can add your own PV system or …

Enjoy!

Could a Power Outage of an Airplane happen in the Air?

Yes, a power outage of an modern airplane could be caused by a simple software problem – related likely to a wrong assumption. What does this mean for the future power systems?

The following official report from the U.S. Government FAA, dated May 01, 2015 says that a

“Boeing Model 787 airplane that has been powered continuously for 248 days can lose all alternating current (AC) electrical power due to the generator control units (GCUs) simultaneously going into failsafe mode. This condition is caused by a software counter internal to the GCUs that will overflow after 248 days of continuous power. …

The software counter internal to the generator control units (GCUs) will overflow after 248 days of continuous power, causing that GCU to go into failsafe mode. If the four main GCUs (associated with the engine mounted generators) were powered up at the same time, after 248 days of continuous power, all four GCUs will go into failsafe mode at the same time, resulting in a loss of all AC electrical power regardless of flight phase.”

Click HERE for the full report.

What is the lesson we can learn from this situation? I guess simply this: If you have to program something you need to know precisely under which assumptions the “something” should work. Usually you have to make firm assumption under which the “something” will work. If you would assume (for example) that an airplane of model 787 would never be powered continuously longer than 90 days, then the counter would not overflow under normal conditions.

But: If this assumption is wrong, then the counter could overflow.

I guess that we quite often design systems under assumptions that may be valid at time of the design – but that may show later that they were quite wrong! Some 40-50 years ago it was not assumed that the traffic in 2015 would be as is is now. Or?

The power utilities assumed some 15 years ago that PV-Power (mainly installed on roofs) should just be understood and treated as negative power connected to the grid – so that there was no need to invest in power management and automation systems. I remember such discussions in the German national standardization (DKE). Within a short time period they had to learn that the assumption was wrong! Now we have almost 40 GW of installed PV systems.

The next wrong assumption could likely be the number of Batteries connected to the power grid. The needed investment in the future power system will highly depend on the assumption on how fast the installation of batteries will happen! I have talked recently to utility experts that they fear a fast growth of network connected batteries. The batteries behave different compared to Wind Turbines and PV systems – batteries can import and export energy. They can change their behavior within very short time. A sudden huge power flow change of millions of battery systems could cause power outages.

So, MUST we assume that this could easily happens or not? Depending on our answer, we have do spent more or less Euros or Dollars … Experts that don’t want to invest a lot more will argue, that it is unlikely to happen.

The (wrong) assumptions of today could likely be the reasons of power outages in the near future. The bad side of the assumption that the installation of battery systems will grow fast is: It will require a lot of more efforts to keep the power system reliable.

I guess we will see increasing numbers of batteries being installed after yesterdays announcement (May 01, 2015) of the new Partnership for Global Energy Transformation: LichtBlick (Germany) integrates Tesla Battery Storage (US) into Energy Markets.

A crucial key component in the future power systems is related to information management and standardized information exchange with IEC 60870-5-104 and IEC 61850. VHPready is an important step to support LichtBlick and many other companies.

The Complete Content of the IEC 61850 News Blog is now Available as Single PDF Document

For those readers of this IEC 61850, IEC 60870-5/6, DNP3, … news blog that want to get the complete content as a single pdf document, it is just a click away … it contains 1000+ posts from 2008 until 2015-04-28. Once you have downloaded the file you can easily browse the content … search … mark … copy … You will find useful information about the standards, vendors like ABB, HMS, Siemens, or utilities …

Click HERE to download all posts of the IEC 61850 blog in a single pdf [11.3 MB, 766 pages DIN A4]

Enjoy.

In case you have a question, drop us an EMAIL.

OPC Server using an IEC 61850 Client

OPC (DA and UA) is used quite often for higher level communication between PLCs and SCADA servers. How could you tap IEC 61850 information for communication to an OPC Client?

First of all, you need an IEC 61850 Client that talks to IEC 61850 Servers or receives GOOSE messages. Second, you need an OPC Server that sits on top of the IEC 61850 Client.

Softing (Nuremberg/Munich, Germany) offers such an OPC (DA and UA) Server with an IEC 61850 build-in client. The client automatically detects all logical nodes and data objects and converts them automatically into OPC items:

 

OPC Server (DA and UA, dataFEED OPC Suite) with the build-in IEC 61850 client as well an OPC demo client from Softing is available, contact: http://industrial.softing.com/en

A free of charge copy of the dataFEED OPC Suite and OPC Client is available for interested attendees of NettedAutomations training courses.

Click HERE to check a Video with a brief demo on how to use the dataFEED in conjunction with IEC 61850.

What is “Control with Enhanced Security”?

The IEC 61850-7-2 Control Model defines several operation modes:

• Status Only
• Direct control
  - normal security: Operate, TimeActivatedOperate, Cancel
  - enhanced security: Operate, TimeActivatedOperate, Cancel, CommandTermination
• SBO control (Select Before Operate)
  - normal security: Select, Operate, TimeActivatedOperate, Cancel
  - enhanced security: SelectWithValue, Operate, TimeActivatedOperate, Cancel, 
     CommandTermination

Have you ever tried to understand, implement, or use the option “Control with enhanced security”? The term can be quite misleading for people to believe that it has something to do with Cyber Security! No, it is not linked to that kind of security – even every operate command shall be secured by communication security measures.

So, what is it then? Usually I have explained it with the following slide.

Here is a one of many understandable use-cases for a specific switchgear (based on an email exchange with a very good friend of mine – a real switchgear expert … that believes in IEC 61850):

The proper name should be “Control with Confirmed Feedback”, so that any interlocks in the switchgear (can be abstract as well), need to be in the De-active state for the switchgear to report “Command Termination”, which would mean: the Control Element is now ready for another Operate service request.

A circuit breaker (CB) spring (drive) mechanism may work that it is only charged when the CB is Opened or Tripped. Then the energy in the spring mechanism would be enough to perform a Close Operation as well as a Trip Operation.

As the Trip mechanism does not need spring re-charging, it is instantaneous. However, there is a big delay after the Trip operation which is needed for the spring to charge or reset the mechanism again.

Although the indication of Trip will be instantaneous and reported spontaneously, however the switchgear cannot accept a new command since the spring mechanism is being recharged. During this time, the unit will not transmit the ‘Command Termination’ message so that a new command cannot be initiated. Once the spring is successfully charged, a ‘Command Termination’ message is transferred.

The CB mechanism example given above is one of many… there are some linear actuators which can Over-shoot during the process of operating the switch, this is then re-adjusted (i.e., brought to the normal position) after the instantaneous status change. The extra time needed to re-align actuator position (or to bring the actuator in the dead zone), will be the time after which the ‘command termination’ message is sent out.

Lesson learned: Ask always the domain experts!

Any question on IEC 61850?

Draft IEC 61850-8-2 SCSM – Mapping to XER and XMPP

Some 20 years after the first draft IEC 61850-8-2 SCSM (Mapping to Profibus FMS) we could expect the real IEC 61850-8-2 to be available by end of 2015.

The draft 8-2 provides an additional mapping of the messages of MMS by XER (XML Encoding Rule) and XMPP.

The MMS messages for IEC 61850-8-2 (above TCP/TLS/XMPP) are just differently encoded as in IEC 61850-8-1, as can be seen by the following example:

ASN.1 BER uses a binary encoding that produces less overhead compared to XER. But there will be many benefits provided by IEC 61850-8-2.

According to a presentation by Siemens during the Hanover Fair 2015, these are the main conclusions:

1. It provides a secure and powerful communication for public networks considering end-to-middle and end-to-end security relations
2. IEC 61850-8-2 is intended to use for power management and demand response of DER (distributed energy resources)
3. In 2015 the IEC TC57 working group WG17 will finalize and publish this new specification

Click HERE for the full presentation [pdf, 3 MB]

Attacks doubled on SCADA systems

According to a recent Dell Report the security of SCADA systems is very poor:

“Industrial operations often use SCADA systems to control remote equipment and collect data on that equipment’s performance. Whereas the motive behind POS and secure web browser attacks is typically financial, SCADA attacks tend to be political in nature, since they target operational capabilities within power plants, factories, and refineries, rather than credit card information. In 2014, Dell saw a 2X increase in SCADA attacks compared with 2013.

We saw worldwide SCADA attacks increase from 91,676 in January 2012 to 163,228 in January 2013, and 675,186 in January 2014.

The majority of these attacks targeted Finland, the United Kingdom, and the United States, likely because SCADA systems are more common in these regions and more likely to be connected to the Internet. In 2014, Dell saw 202,322 SCADA attacks in Finland, 69,656 in the UK, and 51,258 in the US.”

Click HERE for the full Dell Security, Annual 2015 Threat Report

It MUST be mandatory to implement and use measures as defined, e.g., in IEC 62351!!

Yes, it costs money – but it may cheaper to spent the money now and not later when the damages happen.

Don’t accept excuses.

Background and Personal Experience of Karlheinz Schwarz

Do you need help regarding IEC 61850, IEC 61400-25, IEC 60870-5-104, DNP3, IEC 62351 (Security), CIM, IEC 61158 (Fieldbus), Modbus, …

Click HERE for a description of personal experiences, capabilities, ... find an introduction on IEC 61850, list of training modules, feedback from attendees, list of courses, countries, and pictures (updated 2015-04-11) [pdf, 4.3 MB]

IEC 61850 at the Hannover Messe 2015

Products and Services regarding IEC 61850, IEC 60870-5-104 and other standards can be seen in action, e.g., at these booths:

SystemCorp, Perth, Australia
Booth C35/4 in Hall 13

Click HERE for details and a free entrance Ticket.

Beck IPC, Wetzlar, Germany
Booth C35/5 in Hall 13

Click HERE  for details and a free entrance ticket.

HMS Industrial Networks, Halmstad, Sweden
Booth D35 in Hall 8

Clicke HERE for details and a free entrance ticket.

IEC 61850 Seminar und Training: Erfolgreiche Serie in Deutsch wird auch 2015/2016 weitergeführt

Die erfolgreiche Serie von IEC 61850-Seminaren und Hands-On-Training-Kursen in deutscher Sprache wird auch in diesem und nächsten Jahr weitergeführt. Die drei ersten Termine in Karlsruhe wurden von insgesamt 28 Teilnehmern aus Deutschland wahrgenommen! Das Interesse an kostengünstiger Ausbildung in Bezug auf Normen wie IEC 61850, IEC 61400-25 oder IEC 60870-5-104 ist mittlerweile groß!

NettedAutomation bietet weitere drei Termine für das dreitägige Seminar und Training in Karlsruhe an:

26.-28. Oktober 2015
11.-13. Januar 2016
14.-16. März 2016

In über 200 Seminaren und mit mehr als 3.800 Teilnehmern aus über 900 Firmen und über 80 Ländern geschult ... und ist damit die erfolgreichste herstellerunabhängige Schulung und Training in Deutsch und Englisch!

Anlässlich der Hannover Messe 2015 bieten wir für die dreitägige Schulung einen nahezu

unschlagbaren Sonderpreis von 790 Euro

an!

Kicken Sie HIER für weitere Details wie Programm, Schulungsort und Anmeldeformular.

Weitere Seminare (beispielsweise speziell für Schutzingenieure) finden Sie HIER.

Personal experience, capabilities, of Karlheinz Schwarz ... introduction on IEC 61850, training modules, feedback from attendees, list of courses, countries, and pictures
(updated 2015-04-11) [pdf, 4.3 MB]

Will Information Networks become the “Backbone” of the Power System?

Information sharing between any kind of intelligent devices is a crucial need for today’s an the future Power Delivery Systems. It requires a huge infrastructure to send information back and forth.

Who do you think will put a lot of efforts into the infrastructure to get control over the information to be shared? Will protection engineers or mechanical engineers (e.g., of wind turbines) gain control over the information infrastructure? I guess that it will work the other way around: The specialists of network infrastructure will have a big impact on how the information will be shared in future.

One of the many activities is supported by a special group within the IETF (Internet Engineering Task Force): Energy Management (EMAN)

Excerpt from the current Applicability Statement

“Abstract

The objective of Energy Management (EMAN) is to provide an energy management framework for networked devices. This document presents the applicability of the EMAN information model in a variety of scenarios with cases and target devices. These use cases are useful for identifying requirements for the framework and MIBs.

…

1. Introduction

The focus of the Energy Management (EMAN) framework is energy monitoring and management of energy objects [RFC7326]. The scope of devices considered are network equipment and their components, and devices connected directly or indirectly to the network. The EMAN framework enables monitoring of heterogeneous devices to report their energy consumption and, if permissible, control. There are multiple scenarios where this is desirable, particularly considering the increased importance of limiting consumption of finite energy resources and reducing operational expenses.”

Click HERE for the current “Energy Management (EMAN) Applicability Statement, draft-ietf-eman-applicability-statement-10”

From an information sharing point of view there is no difference between information of a router or Ethernet Switch and a protection, monitoring or control IED (Intelligent Electronic Device) in the sense of a Fieldbus, DNP3, IEC 60870-5-104 and IEC 61850.

Finally IETF could play a major role in the world of networked devices – including everything that is believed today as somehow special: Field devices on one of the hundreds of fieldbusses, IEDs in the Power delivery systems, etc.

If you are looking for a unique (single standard) that is accepted and used all over the globe: It is IEC 61850. Use the ORIGINAL. A mapping of the IEC 61850 objects (IEC 61850 Logical Nodes and DataObjects) onto a MIB and SNMP could make sense – especially when the structures are used unchanged. The same is true for a mapping of specific MIBs for Ethernet Switches and Routers. This is already happening in IEC 61850-7-4 Ed2 for some network related information, e.g., in:

LN LCCH: Physical communication channel supervision:

More to come.

The motto of NettedAutomation GmbH since 2000 is: “The Net is The Automation”.

Can Power Outages impact the application of IEC 61850?

Yes – it can. Why? More often we receive reports on power outages caused by aging components of the grid. Upgrading many aged insulators, transformers, lines, … costs a lot of money! This money is not available for new technologies! Yes!

Yesterday it was an insulator that broke. The 220 kV line dropped to the ground and caused a blackout in the Washington (DC) and other areas. They were surprised that they “did not know why the outage rippled to far from the Ryceville switching station.”

Click HERE for a news message on yesterdays event at Ryceville switching station.

A similar incident happened back to 2009 in Auckland, New Zealand, which had a direct impact on IEC 61850 applications. Excerpt from a report on February 13, 2009:

“A power lines company is getting flak from the government after one of its conductors collapsed on to houses, trapping people in south Auckland. Amazingly, no-one was hurt when Transpower's monster 220,000 volt line came crashing down late on Friday morning.

The incident comes just 10 days after a Transpower transformer failed and plunged 75,000 Auckland residents and businesses into darkness for two hours.
"It's just totally unacceptable," says John Key, Prime Minister. "So look, there is going to be a massive expenditure on the upgrading of Transpower's grid and I'm making sure that that network is not only more reliable, but safer," he says.
Transpower is investigating the latest incident and feeling the political heat. "It's fallen into a residential area that's been built under the lines since the line was constructed in the fifties and sixties. But no, it's not good enough," says Kieran Devine, Transpower operations manager.”

Click HERE for the (old) news on the Transpower incident.

The Transpower incident had a direct influence on a project to get experience with IEC 61850 in substations. The project was stopped and my consultancy contract with Transpower was canceled soon after the incident happened.

The aging infrastructure is about to “eat” a good part of the funding for new technologies … including implementation of cyber-security measures. So it is no surprise that in some cases in the U.S we see routable protocols being replaced by serial links! This saves a lot of dollars.

Excerpt from a GarretCom paper on non-routable protocols:

“… When only non-routable protocols are used, substations with critical assets are networked
without requiring the use of Critical Cyber Assets (CCAs) at remote substations, as defined in CIPstandard CIP-002. Avoidance of “CCAs” means that the other CIP-002 to CIP-009 requirements do not
apply at these substations, which will likely defer significant implementation costs and ongoing
administrative overhead associated with CIP compliance.”

Click HERE for the complete report. See also HERE or HERE for more details on the NERC CIP on non-routable protocols.

Secure Power Delivery Systems and Secure Communication

The power utility domain is facing a lot of challenges these days. There are environmental, technical, political, security-related, and market-related issues that require a new design of the whole chain of design, procurement, installation, operation and maintenance of systems that are needed to provide the needed power to the users of power.

There are tons of lists that require this and that. Take the cyber security aspect: You will find many documents that could help you to procure the right solution. One of the latest documents provides helpful text to write down the needs for “Cyber security of Power Delivery Systems”:

“Cybersecurity Procurement Language for Energy Delivery Systems”

Written by US-Experts and published last year.

Click HERE for a copy.

Many (likely most) publications on securing our infrastructure are assuming a mainly hierarchical and centralized Power Delivery and Automation Systems as described in the following (excerpt from the above document, page 1):

“Energy delivery systems comprise the following:

• The sensors and actuators used for monitoring and controlling energy delivery processes.
• The computer-based systems that analyze and store data.
• The communication pathways and networks that interconnect the various computer systems.

Cybersecurity threats, whether malicious or unintentional, pose a serious and ongoing challenge for the energy sector. Today’s highly reliable and flexible energy infrastructure depends on the ability of energy delivery systems to provide timely, accurate information to system operators and automated control over a large, dispersed network of assets and components.”

The cyber security requirements could be lowered dramatically in case we think of a more de-centralized Power System that would need a de-centralized Automation System over a small local system of assets and components – requiring a minimum of operational communication with the next hierarchy level.

It seems to be in the interest of manufacturers of network infrastructure to implement huge systems to control a large, dispersed network of assets and components. Sure: This would require a huge, secure network infrastructure – a huge and long-term business case. Cyber-Security seems to be a new support programme to the vendors of communication and automation infrastructure.

As we have experienced, more or less (intended!) simultaneous control commands to a huge number of assets could danger the stability of the power network. I guess that the risk in using a highly cyber-secure network (for monitoring and control) in a large hierarchical power system is much bigger than the risk of a “less” secure network (for monitoring and control) in small de-centralized, self-organizing power systems.

A cyber-secure network is one issue – the (physical and technical!) architecture of our future Power Delivery System is another.

Why don’t we pay more attention to distributed Power Delivery Systems that require distributed monitoring and control? Exchanging measurements, status, settings, and control commands in a huge hierarchical automation system will always be compromised by some people.

Would you trust an avalanche of measurements and status points arriving from millions of sensors communicated in a second? Would you trust that a setting going to millions of controllers will be interpreted in the same way? Or what’s about a control commands send out to ALL actuators? The un-thinkable is already a reality. It happened already last year in Bavaria and Austria.

I experienced the mis-interpretation of the power of my green laser pointer when I went through security of an international airport. My pointer has a power of “<1mW”. I was near to be arrested because the police officer was reading “one MegaWatt” … Fortunately I could help to translate “m” to “Milli”. Finally I had to check-in the pointer before I could go onboard.

I guess that one of the biggest challenges is to find an architecture of our future power delivery system that requires just a few or no measurements, status, settings, and control commands being exchanged between millions of interconnected intelligent devices and systems.