Monday, February 5, 2018

FMTP, NettedAutomation and other Experts Offer New Training Courses for Power System Automation, Protection, Smart Grid, and Security

FMTP Power AB (Uppsala, Sweden), KTH (Royal Institute of Technology Stockholm), Håvard Storås (Security expert), and NettedAutomation GmbH (Karlsruhe, Germany) have each long-term experience in the application of standards for protection and control as well in secure communication and SCADA applications.
FMTP and NettedAutomation in coopration with other senior experts offer the most comprehensive and vendor-independent education and practical training courses – they combine their knowledge and practical experience in the following areas:
  1. Substation control and protection, system design, engineering, and testing
    (Mr Andrea Bonetti who worked for ABB, Megger, and STRI),
  2. Smart Grid (Mr Lars Nordström, Director and Professor at KTH – Royal Institute of Technology Stockholm), 
  3. IT, OT & Cyber Security
    (Expert Mr Håvard Storås) and 
  4. Communication technology and SCADA ... market penetration and solutions(Mr Karlheinz Schwarz who worked for Siemens in the 80s and 90s):
We offer the following comprehensive training options:

(English: Andrea Bonetti, Prof. Lars Nordström, 
Håvard Storås, and Karlheinz Schwarz): 

12-16 March 2018 (book 3, 4 or 5 days)

Click HERE for details

(English: Andrea Bonetti, Håvard Storås, and Karlheinz Schwarz):

23-27 April 2018 (book 3, 4 or 5 days)

Click HERE for details

(Deutsch: Karlheinz Schwarz):

14-17 Mai 2018

04-07 Dezember 2018

HIER für Details in Deutsch klicken.

Friday, December 29, 2017

New Merging Unit Development Kit

A new Merging Unit Development Kit based on the NovTech IoT Smart Grid Platform with Intel Cyclone V SoC Core is available for your next project.
Utility companies are adapting their infrastructures to support bidirectional energy flow to handle the emergence of DER (Distributed Energy Resources) via microgrids, photovoltaic panels, and local energy storage. As distributed energy generation increases, new intelligence of sensors, measurement and protection equipment will be required to process data at the edge. Also with the increase in variable DER, it is more challenging for substations to deliver sinusoidal and predictable steady-state voltage and current. Utility companies rely on substation metering of secondary voltage (VT) and current transformer (CT) circuits to detect performance issues and to provide vital information in real time to distributed digital protection nodes.

To satisfy this need, SystemCORP and Intel developed an IEC 61850-9-2LE compliant merging unit solution in form of a demonstrator/development platform.

This development kit consists of 6 parts:

  1. NovTech IoT Octopus Smart Grid IoT Platform
  2. SystemCORP VT/CT Interface board
  3. SystemCORP IEC 61850-9-2LE Sample Value software stack (PIS-11) on ARM Cortex A9 core 1
  4. SystemCORP IEC standard 61850 server/client software stack (PIS-10) on ARM Cortex A9 core 2 (optional)
  5. Flexibilis embedded FPGA analogue front-end IP core
  6. Flexibilis Ethernet PRP/HSR FPGA IP core (optional) 

Click HERE for more information.

Saturday, December 9, 2017

IEC TC 57 Publishes Draft for Basic Application Profiles (BAPs)

IEC TC 57 just published Draft for Basic Application Profiles (BAPs):

Development of IEC TR 61850-7-6 (57/1946/DC):
Communication networks and systems for power utility automation
Part 7-6: Guideline for definition of Basic Application Profiles (BAPs) using IEC 61850

Different types are possible:

  1. User profile –defined subset that is valid for a specific user / community of users (e.g. utility)
  2. Domain profile - defined subset for a specific domain and relevant use cases (e.g. asset management)
  3. Basic Application Profile (BAP) – standardized subset defining an atomic application function (e.g. reverse blocking)
  4. Application profile - profile covering a specific application mostly based by aggregating BAPs e.g. busbar protection)
  5. Device profile – profile covering a typical IED functionality e.g. Merging Unit, IEC 61869-9)
  6. Product profile – implemented subset in a specific vendor product

Comments on this draft are due by 2018-01-19.

How many employees will drive an electric vehicle?

A German manager recently said that 500 employees of his company drive by car to the company every workday. He expects that in the future 250 will use electric cars and will charge their cars within the first hour after they arrived. The company would need 10 times more power than today!
Ok! Hm!?
What do you think about these assumptions? 250 EVs charging in the first hour!?
As an engineer I am wondering that experts come up with such examples. First of all, I do not expect that 50 per cent of the car owners will buy an electric car in the next years. Even if they would do, why do 250 car drivers want to charge at the companies car park in the morning when they arrive?
He concludes that "we engineers have not yet thought through to the end".
I guess a lot of engineers have thought through to the end - but not many engineers or politicians are listening!

Click HERE for the report "Netzstabilität braucht Digitalisierung und Automatisierung" in the vdi nachrichten (German).

These discussions remind me of the situation in the early 80s when we had the discussion on CSMA/CD (Ethernet, IEEE 802.3) versus Token Passing (IEEE 802.4). Under the assumption that we have a shower of messages to be sent by all attached devices at the same time, we found that Ethernet could not efficiently manage the communication due to many collisions. Token Passing was understood to manage such a situation very well. Ok.
Another assumption, high load from one device only, could easily be managed by CSMA/CD - but Token Passing would end up in very low throughput ... many other assumptions could be made.
So, what is the realistic assumption for communication? Nobody knows - it all depends.
Finally Switched Ethernet (a major new development) solved the collision problem ... and Token Passing more or less became obsolete in the automation world.

In the energy domain we need first to find the future new mix of power generation and how to store, transmit, distribute, and use the power - then we can think about automation and communication. The most crucial issue may be: Who is paying for all the changes?

By the way: We (many engineers) know how to communicate: IEC 61850 is one of the most crucial solution ... and how (not yet what) to automate.

Tuesday, November 21, 2017

Cigré -- Free of Charge Download of Publications related to IEC 61850

Non Cigré Members can download free of charge publications that are over three years old. Cigé is the international association and body of knowledge for the power sector:

Click HERE for a list of IEC 61850 related publications - many are older than three years.


Monday, November 13, 2017

IEC 61850 Training in Deutsch mit Jubiläumsrabatt

An alle an IEC 61850 Interessierten,
NettedAutomation bietet das viertägige IEC 61850 Intensiv-Training
vom 05 bis 08. Dezember 2017 
in Karlsruhe
zu einem ***unschlagbaren Jubiläums-Sonderpreis*** von 750 Euro (netto) an!

Hier für das Anmeldeformular klicken.

Bei der Anmeldung bitte den Sonderpreis vermerken!

Weitere Termine:
14.-17. Mai 2018
04.-07. Dezember 2018

Wir haben mehr als 4.300 Experten in mehr als 240 Kursen geschult - überall auf der Welt!

Wir bieten Ihnen auch gerne ein Inhouse-Seminar an.

Wir würden uns freuen, Sie am 05.12. in Karlsruhe - direkt neben dem Weihnachtsmarkt - begrüßen zu können!

Saturday, November 11, 2017

First Amendment of IEC 61850-4: System and Project Management

IEC TC 57 just published the IEC 61850-4 Amendment 1 (57/1922/CDV)
– Communication networks and systems for power utility automation
Part 4: System and project management

The main extensions of the edition 2 are:
  1. New sub-chapter 5.3.6 describes the engineering tool workflow and its chronology (which SCL files are exchanged in between configuration tools) through 3 use cases: the classical use case, the change of system tool and the interaction between 2 projects.
  2. New sub-chapter 6.4 talks about backward compatibility and deals with replacement or extension whatever the component is provided by the same or different manufacturer. To do so, it scrutinizes through 4 use cases, what kind of impacts could be acceptable for IED or tools.
The ballot closes 2018-02-02.
The CDV (committee draft for vote) is accessible for PUBLIC comments by every interested person.

Note that the amendment has already been blended into the edition 2 document for easier reading: 57/1923/INF

These extensions answer a couple of questions that come up during every seminar and in many discussions. They are extending the explanations of SCL (part 6).
The document is worth to study.

Friday, November 3, 2017

What happens during a blackout - Comprehensive Report of the German Parliament's study

published in 20111 a very comprehensive report:

What happens during a blackout - 
Consequences of a prolonged and wide-ranging power outage

Infrastructures such as a reliable energy supply, functioning water-supply and wastewater-disposal systems, efficient modes of transport and transport routes and also information technology and telecommunications technology that can be accessed at all times represent the lifeblood of high-technology industrialised nations. The Committee on Education, Research and Technology Assessment therefore commissioned the Office of Technology Assessment at the German Bundestag (TAB) to investigate the possible effects of a prolonged and widespread power blackout on highly critical infrastructures such as drinking water, wastewater, information and communications systems, financial services and health services, especially against a backdrop where the blackout has a cascading effect spanning state and national boundaries.
In Germany, several recent natural disasters and technical malfunctions (Elbe and Oder floods in 2002/2005, power blackout in the Münsterland in 2005, the Kyrill storm in 2007) have highlighted the population’s dependence on such (critical) infrastructures. Supply bottlenecks, public safety problems and disruptions to road and rail transport have revealed the vulnerability of modern societies and made extreme demands on health, emergency and rescue services...."

Click HERE for the 250 page report [English].
Click HERE for the German version.

The report is one of the best descriptions I have seen. It is really worth to read, to understand and to follow.

If you want to understand what power outages could mean to a society (in a warm region - not in c(o)ld Germany), study the following reports:
Click HERE for the report "Puerto Rico 'heartbreaking' five weeks post-storm"
Click HERE for the report "Puerto Rico Struggles With Power Recovery ..."
Click HERE for further information

I hope something like that will not happen during winter time in Germany.
Note that we have more than natural disasters: Man-made aging infrastructures and aging workforce. 

Thursday, November 2, 2017

Port Scanning in a Substation - May be a No-Go

Security is more than a buzzword these days. You should be very serious about the security of your substation protection and automation system.
Joe Weiss asked yesterday:
Are the Good Guys as Dangerous as the Bad Guys – an Almost Catastrophic Failure of the Transmission Grid
What happened? A port scanning tool in an IEC 61850 GOOSE based substation protection system had a very negative impact on the GOOSE publisher and subscriber: The Relays stopped to operate!! They had to be manually rebooted.
Port scanning may provide a lot (too much) of stress to the devices and communication system. Such a crucial load has to be taken into account during the design of the devices and of the whole system. Theoretically this payload should be taken into account as part of the system engineering ... part of the System Configuration Description (SCD). Any unexpected traffic avalanche may have a serious impact on the stability of the system!
Click HERE for Joe's report.

I guess that the GridEx network monitor would have raised the red flag seeing the message avalanche in the transmission substation.

Lesson to be learned:
Any non-operational load on a critical network should be treated very careful. IT and OT people have to work together and make sure that such test tools do not put too much stress onto the devices connected in a substation or any other system:
Teamwork makes the dream work - and keeps the power flowing!

Click HERE for a discussion of port scanning ... written long time ago (2001 !!)
Click HERE for a worth to read report on how to apply IEC 62443.

My friend Andrea Bonetti (FMTP) responded as follows:

Dear Karlheinz!
What you have described is unfortunately a known problem.
It is really not at all the first time that it happens in the last 10 years, but it is maybe the first time that it is presented to the public.
I would like to stress-out that this problem is NOT related to IEC 61850 but it is related to the correct usage of digital technology.
Similar situations happened also “before” when proprietary digital technology was used. Maybe they were just more difficult to disclose because also the tools were proprietary.
Regarding GridEx, it would have detected the loss of communication among the devices, as it performs the supervision of the GOOSE messages. This would have been written in its report.
GridEx performs also network load calculations, but in the case you have described this would not have helped probably. Anyway that information would also have been written in the report.
Let me point out that GridEx is an “IEC 61850 passive tool”.
GridEx does not talk to any device, does not send any IEC 61850 message…. it can only listen to what happens, without interacting with the system.
Also the time synchronization of GridEx can be performed completely independently from the system, with its own independent GPS receiver accessory.
Also GridEx works without a PC, so you do not connect the PC to the substation network system.
As GridEx doesn’t interact to the system where it is connected to, it cannot cause any damage and it can be connected to the network while the system is in service.

Saturday, October 28, 2017

Wow: IEC Goes XML and PSON

IEC provides access to crucial standardized information by modern web technologies:
The content of the Electropedia (The World's Online Electrotechnical Vocabulary) is now made accessible by XML documents and PSON (REST) through the opendata gateway.
“A json version of all subject areas (or IEV parts) in the Electropedia is available by calling the REST endpoint: “ 

I expect that the PSON option will be made available for the complete vocabulary soon.
More to come!

Draft TR IEC 62351-90-2: Deep Packet Inspection (DPI) of Encrypted Communication

IEC TC 57 just published the document 57/1939/DTR:

Power systems management and associated information exchange –
Data and communications security –
IEC TR 62351-90-2: Deep Packet Inspection (DPI) of encrypted communications

This technical report analyses the impact of encrypted communication channels in power systems introduced with IEC 62351. As defined in IEC 62351 an encrypted channel can be employed when communicating with IEDs and encryption can be adopted at message level as well. For example, the use of encrypting TLS setups according to IEC 62351-3 introduces some issues when Deep Packet Inspection (DPI) is needed to inspect the communication channel for monitoring, auditing and validation needs.
In this report we analyze different techniques that can be employed to circumvent this issues when DPI of communications is required.

The voting closes 2017-12-22

Sunday, October 8, 2017

ABB Presents the Benefits of Substation Digitalization with IEC 61850

A nice video by ABB (Steven Kunsman) explains "all the benefits of substation digitalization ... it’s little wonder there’s so much interest in the shift to this technology. Supported by the open communication capabilities derived from IEC 61850’s, substation assets are providing a growing volume of health and operational data that’s enabling higher levels of both reliability and performance. This excerpt from an ABB Automation & Customer World Workshop provides key highlights of how the digital substation is also safer, smaller, and simpler to commission and operate than traditional substations."

Click HERE for the video.

Saturday, October 7, 2017

IEC TC 57 published Two Documents Related to Security Measures (IEC 62351)

IEC TC 57 just published the following two documents:

IEC 62351-100-3: Conformance test cases for the IEC 62351-3, the secure communication extension for profiles including TCP/IP

The scope is to specify common available procedures and definitions for conformance and/or interoperability testing of the requirements of IEC 62351-3, the security extension for profiles including TCP/IP.

Proposed revision of IEC TS 62351-6 ED1 and conversion into an International Standard (Power systems management and associated information exchange - Data and communications security - Part 6: Security for IEC 61850)

Both documents indicate that the security measures defined by the series IEC 62351 are becoming more important! Hope that more experts in the power delivery domain will understand the impact!

Draft TR IEC 61850-90-6 for Distribution Automation Published

IEC TC 57 WG 17 just published the 277 page (!) draft TR 57/1929/DTR:

IEC 61850-90-6: Use of IEC 61850 for Distribution Automation Systems

Commenting period and ballot closes 2017-12-01.

This technical report provides basic aspects that need to be considered when using IEC 61850 for information exchange between systems and components within MV network automation. In particular, the report:
  • Defines use cases for typical DA applications that require information exchange between two or more components/systems
  • Provides modelling of components commonly used in DA applications
  • Proposes new logical nodes and the extensions to the existing logical nodes that can be used in typical DA applications.
  • Provides guidelines for the communication architecture and services to be used in DA applications
  • Provides configuration methods for IEDs to be used in DA systems.
Basic function for which models will be selected or defined cover:
  • Fault Passage Indication and report
  • FLISR (Fault Location, Isolation and Service Restoration)
  • VVC (Voltage and Var Control)
  • Anti-Islanding Protection Based on Communications
  • Automatic Switch Transfer
  • Monitoring Energy Flow
  • Environment Situation Awareness
A Distribution Automation System (DAS) can have up to tens of thousands of IEDs spreading
over a wide area distribution network.

Multiple new Logical Node Classes and extensions for existing LNs are proposed:

This draft is very detailed and easy to read.

Conflicting Use of TCP Port 102 for IEC 61850 and Simatic S7

IEC 61850-8-1 defines how the abstract IEC 61850 services (ACSI) are mapped to MMS (ISO 9506). The MMS protocol runs on ISO/OSI Transport Layer, ISO/OSI Session Layer, ... For IEC 61850 it has been decided to use TCP/IP as transport protocol.

TCP has to be "extended" by some definitions to get the same services and protocol features as provided by ISO/OSI Transport Layer class 0: The IETF RFC 1006 defines how to use TCP for MMS. RFC 1006 defines among other issues to use TCP Port number 102 for the MMS Server role. Any IEC 61850 Server role has to run on port 102 - independent of the platform it is running on: protection device, control device or a Windows PC.

Siemens SIMATIC S7 PLCs use RFC 1006 entitled "ISO Transport Service on top of the TCP" (ISO-on-TCP) as a protocol extension for the TCP protocol for connection between two systems.

RFC 1006 (and thus Port 102) is used for standard connections in the SIMATIC environment.

  • STEP 7 remote programming via LAN
  • ISO-on-TCP connections
  • S7 connections via Industrial Ethernet

I have come across situations where PCs are running SIMATIC S7 tools that are using Port 102! In that case you cannot run an IEC 61850 Server role on the same PC (with the same IP address) - because Port 102 is already in use!!

If you have trouble running an IE 61850 Server role on your computer - check also if Port 102 is already in use. In one case we figured out this situation with a server model (SCL) that we tried to simulate with the Omicron IED Scout! IED Scout reported an error: TCP Port 102 already in use. We stopped the SIMATIC S7 application to free the Port 102.

This is another use case where the IEDScout reports very useful error information!

Here is an example of the command "netstat -a" (may use as well "netstat -a -b") to figure out, if the port 102 is used or not: Waiting for port "102": 

Click HERE for the Server demo (shown on the right).

Click HERE for a list of ports used by Siemens SIMATIC S7.

Tuesday, October 3, 2017

Are Devices Using IEC 61850 Vulnerable?

Devices that implement IEC 61850 may be vulnerable - depending on the measures (not) implemented to protect your SYSTEM! There are many layers of security that can be build into the system to make is less vulnerable. IEC 61850 needs special security measures to hide the semantics of the information being exchanged in a system.

IEC 61850 has well defined models for controlling switch gears: Logical Node CSWI.Pos for operating any kind of switchgears liek circuit breaker, dis-connector or earthing switches. If a client (SCADA, RTU, Proxy, ...) has "open" access to an IED, it could use the self-description and figure out which CSWI instances are available ... and could try to use MMS Write to open or close a switch gear. In a bad system design, this may work.

A high level of security would not (easily) allow other clients (except those that are designed to operate) to operate a switch gear.

Security measures have to be implemented to prevent misuse of the self-description. Even without the self-description, it may be possible that somebody gets access to the SCL file of the system to "read" the models from an XML file. As a consequence: XML files need to be secured as well ...!

You will find solutions for many of the known security problems in the standard series IEC 62351!

The definitions have to be implemented - the paper standards do not protect your systems!

A very new, comprehensive and up-to-date report on security has been published the other day:


Click HERE for the report [pdf, 20 pages].

By the way, the report mentions IEC 60870-5-101/104, IEC 61850 and OPC UA.
Worth to read.

Monday, October 2, 2017


Orientado a la proteccion, control y automatizacion de subestaciones electricas, haciendo uso de: GOOSE Sampled Values, SCADA y el lenguaje de configuracion SCL.

EI estandar IEC 61850 es aplicado desde hace varios anos en el diseno de nuevas subestaciones alrededor del mundo. Durante el seminario, los mäs experimentados y reconocidos ingenieros especialistas a nivel global le ensenarän como utilizar y aplicar la norma IEC 61850 en el diseno, supervision y control de subestaciones digitales para el sector electrico. Se harän aplicaciones präcticas utilizando herramientas de prueba, software e IEDs de diferentes fabricantes.

NM Lima Hotel
Av. Pardo y Aliaga N° 330
San lsidro 15073
Dei 27 al 30 de Noviembre del 2017.
Horarlo: De 09:00 a 17:30 horas.

Organized by: Nakama Solutions, FMTP, and NettedAutomation

Click HERE for the brochure.
Click HERE for the program.

Friday, September 22, 2017

IEC 61850: Usage of XML Schemata for Model Name Space Definitions

One of the crucial challenges in dealing with IEC 61850 is the sheer unlimited amount of Models (Logical Nodes, Data Objects, Data Attributes, Data Attribute Types, ... and related Services). How to manage these? How to figure out which model was valid last year, which model details are currently valid, ... questions, questions ...
What are the answers to these questions? Simply: good documentation of content, modifications, extensions, and changes.
The IEC TC 57 WG 10 has published a document that defines the rules for model content of IEC 61850 based core data model in IEC 61850-7-2, IEC 61850-7-3 and IEC 61850-7-4. Other domains (like DER, Hydro, Wind, etc.) could define their own data model based on IEC 61850 core data model to be able to use IEC 61850 core parts as a common layer.

The published 70 page document 57/1925/DTS contains the new draft rules:

Communication networks and systems for power utility automation –
Part 7-7: Basic communication structure –
Machine-processable format of IEC 61850-related data models for tools

The voting and commenting period closes 2017-12-15

"Year after year the IEC 61850 data models are extended both in depth with hundreds of new data items, and in width with tens of new parts.
In order to foster an active tool market with good quality, and at the end to improve IEC 61850 interoperability, we need a machine-processable file describing data model related parts of the standard as input. This is the purpose the new language Name Space Definition (NSD) defined by this part of IEC 61850.
This will avoid the need for any engineering tool related to the IEC 61850 data models to get the content of the standard manually entered, with the highest risk of mistakes. This will also help spreading easily any corrections to the data model, as requested to reach interoperability. Tool vendors will be able to integrate NSD in their tools to distribute the standard data models directly to end users."

This new document seems to be crucial for all experts that deal with models and their implementation in Tools and IEDs.