Tuesday, August 23, 2016

Neues Format für viertägiges IEC 61850 Seminar im Dezember 2016 in Karlsruhe

Der Bedarf an guter mehrtägiger Schulung kollidiert oft der notwendigen Anwesenheit am Arbeitsplatz! Die NettedAutomation GmbH hat jetzt eine Antwort für Sie gefunden:

Wir bieten bieten vom

06.-09. Dezember 2016 in Karlsruhe 
drei Seminarblöcke (1 Tag, 2 Tage und 1 Tag) 

an, die einzeln oder in Kombination gebucht werden können. Sie entscheiden selbst, ob Sie nur einen Tag von Ihrem Arbeitsplatz fern bleiben möchten oder zwei, drei oder vier. Je nachdem, welche Zeit und welchen Bedarf Sie haben.

Am ersten Tag wird ein Überblick über das Normungsumfeld und die einzelnen Normen gegeben. Im Mittelpunkt stehen dabei die grundlegenden Eigenschaften und Bedeutung der Normenreihe IEC 61850 für Systemdesign, System- und Geräteengineering, Datenmodellierung, Datenmodelle, Kommunikationsmöglichkeiten (Client/Server, Publisher/Subscriber) und Sicherheitslösungen.

Am zweiten Tag werden die Modellierungsmethode, die vielfältigen Modelle (Logische Knoten), die Kommunikationsdienste und -protokolle und die System-Konfigurations-Sprache (SCL) im Detail vorgestellt.

Am dritten Tag werden anhand vieler praktischer SCL-Beispiele Systembeschreibungen (SSD), Systemkonfigurationen (SCD), Gerätekonfigurationen (ICD und CID für Server/Publisher, Client/Subscriber und Server/Subscriber) diskutiert, erstellt und formal geprüft. Dabei kommt eine Reihe von Werkzeugen und Geräten zum Einsatz.

Am vierten Tag wird das Erlernte in praktischen Übungen mit marktgängigen Geräten und Werkzeugen vertieft.

Sie können den 1. Tag, den 2. und 3. Tag sowie den 4. Tag getrennt oder in jeder Kombination buchen!

Mit unserer Schulung bereiten wir Sie hervorragend auf neue Herausforderungen vor!

Klicken Sie HIER um mehr Details und Anmeldeinformationen herunterzuladen [pdf, 320 KB].

Die mehr als 4.100 Teilnehmer meiner über 230 Seminare seit 2004 würden sicher alle bestätigen, dass das komplexe Thema IEC 61850 unbedingt eine geeignete Schulung verlangt -- und dass wir eine erst-klassische Schulung bieten!

We will offer the same seminar in English from 13-16 Dezember 2016 as well in Karlsruhe (Germany). Details will be available the next days.

Friday, August 19, 2016

New Flyer for IEC 61850 Training conducted by FMTP and NettedAutomation

FMTP (Uppsala, Sweden) and NettedAutomation (Karlsruhe, Germany) designed a new flyer for IEC 61850 training courses:

The flyer lists all crucial topics that are comprised by the various training opportunities: public or in-house, 3, 4, or 5 days ... or as many days you (our customer) want.

In some cases we offered a 1 day introduction course - the maximum number of training days was 11 days (in three sessions) for a big transmission utility in Europe. Another training took 10 days in one block. The maximum number of attendees was 350 for 3 days:

Click HERE for a brief report of the Bangalore event.

You get whatever you need - 
wherever you are, 
whenever you are prepared to get it.
Talk to your management or HR - to get it.
You deserve it!

Click HERE for the new 2 page flyer [pdf, 1. MB]

I look forward to meeting you some time down the street.

Thursday, August 18, 2016

IEC 61859 Training Course in Stockholm is Filling-Up - Reserve your Seat Now

FMTP, KTH, OPAL RT, and NettedAutomation have scheduled a very comprehensive IEC 61850 Training in Stockholm (Sweden) for 19-23 September 2016.
The course is filling-up very fast.
Please reserve your seat as soon as possible.

Click HERE for the brochure with all details.
A similar Course (4 days) is scheduled for Karlsruhe (Germany) 10.-13. October 2016.

See you soon.

Wednesday, August 17, 2016

IEC just published Draft Guidelines for Handling Role-based Access Control in Power Systems

IEC TC 57 just published (57/1764/DC):

Draft IEC TR 62351-90-1, Power systems management and associated information exchange – Data and communications security – Part 90-1: Guidelines for Handling Role-based Access Control in Power Systems

This draft technical report addresses the handling of access control of users and automated agents
to data objects in power systems by means of role-based access control (RBAC) as defined in
IEC 62351-8. IEC 62351-8 defines three different profiles to distribute role information and
also defines a set of mandatory roles to be supported. Adoption of RBAC has shown that the
defined mandatory roles are not always sufficient and that the method for defining custom
roles should be standardized to ensure interoperability. Hence, the main focus of this
document lies in developing a standardized method for defining and engineering custom
roles, their role-to-right mappings and the corresponding infrastructure support needed to
utilize these custom roles in power systems.

Comments are welcome latest by 2016-10-07.

Tuesday, August 16, 2016

IEC 61850: Gateway for Cloud Computing and Fog Computing

Cloud computing and Fog Computing is in principle supported by a single gateway offered by HMS:

  • Bridges any signal from the process level directly to your own or third party cloud.
  • Maps any signal from Modbus, Profibus, ProfiNet, Ethernet/IP, IEC 61850, IEC 61400-25, IEC 60870-5-104 ... to Modbus, Profibus, ProfiNet, Ethernet/IP, IEC 61850, IEC 61400-25, IEC 60870-5-104 ...
  • Provides many logic functions AND, OR, Timer, Counter, ... to build applications.
  • Has digital Input and Output pins.
  • Reads M-Bus.
  • Supports Client, Server, Client/Server, Client/GOOSE-Subscription (with or more Server/GOOSE-Publishers), and Sever/GOOSE-Subscription
  • What else do you need for simple applications?

Click HERE for more information.

Next Hype: Do You Know Fog Computing?

Some 30 years ago the hype was: MAP (Manufacturing Automation Protocol). One of the next hype is "Fog Computing".

"The Manufacturing Automation Protocols (MAP) and Technical Office Protocols (TOP) were the first commercially defined and accepted functional profiles. Both arose because of the operational concerns of two large corporations, General Motors and Boeing. lt is generally accepted that MAP and TOP were the forerunners, first in adopting OSI standards and then in developing usable profiles.
lt all started at the end of the 1970s. GM had on its manufacturing plant shop floors some 20 000 programmable controllers, 2000 robots, and more than 40 000 intelligent devices, all in support of its business. The main problem was that less than one-eighth of the equipment could communicate beyond the limits of its own island of automation; the main inhibiting factor to greater integration being the lack of an appropriate communications infrastructure. As devices supplied were mostly vendor-specific, to do a particular job, they were not designed or optimised to intercommunicate or support each other's functions.
GM finally realised the gravity of their situation when they began to evaluate the cost of automation, attributing half the cost to the need for devices to intercommunicate. To resolve the matter a task force was created comprising representatives from GM's divisions and their suppliers, with the objective of developing an independent computer network protocol capable of supporting a true multi-vendor environment on the shop floor. They used the OSI model and standards as a basis for interconnection and development of further enhancements. " (Source: The Essential OSI, NSW Technical and Further Education Commission 1991)

The first MAP Profile was published in 1982, Version 1.0 in 1984, MAP 3.0 in 1988. Long time ago!

The MAP approach was understood by just a few experts. Most people believed that MAP was too complex, too ... The fieldbusses were thought as the solutions that could cover a kind of Mini-MAP and realtime communication. MAP passed away and hundreds of fieldbusses have been developed since the late 80s. The result was that myriads of automation islands hit the factory floor. These islands where bridged with OPC and so on ... Now we write 2016! Is there anything new?

Not that much. We still have the problem that the sheer unlimited number of (usually raw) signals (measurements, status, settings, ...) are polled or pushed from the sensor and actuator level all the way up to the SCADA level or even higher. This approach of signal acquisition does not scale in the future where we expect thousand of times more devices, sensors, controllers, ... as GM had to manage in the 70s. Does the Cloud Computing solve this challenge? It is unlikely that this (more or less raw data acquisition) will work?

And now? What to do? Use Fog Computing!

"Fog computing is the missing link to accelerate IoT.  It spans the continuum from Cloud to Things in order to bring compute, control, storage and networking closer to where the data is being generated.

The sheer breadth and scale of IoT solutions requires collaboration at a number of levels, including hardware, software across edge and cloud as well as the protocols and standards that enable all of our “things” to communicate. Existing infrastructures simply can’t keep up with the data volume and velocity created by IoT devices, nor meet the low latency response times required in certain use cases, such as emergency services and autonomous vehicles. The strain on networks from cloud-only or cloud-mostly models will only get worse as IoT applications and devices continue to proliferate.  In addition, the devices themselves are starting to become smarter, allowing for additional control and capabilities closer to where the data is being generated." (http://www.openfogconsortium.org/about-us/#frequently-asked-questions)

Quite interesting that the hype Cloud Computing is seen from a different perspective in 2016.

The approach of IEC 61850 (starting in 1998) is from the very beginning the same as discussed in the Fog Computing community: Compute, control, store, and networking closer to where the data is being generated (at THE process level like in substations or power generation all over). Many information models standardized in IEC 61850 and IEC 61400-25 define distributed functions like protection, active power control or reactive power compensation ... schedules for tariffs, alarming, tripping, reporting by exception (RBE), ... in order to reduce the needed bandwidth and allow for realtime and near realtime behavior.

Lesson learned: Fog Computing is already practiced in the domain of power automation - and based on well defined standards (IEC 61850 and IEC 61400-25)! Both standard series make use of the most crucial standard of MAP: MMS (Manufacturing Message Specification, ISO 9506). It took some 30 years for more people to understand the challenges! ;-) There is nothing new under the sun.

Saturday, August 6, 2016

IEC 61850-90-10 Draft Technical Report on Schedules just published

IEC TC 57 just published the Draft Technical Report:
IEC/TR 61850-90-10 Ed.1.0 (57/1762/DTR)
Communication networks and systems for power utility automation -
Part 90-10: IEC 61850 objects for scheduling

Closing date for voting is 2016-09-30

Schedules establish which behavior (e.g., tariff 1 or 2, mode 1 or 3) or expectation (e.g., forecast) is applied during specified time periods. A schedule consists of a series of entries with a setting for the value of a setpoint, the selection of a particular mode or the value of a parameter for a mode.
There are different ways to operate a scheduled entity based on the following operation principles:

  • The actual values of a scheduled entity (e.g. active and reactive power produced or consumed) are directly controlled using setpoints and controls. For example, the DER system reacts on changes of the setpoints or on controls (e.g. start or stop the DER system) in real time.
  • The functional behavior of a scheduled entity is configured to operate in a mode in which it responds to locally sensed conditions (e.g. Volt-VAr Mode in case of DER) or externally provided information (e.g. prices). 

The schedules offer a very powerful functionality that can be used in many different applications.
Currently we have two major applications in Germany  that make use of the schedules: 
  1. VHPready
  2. FNN Steuerbox
NettedAutomation has implemented the most crucial concepts on an embedded controller used in the HMS gateways.

More to come soon.

Thursday, August 4, 2016

What is a Critical Infrastructure?

According to Wikipedia:
"Critical infrastructure is a term used by governments to describe assets that are essential for the functioning of a society and economy - the infrastructure."

The first three infrastructures listed are:
  1. electricity generation, transmission and distribution;
  2. gas production, transport and distribution;
  3. oil and oil products production, transport and distribution;
  4. ...
Many other areas could be taken into account - all domains where we have some automation in one form or another you may or may NOT TRUST. So far we have trusted our teachers, our employers, our parents, our car, our friends, our banks, our electric power delivery system ... There seems to be a change coming step by step.
What could we all do about it? 
For our family we have just decided to install a 9,8 kWp Photo Voltaic system on our roof. This is - hopefully - a power harvesting machine we could trust ... as long as the sun is shining.
The latest issue discussed is on "Election Systems" according to the FederalNewsRadio:
"The Homeland Security Department is actively considering whether it should add the nation’s election system — or the individual systems that 9,000 local and state jurisdictions use to collect, tally and report votes — as an entity that needs DHS protection from cybersecurity attacks."

What if we put it all under the new term "Critical Everything" (CE)?
All depends on human beings we have to trust! I want to be such a person - my wife, my family, our friends, you, ... can trust.

When we engineers develop something, we should pay a lot of attention to make the "something" robust, safe, ... better safe than sorry.

Let's do our best in the interest of all our societies.

Sunday, July 31, 2016

Power Quality Meter Goes IEC 61850 and IEC 60870-5-104

Friday last week I was involved in installing a high level Power Quality Meter (UMG 512 from Janitza) to monitor the power for a new building:

The objective was to apply a smart gateway between the Meter and IEC 61850 and IEC 60870-5-104. It took some 90 minutes to install the meter and configure it for Modbus TCP communication. The gateway used is an HMS Anybus SG Gateway I/O.

The gateway offers connectivity to Profibus, ProfiNet, Ethernet/IP, and other protocols.
The gateway reads out 22 signals from the Meter (all new Meters from Janitza use the same addresses for the basic signals):

The Modbus signals (from an UMG 604) are listed in the gateway for polling:

As well we need to configure the Signals for IEC 61850 and IEC 60870-5-104:

The signals in IEC 61850 are configured with an SCL File. The 104 signals need manually configuration.

Finally we need to program the mapping from Modbus to IEC 61850 LNs and IEC 60870-5-104 signals. The drop-down menu is used to place the signals to the screen:

Finally the inputs are linked to the outputs:

The signals from the Meter are automatically exposed through IEC 61850 and IEC 60870-5-104 servers.
The IEDScout 4.1 from Omicron is used to connect to the IEC 61850 Server in the Gateway:

And the QTester104 receives messages from the IEC 60870-5-104 server:

Lesson learned: It took less than one hour to configure the Gateway and use it.
This is likely the easiest and fastest way to communicate Power Quality Meter signals through IEC 61850 and IEC 60870-5-104. 

Wednesday, July 27, 2016

Could You Measure a Change in Air Flow caused by a Wind Turbine in a distance of 100 km?

Assume an air flow of x m**3 per second. What happens at your position if a big wind turbine is starting to rotate in a distance of 100 km? Do you expect that you could measure that the air flow is reduced due to the wind turbine that removes energy from the air flow? It may be possible if the turbine would be located in a huge tube. So far so good.
Another question: Could you believe "that a short-circuit at Lawrence Berkeley lab one day was observed by a micro-PMU [Phasor Measurement Units] in Los Angeles, 550 kilometers away, as a 0.002 percent dip in voltage"? It is more likely that one can measure a 0.002 percent dip in 550 km distance than a change in air flow 100 km away caused by a wind turbine.
With a network of many micro-PMUs it may be possible to figure out that somebody is switching on a computer. If you install enough micro-PMUs you may get there.
With a good power quality meter and pattern recognition I could figure out when my wife switches on the Toaster or Microwave.

Each of load (in our home or in the neighborhood) has a specific finger print. So that I could see the patterns and learn what they mean - after some training.

Some people made this observation "We're watching the volts and the amps and we’re not even inside the substation. We’re five miles away. We came up with this idea: What if we were to tell the substation operator that this substation switch is opening and closing? If they were the ones opening and closing it, that’s great. But if not, that’s a pretty good sign that there’s a cyber attack at least being experimented with.”

This is a true story (I guess).

Click HERE for a news report from IEEE Spectrum.

More Big Data to come. Be aware in your home that a power quality meter connected to the copper wire some 20 to 50 m away may be watching you. What about privacy? Is it a good thing to know (almost) everything?
"For in much wisdom is much grief; and he that increaseth knowledge increaseth sorrow." (Kohelet 1:18)

FERC is about to Strengthen the Critical Infrastructure Protection (CIP) Requirements

Security is (so far) likely the most crucial key word in 2016. We all want to live in a secure world with a secure power delivery system and many other infrastructures.
There are many rules set by well known standard setting organizations. One is the US Federal Energy Regulatory Commission (FERC). They have published the Critical Infrastructure Protection (CIP) Reliability Standards years ago. Usually the rules are improved after something serious happened. What happend some months ago? Yes, the Dec 23, 2015 cyber attack on the electric grid in Ukraine.
A lot of reports have been published recently.
FERC seeks comments (in this summer) on possible modifications to the CIP Reliability Standards - and any potential impacts on the operation of the Bulk-Power System resulting from such modifications - to address the following matters:
  1. separation between the Internet and BES Cyber Systems in Control Centers performing transmission operator functions; and
  2. computer administration practices that prevent unauthorized programs from running, referred to as “application whitelisting,” for cyber systems in Control Centers.
Click HERE to access the FERC Docket No. RM16-18-000 that has all the details.

Security standards are one measure to improve the protection of technical systems - but the most crucial issue is: TRUST! Trust is what it's really all about. I hope that all readers of this IEC 61850 blog trust me! I do my best!

By the way, the security requirements on paper or in a PDF document do not protect any system. It is the human beings (you can trust) that have to understand the complexity of the power delivery system, the software applications, communication, and administration of the hardware and software. This requires well educated people - educated in many different (or even all) domains -, sufficient resources, and decisions to implement what is needed.

Rene Descartes (1596-1650) understood it already very well what we have to do: "Hence we must believe that all the sciences are so interconnected, that it is much easier to study them all together than to isolate one from all others. If, therefore, anyone wishes to search out the truth of things in serious ernest, he ought not to select one special science, for all the sciences are cojoined with each other and interdependent."

And: Teamwork makes the dream work!

Stay safe!

Saturday, July 23, 2016

IEC TC 57 Published FDIS IEC 62351-11 Security for XML Documents

Have you ever seen a multi MegaByte XML file used for system or device configurations, COMTRADE, COMFEDE, or other purposes? I have big SCL files that represent real substation specifications. What happens if one (1) single character is removed or changed by somebody ...? A change of a single character can have very severe consequences!
In order to secure XML Files in the context of IEC and other standards organizations, IEC TC 57 just published the document:
57/1753/FDIS: Power systems management and associated information exchange – Data and communications security – IEC 62351-11: Security for XML Documents

Voting closes 2016-09-02

IEC 62351-11 specifies schema, procedures, and algorithms for securing XML documents that are used within the scope of the IEC as well as documents in other domains (e.g. IEEE, proprietary, etc.). This part is intended to be referenced by standards if secure exchanges are required, unless there is an agreement between parties in order to use other recognized secure exchange mechanisms. It utilizes well-known W3C standards for XML document security and provides profiling of these standards and additional extensions.

Wednesday, July 20, 2016

PowerEDGE Offers 3 day Training Course on IEC 61850 and Related Topics in Singapore (24-26 Oct 2016)

The Asian-Pacific region is demanding for competent education services in connection with the application of advanced automation solutions based on IEC 61850 and related standards.
PowerEDGE invites you to attend the most comprehensive Training Course on IEC 61850 ... tap the experience of 230+ courses with 4,100+ attendees all over.
The training  will be conducted in Singapore on 24-26 October 2016.
Click HERE for more details and registration information.

Thursday, July 14, 2016

How to Protect Electric Power Delivery Systems?

These days we see a lot of discussions on security in the domain of electric power delivery systems. One thing is for sure: The power delivery infrastructure is under heavy stress ... just to list a few issues:

  1. Aging equipment (primary and secondary).
  2. Increasing cyber attacks.
  3. Increasing physical attacks.
  4. Aging Workforce.
  5. Political objective to reduce the rate per kWh of electric power consumed.
  6. ...

A lot has been discussed recently regarding these and other issues.

Today I would like to have a brief look on the third bullet "Physical Attack". The Wall Street Journal (WSJ) published the other day a report on physical attacks of substations in the US: "Grid Attack: How America Could Go Dark". After reading these news I decided not to post anything about that report. But: When I got up this morning I read the (bad) news about the tragic attack on humans in Nice (France) last night with 80 people on the death toll of 80, I said to myself, I have to talk about these physical attacks.

First of all, our prayers are for the French people in general and especially for those that have lost one of their loved one, for those that are insured, and those that have experienced this attack.

Second, please read the WSJ report to understand the situation of our - partly very unprotected - electric power delivery system:

Click HERE for the report.

More or less the same could be reported about many substations worldwide.

Next time we may see a truck driving into a major substation, power plant, or high voltage transmission tower, ... How can we protect ourselves and the technical systems that are needed every second in our life?

2. Timothy 3:1-5 says: "1 But understand this, that in the last days there will come times of difficulty. 2 For people will be lovers of self, lovers of money, proud, arrogant, abusive, disobedient to their parents, ungrateful, unholy, 3 heartless, unappeasable, slanderous, without self-control, brutal, not loving good, 4 treacherous, reckless, swollen with conceit, lovers of pleasure rather than lovers of God, 5 having the appearance of godliness, but denying its power."

It is unlikely that all humans will understand the importance of the electric power delivery system (and other critical infrastructures) and to control themselves NOT TO TOUCH the system (AND of course other humans)! So, we have to do our best to better physically protect the crucial stations - which is better than do nothing. Attacks will continue to happen - but we have to spent more resources to increase the physical security.

We all have to accept the increase in your electric power bill - if we want to continue using power whenever we need it - 24/7. I hope that we learn better what the real value of our electric power infrastructure is for our daily life!

KEMA (now DNV GL) has Developed a New Suite of Test Tools for IEC 61850

DNV GL (former KEMA, Arnhem/NL) has developed a suite of IEC 61850 test tools, which will be sold under license to both utilities and technology providers.
Under the name UniGrid, DNV GL provides a new and improved test tool. UniGrid enables test and simulation of a complete IEC 61850 substation automation system and it can be used for various types of conformance and interoperability tests.

The product is planned to be available later this year.

Click HERE to request a copy of the new Brochure.

Saturday, July 9, 2016

New Work Items Proposed within IEC TC 57 (IEC TS 62351-100-1)

Power systems management and associated information exchange – Data and communications security – Part 100-1: Conformance test cases for the IEC 62351-5 and its companion standards for secure data exchange communication interfaces (proposed IEC TS 62351-100-1).

The scope is to specify common available procedures and definitions for conformance and/or interoperability testing of the IEC 62351-5, the IEC 60870-5-7 and their recommendations over the IEC 62351-3. These are the security extensions for IEC 60870-5 and derivatives.

Ballot closes 2016-09-30

New Work Items Proposed within IEC TC 57 (IEC 62351-14)

Power systems management and associated information exchange - Data and communications security - Part 14: Cyber security event logging (proposed IEC 62351-14)

This part 14 of the IEC 62351 series specifies technical requirements for logging cyber security events: transport, log data and semantics, such as how to send and receive security events securely, reliably, how to forward security events or logs, etc.
The purpose of this standard is to specify the requirements needed by the power industry to meet
their cyber security needs, to comply with cyber security regulations and standards, and to guarantee
interoperability among different vendor products.

Logical Node "GSAL" (Generic security application), IEC 61850-7-4, is recommended to take into account with the already published data objects:

AuthFail       Authorisation failures
AcsCtlFail    SEC Access control failures detected
SvcViol        SEC Service privilege violations
Ina                SEC Inactive associations
NumCntRs   Number of counter resets

Ballot closes 2016-09-30

New IEC TC 57 and TC 88 CDV Documents Available for Public Comments

Please note that the following documents are now available for public comments:

IEC 61970-452 Ed.3: Energy management system application program interface (EMS-API) - Part 452: CIM static transmission network model profiles

IEC 61400-25-1 Ed.2: Wind energy generation systems - Part 25-1: Communications for monitoring and control of wind power plants - Overall description of principles and models 

Click HERE for accessing the two documents for comments.

Please note that the general title of the series of IEC 61400-25 has changed to "Wind energy generation systems" ... so does the title change as well:

IEC 61400-25-1: Wind energy generation systems -
Part 25-1: Communications for monitoring and control of wind power plants - Overall description of principles and models