Monday, November 13, 2017

IEC 61850 Training in Deutsch mit Jubiläumsrabatt

An alle an IEC 61850 Interessierten,
NettedAutomation bietet das viertägige IEC 61850 Intensiv-Training
vom 05 bis 08. Dezember 2017 
in Karlsruhe
zu einem ***unschlagbaren Jubiläums-Sonderpreis*** von 750 Euro (netto) an!

Hier für das Anmeldeformular klicken.

Bei der Anmeldung bitte den Sonderpreis vermerken!

Weitere Termine:
14.-17. Mai 2018
04.-07. Dezember 2018

Wir haben mehr als 4.300 Experten in mehr als 240 Kursen geschult - überall auf der Welt!

Wir bieten Ihnen auch gerne ein Inhouse-Seminar an.

Wir würden uns freuen, Sie am 05.12. in Karlsruhe - direkt neben dem Weihnachtsmarkt - begrüßen zu können!

Saturday, November 11, 2017

First Amendment of IEC 61850-4: System and Project Management

IEC TC 57 just published the IEC 61850-4 Amendment 1 (57/1922/CDV)
– Communication networks and systems for power utility automation
Part 4: System and project management

The main extensions of the edition 2 are:
  1. New sub-chapter 5.3.6 describes the engineering tool workflow and its chronology (which SCL files are exchanged in between configuration tools) through 3 use cases: the classical use case, the change of system tool and the interaction between 2 projects.
  2. New sub-chapter 6.4 talks about backward compatibility and deals with replacement or extension whatever the component is provided by the same or different manufacturer. To do so, it scrutinizes through 4 use cases, what kind of impacts could be acceptable for IED or tools.
The ballot closes 2018-02-02.
The CDV (committee draft for vote) is accessible for PUBLIC comments by every interested person.

Note that the amendment has already been blended into the edition 2 document for easier reading: 57/1923/INF

These extensions answer a couple of questions that come up during every seminar and in many discussions. They are extending the explanations of SCL (part 6).
The document is worth to study.

Friday, November 3, 2017

What happens during a blackout - Comprehensive Report of the German Parliament's study

published in 20111 a very comprehensive report:

What happens during a blackout - 
Consequences of a prolonged and wide-ranging power outage

Infrastructures such as a reliable energy supply, functioning water-supply and wastewater-disposal systems, efficient modes of transport and transport routes and also information technology and telecommunications technology that can be accessed at all times represent the lifeblood of high-technology industrialised nations. The Committee on Education, Research and Technology Assessment therefore commissioned the Office of Technology Assessment at the German Bundestag (TAB) to investigate the possible effects of a prolonged and widespread power blackout on highly critical infrastructures such as drinking water, wastewater, information and communications systems, financial services and health services, especially against a backdrop where the blackout has a cascading effect spanning state and national boundaries.
In Germany, several recent natural disasters and technical malfunctions (Elbe and Oder floods in 2002/2005, power blackout in the Münsterland in 2005, the Kyrill storm in 2007) have highlighted the population’s dependence on such (critical) infrastructures. Supply bottlenecks, public safety problems and disruptions to road and rail transport have revealed the vulnerability of modern societies and made extreme demands on health, emergency and rescue services...."

Click HERE for the 250 page report [English].
Click HERE for the German version.

The report is one of the best descriptions I have seen. It is really worth to read, to understand and to follow.

If you want to understand what power outages could mean to a society (in a warm region - not in c(o)ld Germany), study the following reports:
Click HERE for the report "Puerto Rico 'heartbreaking' five weeks post-storm"
Click HERE for the report "Puerto Rico Struggles With Power Recovery ..."
Click HERE for further information

I hope something like that will not happen during winter time in Germany.
Note that we have more than natural disasters: Man-made aging infrastructures and aging workforce. 

Thursday, November 2, 2017

Port Scanning in a Substation - May be a No-Go

Security is more than a buzzword these days. You should be very serious about the security of your substation protection and automation system.
Joe Weiss asked yesterday:
Are the Good Guys as Dangerous as the Bad Guys – an Almost Catastrophic Failure of the Transmission Grid
What happened? A port scanning tool in an IEC 61850 GOOSE based substation protection system had a very negative impact on the GOOSE publisher and subscriber: The Relays stopped to operate!! They had to be manually rebooted.
Port scanning may provide a lot (too much) of stress to the devices and communication system. Such a crucial load has to be taken into account during the design of the devices and of the whole system. Theoretically this payload should be taken into account as part of the system engineering ... part of the System Configuration Description (SCD). Any unexpected traffic avalanche may have a serious impact on the stability of the system!
Click HERE for Joe's report.

I guess that the GridEx network monitor would have raised the red flag seeing the message avalanche in the transmission substation.

Lesson to be learned:
Any non-operational load on a critical network should be treated very careful. IT and OT people have to work together and make sure that such test tools do not put too much stress onto the devices connected in a substation or any other system:
Teamwork makes the dream work - and keeps the power flowing!

Click HERE for a discussion of port scanning ... written long time ago (2001 !!)
Click HERE for a worth to read report on how to apply IEC 62443.

My friend Andrea Bonetti (FMTP) responded as follows:

Dear Karlheinz!
What you have described is unfortunately a known problem.
It is really not at all the first time that it happens in the last 10 years, but it is maybe the first time that it is presented to the public.
I would like to stress-out that this problem is NOT related to IEC 61850 but it is related to the correct usage of digital technology.
Similar situations happened also “before” when proprietary digital technology was used. Maybe they were just more difficult to disclose because also the tools were proprietary.
Regarding GridEx, it would have detected the loss of communication among the devices, as it performs the supervision of the GOOSE messages. This would have been written in its report.
GridEx performs also network load calculations, but in the case you have described this would not have helped probably. Anyway that information would also have been written in the report.
Let me point out that GridEx is an “IEC 61850 passive tool”.
GridEx does not talk to any device, does not send any IEC 61850 message…. it can only listen to what happens, without interacting with the system.
Also the time synchronization of GridEx can be performed completely independently from the system, with its own independent GPS receiver accessory.
Also GridEx works without a PC, so you do not connect the PC to the substation network system.
As GridEx doesn’t interact to the system where it is connected to, it cannot cause any damage and it can be connected to the network while the system is in service.

Saturday, October 28, 2017

Wow: IEC Goes XML and PSON

IEC provides access to crucial standardized information by modern web technologies:
The content of the Electropedia (The World's Online Electrotechnical Vocabulary) is now made accessible by XML documents and PSON (REST) through the opendata gateway.
“A json version of all subject areas (or IEV parts) in the Electropedia is available by calling the REST endpoint: “ 

I expect that the PSON option will be made available for the complete vocabulary soon.
More to come!

Draft TR IEC 62351-90-2: Deep Packet Inspection (DPI) of Encrypted Communication

IEC TC 57 just published the document 57/1939/DTR:

Power systems management and associated information exchange –
Data and communications security –
IEC TR 62351-90-2: Deep Packet Inspection (DPI) of encrypted communications

This technical report analyses the impact of encrypted communication channels in power systems introduced with IEC 62351. As defined in IEC 62351 an encrypted channel can be employed when communicating with IEDs and encryption can be adopted at message level as well. For example, the use of encrypting TLS setups according to IEC 62351-3 introduces some issues when Deep Packet Inspection (DPI) is needed to inspect the communication channel for monitoring, auditing and validation needs.
In this report we analyze different techniques that can be employed to circumvent this issues when DPI of communications is required.

The voting closes 2017-12-22

Sunday, October 8, 2017

ABB Presents the Benefits of Substation Digitalization with IEC 61850

A nice video by ABB (Steven Kunsman) explains "all the benefits of substation digitalization ... it’s little wonder there’s so much interest in the shift to this technology. Supported by the open communication capabilities derived from IEC 61850’s, substation assets are providing a growing volume of health and operational data that’s enabling higher levels of both reliability and performance. This excerpt from an ABB Automation & Customer World Workshop provides key highlights of how the digital substation is also safer, smaller, and simpler to commission and operate than traditional substations."

Click HERE for the video.

Saturday, October 7, 2017

IEC TC 57 published Two Documents Related to Security Measures (IEC 62351)

IEC TC 57 just published the following two documents:

IEC 62351-100-3: Conformance test cases for the IEC 62351-3, the secure communication extension for profiles including TCP/IP

The scope is to specify common available procedures and definitions for conformance and/or interoperability testing of the requirements of IEC 62351-3, the security extension for profiles including TCP/IP.

Proposed revision of IEC TS 62351-6 ED1 and conversion into an International Standard (Power systems management and associated information exchange - Data and communications security - Part 6: Security for IEC 61850)

Both documents indicate that the security measures defined by the series IEC 62351 are becoming more important! Hope that more experts in the power delivery domain will understand the impact!

Draft TR IEC 61850-90-6 for Distribution Automation Published

IEC TC 57 WG 17 just published the 277 page (!) draft TR 57/1929/DTR:

IEC 61850-90-6: Use of IEC 61850 for Distribution Automation Systems

Commenting period and ballot closes 2017-12-01.

This technical report provides basic aspects that need to be considered when using IEC 61850 for information exchange between systems and components within MV network automation. In particular, the report:
  • Defines use cases for typical DA applications that require information exchange between two or more components/systems
  • Provides modelling of components commonly used in DA applications
  • Proposes new logical nodes and the extensions to the existing logical nodes that can be used in typical DA applications.
  • Provides guidelines for the communication architecture and services to be used in DA applications
  • Provides configuration methods for IEDs to be used in DA systems.
Basic function for which models will be selected or defined cover:
  • Fault Passage Indication and report
  • FLISR (Fault Location, Isolation and Service Restoration)
  • VVC (Voltage and Var Control)
  • Anti-Islanding Protection Based on Communications
  • Automatic Switch Transfer
  • Monitoring Energy Flow
  • Environment Situation Awareness
A Distribution Automation System (DAS) can have up to tens of thousands of IEDs spreading
over a wide area distribution network.

Multiple new Logical Node Classes and extensions for existing LNs are proposed:

This draft is very detailed and easy to read.

Conflicting Use of TCP Port 102 for IEC 61850 and Simatic S7

IEC 61850-8-1 defines how the abstract IEC 61850 services (ACSI) are mapped to MMS (ISO 9506). The MMS protocol runs on ISO/OSI Transport Layer, ISO/OSI Session Layer, ... For IEC 61850 it has been decided to use TCP/IP as transport protocol.

TCP has to be "extended" by some definitions to get the same services and protocol features as provided by ISO/OSI Transport Layer class 0: The IETF RFC 1006 defines how to use TCP for MMS. RFC 1006 defines among other issues to use TCP Port number 102 for the MMS Server role. Any IEC 61850 Server role has to run on port 102 - independent of the platform it is running on: protection device, control device or a Windows PC.

Siemens SIMATIC S7 PLCs use RFC 1006 entitled "ISO Transport Service on top of the TCP" (ISO-on-TCP) as a protocol extension for the TCP protocol for connection between two systems.

RFC 1006 (and thus Port 102) is used for standard connections in the SIMATIC environment.

  • STEP 7 remote programming via LAN
  • ISO-on-TCP connections
  • S7 connections via Industrial Ethernet

I have come across situations where PCs are running SIMATIC S7 tools that are using Port 102! In that case you cannot run an IEC 61850 Server role on the same PC (with the same IP address) - because Port 102 is already in use!!

If you have trouble running an IE 61850 Server role on your computer - check also if Port 102 is already in use. In one case we figured out this situation with a server model (SCL) that we tried to simulate with the Omicron IED Scout! IED Scout reported an error: TCP Port 102 already in use. We stopped the SIMATIC S7 application to free the Port 102.

This is another use case where the IEDScout reports very useful error information!

Here is an example of the command "netstat -a" (may use as well "netstat -a -b") to figure out, if the port 102 is used or not: Waiting for port "102": 

Click HERE for the Server demo (shown on the right).

Click HERE for a list of ports used by Siemens SIMATIC S7.

Tuesday, October 3, 2017

Are Devices Using IEC 61850 Vulnerable?

Devices that implement IEC 61850 may be vulnerable - depending on the measures (not) implemented to protect your SYSTEM! There are many layers of security that can be build into the system to make is less vulnerable. IEC 61850 needs special security measures to hide the semantics of the information being exchanged in a system.

IEC 61850 has well defined models for controlling switch gears: Logical Node CSWI.Pos for operating any kind of switchgears liek circuit breaker, dis-connector or earthing switches. If a client (SCADA, RTU, Proxy, ...) has "open" access to an IED, it could use the self-description and figure out which CSWI instances are available ... and could try to use MMS Write to open or close a switch gear. In a bad system design, this may work.

A high level of security would not (easily) allow other clients (except those that are designed to operate) to operate a switch gear.

Security measures have to be implemented to prevent misuse of the self-description. Even without the self-description, it may be possible that somebody gets access to the SCL file of the system to "read" the models from an XML file. As a consequence: XML files need to be secured as well ...!

You will find solutions for many of the known security problems in the standard series IEC 62351!

The definitions have to be implemented - the paper standards do not protect your systems!

A very new, comprehensive and up-to-date report on security has been published the other day:


Click HERE for the report [pdf, 20 pages].

By the way, the report mentions IEC 60870-5-101/104, IEC 61850 and OPC UA.
Worth to read.

Monday, October 2, 2017


Orientado a la proteccion, control y automatizacion de subestaciones electricas, haciendo uso de: GOOSE Sampled Values, SCADA y el lenguaje de configuracion SCL.

EI estandar IEC 61850 es aplicado desde hace varios anos en el diseno de nuevas subestaciones alrededor del mundo. Durante el seminario, los mäs experimentados y reconocidos ingenieros especialistas a nivel global le ensenarän como utilizar y aplicar la norma IEC 61850 en el diseno, supervision y control de subestaciones digitales para el sector electrico. Se harän aplicaciones präcticas utilizando herramientas de prueba, software e IEDs de diferentes fabricantes.

NM Lima Hotel
Av. Pardo y Aliaga N° 330
San lsidro 15073
Dei 27 al 30 de Noviembre del 2017.
Horarlo: De 09:00 a 17:30 horas.

Organized by: Nakama Solutions, FMTP, and NettedAutomation

Click HERE for the brochure.
Click HERE for the program.

Friday, September 22, 2017

IEC 61850: Usage of XML Schemata for Model Name Space Definitions

One of the crucial challenges in dealing with IEC 61850 is the sheer unlimited amount of Models (Logical Nodes, Data Objects, Data Attributes, Data Attribute Types, ... and related Services). How to manage these? How to figure out which model was valid last year, which model details are currently valid, ... questions, questions ...
What are the answers to these questions? Simply: good documentation of content, modifications, extensions, and changes.
The IEC TC 57 WG 10 has published a document that defines the rules for model content of IEC 61850 based core data model in IEC 61850-7-2, IEC 61850-7-3 and IEC 61850-7-4. Other domains (like DER, Hydro, Wind, etc.) could define their own data model based on IEC 61850 core data model to be able to use IEC 61850 core parts as a common layer.

The published 70 page document 57/1925/DTS contains the new draft rules:

Communication networks and systems for power utility automation –
Part 7-7: Basic communication structure –
Machine-processable format of IEC 61850-related data models for tools

The voting and commenting period closes 2017-12-15

"Year after year the IEC 61850 data models are extended both in depth with hundreds of new data items, and in width with tens of new parts.
In order to foster an active tool market with good quality, and at the end to improve IEC 61850 interoperability, we need a machine-processable file describing data model related parts of the standard as input. This is the purpose the new language Name Space Definition (NSD) defined by this part of IEC 61850.
This will avoid the need for any engineering tool related to the IEC 61850 data models to get the content of the standard manually entered, with the highest risk of mistakes. This will also help spreading easily any corrections to the data model, as requested to reach interoperability. Tool vendors will be able to integrate NSD in their tools to distribute the standard data models directly to end users."

This new document seems to be crucial for all experts that deal with models and their implementation in Tools and IEDs.

Sunday, September 17, 2017

IEC 61850 Logical Node Group Designation

IEC 61850 uses a well defined designation of Logical Node Groups like MMXU for 3phase electrical measurements. The following groups are defined:

A   Automatic control
C   Supervisory control
D   DER (Distributed Energy Resources)
F   Functional blocks
G   Generic function references
H   Hydro power
I    Interfacing and archiving
K   Mechanical and non-electrical primary equipment
L    System logical nodes
M   Metering and measurement
P    Protection functions
Q    Power quality events detection related
R    Protection related functions
S    Supervision and monitoring
T    Instrument transformer and sensors
W   Wind power
X    Switchgear
Y    Power transformer and related functions
Z    Further (power system) equipment

A total of several hundred of Logical Nodes are already defined and published.

Machine Processable SCL/XML Schema Available for Download

Please note that the SCL Schema Edition 1 and 2 are available for download from the IEC Website.

Click HERE for more details.

There will be more machine processable documents of the series IEC 61850 available in the near future.

I highly recommend to stay tuned to this IEC 61850 Blog ... just Subscribe to it (details can be found on the top right of the site).

First Document of Series IEC 61850 Published as Edition 2.1 FDIS

IEC TC 57 has just published the FDIS of IEC 61850-6/AMD1 ED2:

Amendment 1 – Communication networks and systems for power utility automation –
Part 6: Configuration description language for communication in power utility automation systems related to IEDs

The voting ends: 2017-10-27

Amendment 1 means finally Part 6 Edition 2.1:

The present FDIS reflects amendment 1 to IEC 61850-6 Ed. 2. TC 57 WG 10 has also developed a so-called consolidated edition 2.1 based on the present amendment and the existing Edition 2. The consolidated edition is circulated in parallel under reference 57/1919/INF, so that national committees can see the implementation of the amendment in the existing edition.
Once the present FDIS is approved, the consolidated edition will be published together with the amendment under reference IEC 61850-6 Ed. 2.1.

Machine processable Schema available!!

Note that the Schemata for Edition 1 and 2 of part 6 could be downloaded from the IEC Website:

The availability of the machine readable schemata is a very great progress in getting IEC 61850 applied in more and new application domains. More to come.


Saturday, September 16, 2017

IEC 61850: Training for Protection, Control, and SCADA experts

FMTP and NettedAutomation offer one of the most wanted

Training for Protection, Control, and SCADA based on systems according to IEC 61850

10.-13. October 2017
Karlsruhe/Germany (just one hour south of Frankfurt International Airport)

We have a few seats available - one for you and maybe one for your colleague.

Click HERE for details and registration information.
Click HERE for further training opportunities.

Saturday, September 9, 2017

TÜV SÜD Offers Interoperability Tests - What comes next?

The UCAIUG (UCA International Users Group) has issued 800 Certificates for IEC 61850 devices and tools. Congratulation for the success.

The global market has accepted the new technology standardized since 1995! No question!

In multi vendor projects quite often devices from different manufacturers or from different device firmware versions show interoperability issues. Device A and B may conform to the standard series - but device A may support options that are not supported by device B. This ends up in interoperability problems ... discussions and frustrations.

It is highly recommended that devices used in a multi vendor project are tested for interoperability! Interoperability tests are usually organized by users, e.g., big utilities. The UCAIUG organizes interoperability tests every second yer - far away from being sufficient! The next one is planned for being conducted in New Orleans (USA) in November. It requires a lot of resources to go there ... I guess European utilities may send very few experts only ... and small vendors are likely not travelling across the Atlantic.

So, what to do? I have recommended early to TÜV SÜD to offer interoperability test services.

TÜV SÜD (Munich, Germany) is offering interoperability test ... contact them to figure out how your device can interoperate with other devices.

Interoperable components save time and money during integration into complex systems - and help to reduce frustrations when struggling with implemented or not implemented options, with different interpretations by vendors, ...

And note this: Traveling to Munich (Germany) is easier and cheaper than flying around the globe!

Partners in the industrial automation domain have learned that interoperability (for easier integration) is a crucial means to save a lot of resources ... they are partnering:

Open Integration Partner program for practical testing of multi-vendor automation topologies

Endress + Hauser is proposing the following: “Open Integration validates the interplay of all products in a reference topology by mutual integration tests.” in a permanent lab environment.

I hope that some companies and organizations in the Power Industry will also implement such permanently available “LAT” (Lab Acceptance Tests) that would offer 24x7 support services to the power industry.

Maybe you are interested to discuss this with TÜV SÜD or ... or myself. Please feel free to contact me.

Thanks to TÜV SÜD to offer the interoperability test services. I look forward to see more in the near future - the whole energy market would appreciate it.