Network and System Management using IEC 62351-7 in IEC 61850 Substations: Design and Implementation

Substations are a prime target for threat agents aiming to disrupt the power grid’s operation. With the advent of the smart grid, the power infrastructure is increasingly being coupled with an Information and Communication Technologies (ICT) infrastructure needed to manage it, exposing it to potential cyberattacks. In order to secure the smart grid, the IEC 62351 specifies how to provide cybersecurity to such an environment. Among its specifications, IEC 62351-7 states to use Network and System Management (NSM) to monitor and manage the operation of power systems. In this research, we aim to design, implement, and study NSM in a digital substation as per the specifications of IEC 62351-7. The substation is one that conforms to the IEC 61850 standard, which defines how to design a substation leveraging ICT. Our contributions are as follows. We contribute to the design and implementation of NSM in a smart grid security co-simulation testbed. We design a methodology to elaborate cyberattacks targeting IEC 61850 substations specifically. We elaborate detection algorithms that leverage the NSM Data Objects (NSM DOs) of IEC 62351- 7 to detect the attacks designed using our method. We validate these experimentally using our testbed. From this work, we can provide an initial assessment of NSM within the context of digital substations

Simulation and Control of a Cyber-Physical System under IEC 61499 Standard

IEC 61499 standard provides an architecture for control systems using function blocks (FB), languages, and semantics. These devices can be interconnected and communicate with each other. Each device contains several resources and algorithms with a communication FB at the end, which can be created, configured, and deleted without affecting other resources. Physical element can be represented by a FB that encapsulates the functionality (data/events, process, return data/events) in a single module that can be reused and combined. This work presents a simplified implementation of a modular control system using a low-cost device. In the prototyping of the application, we use 4diac to control, model and validate the implementation of the system on a programmable logic controller. It is proved that this approach can be used to model and simulate a cyber-physical system as a single element or in a networked combination. The control models provide a reusable FB design.We acknowledge the financial support of CIDEM, R&D unit funded by FCT – Portuguese Foundation for the Development of Science and Technology, Ministry of Science, Technology and Higher Education, under the Project UID/EMS/0615/2019, and it was supported by FCT, through INEGI and LAETA, under project UIDB/50022/2020.info:eu-repo/semantics/publishedVersio

Cyber-Security Solutions for Ensuring Smart Grid Distribution Automation Functions

The future generation of the electrical network is known as the smart grid. The distribution domain of the smart grid intelligently supplies electricity to the end-users with the aid of the decentralized Distribution Automation (DA) in which intelligent control functions are distributed and accomplished via real-time communication between the DA components. Internet-based communication via the open protocols is the latest trend for decentralized DA communication. Internet communication has many benefits, but it exposes the critical infrastructure’s data to cyber-security threats. Security attacks may not only make DA services unreachable but may also result in undesirable physical consequences and serious damage to the distribution network environment. Therefore, it is compulsory to protect DA communication against such attacks. There is no single model for securing DA communication. In fact, the security level depends on several factors such as application requirements, communication media, and, of course, the cost.There are several smart grid security frameworks and standards, which are under development by different organizations. However, smart grid cyber-security field has not yet reached full maturity and, it is still in the early phase of its progress. Security protocols in IT and computer networks can be utilized to secure DA communication because industrial ICT standards have been designed in accordance with Open Systems Interconnection model. Furthermore, state-of-the-art DA concepts such as Active distribution network tend to integrate processing data into IT systems.This dissertation addresses cyber-security issues in the following DA functions: substation automation, feeder automation, Logic Selectivity, customer automation and Smart Metering. Real-time simulation of the distribution network along with actual automation and data networking devices are used to create hardware-in-the-loop simulation, and experiment the mentioned DA functions with the Internet communication. This communication is secured by proposing the following cyber-security solutions.This dissertation proposes security solutions for substation automation by developing IEC61850-TLS proxy and adding OPen Connectivity Unified Architecture (OPC UA) Wrapper to Station Gateway. Secured messages by Transport Layer Security (TLS) and OPC UA security are created for protecting substation local and remote communications. Data availability is main concern that is solved by designing redundant networks.The dissertation also proposes cyber-security solutions for feeder automation and Logic Selectivity. In feeder automation, Centralized Protection System (CPS) is proposed as the place for making Decentralized feeder automation decisions. In addition, applying IP security (IPsec) in Tunnel mode is proposed to establish a secure communication path for feeder automation messages. In Logic Selectivity, Generic Object Oriented Substation Events (GOOSE) are exchanged between the substations. First, Logic Selectivity functional characteristics are analyzed. Then, Layer 2 Tunneling over IPsec in Transport mode is proposed to create a secure communication path for exchanging GOOSE over the Internet. Next, communication impact on Logic Selectivity performance is investigated by measuring the jitter and latency in the GOOSE communication. Lastly, reliability improvement by Logic Selectivity is evaluated by calculating reliability indices.Customer automation is the additional extension to the smart grid DA. This dissertation proposes an integration solution for the heterogeneous communication parties (TCP/IP and Controller Area Network) in Home Area Network. The developed solution applies Secure Socket Layer in order to create secured messages.The dissertation also proposes Secondary Substation Automation Unit (SSAU) for realtime communication of low voltage data to metering database. Point-to-Point Tunneling Protocol is proposed to create a secure communication path for Smart Metering data.The security analysis shows that the proposed security solutions provide the security requirements (Confidentiality, Integrity and Availability) for DA communication. Thus, communication is protected against security attacks and DA functions are ensured. In addition, CPS and SSAU are proposed to distribute intelligence over the substations level

Advanced Communication and Control Methods for Future Smartgrids

Proliferation of distributed generation and the increased ability to monitor different parts of the electrical grid offer unprecedented opportunities for consumers and grid operators. Energy can be generated near the consumption points, which decreases transmission burdens and novel control schemes can be utilized to operate the grid closer to its limits. In other words, the same infrastructure can be used at higher capacities thanks to increased efficiency. Also, new players are integrated into this grid such as smart meters with local control capabilities, electric vehicles that can act as mobile storage devices, and smart inverters that can provide auxiliary support. To achieve stable and safe operation, it is necessary to observe and coordinate all of these components in the smartgrid

Design and control of harbour area smart grids with application of battery energy storage system

Global trade occurs mostly on seaborne vessels, and harbours exist as the most significant part for enabling the economic development of any country. However, the amount of fossil fuels used by conventional diesel-engine powered vessels produce a great number of types of toxic emissions, such as air pollution particles at harbours, which create a threat to human health that can contribute to higher morbidity and mortality rates among humans. Therefore, the International maritime organisation and the European Directives recommend that ships implement methods that limit toxic gas emissions and air pollution, such as using onshore power supply and fuel with low-sulphur content for on-board power generation in vessels while remaining at harbours. This research presents cutting-edge methods and tools for contributing to the development of future marine solutions and analyses of modern vessel technological requirements as well as harbour grids, and it proposes novel models of harbour area smart grids for facilitating the support of onshore power supply and charging of batteries for those vessels that require it. This research explores the usage of multiple battery-charging configurations with either slow- or fast-charging systems for electric or hybrid vessels, and it analyses the technical challenges that could inhibit or prevent the practicality of their implementation. The suitable size and allocation of battery energy storage systems for real-world case power systems of Åland Islands harbour grid are also investigated to enhance power capacity of harbour grids. Moreover, a control algorithm for the battery energy storage controller was first developed in MATLAB/Simulink for the Vaasa harbour grid, and then its performance was tested in the OPAL-RT real-time simulator by conducting a controller hardware-in-the-loop test to maintain the power balance inside the harbour grid. The proposed harbour grid models can reduce the degree of pollution that degrades the environment while providing onshore power supply and battery-charging stations for hybrid or electric vessels. Moreover, this dissertation acts as a foundation for developing future business strategies for ship owners, port administrators, and local authorities to solve similar problems as technology develops and environmental degradation continues to be a problem of every country in the world.Maailmanlaajuinen kauppa tapahtuu pääasiassa merialuksilla, ja satamista on tulossa merkittävin osa minkä tahansa maan talouskehitystä. Perinteisten dieselmoottorialusten käyttämä fossiilinen polttoaine aiheuttaa kuitenkin satamissa monenlaisia myrkyllisiä päästöjä ja ilmansaasteita, jotka ovat uhka ihmisten terveydelle ja aiheuttavat monenlaisia vaarallisia sairauksia. Tästä syystä Kansainvälinen merenkulkujärjestö IMO ja EU-direktiivit suosittelevat, että alukset käyttävät satamissa ollessaan maalta tulevaa sähkönsyöttöä tai vähärikkistä polttoainetta myrkyllisten kaasupäästöjen ja ilmansaasteiden rajoittamiseksi. Tämä tutkimus esittelee uusimpia ja tulevaisuuden merenkulun ratkaisuja, analysoi nykyaikaisten alusten teknisiä vaatimuksia sekä satamaverkkoja ja esittelee uusia malleja satama-alueen älykkäille sähköverkoille, joilla tuetaan maasähkön käyttöä ja akkujen lataamista vaativia aluksia. Tutkimuksessa tarkasteltiin useita akkuenergiavarastojen latauskonfiguraatioita sekä hitailla että nopeilla latausjärjestelmillä sähkö-/hybridialuksille ja analysoitiin niiden käytännön toteutukseen liittyviä teknisiä haasteita. Akkuenergiavarastojen sopivaa kokoa ja sijoittelua satamaverkkojen tehokapasiteetin parantamiseksi selvitettiin todelliseen verkkoon perustuvassa tapaustutkimuksessa, jossa parannettiin Ahvenanmaan verkon satamien tehokapasiteettia. Lisäksi kehitettiin akkuenergiavarastojen ohjausalgoritmi tehotasapainon ylläpitämiseksi Vaasan satamaverkossa ensin MATLAB/Simulink-mallina, jonka jälkeen sen suorituskykyä testattiin OPAL-RT reaaliaika-simulaattorilla suorittamalla ns. laitesilmukkasimulaatioita. Ehdotetuilla satamaverkkomalleilla voidaan vastata ilmansaasteista aiheutuviin ympäristöongelmiin sekä mahdollistaa maasähkönsyöttö ja akkujen latausasemat tuleville hybridi- ja sähköaluksille. Lisäksi tämä väitöskirja voi toimia pohjana uusien liiketoimintastrategioiden kehittämiselle alusten omistajien, satamajohtajien ja paikallisviranomaisten tarpeisiin.fi=vertaisarvioitu|en=peerReviewed

Smart Energy Management for Smart Grids

This book is a contribution from the authors, to share solutions for a better and sustainable power grid. Renewable energy, smart grid security and smart energy management are the main topics discussed in this book

Design and Engineering for Smart Secondary Substation Automation Panel

This M.Sc. thesis presents a systematic approach to enhance automation at the electrical distribution level by introducing multiple retrofit approaches in existing secondary substations. This study has explored insights into providing intelligence to the secondary substation efficiently in terms of dimensions, cost and communication needs. The designing of a retrofit product has been accomplished taking into consideration the current network status, the present need and the future compatibility for Smart Grid. Although, the new device has been designed based on the Finnish network need, it is fully compatible with electrical networks worldwide. Initially a comprehensive review of the theory and literature related to present network configuration, distribution automation, Smart Grids and all relevant areas was conducted. This was followed by a review of the reports of transmission and distribution networks operators in Finland and product brochures from various manufacturers in order to create a framework. This was complemented and further verified by the primary collection of data in the form of interviews and discussions with representatives from these companies. Based on all this information, the operation within the network was emulated and the final product was designed. The product provides practical capabilities from the basic monitoring to the full automated control with decision making capabilities locally or remotely through the network control centre via SCADA. Being customizable and retrofit installation, its adaptability and scalability is based on the specific network need. Besides, as the product has been developed in the form a detailed research through collaboration with university researchers, product manufacturers as well as network operators, it is practically designed and is planned to be implemented soon. Although, there are other similar but less effective and less flexible products available, they lose advantage when it comes to compatibility. The research represents one of the first attempts to design a customizable product for the medium voltage level network automation and the retrofit approach with its modular and scalable feature provides originality to it

Software framework for the development of context-aware reconfigurable systems

In this project we propose a new software framework for the development of context-aware and secure controlling software of distributed reconfigurable systems. Context-awareness is a key feature allowing the adaptation of systems behaviour according to the changing environment. We introduce a new definition of the term “context” for reconfigurable systems then we define a new context modelling and reasoning approach. Afterwards, we define a meta-model of context-aware reconfigurable applications that paves the way to the proposed framework. The proposed framework has a three-layer architecture: reconfiguration, context control, and services layer, where each layer has its well-defined role. We define also a new secure conversation protocol between distributed trustless parts based on the blockchain technology as well as the elliptic curve cryptography. To get better correctness and deployment guarantees of applications models in early development stages, we propose a new UML profile called GR-UML to add new semantics allowing the modelling of probabilistic scenarios running under memory and energy constraints, then we propose a methodology using transformations between the GR-UML, the GR-TNCES Petri nets formalism, and the IEC 61499 function blocks. A software tool implementing the methodology concepts is developed. To show the suitability of the mentioned contributions two case studies (baggage handling system and microgrids) are considered.In diesem Projekt schlagen wir ein Framework für die Entwicklung von kontextbewussten, sicheren Anwendungen von verteilten rekonfigurierbaren Systemen vor. Kontextbewusstheit ist eine Schlüsseleigenschaft, die die Anpassung des Systemverhaltens an die sich ändernde Umgebung ermöglicht. Wir führen eine Definition des Begriffs ``Kontext" für rekonfigurierbare Systeme ein und definieren dann einen Kontextmodellierungs- und Reasoning-Ansatz. Danach definieren wir ein Metamodell für kontextbewusste rekonfigurierbare Anwendungen, das den Weg zum vorgeschlagenen Framework ebnet. Das Framework hat eine dreischichtige Architektur: Rekonfigurations-, Kontextkontroll- und Dienste-Schicht, wobei jede Schicht ihre wohldefinierte Rolle hat. Wir definieren auch ein sicheres Konversationsprotokoll zwischen verteilten Teilen, das auf der Blockchain-Technologie sowie der elliptischen Kurven-Kryptographie basiert. Um bessere Korrektheits- und Einsatzgarantien für Anwendungsmodelle zu erhalten, schlagen wir ein UML-Profil namens GR-UML vor, um Semantik umzufassen, die die Modellierung probabilistischer Szenarien unter Speicher- und Energiebeschränkungen ermöglicht. Dann schlagen wir eine Methodik vor, die Transformationen zwischen GR-UML, dem GR-TNCES-Petrinetz-Formalismus und den IEC 61499-Funktionsblöcken verwendet. Es wird ein Software entwickelt, das die Konzepte der Methodik implementiert. Um die Eignung der genannten Beiträge zu zeigen, werden zwei Fallstudien betrachtet