FPGAs in Industrial Control Applications

The aim of this paper is to review the state-of-the-art of Field Programmable Gate Array (FPGA) technologies and their contribution to industrial control applications. Authors start by addressing various research fields which can exploit the advantages of FPGAs. The features of these devices are then presented, followed by their corresponding design tools. To illustrate the benefits of using FPGAs in the case of complex control applications, a sensorless motor controller has been treated. This controller is based on the Extended Kalman Filter. Its development has been made according to a dedicated design methodology, which is also discussed. The use of FPGAs to implement artificial intelligence-based industrial controllers is then briefly reviewed. The final section presents two short case studies of Neural Network control systems designs targeting FPGAs

Cooperative intrusion detection for the next generation carrier: ethernet

Tese de mestrado em Informática, apresentada à Universidade de Lisboa, através da Faculdade de Ciências, 2007Hoje em dia os elementos de rede (NEs) da camada 2 do modelo OSI, bridges ou switches, são componentes complexos, com centenas de milhares de linhas de código, que podem ser vulneráveis a ataques, permitindo até a execçuão remota de código. Este trabalho tem como objectivo a criação de um sistema para proteger infra-estruturas de rede Carrier Ethernet de ataques lançados por NEs maliciosos contra o protocolo de gestão de ligações, o Spanning Tree Protocol, e as sua variantes. Na tese é proposto que os NEs sejam equipados com um componente de detecção de intrusões. Cada um dos detectores utiliza um mecanismo da detecção de intrusões baseada em especificacão e inspecciona o comportamento dos outros NEs através da análise das mensagens recebidas. O comportamento correcto dos NEs é descrito tendo em conta a especificação normalizada do protocolo STP. Se existir um desvio entre um comportamento esperado e o actual, o NE é suspeito de ser malicioso. A especificação é estendida com anotações de padrões temporais, de modo a detectar desvios do protocolo por parte dos NEs localmente. Os resultados da detecção local nos NEs são enviados para os outros, para que todos possam correlacionar a informação da detecção, diagnosticar quais são os NEs maliciosos e logicamente removê-los da rede, desligando todas as portas a eles ligadas.Current OSI model layer 2 network elements (NEs, e.g., bridges, switches) are complex hardware and software boxes, often running an operating system, service and administration software, that can be vulnerable to attacks, including to remote code execution inside them. The purpose of this thesis is to present an architecture to protect the Carrier Ethernet network infrastructure from attacks performed by malicious NEs against the link management protocol, Spanning Tree Protocol, and its variations. This thesis proposes that NEs are equipped with an intrusion detection component. Each detector uses a specification-based intrusion detection mechanism in order to inspect the behaviour of other NEs through the analysis of the received messages. The correct behaviour of the NEs is crafted from the standard specification of the STP protocol. If there is a deviation between current and expected behaviour, then the NE is considered to be malicious. The specification is extended with temporal pattern annotations, in order to detect certain deviations from the protocol. The results of the local detection are then transmitted to the other NEs, in order to cooperatively establish a correlation between all the NEs, so that malicious NEs can be logically removed from the network (disconnecting the ports connected to them)

An Investigation into the testing and commissioning requirements of IEC 61850 Station Bus Substations

The emergence of the new IEC 61850 standard generates a potential to deliver a safe, reliable and effective cost reduction in the way substations are designed and constructed. The IEC 61850 Station Bus systems architecture for a substation protection and automation system is based on a horizontal communication concept replicating what conventional copper wiring performed between Intelligent Electronic Devices (IED’s). The protection and control signals that are traditionally sent and received across a network of copper cables within the substation are now communicated over Ethernet based Local Area Networks (LAN) utilising Generic Object Oriented Substation Event (GOOSE) messages. Implementing a station bus system generates a substantial change to existing design and construction practices. With this significant change, it is critical to develop a methodology for testing and commissioning of protection systems using GOOSE messaging. Analysing current design standards and philosophies established a connection between current conventional practices and future practices using GOOSE messaging at a station bus level. A potential design of the GOOSE messaging protection functions was implemented using the new technology hardware and software. Identification of potential deviations from the design intent, examination of their possible causes and assessment of their consequences was achieved using a Hazard and Operability study (HAZOP). This assessment identified the parts of the intended design that required validating or verifying through the testing and commissioning process. The introduction of a test coverage matrix was developed to identify and optimise the relevant elements, settings, parameters, functions, systems and characteristics that will require validating or verifying through inspection, testing, measurement or simulations during the testing and commissioning process. Research conducted identified hardware and software that would be utilised to validate or verify the IEC 61850 system through inspection, testing, measurement or simulations. The Hazard and Operability study (HAZOP) has been identified as an effective, structured and systematic analysing process that will help identify what hardware, configurations, and functions that require testing and commissioning prior to placing a substation using IEC 61850 Station bus GOOSE messaging into service. This process enables power utilities to understand new challenges and develop testing and commissioning philosophies and quality assurance processes, while providing confidence that the IEC 61850 system will operate in a reliable, effective and secure manner

Testing communication reliability with fault injection : Implementation using Robot Framework and SoC-FPGA

Taajuusmuuttajia käytetään teollisuudessa laajasti, sillä merkittävän osan teollisuuden sähkönkulutuksesta muodostavat oikosulkumoottorit, joita ajetaan taajuusmuuttajien avulla. Taajuusmuuttajiin on mahdollista kytkeä optiokortteja, jotka lisäävät taajuusmuuttajaan valvonta-, ohjaus- ym. toiminnallisuuksia. Nämä kortit kommunikoivat sarjaliikenneväylän kautta taajuusmuuttajan pääyksikön kanssa. Sarjaliikennelinkissä, kuten taajuusmuuttajan väylällä, voi syntyä virheitä, jotka häiritsevät tietoliikennettä. Sen takia sarjaliikenneprotokolliin on luotu virheentunnistus- ja -korjausmekanismeja, joilla pyritään varmistamaan virheetön tiedon kuljettaminen. Luotettavuutta testaamaan voidaan väylälle generoida virheitä siihen tarkoitetulla laitteella. Tässä diplomityössä luotiin taajuusmuuttajia valmistavan yrityksen, Danfoss Drivesin (aik. Vacon), pyynnöstä häiriögeneraattorijärjestelmä. Järjestelmä koostuu SoC-FPGA-piirillä luodusta virheitä syöttävästä laitteesta, PC-työkalulle luodusta testirajapinnasta sekä Ethernet-kommunikaatiosta niiden välillä. Laite kytketään väylään, ja testirajapinta tekee testaajalle mahdolliseksi luoda mukautettavia testejä ja ajaa testejä käyttäen Robot Framework -testiympäristöä. Diplomityössä tutkittiin ensin sarjakommunikointiväylien yleisimpiä virheentunnistus- ja korjauskeinoja sekä SoC-FPGA-piirien sekä työssä käytetyn Robot Frameworkin ominaisuuksia. Järjestelmä suunniteltiin ylhäältä-alas-periaatteella ensin tunnistamalla kolmen edellä mainitun komponentin päärakenne päätyen lopulta yksittäisten ohjelmafunktioiden logiikan suunnitteluun. Tämän jälkeen laite ja testirajapinta toteutettiin C- ja Python-ohjelmointikielillä käyttäen suunnitellun kaltaista kommunikaatiota näiden kahden komponentin välillä. Lopulta järjestelmä testattiin kaikki komponentit yhteen kytkettynä. Varsinainen injektorilogiikka, joka luo virheitä väylään, ei ollut työn loppuun mennessä vielä toimittavan tahon puolelta valmis, joten järjestelmää ei voitu testata todellisessa ympäristössä. Työssä luodut osuudet voidaan kuitenkin myöhemmin kytkeä kokonaiseen järjestelmään. Työn tärkeimpänä johtopäätöksenä on, että tavoitteiden mukainen järjestelmä saatiin luotua ja testattua toimivaksi mahdollisin osin. Jatkokehityskohteeksi jäi mm. kokonaisen järjestelmän luonti ja testaus oikeaan kommunikaatioväylään kytkettynä.Frequency converters are widely used in industry because a notable part of the industrial electricity consumption is by electrical induction motors driven by frequency converters. It is possible to connect option boards into a frequency converter to add monitoring and control features. These option boards communicate with the main control unit of the frequency converter over a serial communication link. In a serial communication link, e.g. in a frequency converter, it can occur faults that interfere with the transfer. Hence, error handling mechanisms are used to secure transmission of the data without errors. A fault injector device, which generates errors into the data travelling in the link, can be used to test the communication reliability. In this master’s thesis, an error generator system was created for a company, Danfoss Drives (previously Vacon), manufacturing frequency converters. The system consists of a fault injector device created with a SoC-FPGA, a testing interface for a PC tool, and an Ethernet-based communication between these two. The device is connected to a serial communication link, and the testing interface makes it easy for a tester to create and run modifiable fault injection tests using a Robot Framework test environment. At the beginning of the thesis, the most common error detection and correction mechanisms in serial communication and properties of SoC-FPGAs, and Robot Framework were studied. Following this, the system was designed with top-down approach, first identifying the main structure of the components, and finally ending up in designing the logic of individual functions. After this, the device and the testing interface were implemented in C and Python using the designed Ethernet communication between them. After the implementation, the system was tested with all the components combined. The actual fault injection logic was not ready by the end of the thesis, so the tests were not run in a real environment. However, the work is done so that the implemented parts can be later used in a complete system. The most important conclusion is that the system was created and tested to meet the requirements with applicable parts. Further development includes creating a complete system and testing it with a real communication link

Software Defined Networks based Smart Grid Communication: A Comprehensive Survey

The current power grid is no longer a feasible solution due to ever-increasing user demand of electricity, old infrastructure, and reliability issues and thus require transformation to a better grid a.k.a., smart grid (SG). The key features that distinguish SG from the conventional electrical power grid are its capability to perform two-way communication, demand side management, and real time pricing. Despite all these advantages that SG will bring, there are certain issues which are specific to SG communication system. For instance, network management of current SG systems is complex, time consuming, and done manually. Moreover, SG communication (SGC) system is built on different vendor specific devices and protocols. Therefore, the current SG systems are not protocol independent, thus leading to interoperability issue. Software defined network (SDN) has been proposed to monitor and manage the communication networks globally. This article serves as a comprehensive survey on SDN-based SGC. In this article, we first discuss taxonomy of advantages of SDNbased SGC.We then discuss SDN-based SGC architectures, along with case studies. Our article provides an in-depth discussion on routing schemes for SDN-based SGC. We also provide detailed survey of security and privacy schemes applied to SDN-based SGC. We furthermore present challenges, open issues, and future research directions related to SDN-based SGC.Comment: Accepte