Substation Communication Architecture to Realize the Future Smart Grid

Substation and its communication architecture play an important role in maintaining high reliability, and availability of the power supply. Due to the proliferation of multi-vendor IEDs (Intelligent Electronic Devices) and communication technologies in substation, there seems to be an immediate need to adopt a standard approach for meeting the critical communication demands of Substation Automation System (SAS) and also to be future ready to tackle demand growth and changing scenario due to restructuring and deregulation. This paper presents possible exploitation of the technical features of IEC 61850, the standard for Communication Networks and Systems in Substation, to make the substation communication architecture future ready to accommodate the applications and goals of smart grid. Keywords: Substation Automation, Interoperability, IEC61850, Smart Grid, Distribution Automation

Cyber-Security Solutions for Ensuring Smart Grid Distribution Automation Functions

The future generation of the electrical network is known as the smart grid. The distribution domain of the smart grid intelligently supplies electricity to the end-users with the aid of the decentralized Distribution Automation (DA) in which intelligent control functions are distributed and accomplished via real-time communication between the DA components. Internet-based communication via the open protocols is the latest trend for decentralized DA communication. Internet communication has many benefits, but it exposes the critical infrastructure’s data to cyber-security threats. Security attacks may not only make DA services unreachable but may also result in undesirable physical consequences and serious damage to the distribution network environment. Therefore, it is compulsory to protect DA communication against such attacks. There is no single model for securing DA communication. In fact, the security level depends on several factors such as application requirements, communication media, and, of course, the cost.There are several smart grid security frameworks and standards, which are under development by different organizations. However, smart grid cyber-security field has not yet reached full maturity and, it is still in the early phase of its progress. Security protocols in IT and computer networks can be utilized to secure DA communication because industrial ICT standards have been designed in accordance with Open Systems Interconnection model. Furthermore, state-of-the-art DA concepts such as Active distribution network tend to integrate processing data into IT systems.This dissertation addresses cyber-security issues in the following DA functions: substation automation, feeder automation, Logic Selectivity, customer automation and Smart Metering. Real-time simulation of the distribution network along with actual automation and data networking devices are used to create hardware-in-the-loop simulation, and experiment the mentioned DA functions with the Internet communication. This communication is secured by proposing the following cyber-security solutions.This dissertation proposes security solutions for substation automation by developing IEC61850-TLS proxy and adding OPen Connectivity Unified Architecture (OPC UA) Wrapper to Station Gateway. Secured messages by Transport Layer Security (TLS) and OPC UA security are created for protecting substation local and remote communications. Data availability is main concern that is solved by designing redundant networks.The dissertation also proposes cyber-security solutions for feeder automation and Logic Selectivity. In feeder automation, Centralized Protection System (CPS) is proposed as the place for making Decentralized feeder automation decisions. In addition, applying IP security (IPsec) in Tunnel mode is proposed to establish a secure communication path for feeder automation messages. In Logic Selectivity, Generic Object Oriented Substation Events (GOOSE) are exchanged between the substations. First, Logic Selectivity functional characteristics are analyzed. Then, Layer 2 Tunneling over IPsec in Transport mode is proposed to create a secure communication path for exchanging GOOSE over the Internet. Next, communication impact on Logic Selectivity performance is investigated by measuring the jitter and latency in the GOOSE communication. Lastly, reliability improvement by Logic Selectivity is evaluated by calculating reliability indices.Customer automation is the additional extension to the smart grid DA. This dissertation proposes an integration solution for the heterogeneous communication parties (TCP/IP and Controller Area Network) in Home Area Network. The developed solution applies Secure Socket Layer in order to create secured messages.The dissertation also proposes Secondary Substation Automation Unit (SSAU) for realtime communication of low voltage data to metering database. Point-to-Point Tunneling Protocol is proposed to create a secure communication path for Smart Metering data.The security analysis shows that the proposed security solutions provide the security requirements (Confidentiality, Integrity and Availability) for DA communication. Thus, communication is protected against security attacks and DA functions are ensured. In addition, CPS and SSAU are proposed to distribute intelligence over the substations level

Develop process bus architecture for integrating sampled value IEDs

The recent interest within the power industry for the use of the IEC61850 standard has meant that the technology needed to implement this standard is at the forefront of most manufactures development projects. The most recent development are for devices used to implement the process bus component of the standard, described in part 9 of the standard. The implementation of this new technology into a Distribution Network Service Provider’s substation has additional challenges compared to that of a Transmission Network service Provider. The implementation of a process bus architecture is a significant change from the existing practice. The critical nature of the system in which this change is occurring means that the impact of the technology will be heavily scrutinised by end users. Two key technical issues were identified that would arise from the introduction of process bus technology into a substation. The impact on the reliability of the system caused by replacing a simple connection practice between the instrument transformer and the protection relay with a communication network is one of the issues. Appropriately designing the process bus architecture by utilising redundancy has provided a means so that the reliability of the process bus system exceeds that of the existing conventional system. The analyses of two-process bus architectures has been constructed as part of this project to demonstrate the reliability improvement. The performance of the new devices introduced into the network needs to be understood so that any effect on the overall system is known. It has been identified that the merging unit that was tested as part of this project has shown a reduction in the performance of the analogue to digital conversion of measured data based on transient response criteria. To describe the performance of a merging unit such that the end user can predict the output of the device for different inputs, a mathematical model was developed. This model is a second order transfer function approximation obtained from the transient response test results for a merging unit subjected to a DC step input. Minor gain errors were observed when testing the model with typical system signals such as the unsaturated sine waveform and a saturated CT waveform

Automation, Protection and Control of Substation Based on IEC 61850

Reliability of power system protection system has been a key issue in the substation operation due to the use of multi-vendor equipment of proprietary features, environmental issues, and complex fault diagnosis. Failure to address these issues could have a significant effect on the performance of the entire electricity grid. With the introduction of IEC 61850 standard, substation automation system (SAS) has significantly altered the scenario in utilities and industries as indicated in this thesis

Security Evaluation of Substation Network Architectures

In recent years, security of industrial control systems has been the main research focus due to the potential cyber-attacks that can impact the physical operations. As a result of these risks, there has been an urgent need to establish a stronger security protection against these threats. Conventional firewalls with stateful rules can be implemented in the critical cyberinfrastructure environment which might require constant updates. Despite the ongoing effort to maintain the rules, the protection mechanism does not restrict malicious data flows and it poses the greater risk of potential intrusion occurrence. The contributions of this thesis are motivated by the aforementioned issues which include a systematic investigation of attack-related scenarios within a substation network in a reliable sense. The proposed work is two-fold: (i) system architecture evaluation and (ii) construction of attack tree for a substation network. Cyber-system reliability remains one of the important factors in determining the system bottleneck for investment planning and maintenance. It determines the longevity of the system operational period with or without any disruption. First, a complete enumeration of existing implementation is exhaustively identified with existing communication architectures (bidirectional) and new ones with strictly unidirectional. A detailed modeling of the extended 10 system architectures has been evaluated. Next, attack tree modeling for potential substation threats is formulated. This quantifies the potential risks for possible attack scenarios within a network or from the external networks. The analytical models proposed in this thesis can serve as a fundamental development that can be further researched