Automation, Protection and Control of Substation Based on IEC 61850

Reliability of power system protection system has been a key issue in the substation operation due to the use of multi-vendor equipment of proprietary features, environmental issues, and complex fault diagnosis. Failure to address these issues could have a significant effect on the performance of the entire electricity grid. With the introduction of IEC 61850 standard, substation automation system (SAS) has significantly altered the scenario in utilities and industries as indicated in this thesis

Modeling and simulation of IEC 61850 requirements applied to an automated people mover's controller

Automated People Movers (APM) are systems for passenger transport with fully automated operation and high frequency service. For this study, we proposed the adaptation of the standard IEC 61850 (design to be used in electric power systems based in intelligent electronic devices) to allow its application to an APM system named Aeromovel installed in Porto Alegre, Brazil. Aeromovel is a nonconventional Automatic People Mover whose operation principle is based on pneumatics. This paper proposes the use of two analysis techniques, Simulation and Formal Verification, in order to guarantee the desired behaviour for an APM propulsion system composed by a centrifugal fan and ten (on-off and proportional) pneumatic valves driven by pneumatic pistons. This approach is based on the use of timed automata and UPPAAL software.Guilherme Kunz is supported by the PTI C&T program (Fundacao Parque Tecnologico Itaipu - FPTI-BR). The authors would like to thank to PTI C&T/FPTI-BR for financial support and to CESUP-UFRGS for access to the clusters

Modeling and simulating the controller behavior of an automated people mover using IEC 61850 communication requirements

Automated People Movers (APM) are systems for passenger transport with fully automated operation and high frequency service. Trains controllers are traditionally centralized and based on wired circuits, although they generally have serious difficulties in the installation and maintenance. As there is increased demand on the system, there are advantages in choosing an open architecture, with a simple communication system and distributed. These concepts are largely addressed in the development of IEC 61850. In this study we proposed the adaptation of the standard IEC 61850, design to be used in electric power systems to be applied in an APM system named Aeromovel installed in Porto Alegre, Brazil. Aeromovel is a nonconventional Automatic People Mover whose operation principle is based on pneumatics. A model, based on timed automata formalism, is proposed for IEC 61850 communications requirements and respective simulation results are presented.Guilherme Kunz is supported by the PTI C&T program (Fundacao Parque Tecnologico Itaipu - FPTI-BR). The authors would like to thank to PTI C&T/FPTI-BR for financial support and to CESUP-UFRGS for access to the clusters

A study of the applicability of software-defined networking in industrial networks

173 p.Las redes industriales interconectan sensores y actuadores para llevar a cabo funciones de monitorización, control y protección en diferentes entornos, tales como sistemas de transporte o sistemas de automatización industrial. Estos sistemas ciberfísicos generalmente están soportados por múltiples redes de datos, ya sean cableadas o inalámbricas, a las cuales demandan nuevas prestaciones, de forma que el control y gestión de tales redes deben estar acoplados a las condiciones del propio sistema industrial. De este modo, aparecen requisitos relacionados con la flexibilidad, mantenibilidad y adaptabilidad, al mismo tiempo que las restricciones de calidad de servicio no se vean afectadas. Sin embargo, las estrategias de control de red tradicionales generalmente no se adaptan eficientemente a entornos cada vez más dinámicos y heterogéneos.Tras definir un conjunto de requerimientos de red y analizar las limitaciones de las soluciones actuales, se deduce que un control provisto independientemente de los propios dispositivos de red añadiría flexibilidad a dichas redes. Por consiguiente, la presente tesis explora la aplicabilidad de las redes definidas por software (Software-Defined Networking, SDN) en sistemas de automatización industrial. Para llevar a cabo este enfoque, se ha tomado como caso de estudio las redes de automatización basadas en el estándar IEC 61850, el cual es ampliamente usado en el diseño de las redes de comunicaciones en sistemas de distribución de energía, tales como las subestaciones eléctricas. El estándar IEC 61850 define diferentes servicios y protocolos con altos requisitos en terminos de latencia y disponibilidad de la red, los cuales han de ser satisfechos mediante técnicas de ingeniería de tráfico. Como resultado, aprovechando la flexibilidad y programabilidad ofrecidas por las redes definidas por software, en esta tesis se propone una arquitectura de control basada en el protocolo OpenFlow que, incluyendo tecnologías de gestión y monitorización de red, permite establecer políticas de tráfico acorde a su prioridad y al estado de la red.Además, las subestaciones eléctricas son un ejemplo representativo de infraestructura crítica, que son aquellas en las que un fallo puede resultar en graves pérdidas económicas, daños físicos y materiales. De esta forma, tales sistemas deben ser extremadamente seguros y robustos, por lo que es conveniente la implementación de topologías redundantes que ofrezcan un tiempo de reacción ante fallos mínimo. Con tal objetivo, el estándar IEC 62439-3 define los protocolos Parallel Redundancy Protocol (PRP) y High-availability Seamless Redundancy (HSR), los cuales garantizan un tiempo de recuperación nulo en caso de fallo mediante la redundancia activa de datos en redes Ethernet. Sin embargo, la gestión de redes basadas en PRP y HSR es estática e inflexible, lo que, añadido a la reducción de ancho de banda debida la duplicación de datos, hace difícil un control eficiente de los recursos disponibles. En dicho sentido, esta tesis propone control de la redundancia basado en el paradigma SDN para un aprovechamiento eficiente de topologías malladas, al mismo tiempo que se garantiza la disponibilidad de las aplicaciones de control y monitorización. En particular, se discute cómo el protocolo OpenFlow permite a un controlador externo configurar múltiples caminos redundantes entre dispositivos con varias interfaces de red, así como en entornos inalámbricos. De esta forma, los servicios críticos pueden protegerse en situaciones de interferencia y movilidad.La evaluación de la idoneidad de las soluciones propuestas ha sido llevada a cabo, principalmente, mediante la emulación de diferentes topologías y tipos de tráfico. Igualmente, se ha estudiado analítica y experimentalmente cómo afecta a la latencia el poder reducir el número de saltos en las comunicaciones con respecto al uso de un árbol de expansión, así como balancear la carga en una red de nivel 2. Además, se ha realizado un análisis de la mejora de la eficiencia en el uso de los recursos de red y la robustez alcanzada con la combinación de los protocolos PRP y HSR con un control llevado a cabo mediante OpenFlow. Estos resultados muestran que el modelo SDN podría mejorar significativamente las prestaciones de una red industrial de misión crítica

Investigating Performance and Reliability of Process Bus Networks for Digital Protective Relaying

To reduce the cost of complex and long copper wiring, as well as to achieve flexibility in signal communications, IEC 61850 part 9-2 proposes a process bus communication network between process level switchyard equipments, and bay level protection and control (P&C) Intelligent Electronic Devices (IEDs). After successful implementation of Ethernet networks for IEC 61850 standard part 8-1 (station bus) at several substations worldwide, major manufacturers are currently working on the development of interoperable products for the IEC 61850-9-2 based process bus. The major technical challenges for applying Ethernet networks at process level include: 1) the performance of time critical messages for protection applications; 2) impacts of process bus Ethernet networks on the reliability of substation protection systems. This work starts with the performance analysis in terms of time critical Sampled Value (SV) messages loss and/or delay over the IEC 61850-9-2 process bus networks of a typical substation. Unlike GOOSE, the SV message is not repeated several times, and therefore, there is no assurance that each SV message will be received from the process bus network at protection IEDs. Therefore, the detailed modeling of IEC 61850 based substation protection devices, communication protocols, and packet format is carried out using an industry-trusted simulation tool OPNET, to study and quantify number of SV loss and delay over the process bus. The impact of SV loss/delay on digital substation protection systems is evident, and recognized by several manufacturers. Therefore, a sample value estimation algorithm is developed in order to enhance the performance of digital substation protection functions by estimating the lost and delayed sampled values. The error of estimation is evaluated in detail considering several scenarios of power system relaying. The work is further carried out to investigate the possible impact of SV loss/delay on protection functions, and test the proposed SV estimation algorithm using the hardware setup. Therefore, a state-of-the-art process bus laboratory with the protection IEDs and merging unit playback simulator using industrial computers on the QNX hard-real-time platform, is developed for a typical IEC 61850-9-2 based process bus network. Moreover, the proposed SV estimation algorithm is implemented as a part of bus differential and transmission line distance protection IEDs, and it is tested using the developed experimental setup for various SV loss/delay scenarios and power system fault conditions. In addition to the performance analysis, this work also focuses on the reliability aspects of protection systems with process bus communication network. To study the impact of process bus communication on reliability indices of a substation protection function, the detailed reliability modeling and analysis is carried out for a typical substation layout. First of all, reliability analysis is done using Reliability Block Diagrams (RBD) considering various practical process bus architectures, as well as, time synchronization techniques. After obtaining important failure rates from the RBD, an extended Markov model is proposed to analyze the reliability indices of protection systems, such as, protection unavailability, abnormal unavailability, and loss of security. It is shown with the proposed Markov model that the implementation of sampled value estimation improves the reliability indices of a protection system

Detection of DoS Attacks Using ARFIMA Modeling of GOOSE Communication in IEC 61850 Substations

Integration of Information and Communication Technology (ICT) in modern smart grids (SGs) offers many advantages including the use of renewables and an effective way to protect, control and monitor the energy transmission and distribution. To reach an optimal operation of future energy systems, availability, integrity and confidentiality of data should be guaranteed. Research on the cyber-physical security of electrical substations based on IEC 61850 is still at an early stage. In the present work, we first model the network traffic data in electrical substations, then, we present a statistical Anomaly Detection (AD) method to detect Denial of Service (DoS) attacks against the Generic Object Oriented Substation Event (GOOSE) network communication. According to interpretations on the self-similarity and the Long-Range Dependency (LRD) of the data, an Auto-Regressive Fractionally Integrated Moving Average (ARFIMA) model was shown to describe well the GOOSE communication in the substation process network. Based on this ARFIMA-model and in view of cyber-physical security, an effective model-based AD method is developed and analyzed. Two variants of the statistical AD considering statistical hypothesis testing based on the Generalized Likelihood Ratio Test (GLRT) and the cumulative sum (CUSUM) are presented to detect flooding attacks that might affect the availability of the data. Our work presents a novel AD method, with two different variants, tailored to the specific features of the GOOSE traffic in IEC 61850 substations. The statistical AD is capable of detecting anomalies at unknown change times under the realistic assumption of unknown model parameters. The performance of both variants of the AD method is validated and assessed using data collected from a simulation case study. We perform several Monte-Carlo simulations under different noise variances. The detection delay is provided for each detector and it represents the number of discrete time samples after which an anomaly is detected. In fact, our statistical AD method with both variants (CUSUM and GLRT) has around half the false positive rate and a smaller detection delay when compared with two of the closest works found in the literature. Our AD approach based on the GLRT detector has the smallest false positive rate among all considered approaches. Whereas, our AD approach based on the CUSUM test has the lowest false negative rate thus the best detection rate. Depending on the requirements as well as the costs of false alarms or missed anomalies, both variants of our statistical detection method can be used and are further analyzed using composite detection metrics

Reliability Analysis of Electric Power Systems Considering Cyber Security

The new generation of the electric power system is the modern smart grid which is essentially a cyber and physical system (CPS). Supervisory control and data acquisition (SCADA)/energy management system (EMS) is the key component of CPS, which is becoming the main target of both external and insider cyberattacks. Cybersecurity of the SCADA/EMS system is facing big challenges and influences the reliability of the electric power system. Characteristics of cyber threats will impact the system reliability. System reliability can be influenced by various cyber threats with different attack skill levels and attack paths. Additionally, the change of structure of the target system may also result in the change of the system reliability. However, very limited research is related to the reliability analysis of the electric power system considering cybersecurity issue. A large amount of mathematical methods can be used to quantify the cyber threats and simulation processes can be applied to build the reliability analysis model. For instance, to analyze the vulnerabilities of the SCADA/EMS system in the electric power system, Bayesian Networks (BNs) can be used to model the attack paths of cyberattacks on the exploited vulnerabilities. The mean time-to-compromise (MTTC) and mean time-to-failure (MTTF) based on the Common Vulnerability Scoring System (CVSS) can be applied to characterize the properties of cyberattacks. What’s more, simulation approaches like non-sequential or sequential Monte Carlo Simulation (MCS) is able to simulate the system reliability analysis and calculate the reliability indexes. In this thesis, reliability of the SCADA/EMS system in the electric power system considering different cybersecurity issues is analyzed. The Bayesian attack path models of cyberattacks on the SCADA/EMS components are built by Bayesian Networks (BNs), and cyberattacks are quantified by its mean time-to-compromise (MTTC) by applying a modified Semi-Markov Process (SMP) and MTTC models. Based on the IEEE Reliability Test System (RTS) 96, the system reliability is analyzed by calculating the electric power system reliability indexes like LOLP and EENS through MCS. What’s more, cyberattacks with different lurking strategies are considered and analyzed. According to the simulation results, it shows that the system reliability of the SCADA/EMS system in the electric power system considering cyber security is closely related to the MTTC of cyberattacks, which is influenced by the attack paths, attacking skill levels, and the complexity of the target structure. With the increase of the MTTC values of cyberattacks, LOLP values decrease, which means that the reliability of the system is better, and the system is safer. In addition, with the difficulty level of lurking strategies of cyberattacks getting higher and higher, though the LOLP values of scenarios don’t increase a lot, the EENS values of the corresponding scenarios increase dramatically, which indicates that the system reliability is more unpredictable, and the cyber security is worse. Finally, insider attacks are discussed and corresponding LOLP values and EENS values considering lurking behavior are estimated and compared. Both LOLP and EENS values dramatically increase owing to the insider attacks that result in the lower MTTCs. This indicates that insider attacks can lead to worse impact on system reliability than external cyber attacks. The results of this thesis may contribute to the establishment of perfect countermeasures against with cyber attacks on the electric power system

Analysis of the IEC 61850 protocol when used for communication during maintenance operations in an electrical substation grid

Abstract: During Substation maintenance a bay is taken out of service, tested and during testing traffic is generated on the Substation Communication Network (SCN) in a power utility. A model of a Substation Communication Network that is using the International Electrotechnical Commission (IEC) 61850 protocol has been modeled in Optimized Network Engineering Tool (OPNET). IEC 61850 is a protocol that can be used in a power utility to provide interoperability between different vendors of Intelligent Electronic Devices (IED’s). Most of the IED’s sold by manufacturers for power utility networks support IEC 61850 protocol. The model has three scenarios and they are normal operation of a Substation, maintenance in a Substation and Buszone operation at a Substation. In all the scenarios packet end to end delay of GOOSE, GSSE, SV and MMS messages are monitored. The throughput from the IED under maintenance and the throughput at the Substation RTU end is monitored in the Model. The design of the Substation Communication Network using IEC 61850 will assist when trying to predict the behavior of the network with regards to this specific protocol during maintenance and when there are faults in the communication network or IED’s

Substation Communication Architecture to Realize the Future Smart Grid

Substation and its communication architecture play an important role in maintaining high reliability, and availability of the power supply. Due to the proliferation of multi-vendor IEDs (Intelligent Electronic Devices) and communication technologies in substation, there seems to be an immediate need to adopt a standard approach for meeting the critical communication demands of Substation Automation System (SAS) and also to be future ready to tackle demand growth and changing scenario due to restructuring and deregulation. This paper presents possible exploitation of the technical features of IEC 61850, the standard for Communication Networks and Systems in Substation, to make the substation communication architecture future ready to accommodate the applications and goals of smart grid. Keywords: Substation Automation, Interoperability, IEC61850, Smart Grid, Distribution Automation