IntelliGrid Architecture

Deterministic Rapid Response Intra-Substation Environment - #1

The two Deterministic Rapid Response environments carry data exchanges that were previously considered too fast, too high volume, or too deterministic to carry on a generalized network.  These data exchanges traditionally took place either within a single device or on dedicated lines. 

Typical applications: Advances in technology have now made it possible to exchange data over LANs and WANs:

·         Between protective relays to coordinate protection schemes

·         Between those devices sampling measurements  (e.g. smart current or voltage transformers) and those processing the data

·         Between multiple devices that are distributing other real-time processes that previously took place on a single device, e.g. process control.  Another name that has been used for Deterministic Rapid Response Intra-Substation is “process bus”.

Characteristics: The Deterministic Rapid Response environments require extremely high speed, high volume, or both, with timing requirements measured in milliseconds or lower.  Violation of these requirements might cause equipment damage or safety issues.

Similar Environments: The Deterministic Rapid Response Intra-Substation environment is limited within the physical boundaries of the substation.  Its security requirements can therefore be somewhat lower, and its timing requirements somewhat stricter, than Deterministic Rapid Response Inter-Site.  Data management is not a major concern because of its limited scope.

Definition:  This environment is defined by the following requirements:

Communication and Information Requirements that Define this Environment

Configuration Requirements

• Provide point-to-point interactions between two entities
• Support interactions within a contained environment (e.g. substation or control center)

Quality of Service Requirements

• Provide ultra high speed messaging (short latency) of less than 4 milliseconds
• Support extremely high availability of information flows of 99.999+ (~5 minutes)
• Support high precision of data (< 0.5 variance)
• Support time synchronization of data for age and time-skew information

Security Requirements

• Provide Authorization Service for Access Control (resolving a policy-based access control decision to ensure authorized entities have appropriate access rights and authorized access is not denied)
• Provide Security Policy Service (concerned with the management of security policies)

Data Management Requirements

• Support keeping data consistent and synchronized across systems and/or databases
• Support specific standardized or de facto object models of data

Recommended Technologies

Energy Industry-Specific Technologies

    Utility Field Device Related Data Exchange Technologies

• IEC61850 Part 7-2 - GSE (GOOSE and GSSE - Configuration, Quality of Service,
• IEC61850 Part 7-2 - SMV (Sampled Measured Values) - Configuration,
• IEC61850 Parts 7-3 and 7-4 - Substation Object Modeling - Quality of Service, Data Management
• IEEE C37.94 - Standard for N x 64 kbps Optical Fiber Interfaces between - Quality of Service,

Communications Industry Technologies

    Link Layer and Physical Technologies

• Ethernet - Quality of Service,
• Bridges/Switches - Configuration,
• Asynchronous Transfer Mode (ATM) - Configuration, Quality of Service,

    Wireless Technologies

• Global Positioning System (GPS) - Quality of Service, Data Management

Security Technologies

    Policy and Framework Related Technologies

• ISO/IEC 10164-8:1993 Security Audit Trail Function - Information technology - Open Systems Interconnection - Systems Management - Security,
• ISO/IEC 10181-7:1996 Security Audit and Alarms Framework - Information technology - Open Systems Interconnection -- Security Frameworks for Open Systems - Security,
• FIPS PUB 112 Password Usage - Security,

    General Security Technologies

• Role-Based Access Control - Security,
• Service Level Agreements (SLA) - Security,

    Application Layer Security Technologies

• IEC 62351-6 Security for IEC 61850 GOOSE, GSSE, and SMV Profiles - Security,

Network and Enterprise Management Technologies

    Network Management Technologies

• IEC 62351-7 Objects for Network Management - Quality of Service, Data Management

 

---

Recommended Common Services

Security Services

    Common Security Services

• Authorization for Access Control - Security,
• Security Policies - Security,

Network and System Management Services

    Enterprise Management Services

• System/Network Health-Check Analysis - Quality of Service,
• System/Network Fault Diagnosis - Quality of Service,
• System/Network Performance Analysis - Quality of Service,

Data Management Common Services

    Data Management Common Services

• Address and Naming Management - Data Management
• Network Time - Data Management

Common Platform Services

Recommended Best Practices

Data Management Best Practices

    Data Management

• Alternate Communication Channels - Quality of Service,
• Backup Data Sources - Quality of Service,
• Object Modeling Techniques - Data Management
• Quality Flagging - Quality of Service, Data Management
• Time Stamping - Quality of Service, Data Management
• Data Update Management - Data Management
• Management of Time-Sensitive Data Flows and Timely Access to Data by Multiple Different Users - Quality of Service, Data Management
• Management of Data and Object Naming - Data Management
• Management of Data Formats in Data Exchanges - Data Management
• Management of Data Accuracy - Quality of Service,

Security Best Practices

Security Technology Documents

Alternative Best Practices

    Data Management

• Data Backup and Logging - Quality of Service,

    IETF Internet Requests for Comments (RFCs) on Security Technologies

• RFC 1305 Network Time Protocol (Version 3) Specification, Implementation - Quality of Service,

    Other Security Technolog

• ANSI INCITS 359-2004 Role Based Access Control (RBAC) - Security,