IEEE Standards - draft standard...

IEEE P2030™/D3.0, 07-29-2010

IEEE P2030™/D3.0Draft Guide for Smart Grid Interoperability of Energy Technology and Information Technology Operation With the Electric Power System (EPS), and End-Use Applications and Loads

DCN 2030-10-0336-00-0003

Revision HistoryRev Date Summary1.0 09-18-2009 Initial document released – skeletal outline1.1 01-14-2010 Revisions to skeletal outline 2.0 04-16-2010 Includes WG text submittals; WRTG additions; architectural model2.1 05-17-2010 Includes WG comments addressed by WRTG; WRTG additions

2.2a 06-22-2010 Redline version. All WG comments on 2.1 reviewed at WG meeting in SC; new revisions from WG meeting in SC; incorporated new text and revisions as a result of WG assignments from the meeting in SC.

2.2b 06-23-2010 Redline accepted version. All WG comments on 2.0 reviewed at WG meeting in SC; new revisions from WG meeting in SC; incorporated new text and revisions as a result of WG assignments from the meeting in SC; editorial comments and IEEE formatting added. Note: Parking Lot Annex B has been removed from this version. Text from the parking lot annex is now in DCN # 2030-10-0277-00-0015

2.3 07-02-2010 Redline version. All WG comments from SC meeting in May 2010; submissions received by 7/15/2010 from assignments made at SC meeting; WRTG edits from WRTG meeting in CO June 29-July 1, 2010 (excluding formatting changes); submissions received from assignment made at WRTG meeting.

3.0 07-29-2010 All changes accepted. Draft released 8/2/2010 for WG comments.

Copyright © 2010 IEEE. All rights reserved.This is an unapproved IEEE Standards Draft, subject to change.

1

1

2

3

4

5

6

7

8

9

10

23

IEEE P2030™/D3.0, 07-29-2010


1

1

23

IEEE P2030™/D3.0, 07-29-2010

IEEE P2030™/D3.0Draft Guide for Smart Grid Interoperability of Energy Technology and Information Technology Operation With the Electric Power System (EPS), and End-Use Applications and Loads

SCC21 Standards Coordinating Committee of the

IEEE Fuel Cells, Photovoltaics, Dispersed Generation and Energy Storage Society

Approved <XX MONTH 20XX>

IEEE-SA Standards Board

Copyright © 2010 by the Institute of Electrical and Electronics Engineers, Inc.Three Park AvenueNew York, New York 10016-5997, USA

All rights reserved.

This document is an unapproved draft of a proposed IEEE Standard. As such, this document is subject to change. USE AT YOUR OWN RISK! Because this is an unapproved draft, this document must not be utilized for any conformance/compliance purposes. Permission is hereby granted for IEEE Standards Committee participants to reproduce this document for purposes of international standardization consideration. Prior to adoption of this document, in whole or in part, by another standards development organization, permission must first be obtained from the IEEE Standards Activities Department ([email protected]). Other entities seeking permission to reproduce this document, in whole or in part, must also obtain permission from the IEEE Standards Activities Department.

IEEE Standards Activities Department445 Hoes LanePiscataway, NJ 08854, USA


1

1

2

3

4

5

6

7

8

9

10

1112

131415

16

1718192021222324

252627

23

IEEE P2030™/D3.0, 07-29-2010

Abstract: <Select this text and type or paste Abstract—contents of the Scope may be used>Keywords: <Select this text and type or paste keywords>


1

123

23

IEEE P2030™/D3.0, 07-29-2010

IEEE Standards documents are developed within the IEEE Societies and the Standards Coordinating Committees of the IEEE Standards Association (IEEE-SA) Standards Board. The IEEE develops its standards through a consensus development process, approved by the American National Standards Institute, which brings together volunteers representing varied viewpoints and interests to achieve the final product. Volunteers are not necessarily members of the Institute and serve without compensation. While the IEEE administers the process and establishes rules to promote fairness in the consensus development process, the IEEE does not independently evaluate, test, or verify the accuracy of any of the information or the soundness of any judgments contained in its standards.

Use of an IEEE Standard is wholly voluntary. The IEEE disclaims liability for any personal injury, property or other damage, of any nature whatsoever, whether special, indirect, consequential, or compensatory, directly or indirectly resulting from the publication, use of, or reliance upon this, or any other IEEE Standard document.

The IEEE does not warrant or represent the accuracy or content of the material contained herein, and expressly disclaims any express or implied warranty, including any implied warranty of merchantability or fitness for a specific purpose, or that the use of the material contained herein is free from patent infringement. IEEE Standards documents are supplied “AS IS.”

The existence of an IEEE Standard does not imply that there are no other ways to produce, test, measure, purchase, market, or provide other goods and services related to the scope of the IEEE Standard. Furthermore, the viewpoint expressed at the time a standard is approved and issued is subject to change brought about through developments in the state of the art and comments received from users of the standard. Every IEEE Standard is subjected to review at least every five years for revision or reaffirmation, or every ten years for stabilization. When a document is more than five years old and has not been reaffirmed, or more than ten years old and has not been stabilized, it is reasonable to conclude that its contents, although still of some value, do not wholly reflect the present state of the art. Users are cautioned to check to determine that they have the latest edition of any IEEE Standard.

In publishing and making this document available, the IEEE is not suggesting or rendering professional or other services for, or on behalf of, any person or entity. Nor is the IEEE undertaking to perform any duty owed by any other person or entity to another. Any person utilizing this, and any other IEEE Standards document, should rely upon his or her independent judgment in the exercise of reasonable care in any given circumstances or, as appropriate, seek the advice of a competent professional in determining the appropriateness of a given IEEE standard.

Interpretations: Occasionally questions may arise regarding the meaning of portions of standards as they relate to specific applications. When the need for interpretations is brought to the attention of IEEE, the Institute will initiate action to prepare appropriate responses. Since IEEE Standards represent a consensus of concerned interests, it is important to ensure that any interpretation has also received the concurrence of a balance of interests. For this reason, IEEE and the members of its societies and Standards Coordinating Committees are not able to provide an instant response to interpretation requests except in those cases where the matter has previously received formal consideration. A statement, written or oral, that is not processed in accordance with the IEEE-SA Standards Board Operations Manual shall not be considered the official position of IEEE or any of its committees and shall not be considered to be, nor be relied upon as, a formal interpretation of the IEEE. At lectures, symposia, seminars, or educational courses, an individual presenting information on IEEE standards shall make it clear that his or her views should be considered the personal views of that individual rather than the formal position, explanation, or interpretation of the IEEE.

Comments for revision of IEEE Standards are welcome from any interested party, regardless of membership affiliation with IEEE. Suggestions for changes in documents should be in the form of a proposed change of text, together with appropriate supporting comments. Recommendations to change the status of a stabilized standard should include a rationale as to why a revision or withdrawal is required. Comments and recommendations on standards, and requests for interpretations should be addressed to:

Secretary, IEEE-SA Standards Board445 Hoes LanePiscataway, NJ 08854USA

Authorization to photocopy portions of any individual standard for internal or personal use is granted by The Institute of Electrical and Electronics Engineers, Inc., provided that the appropriate fee is paid to Copyright Clearance Center. To arrange for payment of licensing fee, please contact Copyright Clearance Center, Customer Service, 222 Rosewood Drive, Danvers, MA 01923 USA; +1 978 750 8400. Permission to photocopy portions of any individual standard for educational classroom use can also be obtained through the Copyright Clearance Center.


1

1234567

89

10

11121314

1516171819202122

2324252627

2829303132333435363738

3940414243

44454647

4849505152

23

IEEE P2030™/D3.0, 07-29-2010

Introduction

This introduction is not part of IEEE P2030 varDraftNumber, Draft Guide for Smart Grid Interoperability of Energy Technology and Information Technology Operation with the Electric Power System (EPS), and End-Use Applications and Loads.

The sophistication of electrical power grids throughout the world vary significantly, and may vary within a country from area to area, or electrical service provider to electrical service provider. The need to upgrade electrical power systems has stimulated the concept of Smart Grid, a broad and ill-defined term used globally to include application of additional information and communications technology to electrical power grids. This need has also driven legislation and regulation of power systems throughout the world.

The Energy Independence and Security Act (EISA) of 2007 calls for the development of protocols and standards to increase the flexibility of use for smart grid equipment and systems. Under Section 1305 of the act, this interoperable framework "shall be flexible, uniform, and technology neutral" and "align policy, business, and technology approaches in a manner that would enable all electric resources, including demand-side resources, to contribute to an efficient, reliable electricity network." The IEEE P2030 TM Draft Guide for Smart Grid Interoperability of Energy Technology and Information Technology Operation with the Electric Power System (EPS), and End-Use Applications and Loads (IEEE P2030) supports this directive and addresses these issues as they relate to generation, transmission, distribution, transmission, storage, and end use of the electric power grid.

Electricity knows no national boundaries. The same can be said for the Smart Grid (SG). Currently, there are many, both national and international, standardization initiatives related to the development of the SG concept. An SG roadmap was developed in 2010 by the International Electrotechnical Commission IEC, through its Strategic Group 3, developed a roadmap that is similar to that developed by the U.S. National Institute of Standards and Technology (NIST). There is considerable interest in this topic in developing countries that do not have a robust electric power infrastructure at this time.

Building off of a conceptual reference model produced by NIST to facilitate SDOs in standards development for the Smart Grid, IEEE P2030 focuses on the interoperability components of communications, power systems, and information technology platforms (Figure 1). It views the Smart Grid as a large, complex “system of systems” and provides guidance through the numerous interoperable SG design pathways throughout the electric power system to the loads, and for serving end-use applications. This interoperability “groundwork” lays the foundation for the emerging Smart Grid applications layer that provides a platform for a number of advanced Smart Grid applications and services.

ivCopyright © 2010 IEEE. All rights reserved.

This is an unapproved IEEE Standards Draft, subject to change.

1

1

234

56789

101112131415161718

192021222324

25262728293031

234

IEEE P2030™/D3.0, 07-29-2010

Figure 1—Hierarchy of Smart Grid Interoperability

Notice to users

Laws and regulations

Users of these documents should consult all applicable laws and regulations. Compliance with the provisions of this standard does not imply compliance to any applicable regulatory requirements. Implementers of the standard are responsible for observing or referring to the applicable regulatory requirements. IEEE does not, by the publication of its standards, intend to urge action that is not in compliance with applicable laws, and these documents may not be construed as doing so.

Copyrights

This document is copyrighted by the IEEE. It is made available for a wide variety of both public and private uses. These include both use, by reference, in laws and regulations, and use in private self-regulation, standardization, and the promotion of engineering practices and methods. By making this document available for use and adoption by public authorities and private users, the IEEE does not waive any rights in copyright to this document.

Updating of IEEE documents

Users of IEEE standards should be aware that these documents may be superseded at any time by the issuance of new editions or may be amended from time to time through the issuance of amendments, corrigenda, or errata. An official IEEE document at any point in time consists of the current edition of the document together with any amendments, corrigenda, or errata then in effect. In order to determine whether a given document is the current edition and whether it has been amended through the issuance of

vCopyright © 2010 IEEE. All rights reserved.


Smart Grid Interoperability Guidance

1

1

2

3

4

56789

10

1112131415

16

1718192021

234

IEEE P2030™/D3.0, 07-29-2010

amendments, corrigenda, or errata, visit the IEEE Standards Association web site at http://ieeexplore.ieee.org/xpl/standards.jsp, or contact the IEEE at the address listed previously.

For more information about the IEEE Standards Association or the IEEE standards development process, visit the IEEE-SA web site at http://standards.ieee.org.

Errata

Errata, if any, for this and all other standards can be accessed at the following URL: http://standards.ieee.org/reading/ieee/updates/errata/index.html. Users are encouraged to check this URL for errata periodically.

Interpretations

Current interpretations can be accessed at the following URL: http://standards.ieee.org/reading/ieee/interp/index.html.

Patents

[If the IEEE has not received letters of assurance prior to the time of publication, the following notice shall appear:]

Attention is called to the possibility that implementation of thistxtTrialUsetxtGorRPorSTD may require use of subject matter covered by patent rights. By publication of thistxtTrialUsetxtGorRPorSTD, no position is taken with respect to the existence or validity of any patent rights in connection therewith. The IEEE is not responsible for identifying Essential Patent Claims for which a license may be required, for conducting inquiries into the legal validity or scope of Patents Claims or determining whether any licensing terms or conditions provided in connection with submission of a Letter of Assurance, if any, or in any licensing agreements are reasonable or non-discriminatory. Users of thistxtTrialUsetxtGorRPorSTD are expressly advised that determination of the validity of any patent rights, and the risk of infringement of such rights, is entirely their own responsibility. Further information may be obtained from the IEEE Standards Association.

[The following notice shall appear when the IEEE receives assurance from a known patent holder or patent applicant prior to the time of publication that a license will be made available to all applicants either without compensation or under reasonable rates, terms, and conditions that are demonstrably free of any unfair discrimination.]

Attention is called to the possibility that implementation of thistxtTrialUsetxtGorRPorSTD may require use of subject matter covered by patent rights. By publication of thistxtTrialUsetxtGorRPorSTD, no position is taken with respect to the existence or validity of any patent rights in connection therewith. A patent holder or patent applicant has filed a statement of assurance that it will grant licenses under these rights without compensation or under reasonable rates, with reasonable terms and conditions that are demonstrably free of any unfair discrimination to applicants desiring to obtain such licenses. Other Essential Patent Claims may exist for which a statement of assurance has not been received. The IEEE is not responsible for identifying Essential Patent Claims for which a license may be required, for conducting inquiries into the legal validity or scope of Patents Claims, or determining whether any licensing terms or conditions provided in connection with submission of a Letter of Assurance, if any, or in any licensing agreements are reasonable or non-discriminatory. Users of thistxtTrialUsetxtGorRPorSTD are expressly advised that determination of the validity of any patent rights, and the risk of infringement of such rights, is entirely their own responsibility. Further information may be obtained from the IEEE Standards Association.

viCopyright © 2010 IEEE. All rights reserved.


1

12

34

5

678

9

1011

12

1314

15161718192021222324

25262728

29303132333435363738394041

234

http://standards.ieee.org/reading/ieee/interp/index.html

http://standards.ieee.org/reading/ieee/interp/index.html

http://standards.ieee.org/reading/ieee/updates/errata/index.html

http://standards.ieee.org/

http://ieeexplore.ieee.org/xpl/standards.jsp

IEEE P2030™/D3.0, 07-29-2010

Participants

At the time this draft guide was submitted to the IEEE-SA Standards Board for approval, the P2030 Working Group had the following membership:

Dick DeBlasio, ChairTom Prevost, P2030 Vice Chair and Task Force 1 Co-ChairThomas Basso, P2030 Secretary and Task Force 1 Recorder

Sam Sciacca, Task Force 1 Co-ChairRobert Grow, Task Force 2 Co-ChairJeffrey Katz, Task Force 2 Co-Chair

Michael Coddington, Task Force 2 RecorderStefano Galli, Task Force 3 Co-Chair

Bob Heile, Task Force 3 Co-ChairConnie Komomua, Task Force 3 Recorder and Writing Group Secretary

Bill Ash, IEEE Standards Liaison

Participant1Participant2Participant3



The following members of the <individual/entity> balloting committee voted on this draft guide. Balloters may have voted for approval, disapproval, or abstention.

(to be supplied by IEEE)

Balloter1Balloter2Balloter3



When the IEEE-SA Standards Board approved this draft guide on <XX MONTH 20XX>, it had the following membership:

(to be supplied by IEEE)<Name>, Chair

<Name>, Vice Chair<Name>, Secretary

SBMember1SBMember2

SBMember3SBMember4

SBMember5SBMember6

*Member Emeritus

Also included are the following nonvoting IEEE-SA Standards Board liaisons:

<Name>, NRC Representative<Name>, DOE Representative<Name>, NIST Representative

<Name>, IEEE Standards Program Manager, Document Development

<Name>, IEEE Standards Program Manager, Technical Program Development

viiCopyright © 2010 IEEE. All rights reserved.


1

1

23

456789

10111213141516171819

202122

232425

26272829303132333435

363738

394041

42434445

46474849505152

5354

5556

57

585960

61626364656667

234

IEEE P2030™/D3.0, 07-29-2010

Contents

1. Overview......................................................................................................................................................91.1 Scope.....................................................................................................................................................91.2 Purpose................................................................................................................................................101.3 Alternative approaches........................................................................................................................10

2. Normative references..................................................................................................................................10

3. Definitions and acronyms...........................................................................................................................103.1 Definitions...........................................................................................................................................103.2 Acronyms.............................................................................................................................................12

4. The smart grid.............................................................................................................................................124.1 The electric power infrastructure.........................................................................................................124.2 The Smart Grid: A complex system of systems..................................................................................134.3 Smart Grid Architecture......................................................................................................................144.4 Interoperability....................................................................................................................................154.5 Security................................................................................................................................................16

5. IEEE P2030 Smart Grid Interoperability Reference Model.......................................................................17

6. Power Systems Interoperability..................................................................................................................196.1 Logical description of the electrical power system.............................................................................206.2 Power systems perspective: IEEE P230 Smart Grid Interoperability Model......................................216.3 Domains, Actors, and Data Paths........................................................................................................216.4 Data description...................................................................................................................................366.5 Data types............................................................................................................................................386.6 Using the IEEE P2030 Smart Grid Power Systems Interoperability Model.......................................39

7. Communications technology interoperability............................................................................................437.1 Models of the Grid...............................................................................................................................437.2 Network topology types.......................................................................................................................437.3 Relevant communication entities.........................................................................................................437.4 Communications requirements............................................................................................................437.5 Smart Grid Evaluation Criteria (SGEC)..............................................................................................437.6 Smart Grid communications building blocks......................................................................................497.7 Key Principles for a Smart Grid Communications Interoperability Model.........................................49

8. Information systems intraoperability..........................................................................................................638.1 Introduction of context of topics in Smart Grid interoperability information technology..................638.2 Power Engineering – Brief overview from IT perspective..................................................................668.3 Information Technology Architecture.................................................................................................678.4 Data Modeling and Analysis...............................................................................................................868.5 Information Security Principles and Practices for Smart Grid............................................................888.6 Communications................................................................................................................................100

9. Legacy electric power systems and the smart grid...................................................................................1029.1 Introduction.......................................................................................................................................1029.2 SCADA Communications.................................................................................................................1029.3 Technology aspects (of legacy systems and the smart grid).............................................................1049.4 Market aspects (of legacy systems and the smart grid).....................................................................1049.5 Regulatory aspects (of legacy systems and the smart grid)...............................................................107

viiiCopyright © 2010 IEEE. All rights reserved.


1

1

2345

6

789

101112131415

16

17181920212223

2425262728293031

32333435363738

394041424344

234

IEEE P2030™/D3.0, 07-29-2010

Annex A (informative) Bibliography...........................................................................................................108

Annex B (informative) Power Systems Perspective: P2030 Smart Grid Interoperability Reference Model Examples......................................................................................................................................................109

ixCopyright © 2010 IEEE. All rights reserved.


1

1

234

234

IEEE P2030™/D3.0Draft Guide for Smart Grid Interoperability of Energy Technology and Information Technology Operation With the Electric Power System (EPS), and End-Use Applications and LoadsIMPORTANT NOTICE: This standard is not intended to ensure safety, security, health, or environmental protection in all circumstances. Implementers of the standard are responsible for determining appropriate safety, security, environmental, and health practices or regulatory requirements.

This IEEE document is made available for use subject to important notices and legal disclaimers. These notices and disclaimers appear in all publications containing this document and may be found under the heading “Important Notice” or “Important Notices and Disclaimers Concerning IEEE Documents.” They can also be obtained on request from IEEE or viewed at http://standards.ieee.org/IPR/disclaimers.html.

1. Overview

This overview is intended to provide a concise description of the scope, purpose, and application of this guide. The scope explains what is covered in the guide, the purpose explains why this guide’s project is needed, and background information explains the evolution of this guide. Following that, introductory information is presented on understanding this guide’s general application considerations and how to use it. Detailed discussions of technical content are provided in the later clauses of this guide.

1.1 Scope

This document provides guidelines for smart grid interoperability. This guide provides a knowledge base addressing terminology, characteristics, functional performance and evaluation criteria, and the application of engineering principles for smart grid interoperability of the electric power system with end-use applications and loads. The guide discusses alternate approaches and good practices for smart grid solutions.

1

1

2

3

4

5

6

78

9101112

1314151617

18

1920212223

24

2526272829

2

http://standards.ieee.org/IPR/disclaimers.html

1.2 Purpose

This standard provides guidelines in understanding and defining smart grid interoperability of the electric power system with end-use applications and loads. Integration of energy, information, and communication technologies is necessary to achieve seamless operation for electric generation, delivery, and end-use benefits to permit two-way power flow with communication and control. Interconnection and intra-facing frameworks and strategies with design definitions are addressed in this standard, providing guidance in expanding the current knowledge base. This expanded knowledge base is needed as a key element in grid architectural designs and operation to promote a more reliable and flexible electric power system.

1.3 Alternative approaches

This document provides guidelines rather than rigid requirements. This means alternative approaches to good practices may be suggested but no clear-cut recommendations are made. In some cases, examples are given, but more often than not, there will be more than one effective way to accomplish a desired result.

2. Normative references

The following referenced documents are indispensable for the application of this document (i.e., they must be understood and used, so each referenced document is cited in text and its relationship to this document is explained). For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments or corrigenda) applies.

[To be developed as the draft evolves]

3. Definitions and acronyms

3.1 Definitions

[To be developed further as the draft evolves]

For the purposes of this document, the following terms and definitions apply. The IEEE Standards Dictionary: Glossary of Terms & Definitions should be referenced for terms not defined in this clause.1

architecture: The organizational structure of a system or component, their relationships, and the principles and guidelines governing their design and evolution over time. (IEEE 610.12)

customer energy management and control:

customer information system (CIS): Application which maintains customer specific data such as name & address/location

distributed energy resources (local generation): As defined in IEEE 1547 definitions

dispatch (forecast and scheduling): Market-driven production capacity and generation

distributed generation and storage: A complex of entities which include PEVs and solar panels

distributed resources: As defined in IEEE 1547 definitions

distribution management:

distribution operations:

domain:

1 The IEEE Standards Dictionary: Glossary of Terms & Definitions is available at http://shop.ieee.org/.

1

1

2345678

9

101112

13

14151617

18

19

20

21

2223

2425

26

2728

29

30

31

32

33

34

35

2

3

http://shop.ieee.org/

dynamic equipment rating: Exceeding nominal operations boundaries in exceptional circumstances.

electric power system (EPS): Facilities that deliver electric power to a load. Note: These facilities may also receive power from various energy sources.

end-use application: The act or practice of employing a method or manner that serves the purpose of administering or controlling the consumption or production of electricity at a device (equipment or system) or facility.

energy management (SCADA & EMS): Management and control of electric transmission systems

energy market clearing:

geographic information system (GIS): Maintains exact geographic information on precise asset location

interactive voice response (IVR): application which provides interactive voice between response about customer service status

interface: The point of interaction between two systems or products.

interoperability: The capability of two or more networks, systems, devices, applications, or components to externally exchange and readily use information across the stated interfaces —securely, effectively, and with little or no inconvenience to the user.

intraoperability: The capability of two or more networks, systems, devices, applications, or components to internally exchange and readily use information internal to the stated interfaces — securely, effectively, and with little or no inconvenience to the user.

ISO/RTO operations:

ISO/RTO wholesale market trading:

load: The true or apparent power consumed by power utilization equipment.

meter data management:

monitoring information & control (MIC): Sensing and measurement application (cf. distribution field device MIC)

outage management: (OMS + IVR + WMS): Management of forced and also planned outages (Note: IEEE 1336)

plant control (DCS): Control and management of power generation plants

point of connection:

revenue metering:

smart grid:

stability control:

substation automation:

transmission operations:

user: The independent party that may be a purchaser of electric power or a producer of electric energy, or both. Synonym: customer

utility control center and enterprise network:

utility revenue metering: Meter owned and controlled by the Utility (Not Usage Meter which is owned by the Customer):

wide-area monitoring (PMU):

1

1

23

456

7

8

9

1011

12

13141516171819

20

21

22

23

2425

2627

28

29

30

31

32

33

34

3536

37

3839

40

2

3.2 Acronyms

[To be developed further as the draft evolves]

CIM Common Information ModelEPS electric power systemEPOI entry point of interfaceGOOSE Generic Object Oriented Substation EventsHAN Home Area NetworkMMS Manufacturing Message SpecificationPOI point of interfaceSAE Society of Automotive EngineersSCADA Supervisory Control And Data AcquisitionSCL Substation Configuration Language

4. The smart grid

The smart grid (SG) encompasses the integration of power, communications, and information technologies for an improved electric power infrastructure serving loads while providing for an ongoing evolution of end-use applications.

4.1 The electric power infrastructure

The electric power infrastructure is traditionally viewed in terms of central station, or bulk, power plants providing electricity via the grid to customers or consumers (Figure 2). The grid, which we designate herein as the electric power system (EPS), includes all the facilities that deliver electric power to a load (e.g., the substations, transmission lines, distribution lines, and other supporting equipment). Traditionally at the customer facilities, loads generally were served without much administration or control of the consumption of the electricity other than running the electric device or equipment. As electric technology evolved, management and control of EPS equipment and loads evolved. That included equipment and loads that were either set to operate on schedules or that monitored certain parameters and would communicate such information for controllers (equipment or people) to purposely employ some method or manner to manage the consumption of electricity or its delivery. As electric technology further evolved, distributed resources (both generators and electric storage systems) proved feasible to interconnect at non-bulk power points in the grid, and operate in parallel with the traditional electric power system. Today, modern communications and information systems employed in the grid or at customer facilities may support the integrated communications to enable a modern, more intelligent EPS. An integrated, fully automated electric grid can be much more than just a delivery system—it can allow productive options to both utility operators and customers to potentially improve system reliability, asset utilization, and efficiency, in a secure manner.

1

1

2

3456789

101112

13

141516

17

1819202122232425262728293031323334

2

Figure 2—Traditional electric power infrastructure [placeholder for a new graphic - same concept]

4.2 The Smart Grid: A complex system of systems

The SG is a complex system of systems whose overall properties (when interoperable with applications and loads) are greater than the sum of its parts. As the EPS is upgraded with more flexibility, integrated communications, and advanced controls, this improved grid will enable large-scale integration and interoperability of a greater diversity of technologies, connected at any part of the grid. The future SG will be a highly automated power delivery network that uses a multiplex communication system to monitor and manage power availability and quality, immediate and predicted load demands, and the status of supporting infrastructure, while capable of responding to near-real time communications such as incentives for producers and consumers to create a continually optimized two-way flow of electricity. In its most encompassing form, implementation of a Smart Grid adds digital intelligence to all areas of the electric power system infrastructure that will interoperate with end-use applications and loads.

The SG of the future is evolving today toward a highly-automated EPS (Figure 3) to be integrated with end-use applications and loads. That integration will include a preponderance of monitoring and control activities, ensuring a two-way flow of electricity and information among the electricity delivery system, loads, and the customer, and all points in between. Up and down the electric power system the SG will generate billions of data points from thousands of system devices and hundreds of thousands of customers. What will make the grid “smart” will be the ability to sense, monitor, and in some cases control (automatically or remotely) how the EPS, loads and end-use applications interoperate (interact) or behave under an ever-changing real-time set of conditions. In its most basic form, implementation of a smart grid is adding intelligence to all areas of the electric power system for optimal use.

1

1

23

4

56789

1011121314

151617181920212223

2

Figure 3—EPS tomorrow [placeholder for new graphic – same concept]The components of the electricity delivery system (or EPS) need to have the ability to sense, and be commanded/controlled, effectively in the smart grid as well as complementary participation by end-use applications and smart loads. These components, applications and loads need to participate in operational and non-operational data exchanges securely. The components, loads and applications internal microprocessor systems, where present, will likely require re-configuration, software updating, and firmware versioning control. Interfaces to existing applications such as Market Management Systems (MMS), Energy Management Systems (EMS), Supervisory Control And Data Acquisition (SCADA), Distribution Management Systems (DMS), Outage Management Systems (OMS), Substation Automation Systems (SAS), Meter Data Management Systems (MDMS), and Geospatial Information Systems (GIS) will be required.

4.3 Smart Grid Architecture

Because the smart grid involves the integration of energy technologies with information and communications technologies, the application of system engineering principles for smart grid evolution is of paramount importance. The architectures of the three technology components—the power, communications, and information technologies—needs to be skillfully integrated to achieve smart grid interoperability of the EPS with loads and applications. The architectures of the three component technologies must be robust enough to accommodate evolution from today’s equipment implementation to the future without undue obsolescence.

This guide considers three high-level perspectives from an architectural viewpoint: power systems, communications, and information technology (Figure 4) toward addressing interoperability among the smart grid EPS, loads and end-use applications. Summary of the three perspectives follow.

Power systems perspective. This is the first view of a smart grid architecture as it defines the electric grid domains including, bulk power generation, transmission and distribution, interconnected distributed resources, loads, end-use applications, and customers.

Communications technology perspective. This view adds monitoring and advanced SCADA, power electronics, control and sensor networking systems and enables connectivity among these control and measurement elements.

Information technology perspective. This view enables the control of processses and data management flow of the grid. It provides secure processes, interfaces, and connnections to the bi-directional flow of energy information enabled by the communications layers. It stores, processes, manages and controls the information data flow and defines business intelligence processes to refine raw data into more intelligent decision making processes at multiple control and operation centers.

1

1

2

3456789

101112

13

14151617181920

212223

2425262728293031323334353637

2

Figure 4 - The three Smart Grid interoperability perspectivesEach of these perspectives break down further into sub dimensions and more detailed relationships—all of which are defined in the guide and coded in the IEEE P2030 Smart Grid Interoperability Reference Model. The architecture is presented functionally, and not intended to be prescriptive or restrictive. It is imperative that the architecture evolve but that interoperability continues as a mainstay foundational attribute of the Smart Grid.

Making everything work together intelligently and securely is critical to the successful implementation of the Smart grid. For example, to work intelligently when interfacing the refrigerator, and the smart meter-access point, and the electrical substations and even a local distributed generator system, requires interoperability at each point. In the home, appliances from different manufacturers will need a compatible protocol to communicate on a home area network and with the smart meter. Interoperability is the key to the smart grid, and this guide provides smart grid interoperability definition, understanding, and discussion of alternate approaches and good practices for smart grid solutions.

4.4 Interoperability

In general, interoperability is a property referring to the ability of diverse systems and organizations to interoperate without a loss in functionality. Smart Grid interoperability is a functionality of the grid that enables a seamless exchange of information between among the three architectural perspectives of power systems, communications technology, and information technology at the entry point of interface (EPOI) without undue customization with little or no inconvenience to the user.

For the Smart Grid to be interoperable (that is, interoperable of energy technology and information technology operation with the EPS, and end-use applications and loads), intraoperability must needs to exist on each perspective. Intraoperability is where two or more networks, systems, devices, applications, or components to internally exchange and readily use information internal to the stated interfaces — securely, effectively, and with little or no inconvenience to the user. To address intraoperability, the commonalities need to be identified among actors (devices, computer systems, software programs) of one domain group to another defining interchangeability potential between actors at the point of interface (POI). Without intraoperability, interoperability cannot be achieved because there would be significant inconvenience to the user.

Interoperability will allow utilities, consumers and others who are implementing the smart grid to purchase hardware and software in the marketplace and readily incorporate it into different areas of the smart grid so

1

12

3

45678

9101112131415

16

1718192021

222324252627282930

3132

2

that it will work nearly seamlessly and interoperate with other smart grid components. Interoperability should also allow software from one provider to another to seamlessly and compatibly interact. The diversity of communication technologies used across the electric power system—from transmission to distribution and ultimately, to devices used at the customer premises presents a significant challenge to achieving interoperability. Interoperability and intraoperability will evolve at different times and locations and will not be instantaneous and universal in deployment.

The deployment of the smart grid will be a continuing evolution not a single event. Consequently, there is a need to adapt legacy protocols to new communications capabilities. Interoperability in communications has generally been improved by use of functionality layered in accordance with the ISO OSI Reference Model shown in Table 1. With this model, functions are placed into layers; and layers are connected with service interfaces. For example, a service interface is defined between the data link layer and the physical layer.

Table 1—Open Systems Interconnect Reference Model

Layer Functionality7 Application6 Presentation5 Session4 Transport3 Network2 Data Link1 Physical

This layering simplifies the task of replacing one communication technology with an alternate technology. For example, a transport protocol can be designed to operate over a wide variety of data link types that comply with the service interface.

Many of the legacy protocols and communications in the grid effectively connect the application directly to the layer 2 data link technology (e.g., a dedicated phone circuit). Many of these communication links may exist within the Smart Grid for many years to come. In evolving existing protocols and applications to a layered communications architecture, implementers may need to adapt the existing protocol to conform to the transport layer of a modern layered communication network.

The very nature of adding digital intelligence and two-way functionality to the power grid will promote a more flexible and reliable delivery system, and consequently, introduce new security concerns. Cyber security has always been a concern for utility IT experts, but has become a more significant issue due to the complex architectural layering of the smart grid’s physical layers with communication and control systems.

4.5 Security

Imperatives of increased power system and business system integration along with business efficiency considerations of commercial off-the-shelf (COTS) and interoperable application and system choices at competitive cost points are driving the industry away from using proprietary operating systems and “obscure” communication protocols to standardized, well documented and often open sourced software and hardware platforms. Achieving such interoperability of smart grid systems however comes with security vulnerabilities that have to be addressed.

In any security program, the first goal is always to protect human life and safety. With a system that handles power generation, transmission, and distribution that responsibility extends beyond the traditional walls of the data center. An intruder can either intentionally or unintentionally cause a line to be energized

1

123456

789

101112

13

14

15

161718

1920212223

24252627

28

293031323334

353637

2

that would endanger lives. Similarly, a line may be de-energized in such a way as to cause damage to transmission and control systems as well as endanger the safety of employees and the public.

Cyber vulnerabilities have been identified by cyber security assessments of communications methods currently supporting the power grid, certainly the deployment of many new communications and information technologies will lead to more complex cyber security issues. As we integrate bulk power generation with distributed alternative generation and storage technologies, the electric grid is evolving to a system with increasing diversity, interactivity and interdependence, Networked and distributed information infrastructure is playing a central role in management of such power systems through ubiquitous and almost real-time retrieval of local and wide area situational information like voltage, current, phase angle, reactive and real power flow direction, thermal and equipment status and other grid operational information from various field equipment, processing them through diverse set of interconnected decision system applications and sending back control information to actuators and devices to maintain stability, enhance efficiency and prevent failures of the power system. This integrated information processing path exposes the power grid operation and business processes to existing and emergent vulnerabilities which could be eventuated by deliberate attacks as well as operational mistakes, equipment failures and natural disasters. The power grid, as a result, needs to have pervasive resilient postures against such security and safety incidents so that they are prevented, detected and recovered from in a timely fashion.

Numerous organizations have focused research on cyber security issues and have established reports and guidelines. Of particular note is NERC’s Critical Infrastructure Protection (CIP) Reliability Standards1 and the NIST-led Cyber Security Working Group2.

Beyond the safety concerns, physical and information security goals exist. At least four layers of physical security exist: 1) environmental design, 2) mechanical and electronic access control, 3) intrusion detection and, 4) video monitoring. Physical security is not addressed further in this guide. Data privacy and grid security concerns exist on all three perspectives of the SG architecture and are discussed in greater detail in sections 6, 7, and 8 of this guide.

5. IEEE P2030 Smart Grid Interoperability Reference Model

The IEEE P2030 Smart Grid Interoperability Reference Model (SGRIM) is presented as a set of coded diagrams that offer optimal standards-based architectural direction for the integration of energy systems with communications and information technology infrastructures of the evolving smart grid. It provides smart grid builders assistance and flexibility in creating integrated information pathways across the electric power system to the load and serving end-use applications.

As illustrated in Figure 5, interoperability interfaces are labeled or coded indicating interface links. These coded connections are described and utilized in the design code tables (DCT) listed throughout this guide. This constitutes the IEEE P2030 smart grid interoperable methodology structured to allow transparency and simplicity to understanding key design links without specifying required or recommended hardware or software thus allowing the reader increased flexibility to use the guide for implementation strategies and applications.

1 Critical Infrastructure Protection (CIP) Reliability Standards section of NERC’s Reliability Standards for the Bulk Electric Systems in North America at: http://www.nerc.com/files/Reliability_Standards_Complete_Set.pdf2 SGIP/NIST “CyberSecurity Working Group” collaboration site at:http://collaborate.nist.gov/twiki-sggrid/bin/view/SmartGrid/CyberSecurityCTG

1

12

3456789

1011121314151617

181920

2122232425

26

2728293031

323334353637

23456

7

Figure 5- IEEE P2030 smart grid schematic and design code <PLACEHOLDER>The IEEE P2030 SGIRM gives guidance to Smart Grid architecture development not only in support of the transformation to an intelligent grid, but in making certain that enhancements can be made well into the future. The Smart Grid architectural principles, indentified by the GridWise Architecture Council, IntelliGrid, and UtilityAMI, among others, and summarized by NIST are described in Table 2. (Interim Smart Grid Roadmap, National Institute of Standards and Technology. Draft prepared by Electric Power Research Institute.)

Table 2—Architectural PrinciplesPrinciple Description

Standardization The elements of the infrastructure and the ways in which they interrelate are clearly defined, published, useful, open and stable over time

Openness The infrastructure is based on technology that is available to all qualified stakeholders on a nondiscriminatory basis. Providers of the technology have an evolution plan toward openness and standardization.

Interoperability The standardization of interfaces within the infrastructure is organized such that: The system can be easily customized for particular geographical,

application-specific, or business circumstances, but Customization does not prevent necessary communications between

elements of the infrastructure.

Security The infrastructure is protected against unauthorized access and interference with normal operation. It consistently implements information privacy and other security policies.

Extensibility The infrastructure is not designed with built-in constraints to extending its capabilities as new applications are discovered and developed. Toward this goal,

Its data is defined and structured according to a common information model

It separates the definition of data from the methods used to deliver it Its components can announce and describe themselves to other

components

Scalability The infrastructure can be expanded throughout the power system with no inherent limitations on its size

Manageability The components of the infrastructure can have their configuration assessed and managed, faults can be identified and isolated, and the components are otherwise remotely manageable

Upgradeability The configuration, software, algorithms and security credentials of the infrastructure can be upgraded safely and securely with minimal remote site visits. This is a particular aspect of manageability.

Shareability The infrastructure uses shared resources which offer economies of scale, minimize duplicative efforts, and if appropriately organized, encourage the introduction of competing innovative solutions

Ubiquity Authorized users can readily take advantage of the infrastructure and what it provides regardless of geographic or other types of barriers

Integrity The infrastructure operates at a high level of availability, performance and reliability. It re-routes communications automatically, operates during power outages, and stores data for intervals sufficient to recover from failure events

Ease of Use There are logical, consistent and preferably intuitive rules and procedures for the use

1

1

234567

8

2

and management of the infrastructure. The system maximizes the information and choices available to users while minimizing the actions they must take to participate if they choose to do so.

The IEEE P2030 SGIRM is intended to present design and implementation alternatives for systems that facilitate data flow between smart grid elements, loads, and end-use applications. It defines key points of interoperability across the smart grid, but does not define the technology implementation.

The driving design criteria for smart grid interoperability are the data path and the nature and the purpose of the data communicated. The data path is where the data originates and where the data is utilized, irrespective of communication medium, method, or protocol. The nature of the data communicated can consist of a number of characteristics, such as security requirements, privacy requirements, frequency, volume, and reliability. Since the purpose of the data is to satisfy requirements of stakeholder entities, these criteria originate in the power system domain, the power system domain forms the fundamental basis of the IEEE P2030 SGIRM.

The communication technology layer builds upon the power systems foundation by describing possible interfaces between smart grid elements. Once the data requirements have been defined, a designer may, using the communications reference architecture, select a set of communication interconnections that meet the data needs. This systems engineering approach to design provides flexibility to the designer as well as a mechanism to leverage existing communication infrastructure in smart grid implementation.

6. Power Systems Interoperability

The power system interoperability perspective represents a complex system with the main goal of assuring electric power is delivered to all customers with high reliability and availability, at high power quality, and at a cost that makes electric power an economical form of energy.

To do so, the power system operator must assure that for each fraction of a second the amount of electric power (kW or MW) produced exactly equals the amount of power consumed. If this equation is not balanced power system issues may occur is milliseconds. These issues include equipment damage and loss of electric power to customers. Simultaneously the amount of reactive power (kvar or Mvar) produced and consumed must be balanced for each location on the electric power system. The existing and future structures of the electric power system and the future of the smart grid are focused on optimizing the solutions necessary to maintain these balances.

The modern electric power system is designed to optimize the balance of power and loads by having in place enough flexibility in generation to assure that the net level of generation can take into account changes in loading on the system. The smart grid provides the opportunity to balance power and loads by controlling bulk generation, distributed generation, and loads.

Individual electric energy sources can vary in size from a fraction of a kilowatt to hundreds of megawatts. Some energy sources have high levels of controllability by the system operator while others the limitation is the energy source itself. These latter energy sources may be highly variable, in worst cases going from full output to no output, and vice versa, in a matter of seconds.

Customer’s electric loads have their own characteristics that may quickly cycle between different levels.The electrical transmission system is designed as a network to provide redundant capabilities to deliver large amounts (bulk) power from bulk generation to load centers. Power flow on the transmission system is typically bi-directional. Because of the importance of the transmission system in carrying large amount of electrical energy the electrical transmission system is typically designed to minimize outages and has in place much automation to keep each part of the system from failing.

1

1

234

56789

1011

1213141516

17

18192021222324252627282930313233343536373839404142434445

2

The distribution system is designed to provide electrical energy to each customer in an efficient, reliable, and economic way. Power flow on typically legacy distribution systems are typically uni-directional with the flow being from the substation to the customer. Many distribution system have or will have bi-directional power flow due to the topology of their design or due to the fact that customer owned generation is located on the distribution system in excess of the customer’s load. When part of the distribution system fails, it is typically, but not always, re-energized with manual intervention.

The power system inherently, through the flow of electrons, communicates information at each location about the condition of the power system as it pertains to the piece of equipment at that location. Therefore, under set guidelines and policies simple control systems can be used to keep a well designed power system operating with only minimal communications between devices. (For instance a “swing” generator will be set to produce less output when frequency is high and produce a higher level of output when frequency is low. This is done with no external communication.) The use of communications and more sophisticated control devices must take into account this inherent communication of information present in the electric power system.

The historical approach to assuring a properly operating electrical power system is to have: Enough controllable generation available to meet worst case loading for each fraction of a second.

The approach includes either limiting generation sources that do not meet the capability of providing controllable generation or take into account uncontrollable generation by installing additional controllable generation.

Equipment ratings large enough to handle worst case operating conditions.The smart grid technologies provide the opportunity to for alternative approaches to optimize the operation of an electrical power system. Alternative approaches to operation incorporating smart grid technology may include:

Optimizing the balance of generation and load by using more controllable generation and loads for each fraction of a second.

Equipment ratings optimized for current conditions. The conditions could include ambient temperatures, power flow considerations, maintenance considerations, etc.

Use of localized control of generation and load to alleviate equipment rating violations and power quality issues.

6.1 Logical description of the electrical power system

The electric power system on the whole can be viewed from several different perspectives. In this guide we are particularly interested in the views from power, communications, and IT perspectives. Each of these perspectives provides an orientation of interoperability towards the technologies that are part of the perspective. Interoperability requires information transfer to be accomplished between each of the perspectives.

The power system perspective represents a traditional view of the electric power system. The IT perspective provides a means to manipulate data to provide useful information and the communications perspective provides a means to getting the data from place to place.

Domains are common to all perspectives. The domains identified in this guide provide a division of efforts close to those of existing electric utilities. The domains considered are: Bulk Generation, Transmission, Distribution, Customer, Operations/Control, Markets, and Service Providers.

Actors are particular entities that reflect equipment or functions of the electric power system. Actors are unique in each perspective. Each perspective has actors that more closely map to their technology. However, each actor can map to an appropriate actor or actors in another perspective.

1

123456789

1011121314151617181920212223242526272829303132

33

343536373839404142434445464748495051

2

Logical connections provide the paths between each of the actors within any perspective. These logical connections provide a means for displaying required interaction between the two actors. This interaction can be the transferring of information, a simple or complex communication, or a process. In electric power systems these logical connections are, in most cases, solved by combining the communications and IT perspectives. In the power system perspective the connections are logical connections. The IT perspective displays data paths while the Communications perspective shows communication paths.

6.2 Power systems perspective: IEEE P230 Smart Grid Interoperability Model

Figure 6 is a logical representation of the major entities that describe the function of the electric power system today and in the future. The figure displays domains, actors, and data paths from the Power System perspective. This diagram provides a display of a smart grid implementation. A smart grid implementation can cover a small geographical area implementation, a utility system implementation, a control area implementation, or a nationwide implementation. The difference between each of implementations represented by this diagram is how many actual devices are represented by each of the actors displayed in this representation.

Figure 6 displays the logical schematic of the intraoperability of the power system. Only the data paths are displayed in this diagram. Since many alternatives of power flow options exist, the power flows are ignored in order to keep the diagram less complicated. The scope of this guide is not intended to address the power flow options since many other standards and utility practices address these options. However, controls, communications, and information processing are required for safe, reliable, and efficient operation of the power system.

Figure 6– IEEE P2030 Smart Grid Power Systems Interoperability Model

1

123456

7

89

10111213141516171819202122

2324

25

2

6.3 Domains, Actors, and Data Paths

Actors are devices, computer systems or software programs and/or the organizations that own them. Domains group actors to discover the commonalities that will define the interfaces. Data paths are the paths that connect the actors.

7. Power system domains

The domains of the power system include bulk generation, transmission system, distribution system, customer, control operations, markets, and service providers. Each of these domains plays a role in the operation of the electrical power systems.

8. Bulk generation domain

The bulk generation domain (Figure 7) contains any generation and storage that is connected directly to the transmission system (with no distribution system interface). The generation and storage can be of any megawatt size such as large power generation stations, small peaking generation, and small storage hooked up to the electrical transmission system. These facilities may be owned by electric utilities or by independent entities.

Figure 7- Bulk generation domain of the power interoperability perspectiveThe bulk generation domain has strong data paths with transmission domain actors, generation and transmission operations control actor, and markets domain. The data path to the markets domain is focused on operation of generation and storage in order to provide economic efficiency in operation. The rest of the data paths displayed in Figure 7 are focused on reliable operation.

1

1

234

5

678

9

1011121314

1516

17181920

2

9. Transmission domain

The transmission domain (Figure 8) includes actors that represent equipment associated with the electrical transmission system. This equipment is represented by three actors. The transmission substation actor represents many pieces of equipment in substations that cannot be classified as transmission protection and control devices nor sensors and measurement devices.

Figure 8 – Transmission domain of the power interoperability perspective

The transmission domain has strong data paths with the bulk generation domain and operations/control domain. The data paths with the bulk generation domain are focused on reliable operation. The interconnection with the transmission operation/control actor in the operations/control domain is the focal point of centralized control of the transmission system. This is often under the control of an ISO, RTO, or local utility. In addition there may be data paths with the customer domain where the customer may have a transmission level connection to the power system as may be the case with large industrial or commercial facilities. Data paths between the transmission domain and the distribution domain are typically only for protection and coordinated control.

10. Distribution domain

The distribution system domain (Figure 9) includes actors located throughout the electrical distribution system. The distribution substation actor represents many components that cannot be assigned to the distribution protection and control devices actor nor the sensors and measurement devices actor. In addition the distributed energy resource (DER) actor represents generation and storage of all kinds that are connected to the electric distribution system except those at customers’ facilities.

1

1

2345

67

89

10111213141516

17

1819202122

2

Figure 9 – Distribution domain of the power interoperability perspective

The distribution domain has strong data paths to the distribution operation/control actor in the operations/control domain. This data path reflects the centralized control of the distribution system from the distribution control center. The distribution domain may also have a data path to the transmission substation actor in the transmission domain. This data path usually reflects only protection and control systems.

11. Customer domain

The customer domain (Figure 10) includes many types of customers that are connected to the electrical distribution system or electrical transmission system. These customers could be residential, commercial, industrial, or governmental. The customer domain may include customers with only loads and customers with any combination of loads, generation, and storage. The customer domain includes all loads whether they are connected at the transmission or distribution level, but only considers generation and storage connected at the distribution level. If generation and storage is connected at the transmission level that generation or storage is considered part of the bulk generation domain.

1

12

345678

9

10111213141516

2

Figure 10 – Customer domain of the power interoperability perspective

Each type of customer may have several different actors employed in its application. These actors are dependent on the size and type of customer as well as its connections to the electric power system. The distributed energy resource actor includes all distribution system connected generation and storage and may require a data path with the market domain. The point of interface for most data paths is either the smart meter or other interface box for data path with the distribution domain or distribution control system. The plug-in vehicle actor has the characteristics of a load and storage. It is anticipated to have a data path through the point of interface.

The customer domain can have data paths to the distribution domain, markets domain, and the distribution operations/control actor of the operations/control domain. These data paths handle the customer requirements with the exception of facilities that have a substation connected to the electrical transmission system. In this case, the substation has data paths to the transmission domain and to the transmission operations/control actor of the operations/control domain. Transmission operations will often have control over customer substations since customer substations may have direct influence on operations of the transmission system.

12. Operations/control domain

The operations/control domain (Figure 11) includes three distinctive operation/control actors. These actors control generation, transmission, and distribution. They are the controlling mechanisms that from an electric power system viewpoint keep the grid up and running.

1

12

3456789

10

11121314151617

18

192021

22

2

Figure 11– Operations/control domain of the power interoperability perspectiveEach actor in the operations/control domain has strong data paths to its appropriate domain in the electrical power system. The strong data paths include the distribution operation/control actor to the distribution domain, the transmission operation/control actor to the transmission domain, and the generation operation/control actor to the bulk generation domain. In addition the distribution operation/control actor has some data path to the customer domain for applications where the customer has controllable loads, generation, and/or storage. The transmission operation/control actor has a data path with the customer substation actor in the customer domain for those circumstances where a customer connects directly to the transmission system instead of through the distribution system.

13. Markets domain

The markets domain (Figure 12) reflects market operations associated with electric utilities and regional entities.

Figure 12 – Markets domain of the power interoperability perspectiveThe markets domain is logically connected with any of the generation, load control, and storage entities. Control by markets can be done directly at generation, load control, and storage, but can also be done via the operations/control domain.

14. Service provider domain

The service provider domain (Figure 13) contains third party services or can be considered to be part of the utility that provides utility services.

Figure 13 – Service provider domain of the power interoperability perspective

15. Power system actors

Actors have the capability to make decisions and exchange information with other actors through interfaces. In each Smart Grid implementation each actor displayed in this guideline represent many implementations of equipment and functions that fall under that actor. Each piece of equipment or function has a logical connectivity to many, but usually not all, actors displayed in Figure 1. In an actual

1

1

23456789

10

1112

131415

161718

19

2021

222324

25

26272829

2

implementation it is possible each actor represents hundreds or thousands of pieces of equipment that must interact with individual pieces of equipment or hundreds of pieces of equipment identified in other actors.

Each actor in Figure 1 is further identified and described below in Table 3.

Table 3 – Actors Defined

Actor Description CommentsAC Loads Loads on customer site using AC

electric powerBulk Generation Conventional or renewable Generation

source that is connected to the electrical transmission system (69kV and up)

Fossil. Fossil fuels such as coal, gas, and oil are used to produce the required thermal energy (boilers) necessary for converting water to the steam needed to drive (mass flow) the turbine-generator. In gas turbines and combustion engines fossil fuels are create electricity without the production of steam.Nuclear. Nuclear Plants utilize the controlled fission of nuclear fuel to produce the required thermal energy (Pressurized Water Reactors, Boiling Water Reactors) for the steam driven turbine-generator. Hydro. Hydro plants utilize both stored (dammed) and dynamic (river) water flows to drive turbine-generators. Peakers. Peakers are those plants that can be quickly and efficiently brought online in response to excess demand for electrical energy.

Bulk Storage Electric Storage that is connected to the electrical transmission system (69kV and up)

Pumped Hydraulic. Water is elevated to a higher level and the potential energy is retrieved on demandCompressed Air . Compressed air is produced with off peak or renewable sources and used to increase the efficiency of a gas turbineGeothermal Systems. Geothermal heat pumps use the relatively constant temperature of the soil or surface water as a heat source and sink for a heat pump, which provides heating and cooling for buildings.Super Conductive Magnetic Energy Storage Systems (SMES). Superconducting Magnetic Energy Storage systems store energy in the magnetic field created by the flow of direct current in a superconducting coil which has been cryogenically cooled to a temperature below its superconducting critical temperature.

1

12

3

4

2

Actor Description CommentsCustomer Distributed Energy Resource (DER)

Customer Distributed Energy Resource (DER) produce electrical energy or store energy at, or close to, the location where it is to be used such that their location is on customer facilities and connected to the distribution system..

Customer generation or storage that is connected to the transmission system is considered bulk generation.

Customer Substation

Electrical transmission or distribution substation located at customer facility that converts power to distribution voltage levels which are then distributed within the customer site. Contains infrastructure necessary to control, monitor, and protect the electrical distribution system. Facility may include transformers, buss work, circuit breakers, and capacitor banks, etc.

Substations can be at transmission or Distribution voltage levels, depending on the size of facility.

DC Loads Loads on customer site using DC electric power

Distribution Operation and Control

Facility/function which includes “real-time” control and monitoring as well as on demand access for oscillography, event records, equipment diagnostics, etc.

Move to Control/Operation table.

Distribution Protection and Control Devices

Devices on a distribution circuit external to a distribution substation which control and protect the electrical distribution system. Examples include capacitors, sectionalizers, circuit interrupters, voltage regulators, etc.

Distribution Substation

Centralized facility that converts power to distribution voltage levels which are then supplied to distribution feeder. Contains infrastructure necessary to control, monitor, and protect the electrical distribution system. Facility may include transformers, bus work, circuit breakers, and capacitor banks, etc.

Distribution Substations may be located at the same facility as a transmission substation.

Distribution System Distributed Energy Resources (DER)

Generation sources connected to the distribution system regardless of the size. These generation sources include renewable energy sources, fossil fuel supplied generators, and storage.

Generation or storage connected to the transmission system is considered Bulk Generation

Generation Operation / Control

Provides for dispatch of generation based on reliability usually incorporated with economic dispatch.

In CONTROL / OPERATIONS Domain in Figure 4.

Generation Substation

Centralized facility that converts power to transmission voltage levels which are then supplied to transmission system. Facility may include transformers, bus work, circuit breakers

The generator substation is usually located adjacent to the generation facility. The generator substation provides the interface between the generator and the electrical transmission system.

Markets Markets are entities that signal changes Wholesale Markets. Wholesale

1

2

Actor Description Commentsin the operation of the system based on market economic variables. Markets discussed are: Wholesale market, Retail Market including Demand Response Program.

electricity markets can have extremely high price volatility at times of peak demand and supply shortages. The particular characteristics of this price risk are highly dependent on the generation supply portfolio to the market such as the mix of types of generation plants and relationship between demand and weather patterns.

Data Exchange Standards are defined by the Open Access Same Time Information Systems (OASIS)

Retail Electricity Pricing Demand for electricity varies on a minute-by-minute basis, but follows fairly regular daily and seasonal cycles. Retail prices are generally segmented by customer type: residential, commercial, and industrial.

Model business Practices have been established and are documented in North American Electric Standards Board (NAESB) Business Practice Standards for Model Business Practices Relating to Electronic Transport of Data (Retail Book 7)

Time-of-Use Pricing. Given the issues associated with meeting peak demand, there was increasing use of electricity meters that not only measured the quantity of power supplied to a customer, but also when it was consumed. Time-of-use (TOU) metering enabled utilities to use price signals to help reduce peak demand. Retail tariffs that encourage consumers to reduce consumption during peak demand times are a result of this metering capability. Many utilities have begun installing smart meters that supply TOU data dynamically using wireless communication channels.

Net Metering. Net metering is another way to smooth load profiles, by enabling customers with small generating capacity usually from solar or wind facilities to upload excess power onto the grid. These customers generally received credit for any power they supplied, which was applied to their electricity bill. Solar power is the most

1

2

Actor Description Commentscommon source of energy in net metering, and it is helpful because it supplies extra power to the grid during daylight hours (peaking in the afternoon), when demand was often highest.

Demand Response. Demand response refers to systems designed to help induce reductions in electricity usage by consumers at critical times. TOU pricing and signals indicating high demand are specific examples of demand response.

Model business Practices have been established and are documented in North American Electric Standards Board (NAESB) Business Practice Standards for Model Business Practices to support DR and DSM-EE programs

1

2

Actor Description CommentsPlug-In Electric Vehicle (PEV)

Vehicle-based storage with significant storage batteries.

Can be an energy source or a load.

Point of Interface Point at which connection from outside the customer premises occurs.

Can be a meter, energy management system, generator controller, Controllable load devices.

Sensors and Measurement Devices

Sensors and measurement devices located on the distribution system but not within a distribution substation. Sensors and measurement devices are typically a device and associated conversion equipment such as CTs or PTs. Examples of these items include meters, oscillographs, temperature sensors, etc.


Sensors and monitoring equipment installed on the transmission lines external to the transmission substations. This equipment may include, transmission line sag monitor, tower monitoring equipment, insulation detection monitoring etc.

Transmission Operation and Control

Centralized operator automated and manual control operations of transmission system based on optimizing reliability. Operations and control uses pre-established operating protocols and procedures.

Transmission Protection and Control Devices

Devices on a transmission line external to a transmission substation which control and protect the electrical transmission system. Examples can include FACTs devices, remote transmission switches, series capacitors etc.

Transmission Substation

Centralized facility that facilitates the exchange of power between the bulk generation, and the distribution system. Contains infrastructure necessary to control, monitor, and protect the electrical transmission system. Facility may include transformers, bus work, circuit breakers, and capacitor banks, FACTs devices, AC to DC converter stations, etc.

Transmission substations include facilities that convert voltages from transmission voltages to another transmission voltage or distribution voltages as well as transmission voltage level switching stations.

16. Power system data paths

Each line in Figure 1 is a data path that is identified with a line number that correlates with a description in Table 4. Figure 1 displays the data paths between the major actors in each of the domains. There is also a further level of intraoperability within each of these actors. This level of intraoperability is not considered in this guide. However data paths between actors are considered and are of prime importance. Each of the data paths is described below in Table 4.

1

1

2

34567

2

Table 4 – Interfaces Defined

Interface Actor 1 Actor2 CommentsD1 Distribution

SubstationTransmission Substation

Substations may be co-located or located some distance from each other. Provides for coordination between electrically connected substations. Logical connections include those for protection, monitoring, SCADA, and telephony.

D2 Distribution Substation


Provides substation data and for direct control of distribution substations. Logical connections include those for control, monitoring, SCADA, reporting, and telephony.

D3 Sensors and Measurement Devices


Provides distribution system data. Logical connections include those for monitoring, reporting, and SCADA.

D4 Distribution Protection and Control Device


Provides for monitoring of devices, controlling devices, and updating settings to devices. Logical connections include those for control, monitoring, SCADA, reporting.


Distribution Protection and Control Devices

Provides for monitoring of devices, controlling devices, and updating settings to devices as well as coordination between substation and field devices. Logical connections include those for protection, control, monitoring, reporting, SCADA.


Customer Point of Interface

Provides for protection coordination and customer information that is desired at the substation. Logical connections include those for protection, control, and monitoring.



Provides for distribution system information to be provided at distribution substations. Logical connections include those for monitoring, reporting, and SCADA.


Distribution Substation

Logical connections between two or more distribution substations. Logical connections include those for protection, control, monitoring, reporting, SCADA, and telephony.


Point(s) of Interface

Provides customer information to protection and control devices and certain protection and control information to customer devices. Logical connections include those for protection, control, monitoring.



Provides sensor information to protection and control devices and certain protection. Logical connections include those for monitoring, SCADA.

D11 Distribution System Distributed Energy Resources

Markets Provide DER information to markets and capabilities for market control of DER. Logical connections include those for control, monitoring.

D12 Distributed Energy Resources


Provides for aggregated customer information and distribution system DER control directly to customer. Provides a means to locally balance generation and loads. Logical connections include those for control, monitoring.

D13 Distribution Operation and Control


Provides information exchange and control of customer equipment by Distribution Operations and Control. Logical connections include those for

1

1

2

control, monitoring.D14 Distribution

System Distributed Energy Resources


Provides information exchange and control of Distribution DER by Distribution Operations and Control. Logical connections include those for control, and monitoring.


Distribution System Distributed Energy Resources

Provides for distribution system DER information and distribution system DER control directly from the substation. Provides a means to locally balance generation and loads. Logical connections include those for protection, control, monitoring.

D16



Provides distribution system information for use by distribution system DER. Logical connections include those for monitoring, reporting, and SCADA.



Provides for coordination between distribution system protection and control devices and DER. Logical connections include those for protection, control.

D18 Distribution Operation and Control

Customer Substation

Provides for monitoring and control of customer owned stations by distribution operations and control. Logical connections include those for control, monitoring, and SCADA.

D19D20 Distribution

SubstationCustomer Substation

Provides for coordination between distribution substations and customer substations. Logical connections include those for protection, monitoring.

D21 Sensors and Measurement Devices

Customer Substation

Provides for distribution line information to be provided at customer substations. Logical connections include those for monitoring, reporting, SCADA.

D22 Transmission Substation

Transmission Operations And Control

Provides for transmission operations monitoring and control of substations. This would include typical SCADA data, phasor data, special protection systems (RAS), telephone, wide area protection (WAMPAC) Logical connections include those for control, monitoring, SCADA, reporting, and telephony.

D23 Transmission Substations

Transmission Substations

Provides for coordination between two or more transmission substations, Logical connections include those for protection, control, monitoring, reporting, SCADA, and telephony.


Transmission Protection and Control Devices

Provides for coordination, control, and monitoring between remote protection and control devices with transmission substations. This would include protection, switching commands (open/close switches), control device monitoring Logical connections include those for protection, control, monitoring, reporting, SCADA.


Remote Sensor and Measurement Devices

Provides for capability to monitor information not in transmission substation. This would include information for dynamic line rating, transmission line maintenance information, etc Logical connections include those for monitoring, reporting, SCADA.

D26 Transmission Generation Provides coordination between transmission and

1

2

Substation Substation generation substations. This would include protection systems, special protection systems, and telephone, etc. Logical connections include those for protection, control, monitoring, SCADA, and telephony.


Bulk Storage Provides for coordination between the transmission substation and storage as well as monitoring of information at both locations. This would include protection systems, special protection systems telephone, etc Logical connections include those for protection, control, monitoring, SCADA.


Bulk Generation

Provides for coordination between the transmission substation and generation as well as monitoring of information at both locations. This would include special protection system Logical connections include those for protection, control, monitoring, SCADA.


Customer Substation

Provides for coordination between transmission and customer substations This would include protection systems, special protections systems, Telephone, Logical connections include those for protection, control, monitoring, SCADA.

D30 Sensors And Measurement Devices

Transmission Operation And Control

Provides information from the transmission line to the transmission operators. This would include information for dynamic line rating, transmission line maintenance information, etc Logical connections include those for monitoring, reporting, SCADA.

D31D32 Sensors And

Measurement Devices

Transmission Protection And Control Devices

Provides information to protection and control devices. This could include information for dynamic line rating and control of line impedance. Logical connections include those for monitoring.



Provides information to generator substation. This would include information for dynamic line rating, transmission line maintenance information; etc Logical connections include those for monitoring.


Customer Substations

Provides information to customer substation. This would include information for dynamic line rating, transmission line maintenance information; etc Logical connections include those for monitoring.


Bulk Storage Provides information to Bulk Storage. This would include information for dynamic line rating, transmission line maintenance information; etc Logical connections include those for monitoring.


Bulk Generation

Provides information to Bulk Storage This would include information for dynamic line rating Logical connections include those for monitoring.

D37 Transmission Operation and Control

Customer Substation

Provides for transmission operators to monitor and control customer substations. Logical connections include those for control, monitoring, SCADA, reporting, and telephony.

D38 Protection And Control Devices


Provides coordination between remote protection and control devices with the generator substation. This would include protection, special protection systems Logical connections include those for protection, control, monitoring, SCADA.

1

2

D39 Protection And Control Devices

Transmission Operations And Control

Provides control of transmission system and ability to change settings on protective and control equipment. This would include typical SCADA data, phasor data, special protection systems (RAS), telephone, wide area protection (WAMPAC) Logical connections include those for control, monitoring, SCADA, reporting.

D40 Bulk Generation Transmission Operation and Control

Provides for information exchange between generation and transmission operations. Logical connections include those for control, monitoring, SCADA, reporting, and telephony.

D41 Bulk Generation Generation Substation

Provides for information exchange and coordination between generation and generation substation. Logical connections include those for protection, control, monitoring, SCADA, and telephony.

D42 Bulk Generation Bulk Storage Provides for information exchange and coordination between generation and storage. Logical connections include those for protection, control, monitoring, SCADA, and telephony.

D43 Bulk Storage Transmission Operation and Control

Provides for bi-directional information exchange. Logical connections include those for control, monitoring, SCADA, reporting, and telephony.

D44 Bulk Storage Generation Substation

Provides for information exchange and coordination between storage and generation substation Logical connections include those for protection, control, monitoring, SCADA, and telephony.

D45 Generation Substation


Provides for bi-directional information exchange and control of generation substation. Logical connections include those for control, monitoring, SCADA, reporting, and telephony.

D46 Transmission Operation and Control


Provides for coordination between distribution operations and transmission operations. Logical connections include those for monitoring, reporting, SCADA, and telephony.

D47 Markets Transmission operation and control

Wholesale market operations control to optimize portfolio of sources. Logical connections include those for monitoring, reporting, and telephony.

D48 Markets Distribution operation and control.

DSM signals to reduce demand Logical connections include those for monitoring, reporting, and telephony.

D49 Markets Generation Operation and Control

Wholesale market operations control to optimize portfolio of sources. Logical connections include those for monitoring, reporting, and telephony.

D50 Markets Bulk Generation

DSM signals to reduce demand and to optimize portfolio of sources. Logical connections include those for control, monitoring, reporting, and telephony.

D51 Markets Bulk Storage Wholesale market operations control to optimize portfolio of sources. Logical connections include those for control, monitoring, reporting, and telephony.

D52 Markets Customer Distributed Energy Resource

Provides for optimization of Distributed Generation and Storage on the customer or load side domain. Logical connections include those for control, monitoring, reporting.

1

2

D53 Generation Operation and Control


Provides substation information and control of substation equipment. Logical connections include those for control, monitoring, SCADA, reporting, and telephony.


Bulk Generation

Provides generation information and control of bulk generation. Logical connections include those for control, monitoring, SCADA, reporting, and telephony.


Bulk Storage Provides storage data and control of bulk storage. Logical connections include those for control, monitoring, SCADA, reporting, and telephony.



Provides for coordination between generation operations and transmission operations. Logical connections include those for monitoring, reporting, SCADA, and telephony.

D57 Customer Substation

AC Loads Provides for intra-facility monitoring and control of AC loads. Logical connections include those for protection, control, monitoring.

D58 Customer Substation

DC Loads Provides for intra-facility monitoring and control of DC loads. Logical connections include those for protection, control, monitoring.

D59 Point of Interface AC Loads Provides for information exchange and control of AC loads by entities external to customer. Logical connections include those for protection, control, monitoring.

D60 Point of Interface DC Loads Provides for information exchange and control of DC loads by entities external to customer. Logical connections include those for protection, control, monitoring.

D61 Point of Interface Plug-In Electric Vehicle

Provides for information exchange and control of PHEV load/storage by entities external to customer. Logical connections include those for protection, control, monitoring.

D62 Point of Interface Distributed Energy Resource

Provides for information exchange and control of DER by entities external to customer. Logical connections include those for protection, control, monitoring.


AC Loads Provides for information exchange and control DER and AC loads internally at the customer. Logical connections include those for protection, control, monitoring.


DC Loads Provides for information exchange and control DER and DC loads internally at the customer. Logical connections include those for protection, control, monitoring.

16.1 Data description

[The introduction to this section is not yet written.]

17. Data characteristics

[This section is not yet written. It should define the delivery requirements of data listed below.]

1

1

2

3

4

2

18. Information transfer time

Information transfer time is the time from when the communication system receives the information from the application layer to when the information is delivered to the receiving application layer (i.e. first byte sent by source application to last byte received by destination application).

19. Latency

Latency is channel access delay plus the propagation delay (first byte transmitted on the medium to first byte received at the destination).

In practice, this minimal latency is further augmented by queuing and processing delays. Queuing delay occurs when a gateway receives multiple packets from different sources heading towards the same destination. Since typically only one packet can be transmitted at a time, some of the packets must queue for transmission, incurring additional delay.

Processing delays are incurred while a gateway determines what to do with a newly received packet. The combination of propagation, serialization, queuing, and processing delays often produces a complex and variable network latency profile. The aggregate latency shall meet the total of all latency expected between the sender and the receiver and may represent the accumulated latency of multiple latency actions.

20. Reliability

Reliability is [need IEEE definition]. Reliability has a qualitative definition and a quantitative value. Criteria used to describe criteria are:

Critical. The failure of information transfer may result in compromised safety or damage to equipment.

Essential. The failure of information transfer may result in inefficient or ineffective operation Important. The failure of information transfer may result in loss of revenue, damage to public

image, or loss of technical information Non-essential. Not critical, essential, or important.

21. Data volume

Data volume is how much data needs to be transferred to accomplish an action.

22. Data occurrence interval

A data occurrence interval is a length of time between a communication start and a subsequent communication start, which may be periodic (e.g. synchrophasor sample) or aperiodic (e.g.voltage reading).

23. Security

Security is protection against unauthorized access.

24. Priority

Priority refers to relative importance of communicating the data.

1

1

234

5

67

89

1011

12131415

16

1718

192021222324

25

26

27

282930

31

32

33

34

2

25. Synchronicity

Synchronicity is the requirement to take action at a specific time (e.g., using a timestamp to allow coordinated action at distant parts within a network).

26. Level of assurance

Level of assurance refers to the level of certainty that a service can be provided to meet the use case requirements. This would include quantitative and qualitative use related to the direct or indirect impact of actions facilitated by the communications links.

27. Broadcast method

A mechanism to send a single message to all the devices connected at a particular network layer.

Table 5—Data communications criteriaData Characteristics Value

Information transfer time <3ms Between 3ms and 10 seconds

Between 10s and minutes

Hours

Latency <3 ms <16 ms <160 ms >160 msReliability Critical - TBD 9’s Essential -TBD 9s Important - TBD 9s Non-essential -TBD 9sData volume Bytes kB MB IsochronousData occurrence interval ms sec min hrsSecurity Critical Essential Important Non-essentialPriority Critical Essential Important ArchivalHEMP Yes NoIEMIGMSynchronicity Yes NoLevel of assurance Critical Essential Important Non-essentialBroadcast method Unicast Broadcast Multicast All

27.1 Data types

[Introductory text for this section not yet written]

28. Name plate data

Information describing characteristics of apparatus or systems that is static or infrequently changes. Examples include capacity, speed of transition, dispatchability, duration of supply, protective relay settings, discharge rates, recharge rates, location, economics, emissions, etc.

29. Operations data

Bi-directional information and instruction flow requires frequent updating and provides a snapshot of the grid. Examples include electrical quantities, operation modes, availability, demand, energy consumption/production, etc.

30. Reporting data

Information uploaded on a demand or scheduled basis. Examples include run-time data, oscillography, event files, fault records, etc.

1

1

23

4

567

8

9

10

11

12

13

141516

17

181920

21

2223

2

30.1 Using the IEEE P2030 Smart Grid Power Systems Interoperability Model

Power systems domains, actors, and data paths will be used to map to communications and IT perspectives. Desired operations of the Smart Grid architecture therefore will have communications and IT mapped to appropriate data paths. In some cases, data paths may not be able to be mapped to appropriate connections in either the communications or IT perspective. In these cases, additional communication perspective or IT perspective connections will need to be created or the data path will need to be performed from another perspective such as that of manual operations.

31. Role of guide user

The guide user needs to understand the goals of the smart grid implementation and the extent that smart grid technologies will be made available for the smart grid project. Using the proposed methodology the guide user will use this information to develop a communications and IT code that can be used to determine communication and IT equipment and services.

In particular, the guide user needs to:

Understand the existing and potential equipment to be implemented in the portion of the power system directly affected by the Smart Grid project.

Understand the characteristics of the power system under consideration including operational requirements, policy, reliability requirements, regulatory and other pertinent issues.

Understand the required power system perspective actors and data paths required to meet the requirements identified in the previous item.

32. Methodology overview

The driving element of interoperability is to accomplish smart grid goals through implementation of power system functions that can be improved or optimized through the use of smart grid implemented IT and communications.

The proposed methodology is to use the data paths determined by each actor’s interaction with other actors in the power system perspective of the IEEE P2030 Smart Grid Interoperability Reference Model shown in Figure 6 to determine the communication and IT perspectives actors, communications, and data paths that will be used in the application of the smart grid.

Once these actors and paths are determined for the power system they can be used to determine the appropriate types of communications and IT equipment and services that will be needed to create a match to the logical action required in the power systems interoperability perspective.

The overall methodology is:

Determine the power system domains and actors that will be used as part of the smart grid implementation

Determine the data path of each of the power system actors that are required to make an effective smart grid implementation.

Map each power system actor and power system data path to appropriate communications and IT actors and connections.

The methodology is flexible for many different implementations and priorities of power system actors and data path situations. In most cases many of the data paths in the diagram will not be used as these reflect the expected universe of possible data path. Each utility system is expected to use only a small fraction of the possible connections.

1

1

234567

8

9101112

13

141516171819

20

212223

24252627

282930

31

3233343536373839404142

2

Characteristics of information portrayed by data paths from the power system perspective include protection, control, large and small pieces of information, and continuous information. Each of these can be mapped into a potential communications action, IT action, or physical action. Physical action would be the older method of performing these actions and are not generally considered in this methodology.

33. Methodology Described

The purpose of the methodology described in this guide is to ensure the goals of Smart Grid projects are successfully implemented while providing the necessary data security, privacy, and reliability. The methodology starts with the goal of the Smart Grid project and ends with a code that can be used to determine communications and IT requirements.

Figure 14 – Smart Grid interoperability model guidelines

Step 1 determines the goals of the Smart Grid. The goals may consist of one or two main goals or a myriad of goals that the Smart Grid can accomplish. Goals may include increased safety, more renewables, self-healing grid, incorporate customer loads and generation, avoid new power equipment and lines, etc.

Step 2 determines approaches that Smart Grid capabilities may contribute to reaching the desired goals. Approaches to reach goals may include controlling generation, controlling loads, controlling distribution system, providing more information, etc.

Step 3 determines relevant power system perspective domains and actors needed to meet the goals. The smart grid implementation may include all power system domains or only a few power system domains. Determination of the relevant domains is important in order to determine what actors are relevant for the

1

1234

5

6789

1011

121314

151617

181920

2

smart grid implementation. All actors that are part of the smart grid implementation should be identified in this step.

Step 4 determines the data paths from the power system interoperability perspective. The relevant data paths will connect the relevant power system actors. Each data path can carry many processes, each of which has its own characteristics.

Step 5 defines the data requirements of the relevant power system data paths. The data requirements include items such as information transfer time, reliability, data volume, security, and priority of data.

In Step 6c the data paths from the power system perspective will be mapped to communication interfaces and potential communication actors will be determined. This will create communication interfaces in the communications perspective that correlate with each data path in the power system perspective. Since there are different types of communications available there may be more than one set of communication interfaces and more than one set of communication actors for each data path.

In Step 7c the appropriate communication implementation is selected from the list developed in step 6c.

In Step 6i the data paths from the power system perspective will be mapped to IT interfaces and potential IT actors will be determined. This will create IT interfaces in the IT perspective that correlate with each data path in the power system perspective. Since there are different types of IT interfaces available there may be more than one set of IT interfaces and more than one set of IT actors for each data path.

In Step 7i the appropriate IT implementation is selected from the list developed in step 6i.

The communication and IT sections of this document assist in providing the appropriate guidance in determining the equipment and services that are needed.

Examples can be found in Appendix B. The examples provided are intended to assist in understanding the methodology and how it can be applied.

1

12

345

67

89

101112

13

14151617

18

1920

2122

2

34. Communications technology interoperability

[Introductory text still needs to be written]

34.1 Models of the Grid

[Text still to be submitted (H. Choe; B. Miller)]

34.2 Network topology types


34.3 Relevant communication entities


34.4 Communications requirements


34.5 Smart Grid Evaluation Criteria (SGEC)

[Still need to determine whether or not this clause (7.5) should go in an Annex]

The following information provides an overview of the IEEE P2030 TF3 Use Cases Smart Grid Evaluation Criteria (SGEC). This information was initially used as a means to categorize use cases with respect to protocols and technologies that can be used for the Smart Grid. The process is generic and could have wider use for industry in general since it attempts to capture the understanding of experts in a particular domain and considerations for use in a particular application. The primary purpose is providing a structured guide for engineers and non-engineers to justify their decisions. This also serves to remove bias and vendor preference so that the best technology can be used and gaps can be identified and remediated prior to implementation. This recursive process may be used as subsequent changes are made and over time the same degree of confidence can be maintained if not improved.

The SGEC was used to define the architecture and potentially could be used as a basis of certification. The actions of evaluation of Use Cases, Architecture linkage, and eventual certification all make use of a recursive risk-based evaluation process.

35. Tier Classifications

The SGEC makes use of three aspects to make a quantitative and/or qualitative evaluation of the requirements for a particular application. The TIER CLASS relates to the reliability and trustworthiness of the network with respect to services to be provided.

The technology chosen must meet the requirements defined under each Tier Class. Tier classes 1, 2, or 3 are defined by the level of assurance, minimum latency, and impact on operations.

TIER 1 (CRITICAL) – This is data that are critical to the operation, control, and safe operation of the Smart Grid.

1

1

2

3

4

5

6

7

8

9

10

11

12

131415161718192021

222324

25

262728

2930

3132

2

TIER 2 (IMPORTANT) - This is data that is important with limited control in operations of the Smart Grid.

TIER 3 (INFORMATIVE) – This is data that is informative but not necessarily important for operations of the Smart Grid.

TIER CLASS 1 for LOLO (Two Levels), LOW (One Levels) Latency applications, this TIER includes potential for Loss of Life and Damage to Assets and relates to control and safety relevant actions

TIER CLASS 2 for MEDIUM Latency applications includes potential Damage to Assets and no risk to personnel

TIER CLASS 3 for HIGH (Two Levels) and HIHI (Two Levels) Latency applications and offer No Damage to Assets and no risk to personnel.

36. TIER Classifications Hierarchy

TIER CLASS 1• HIGH LOA, PRIORITY 1

– Control, or Safety relevant– Loss of life, or injury, and damage to assets – (1A) LOW, LOLO Latency (Relaying)– (1B) MEDIUM, HIGH (Distribution)

TIER CLASS 2• MEDIUM LOA, PRIORITY 2

– Control (ex. “Slow” SCADA), Important– Damage to assets– MEDIUM, HIGH 1 or 2 Latency

TIER CLASS 3• LOW LOA, PRIORITY 3

– Informative– No damage to assets– HIGH 1 or 2, HIHI 1 or 2 Latency

36.1 LEVEL OF ASSURANCE (LOA)

LOA refers to the level of certainty that a service can be provided to meet the Use Case requirements. This would include quantitative and qualitative use related to the direct or indirect impact of actions facilitated by the communications links.

If the Use Case meets has Metrics this is “quantitative” information. If there is no criteria then it may be inferred based upon “qualitative” aspects. The following are rules to determine an LOA for a particular link:

In the event that there are not metric stated then a qualitative assessment would be used. If metrics are stated they shall provide a quantitative basis to assure the packet flow to facilitate the

operation of a TIER CLASS. If the quantitative metric is specified for use but it is different then the Level of Assurance which is

stated for the metric then sufficient guarantee shall be provided to ensure that it meets the requirements for use at that TIER CLASS.

If no proof is provided then the application may require further guarantees that additional provisions can be provided without change to the latency metric.

In all cases the Impact on Operations (IOO) shall be assured to guarantee the expected operation for that TIER CLASS.

1

123456789

1011

12

13141516171819202122232425262728

29

303132

333435

36373839404142434445

46

2

In practice and if available the packets shall be assigned a priority at the packet level based upon the following:

Priority 1 = High Priority 2 = Moderate Priority 3 = Low

Note 1. High, Moderate, and Low are used from the FIPS 199 Impact on Operations matrix which is used as the basis of NISTIR 7648 Cyber Security Strategy for the Smart Grid.

Note 2. In the event that packet level classification is not available then a Service level classification can be used such that if Priority 1 traffic is used then it shall have a higher Class of Service (CoS) versus Priority 2 or 3 data traffic. This shall apply to Priority 2 traffic as well that it shall be assured over Priority 3 data traffic. This shall be a function of traffic flow and all related actions shall be handled at that Priority level.

The following section discusses the requirements to differentiate latency requirements such that if a primary service is provided that it can be assured that it can meet the TIER (CLASS) requirement. If the service is provided over higher TIER (CLASS) as a converged service that the primary service be given priority. This may make use of a Quality of Service (QoS) mechanism to provide this service. Quality of service (QoS) refers to resource reservation control mechanisms rather than the achieved service quality. QoS is the ability to provide different priority to different applications, users, or data flows, or to guarantee a certain level of performance to a data flow with respect to its bit rate, delay, jitter, packet dropping probability and/or bit error rate may be guaranteed. QoS guarantees are important if the network capacity is insufficient, especially for real-time streaming multimedia applications such as Voice over IP, online games and IPTV, since these often require fixed bit rate and are delay sensitive, and in networks where the capacity is a limited resource, for example in cellular data communication. The use of QoS is to mitigate problems with congestion that would significantly delay traffic. IT may be a consideration for use to guarantee operation of converged services over a common link.

37. Latency and its interpretation

[Text still needs to be written]

38. Impact on Operations (IOO) (Priority Level)

[Need intro text]

1

12

345

678

9101112

13141516171819202122232425

26

27

28

29

2

Table 6—Potential impact definitions for security objectives

POTENTIAL IMPACT

Security Objective 1 = LOW 2 = MODERATE 3 = HIGH

Confidentiality Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information. [44 U.S.C., SEC. 3542]

The unauthorized disclosure of information could be expected to have a limited adverse effect on organizational operations, organizational assets, or individuals.

The unauthorized disclosure of information could be expected to have a serious adverse effect on organizational operations, organizational assets, or individuals.

The unauthorized disclosure of information could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals.

Integrity Guarding against improper information modification or destruction, and includes ensuring information non-repudiation and authenticity. [44 U.S.C., SEC. 3542]

The unauthorized modification or destruction of information could be expected to have a limited adverse effect on organizational operations, organizational assets, or individuals.

The unauthorized modification or destruction of information could be expected to have a serious adverse effect on organizational operations, organizational assets, or individuals.

The unauthorized modification or destruction of information could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals.

Availability Ensuring timely and reliable access to and use of information. [44 U.S.C., SEC. 3542]

The disruption of access to or use of information or an information system could be expected to have a limited adverse effect on organizational operations, organizational assets, or individuals.

The disruption of access to or use of information or an information system could be expected to have a serious adverse effect on organizational operations, organizational assets, or individuals.

The disruption of access to or use of information or an information system could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals.

39. FIPS PUB 199 – Standards for Security Categorization

The use of FIPS 199 plays an important pot in that to assure availability for operations, personnel, and assets are not put at risk. This is a starting point of what is a risk-based approach for the evolution of the

1

1

2

3

4

56

2

system though out its life cycle. The Impact on Operation is related to the TIER CLASS. However, the degree may vary depending up the organizational requirements.

In FIPS 199, confidentiality, integrity, and availability are defined as Security Objectives:

Confidentiality. “Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information…” A loss of confidentiality is the unauthorized disclosure of information.

Integrity. “Guarding against improper information modification or destruction, and includes ensuring information non-repudiation and authenticity…” A loss of integrity is the unauthorized modification or destruction of information.

Availability. “Ensuring timely and reliable access to and use of information…” A loss of availability is the disruption of access to or use of information or an information system.

For each type of data flow within a communications system or for the system itself, requires the assignment of s security category consisting of an impact level for the link or the particular system. This may relate to a general area of use and that area classified stated in the same manner. The security category consists of an impact level for each of the three security objectives of confidentiality, integrity, and availability. An impact level of low (L), moderate (M), or high (H) represents the impact on operations, assets, or individuals should there be a breach in security objective areas (i.e., for each security objective area, the impact level could be L, M, or H). The assignment of security categories must take place within the context can be used in the preliminary evaluation of use cases, architecture building, or even potential certification for use by an organization or may be in recognition of protection of critical infrastructure.

Impact levels are defined in FIPS 199 as follows:

The potential impact is low if the loss of confidentiality, integrity, or availability could be expected to have a limited adverse effect on operations, assets, or individuals. A limited adverse effect could mean that the loss of confidentiality, integrity, or availability might: Cause degradation in operational capabilities to an extent and duration that the functional

operations are not able to perform its primary functions, but the effectiveness of the functions is noticeably reduced.

Result in minor damage to assets, minor financial loss, or minor harm to individuals. The potential impact is moderate if the loss of confidentiality, integrity, or availability could be

expected to have a serious adverse effect on organizational operations, organizational assets, or individuals. A serious adverse effect could mean that the loss of confidentiality, integrity, or availability might: Cause a significant degradation in operational capability to an extent and duration that the

functional operations is not able to perform its primary functions, but the effectiveness of the functions is significantly reduced.

Result in significant damage to assets, significant financial loss, or significant harm to individuals, but not loss of life or serious life threatening injuries.

The potential impact is high if the loss of confidentiality, integrity, or availability could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals. A severe or catastrophic adverse effect could mean that the loss of confidentiality, integrity, or availability might: Cause a severe degradation in or loss of operational capability to an extent and duration that

the functional operation is not able to perform one or more of its primary functions. Result in major damage to assets, major financial loss, or severe or catastrophic harm to

individuals involving loss of life or serious life threatening injuries.

1

12

3

456789

1011

121314151617181920

21

22232425262728293031323334353637

3839404142434445

2

40. Security Categorization Applied to the Communication

The security categorization drives the requirements for the communications for trustworthiness including resiliency, reliability, and fault tolerance. In establishing the appropriate security categorization with respect to the TIER CLASS it set a baseline for a target for a potential impact that can define the goal for the designer to use in selection of the appropriate components. It also provides a means for those defining the architecture for example to relate this information to others in a common and meaningful way.

The following summarizes the attributes of the SGEC in the form of a hierarchy:

Table 7 contains examples related to the conditions for a particular service.

Table 7—Example of Use of SGEC

Service [insert heading] [insert heading]HAN Important Energy Management Systems (EMS) may require control actions.AMI Important Informational but important, privacy concernsDR Important, Limited

ControlControl of devices is required

EV Important, Limited Control

Control of charging equipment is required; rate information and customer profiles are confidential.

WAN Critical Micro Grid, Substations, Generation, DistributionINTERNET Important,

InformativePrivacy concerns but multiple informational services can be provided.

1

1

23456

7

8

9

2

Table 8—Evaluation of SG Protocols ant their TIER Classification

Standard Application TIER CLASS

AMI-SEC System Security Requirements

Advanced metering infrastructure (AMI) and Smart Grid end-to-end security

2

ANSI C12.19/MC1219 Revenue metering information model 2BACnet ANSI ASHRAE 135-2008/ISO 16484-5

Building automation 2

DNP3 Substation and feeder device automation 2IEC 60870-6 / TASE.2 Inter-control center communications 1IEC 61850 Substation automation and protection 1IEC 61968/61970 Application level energy management system interfaces 1IEC 62351 Parts 1-8 Information security for power system control operations 1IEEE C37.118 Phasor measurement unit (PMU)communications 1IEEE 1547 Physical and electrical interconnections between utility

and distributed generation (DG)1

IEEE 1686-2007 Security for intelligent electronic devices (IEDs) 1NERC CIP 002-009 Cyber security standards for the bulk power system 1Open Automated Demand Response (Open ADR)

Price responsive and direct load control 2

OpenHAN Home Area Network device communication, measurement, and control

2, 3

ZigBee/HomePlug Smart Energy Profile

Home Area Network (HAN) Device Communications and Information Model

2, 3

40.1 Smart Grid communications building blocks

The Smart Grid (SG) communications building blocks can be seen in detail in Figure 15. Here the communications architecture is mapped onto the utility grid network domains (generation, transmission, distribution, and customer premises). It maps each specific communications block onto a specified utility’s demarcation domain.

It also shows the end-to-end communications security and management layers, cutting across each Smart Grid communication domain. The communications security and management architectures need to be defined and specified in the SG framework.

1

1

2

3

4567

89

10

2

Figure 15—End to End Smart Grid Communications Architecture

40.2 Key Principles for a Smart Grid Communications Interoperability Model

The following are the eleven desired principles for a Smart Grid communications interoperability model. They are:

Broadest, All Inclusive Architecture (provide options) Adopt a System Engineering Approach Define Key Entities and Critical Interfaces Methodical and Well Documented Procedure Top Down Approach (System to Sub-System Level) Secure, Modular, Plug-and-Play and Interoperable (define demarcation points between “entities”) Use a Technology Neutral Approach Dynamic, Scalable and Evolving Architecture Covers the Whole Utility Smart Grid Communications Spectrum Useful to Stakeholders (utilities, vendors, SDOs, etc) Adopt an International Perspective

41. Broadest, all inclusive model

The SG architecture is all-inclusive and seeks to adopt the broadest scope for the reference architecture, meaning that at a higher layer, this should represent the basic building blocks of a Smart Grid Communications Architecture.

1

2

3

45

6789

10111213141516

17

181920

2

42. Adopt a System Engineering Approach

A system engineering approach is used to develop the SG architecture, which aims to use a top down approach. In a first approach, the high architecture layer with its communications entities and interfaces (inter systems interconnections) between each actor are defined and specified. Then, each actor subs-system layer, its reference elements and interfaces (intra system interconnections) are also defined and specified. Clear demarcation boundaries are established between each main actor and their sub-system reference elements. This allows the flexibility of not only changing, modifying or evolving individual “actor” subsystem elements within each actor, but also evolving and modifying “actor” subsystems within the broad and generic system architecture diagrams.

43. Define Key Entities and Critical Interfaces

The SG architecture defines key communications entities and their critical interfaces/interconnections points between themselves, always seeking to adopt all possible connections available connections between entities that are used by the industry. Several interconnection options are available and the most popular ones are represented in the SG-CRA reference.

44. Methodical and Well Documented Procedure

The SG architecture shall use a well-documented, well-thought process and methodical procedure to document entities, interfaces and connections as it evolves. The same methodology is used for the system and sub-system reference architectures and its elements and connections.

45. Top Down Approach (Systems to Sub-System)

The SG architecture shall first define the one level down communications reference system architecture from the NIST conceptual framework. The first view is a generic, macro, overarching and “catch all” communications architecture framework that defines the key entities network sub-systems, interfaces and demarcation points between these elements.

Once this first layer is build then a second layer of actor sub-system architectures are defined with their own reference elements and a set of standardized interfaces to provide the communication paths between these sub-systems elements. In all these approaches, the same methodical procedure is used throughout this document to make the reference model consistent and coherent.

It defines first the basic macro system interconnection and interfaces, entities and then evolves to define one level down of this framework. The same procedure is adopted when defining and specifying these sub-system reference elements using the same object-oriented approach.

The model was defined from a top-down approach preserving the scalability and flexibility to evolve as technology, standards and new elements are added.

46. Secure, Modular, Scalable and Interoperable

The SG architectural framework must be modular, plug-and-play, secure with loose coupling points to easy end-to-end and inter actor subsystem interoperability. It shall also seek to define an End-to-End Smart Grid Management and Secure Architectures, identifying gaps from existing standards and user groups and recommending next generation and emerging concepts as they are indentified in the near future.

1

1

23456789

10

11121314

15

161718

19

20212223

24252627

282930

3132

33

34353637

2

47. Use a Technology Neutral Approach

The SG architecture shall be technology neutral to minimize the impact of technology change to avoid stranded assets. Technology mappings are only used in the Appendices of this document to illustrate how the architectural model can be used by stakeholders, as an illustration of real world scenario test cases.

48. Dynamic, Scalable and Evolving Architecture

The SG architecture shall be scalable and accommodate an evolving architecture, adding new entities, interfaces and reference elements as needed. It shall also be dynamic to accommodate the fast pace of an evolving Smart Grid industry, capturing the best practices and inviting other standards and user groups to contribute and add to this reference framework.

49. Covers the Whole Utility Smart Grid Communications Spectrum

The SG framework seeks to cover all aspects of an “End-to-End Smart Grid Communications System”, from the bulk electricity generation all the way to the end customer. It also defines the critical interfaces and connections between the communications entities and elements. This will later be used to define and map existing communications protocol stacks or identify the need to develop such protocols and standards.

50. Useful to Stakeholders (utilities, vendors, SDOs)

The SG architecture shall be used by utilities worldwide, vendors and SDOs who want to understand the key building blocks of a Smart Grid Communications Architecture, its key interconnections points and the multiple options on how they could be interconnected and customized for a particular stakeholder view. Utilities can use this framework to benchmark their existing and future architectures against other utilities architectures and industry best practices, identify roadmap gaps in evolving their architectures and creating deployment roadmaps. Vendors can use this tool to understand different aspects of their product line and how to best adapt and evolve their product roadmaps to meet the evolving requirements from their utility customers. SDOs can use this framework to develop specific standards for each particular system or sub-system actor network and to refer to this framework to understand how they fit into the overall aspect of an End-to-end Smart Grid Communications System.

The SG-CRA framework is also a well-defined tool to help NIST/SGIP in their phase 3 standards test, certification and harmonization roadmaps. It defines basic interconnection points between communications entities that must seamlessly interoperate in a cohesive and systemic approach.

51. Adopt an International Perspective

The SG is meant to be an international framework where different Smart Grid architectures and perspectives from utilities in different countries are highly encouraged and recommended. It’s meant to be used as a reference from utilities worldwide and it welcomes and encourages international participation.

1

1

234

5

6789

10

11121314

15

16171819202122232425

262728

29

303132

2

Figure 16—Communications IEEE P2030 Smart Grid Architectural Reference Model

1

1

2

2

Table 9—Communications Entities and Descriptions

Entities Description CommentsUtility Control Operations/Enterprise

Utility control and/or SCADA operation (substation automation, distribution substation, etc) and AMI enterprise center controls, supervises, manages and monitors all utilities assets, processes and customers.

The utility control/operation network, also called back-office, and AMI enterprise controls, monitor, supervises and manages processes, data flows from meters, SCADA, substations and all critical and non-critical information flow. The control/operations center can be a single integrated entity that manages T&D and customers or one control entity (DMS/EMS and others) for each transmission and distribution grid segment, depending on the type of utility or energy service provided model (ISO, RTO, co-ops/munis, etc).

Backhaul/ WAN Backhaul/WAN network connects the utility control/operations, including the AMI enterprise, with the Wide Area Networks (WAN), distribution substation networks, distributed energy resources (DERs), FAN, NAN distribution access points (DAPs), etc.

The backhaul network can be owned by the utility and/or managed by a public telecom/cable service provider. It can be wireline (dial-up, T1, twisted pairs, cable, fiber, etc.) or wireless (3G, WiMAX, PTP, or PMO radios, etc.). A typical NAN/FAN usually have more than one backhaul/access point connected to the WAN. In some cases, the backhaul is not used when centralized utility operation manages the networks directly from their back office.

Distribution Substation Network Distribution substation network interconnects devices within a distribution substation (e.g. comprised of local Ethernet networks that contains SCADA, Intelligent Electronic Devices (IEDs), Remote Terminal Unit (RTU), Phasor Measurement Unit (PMU) and other field devices that needs to be controlled and monitored via the backhaul network). IEC 61850 and DNP3 are the protocols of choice for this network.

The distribution substation is controlled and supervised remotely via utility’s backhaul and interconnects to distributed energy resources/Microgrids, NAN/FAN networks and connects to the feeder/distribution electricity grid.

Transmission Substation Network Transmission substation network interconnects devices within a transmission substation and utilizes Ethernet networks technologies to handle the local connectivity to/from local field devices.

The transmission substation is controlled and supervised remotely via utility’s WAN/backhaul networks.

1

1

2

Entities Description CommentsFeeder Network Feeder or distribution network is

the communications network overlaid on the electrical grid, usually named as Field Area Network (FAN). It comprises of wireless or wireline communications technologies.

In most cases the feeder communications network is controlled from the distribution substation hub where wireless or wireline access points collects the information send/receive to/from the field devices (reclosures, switches, cap banks, etc). It also controls Volt/Var optimization, power quality and other advanced distribution automation applications.

Field Area Network (FAN) Field Area Network (FAN) connects the distribution substations, the distributed/ feeder (field devices), and distributed energy resources/Microgrids, including the utility scale electric storage, to the utility control and operation center.

The FAN connects critical utility assets and transport operations control data.

Feeder Distributed Energy Resources (DER)/Microgrids Network

Distributed energy resources (DER) network is comprised of all renewable and non-renewable sources (e.g. wind, solar, diesel, etc), not part of the centralized energy generation. These energy resources could be interconnected through a local area network (LAN). Access communications gateways can then connect these DER and storage LAN networks to the main grid, creating grid-connected energy sources. Utility scale storage energy systems connected at the distribution substation are also considered.

These are area low-medium (kW) distributed energy generation and storage energy resources that are connected to substations and/or feeder networks. In most cases, the generation sources are located in campuses, industrial parks, etc (e.g. Microgrids).

Customer Premise Network (CPN)

CPN is responsible for supporting interoperable communication between the various other actors elements and sub-systems found on the customer premises.

HAN: Home Area NetworksIAN: Industrial Area NetworksBAN: Building Area NetworksCAN: Customer Area Networks

Energy Services Interfaces (ESI) Energy services interfaces (ESI) are a special class of device. It is network-centric and can also be thought of as logical gateways.

It permits applications such as remote load control, monitoring and control of distributed generation, in-home display of customer usage, reading of non-energy meters, and integration with building management systems. It also provides auditing/logging functions that record transactions to and from home area networking devices.

1

2

Entities Description CommentsCustomer Distributed Energy Resource (DER)

Customer grade renewable (solar/wind) and storage systems are connected to customer premises network through Energy Service Interfaces (ESI) and/or electric sub-meters, using either wireline and/or wireless networks.

Customer’s energy resources can be used to balance the utility’s electricity load. Energy can be supplied by customers back to the grid. It’s expected that customers will have a balanced portfolio of energy generated locally (in their premises) and supplied by the utility, with an energy supply ratio that can be dynamically changed during outages or energy peak periods.

Smart Meter

The Smart Meter is part of the AMI and performs a variety of intelligent metering tasks. The smart meter acts as the communication gateway between the Neighborhood Area Network (NAN) and Customer Premises Network (CPN), which includes the Home and Building Electronic System (HBES), Loads, Plug-in-Vehicle (PEV) and Customer DER Network.

The NAN, CPN, HBES, and DER Networks may each be associated with different physical transmission mediums, and consequently, in order to maximize interoperability, standards involving communication with the smart meter should not be restrictive to a particular transmission medium (e.g. only RF or only power line). Standards such as ISO/IEC 14543-3 allow a variety of physical transmission mediums (e.g. twisted pair, power line, and RF), and in general, anything that supports IP.

Loads Loads are any device that draws energy from the grid. It can be industrial, building/business or home devices.

Loads can be appliances, pump controls, HVACs, PEV, etc.

Plug-in Electric Vehicle (PEV) Plug-in Electric Vehicle (PEV) or Plug-in Hybrid Electric Vehicle (PHEV) are considered both “load” and “source/storage” to provide power back to the grid to balance energy supply.

PEV is considered as a load when the vehicle is stationary and energy is drawn from the grid to charge their batteries. Proper dimensioning or the utilities distribution networks with PEV adoption forecast is important to avoid unexpected peaks of energy consumption during the charging of the PEVs. The mobile/roaming case is also considered when PEV needs to access charging, billing, and positioning information.

Internet Service Provider (ISP) Internet service providers (ISPs) provide Internet access to the customer premises network through broadband access routers.

ISPs will likely offer energy management services through their broadband routers (Trojan horse) to their customers as part of their broadband multiple player service strategy. In another scheme, 3rd party value-added energy service providers will access customer premises network energy devices, through ISP broadband routers, and will offer managed energy services to customers.

1

2

Entities Description CommentsGrid Scale Energy Resources These are large grid-scale energy

resources (wind, solar PV, etc) that are connected to the transmission/generation side of the grid and can handle several hundred of MWs.

Utility-scale renewables are remotely located from the energy consumption centers and require new transmission lines and communications links to be built (if not available) to control these remote assets.

Bulk Generation Any traditional power generation source connected to the grid (coal, gas, nuclear, thermal, etc)

These are large scale power generation connected at the grid generation-transmission side.

Distribution Access Point (DAP)

Distribution Access point (DAP) is the device that collects and aggregates all data coming from/to end devices/users through the NAN AMI/FAN networks. It also interfaces with the backhaul/WAN.

DAPs can be considered part of the AMI/NAN network. These devices have routing and traffic handling capabilities to prioritize multiple data flows. More than one DAP might be used in the NAN/AMI to collect data (e.g. smart meter reading). They interface with the backhaul transport network.

Neighborhood Area network (NAN)

Neighborhood Area Network (NAN) connects the smart meters, distributed/ feeder (field devices), distributed energy resources/Microgrids, including the utility scale electric storage, to the utility control and operation center.

The NAN supports several applications, e.g., AMR, DR, DSM, etc. A NAN can either use wireless or wireline (power line, fiber, cable, twisted pair, etc.) networks.

Workforce Mobile Network Workforce mobile network is used by the utility’s workforce to provide dispatch, maintenance, and normal day-to-day operations.

It can either uses AMI-NAN/FAN utility owned networks or public 3G/WiMAX services provided by wireless service providers. The substation hot spots can be used in conjunction with this network to download/access broadband data to/from the utility control center.

Other Networks Wireline or wireless networks will play a role in AMI/ NAN networks, DA, substation automation, backhaul, workforce automation, and also on PEV mobile/roaming schemes. Wireless networks can use a variety of radio technologies such as CDMA, GSM, GPRS, iDEN, WiMAX, LTE, or satellite links.

Wireless service providers (WSP) will most likely be the preferred choice for some utilities to deploy their AMI/NAN networks. Here WSPs are used in the context of connecting PEVs and charging stations (through public 3G networks) when they’re driving to/from home to work and also to connect remotely located bulk generation sites (e.g. using satellite links). In some circumstance, inter-grid communications must be provided through the wireless networks so drivers can access information (such as location of the nearest charging station, pricing schemes, etc.) on the road through their mobile phones or on-board energy management systems.

1

2

Entities Description Comments3rd Party Services 3rd party value-added energy

services can offer managed energy services (home and building), demand response and other merging services to end consumers and utilities.

3rd party networks can communicate to customer’s energy devices through broadband Internet routers (WiWiFiWi-Fi routers, cable modems, ADSL modems, WiMAX modems, etc.) and customers’ wireless/wireline HAN network (e.g. ZigBee, HomePlug, etc), and their HBES network (e.g. ISO/IEC 14543-3, BACnet, etc.) to manage in premise control switches, actuators, motors, energy resources, loads and any other intelligent devices, wireline.

Public Internet/ Intranet Public Internet will be the primary communication layer between utility enterprise data centers, market, and 3rd party energy providers.

A certain level of protocol security must be provided to all levels of energy management services through the Internet cloud. Most likely all 3rd party energy service providers and some utility services will be connected through the public Internet.

Markets Markets will provide energy information services with variable energy/electricity pricing information to allow dynamic exchange of energy services to/from consumers and utilities, establishing a buyers/sellers energy market.

Markets will communicate to 3rd party providers and utilities through secure public Internet connections.

Regional Interconnects Regional interconnects connects the utilities communications networks to other utilities networks. This could be done through their own proprietary networks or through public carrier backbones.

These are core network interconnection using SONET/SDH and/or DWDM and IP fiber rings. In some new constructed utility-owned networks fiber OPGW cables is the technology medium of choice.

Table 10—Communications Interfaces Described

Interface Description CommentsE1 Utility control/Operation,

Enterprise LAN to/from Backhaul/WAN Network

Either owned by the utility or managed by a telecom service provider through a security connection (e.g. VPN)

E2 Utility Control/Operation, Enterprise LAN to/from Distribution Automation/Field Devices

This is a centrally based network where the communications to/from utility center does not require backhaul. It is usually owned by the utilities.

E3 Utility Control/Operation, Enterprise LAN to/from the Smart Meters

This is a centrally based network where the communications to/from utility center does not require backhaul. It is usually owned by the utilities.

E4 Backhaul to/from Access Point (AP)

The AP is the demarcation point between the NAN/FAN-AMI and the backhaul. It can be also called collector, aggregation point, cell

1

1

2

2

Interface Description Commentsrelay, or gateway. It usually contains dual radio communications interfaces, one facing the backhaul (e.g. 3G or WiMAX) and another one facing the last mile network (e.g. NA RF mesh radio). It can be a mesh RF collector, a point-to-multipoint RF radio (e.g. 3G or WiMAX) or a wireline access node (e.g. BPL/PLC).

E5 Backhaul to/from Distribution Substation Network (hot spot)

This is the connectivity between the distribution substation networks and the utility control/operation/SCADA network via the backhaul WAN network. Typical connections are usually a secure wire line (e.g. T1 line, dial up) or wireless point-to-point microwave radio links. In some cases, the substation networks are connected together.

E6 Backhaul/WAN Network to/from Utility Scale Distributed Energy Resource (DER) and Storage Network

It provides the distributed energy resource (DER) communication integration to the grid (connecting utility scale solar/wind and other non-renewable DER)/Microgrids to/from the backhaul/WAN network to/from the utility control operations and/or enterprise center. It also interconnects utility scale energy storage networks and systems.

E7 Access Point (AP) to/from Neighborhood Area Network (NAN)

The AP can also be considered as an element of the NAN, or just an interface between the NAN and the backhaul.

E8 Neighborhood Area Network (NAN) to/from Distribution Network (Distributed Automation)

It interconnects the NAN (usually in this case also called Field Area Networks (FAN)) to the distribution network (distribution automation (DA)), also called Feeder Network which contains intelligent field devices that goes ton poles, such as cap banks, reclosures, switches, smart transformers, field sensors, etc. Some elements of the DA area also found within the distribution substations.

E9 Neighborhood Area Network (NAN) to/from Utility Scale Distributed Energy Resource (DER) and Storage Network

This is an alternative to E6 where the connectivity to the utility scale distributed energy resources, located within the utility’s distribution network, is done through the NAN/AMI network.

E10 Distribution Substation Network (hot spot) to/from Distribution Network (Distributed Automation)

It provides the connectivity between the distribution substation networks and the distribution network (distribution automation) field devices. It can use radio or wire line (BPL/PLC) hubs (e.g. towers) within the distribution substation to connect to distribution network field devices.

E11 Distribution Substation Network (hot spot) to/from Utility Scale Distributed Energy Resource (DER) and Storage Network

It interconnects the utility scale distributed energy resources (DER)/Microgrids to/from the utility control/operations/enterprise center through the distribution substations.

E12 Neighborhood Area Network (NAN) to/from the Smart Meters

Connects the smart meters through wire line or wireless NAN. Smart meters could be residential (including building/business) or industrial-grade.

1

2

Interface Description Comments

E13

Neighborhood Area Network (NAN) to/from Workforce Mobile Network

This could either be owned by the utility or managed by a wireless service provider. It interconnects the mobile work force (for workforce automation) with the utility control/operations center through the NAN.

E14

Smart Meter to/from the Customer Premise Network

This is the internal connectivity between the smart meter and the customer premise network, which can also be defined as Home Area Network (HAN), Building/Business Area Network (BAN) or Industrial Area Network (IAN). It uses in–premise wire line or wireless standards interfaces (e.g. ZigBee, HomePlug, WiWi-Fi, etc.) to connect to customers’ devices.

E15

Customer Premise Network to/from Plug-in Vehicles (PEV)

It provides connectivity between the customer’s network and the PEV (usually through an Energy Service Interface (ESI) device. There are two cases for the PEV connectivity; (i) stationary and (ii) mobile. The later is connected to a wireless service provider when the vehicle is mobile and/or roaming (see interface E18). The customer premise network could be residential, commercial, or industrial scale.

E16

Customer Premise Network to/from Renewable Energy Resources/Microgrids (Wind/Solar) and Storage Energy Systems

It provides connectivity between the customer’s network and renewable energy resources/microgrids (solar/wind) and storage energy systems.

E17

Customer Premise Network to/from Internet Service Provider

It connects the customer premise network to an Internet Service Provider (SPs: DSL, Cable, WiMAX, etc.) It usually uses broadband routers to provide high speed Internet services to the end users.

E18

Plug-in Vehicles (PEV) to/from Wireless Service Provider

This connectivity is used when the vehicle is mobile and/or roaming and needs to access location, pricing, and/or billing information using on0board energy information systems. The wireless service provider could use 3G/GSM, 4G/LTE/WiMAX or satellite transponder technology inside the vehicle.

E19

Internet Service Provider to/from Internet Service Provider

It connects the Internet service providers (ISPs) to the mobile operator’s networks and vice-versa.

E20

Internet Service Provider to/from Public Internet

It connects the Internet service providers (ISPs) to the public Internet.

E21

Wireless Service Provider to/from Public Internet

It connects the wireless service providers (WSPs) to the public Internet.

E22

Wireless Service Provider to/from 3rd Party Network

It connects the wireless service providers (WSPs) to the 3rd party network (value-Added Service (VAS) Provider).

E23

3rd Party Network to/from Public Internet

It connects the 3rd Party Network (Value-Added Service (VAS) Provider) to the Public Internet.

E24

3rd Party Network to/from Markets

It connects the 3rd Party Network (Value-Added Service (VAS) Provider) to the markets for energy/electricity price signaling information.

E25 3rd Party Network to/from Utility It connects the 3rd Party Network (Value-Added Service (VAS)

1

2

Interface Description CommentsControl/Operation, Enterprise LAN

Provider) to the Utility control/operation/enterprise center. Usually is part of an Open ADE data exchange arrangement where the 3rd party network access customer metering/billing and energy consumption information through utility’s data repositories. Other schemes involve 3rd party demand response and other services.

E26 Markets to/from Public Internet It connects the market with utilities and other 3rd party providers through the public Internet.

E27 Utility Control/Operation, Enterprise LAN to/from Public Internet

It connects the utility control/operation/enterprise center to 3rd party service provider, Internet service provider, wireless service provider and other providers through the public Internet.

E28 Backhaul/WAN to/from Electric Feeder Network elements

It connects the backhaul to/from field devices (reclosures, cap banks, switches, etc).

E29 Backhaul/WAN to/from Electric Feeder Network elements

It connects the backhaul to/from field devices (reclosures, cap banks, switches, etc).

E30 Utility Control/Operation, Enterprise LAN to/from Transmission Substation Network

E31 Utility Control/Operation, Enterprise LAN to/from Wide Area Networks (WAN)

E32 Wide Area Networks (WAN) to/from Backhaul/WAN

E33 Wide Area Networks (WAN) to/from Distribution Substation Network

E34 Wide Area Networks (WAN) to/from Transmission Substation Network

E35 Wide Area Networks (WAN) to/from Regional Interconnects

E36 Backhaul/WAN to/from Transmission Substation Network

E37E38E39 Grid scale energy resources

to/from Transmission Substation Network

Need to change. Same as E44

E40 Grid scale energy resources to/from Regional Inteconnects

E41E42 Transmission Substation

Network to/from Distribution Substation Network

E43 Grid scale energy resources to/from Wide Area Networks (WAN)

E44 Grid scale energy resources to/from Transmission Substation Network

E45 Field Area Networks to/from Distribution Substation Network

1

2

Interface Description CommentsE46 Field Area Networks to/from

Distributed Energy Resource (DER) Network

E47 Field Area Networks to/from Feeder Network/Field Devices

E48 Distribution Substation Network to/from Workforce Mobile Network

E49 Backhaul/WAN to Field Area Networks (FAN)

E50 Field Area Networks (FAN) to/from Workforce Mobile Network

E51 Backhaul/WAN to/from Workforce Mobile Network

E52 Neighborhood Area Network (NAN) to/from ESI/xAN

E53 ESI/xAN to/from Other Networks

E54 Utility Control/Operation, Enterprise LAN to/from Other Networks

E55E56E57E58E59E60 Bulk Generation to/from Wide

Area Networks (WAN)E61 Markets to/from Wide Area

Networks (WAN)E62 Regional Interconnects to/from

Other NetworksE63E64 Wide Area Networks (WAN)

to/from Field Area Networks (FAN)

E65 Backhaul/WAN to Neighborhood Area Network (NAN)

E66 Wide Area Networks (WAN) to/from Workforce Mobile Network

E67 Bulk Generation to/from Other Networks

E68 ESI/xAN to/from LoadsE69 Workforce Mobile Network

to/from Other Networks

1

2

52. Information systems intraoperability

52.1 Introduction of context of topics in Smart Grid interoperability information technology

This section is an introduction of the context of Smart Grid. Specific major topics are covered in sections 8.2 through 8.6. There is a drill-down of material between sections, for example section 8.3 on architecture develops some points that continue further in other major sections.

53. Sources of Data

Utilities have petabytes of operational data, both real-time (periodically updated from microseconds to seconds) and archival; both static (such as nodal diagrams within distribution management systems), and dynamic (such as switching orders.) There is a wealth of information generated by field crews, and from root cause analyses of past system failures. AMI implementations are becoming a fine-grained distribution sensor network feeding communication aggregation systems. Both devices providing data and systems collecting data require architectures to enhance, support, and provide context for real-time data coming in from new IEDs and other smart grid devices. In an era of renewable energy sources, grid connection controllers become yet another data source. With renewable energy sources, micro-scale weather forecasting such as can provide valuable context for grid operation.

54. Data Models

Once data is obtained, in order to preserve its value in a standard format, one can think in terms of an XML-oriented data base. Modern implementations of these data bases have improved performance characteristics and the IEC TC 57 CIM (Common Information Model) is the leading model using Semantic (abstract information model), Contextual (profiles for standardization) and Syntactical (schemas or messages) levels. Other entries, such as DLMS-COSEM for AMI, are also coming into practice. At a higher level, the model is more important than the technical implementation of the data. A well designed data model not only makes exchange of data and legacy program adjustments easier, but it can also help the applicability of security and performance requirements. The existence of data models is often a good indicator of an intact governance process, for it facilitates use of the data by multiple applications by establishing common semantics.

Ontology-based strategies are also commonly used with success in creating and manipulating data models as they provide easy export or translation to XML or UML which provide for a great deal of interoperability. Data are of little or no use if its meaning is not clear. Within the context of a single application, developers strive to make the meaning clear in various user interfaces, but when data are transferred to another system – another context, the meaning is often lost. Ontologies are becoming an increasingly popular way of providing a data model with formal semantics based on a shared understanding that is machine readable. Ontologies are often written in OWL, an XML extension that allows the expression of classes (i.e. types) and subclasses, and relationships with their domains and ranges and other characteristics such as symmetry, disjointedness and transitivity (e.g. if a is b and b is c then a is c). Ontologies allow for easy addition of new types and relationships as the domain evolves and allow for smarter contextual searches. Additionally, ontologies allow for information to be inferred from the existing knowledge base without it having to be explicitly expressed. As an added benefit, intricate policies written against the ontology may be evaluated against conditions and enforced when operational conditions expressed in the policy are detected. Most significantly, the explicit representation of meaning that ontologies provide forms an anchor for meaning, a base for shared understanding of the raw data. See Section 76for more information.

55. Communications

One of the most common issues needing to be addressed is the design of the wide area communication system. Data communications architecture affects data rate performance, the cost of distributed intelligence and the identification of security susceptibilities. There is no single communications technology that is suitable for all utilities or even for all operational areas across any individual utility. Rural areas could even be served by BPL or PLC; while urban areas benefit from MPLS and purpose designed mesh networks, enhanced by their proximity to fiber. In the future

1

1

23

456

7

89

101112131415

16

171819202122232425

2627282930313233343536373839

40

4142434445

2

there could be entirely new choices in communications. So the smart grid architect needs to focus on security, standardized interfaces to accept new technology, enablement of remote configuration of devices to minimize any touching of smart grid devices once installed, and future-proofing the protocols. The architecture should also be traceable to the business case. This needs to include probable use cases that may not be in the PUC filing, such as AMI now but Smart Grid later. Few utilities will be pleased with the idea of a communication network rebuild within five years of deploying an AMI-only network. Communications architecture must also consider power outages, so battery back-up, solar recharging, or other equipment may be required. Even such arcane “details” as ‘will the antenna on a wireless device be the first thing to blow off in a hurricane?’ need to be considered.

56. Security

Deregulation and attendant competitive market forces are making the power system infrastructure much more reliant on the information infrastructure so that business edges could be gained from more accurate and timely information. Such business drivers are resulting in automated decision intelligence replacing manual operations and as a result reliability of the power system is increasingly affected by problems that the information infrastructure might suffer from.

The electricity generation and delivery infrastructure as a result is transforming itself from an extremely complicated machine to a very complex one where diverse, connected, interdependent and adaptive functions and applications are pervasively interacting to bring in capital and operational efficiency but enhanced grid reliability and appropriate security risk management of the power system are prime concerns the industry is focusing to address.

Regulatory mandates like NERC CIP and guidelines from other industry and standards organizations are also ensuring that security of the system is addressed in the early phases of architecture and design and continues through implementation, testing, deployment and operational phases of the solution.

Power grid information security and protection requirements have aspects of both control (operation) systems as well as enterprise IT (business) systems and although both systems require information security services for combating malicious attacks or providing protection against inadvertent errors, specific distinctions in attack and error types, differences in performance requirements as well as organizational policies for them make their required security posturing quite different. While Confidentiality, Integrity and Availability are the order of priority for a business IT system, Availability, Integrity and Confidentiality is often the prioritization order for a control system.

Certainly the smart grid’s purpose is to enhance network reliability, not lower its security, but with the advent of NERC CIP, security has risen to become a prime consideration, usually addressed in phase one of the smart grid architecture. Unlike the data center, field deployed security has many new situations and challenges. There is security at the substation – for example who can access what networks, and when, within the control center. At the other end, security of the meter data in a proprietary AMI system needs to be addressed so that only authorized applications and personnel can access the data.

A Security Gateway helps to ensure only authorized applications are allowed to access the data, whether an IP meter or an IED.

Proper architectures could address dynamic, trusted virtual security domains, and be combined not only with intrusion protection systems but anomaly detection systems. Since hackers can introduce viruses in data (such as malformed video images that leverage faults in media players), then similar concerns are under discussion with smart grid data. An attack on 300 MW of demand response may not be different than a cyber attack a 300 MW generator that is clearly under the jurisdiction of NEC CIP

Approaches exist for top down and bottom up security analysis of the Smart Grid and NIST and other organizations are leveraging them to investigate where use cases, functionalities and performance requirements of the smart grid can be secured by existing security technologies like access control, authentication, and cryptography.

1

12345678

9

1011121314

15161718

192021

222324252627

282930313233

3435

3637383940

414243

2

57. Analytics

A smart grid will generate much more data for the utility, and analytic applications support the processing, interpretation, and correlation of the flood of new grid observations. One part of the analytics would be performed by existing applications, and this is where data models and integration play a key role. Another part of the analytics dimension is with new applications and the ability of engineers to use a workbench to create their customized analytics dashboard in a self-service model. Many utilities have power system engineers in a back office using spreadsheets; part of the smart grid concept is that all data is available to the community to use modern tools to analyze and predict grid operation. Analytics may need a dedicated data bus, separate from an ESB or enterprise SOA bus, in order to meet the timeliness and quality of service to support operational analytics. A two tier or three tier (if one considers the substations) bus is an architectural approach to segregate data by speed and still maintain interconnections that support a holistic view of the operation. Connections to standard industry tools, or general tools, should be considered at design time, rather than as an additional expense commitment after smart grid commissioning.

58. Integration

Once data is sensed, securely communicated, modeled and analyzed, the results need to be applied for business optimization. This means new smart grid data gets integrated with existing applications and metadata locked in legacy systems is made available to provide meaningful context. This is typically accomplished by enabling systems as services per the classic SOA model. However, issues of common data formats, data integrity, and name services must be considered. Data integrity includes verification and cross-correlation of information for validity, and designation of authoritative sources and specific personnel who own the data. Name services addresses the common issue of an asset —whether transformer or truck—having multiple names in multiple systems. An example might be a substation that has a location name, a GIS identifier such as latitude and longitude, a map name such as nearest cross streets, a capital asset number in the financial system, a logical name in the distribution system topology, an abbreviated logical name to fit in the DMS GUI, and an IP address for the main network router in the substation. Different applications may know new data by association with one of those names, and that name may need translation to be used in a query with another application. While rewriting the applications to a common model may seem appealing, it may very well be a costly aspect in smart grid interoperability. While the smart grid should help propagate intelligence throughout the utility, this doesn’t necessarily mean to replace everything, but it should “information-enable” everything. Interoperability is essential at both a service level and at the application level. Some vendors focus more at the service, but consider making a cell phone call internationally—your voice data may be CDMA in the U.S., travel by microwave and fiber along its path, and emerge in a GSM cell phone environment, yet your speech (the “application level data”) goes through transparently.

59. Hardware

The world of computerized solutions does not speak to software alone. AMI storage consolidation addresses the concern that the volume of data coming into the utility will be increasing exponentially. As more meter data can be read in an on-demand fashion, data analytics will be employed to properly understand it all, requiring a sound hardware architecture to manage, back-up, and feed the data into the analytics engines. In particular, storage is needed in the head end systems and the meter data management systems (MDMS). Head end systems pull data from the meters to provide management functionality while the MDMS collects data from head end systems and validates it. Then the data can be used by billing and other business applications. Data in both the head end systems and the master copy of the MDMS is replicated into multiple copies for full back up and disaster recovery. For MDMS, the master database that stores all the aggregated data is replicated for other business applications such as customer portal or data analytics, so that the master copy of the data is not tampered with.

Since the Smart Grid is essentially performing in real-time, and the electricity business is non-stop, one must think of hardware and software solutions as needing to be fail-safe with automated redundancy. The AMI data especially needs to be reliable. The key factors then become operating system stability; hardware true memory access speed and range; server and power supply reliability; file system redundancy and techniques to provide a point-in-time copy of a logical drive. Some can be useful in speeding up database hot backups and restore. Others can extend the

1

1

23456789

10111213

14

151617181920212223242526272829303132

33

34353637383940414243

4445464748

2

replication functionality by providing the ability to copy contents of one volume to another. Enhanced remote mirroring can provide the ability to mirror data from one storage system to another, over extended distances.

59.1 Power Engineering – Brief overview from IT perspective

“Smart grid” and similar names such as “intelligent grid,” “modern grid,” “future grid,” and so on are all being used to describe a “digitized” and intelligent version of the current power grid. Sometimes, people confuse the smart grid with smart meters and advanced metering infrastructure (AMI) or with interoperability grid. Thus, the most relevant characteristics of a smart grid include the following:

Self-healing (intelligent automated restoration and reporting) from power disturbance events Enabling active participation by consumers in demand response Operating resiliently against both physical and cyber attacks Providing power quality that meets the present and future needs of electricity consumers Accommodating all generation and storage options Enabling new products, services, and markets Optimizing asset utilization and operating efficiency

These characteristics can be achieved through the application of a combination of existing and emerging technologies. Conceptually, the smart grid is composed of four layers:

Decision Intelligence Communication and IT Sensor/Actuator Power Conversion/Transport/Storage/Consumption

At the center of the power grid is the decision intelligence layer supported by the communication and Information Technology (IT) layer consisting of computer software that runs in relays, IEDs, substation automation systems, control centers, and enterprise back offices. This is allowing a fundamental shift paradigm in the design and operational grid central to distributed resources, from predictable power flow directions to unpredictable directions, from a passive grid to an active grid. As a consequence, the grid is more dynamic in its configuration and its operational conditions, and many opportunities for optimization but also many new technical challenges.

The focus of the industry effort so far has been mostly on the interoperability of the communication and information model, as suggested by the National Institute of Standards and Technology (NIST) Smart Grid Interoperability standard road map and the International Electro technical Commission (IEC) documents on smart grid standardization. However, the Edison Electric Institute suggests that “advanced controls provide the ‘smart’ in smart grids”.

To enable smart applications, there is a need for good business logic, control, and optimization theory as well as new hardware components that can control power flows in the network as well as the output and the consumption of power. Advanced applications in the control center continuously check the state of the grid and determine the best control strategies from among billions of possibilities in real time. In addition, software can process the information collected from the sensors or disseminated from the communication and IT systems. The deployed sensors continuously collect energy consumption data, weather data, and equipment condition and operational status and perform real-time rating in the context of actual distribution and transmission line flows.

End-user equipment is no longer the dumb device, but an interactive and intelligent node on the smart grid. For example, energy management systems monitor the energy consumption data from private residences to office buildings. These systems can determine the consumption patterns and preferences of the consumers, as well as real-time conditions (e.g., market prices, grid stress). They may use the collected information to autonomously interact

1

12

3

4567

89

1011121314

151617

18192021

22232425262728

2930313233

34353637383940

41424344

2

with the grid to determine the charging and discharging cycles of various appliances to dynamically balance load and resources, maximize energy delivery efficiency and security in real time.

For the decision intelligence layer to work, data and information need to be propagated from the devices connected to the grid to the controllers that process the information and transmit the control directives back to the devices. The IT layer provides responsive, secure, and reliable information dissemination to any point in the grid where the information is needed by the decision intelligence layer. In most cases, this means that data are transferred from field devices back to the utility control center, which acts as the main repository for all the utility’s data.

Interoperability and security are essential to assure ubiquitous communication between systems of different media and topologies and to support plug-and-play for devices that can be auto-configured when they are connected to the grid, without human intervention. In addition, a new electricity service culture based on Six Sigma quality program will better serve the customers.

Now, more than ever, the electric power industry must play an equally active and coordinated role in defining and developing the hardware, software, standards and protocols that are needed to realize a secure and interoperable nationwide smart grid.

59.2 Information Technology Architecture

The Smart Grid Information Technology Architecture is defined in terms of the functionality and the interoperability of the seven distinct operational domains identified by the NIST SGIP as shown on the figure below:

1) Bulk Generation2) Transmission3) Distribution4) Operations5) Service Provider6) Markets7) Customer

1

12

34567

89

1011

121314

15

1617

1819202122232425

2

Figure 17—Information Technology IEEE P2030 Smart Grid Architectural Reference Model

1

1

2

3

2

Table 11—Information Technology Entities and Descriptions

Actor Description Comments

Table 12—Information Technology Interfaces Described

Interface Description Comments

The IT Architecture concerns itself with information exchange between the Seven NIST Domains, at the ISO (International Standards Organization) OSI (Open Systems Interconnect) Model above the Transport Layer (Layer 4). The focus of the smart grid IT Interoperability is Layers 4 through 7.

The Smart Grid is envisioned as a system of systems.

The objective is not to define new information exchange architecture, but rather to work with the current best practices and technologies and to identify and fill the gaps for information exchange between the seven Domains as necessary. Explicit efforts have been made to adopt the terminology used by NIST and SGIP in order to ensure a consistent architectural framework for the Smart Grid.

The smart grid is both an evolution of power equipment technology and the movement of sophisticated computer monitoring, analysis, optimization and control from central utility locations to the distribution and transmission grids. It thus brings with it many of the concerns of distributed automation, such as interoperability of data exchanges, computer network security, data communication requirements, and integration with existing and future systems and applications.

This clause covers the following topics:

Information Exchange Reference Architecture Related Standards Pertinent Message Protocols Architectural Framework Methodologies and Tools Security Privacy Attributes

1

1

2

3456

7

89

1011

1213141516

17

18192021222324

2

Performance Reliability & Availability Manageability

60. Information Exchange Reference Architecture

An interoperability framework for a Smart Grid infrastructure can be described in terms of the following framework elements:

set of architecture representations to express structural requirements; set of scenario representations to express behavioral requirements; set of profile representations to express specific standards and the associated conformance points to

support the desired interoperability objectives.

The Object-Process Methodology convention is used for expediency and to illustrate the interoperability framework. Other methodologies also exist.

Figure 9 is a diagram showing these framework elements and their relationships. In the diagram, a rectangular box is an "object" and an oval is a "process." A "process" can change the state of an "object." The various relationships (see section 8.3.5.2) among the "objects" and the "processes" are shown as either structural or procedural links.

Figure 18—Grid Interoperabilty Framework (OPD)

1

123

4

56

789

10

111213

14151617

1819

20

2

In addition to an object-process diagram (OPD) for the interoperability framework, the Object-Process Methodology (OPM) provides a simplified textual description of the relationships among the objects and processes denoted in the graphical description of an OPD.

A key result in conducting the main process is a set of concise references to international and industry standards, along with the recommended settings when implementing the standards, and these recommendations form part of the guidelines provided by IEEE P2030. The set of concise references to standards are denoted in Figure 18 as Smart-Grid-Interoperability-Standard-Profiles.

The purpose of constructing a Smart Grid Interoperability Framework is noted in the main process in Figure 18, Modeling-Smart-Grid-Structure-and-Behavior-to-Profile-Interoperability-Requirements (i.e. the blue oval). The object-process language (OPL) descriptions below correspond to a Smart Grid Interoperability Framework diagram in Figure 18.

Smart-Grid- Interoperability-Framework consists of Smart-Grid-Architecture and Smart-Grid-Scenario.Smart-Grid-Architecture consists of smart-grid-system-architecture, smart-grid-application-

architecture, and smart-grid-decision-hierarchy-architecture. Smart-grid-system-architecture consists of Information-System-Architecture,

Communication-System-Architecture, Power-System-Architecture, and Smart-Grid-Security-Architecture. Information-System-Architecture is of type System-Architecture. Communication-System-Architecture is of type System-Architecture. Power-System-Architecture is of type System-Architecture.

Smart-grid-application-architecture exhibits Smart-Grid-Security-Architecture. Smart-grid-decision-hierarchy-architecture exhibits Smart-Grid-Security-Architecture.

Smart-Grid-Scenario consists of Customer, Service-Provider, Markets, Operations, Bulk-Generation, Transmission, Distribution, and Domain-to-Domain.

Customer is of type Intra-domain-Exchanges. Service-Provider is of type Intra-domain-Exchanges. Market is of type Intra-domain-Exchanges. Operation is of type Intra-domain-Exchanges. Bulk-Generation is of type Intra-domain-Exchanges.

Transmission is of type Intra-domain-Exchanges. Distribution is of type Intra-domain-Exchanges. Domain-to-Domain is of type Inter-domain-Exchanges.

Smart-Grid-Interoperability-Standard-Profile is of type framework element. Following path used in process of, Modeling-Smart-Grid-Structure-and-Behavior-To-Profile-

Interoperability-Requirementsrequires Smart-Grid-Interoperability-Framework. Following path result from process of Modeling-Smart-Grid-Structure-and-Behavior-To-Profile-

Interoperability-Requirements yields Smart-Grid-Interoperability-Standard-Profiles.

61. Interoperability view within the framework

Two or more entities are able to exchange items to enable each other to perform a task.Note 1: Examples of entities that are exchanging include devices, equipment, machines, people, processes, applications, software units, systems, enterprises, etc. Note 2: Examples of items that are exchanged include information, material, energy, control, assets, ideas, etc.

1

123

4567

89

1011

121314151617181920212223242526272829303132333435363738

39

40

4142434445

2

Exchanges are conducted using a set of mechanisms and rules that are associated with an interface;Note 3: Examples of mechanisms are services and grades of service.Note 4: Examples of rules are protocols and qualities of service.

Characteristics of the exchanged items are commonly known and shared among the exchanging entities;Note 5: Examples of characteristics of an exchanged item include the meaning, the structure, the composition (or model), the purpose of use, the lifetime, etc.

The framework can be used to characterize the interoperability of the entities relative to the context, content, conveyance and connectivity of the exchanges of the combination of items.

62. Integration view within the framework

Two or more component entities are integrated into a compound entity that is observed to behave as a single entity, solely performing a definite task.Note 1: Each component entity exhibits a structure, a behavior, and a boundary that can be distinguished from those of another component entity.Note 2: The compound entity, formed by the integrated component entities, exhibits a structure, a behavior, and a boundary of its own and can be distinct from those of its component entities.Note 3: Examples of integrated applications are the Power Generation application and the Plant Control application within a Bulk Generation activity domain.

To enable a compound entity to perform its assigned task, its integrated component entities cooperate, coordinate, and collaborate in a seamless, synchronized, efficient and effective manner.Note 4: The cooperation, coordination and collaboration among the component entities are enabled by a series of exchanges of a set of items.Note 5: Interoperability among the component entities is a prerequisite to their integration into a compound entity.Note 6: Examples of integrated components are the Phasor Measurement Unit and the Transmission RTU of a Transmission subsystem within a Transmission activity domain

For the Smart Grid information interoperability framework, the interoperability view involves applications (entities) in the various Smart Grid activity domains which exchange information (items) to accomplish their respective tasks. The integration view involves resources (component entities) in a Smart Grid activity domain that compose the systems (compound entities) that enable the applications within the domain.

In Figure 18, the framework element of type architecture, Smart-Grid-Architecture, can be modeled to be composed of the logical and physical resources (“system architecture”), the application and operational functionality (“application-architecture”), and the organizations that deal with policy (“decision-hierarchy”) in a Smart Grid.

The smart-grid-system-architecture component architecture can be further modeled to be formed by a collection of the following subsystem architectures: Information-System-Architecture, Communication-System-Architecture, Power-System-Architecture, and Smart-Grid-Security-Architecture.

In a similar manner, the smart-grid-application-architecture component architecture can be further partitioned to consist of the following parts: an Information-Application-Architecture, a Communication-Application-Architecture, and a Power-Application-Architecture. These detailed decompositions are not shown in Figure 18.

The smart-grid-decision-hierarchy component architecture can also be partitioned to consist of the following parts: an Information-Decision-Hierarchy, a Communication-Decision-Hierarchy, and a Power-Decision-Hierarchy. These detailed decompositions are not shown in Figure 18.

1

123456789

10

11121314151617181920212223242526

27282930

31323334

353637

38394041

424344

2

All the component architectures addressing the systems, the applications and the decision hierarchies embody and exhibit the properties and the qualities of the Smart-Grid-security-architecture.

Unless the resources selected to implement the smart-grid-system-architecture conform to the IEEE P2030 set of recommended standards that are referenced in the Smart-Grid-interoperability-standard-profiles, then the requirements denoted by the smart-grid-application-architecture and the smart-grid-decision-hierarchy may not be likely satisfied.

In Figure 18, the framework element of type scenario, Smart-Grid-Scenario concerns itself with the functions performed within the various activity domains (as defined by NIST and SGIP) and the logical interactions among the applications and the physical connections among the resources deployed in these domains. Examples of these inter-domain and intra-domain interactions are shown as the double-arrow-headed line segments in Figure 19, below. These interactions are enabled when the resources in the various activity domains implement the interfaces recommended in the Smart-Grid-Interoperability-Standard-Profiles.

Figure 19—Interoperability requirements for Information Exchange among Activity Domains

In Figure 19, the activity domains (rounded-corner rectangles) contain applications (straight-corner rectangles) that interact via information exchanges. For example, when a certain user within the Customer activity domain requests a change in the energy delivery service, a series of transactions occur within the applications within Customer activity domain and among the applications in the Distribution, Service Provider, Markets and Customer activity domains. The set of information exchanges among a specific group of applications in various domains can be categorized as a framework element of type scenario, as shown in Figure 18, where 8 forms of Smart-Grid-Scenario include the 7 intra-domain scenarios and 1 generic inter-domain scenario.

Figure 20 illustrates the two basic interaction processes, Exchanging-Item-between-Applications-within-Domain and Exchanging-Items-between-Applications-Across-Domains. These scenarios, also known as, use cases, capture the Information-Exchange-Interoperability-Requirements and organized into a set of 7 tables for intra-domain interactions, Exchange-Matrix-with-Applications-within-Domain-and-Resources-and-Information-Items and a complementary set of 42 tables for inter-domain interactions, Exchange-Matrix-with-Applications-across-Domain-and-Resources-and-Information-Items.

1

12

3456

789

10111213

14

151617

181920212223242526

272829303132

2

Figure 20—Information Exchange Framework and Interoperability Standard Profiles (OPD)

Figure 20 also shows the gating process, Matching-Interface-Service Definition-and-Protocol-Specification-to-Exchange-Interoperability-Requirements, wherein the grade and quality of services of the IEEE P2030 recommended set of information exchange standards, Industry-and-International-Standards-for-Information-Exchange, are compared with the requirements summarized in information exchange tables.

The appropriate standards are then organized and enumerated in the P2030 guideline as a suitable set of Application-Interoperability-Standard-Profiles that can be used with the associated set of intra-domain and inter-domain application information exchanges.

Examples of these information exchange standards include generic application protocols, such as, ISO 9506 (MMS),TASE.2, GOOSE, etc. and application-specific protocols, such as, SAE1772 for Electrical Vehicle Connector, FIXML Open Standard for Billing data, etc.

The OPL text description corresponding to Figure 20 is shown below.

Activity-Domain exhibits Exchanging-Item-between-Applications-within-Domain. Activity-Domain consists of Application-within-Domain and Another-Application-within-Domain. Activity-Domain zooms into Another-Application-within-Domain and Application-within-Domain,

as well as Exchanging-Item-between-Applications-within-Domain. Another-Application-within-Domain is of type Application. Application-within-Domain is of type Application. Exchanging-Item-between-Applications-within-Domain requires Information-Exchange -

Interoperability-Requirements. Exchanging-Item-between-Applications-within-Domain affects Application-within-Domain

and Another-Application-within-Domain.

1

123

456789

101112

131415

16

17181920212223242526

2

Exchanging-Item -between-Applications-within-Domain yields Exchange-Matrix-with -Applications-within-Domain-and-Resources -and-Information-Items.

Exchanging-Items-between-Applications-Across-Domains require Information-Exchange -Interoperability-Requirements.

Exchanging-Items-between-Applications-Across-Domains affects Application-within-Domain and Application within-Another-Domain.

Matching-Interface -Service Definition-and-Protocol-Specification-to-Exchange-Interoperability-Requirements requires Information-Exchange-Interoperability-Requirements, Industry-and -International-Standards-for-Information-Exchange, and Exchange-Matrix-with-Applications-within-Domain-and-Resources-and-Information-Items.

Matching-Interface-Service Definition-and-Protocol-Specification-to-Exchange-Interoperability-Requirements yields Application-Interoperability-Standard-Profiles.

One approach to constructing an Application-Interoperability-Standard-Profile is to model an application in a Smart Grid activity domain to be composed of a set of resources of varying types that are configured to support the information exchanges among the resources within the application and with resources in the other applications residing in different activity domains.

Following the definitions in ISO 15745, Application Interoperability Framework, a diagram of the types of resources associated with an application and the characteristics of the information exchanges between resources are shown in Figure 21.

When an application executes, the main process in Figure 21 is Performing-Set-of-Processes that correlates to a series of scenarios or information exchanges. The information exchange tables can be constructed as resources of one application (rows in table) exchanging information items with resources of another application (columns in table). The intersection of a particular row and a particular column represents the information exchange requirements between the resources associated with the row and the column, including the needed Resource-Capability, Information-Set-Exchanged, and Rules-for-Exchange.

The context, content, conveyance and connectivity required to enable the exchange can be noted and organized. The interface appropriate to support the exchange is recommended as a recommended standard profile in the IEEE P2030 guideline.

1

123456789

101112

1314151617

181920

212223242526

272829

2

Figure 21—Application Interoperability Framework (OPD)

Application model for checking interoperability (source ISO 15745) is environmental. Application is a Scenario-Actor. Application exhibits Resources and Information-Exchanges, as well as Performing-Set-of-

Processes. Resources is of type Architecture-Item. Information-Exchanges exhibits Resource-Capability, Information-Set-Exchanged, and Rules-for-

Exchange. Device is a Resources. Software-Unit is a Resources. Communications-Network is a Resources. Equipment-Machinery-Building is a Resources. Material-Goods is a Resources. Personnel is physical. Personnel is a Resources. Energy-Fuel-Utility is a Resources. Domain-Specific is an Application. Domain-Generic is an Application.

1

2

3456789

1011121314151617181920

2

63. Systems of Systems Approach

An interconnected set of intelligent systems for smart grid requires certain architectural considerations. Coordination of independent software systems doing local optimizations is encouraged. However, in a system of systems as geographically disperse as the smart grid; communications may not be 100% available for this coordination. Thus care should be exercised in design so that

Higher level supervisory systems monitor the global result of distributed intelligence systems, for example intelligent substation pairs and smart circuits.

Local systems can certainly optimize toward goals, but they need to be aware of the larger area situation

Local systems must have a ‘safe’ mode to enter if they no longer have area situational awareness

Research in some of these areas is known as Self Organized Criticality in Grid Dynamics. The very high level concept is that improvements in one area may bring about opportunities for new failures in other areas, such that resultants in terms of outage minutes or occurrence rate of large blackouts may not decrease with ‘progress’. This goes back to paying attention overall system engineering principles, rather than only examining individual specific sub-systems.

64. Related Standards

Standards from the following organizations have been identified as pertinent to inter- and intra-operability between the seven Functional Domains:

IEEE NIST ANSI IEC NERC SAE

Table 13 presents specific standards as they relate to the interoperability between the Seven Functional Domains.

1

1

2345

6789

10

1112131415

16

1718

192021222324

252627

2

Table 13—Standards pertinent to Interoperability between and within the Seven Identified Domains

Domain Bulk Generation

Transmission Distribution Operations Service Provider Markets Customer

Bulk Generation

(5) IEC 60870-6/T

ASE.2

(12) NERC CIP 002-

009Transmission (6) IEC 61850

substation-substation

(5) IEC 60870-6/T

ASE.2

(8) IEC 62351 Security(9) IEEE C37.118

Distribution (7) IEC 61968

(5) IEC 60870-6/T

ASE.2

(10) IEEE 1547.3

(9) IEEE C37.118

Operations Service Provider

-

Markets (14)Open ADR

Customer - (10) IEEE 1547.3

(1) ANSI C12.19

(15) Open HAN

(2) AMR (16) ZigBee / Home Plug

Smart Energy Profile

(3) ISO 16484-5 ANSI

ASHRAE 135-2008

(*)Plug-in Hybrid Electric Vehicles:

SAE J2847 (communications) SAE J1772(connector)

(10) IEEE 1547

1

1

23

2

65. Pertinent Message Protocols

66. Inter-Domain Communications Protocols (between Domains)

SCL - Substation Configuration Language ICCP Inter-Control Center Communications Protocol (ICCP or IEC 60870-6/TASE.2) HAN – Home Area Network & Others SAE (Society of Automotive Engineers) J2847-1 (Communication/information exchange between

Plug-in Vehicles and the Utility Grid) <TBD: To be provided by Bob Grow> Other Communications Protocols.

67. Intra-Domain Communications Protocols (within a Domain)

GOOSE: Generic Object Oriented Substation Events MMS - Manufacturing Message Specification CAN – Control Area Network Protocol (within Automobiles) <TBD: To be provided by Bob Grow> Other Communications Protocols

68. Message Protocol Descriptions

[Need intro text]

69. SCL - Substation Configuration Language

Substation Configuration Description Language (SCL) is the language and representation format specified by IEC 61850 for the configuration of electrical substation devices. It includes representation of modeled data and communication services as specified by IEC 61850 – 7 –X standard documents. The SCL representation and its details are specified in IEC 61850-6 standard document. It includes data representation for substation device entities and associated functions represented as logical nodes, communication systems and capabilities.

70. Parts of SCL files

An SCL file contains the following parts:

Header – This part is used to identify version and other basic details of an SCL configuration file. Substation – This is the part dealing with the different entities of a substation including various

devices, interconnections and other functionalities. The elements include power transformers, Voltage Levels, bays, General Equipment, conducting equipment like breakers, logical nodes etc.

Communication – This section deals with different communication points (access points) for accessing the different IEDs of the complete system. This part contains different Sub Networks and access points.

IED – The IED section describes the complete pre-configuration of an Intelligent Electronic Device (IED). It contains different access points of the specific IED, the logical devices, and logical nodes, report control blocks etc coming under the IED.

Data Type Templates – It defines different logical devices, logical nodes, data and other details separated into different instances. The complete data modeling according to IEC 61850-7-3 & 7-4 are represented in this part of SCL. It is again subdivided into LnodeType, DOType, DAType and EnumType.

1

1

2

345678

9

10111213

14

15

16

17

181920212223

24

25

2627282930313233343536373839

2

71. MMS - Manufacturing Message Specification

Manufacturing Message Specification (MMS) is an international standard (ISO 9506) dealing with messaging system for transferring real time process data and supervisory control information between computer applications and/or networked devices. The standard was developed by the ISO Technical Committee 184 (TC184). MMS defines the following:

A set of standard objects that exist in every device, and on operations like read, write, event signaling, etc. can be executed. Virtual manufacturing device (VMD) is the main object and all other objects like variables, domains, journals, files etc comes under VMD.

A set of standard messages exchanged between a client and a server stations for the purpose of monitoring and/or controlling these objects.

72. MMS stack over TCP/IP

In 1999, Boeing replaced the original four relevant layers of ISO with TCP/IP and introduced ISO Transport over TCP (RFC 1006) to have interaction between the top ISO layers of MMS to the bottom TCP/IP layers. This had revolutionized MMS into a globally accepted standard. MMS stack after this modification is shown below:

Application Association Control Service Element (ACSE) - ISO 8649/8650 Presentation Connection Oriented Presentation - ISO 8822/8823 Abstract Syntax Notation (ASN) - ISO 8824/8825 Session Connection Oriented Session - ISO 8326/8327 Transport ISO transport over TCP - RFC 1006 Transmission Control Protocol (TCP) - RFC 793 Network Internet Control Message Protocol (ICMP) - RFC 792 Internet Protocol (IP) - RFC 791 Address Resolution Protocol (ARP) - RFC 826 Link IP data grams over Ethernet - RFC 894 MAC - ISO 8802-3 (Ethernet) Physical Ethernet

73. ICCP Inter-Control Center Communications Protocol (ICCP or IEC 60870-6/TASE.2)

Basic ICCP functionality is specified as “Conformance Blocks” listed below. The objects that are used to convey the data are defined in various parts of IEC 60870-6.

Block Description Data Examples:

Periodic System Data: Status points, analogue points, quality flags, time stamp, change of value counter, protection events. Association objects to control ICCP sessions.

Extended Data Set Condition Monitoring: Provides report by exception capability for the data types that block 1 is able to transfer periodically.

Block Data Transfer: Provides a means transferring Block 1 and Block 2 data types as block transfers instead of point by point. In some situations this may reduce bandwidth requirements.

Information Messages: Simple text and binary files. Device Control: Device control requests: on/off, trip/close, raise/lower etc and digital set points.

Includes mechanisms for interlocked controls and select-before operate.

1

1

2345

678

910

11

12131415

161718192021222324252627

28

2930

31

323334353637383940

2

Program Control: Allows an ICCP client to remote control programs executing on an ICCP server. Event Reporting: Extended reporting to a client of error conditions and device state changes at a

server. Additional User Objects: Scheduling, accounting, outage and plant information. Time Series Data: Allows a client to request a report from a server of historical time series data

between a start and end date.

74. GOOSE: Generic Object Oriented Substation Events

Used for fast transmission of substation events, such as commands, alarms, indications, as messages.

75. Architectural Framework Methodologies and Tools

Various commercial and non-commercial tools and languages exist to model the relationships between entities within and amongst the Seven Functional Domains. The motivation for using such tools might be the design and/or the formal verification of the functional correctness, connectivity, scalability, reliability, cost or performance, etc. of the Smart Grid.

Some examples of such tools are:

Common English-language Drawings. Common off-the-shelf drawing tools are widely available and can be used to show

relationships in block diagrams as well as event sequences and communication flows. Programming Languages. Very detailed models could be coded using languages such as C and C+

+. For example, Classes and methods in C++ could be used to define the relationships and communication flows between entities in a very detailed way.

UML (Unified Modeling Language), UML is an object modeling and specification language used in software engineering. UML modeling tools are widely used and understood. These tools can be used to visually express use cases, hierarchy and composition relationships, sequences of events, activities in a process, state transitions as well as deployment of assets.

SysML(Systems Modeling Language). SysML is an extension of a subset of UML and is a general-purpose modeling language used in System Engineering. SysML supports the specification, analysis, and design of a broad range of systems as well as verification and validation of the requirements and implementation.

XML (Extensible Markup Language)/ XSD (XML Schema). XML is a non proprietary format widely used in computing that is also human readable. XSDs allow the user to specify data types and their attributes as well as restrictions on the type.

RDF (Resource Description Framework)/ RDFS (RDF Schema). RDF is built on top of XML and follows a subject-object-predicate format e.g. the water is cold. RDF allows for greater expressiveness in relationships between objects than XML. In addition to hierarchies, domains and ranges can be specified.

OWL (Web Ontology Language). OWL further extends RDF. It comes with a stronger vocabulary and syntax that RDF. OWL allows the user to express relationships between classes such as “disjoint with” or the “same as”. OWL also has greater expressiveness on properties such as symmetry and transitiveness. In addition OWL allows you to have restrictions on properties that define members of a class implicitly by virtue of meeting these restrictions.

Concept Map. Concept Maps are a graphical tool for modeling concepts and the the relationship between concepts using linking phrases as “is required by”, “facilitates the use of” or “is used by”. Some concept mapping tools can produce an ontology based on the depicted concepts and their relationships.

1

123456

7

8

9

10

11121314

15

161718192021222324252627282930313233343536373839404142434445

2

Architectural Framework. An architectural framework is a specialized methodology that defines how to produce architectures, including the organizational structure and stakeholder views. An Enterprise Architecture describes the structure and its decomposition as well as the contextual relationship to the external environment. There are several frameworks that are commonly used by various industry and government agencies. For instance, DODAF focuses exclusively on the views of architecture while leaving the other mechanics for structure and decomposition to the users’ discretion. In comparison, TOGAF provides a comprehensive approach to the design, planning, implementation, and governance of an enterprise information architecture, and includes detailed guidance on mechanics.

76. Ontology Methodologies &Tools

In computer and information science, the word ‘ontology’ is used to mean a formal representation of meaning describing a system-world, the origin of the word is closer to ‘the study of what things exist’ – it is a process. For our use, this points to the fact there many approaches to the development of ontologies we might use. Within computer science, the field of study known as ‘knowledge representation’ underlies modern ontology work. Over the past several decades, this research has given rise to such representational structures as:

Rule-based systems Object-oriented models Case-based reasoning systems Frame-based models Terminological reasoning.

These last two – frame-based & terminology-based models are the most common forms for describing ontologies. Terminology-based approaches are most frequently expressed in a formal semantics known as “description logic” (this can be seen in the name of the most common dialect of the OWL ontology language which is known as “OWL-DL”).

While frame-based models are sometimes easier to construct from extant data models, most research has shown substantial value in the use of description logics to capture the rich semantics needed to support interoperability and improve human-machine communication.

The leading methods for constructing ontologies include:

Top-down approaches: In these methods, very general high level concepts are defined with formal semantics and then specialized with additional sub-types and relationships between them until sufficient coverage of the domain is achieved. For example: ‘Energy’ is defined followed by ‘KineticEnergy’, ‘PotentialEnergy’, and so forth.

Middle-out approaches: Here use-cases are selected that cover the general scope of behavior to be modeled. These are then analyzed to find key terms. With the aid of subject matter experts in the domain, ontologists develop formal definitions for those key terms and work to define all of the relationship and other objects as needed.

Bottom-up approaches: When useful data models currently exist, it is sometimes possible to add formal semantics to those models. In practice this often looks like a gradual evolution from data models to a frame representation for those data model objects that more formally captures the semantics behind the data model, and then on to the more powerful description logic ontology.

For each of these approaches, the resulting ontology needs to be logically consistent and accompanied by sufficient human-level documentation to fully explain the intended semantics. Furthermore, to best support interoperability, it is desirable to provide some mapping or defined set of relationships from the newly constructed domain ontology to some higher-level or ‘foundational ontology’ that is not domain specific.

1

123456789

10

111213141516

1718192021

22232425

262728

29

303132333435363738394041

42434445

2

As with other forms of information systems, a wide variety of tools can be used to capture and edit ontologies. These range from simple text processors to standard integrated development environments (IDEs) for software. Special purpose tools that support concept mapping are particularly valuable in the initial development of the semantics and working with domain experts to capture meaning. Recently, vendors have developed a number of commercial tools that go beyond the ontology research tools previously available and provide substantial power for ontology development and semantic reasoning.

77. Object Process Methodology Overview

Figure 22—OPM concepts, relations, and graphical symbolsStructural links express static, time-independent relations between pairs of entities. General tagged structural links represent "user-defined" links.

Aggregation-participation Generalization-specialization Exhibition-characterization Classification-instantiation

Procedural links connect processes with objects or object states to describe system behavior.

A transformation link expresses object transformation, i.e., object consumption, generation, or state change.

An enabling (agent or instrument) link expresses the need for a (possibly state-specified) object to be present in order for the enabled process to occur; but the enabled process does not transform the enabling object.

1

123456

7

89

1011

12131415

16

1718192021

2

An event link connects a triggering entity (object, process, or state) with a process that it invokes. The Object-Process Methodology (OPM) combines the structural and the dynamic aspects of

a framework, typically expressed in several UML diagrams, into a simplified diagram where objects and processes are shown with the appropriate relationships. Further, the graphic diagram is generated along with a simplified text description. Edits to either the diagram or text are reflected in both.

78. Privacy

[This section still needs written, to include:

the ownership of any data collected by a Service Provider at or from the Consumer’s Smart Meter is with the Customer, and not the Service Provider if the monitoring equipment is owned and/or installed at the Customer’s home.

The Constitution of the United States ensures the Right to Privacy of the Consumer, and hence, is the best Guide to privacy for Consumer data and information.]

79. Architectural Quality Attributes

Issues of various quality attributes expected or required of the entities within and across the Seven Functional Domains are considered in this section.

They include:

a) Performance. Real-Time Response / Criticality Expectations: Issues such as Priority assigned to messages or data based on different message types. Alert Messages shall have higher priority than Informational Messages and shall bypass them in a logical message queue.

b) Reliability & Availabilityc) Scalabilityd) Manageability. Requirements for the configuration and management of computer and network

components are considered in this subsection. Examples of Manageability Standards are:i) SNMP (Simple Network Management Protocol)ii) DMTF (Distributed Management Task Force)‘s CIM (Common Information Model)

Schema v 2.22.0

1

123456

7

8

910111213

14

1516

17

18192021222324252627

2

79.1.1 Architectural principles in general

Figure 23—Architectural principles

79.2 Data Modeling and Analysis

79.3 Introduction to Data Modeling

The goal of Smart Grid Information Technology Data Modeling is to provide a guide to creating persistent, displayable, compatible, transferable and editable data representation for use within the emerging Smart Grid that is also as interoperable as possible with relevant standards used in existing component domains of that grid. This is specifically addressing the data that represents state information about the grid and individual items in it. This would include nearly all connected items from generation down to individual consuming devices. They all have state information that may need to be read, stored, transmitted, etc. This is not an attempt to address the data that will be used to “model the grid for design purposes” although there is likely to be much overlap and many tools and standards that will be used to design in the areas of transmission down to the meter will provide data structures that can be used during operations as well (e.g. IEC 61850).

Persistence may be achieved by storage in a file system or database. Compatibility and edit ability may be achieved by modeling the data using XML, UML and/or Ontological models that are either defined by existing standards or that are compatible with those standards. These standards for modeling comply with W3C (XML and Ontology standards) and Object Management Group (UML) formats that are well known and that have a rich set of existing tools to create, edit, validate and store them. Transferability may be achieved by known protocols that are well-suited and proven when it comes to moving files in the well-known formats mentioned above.

1

1

2

3

4

5

6789

101112131415

16171819202122

2

80. Persistence

Persistence of a given model may depend on the specific tools used to create and edit the model, but in terms of how it is stored it will nearly always eventually be on a file system that is largely abstracted from the tool and from any protocol that is used to transmit it. The file system should of course support whatever security is required to store the file securely and to read and write it securely. Based on this most commonly used file systems are likely to be acceptable for persisting data models. Many UML and Ontological tools persist their data into XML formats so XML is in many respects a common denominator of sorts when it comes to persistence. In most cases the best practice is to have any XML based solution provide an accompanying XSD that can be used to validate any given XML file as being well formed or not.

Many systems require the persistence of a large amount of data. XML, UML and Ontological modeled data persisted to disk may become rather large and numerous. The process of sorting, storing and searching these large and/or numerous files that are certain to be a result of any attempt to store state information from the Smart Grid are liable to require an additional layer of technology to deal with these files in aggregate. Suitable systems for doing this include SQL RDBMS and Object Oriented Databases that are well known and relied upon across nearly all large IT organizations today. This document will not attempt to recommend any specific database or storage for aggregations of the file or ways to order or search them once aggregated. A primary concern in making the decision on how to persist is to make sure that the system is logically complete and not lossy beyond the loss tolerance allowed. So when something is stored and then retrieved it should be exactly reproduced or must be reproduced within a range tolerated by all possible systems that might consume it.

81. Create, Display, Edit and Share

Creation, display, compatibility and edit-ability are more difficult to be achieved across tools and platforms. Even files persisted to commonly recognized formats like XML may have tool or platform specific aspects that lock those documents into a specific tool or platform. In such a case a translator may be necessary to move any particular model from one format to another. As long as there is an underlying aspect that is based on well known formats in the persistence process, the file can be read and processed and translated from one tool to another. Many tools consider this project based conversion as a way to import work done in other tools and expect it to help gain new users by allowing an import from other tools.

Additionally, once data is in an XML format that has a proper XSD that defines a valid structure of that document type the existing tools like validating parsers and code generators can be used. The validating parsers provide quick and reliable tools to check the document and confirm that it is well formed. The code generators provide a means to use the XSD as an input and get a C#, Java or C++ class back. That class can then be used to “contain” a specific XML document and to provide many commonly needed methods and properties against the class. Specifically these code generators will provide methods to get and set values, to clone the document, to append documents together, to remove nodes and sub-nodes, etc. This allows anyone using these well known formats to leverage existing, well proven standards-based functionality that reduces chances for error that would be introduced by creating something new and promotes interoperability.

Tools for creating, editing and persisting these UML models include TogetherJ (commercial), Rational Rose (commercial), and ArgoUML (open source). Tools for creating, editing and persisting XML models include XMLSpy (commercial) and XML Copy Editor (free GNU GPL). Tools for creating, editing and persisting Ontological models include Protege (open source), Semantic Works (commercial), and Visual Ontology Modeler. This is not an exhaustive list but rather examples of tools that are compliant. Many other tools for each of these types of formats exist, and in fact it is that very nature of the successful ecosystem around these formats that makes them a good choice for modeling. [Move these to the end or reference other sources that might keep up to date].

1

1

23456789

10

1112131415161718192021

22

2324252627282930

31323334353637383940

4142434445464748

2

Tools for generating code from XSD include JAXB (Java Architecture for XML Binding) and XSD.exe (commercial). These tools allow the creation of classes from XSD or XML files. Output languages for these and other tools vary and include Java, C#, VB, C++, etc. Again this is not an exhaustive list as the list of such tools is large and growing based on the robust and vital nature of the ecosystem around these technologies and standards, making them an excellent choice to build on.

82. Data Models and Tools in practice

Having provided the context for data models and tools, there are several noteworthy standards being implemented in Smart Grid projects now, including the IEC Common Information Model, and Multi Speak. It is beyond the scope of this guideline to re-iterate the design and application of these important standards, however their effect use in the utility enterprise does require some advanced tooling such as Enterprise Architect or Rational. The CIM is a UML design, and thus is inheritance based, not hierarchical as with Substation Communication Language. There are efforts are harmonizing the two, and tools such as Web Ontology Language are useful in these efforts. A suggested reference is the CIM Users Group, at http://cimug.ucaiug.org/default.aspx. IEC 61970 is more about transmission (EMS, SCADA), and 61968 is more about distribution (DMS, OMS, GIS).

82.1 Information Security Principles and Practices for Smart Grid

Modernization of the electricity generation, trading, delivery and customer choices is making the power system critically reliant on the overlaid information infrastructure and involves integration of diverse, connected, interdependent and adaptive functions and applications to enhance grid reliability, improve capital and operational efficiency and ensure security of the electric grid and the information network.

The power grid operation systems have unique performance and reliability requirements. Often, owing to limited availability of computation, storage and communication capabilities in legacy and widely dispersed field devices, security mitigations commonly effective in business domains can’t be deployed in power grid operation domain. Examples of such limitations include legacy IED, slow serial links through which communications among substations, control centers and field equipments take place and plain absence of security functionalities in control system protocols like SCADA over Modbus or Distribution Network Protocol (DNP3). Hence ad-hoc deployment of firewalls, use of encryption in protocols or virtual private network (VPN) technologies for field and remote access, without comprehensive appraisals of security requirements for all applications, interfaces and information is unlikely to satisfy the security interoperability requirements Security is an “end-to-end” requirement. In order to ensure authenticated access control to critical infrastructure and key resources, authorized access to sensitive market and consumer data, reliable and timely equipment status notifications, reliable backup of critical systems, and audit capabilities that permit detection and reconstruction of crucial events, various security functions and data will have to interoperate with consistent security objectives across the grid.

Security is an important management and governance consideration for the organizations that are part of smart grid system. “Security management includes risk management, information security plans and policies, procedures, standards, guidelines, baselines, information classification, security organization, and security education.” [3] These components serve as the foundation of an organization’s security program. The objective of the security program is protection of assets and people. Assets may be tangible (computers, devices, facilities, supplies) or intangible (reputation, data, intellectual property). The destruction of power grid systems and assets would have a debilitating impact on energy security, economic security, public health or safety. As computer systems are more integrated, the distinction between security and safety is beginning to disappear.

Fundamental design decisions must be made when constructing a security system. The more complex the security mechanism becomes, the lesser assurance it will usually provide, since it becomes harder to install, test, maintain, and use it. So the trade-off between functionality and assurance must be fully understood to make the right security mechanism choices when designing a system. Once the designers have an idea of what the security mechanisms should focus on (users, operations, or data), what layer(s), the mechanisms

1

12345

6

789

101112131415

16

17181920

2122232425262728293031323334

353637383940414243

4445464748

2

http://cimug.ucaiug.org/default.aspx

should be placed at (hardware, firmware, operating system, device, services, network, or application), and how complex each mechanism is, they need to build and integrate the mechanisms in such way that they have a proper relationship with other parts of the system.

Guidance for developing a security program is provided by the most common international standard used to be ISO 17799 which was derived from the British standard BS7799. A new series, ISO/IEC 27000, is used for assurance and security standards. In addition to the reference standards enumerated in the NIST document [1], the following standards are used as blueprints by organizations when developing a security program:

ISO/IEC 27001 (based on BS 7799 Part 2) – Establishment, implementation, control, and improvement of the information security management system. It employs the PDCA, Plan-Do-Check-Act model to structure the processes, and reflects the principles set out in the OECG guidelines [4].

ISO/IEC 27002 (known ISO 17799, based on BS 7799 Part 1) – Code of practice ISO/IEC 27004 – standard for information security management measurements ISO/IEC 27005 – assist on implementation of information security based on a risk management

approach ISO/IEC 27006 – guide to certification/registration process ISO 27033 - a multi-part standard, derived from the existing ISO 18028 standard; the first part,

ISO/IEC 27033-1, was published in 2009 (revision of ISO 18028-1:2006). ISO/IEC 27033-1 defines/describes the concepts associated with, and provides management guidance on, network security. It is intended to provide a roadmap and overview of the other parts of the ISO 27033 standard.

More information about these standards or future standards of ISO/IEC27000 series can be found at ISO/IEC Web site [6]. In addition, security standards for different aspects emerged (status of approval has to be checked) from ISO such the following [6]:

ISO27000:2009 - Information technology: Information security management systems, Overview and vocabulary

ISO27007 - Guidelines for Information Security Management Systems Auditing ISO27008 - Guidelines for ISM auditing with respect to security controls ISO27011 - Information technology: Information security management guidelines for

telecommunications ISO27033 - Network Security ISO27799 - Health Informatics: Information security management in health using ISO/IEC 17799;

it can be used for other industry sectors.

A blueprint lays out the security solutions, processes, and components the organization can use to match its security and business needs. Blueprints are important tools to identify, develop, and design security requirements for specific business needs. These blueprints are customized to fulfill the requirements of an organization or a business unit. For example, if an organization does not use identity management, there is no need to build a blueprint for this. Figure 24 shows an example of a blueprint, mapping security and business requirements for the smart power grid adapted from [3

1

1234

56789

1011121314151617181920212223242526

27282930313233343536

373839404142

2

Figure 24—Blueprint Mapping Security and Business Requirements, adapted from [ISO/IEC 17799 and reference XXX3]

1

1

234

2

83. Security Process

Information security consists of measures to prevent the unauthorized use, misuse, modification, or denial of use of data, information, or capabilities. Information security is a continuous process comprised of key activities such as risk assessment, policy, deployment, training, and audit:

Risk Assessment. An assessment is used to determine the value of the information assets of an organization, the threats they are exposed to and vulnerabilities they offer, and the importance of the overall risk to the organization. The assessment is accomplished by following the risk management approach.

Policy. Policy defines how security should be implemented. Policy defines the proper mechanisms to use to protect information and systems as well as physical security. It includes several aspects such technical aspects, best practices, preventative measures, employees, incident response, administration and management, etc.

Deployment. Security policies, standards and measures to be effective should be implemented by an organization practicing due care and due diligence.

Training. Awareness training is the mechanism to provide necessary information to employees. Audit. This function ensures that controls are configured and monitored correctly with regard to

policy. Functions include policy adherence audits, periodic and new assessments, and penetration testing.

Figure 25—Continuous cycle of the Security Process MIKE CODDINGTON (AND COLLEAGUES??) TO CHANGE IT TO BLACK AND WHITE VISIO

DIAGRAM

Figure 25 shows the steps of information security process. The basic components of Information Security are Confidentiality, Integrity, and Availability (CIA):

Confidentiality is the concealment of information. Integrity refers to the improper or unauthorized change of information. Availability refers to the capability to use the information or desired resources.

84. Security Engineering

Although aspects of security engineering practices are identified in the recent documents published by NIST [1, 2], this section focuses on security engineering principles required for the specific requirements for smart power grid. Security engineering is defined as follows:

1

1

234

56789

101112131415161718

19

21222324252627282930

31

3233

3435

363738

39

404142

2

“Security engineering is about building systems to remain dependable in the face of malice, error, or mischance. It focuses on the tools, processes, and methods needed to design, implement, and test complete systems, and to adapt existing systems as their environment evolves.” [Need to cite]

Security engineering deals with the development of detailed engineering plans and designs for security features, controls and systems of the smart grid. The main objective is to support functional and user requirements with an added dimension of constraints and restrictions to prevent misuse and malicious behavior. These constraints and restrictions are often asserted as a security policy. Each organization will need to perform a risk assessment to determine the applicability of the recommended requirements in NIST document [1] [check] including measurable goals, use cases, types of requirements as they apply to the specific business strategy and applications of each organization.

Examples of types of requirements include the following: [Map these to utility-specific cases and experiences]

A) Customer Requirements define the expectations of the system in terms of mission objectives, environment, constraints, and measures of effectiveness and suitability. The customers are those that perform the eight primary functions of systems engineering, with special emphasis on the operator as the key customer. Operational requirements will define the basic need and, at a minimum, answer the questions posed in the following listing:

Operational distribution or deployment: Where will the system be used? Mission profile or scenario: How will the system accomplish its mission objective? Performance and related parameters: What are the critical system parameters to accomplish the

mission? Utilization environments: How are the various system components to be used? Effectiveness requirements: How effective or efficient must the system be in performing its

mission? Operational life cycle: How long will the system be in use by the user? Environment: What environments will the system are expected to operate in an effective manner?

B) Functional Requirements describe what has to be done by identifying the necessary task, action or activity that must be accomplished. Functional requirements analysis will be used as the top-level functions for functional analysis.

C) Non-functional requirements like scalability, interoperability, performance etc. specify criteria that can be used to judge the operation of a system, rather than specific behaviors.

D) Performance requirements describe the extent to which a mission or function must be executed; generally measured in terms of quantity, quality, coverage, timeliness or readiness. During requirements analysis, performance requirements will be interactively developed across all identified functions based on system life cycle factors; and characterized in terms of the degree of certainty in their estimate, the degree of criticality to system success, and their relationship to other requirements.

E) Design requirements describe the “build to,” “code to,” and “buy to” requirements for products and “how to execute” requirements for processes expressed in technical data packages and technical manuals.

F) Derived requirements that are implied or transformed from higher-level requirements.

G) Allocated requirements that are defined by dividing or otherwise allocating a high-level requirement into multiple lower-level requirements.

H) Security requirements that are defined for information technology systems and industrial control systems to:

1

123

456789

10

1112

1314151617

181920212223242526272829

3031

3233343536

3738

39

4041

4243

2

Prevent disruption of service and productivity Prevent unauthorized modification of systems and information Prevent unauthorized disclosure of systems and information.

In specific context of the power sector, we could extend the security requirement to include the following services:

Prevention, Containment and Recovery Services Cascading events evolution Disturbance/Noise aggravation by inappropriate local actions Coordinated Responses Near real-time, split-second responses Anomaly Detection & Notification Services Recovery & Restoration Services Event Collection & Tracking Services

The security objective is in general to address the security services:

Availability Integrity Confidentiality of information.

Security requirements are classified as follows:

Functional requirements that Determine logical & physical data architecture Define user roles Determine access needs Map users to data access Define criteria to data access Identify data owner Identify security policies Define security requirements for a particular business solution (ex. Portal, control, marketing,

etc). Assurance requirements that

Determine level of concern (data protection level) Determine probability of data insecurity Determine business impact from data insecurity.

Therefore, security engineering for the smart power grid systems is about ensuring that systems are predictably dependable in the face of all sorts of threats. The systems and applications must also be resilient to error. In addition, the responsibility of the security engineer in twenty-first century is to ensure protection of systems that evolve constantly and face a changing spectrum of threats.

85. Security Policy [Add sources; NERC, SGIP, NIST….(at least one non-U.S. reference) IEC 62351, IEC 62443

Security policy is a definition of what it means to be secure for a system, organization or other entity. For an organization, it addresses the constraints on behavior of its members

1

123

45

6789

10111213

1415

16171819

20

212223242526272829303132333435363738

3940

4142

2

as well as constraints imposed on adversaries by mechanisms such as doors, locks, keys and walls. For systems, the security policy addresses constraints on functions and flow among them, constraints on access by external systems and adversaries including programs and access to data by people. A security policy is defined by senior management or a selected committee of an organization. The security policy can be an organizational type, a specific issue type, or system type. A security program should include security policies, standards, guidelines, baselines, procedures, security awareness training, incident response plan, and a compliance program. These terms are described in ISO/IEC 27000 series and specific aspects of implementation may be provided by Department of Energy.

86. Information Security Architecture Framework

As discussed above, information security consists of measures to prevent the unauthorized use, misuse, modification or denial of use of data, information, or capabilities. It provides mechanisms to protect information and information systems to ensure security services such as Confidentiality, Integrity, and Availability. However, the priority order of these services will be reversed in the order such as Availability, Integrity, and Confidentiality for most systems or applications of the smart power grid.

There we need to clarify that information security is not equivalent with computer security or information assurance concepts that are frequently used interchangeably. Although there are common security goals for ensuring the security services, there are differences in the methodologies and techniques used. Information systems are decomposed in three main components: hardware, software, and communications.

[NEED A DIAGRAM AND PRINCIPLES LIKE

TECHNOLOGY NEUTRALITY, SIMPLE CORE AND SMART APPLICATIONS, EVOLUTION ACROSS SCALING ]

87. Information Security Risk Management

Risk is defined as the probability of a threat agent exploiting vulnerability to cause harm to a computer, network, system, or company, and the resulting business impact. Risk is the basis for security. Risk is the potential for loss that requires protection. If there is no risk, there is no need for security. When risk is examined, the vulnerabilities and threats must be identified. Threats without vulnerabilities pose no risk. Likewise, vulnerabilities without threats pose no risk.

The information security risk management process consists of two main sub-processes: risk assessment and risk management (risk handling and mitigation).

Each of these sub processes can be implemented by using many different methods. For example there are many risk identification techniques, such as checklists, flow charts, scenario analysis, fault tree analysis etc. Likewise, there is a plethora of qualitative or quantitative approaches for risk estimation. There are various techniques that can be used to determine the depth of risk assessment required in a given instance. Therefore risk assessment begins by identifying the appropriate approach to risk assessment, i.e. identifying methods or techniques of risk assessment that best suit the specific domain including internal and external interfaces of each domain.

Following the risk assessment, decisions need to be made on whether to avoid, transfer, accept or reduce the risks that have been identified. The selection of the appropriate methods for risk reduction is also a very important decision.

Risk management characterizes an overall process to identify, measure, control, and to minimize losses associated with uncertain events or risks. Risk management is in its third generation and analysis is based

1

123456789

10

11

1213141516

17181920

21

2223

24

2526272829

3031

32333435363738

394041

4243

2

on a whole system approach. Third generation tools document the system’s purpose and behavior, structure, relationship to its environment, and history all in a common framework. The new control systems evolved to modern control systems with open interconnectivity that imposes a rigorous risk management. However, the criteria for choosing the adequate approaches for smart power grid is challenging because of specific architecture of smart power grid with three main interacting components: electric grid, industrial control systems, and information technology systems.

In addition information security risk management is an ongoing process during the life cycle of each organization. As the conditions in the internal and external environment of a domain continuously change traditional risk assessment methods become difficult to apply. It is evident that in order to be effective the risk management process itself should not remain static, but should rather be improved and adapted to the rapidly changing environment of the power grid business functions and infrastructure. Risk assessment processes, refinement through constant review and updating is considered critical.

One reason is that power grid entities of all sizes are identifying more activities that are increasingly dependent upon information technology (IT), mission-critical in nature, and verifiably time-sensitive, methods of protecting IT and industrial control assets and the entities that they support have gained a prominent need. In dealing with business operations, functions, and entities dependent upon varying levels of IT integration, risk must be identified and managed so that continued operations can be assured. Each organization should determine the risk management methodology best suited to the specific domain. A methodology that is created for one domain may be entirely inappropriate for another.

Furthermore, as conditions change over time in the external and the internal environment of each domain, the risk management methodologies have to evolve accordingly. Managers and practitioners with experience in risk management recognize the need to monitor the information security risk management process itself and acknowledge that, for companies to rely on their risk management processes, refinement through constant review and updating is critical to create effective information security management system.

88. Risk Assessment

The first phase called risk assessment includes analyzing assets, identifying value of information and assets, identifying vulnerabilities and potential risks (due to threats), risk reducing measures, and decisions related to the acceptance, avoidance, or transfer of risk. This activity is performed by risk analysis team. Risk assessment characterizes both the process and the result of analyzing and assessing risk. Because the smart grid includes systems from the IT, telecommunications, and energy sectors, the risk assessment process is applied to all three sectors as they interact in the smart grid [2].

89. Risk Analysis Team

The risk analysis team must include personnel from key areas of an organization such as management, engineering staff, security experts, process control engineers, IT architects, application analysts, programmers. The risk analysis team members must be at the right levels of each area in terms of understanding the processes, business objectives, engineering principles, technologies, and regulations.

90. The Value of Information and Assets

The value of information supports security measure decisions. When assessing the value of information, the same logic is applied to assets such as facilities, systems, services, resources, supplies, and employees. In order to assess what is in danger it is necessary to evaluate what it is worth. Information and an asset can have quantitative and qualitative measurements assigned to it. The actual value is determined by the cost it takes to acquire, develop, and maintain it. The value is determined by the importance it has to the owners, authorized users, and unauthorized users. Assets may be tangible (computers, devices, networks, systems, facilities, supplies) or intangible (reputation, data, intellectual property).

1

123456

789

101112

13141516171819

202122232425

26

272829303132

33

34353637

38

39404142434445

2

91. Identifying Threats

Threat assessment is a very detailed and, in some cases, difficult task.

Threats are classified as human (intentional or unintentional) and natural disasters. Many types of threat agents can take advantage of several types of vulnerabilities, resulting in a variety of specific threats. Once threats are identified on an application, system, business unit, or organization, corresponding vulnerabilities must be investigated.

92. Identifying Vulnerabilities

Vulnerability is a potential avenue for an attack and is a property of a system or its environment which, in conjunction with an internal or external threat agent, can lead to a security failure. Vulnerability is characterized by the difficulty and the level of skill that is required to exploit it. When identifying specific vulnerabilities, it is necessary to locate all the entry points to the organization and to find all access points to information (in both electronic and physical form) such as:

Internet connections Remote access points Connections to other organizations Physical access to facilities User access points Wireless access points

Failure modes and effect analysis (FMEA) is a method used to determine the location of a vulnerability as well as ramification of exploitation. This method supports determining functions, identifying functional failures, and assessing the causes of failure and their effects through a structured process. This is a systems engineering approach is also more recently adapted for use in evaluating risk management priorities and mitigating known threat vulnerabilities.

93. Risk Analysis Methods

Currently, different assessment methods and concepts are used for common Information Technology (IT) systems and new frameworks are emerging. Designers and users of control systems must evaluate the suitability, benefits, and cost-effectiveness of these frameworks. On the other hand, risk management for control systems is not a common practice and it is not based on a unique standard to follow. Approaches to risk analysis are classified as follows:

Quantitative – each element within the analysis (asset value, threat frequency, severity of vulnerability, impact damage, safeguard costs, safeguard effectiveness, uncertainty,and probability items) is quantified and entered into equations to determine total and residual risks

Qualitative – it does not assign numbers and monetary values to components and losses; it is based on qualitative measures resulted from analysis of different risk scenarios possibilities; techniques include judgment, best practices, intuition, and experience.

Hybrid (Quantitative and Qualitative) – a combination of both methods. Quantitative and qualitative approaches have their own benefits and drawbacks, and each method applies more appropriately to some situations than others. The risk analysis team should decide on methods and tools to be used.

Because collecting all the necessary data for risk analysis is difficult to be done manually, several automated risk analysis tools on the market can make the task easier, more accurate, and faster.

Steps of risk analysis are defined in standards and methodologies published by NIST, ISO/IEC, etc.

1

1

2

3456

7

89

101112

1314151617181920212223

24

2526272829

30313233343536373839

4041

42

2

Several risk assessment methods are currently emerging:

Check list based Cause-consequence analysis Hierarchical holographic modeling Fault tree analysis Event tree analysis Attack tree analysis Capability based attack tree Vulnerability tree analysis Failure Mode Effect and criticality analysis

These methods can be used with some limitations for assessing risk of various environments.

Risk analysis is essential to the determination of the controls necessary to securely operate a control system that contains valuable, sensitive, and critical information. Therefore, more commonly we need to ask additional questions. Risk assessment enables a strategic approach to risk management that can challenge a standard business case. It is essential that the process of analyzing and assessing risk is well understood and executed on a timely basis.

When assessing the risks for control systems, it is necessary to customize the general approaches to include activities such as follows:

Identify the systems characteristics that make them different from common Information Technology (IT) systems.

Identify the risks associated with end points because securing endpoints we can find means to manage the problem of industrial control network contamination and infestation.

Identify the risks to safety that impact loss of human life or compromise national security. Identify the asset value based on criticality and survivability criteria. The annualized loss

expectancy (ALE) should be computed using other criteria than the product of single loss expectancy (SLE) multiplied by annualized threat rate of occurrence (ARO). In case of control systems, when the expected threat frequency is factored in the equation, the significance of the risk factor gives misleading information. For example, the frequency of a terrorist attack is mostly unknown or difficult to predict. If a natural hazard may occur once in 100 years or 10,000 years, then the value of annualized rate of occurrence is very different, spanning from a rate of 1/100 to 1/10,000. As a result, the annualized loss expectancy cannot be determined in some situations, or may be a misleading value because it cannot be always determined accurately.

Include confidentiality, integrity, and availability when assessing the value of the assets. Identify the level of uncertainty when analyzing the threat event, threat impact, or threat frequency. Balance the use of both quantitative and qualitative methods for performing risk analysis such that

the outcomes of the methods provide the best information which is an assessment or measurement of risk.

Assign qualified risk analysts. The analyst should be experienced in control systems development with a sound understanding of the broad issues of control systems.

Enable a strategic risk management approach that supports information that is critical in decision making.

Uses of automated and “What-if” analysis tools provide a suite of alternative strategic approaches for risk management.

Maximize consistency and thoroughness of vulnerability analysis for control systems that includes hardware, software, Internet access, environment, and people.

1

1

23456789

10

1112

1314151617

1819

202122232425262728293031323334353637383940414243444546

2

Use integrated models for risk analysis to support a proactive and predictive solution to risk management.

Use process control model that enables a closed loop to enforce a minimum level of security. Use system identification model to produce a model based on system identification and process

control methods and how they could apply to control systems. Among the challenges associated with applying security risk management is that it does not mean a single task. Rather, information security management, particularly risk management, comprises a collection of activities whose ultimate purpose is to produce a model meeting business needs and user requirements. These activities should be based on system identification concepts. System identification is described as the method of “developing empirical mathematical models of systems based on excitation and response measurements”. A model is essential to analyze system properties and risks, perform simulation, prediction, state estimation, monitoring, fault diagnosis and control. System identification model is a collection of activities to produce a model that meets user requirements. These activities include experiment design, model structure selection, parameter estimation, and model validation. System identification is an interdisciplinary approach that uses systems theory, signal processing, optimization, and statistics methods. Considering the nature of high speed malware spread in a network including the damages and losses that cause to the attacked device or network, we need to identify the security risks and model the dynamics of control systems to find an optimal solution to monitor for cyber attacks. We need to control the ongoing cyber attacks using prediction models based on parameter estimation using data collected by process control devices and specialized software. Statistical and machine learning approach are techniques that can be used to estimate and derive optimum parameters to control the ongoing cyber attacks as well as fault propagation to several devices connected to control systems. In other words, we can also use the principle of locality to minimize the damages of control systems and stop propagation of cyber attacks to a larger scale.

Security problem is about to understand what the problem is and how to manage it. By using process control model, we can identify metrics that have greater impact on security. For example, a SCADA network and the endpoints that populate it can be expressed as a closed loop process control problem.

Therefore, use of engineering methods based on system identification and process control lead to building more accurate and more complete models for improving security risk management of control systems.

94. Protection Mechanisms and Controls:

Identifying current security mechanisms and evaluating their effectiveness are very important steps before selecting the security measures (or safeguards). However, considering and choosing the appropriate measure requires a cost/benefit analysis approach. The cost of countermeasure includes many items from product cost, implementation, and maintenance to effects on productivity, compatibility with other measures, and environment modifications. For a full list of the items, it is required to identify recent published documents.

95. Total Risk vs. Residual Risk

There is an important difference between total risk and residual risk and which type of risk a company is willing to accept. There is always some risk to deal with; this is called residual risk. Controls gaps should be identified too; this is the protection the control cannot provide. The following conceptual formulas show the difference:

Threats x vulnerability x asset value = Total Risk (Threats x vulnerability x asset value) x controls gap = Residual Risk Total Risk – countermeasures = Residual Risk

[AMI and OMS examples may be appropriate here]

1

123456789

101112131415161718192021222324

252627

2829

30

313233343536

37

38394041

4243444546

2

96. Risk Handling and Mitigation

The second phase of information security management includes the process of assigning priority to, budgeting for and finally implementing and maintaining appropriate risk reduction measures.

After the amount of total risk or residual risk is determined, the management must decide how to handle and mitigate the risk. Risk can be handled in different ways: transfer, reject, accept, or reduce.

If an organization decides to terminate the activity that is introducing risk, this is known as risk avoidance. For example, if an organization allows Email or instant messaging applications from a computer connected to SCADA control systems, there are many risks using these applications. Discontinuing these services is an example of risk avoidance.

Risk mitigation is an approach where the risk is decreased to a level considered acceptable enough to continue a business activity. The implementation of security technologies (firewalls, intrusion/detection and prevention systems, cryptography, training, etc.) represents a way of reducing the risk.

Risk acceptance is an approach used when the cost/benefit ratio is greater than 1, which means that the cost of the countermeasure outweighs the potential loss value. However, risk acceptance should be based on other factors.

Also, people engaged in risk management tasks in different functional areas of a domain should be able to exchange knowledge. One of the characteristics of a successful risk management is the capability to diffuse knowledge in the right directions among domains of the power grid.

People within a domain working in different functional areas but sharing the knowledge of practicing risk management would considerably benefit by participating and collaborating in a network of practice. One approach is a network of practice for risk management, which cuts horizontally across a vertically integrated domain. By being part of this network people from the information security function can gain access to the knowledge necessary for improving their risk management approach.

97. Security Life Cycle Planning

Information security is a continuous orchestration of development, testing, assurance, deployment, ongoing monitoring and improvement against new vulnerabilities and emerging threats. Once operational, security devices and applications will need developers and security engineers to continue focusing on detection, removal, and reduction of vulnerabilities introduced during the System Development Life Cycle (SDLC). This effort needs to be complimented by security policy life cycle planning which responds to emergence and discoveries of new security risks by adjusting policies, processes, technologies and related controls. Finally data security life cycle which describes data access control, usage and retention, needs to be part of the security policy and security development life cycle so that information leakage likelihood is minimized through the creation, transformation, proliferation, retention and destruction cycle.

As an example, a representative development and deployment lifecycle for software security could include the following phases

Requirement analysis and planning o Risk management planning, risk assessment, threat modeling, security appraisal,

and categorization Acquisition and Development

o Best practice and quality compliance; minimize design and development defects, source code scanning for security holes and compliance failures.

Deployment

1

1

23

45

6789

101112

131415

161718

1920212223

24

252627282930313233

343536373839404142

2

o Installation, testing and assurance, integration, security certification, security accreditation

Operations and maintenanceo Performance measurement, monitoring, maintenance, configuration

management and control, prevention, detection and incident response Decommissioning

o Information retention, hardware and software disposal

Defects introduced during the system development or testing phase contributes to potential vulnerabilities. Hence improving the general quality of product development contributes to improved security. Similarly defects in operating environments of the power system give rise to reliability and safety vulnerabilities. Security risks arise from a combination of the presence of an attacker, an attack goal, vulnerability in the system and the consequence of a successful attack.

98. Security Models

A model is a symbolic representation of a policy that should be enforced in the system. It maps the abstract goals of the policy to information system terms. Security model is an important concept in the design and analysis of secure systems. Several security models have been developed to enforce security policies. However, we recommend the following models:

Information Flow Model is based on object security levels. It deals with any kind of information flow; not only from one security (or integrity) level to another, but object-object information flow is constrained in accordance with object’s security attributes. Developers and architects have to ensure that the covert channels (storage and timing) do not exist.

Threat Model Vulnerability Model Non-interference model allows ways to prevent subjects operating in one domain (e.g., financial)

from affecting each other in violation of security policy Brewer and Nash model allows controls to ensure that there is no conflict of interest; it provides a

way of separating competitor’s data within the same integrated database. If a user accesses one organization’s data, the competitor’s data can automatically be deemed “off limits”.

[Risk is dynamic and needs to be evaluated continuously- security is time-varying; add discussion on this topic]

The evolving smart grid faces extremely dynamic threat environment which requires continuous re-evaluation of effectivenes of security technologie and processes in light of changes in attacker activity, attack paths and vectors or, simply, an improved understanding of threats. Increasing complexity of the smart grid make operational mistakes more likely. As efficiency imperatives operate the power system closer to capacity, likelihood of equipment failures changes.Vulnerabilities are really defects in the system which attackers might be able to eventuate once discovered. In addition to structural and static vulnerabiliities, complex interaction dynamics often creates or exposes new vulnerabilities. As an example a substation device which can only take 6 character password has the structural vulnerability of weak authentication combine with the operational vulnerbility of no password refresh mandate to change the overall vulnerability higher..Risk assessment involves mapping of the vulnerabilities through known and emerging threat models and is driven by a continuous iteration of vulnearbility and threat dynamics and evolution. Changes in a software application, system or environment require a reassessment of risks, so risks evolve in time. This situation requires a reevaluation of security measures to decrease the risk. Because of the dynamic nature of temporal figures in the many elements that affect the total risk, an absolute value, even if it could be calculated, would be meaningful for a very limited time.

1

1234567

89

10111213

14

15161718

192021222324252627282930313233343536373839404142434445464748

2

99. Smart Grid Layers of Interoperability

Conceptually, the smart grid is composed of four layers:

Decision Intelligence Communication and IT Sensor/Actuator Power Conversion/Transport/Storage/Consumption.

At the center of the power grid is the decision intelligence layer supported by the communication and information technology layer consisting of computer software that runs in relays, IEDs, substation automation systems, control centers, and enterprise back offices. This view of smart grid requires implementation of distinct security protections for each layer.

99.1 Communications

99.2 Fit with architecture

The principle consideration here is how the communication capacity affects the nature of the distributed architecture. For both local islanding for resiliency, and maximizing limited communications with respect to fast responses needed for certain sense-control-act cycles, the smart grid will be distributed. Local decisions may report back to central control quickly, but local data acquisition and initial processing is the preferred mechanism for most of the system.

Communication availability may also require a certain ruggedness or backup capability, since a storm could remove smart grid communication at a time of major power failures, rendering the smart grid unavailable at the time it is needed most. This thinking should lead to not only alternate paths, or media, but also issues such as antenna profiles in hurricanes, prioritization of data communications in situations of common carrier use, but remote powering of all in-path components of communication by means other than the grid power itself. Otherwise we could have a classic in-band control problem, in which the thing being controlled is required for the sense-control-act cycle to complete.

100. IT issues with various types – e.g. Zigbee is not accepted for U.S. Department of Defense work because it is not in the Federal Information Processing Standards.

Smart Grid applied to military or federal applications (e.g. Navy bases as a prime example) need to consider that some communications capabilities are not (yet) FIPS compliant. The smart grid architecture should keep such choices limited in effect, so that most of a federal smart grid deployment is similar to any other.

101. Adaptability of architecture to new communication choices

Communication choices probably change at a rate second only to software, so smart grid architectures must follow a layered approach as evidenced by the four decades of TCP/IP serving through many software and architectural phases and ‘fashion trends’

Utility conferences have shown that one of the most common issues needing to be addressed in the smart grid is the design of the wide area communication system. Utility assets are all around the countryside. Data communications architecture affects data rate performance, the cost of distributed intelligence and the identification of security susceptibilities. There is no single communications technology that is suitable for all utilities or even for all operational areas across any individual utility. Rural areas may be served by BPL; while urban areas benefit from MPLS and purpose designed RF mesh networks, enhanced by their

1

1

2

3

456789

1011

12

13

1415161718

19202122232425

2627

28293031

32

333435

363738394041

2

proximity to fiber. The smart grid architecture focuses on security, with standardized interfaces that can accept new technology, enablement of remote configuration of devices to minimize any touching of smart grid devices once installed and future-proofing the protocols. A new network of IP enabled devices can be managed with assets originally designed for telecomm carriers. Utilities do not want a communication network rebuild within five years of deploying an AMI-only network. Communications architecture also considers power outages, so battery back-up, solar recharging, or other equipment may be required, since the smart grid state needs to be sensed even when the part of it is without power. Even such arcane details such as the antenna on a smart grid wireless device being the first thing to blowing off in a hurricane are considered.

102. Prioritization, public versus private networks, estimated data rates for nominal, event, storm situations; redundancy for control

Public versus private smart grid communication also has several non-technical decision points, such as rate recovery, multiple uses, utility pre-disposition to owning assets, federal communication authority frequency set-asides, and availability of rugged versions of communication components.

103. Legacy electric power systems and the smart grid

[This section needs to be slimmed down and focused more on the “interoperability” aspects of legacy systems and the smart grid and the interactions with loads, end-use applications, and satisfying stakeholder requirements.]

103.1 Introduction

Meeting the needs of smart grid stakeholders requires consideration not only of the end-state when the smart grid vision is realized, but the evolutionary period to that state during which the legacy infrastructure will be used side-by-side with new technologies. To transition legacy networks into intelligent and more secure electrical infrastructures, utilities will need to define the smart grid objectives best suited to their own customers and community and develop the best path to achieving standards-based smart grids based on interoperable solutions and flexible business processes.

Because the implementation of the smart grid blends skills from the generation, transmission and distribution groups with the skills of information and communication technology groups, it is important that all parties take the time to understand the traditional approach the other has taken and learn how those principles can be applied in the new system.

103.2 SCADA Communications

Prior to 1940 little use was made in the electric utility industry of SCADA, which at the time was called Supervisory Control. In the mid-1950’s the term SCADA, Supervisory Control and Data Acquisition became vogue. After 1945, all major distribution and transmission substations were manned 24/7 by at least one individual. Regional distribution operating centers were in common use. In some cases the distribution operating center also functioned as a call center, taking customer trouble calls, dealing with billing issues and connects and disconnects and by telephone.

From the 1920s until late mid 1960s the electric power industry experienced gains in efficiencies of generation and transmission systems that resulted in continuing reductions in energy cost to the customer. As the gains in efficiency began to decrease the manned substation labor costs became a prime target for cost reduction. In the 1950s, a movement took place in the older urban and suburban electric utilities to move away from the concept of a manned substation to installation of local automated control and the application of SCADA.

1

123456789

1011

121314

15

161718

19

202122232425

26272829

30

313233343536

373839404142

2

One utility’s criteria for applying SCADA was based upon the determination that the cost of conversion from manned to unattended operation had to have a five year payback based on the saving in labor costs . The complete conversion program took about 15 years. Some of the converted substations were 65 to 75 years old. The conversion of substations was achieve by the installation of automatic line reclosing devices, automatic voltage regulators, automation of house services, such as heating, sump pumps, fire protection etc and the installation of security technology. Dependence upon remote backup breaker protection was eliminated with installation of local breaker failure protection and bus differential protection was required. All vital equipment, such as transformers, capacitors, and batteries were equipped with monitoring devices that were connected to a local annunicator system that had three levels of response: Immediate, Urgent, Delayed. Each of these levels were connected the SCADA as were all breakers and essential switching devices. Immediate Response meant that a troubleshooter was immediately dispatched to the station to observe the condition and take immediate corrective action. For example, a low battery alarm would be considered an immediate alarm.

104. Safety issues

Safety of the public was always a prime concern. When the substation operator was replaced by SCADA the knowledge that the substation operator had of local conditions was now missing. The number of times a breaker was closed into a fault had to be defined. For certain fault conditions the ability of SCADA to allow a remote operation to close into a fault had to be prevented until a troubleshooter could get to the site and determine the nature of the fault. If there was local work in progress on some substation equipment, some SCADA function had to have ability to be taken out of service locally by those involved in the local work. New tagging procedures and training had to be implemented.

105. Communications

An early barrier to substation automation was limitation on the distance that could exist between the SCADA control point and the substation. The SCADA system of the 1940s to mid 1960s were dc pulse coded systems. They were non scanning system which reported by exception. The electric utility industry, unlike water utilities, industrial facilities and gas facilities, required a SCADA system to have a select before operate sequence. If an operator had a need to change the state of a breaker, he had to follow a procedure that had two or more steps. The minimum number of steps consisted of the selection and verification of the breaker that was to be operated. This was achieved by sending a signal to the breaker and then receiving a report back that the signal actually reached the appropriated breaker. The SCADA operator had to receive a visual indication in the form in the change of state of a panel light on the SCADA control panel. If there was no confirmation or an incorrect confirmation the operator was instructed to take no further action. Conversely, if a positive indication was received the operator would then perform the desired open or closed function. Once he preformed the function he expected to see a visual change of state within two seconds or less on the SCADA control panel.

The communication circuit for the early SCADA devices was supplied by a privately owned and operated wire line circuit or by a commercial common carrier. DC pulse voltages were 48 V, 125 V or 250V dc ungrounded. If the communication wire line path was supplied by a common carrier the maximum voltage utilized was limited to 48V dc that was supplied by the electric utility from and ungrounded battery.

Privately owned and operated communication systems were composed of twisted and transposed conductors with paper insulated cable (PIC). The most common wire gauge used was 18 or 19 AWG copper conductors. The common carriers use 19 to 26 AWG. With wire sizes of 18 gauge or larger it was possible to achieve distances of up to 5 to 35 or 40 miles on a conditioned telephone circuit. Because the common carrier circuits use smaller wire sizes and lower dc voltages the maximum distance between the remote terminal unit (RTU) at the substation and the control center was around 20 miles. This limited the application of SCADA mostly to the urban and suburban areas of the electric utility. These areas were usually co-located with the larger transmission and distribution substations.

1

123456789

10111213

14

15161718192021

22

23242526272829303132333435

36373839

4041424344454647

2

Experience with these communication channels showed that the private communications were more secure that those supplied by a common carrier. In the case of the common carrier the channels had to pass through one or more telephone exchanges. Even though these were dedicated circuits, personnel at the central office would cause interruption to the communication path or would inadvertently apply test signals to the communication channels that disrupted the control or cause misoperations of the SCADA system. The PIC cable had a lead sheath and was installed either underground or overhead. The sheath provided physical protection and moisture protection to the cable insulation. It also provided EMC shielding. Any imperfection in the construction of the cable would allow the ingress of moisture and a resulting deterioration of the functionality of the communication channels. This problem was common to both the privately owned communication system and the common carrier communication systems.

In the mid 1950s new insulation materials appeared in the marketplace for telephone cable like polyvinylchloride (PVC) and crossed link Pplyethylene (XLPE). These new material eliminated the need for using lead and had superior insulation characteristics. However the problem with moisture ingression was not completely eliminated as all cable have a certain number of pin holes per unit distance. With the elimination of lead sheathed cable other issues had to be considered.

Some privately owned utility telephone cable systems were built with a higher insulation level than those of the common carrier. One utility used 25mils of insulation compared to the standard 15mils of insulation on each conductor as was used by common carriers. The 25mils of insulation had a one minute ac withstand of 25 kV. Since much of the installation of its private communication telephone system was joint with it sub transmission and distribution system, the added insulation was better able to withstand a power cross than the common carriers’ communication system. Consideration had to be given to the surge protection and rise in ground potential for SCADA communication wire line circuits that terminated in an electrical substation. Use had to be made of surge protection that did not short the pairs of the communication circuit or result in the distortion of the dc pulse signal. Two and three winding neutralizing transformers were required at both ends of the copper communications circuit to protect the terminal equipment from longitudinal induction and rise in ground potential due to power system faults.

Beginning in the 1970s, Audio Tone equipment was integrated into the communication system used for the SCADA systems. Initially the dc pulses were used to key frequency shift audio tone signaling equipment that established communication between the substation and the distribution control center. Audio tone could be used with telephone multiplexing systems that eliminated the distance restriction problems associated with dc pulse systems applied directly to telephone pairs. It also allowed for the transmission of the signal via microwave using multiplexing groups and similarly via fiber optics. With the advent of the use of multiplexing to achieve better use of the communication facility it became necessary to give consideration to self healing alternate communication paths that would meet single failure criteria.

105.1 Technology aspects (of legacy systems and the smart grid)

[Still to be written] …inactive, electromechanical, power electronics, digital, software…

105.2 Market aspects (of legacy systems and the smart grid)

The historical focus of operation of the electric power system and its supporting organizations has been on maintaining reliability, safety and power quality at the lowest possible cost. This resulted in relatively rigid and complex pricing structures with annual rate changes based on sales revenue, installed assets, and relative price of inputs and electric power set regionally.

The advent of electric utility deregulation in the late 1990’s separated generation from transmission functions, although they remain linked indirectly through some large electric utility holding companies. This change created more dynamic market activity at the wholesale level and resulted in opportunities for intermediary business entities. The supporting organizations and information systems that were developed to manage market information was critical to this change. Specifically in California, significant efforts

1

123456789

10

1112131415

1617181920212223242526

2728293031323334

35

36

37

38394041

4243444546

2

were made to develop open metering and data communications standards and move away from proprietary, internal utility systems, culminating in California’s Electric Rule 22.

At the retail level of electric power consumption, the information systems to support the market have not dramatically changed. The introduction of smart meters and consumer energy information displays that have set the stage for more market based behavior and understanding of electric power, its use and constraints. Implementation issues, strongly associated with the continued use of non-open, proprietary standards, have hampered successful market penetration and consumer acceptance of these technologies.

Market operations are likely to change more at the retail level as a direct result of smart grid implementation over time, the indirect impact will be felt by transmission and operations as smart grid communication enables management of the peak demand and variations in overall demand.

106. New markets will be created

There are new sources of value that are being manifested in retail markets. Additionally, in some jurisdictions, legislation is mandating market incentives.

A notable example of this is capacity additions and load curtailment. This value has historically been bundled as part of our rate tariff, but in the smart grid world where energy storage has some places reached meaningful levels and local capacity is dispatchable or controllable; there may be opportunities for market based operations in these areas

As energy regulations and building codes increasingly call for greater on-site generation in commercial facilities, the role of the Transmission and Distribution grid may evolve from the (virtually exclusive)—divider and distributor of “bulk” generation electricity to load centers. This role may be more of an “insurance” function, providing reserves and other ancillary services to an increasing—and perhaps predominant—local supply of energy. There may be added costs for utility electric connections such as line charges or connection charges even if only used for backup.

Electric power rate design process may evolve from their present, statistical and after-the-fact bookkeeping basis, to a more dynamic, rational, market mechanism. Balancing Area Authorities are already contemplating 5-minute and real-time (i.e., 4-second) energy schedules, from the present 1-hour schedules. The discussions and negotiations on pricing contracts and facilities will become more collaborative as compared to the relatively one way discussions held today between the utility and the customer. There exists a potential market for "commodity brokerages" to purchase access to individual energy storage rights and do intra-day trading of energy based on local spot market pricing. This would allow less sophisticated or small scale users to participate in system load and price leveling.

107. Wholesale market pricing

Wholesale electricity markets can have extremely high price volatility at times of peak demand and supply shortages. The particular characteristics of this price risk are highly dependent on the generation supply portfolio to the market such as the mix of types of generation plants and relationship between demand and weather patterns. Price risk can be manifested by price "spikes" which are hard to predict and long term price "steps" when the underlying fuel or plant position changes for long periods.

"Volume risk" is often used to denote the phenomenon whereby electricity market participants have uncertain volumes or quantity of electricity consumed. Historically, it has been difficult to align accurate forecasting for demand and capacity for electric power due to the system complexity, coupling and regional variations. The introduction of substantial amounts of intermittent power sources such as solar and wind may have an impact on market prices.

Electricity retailers that buy from the wholesale market, and generators who sell to the wholesale market, are exposed to these price and volume effects and to protect themselves from volatility, they will enter into

1

12

34567

89

10

11

1213

14151617

181920212223

2425262728293031

32

3334353637

3839404142

4344

2

http://en.wikipedia.org/wiki/Intermittent_power_sources

"hedge contracts" with each other. These contracts vary by region due to different conventions and market structures. The most common forms are fixed price forward contracts for physical delivery and contracts for differences where the parties agree on a price for defined time periods.

Many other hedging arrangements, such as swing contracts, Virtual Bidding, Financial Transmission Rights, call options and put options are traded in sophisticated electricity markets. In general they are designed to transfer financial risks between participants.

There are many other adjacent markets such as coal and oil as well as ancillary markets that will not be discussed in this document, but have some impact on the system in setting the base rates for generation. It is anticipated that these market mechanisms will not be significantly affected by implementation of the smart grid.

108. Retail pricing schemes

Electricity Pricing and Peak Demand Constraints. Demand for electricity varies on a second-by-second basis, but follows fairly regular daily and seasonal cycles. Wholesale and retail prices depended on the mix of primary energy sources used to generate electricity and varied geographically based on what was available. Retail prices are traditionally segmented by customer type: residential, commercial, and industrial. Residential rates are often tiered--consumers pay more per kWh as they use more.

Time-of-Use Pricing. Given the issues associated with meeting peak demand, there was increasing use of electricity meters that not only measured the quantity of power supplied to a customer, but also when it was consumed. Time-of-use (TOU) metering enabled utilities to use price signals to help reduce peak demand. Retail tariffs that encourage consumers to reduce consumption during peak demand times are a result of this metering capability. Many utilities have begun installing smart meters that supply TOU data dynamically using a number of different communication channels.

Net Metering. Net metering is another way to encourage on-site generation, by enabling customers with small generating capacity usually from solar or wind facilities to upload excess power onto the grid. These customers generally received credit for any power they supplied, which was applied to their electricity bill. This also helps smooth load profiles, as solar power is the most common source of energy in net metering, and supplies extra power to the grid during daylight hours (peaking in the afternoon), when demand was often highest.

Demand Response. Demand response refers to systems designed to transfer wholesale price signals to retail markets and enable end-user response to those prices, thus helping induce reductions in electricity usage by consumers at critical times. TOU pricing and signals indicating high demand , together with price-sensitive load shedding or generation control are specific examples of demand response.

Carbon Cost: Cap and Trade or Taxes. Legislative actions are likely to effectively put a price on carbon dioxide and other greenhouse gas (GHG) emissions. The two main ways policymakers approached carbon pricing were taxes and cap and trade programs. Governing bodies could impose a straight tax on GHG emitters, but many economists favored the cap and trade model, which would set a limit on emissions and then allow companies or other groups the opportunity to trade carbon credits.

109. Forward view

As we move forward, critical elements that drive market structure will need to be agreed addressed:

Electric Utilities will be faced with clear criteria for interface In the future, they will have less control or even oversight of equipment installed “behind the

fence”

1

123

456

789

10

11

121314151617181920212223242526272829303132333435363738394041

42

43

444546

2

Who makes operating decisions for the EPS? How is control to be exercised? (mandatory or market-based) There will be increased use of micro grids (community energy systems) or islands within a facility Persistent elimination of utility discretion in dealing with customers Regulatory oversight of transition to smart grid will. Currently, organizations are at cross-purposes

of some regulatory agencies.

110. What is likely to change?

[Still to be written]

110.1 Regulatory aspects (of legacy systems and the smart grid)

[Still to be written]

1

123456

7

8

9

10

2

Annex A

(informative)

Bibliography

1

1

2

3

2

Annex B

(informative)

Power Systems Perspective: P2030 Smart Grid Interoperability

Reference Model Examples

The proposed power systems perspective methodology is applicable to all smart grid implementations. It is general enough to allow the implementation of newer technologies and changing conditions in the utility’s operational environment. The methodology does not provide for the implementation of any particular technology, product, or protocol.

Example 1 - Description: Smart Grid incorporates proactive use of customer DER and load control.

Step 1 – Smart Grid Goals:

Increase use of renewables by allowing a higher penetration of DG on the electrical distribution system.

Decrease existing spinning reserve by depending on DER and customer load control for spinning reserve.

Step 2 – Approaches to Meeting Goals: Create the ability to control all DG and all controllable loads including appropriate cycling of loads at the lowest levels available. (i.e. refrigerators, hot water heaters, etc.)

Step 3 – Relevant Power System Perspective Domains and Actors:

Domain ActorOperations/Control Distribution Operation/ControlDistribution Distribution SubstationDistribution Distribution Distributed Energy Resource (DER)Distribution Distribution Protection and Control DevicesDistribution Distribution Sensors and Measurement DevicesCustomer Point(s) of InterfaceCustomer Customer Distributed Energy Resource (DER)Customer Plug-in Electric Vehicle (PEV)Customer AC LoadsCustomer DC Loads

Step 4 – Power System Perspective Data Paths - D13 from Distribution Operation/Control to the Point of Interface at the Customer Domain is the only data path outside of the Customer Domain needed for this simple example. Data paths within the Customer Domain include D59 and D62.

Step 5 - Data Requirements of Data Path D13:

Controls loads by turning on and off large groupings of residential loads such as air conditioners and hot water heaters. This could be a simple off signal and ok to go on signal sent to thousands of receivers. Desired information transfer time is less than 30 minutes. Reliability is important. Data volume is in bytes for each receiver. Priority is important.

Controls loads by cycling through the use of home network technologies. Appliances such as refrigerators, hot water heaters, air conditioners, and household heating would be controlled. The

1

1

2

3

4

5678

9

10

11121314151617

18

19202122

23

242526272829

2

information is simple on or off signal with timing characteristics sent to thousands of receivers. Desired information transfer time is less than 30 minutes. Reliability is important. Data volume is in bytes for each receiver. Priority is important.

Controls whether the generator is connected or not connected to the electric power system. Customer controls whether they want the generator to run or not run. This is critical information with transfer time less than 3 milliseconds due to safety and protection issues. The reliability and priority is critical. The information is simple on/off signals (byte size).

Requires load levels at each residence on 10 second intervals. This data will be several bytes in size for each residence. The information transfer time is less than 10 seconds. The reliability, security, and priority are important.

Requires Generation levels on 10 second intervals for most renewable generators. This data will be several bytes in size for each generator. The information transfer time is less than 10 seconds. The reliability, security, and priority are important.

Step 6c – Map power system perspective data paths to communication interfaces and determine potential communication actors. Potential communication interfaces and actors include:

Actor 1 Actor 2 Comm. Interface

Power System Data Path

Utility Control/Operations /Enterprise LAN Backhaul/WAN E01 D13Utility Control/Operations /Enterprise LAN

Neighborhood Area Network (NAN) E03 D13

Backhaul/WAN Distribution Access Point (DAP) E04 D13Neighborhood Area Network (NAN) Distribution Access Point (DAP) E07 D13Neighborhood Area Network (NAN) Smart Meter/ESI E12 D13ESI/xAN Public Internet/Intranet/ISP E17 D13Utility Control/Operations /Enterprise LAN Public Internet/Intranet/ISP E27 D13Neighborhood Area Network (NAN) ESI/xAN E52 D13Neighborhood Area Network (NAN) Backhaul/WAN E65 D13ESI/xAN Loads E68 D59ESI/xAN Customer DER Network E16 D62ESI/xAN Smart Meter/ESI E14

Step 7c – Select appropriate communication from list developed in previous step.

Several options of communication interfaces are available. One good potential option is communication interface E3 to E12 which is from Utility Control/Operations/Enterprise LAN actor to Neighborhood Area Network (NAN) actor to Smart Meter/ESI actor.

Step 6i – Map data paths to IT interfaces and determine potential IT actors:

1

123456789

101112131415

1617

181920

21

2

Actor 1 Actor 2 IT Interface


Distribution Operations Demand Management J12 D13Distribution Operations Distribution Management J13 D13Demand Management Customer Energy Management and Control J23 D13Distribution Management DER (Local Generation) J27 D13DER (Local Generation) Customer Energy Management and Control J26 D62

Step 7i – Select Appropriate IT implementation from list developed in Step 6i.

Two options of IT interfaces are available. One good potential option for controlling customer loads is IT interface path J12 to J23 which is from the Distribution Operations actor to Demand Management actor to Customer Energy and Management actor. Another good potential option focused on DER control is IT interface path J13 to J27 which is from the Distribution Operations actor to Distribution Management actor to DER (Local Generation) actor.

Example 2 - Description: Smart Grid incorporates self healing distribution system. Where automated switching equipment isn’t available, work orders for manual intervention are needed. Monitoring equipment is available throughout the distribution system. Protection at substations is automated with alternative settings available for different situations.

Step 1 - Smart Grid Goals:

Heal distribution system as quickly as possible. Minimize extent out of outages within terms of adequate protection.

Step 2 – Approaches to Meeting Goals: Create full monitoring capabilities throughout the distribution system. Automate as much switching equipment as possible. Manual equipment that needs to be operated will have work orders dispatched automatically.

Step 3 – Relevant Power System Perspective Domains and Actors:

Domain Actor

Operations/Control Distribution Operation/ControlDistribution Distribution SubstationDistribution Distribution Protection & Control DevicesDistribution Distribution Sensors & Measurement DevicesCustomer Point of Interface

Step 4 – Power System Perspective Data Paths:

Data Path Actors

D2 From Distribution Substation to Distribution Operations/Control

D3 From Distribution Operations/Control to Distribution Sensors and Measuring Devices

D4 From Distribution Operations/Control to Distribution Protection & Control

D13 From Distribution Operations/Control to Point of Interface

1

12

34567

89

1011

12

1314151617

18

192021

2

Step 5 - Data Requirements:

Data Path

Actors Information Type Information Characteristic Information Transfer Time, Reliability and Priority

D2 From Distribution Substation to Distribution

Operations/Control

Outage data, current relay setting set, breaker position, transformer tap position, and report data such as oscillograms

With the exception of relay setting set and oscillograms this information is simple numeric data. Oscillograms are report type data that can be many MB or GB. Relay setting may include a simple numeric and a long file that may be requested.

All of this information with the exception of the oscillograms needs to be reported in less than 10 seconds. The oscillograms can be provided in hours. The reliability and priority for this data path is essential except for the oscillograms which are important.

D2 From Distribution Operations/Control to Distribution Substation

Breaker control, transformer tap control, capacitor control, and providing relay settings.

With the exception of relay settings this is simple on/off type control in the byte size.. Relay setting may include a simple numeric for determining relay set and a MB long file of data to be downloaded to the protective relay.

With the exception of relay settings this information needs to be provided within 10 seconds. The relay settings need to be provided within 30 minutes. The reliability and priority of this data is essential.

D3 From Distribution Operations/Control to Distribution Sensors

and Measuring

Request for data. Simple information request of byte size. Information needs to be provided within 10 seconds. Reliability and priority is essential.

D3 From Distribution Sensors and Measuring Devices to Distribution

Operations/Control

The distribution sensors and measuring devices provide outage data and analog measurements such as voltage, current, etc.

Simple numeric information with several bytes per sensor.

Information needs to be provided within 10 seconds. Reliability and priority is essential.

D4 From Distribution Operations/Control to Distribution Protection

& Control

Alternative protective relay settings, switch control, and capacitor control



D4 From Distribution Protection & Control to

Distribution Operations/Control

Outage data, switch status data, protection flags, capacitor status data, and oscillograms and other report data



D13 From Distribution Operations/Control to

Point of Interface

No data flow in this direction in this application of Smart Grid.

None None

D13 From Point of Interface to Distribution

Operations/Control

This logical connection provides loss of power data from each customer to the distribution operations and control.

Simple numeric data from up to thousands of customers.

Within 10 minutes for most situations. If number of respondents is 10s of thousands, longer timing permissible. Reliability and priority of this data path is important

Step 6c – Map power system perspective data paths to communication interfaces and determine potential communication actors. Potential communication interfaces and actors include:

Actor 1 Actor 2 Comm. Interface


Utility Control/Operations /Entreprise LAN Backhaul/WAN E01 D13Utility Control/Operations/Enterprise LAN Backhaul/WAN E01 D2Utility Control/Operations/Enterprise LAN Field Devices Feeder Network E02 D3Utility Control/Operations/Enterprise LAN Field Devices Feeder Network E02 D4

Utility Control/Operations /Entreprise LANNeighborhood Area Network (NAN) E03 D13

Backhaul/WAN Distribution Access Point (DAP) E04 D13

Backhaul/WANDistribution Substation Network (hotspot) E05 D2


1

123

45678

2


Neighborhood Area Network (NAN) Distribution Access Point (DAP) E07 D13Neighborhood Area Network (NAN) Field Devices Feeder Network E08 D3, D4Distribution Substation Network (hotspot) Field Devices Feeder Network E10 D3Distribution Substation Network (hotspot) Field Devices Feeder Network E10 D4Neighborhood Area Network (NAN) Smart Meter/ESI E12 D13ESI/xAN Public Internet/Intranet/ISP E17 D13Utility Control/Operations /Entreprise LAN Public Internet/Intranet/ISP E27 D13Neighborhood Area Network (NAN) ESI/xAN E52 D13Neighborhood Area Network (NAN) Backhaul/WAN E65 D13

Step 7c – Select appropriate communication from list developed in previous step.

Several options of communications are available. One potential solution is communication interface E3 to E8, E3 to E12, and E1 to E5. This solution will provide communication solutions to all the required data paths.

Step 6i – Map data paths to IT interfaces and determine potential IT actors:

Actor 1 Actor 2 IT Interface


Distribution Operations Distribution Management J13 D02Distribution Operations Distribution Management J13 D03Distribution Operations Distribution Management J13 D04Distribution Operations Distribution Management J13 D13

DER (Local Generation)Customer Energy Management & Control J26 D13

Distribution Management DER (Local Generation) J27 D13Distribution Substation MIC Distribution Field Device MIC J29 D03Distribution Substation MIC Distribution Field Device MIC J29 D04Distribution Management Distribution Substation MIC J30 D02Distribution Management Distribution Substation MIC J30 D03Distribution Management Distribution Substation MIC J30 D04Distribution Management Asset Management J31 D13Asset Management Mobile Workforce Management J32 D13Mobile Workforce Management Outage Management OMS/IVR/WMS J33 D13Outage Management OMS/IVR/WMS Geographic Information Management J35 D13

Step 7i – Select Appropriate IT implementation from list developed in Step 6i.

The IT interfaces identified in the table in step 6i will all need to be implemented to provide the functionality required by this smart grid implementation.

1

12

345

6

78

910

2

1

1

2

2

IEEE Standards - draft standard...

Documents

Transcript of IEEE Standards - draft standard...