by Scott A. Koehler, Telvent, and Lance A. Irwin, Schneider electric
As these drivers grow in strength, utilities are considering how to offset them with technology solutions that provide a fix now and a path to the future.
Smart Alarm Management
Work force efficiency never has been more paramount in control centers. Alarm management is a key element in day-to-day electric utility operations. SCADA systems automate and control many functions in transmission and distribution operations. Inefficient alarming detected by the SCADA, issued by the SCADA or both can lead to electric grid damage, plus serious injuries and safety risks.
An alarm management system must:
- Speed response to critical and uncommon events;
- Filter nuisance alarms and take automatic actions;
- Decrease errors and waste;
- Minimize time spent troubleshooting grid problems;
- Automatically generate reports; and
- Allow operators, dispatchers or both to focus on meaningful alarms.
Some alarming features to consider in system upgrades include:
Area of responsibility (AOR). Only the alarms for devices within the operator’s responsibility, as assigned by the system administrator, are shown on the system alarm and station alarm summaries. Establishing AORs is effective to restrict supervisory control, data entry, tag placement and alarm routing. AOR assignment can be restricted by console and user to prevent assignment of AORs by anyone outside a control room.
By-point alarm inhibit. Operators can inhibit individual points for alarm announcement. Events still are generated and appear in the event summary with an alarm-inhibit flag to distinguish them from other events.
Triggered programs. The system can be configured so specific alarms or events automatically trigger or activate programmed actions in response.
Disturbance mode (storm mode). Alarming can be configured to operate in disturbance mode, where low-priority alarms are not processed. Alarm disturbance mode suspends the processing of lower-priority alarms during periods of peak alarm volumes.
Alarm suppression. Control-initiated alarm suppression and hierarchical alarm suppression:
- Control-initiated alarm suppression: Operator-initiated commands can cause many alarms to appear as direct results of the command. Control-initiated alarm suppression prevents these alarms from cluttering the alarm table.
- Hierarchical alarm suppression: Hierarchical alarm suppression will prevent large numbers of alarms from cluttering an operator’s display when they are triggered as the result of a single device’s going into alarm.
Dynamic Alarm Limits
Limit values depend on pre-defined input signals. Dynamic alarm limit can be profile-based, analog-based or interval-based. For example, this functionality is useful when the maximum operational current of a transformer depends on weather temperature.
More solutions are becoming available to help electric utilities optimize distribution operations effectiveness and efficiency. Smart alarming management collects and analyzes real-time data from intelligent field devices and recognizes and automates appropriate network adjustments. The smart alarming solution identifies events judiciously at every level and helps operators focus on significant performance issues and improve their response. Combining smart operations and smart alarming is a significant step toward a streamlined, effective and safe smart grid.
Utilities are considering optimization of distribution performance through advanced distribution management system (ADMS) solutions that integrate an advanced-technology SCADA with a DMS and outage management system (OMS)—a solution that enables a high-performance network model and automated control of many critical resource functions for efficient distribution. SCADA/DMS/OMS technology can lure hackers, cybercriminals and cyberterrorists; the same SCADA system functionality used to control and manage an information network could be used to blind an organization to attack, confuse, provide false information and prevent required actions—and wreak havoc on the electric grid, water-pumping plants or oil pipelines.
Proprietary, nonadaptable monitoring and control systems not designed for secure operation as part of a comprehensive technology solution are no longer acceptable.
The need for cybersecurity
Cyberattacks on infrastructure, according to the U.S. Cyber Command, increased 17-fold between 2009 and 2011. In the past, SCADA/DMS/OMS systems ran proprietary protocols on isolated networks. This eliminated many potential threats, but it also limited utility access to their own information and increased the total cost of ownership of data management. New SCADA/DMS/OMS solutions embrace industry standards and open-system design and allow connection to corporate networks that are connected to the Internet. Access and information is shared with applications and authorized users across the entire enterprise, significantly increasing the threat and vulnerabilities that must be addressed through security controls.
Security standards, regulatory concerns
Leading industry groups and standards organizations have taken up the cybersecurity challenge and are creating guidelines, standards and certifications for the protection of critical information technology systems. In many industries, compliance will be mandatory and will require a certification of compliance signed by a corporate officer. The standards are expected to evolve as new technologies and threats appear. Changing standards require that technology be flexible enough to maintain the current best practice for security. The modern SCADA must provide the cost, performance and interoperability advantages of an open system and improve the security offered by older, proprietary equipment and systems. System administrators should implement security standards that have passed a rigorous peer review, such as Internet Protocol security (IPSec), SSL, Kerberos and X.509 digital certificates. This standardization secures the system. Eliminating the need to review a complex, proprietary security protocol makes security audit, certification and accreditation much easier, practical and effective.
A utility that wants to establish a robust, secure, reliable SCADA solution that will meet current and future needs should target a system that:
Complies with North American Electric Reliability Corp. (NERC) critical infrastructure protection (CIP) and National Institute of Standards and Technology Interagency Reports (NISTIR) 7628 guidelines.
Has access control and event logging. A system based on Windows or another platform with access control capabilities prevents accidental or malicious acts from affecting the system. Only authorized personnel can access services. All file access, permission usage and alterations to security policies are logged and can be tracked for auditing. Host-based firewalls on every machine minimize the threat surface. A system should lock down operator accounts to prevent any user access beyond the control room user interface, as well as the installation of unauthorized software. Virtual private network (VPN) connections allow users to access the system network securely from the insecure public and corporate infrastructure for management, maintenance and operations. Highly granular, asset-based, access control supports all operational requirements and limits an operator’s access to only those devices that fall under his or her jurisdiction.
Has electronic security perimeter (ESP). Network model promotion in an established ESP environment allows secure update without threatening the system’s operational capacity. The process includes thoroughly identifying access points, monitoring transferred data and enforcing approval from an authorized entity in the operational environment. This approach eliminates the possibility of automatic updates with respect to the established ESP.
Has security auditing. Each system should be audited before deployment to ensure every change in databases and network model is logged with user, timestamp and console annotations.
Reflects ongoing vendor engagement with groups such as the Cyber Security Coordination Task Group, Smart Grid Interoperability Panel and GridWise Alliance to support compliance with the latest industry developments.
Meets business and control system requirements. IPSec encryption capability preserves data integrity and confidentiality for communications between servers and workstations without needing to alter operational procedures. Required ports open on servers should be screened from external access through properly configured routers and network firewalls. The solution should remove all applications not required for the successful operation of the SCADA system.
Designed with future requirements in mind. The solution must reflect a dedication to scalability and extensibility.
Has no back doors. The system should accept easily any major authentication technology, such as biometrics, persistent smartcards and access tokens, and allow central access control at a user or machine policy level so an administrator can use available tools.
Has no hard-coded passwords. A system with full configurability allows strong, default password complexity, a configurable failed login threshold and enforcement of password history. A feature such as single sign-on authentication technology allows a user to access the system through a single complex password at the system platform level and allows administrators to use greater password complexity.
Has security life cycle management. A support program that rapidly reviews, tests and approves security updates will maximize system security and minimize the risk of upgrade-induced issues. The solution should be configurable for industry-leading anti-virus software packages.
The security through obscurity argument supporting proprietary SCADA systems never was security professionals’ option of choice. The smart grid environment requires effective integration of SCADA with other information management systems. Open-architecture technology designed with appropriate features is necessary for proper performance and enterprise efficiency and the security necessary at all levels to ensure the safety of critical infrastructure assets.
Cyberthreats, the aging work force and aging systems are causing a new shift in control center operations. The information technology and operations technology teams are working together to find technology solutions to address new issues.
Smart alarm management can increase the efficiency of the control room operators while robust security features protect against external cyberthreats.
Utilities worldwide are evaluating their systems and how the systems can help them provide safe, reliable, secure and affordable power.
Lance Irwin is director of grid automation solutions and is responsible for grid automation and utility marketing strategy within Schneider Electric’s U.S. infrastructure business. He has 19 years of experience in the utility industry, including positions in engineering and operations.
Scott Koehler is director of smart grid product management for Telvent Energy. He has direct responsibility for the strategic road map of Telvent’s advanced DMS representing the convergence of DMS OMS, and SCADA technologies.