PD IEC/TR 61850-90-2:2016

This standard PD IEC/TR 61850-90-2:2016 Communication networks and systems for power utility automation is classified in these ICS categories:

• 33.200 Telecontrol. Telemetering

This part of IEC 61850, which is a technical report, provides a comprehensive overview of the different aspects that need to be considered while using IEC 61850 for information exchange between substations and control or maintenance centres or other system level applications. In particular, this technical report:

• defines use cases and communication requirements that require an information exchange between substations and control or maintenance centres

• describes the usage of the configuration language of IEC 61850-6

• gives guidelines for the selection of communication services and architectures compatible with IEC 61850

• describes the engineering workflow

• introduces the use of a Proxy/Gateway concept

• describes the links regarding the Specific Communication Service Mapping (SCSM)

This technical report does not define constraints or limitations for specific device implementations. There is no specific chapter for cyber security which is tackled when it is necessary. The model, for IEC TR 61850-90-2, provides security functions based upon the security threats and security functions found in IEC TS 62351-1 and IEC TS 62351-2. This technical report touches several security aspects with the following basic assumptions:

• Information authentication and integrity (e.g. the ability to provide tamper detection) is needed

• Confidentiality is optional

It shall be possible to provide information authentication and integrity in an end-to-end method, regardless of information hierarchies. The typical method to provide this security function is through some type of information/message authentication code. IEC 62351-4:2007 and IEC 62351-91 describe how authentication and integrity is achieved for IEC 61850-8-1. A later version of IEC 62351-4 will provide means to ensure end-to-end data integrity through Proxy/Gateways.

Beneath information authentication and integrity, information availability is an important aspect for telecontrol. This technical report provides redundancy architectures to enhance the availability of information in control and maintenance centres.

The scheme shown in Figure 1 gives an overview of the connectivity and the communication paths. In particular it indicates the principle to access directly or indirectly – via the Proxy/Gateway – to an IED. An application of security controls for substation to control centre communication can be found in IEC 62351-10:2012, 6.4.3. Thus, the substation automation system has to be considered inside a perimeter of cyber security. The access is totally checked by security access points (this document does not describe such a security access point). The boundary of the electronic security perimeter is defined by the point, where the communication line leaves the perimeter of the substation over public ground. There might be more than one security access point, where separation of applications (e.g. control centre and maintenance centre) is required. When more than one client needs access to the same security access point information level access control, e.g. according to IEC TS 62351- 8:2011, may be added. IEC TS 62351-8:2011 may also be used in other cases, where different access rights are required.

The majority of applications for which this technical report is applicable will use the services of MMS (ISO 9506) mapped to ISO/IEC 8802-3 frame formats, as described in IEC 61850-8-1:2011.

The primary application for the use of indirect access, as described in this technical report, will be for telecontrol applications. Nevertheless this technical report does not imply that the use of a Proxy/Gateway is required for telecontrol applications. Direct access may also be used for telecontrol applications where applicable and accepted by the customer.