1

An Open Source IEC-61850 Toolkit for Utility Automation and Wind Power Applications
Stanley. A. Klein, Member, IEEE

Abstract

This panel presentation addresses

development of an opensource Toolkit for constructing IEC61850based systems for a variety of utility automationapplications.DevelopmentoftheToolkitwas originally focused on control system cyber security, but the Toolkit is now being extended to address grid integrationofwindpower. Thepresentationwillprovideanoverviewofthe Toolkit,provideanoverviewof61850anditsbenefits, describetheToolkitarchitectureandfunctionality,and discussissuesinusingopensourcesoftware. Issues addressed in the presentation will include selection of open source components, development of toolkitspecific components, and development challenges

The initial development was done underaDepartmentof HomelandSecurityPhaseIISmallBusinessInnovation Research(SBIR)contract.OSECSinitialintentionwasto addresselectricutilitySCADAsecurityissuesby encouragingelectricutilitiesandtheirequipmentprovidersto migratetothemoreeasilysecuredIEC61850familyofutility automationstandards.IECisintheprocessofdeveloping andadoptinganewstandardforwindpower(6140025)that isbasedon61850,andOSECSiscurrentlyexpandingtoolkit functionalitytofacilitategridintegrationofwindpower. IEC61850isacoreenablingtechnologyfortheSmartGrid. TheToolkitisfocusedonmakingthegridbothsmarterand morecybersecure.Itdoessoby:

and issues, such as variability of open source documentation, open sourcelicensinganditsinteraction withsoftwarearchitectureandbusinessmodel,andopen sourcepackaginganddistribution.
Index Terms open source, SCADA, 61850, toolkit, wind power,6140025

Providing61850protocoldriversfortheManufacturing MessagingSpecification(MMS)andforWebServices Providing61850supporttools,includingmanagement toolsfor61850SubstationConfigurationLanguage Supportingextensionsforwindpowerandother alternativeenergy Enablinguseofconventionalsecuritycapabilities,suchas encryption,firewalls,intrusiondetectionsystems,anda secureoperatingsystem Supportingcompliancewithemergingsecuritymandates, particularlyNERCCIP002009 Leveragingleadingedgeopensourcetechnologies

I. INTRODUCTION

penSecureEnergyControlSystems,LLC(OSECS)has beendevelopinganopensourceToolkitforconstructing secure,nextgenerationsystemsthatwillcontrolelectric powertransmission,distribution,anddistributedgeneration. TheToolkittakesadvantageofIEC61850protocolsand relatedstandards;andincludesbasicSCADAclientand controlcentercomponents,aswellastoolsforconfiguration andmanagementof61850basedsystems.

This work was supported by the United States Department of Homeland SecurityandtheUnitedStatesDepartmentofEnergy. StanleyA.KleiniswithOpenSecureEnergyControlSystems,LLC,Silver Spring,MD,20910(emailsklein@cpcug.org).
F

Oursolutionmakesavailabletoutilities,equipment manufacturersandintegrators,DistributedResourcesowners, andtheutilityresearchcommunityahighlyversatileopen sourcetoolkitforbuildingSCADAandautomationsystems suchas:

Systemforsecureremotenonrealtimedataaccess Controlsystemfordistributedgenerationfacilities, includingwindpower Workstationforequipmentmaintenanceorsubstation localHumanMachineInterfaces Substationandcontrolcentersecurityappliances (applicationfirewallsandaccesscontrolgateways) StarterorenhancedSCADAforsmallutilities

978-1-4244-1904-3/08/$25.00 2008 IEEE

Thesolutionisparticularlyfocusedonutilities,distributed resourcesowners,andtheirsupplierswhoneedtobeableto assessthebenefitsof61850beforefullscaledeployment. II. OVERVIEW AND BENEFITS OF IEC-61850 IEC61850providesanobjectmodellayeredoverstandard communications.Namedobjectsreplacenumberedpoints, andstandardizedobjectsdescribesubstationcomponents.A portionofeachobjectnameisstandardized,withtherestof thenamebeingassignedbytheusingutility.Thestandard includesanXMLbasedSubstationConfigurationLanguage. InterfacesareunderdevelopmenttootherXMLbasedIEC enterprisestandards.Figure1showsanexampleof61850 naming. Roanoke_238KV_LB99A_CTRL/ MMXU1.PhV.phsB.CVal.mag.f Where: "Roanoke_238KV_LB99A_CTRLisautility defineddevicename MMXU1.PhV.phsB.CVal.mag.fisthe61850 standardnameforthefloatingpoint magnitudeofthecomplexvaluethatisthe PhaseBvoltagemeasuredbymeasurement unit(MMXU)number1ofthedevice Figure 1: IEC-61850 Naming Example

Theuseofnamedobjectsin61850bringsnumerousbenefits incost,security,andoperations.Resultingsystemsareeasier toinstallandmanage.Plugandplaycomponentdiscoveryis madefeasiblebytheabilityofdevicestoreportinformation preloadedduringinstallation,suchastheirlocationinthe powersystem,aswellasdirectoriesoftheirnamedobjects. Theflexibilityinnamingobjectssimplifiessystemupgrade. Accesscontrolpoliciesaremucheasiertoexpressand enforce.Objectnamingvastlyincreasesthescopeof operationalinformationthatcanbepotentiallysupported. Thelayeringallowsuseofastandardnetworkinfrastructure thateliminatestheneedforpointtopointsubstationwiring andenablestheuseofconventionalsecuritytools.Resulting systemscanprovidestandardsupportforencryptionand othersecurityfunctions.

III. T OOLKIT ARCHITECTURE AND FEATURES Figure2illustratesthecoreToolkitarchitecture.Atitsheart areawebserviceengine,anMMSclientprotocolstack,and rolebasedaccesscontrolonmessagespassingthroughthe engine.ThewebserviceengineoperateswithinaSOAP serverframework.Thewebserviceengineprocesses commandsandinformationrequests,expressedinXML,and translatestoMMSforcommunicatingwithIEC61850 compatiblesubstationequipment. Theenginereferstoadatabasefortherolebasedsecurity permissionsofvariousobjectsandforlookingupthe addressesofindividualsubstationequipments.Therearetwo securenetworks,onelinkingcontrolcenterworkstations,and

Net SOAP Client

SOAP/MMS Conversion

MMS

Substation Equipment

Core Engine

Net

SOAP Security Verification Database Address Lookup

Figure 2: Core Toolkit Architecture

possiblyinterfacestocorporateandotherfacilities,tothe controlcenterserveronwhichthetoolkitcoreengineis resident.Theothersecurenetworklinksthecontrolcenter andthesubstationequipment. Otherfunctionscanbeaddedasbuildingblocks,suchas scheduledequipmentpollingorintrusiondetection,andcan operatebyexchangingmessageswiththewebserviceengine. VariousotherfunctionsareincludedintheToolkit,suchas managementofrolebasedaccesscontrol(RBAC)policydata, managementofIntelligentElectronicDevicesettings,security tools,andadvancedapplicationssuchaspowerflowand contingencyanalysis. TheToolkitgoeswellbeyondIEC61850,Edition1initsuse ofXML.Itexpressestheobjectmodelsandaccesscontrol privilegesinXML,itdefines61850servicesinXMLbased WSDL,anditprovidesXMLbasedSOAPasamessaging methodalternativetoMMS.ThereareasetofXMLbased standardsforelectricutilityenterpriseobjectscalledthe CommonInformationModel(CIM)thatarecompanionsto 61850.UseofXMLandXMLrelatedstandardswithinthe ToolkitcanfacilitateintegrationwithCIMrelatedstandards. AlthoughtheToolkitwasapioneerinitsdefinitionof61850 SOAPmessaging,a61850basedSOAPmessagingsystemis beingdevelopedasanalternativecommunicationsmethodin 61400254.thecommunicationsprotocolmappingofthe IECwindpowercontrolstandard.Thewindpowerstandard alsouses61850styleobjects. IV. OPEN SOURCE COMPONENTS OSECShasusedfreelyavailableopensourcecomponents andtoolstoaccelerateToolkitimplementation.Abeneficial sideeffectofthisapproachistoensurethatthemostrecent securitytechnologyisalwaysavailableforintegration.As thesecuritytechnologyadvances,improvedcomponents becomeavailableforincorporationinToolkitbasedproducts. Unfortunately,notallrequisiteinfrastructurecomponentsare availablethroughtheopensourcecommunity.Underthe DHSPhaseIISBIR,OSECSaccomplishedthedevelopment, design,oridentificationofopensourcetoolstobeconfigured foranumberofcomponentsincluding: Opensource61850MMSclientstack Core61850SOAPserver,MMSinterface,andmessage RBAC Workstation61850SOAPmessagingclient Workstation61850SOAPobjectmodelandGUI RBACsecuritypolicymanagement

SELinuxplatformandsecurenetworkenvironment Substationintelligentelectronicdevice(IED)settings managementandsurveillance SCLmanagementtool,includinggenerationofobject namestoutilityspecifiednamingpatterns,thatcanbe basedonsubstationorwindfarmdesignpatterns AdditionalSCADAfunctions(polling,persistentdatabase, topology) Interfacetoadvancedapplicationfunctions(e.g.,power flow,contingencyanalysis)

TheOSECSdevelopedcomponentsarebeingreleasedunder duallicensingtermsanopensourcelicenseora commerciallicense.Manyequipmentprovidersincorporate secretsaucetechnologyintotheirproducts,andthe commerciallicenseisintendedtoenablethoseprovidersto avoidcertainissuesthatcanariseinopensourcelicensing. KeyopensourceCOTScomponentsinclude:

gSOAPasthebasisoftheCoreEngine. Pythonforprogrammingworkstationclientapplications andancillarytools GNUC/C++forprogrammingserverapplications Enthought/wxWidgets/wxPythonorGTK+/PyGTKfor theworkstationGUI iptables(includedinLinux)fortheplatformfirewall MySQL,Postgresqlorotherforthepersistentdatabase ZSIfortheworkstationWebServicesclient PSAD,prelude,orotherforfirewallloganalysis Octave/PSATforadvancedpowersystemapplications, suchaspowerflow, andnumerousothers. V.LESSONSLEARNED

Opensourcesoftwareissubstantiallyaproductdeveloped andmaintainedbyvoluntarycommunities.Somepeoplehave theimpressionthatthemainopensourcecommunitiesare composedofhobbyists.However,itisusefultounderstand thestructureoftheopensourcecommunity,becausethereis majorparticipationbycommercialfirms,academia,and government. Someprojectsareinitiatedbyanindividual,othersare developedandmaintainedbymuchlargerandmore organizedgroups.Manymajoropensourceprojectsare fundedbycommercialorganizationsorareorganizedto maintainandimprovesoftwarethatwasformerlyproprietary andhasbeenreleasedasopensource.Commercial

organizationsthathavemademajorcommitmentsto supportingopensourceincludeIBM,RedHat,Oracle,and Sun.Theoperatingsystemsecurityfunctions(Security EnhancedLinux)usedintheToolkitwereoriginally developedbytheNationalSecurityAgencyoftheU.S. DepartmentofDefense,andNSApersonnelcontinueto participateinitsmaintenanceandimprovement. Projectsgenerallyhaveaninfrastructure,oftenprovidedby sourceforge.net,andusuallyincluding:

consumingbutimportantactivityinbuildingasystem usingopensourcesoftware. Selectionofopensourcesoftwarerequiresparticularcare toavoidselectingdeadendsoftware.Itisespecially importanttoassessthescopeandactivityinthe communityofusersandmaintainers,andtolookatfactors suchastheactivityondiscussionlistsinordertoensure thatthesoftwareisstillbeingactivelymaintainedand improved. AsdescribedbyRosen[1],therearetwomainkindsof OpenSourcelicenses,theacademic(withminimal conditionsonuseofthesourcecode)andthereciprocal (requiringthatderivativeworksbemadeavailableunder thesametermsastheoriginalwork).Themajor reciprocallicenseistheGNUGeneralPublicLicense (GPL),publishedbytheFreeSoftwareFoundation (http://www.fsf.org).UnderthetermsoftheGPL,ifany significantGPLcodeisusedinaprogram,alllinked programsmustbelicensedundertheGPLiftheyare distributedtoothers.However,thisdoesnotapplyifa programisaseparatework,andislinkedbyinterfaces usedforseparateprograms.ThusaGPLprogramcan onlybeinterfacedtoprogramthatisnotGPLorGPL compatiblylicensedbymeanssuchasfiles,pipes,and messages,ordinarilyusedforinterfacingseparate programs.Thiscreatesaconstraintonarchitecturethat mustbecarefullymanaged. VI.REFERENCES

Packagedreleasesinformatssuchastar.gz,rpm,deb,and others Asoftwarerepository,usuallybasedonaconfiguration managementtoolsuchasCVS,Subversion,orrecently GIT Anemaillistfordevelopmentandsupportdiscussions, oftenwithwebarchiving Abugtrackingtool,suchasBugzilla,forformalentryand trackingofbugreportsandimprovementrequests Sometimesachatroomorwebforumfordevelopment andsupportdiscussions Documentation

Lessonslearnedthusfarintheprojectinclude:

Opensourcesecuritysoftwareoftenranksamongthebest ofbreedforvariousfunctions. Therearenumerouslanguagespopularforprogramming inopensourcesoftware,includingC/C++,Python,Java, Perl,andothers.TheToolkitusesC/C++andPython (whichhasfacilitiesforrelativelyeasyintegrationofC andC++code).Communitiesusuallydeveloparound languages.Withinalanguagecommunitythereare sometimesmultipleopensourceprojectsaddressinga givenareaoftechnology. Eachopensourceprojecthasdifferentgoals,approaches, strengths,andweaknesses.Availablesoftwarefrequently haspitfalls.Functionalitymaybeincompleteor erroneous.Theoriginaldeveloperswere"scratchingan itch."Somefunctionsandfeaturesimportanttoa potentialuserlookingatthesoftwaremaynothavebeen importanttotheoriginaldevelopercommunity.Asinany communityofvolunteers(includingIEEEitself)makinga suggestionoftenresultsinaninvitationtoimplementthe suggestion.Identifyingandevaluatingeachpotentially usefulopensourcecomponentprojectisatime

[1]LawrenceRosen,OpenSourceLicensing:Software FreedomandIntellectualPropertyLaw,PrenticeHall,2005. VII.BIOGRAPHY

StanleyA.Klein(M59)wasborninBaltimore,MD.HeholdsB.E.Sand M.S.E.degreesinElectricalEngineeringfromJohnsHopkinsUniversityanda D.ScinOperationsResearchfromGeorgeWashingtonUniversity.Hehas workedatComputerSciencesCorporation,AtlanticResearchProfessional ServicesGroup,OperationsResearchIncorporated,andotherorganizations. HeiscurrentlyManagingPrincipalofOpenSecureEnergyControlSystems, LLC.