Professional Documents
Culture Documents
Substation-Automation-Systems-Based-On-IEC-61850-Communications Standard PDF
Substation-Automation-Systems-Based-On-IEC-61850-Communications Standard PDF
PM5-0403-WBX
SUBSTATION AUTOMATION
SYSTEMS
Based on the IEC 61850 Communications Standard
Prepared for
Prepared by
Power System Maintenance Department
1 SCOPE OF WORK.......................................................................................................... 6
-3-
Page7-SA-4
PM5-0403-WBX
4.1 GENERAL REQUIREMENTS........................................................................................ 82
4.1.1 System Design and Engineering.................................................................................... 82
4.1.2 System Reliability and Availability.................................................................................. 82
4.1.2.1 Critical Functions........................................................................................................... 83
4.1.2.2 Non-Critical Functions ................................................................................................... 84
4.1.3 System Security ............................................................................................................ 84
4.1.4 System Sizing................................................................................................................ 85
4.1.4.1 Initially Delivered Systems............................................................................................. 86
4.1.4.2 Expansion and Upgrading ............................................................................................. 87
4.1.5 Reference Standards..................................................................................................... 87
4.1.5.1 Standards Groups ......................................................................................................... 87
4.1.5.2 Specific Relevant Standards.......................................................................................... 88
4.2 SYSTEM PERFORMANCE REQUIREMENTS.............................................................. 90
4.2.1 The General Rule .......................................................................................................... 90
4.2.2 Time Synchronization and Time-Stamping .................................................................... 90
4.2.3 CCU .............................................................................................................................. 91
4.2.3.1 ‘System Log’ Entries...................................................................................................... 91
4.2.3.2 Backup of Real-Time Data............................................................................................. 91
4.2.3.3 Time Synchronization .................................................................................................... 91
4.2.4 Operator Interface [MMI] ............................................................................................... 91
4.2.4.1 Operator Request Completion Time .............................................................................. 91
4.2.4.2 Display Update Time ..................................................................................................... 91
4.2.4.3 MMI Boot-Up Time and Start-Up Time........................................................................... 92
4.2.4.4 System Restarts ............................................................................................................ 92
4.2.5 Communications............................................................................................................ 92
4.2.5.1 Network Associations .................................................................................................... 92
4.2.5.2 SubLAN Data-Interchange Failure between Station-Level and Bay-Level ..................... 93
4.2.5.3 Communication Errors................................................................................................... 93
4.3 HARDWARE REQUIREMENTS .................................................................................... 93
4.3.1 Equipment Power Supply .............................................................................................. 93
4.3.1.1 General Specifications................................................................................................... 93
4.3.1.2 System-Related Specifications ...................................................................................... 94
4.3.2 IED Clock Circuits and Time-Stamping Capabilities....................................................... 94
4.3.3 Substation LANs............................................................................................................ 95
4.3.4 CCU .............................................................................................................................. 95
4.3.5 Operator Interface [MMI] ............................................................................................... 96
4.3.5.1 MMI Units based on Desktop PC................................................................................... 96
4.3.5.2 MMI Units based on Notebook PCs............................................................................... 97
4.3.6 Time and Date Server ................................................................................................... 98
4.3.7 CGW: Communications Gateway .................................................................................. 98
4.3.8 Serial Communication Interfaces ................................................................................... 99
4.3.9 Bay Control Units with Protection Relays (BCUs) .......................................................... 99
4.3.9.1 Installation Issues.......................................................................................................... 99
4.3.9.2 Interface, Electromagnetic, and Environmental Compatibility ........................................ 99
4.3.9.3 BCU I/O Point Types ..................................................................................................... 99
4.3.10 Printing Facilities ......................................................................................................... 100
4.3.11 I/O Point Types............................................................................................................ 100
4.3.11.1 Analog Inputs .............................................................................................................. 101
4.3.11.1.1 AC Analog Inputs (AC-AI) .................................................................................... 101
4.3.11.1.2 DC Analog Inputs (DC-AI).................................................................................... 102
4.3.11.2 Digital Inputs................................................................................................................ 102
4.3.11.2.1 Single Contact, Two-State ................................................................................... 103
4.3.11.2.2 Double Contact, Two-State.................................................................................. 103
4.3.11.2.3 Two-State with Memory (MCD)............................................................................ 103
4.3.11.3 Digital Outputs............................................................................................................. 103
4.3.11.3.1 ON/OFF Device Control....................................................................................... 105
-4-
Page7-SA-5
PM5-0403-WBX
4.3.11.3.2 RAISE/LOWER Control ....................................................................................... 105
4.3.11.3.3 SET-POINT Control ............................................................................................. 105
4.3.11.3.4 Variable-Length Control ....................................................................................... 105
4.3.11.3.5 Direct-Operate (Pulse Output) Control ................................................................. 105
4.3.12 Control Circuit Requirements and Internal wiring Conductors...................................... 106
4.3.13 Console Furniture........................................................................................................ 106
4.4 SYSTEM SOFTWARE REQUIREMENTS ................................................................... 106
4.4.1 A Non-Comprehensive List of System Software .......................................................... 106
4.4.2 General Requirements ................................................................................................ 108
4.4.2.1 Operating Systems...................................................................................................... 108
4.4.2.2 Software Components ................................................................................................. 108
4.4.2.3 Software Interfaces...................................................................................................... 108
4.4.2.4 Programming Languages ............................................................................................ 108
4.4.2.5 Buffer Overflows.......................................................................................................... 109
4.4.2.6 System Loading........................................................................................................... 109
4.4.2.7 Unit Behavior............................................................................................................... 109
4.4.3 IEC 61850 Communications and Stack Software ........................................................ 109
4.4.4 Programmable Logic Control (PLC) Software .............................................................. 109
4.4.5 Configuration Software ................................................................................................ 109
4.4.5.1 Operational Parameters for IEC 61850 Information Models......................................... 109
4.4.5.2 User-Defined Parameters for Individual Software Components ................................... 110
4.4.5.3 Report Scheduling ....................................................................................................... 110
4.4.5.4 Operator Permissions.................................................................................................. 110
4.4.6 Display / Report Generation and Editing Software....................................................... 110
4.4.7 DNP3 Protocol Software Implementation..................................................................... 110
4.4.8 Protocol Analyzer Software ......................................................................................... 112
4.4.9 Demo Software and Literature..................................................................................... 112
4.5 SYSTEM TESTING REQUIREMENTS........................................................................ 112
4.5.1 Testing Categories ...................................................................................................... 112
4.5.2 System Performance Testing Requirements................................................................ 114
4.5.3 Compatibility Test Criteria (for Type-Testing)............................................................... 115
6 Simulation Test Tool and Multifunction Primary Test Set ............................................. 120
-5-
Page7-SA-6
PM5-0403-WBX
1 SCOPE OF WORK
This technical specification describes requirements for a substation automation (SA) system to be
placed in stations belonging to the Metropolitan Electricity Authority (MEA). Bidders must comply
with the requirements in this specification. The successful bidder shall provide completely
integrated, turnkey systems and accept responsibility for those systems successfully fulfilling the
requirements and intent of this specification.
1.2 DELIVERABLES
The system deliverables comprise turnkey systems for multiple sites. The successful bidder shall
act as general contractor to specify, deliver, install, configure, test, commission, and document
these systems in accordance with these technical specifications and the accompanying
commercial terms and conditions.
Work shall include all necessary site preparations and alterations. System deliverables shall
include all hardware software, applications, tools, licenses, materials (e.g. wiring, cabling,
connectors, trays), labor, governmental permits and clearances, procedures, methods,
compliances, demonstrations, test results, documentation, training materials, approval submittals,
and estimates required to complete the work, meet these specifications, and produce robust
operational systems. Licenses for installed products shall (in effect) be perpetual, not requiring
renewal. Future product upgrades will be treated as a separate issue; they will be considered
according to their perceived value. The commercial terms and conditions that accompany these
technical specifications may have other requirements.
1.2.1 Shipment Data and Time of Completion
Bidders must state their shipment schedule and time of completion of the work in the appropriate
field in the Bid and Price Schedule, provide in calendar days to be counted from the Effective Date
of Contract.
1.2.2 Milestones
The Time Schedule to be followed by the Contractor during the performance of the Contractor shall
adhere to the following periods of time for completing the itemized milestones as measured from
the Effective Date of the Contract :-
-6-
Page7-SA-7
PM5-0403-WBX
• Submission of project plan: thirty (30) days.
• Submission of design and document for MEA approval: one hundred and twenty (120)
days.
• Submission of IEC 61850 type test reports and DNP3 Subset level 2 conformance
Certificate with conformance test reports: One hundred and eighty (180) days
• Successful Factory Acceptance Test: two hundred and seventy (270) days.
• Supply, install and commissioning entire SA : five hundred and forty (540) days
• Completion of all related works specified in the specification including of the submission
of as-built drawings and all documents : six hundred (600) days
1.4 OBJECTIVES
MEA’s electric power system network serves Bangkok and the neighboring areas of Nonthaburi
and Samut Prakarn. The network includes more than 148 substations and terminal stations. The
equipment and facilities within each station can be conceptually divided into two interrelated
systems:
-7-
Page7-SA-8
PM5-0403-WBX
1. The primary system, which includes those components that carry, switch, isolate,
transform, interrupt, and passively condition the flow of electric power
2. The secondary system, which includes those components that allow MEA to protect,
control, monitor, and automate the primary system
This specification and the ensuing design and implementation efforts are primarily concerned with
the secondary system. MEA wants to achieve a secondary system environment that will allow MEA
to deploy substation automation solutions that are truly responsive to MEA’s business needs, both
present and future. To be successful, this environment must satisfy the following important criteria:
1. Provide a single, common, open, technological infrastructure that accommodates all
facets of substation automation: protection, control, monitoring, and automation. All
intelligent station devices, all system processes, and all station applications must share
this single system infrastructure.
Of primary importance are the interfaces used for system, device, and application
interoperability. These must be standard and representative of mainstream practice.
2. Support the flexible integration of devices, applications, and data into a functioning
system, which will probably evolve as business objectives do.
In particular, system design shall maintain hardware and software independence,
allowing either to be upgraded in the future without affecting the other.
3. The plans, non-recurring costs, and recurring costs associated with putting this
environment in place, using it, maintaining it, and adapting it over time must be feasible
and pragmatic for the power delivery stations in MEA’s system. Proposed implementation
plans must address both new and existing station sites.
-8-
Page7-SA-9
PM5-0403-WBX
Figure 1
-9-
Page7-SA-10
PM5-0403-WBX
To preserve investment and promote system longevity, the system shall be designed with an
emphasis on hardware and software independence, industry standards, mainstream products and
toolkits, reusable methods, and applications supported by a common set of station functions. The
block diagram presented in Figures 1 represent an acceptable system structure, in that they are
conceptually compatible with the overall system architecture, capabilities, functions, and
constraints described by this technical specification. Those objectives being met, a premium has
been placed on tight integration of closely coupled system functions, segregation of independent
system responsibilities, simplicity, elegance, synergy, flexibility, durability, improved value, etc …
all hallmarks of good design. Bidders may propose alternatives or variations of Figure 1, which will
be evaluated per the same criteria.
- 10 -
Page7-SA-11
PM5-0403-WBX
2.1.2 Station Level
The term station-level, used in the context of this specification, includes all station responsibilities
and capabilities above bay-level. These include the following:
1. Substation LANs, providing the means by which devices and applications exchange data
within the station
2. Station-level data management, data storage, and data retrieval mechanisms
Includes support for IEC 61850 information models, historical data, configurational data,
diagnostic and maintenance data, and files (e.g. non-operational, configurational,
application programs, software updates).
3. System functions required to implement and support the general secondary system
environment (e.g. time and date synchronization services)
4. Application functions necessary to meet specified business and/or functional objectives
These may include functions that would normally be implemented at the bay-level, if the
bay-level is not equipped to provide them
5. Station-wide, centralized, functional interlocking
6. Station-wide collection of maintenance data, diagnostic data, and statistical data for
(1) primary system components, (2) secondary system components, and (3) application
functions
7. Local control of the station for O&M purposes
8. Security
9. Support for MEA’s enterprise clients, residing outside the station
(e.g. SCADA/EMS and Remote Operator Interface).
10. Gateways for legacy subsystems
Accordingly, MEA has defined several components for the station-level architecture. They are
listed below, followed by a description of their specific system roles, responsibilities and
capabilities. They are shown in the block diagram, Figure 1. Except for the constraints placed on
their implementation, these may be regarded as black boxes. In other words, as long as the
specified interfaces, capabilities, design constraints (e.g. performance), etc are honored, the
internal design details are of no concern to MEA. The caveat, however, is that the integrated
system design must meet all expectations, whether or not MEA recognizes all appropriate design
constraints a priori.
Component Operating Level(s)
Substation LAN (SubLAN) Bay and Station
Centralized Control Unit (CCU) Station
Operator Interface [MMI] Station
Time and Date Server (TDS) Station
Communications Gateway (CGW) Station
Print Server (PS) Station
- 11 -
Page7-SA-12
PM5-0403-WBX
2.1.2.1 System Linchpins: Local Repository and System Logs
The following data structures form the core of the SA system. They include five system logs that
chronologically capture the station’s operational history.
1. Local Repository
The Repository represents the present state of the station. It shall hold the IEC 61850-
based information models for the primary system and secondary system components,
including off-the-shelf and programmable logic applications.
2. StatusLog
The StatusLog is a chronological record of recent changes in either primary or secondary
system status, either commanded or uncommanded. In particular, it shall include an entry
for any station component power-fail, power-on, restart, or change in on-line/off-line
status. Power supply failures shall also be captured.
The StatusLog shall not include control commands, although it shall include changes in
status that result from those commands. The StatusLog shall not include configuration
changes to parameters in the system information models. The StatusLog shall hold
events for the most recent 100 days. It shall be backed up in archives, each archive
containing events for a particular month.
All StatusLog entries shall include a time-stamp, identify the system item that changed,
identify the new status, and identify the cause (or agent) of the change.
3. CommandLog
The CommandLog is a chronological record of recent control commands to station
equipment (e.g. Trip, Close, Open, Close, Raise, Lower, Enable, Disable, and set-points)
issued by System Clients. These may be initiated by a SCADA/EMS system, by a local
Operator Interface [MMI] unit, or by off-the-shelf and programmable logic applications.
The CommandLog shall hold commands issued during the most recent 100 days. It shall
be backed up in archives, each archive containing control commands for a particular
month.
All CommandLog entries shall include a time-stamp, identify the system item being
controlled, identify the state being commanded, and identify the source of the control
command.
4. ChangeLog
The ChangeLog is a chronological record of recent changes made by an Operator
Interface [MMI] unit to system and device configuration parameters. The ChangeLog shall
hold changes issued during the most recent 100 days. It is backed up in archives, each
archive containing changes for a particular month.
All ChangeLog entries shall include a time-stamp, identify the system or IED parameter
being changed, identify the new state, and identify the source (i.e. agent) of the change.
5. SubLog
The SubLog is a chronological record of changes made by clients using the IEC 61850
substitution services. The services allow clients to determine whether actual process
values or substituted values are to be provided by a server IED or programmable
application. The SubLog shall include all substitution events, including a return to process
values, that have occurred during the most recent 100 days.
- 12 -
Page7-SA-13
PM5-0403-WBX
6. FileLog
The FileLog is a chronological record of recent file transfers and file deletions involving
any intelligent station device (e.g. BCU, CCU, Operator Interface [MMI]). The FileLog
shall include all such file events that have occurred during the most recent 100 days. It
shall be backed up in archives, each archive containing file events for a particular month.
All FileLog entries shall include a time-stamp, identify the file reference, identify the action
taken, and identify the source (i.e. agent) of the action.
The Local Repository is the basis for normal system operation. The five system logs save the
system’s recent operational history. They shall be used to bring a system client up-to-date after it
goes on-line. As long as the integrity of the system logs is maintained, they provide assurance of
operational continuity despite occasional failures and system maintenance actions. Integrity shall
be maintained through use of a standby CCU.
System clients (e.g. the SCADA/EMS system or Operator Interface [MMI] unit) shall have the
capability to construct a CompositeLog by chronologically interleaving entries from system logs
(i.e. StatusLog, CommandLog, ChangeLog, SubLog, FileLog). The CompositeLog enables
operators to understand what has happened over time. (See the more complete description found
under the Operator Interface [MMI] heading.)
- 13 -
Page7-SA-14
PM5-0403-WBX
6. Version Control
Each IED shall maintain version control for its software/firmware and configuration files.
3. Proxy Server
To avoid confusion, it must first be understood that the CCU plays both client and server
roles in the station system. It acts as a client to populate the Repository with data from
other server IEDs (e.g. Bay Control Units). In turn, it acts as a ‘proxy’ server by satisfying
- 14 -
Page7-SA-15
PM5-0403-WBX
client requests with data directly from the Repository. The intent is (1) to prevent access
contention and congestion that may potentially disrupt the operation of field IEDs, (2) to
simplify access mechanisms, and (3) to provide accountability (i.e. an audit trail) for past
operations.
The proxy services shall work the same way for enterprise and station clients, although
the SCADA/EMS system does not currently support IEC 61850 communications. Current
station clients include Operator Interface [MMI] units and programmable logic
applications. The only current enterprise client is the Remote File Manager. Although its
responsibilities are presently limited to file operations, it may emerge as a remote, fully
operational Operator Interface [MMI] unit if performance considerations permit. This shall
be determined later. When any of these requests server data, the CCU acts on it,
providing data from the Local Repository’s ‘Proxy Client Views’. With rare exception,
clients other than the CCU are not permitted to directly access the primary sources of
station data (e.g. IEDs, Bay Control Units, etc).
Because the Repository is the primary source of system data for system clients, the CCU
shall provide IEC 61850 report and log services for their benefit. The report services allow
clients to subscribe and receive selective, real-time data updates from the Repository, so
that clients can stay operationally up-to-date. The log services allow clients to
chronologically reconstruct recent system history if they are new or have just returned on-
line. The supported system logs shall be the StatusLog, CommandLog, ChangeLog,
SubLog, and FileLog.
As part of its proxy role, the primary CCU has the following responsibilities:
Determining status changes in reported or polled data and updating the status data
in the Repository. Status changes, both commanded and uncommanded, shall be
recorded in the StatusLog.
Executing client commands to control system equipment (e.g. circuit breaker and
disconnect switch Trip/Close, recloser Enable/Disable, transformer OLTC
Raise/Lower). These control commands shall be recorded in the CommandLog.
Clients authorized to initiate these commands include SCADA/EMS, Operator
Interface [MMI] units, and programmable logic applications.
Making value substitutions in server IEDs, in conformance with the IEC 61850
substitution service model. These changes shall be recorded in the SubLog. Clients
authorized to initiate value substitutions include SCADA/EMS, Operator Interface
[MMI] units, and programmable logic applications.
Making changes to configuration parameters and descriptive text within Common
Data Class (CDC) instances. These same changes must be made in the IED
Servers to the data that is mapped to the altered parameters in the Repository. The
changes made to the IED Servers must, in turn, be replicated in the Proxy Server
Views within the Repository. These changes shall also be recorded in the
ChangeLog. At some point, these changes have to be folded back into the SCL
system configuration process, if appropriate. The Operator Interface [MMI] unit is
the only client authorized to initiate these changes.
Executing file transfers and deletions. File transfers shall be supported between the
CCU and other system IEDs. These actions shall be recorded in the FileLog. The
only clients authorized to initiate file operations are the Operator interface [MMI] unit
and Remote File Manager. This topic is addressed in more detail below, under the
File Agent heading.
- 15 -
Page7-SA-16
PM5-0403-WBX
4. Supporting SCADA/EMS Operations
Dispatchers shall be able to control station equipment and gather system data via DNP3
command and polling messages transmitted from the SCADA/EMS control center.
Implementation of DNP3 protocol shall meet ALL requirements as specified in APPENDIX
B.
The DNP3 Level 2 Conformance Certificate and a completed DNP3 ‘Device Profile
Document’ and ‘Implementation Table’ shall be submitted to MEA within 180 (one
hundred and eighty) days after the Effective Date of Contract. The Conformance
Certificate shall be issued by one of the DNP Users Group’s ‘Authorized Testing
Authorities’. If not already available, DNP requirements in Appendix B that transcend
Level 2 shall be implemented by the contractor in the course of project execution.
DNP communications shall be supported by the CCU via a process that links and
converts IEC 61850 data to the desired DNP values and formats. These resulting DNP
data shall be stored and maintained in a separate DNP database that can be accessed
by DNP data communication services. This approach provides two significant
advantages: (1) the continual DNP data conversion process is independent of (i.e. not
interrupted by) DNP message processing, and (2) the DNP database allows the CCU to
quickly respond to message requests. DNP commands shall likewise be translated to use
IEC 61850 control blocks and procedures for controlling system equipment.
The following appendices to this specification provide essential information for supporting
SCADA/EMS operations:
Appendix A
Appendix A details DNP3 communications implementation for the front-end
communications processors used in the two SCADA/EMS control centers. The
material includes a ‘Device Profile Document’ and a ‘Master’s implementation
Table’. These state the features and important parameters used in the
implementation, including supported DNP objects, variations, qualifiers, and
function codes.
Appendix B
Appendix B details the DNP3 objects, variations, qualifiers, and function codes
that must be supported by the CCU in its DNP slave role.
Appendix C
Appendix C details certain higher-level implementation information for the
individual Terminal Stations and Substations covered by this specification. The
information includes initial and ultimate quantities of bay units (of different types),
capacitor branches, bus ties, and CT-secondaries.
Appendix D
Appendix D details typical point types, point counts, and point identities for each
type of station bay unit.
Appendix E
Appendix E provides a standard DNP3 RTU point list for MEA’s SCADA/EMS.
The list is itemized by point type and point function for each type of station bay
unit and function. These are the DNP points that need to be supported by data in
the Repository and DNP database.
- 16 -
Page7-SA-17
PM5-0403-WBX
5. Application Programs
The CCU must be capable of storing and executing application programs. These may be
commercial programs or they may be implemented in programmable logic.
The scope and functions of these programs will typically be defined for CCU.
All application functions that must be implemented in the CCU are listed below. They are
described in more detail under the specification heading titled Functional Requirements,
Applications Support.
Heartbeat function [at all 10 sites]
Trip Counters for circuit breakers [at all sites]
‘Rate-of-change’ calculations for selected measurements [at all sites]
‘Breaker Operating Time’ checks [at all sites]
6. Communications Gateway
The CCU shall supply and receive all application data for the Communications Gateway.
Lower-level communications functions are the responsibilities of the TCP/IP, Ethernet,
and/or DNP communications software.
Communication parameters such as baud rates, number of data bits, parity, transmission
retries, etc. shall be configurable. These shall be user-defined parameters that the
operator can change through an MMI template.
This includes DNP data exchanged with SCADA/EMS control centers. In this case the
CCU must be able to support the communications role of DNP / Level 2 Slave. DNP
application data may be converted from contents of the Local Repository or maintained in
a separate database. However supported, DNP response times cannot suffer.
The CCU shall be able to exchange files with enterprise clients and to store those files.
They will typically be configuration, software, application, or non-operational data files
(e.g. event or oscillography files from protective relays). The CCU does not need to
interpret the file data. For transfers between the CCU and an enterprise client (except the
Remote File Manager), FTP or COMTRADE services are preferred.
The CCU shall provide appropriate, application-level security services for information
transported through Communications Gateway, including authentication and access
control. The Communications gateway shall be designed to provide encryption, although
it may not be used initially.
7. File Agent
The CCU shall include a File Agent utility that provides file management, performs file
transfers and deletions, and maintains the FileLog (see above). The File Agent shall
process all file transfers, which shall occur between the CCU and other IEDs. Files may
include configuration files, application programs, software updates, and non-operational
data (e.g. relay disturbance files and event reports). To maintain interoperability within the
station, file services, attributes, references, and other characteristics shall comply with the
IEC 61850 communications standard. File content does not need to be interpreted by the
File Agent.
Since station IEDs and enterprise clients may currently support the COMTRADE standard
[IEEE C37.111 (1999)] and/or FTP standard [IETF – RFC 542], MEA has an interest in
applying them where IEC 61850 transfers cannot be supported. Potential applications
may involve SDH WAN transfers involving the remote File Management Client.
- 17 -
Page7-SA-18
PM5-0403-WBX
2.1.2.4 Operator Interface [MMI]
An Operator Interface [MMI] shall be the center for all O&M station activities. This includes the
following categories of responsibilities:
1. ‘Local control’ over the primary power system. The facility shall provide all capabilities
available to dispatchers at the SCADA/EMS control centers plus more.
Supervisory control capabilities through the Operator Interface require the MMI/SCADA
switchover per field or system at the station to be in the MMI position, meaning the
SCADA/EMS center and any other (future) enterprise clients must relinquish control for
operational and safety reasons.
2. Displays and reports that inform the operator about what is happening in the station
system.
3. Maintenance and testing of the station system. This includes maintenance of the data
used to monitor, control, and configure the station’s operation.
The Operator Interface [MMI] displaces use of conventional hardwired control, metering, and
annunciation panels for local operations requiring a station operator. Where these displaced
facilities already exist, they may be used for backup, as permitted by MEA’s policies and
procedures.
- 18 -
Page7-SA-19
PM5-0403-WBX
2.1.2.4.2 Operator Interface Responsibilities
The following are Operator Interface [MMI] unit responsibilities for both Terminal Station and
Substation sites:
1. Primary On-Line Responsibilities
At start-up
At start-up, an Operator Interface [MMI] unit will have either no or out-dated
information regarding the operational history of the station system to which it is
connected. This means there is no basis for constructing an Alarm Summary or any
other display that depends on past events. The MMI also lacks current real-time
data needed to support displays and operator decisions.
To remedy this, the MMI unit shall read the system logs (i.e. StatusLog,
CommandLog, ChangeLog, SubLog, FileLog) from the resident, primary CCU. The
logs shall be read with IEC 61850 services. The system logs shall be processed to
produce the Alarm Display and any other displayed data dependent on system
history.
The MMI unit shall be able to interleave system logs to produce a CompositeLog,
providing an integrated, chronological list of events. This is a very helpful tool that
enables an operator to see time relationships. (See the clause heading Operator
Interface [MMI], under Function Requirements, for a more complete description.)
To the extent necessary to support MMI display updates, the MMI client shall
subscribe to IEC 61850 real-time data reports from the Repository.
The system logs, together with the real-time data, enable the MMI unit to capture
both the current state of the system and 100 days of history. It can populate all its
displays with data, enable the operator to make informed decisions, and act as
though it had been connected to that site for three months.
Maintenance of the CompositeLog
The MMI unit shall use new entries from system logs (i.e. StatusLog, CommandLog,
ChangeLog, SubLog, FileLog), provided by CCU(s), to maintain the CompositeLog.
Updating displays
The MMI displays are the operator’s principal means for staying abreast of the
system’s operating condition. The operator can also perform primary system control,
substitute values for process values, and make certain configuration changes.
Operational supervision of programmable logic applications
This shall be accomplished through the use of graphics to represent the application
and the use of Repository subscriptions to observe inputs and outputs.
Initiating file transfers and deletions
This capability supports local, operator-initiated software, application, and
configuration file downloads to IEDs through the CCU.
Browsing capability
This capability allows an operator to view the structure and contents of IEC 61850
information models within the Local Repository of the CCU. More importantly, it is
the MMI’s principal tool for reading and storing the structure and content of the
Local Repository in the CCU. This information is essential for building displays and
reports, saving historical data, and maintaining the system.
- 19 -
Page7-SA-20
PM5-0403-WBX
2. Displays
Station Status
Alarm Summary
CompositeLog
Abnormal Points Summary
Communications Status / Operational Status
Tagged Device Summary
Substituted Value Summary
Health, diagnostic, and on-line/off-line (in-service/out-of-service) status for each IED
and application (i.e. technology monitoring and alarming for the secondary system)
Current file directory (for each IED)
3. Control capabilities
Primary Control: TRIP/CLOSE, RAISE/LOWER,
Device Tagging
Automatic acknowledgement
Recloser Mode Selection
Relay ‘Settings Group’ Mode Selection
‘Primary CCU’ Selection
Value substitution
CCU restart
Operator Interface [MMI] restart
4. Historical Data application
Hosted both Terminals Stations and Substations.
Allows the MMI operator to create Historical Points, which become periodic, saved
recordings of data values for a specific variable.
Records minimum and maximum values for designated variables over designated
time periods each day.
Provides reports that can be printed or displayed
5. Off-Line Responsibilities
IEC 61850-based configuration control, using the SCL tools provided by the
contractor.
Creation and modification of displays
Creation and modification of system reports
Creation and modification of programmable logic applications
Creation and modification of all IEDs setting / configuration parameters
- 20 -
Page7-SA-21
PM5-0403-WBX
Modification of system behavior and application behavior through the use of
templates provided for user-defined parameters
Fault evaluation analysis (Disturbance waveform)
- 21 -
Page7-SA-22
PM5-0403-WBX
alternative source, due to its inherently poorer precision. This approach also provides more grace
time for recovery of a lost GPS signal.
- 22 -
Page7-SA-23
PM5-0403-WBX
3. The BCUs and Protection Relays shall have been submitted/passed a test to certificate
compliance with the IEC 61850 part 10 Conformance Testing such as the following :-
Basic Exchange
Data Set Definition
Unbuffered Report
GOOSE Publish
GOOSE Subscribe
Time Synchronization
File Transfer
The tests to certificate compliance with IEC 61850 part 10 have to be certified by
international accredited testing laboratories which are independent of the Bidder and
Supplier.
In particular, it is expected that Bay Control Units with Protection Relay will use Report
Control Blocks to send data subscribed by CCUs and Operator Interface [MMI] units.
Report Control Blocks will be absolutely necessary for the transmittal of SOE data.
Operator Interface [MMI] units will exchange data with IEDs only for maintenance,
equipment mode control, and diagnostic purposes. No IEDs other than CCUs, Operator
Interface [MMI] units, and the Time & Date Server shall exchange data with BCU IEDs
on a client-server basis.
- 23 -
Page7-SA-24
PM5-0403-WBX
Bay Control Units with Protection Relay shall need to transmit and receive GOOSE
messages in support of the heartbeat application. (See Programmable Logic
Applications under Functions.)
3. Data Maintenance Tools
Although the contractor is responsible for system integration of the delivered system,
PC-based tools shall be provided that allow MEA personnel to reassign IEC 61850
object references to point data, to add new assignments and delete old ones, and to
integrate the results into the system.
4. Data Quality
Each data component shall be accompanied by its associated data quality, as defined
by the IEC 61850 Common Data Classes. All constituent bits of data quality shall be
used and supported (as appropriate) by the Bay Control Units with Protection Relays.
5. System Configuration
Each Bay Control Unit with Protection Relay shall provide an IED Capabilities
Description (ICD) file that describes the IEC 61850 information models, service models,
and related communications capabilities supported by the device. It shall also fully
support the SCL process described under the heading titled System Configuration. As
the result of that process, a downloadable CID file shall be created for each BCUs.
6. BCU Point Interfaces and Circuits
Field connection circuits for I/O points, communications, and power require special
consideration to protect equipment against damage and to protect I/O processes
against corrupting influences. This is important for maintaining reliability and operational
integrity. These issues are addressed by three standards listed under the Specific
Relevant Standards clause: IEEE C37.1-1994, IEC 60870-2-1, and IEC 60870-2-2.
System and circuit design related to field connection circuits shall comply with these
standards. Where they overlap, the more stringent clause shall prevail.
In summary, I/O interfaces shall provide high integrity for the detection and
measurement of acquired signals. They shall also prevent damage, maintain safe
conditions for personnel, and prevent bad data caused by the secondary effects of
lightning, operation of power switchgear, abnormal electrical power behavior, and so
on. Under no circumstances shall these effects cause an unintended control action.
7. Serial Data Ports
Each Bay Control Units with Protection Relay shall provide at least two serial data
server ports for gathering I/O data from other sources within the station or from satellite
facilities. Bay Control Units with Protection Relay ports shall support IEC 61850 object
references in the object base. A PC-based test set with software that supports this
protocols shall be provided.
8. Maintenance Port
Each Bay Control Units with Protection Relay shall rely on a ‘maintenance port’ for
configuration management (e.g. uploading and downloading), if those functions cannot
be performed over the network. If this is the case, the supplier shall explain the
necessity and whether a remedy is being prepared.
9. Testing
Convenient, rapid, and effective testing of I/O inputs and Bay Control Units with
Protection Relay interface circuits is especially important. This capability is needed for
- 24 -
Page7-SA-25
PM5-0403-WBX
verifying point connections, verifying object references against associated input points,
system commissioning, and troubleshooting activities.
One of the general difficulties is that I/O points may arrive at the Bay Control Units with
Protection Relay through terminal connections, through serial data ports, or from
programmable logic outputs. Partly in the interest of simplifying testability, only
connection-oriented I/O inputs are presently specified for use in the Bay Control Units
with Protection Relays.
One approach under consideration would provide the capability to temporarily force a
point out of its normal operating state and into a test state, wherein the point would be
represented by a selectable test value. For example, binary status points would have
two possible test values (0 and 1), analog inputs might have five (i.e. one for each
region), and so on. While in the test state, data quality for the point would be changed
to ‘test’, as indicated through the use of that constituent bit. This test data could be
viewed via an IEC 61850 browser. Alternatively, this testing could be manually or
automatically run and verified, point-by-point, from a client application. The CCU and
other system components would not process test data as valid real-time data, waiting
until such points are commanded out of the test state and back into the normal
operational state. The effectiveness of this approach, or any other recommended by the
bidder, depends heavily on how well the whole I/O path within the Bay Control Units
with Protection Relays is tested. Bidders are welcomed to submit alternative
approaches.
10. Programmable Logic
Bay Control Units with Protection Relays shall provide programmable logic capabilities
and tools.
All application functions that must be implemented in the BCUs are listed below. They
are described in more detail under the specification heading titled Functional
Requirements, Applications Support. Note that protection functions are presently
included.
Heartbeat function [at all sites]
Bay and inter-bay interlocking [at all sites]
Bus coupler throw-over scheme (CTO) [at selected sites]
Line throw-over scheme (LTO) [at selected sites]
Bus throw-over scheme (BTO) [at all sites]
Load shedding and restoration scheme (ALS/ALR) [at all sites]
Breaker failure protection (50BF) [at all sites]
Voltage Selection (VS) [at all sites]
Automatic Transformer Restoration (ATR) [at selected sites]
Capacitor Control [at all sites]
Reset of the display shall be possible on the relay front without opening the cover. Reset
shall not erase the memory of the relay. On the panel front in a visible place a label with
the particular designation of each LED in the contractual language is required. The
software version shall be displayed if manually requested.
The operational indication shall be saved in a non-volatile ring buffer, a four digit
resettable counter shall identify the individual faults by a number, the date of the internal
fault shall be saved for each fault.
The recording shall be started by a external signal e.g. CB closing related to an alarm
relay and wired to the binary input and all internal protection functions. At least the four
latest fault events shall be loaded into the memory of the Protection relay (BCU).
Numerical protection shall be designed in such a way that in case of a failure of DC-
auxiliary infeed the full information need to be maintained during 24 hours. After a
recovery of the DC-auxiliary infeed the last information and alarms will be displayed and
the alarm failure of DC-auxiliary infeed released.
For critical alarms, the alarms are sent through ports per IEC 61850 and nearby BCU
binary input to CCU and MMI.
At least 75% of the alarms shall to be programmable and able to be related to output
contacts of the Bay Control Units with Protective Relays.
Through this serial interface the CCU and/or MMI shall be able to retrieve the following
minimum information, archive set or modified. The data integrity for data transfer inside
the substation control unit shall be assured by a Hamming distance 4.
- 26 -
Page7-SA-27
PM5-0403-WBX
Suitable for the protection of long or short overhead lines or cables, double
circuit lines, heavily loaded lines, lines with weak infeeds
A mho or Polygon characteristic for faults between phases and preferable
polygon characteristic for fault between phase and earth.
To guard against incorrect tripping caused by magnetising inrush currents when
in-zone power transformers are present, a selectable magnetising inrush guard
feature shall be fitted.
At least four (4) distance stages with a independently set polygon
characteristics for forward and reverse measurement shall be implemented.
It will be possible to store at least four complete different groups of setting in a
non-volatile (EEPROM) memory, unaffected by loss of DC supply. The active
group of setting can be selected via menu, combination of contacts or via serial
communication from MMI according to IEC 61850 standards. All settings and
records are accessible from the integral user interfaces, also will be possible to
communicate with the MMI via Substation LAN and also will be possible to
relays office.
To ensure correct measurement under earth fault conditions, the relay needs to
be earth compensated with both residual and a angular compensation for the
proposed scheme OHL or cable.
VT supervision shall be included. VT supervision will block the trip of the
distance protection. The logic for this feature if based on zero component
voltage and current shall not be influenced by magnetising inrush current during
energization of power transformers and during starting of motors.
The power swing blocking feature shall be able to be selected for blocking or
tripping at selected zones and able to be overridden under the presence of a
earth fault.
System logic for switch onto fault protection (SOTF) shall be implemented. The
SOTF feature will be enabled in between a settable time 100…200 ms after the
relay detects the local circuit has opened. This feature will block the
autoreclosure scheme and the tripping will always be on the first setting time.
Any starting, measuring via distance comparators or any current level detector,
will initiate the tripping in this logic.
A logic for tele-protection schemes shall be regarded including the following
topics :
Permissive underreaching (PUTT)
Permissive overreaching (POTT) with weak infeed logic and
communication channel failure and reversal of fault energy direction
Zone 1 extension coupled to the autoreclosure scheme in case of a
faulty communication channel
Blocking scheme
Sensitive directional earth fault in a directional comparison scheme.
Weak infeed logic shall be able to select the proper autoreclosure
selection by means of the phase selection
Open terminal echo and current reversal logic will be supplied with all
the overreaching schemes
The logic scheme of the supplied tele-protection logic needs to be
submitted in block diagrams with clear indication of the send logic, trip
logic, open terminal end and weak end logic.
Autoreclosure schemes for single and multiple faults with single and
multiple shots shall be taken into account.
- 27 -
Page7-SA-28
PM5-0403-WBX
The distance from the relaying point to the fault location will be
measured and displayed by the incorporated fault locator units. The
algorithm in this case shall take into consideration the pre-fault load
current and the selected mutual coupling.
In case of fault the relay shall store four cycles of pre-trip and at least
ten cycles of post-trip data. This includes as well the voltages and
currents as internal relay information.
The scheme is equipped with two interfaces for the connection to a
local PC and to remote communication with the Central Control Unit.
Integral user interface form allows easy access to relay setting and
fault recorded parameter and binary commands.
Interfaces modules/boards shall provide a galvanic isolation to 5 kV
peak and filter out high frequency common mode and transverse mode
noise signal.
At least two line by 16 character liquid crystal display (LCD), a key
path, and ten programmable light emitting diodes (LED) for the several
alarms, additional three LEDs for the relay should be available, alarm
and trip shall be delivered for the main relay interfaces.
Visual indication of service parameters like voltages, currents, active
and reactive power, maximum load, and other selectable parameters to
be visualised in case of faults shall be included.
The EEPROM is a non volatile area of the memory, and will fulfil the
storage and maintain the information within it even if the DC supply is
removed. This area of the memory is copied to the working RAM after
a DC power up, but only written to and read from, if setting changes
are updated or a fault condition occurs.
At least the last three fault signals, alarms as well as the voltages,
currents, tripping time, effective currents, setting group will be loaded
into the EEPROM able to be restored, and loaded in a PC and be
analysed by the protection service software as mentioned on this
specification.
The synchronisation from a common remote clock and locally through
the Central Control Unit (CCU) by means of a general synchronising
signal or by a manual menu guided instruction is possible.
The contractual language i.e. English shall be used for setting and data
input menus as well as for the description of all the main relay
interfaces.
12.2 Undervoltage Protection (27)
Undervoltage protection shall be provided built-in Distance Protection and BCUs with a
definitive time characteristic 0.1 till 1.2 in steps of 0.1 and a timer settable between 0.1 till
5.0 sec. Undervoltage protection will be used to initiate Programmable Logic
Applications, Automated Control Sequences Scheme such as LTO, CTO, BTO and ALR.
12.3 Directional Overcurrent and Earth Fault Protection (67/67N)
The directional overcurrent and earth fault protection device shall be provided built-in
BCUs with phase and earth fault elements. This relay shall be segregated measuring,
alarms, annunciations and settings. Directional elements for both phase and earth fault
scheme.
At least four selectable characteristics for the phase elements shall be included
according to IEC 60255-4 and BS 142:
- 28 -
Page7-SA-29
PM5-0403-WBX
additional long time characteristic for the earth element
Instantaneous trip order for the phase and earth element with a implemented timer and a
set position to block their trip shall be provided.
12.4 Underfrequency Protection (81U)
Underfrequency protection shall be provided built-in BCUs for load shedding function
for tripping the outgoing 24/12 kV feeders, acting on underfrequency in five
programmable steps.
The setting range for both steps shall be 50-47 Hz in increments of approximately 0.03
Hz.
Time delay to allow a co-ordination between the different steps, settable between 0 -
120. sec for each step will be provided.
The function must be guaranteed with voltage levels of +10% to -50% of the rated
voltage. The function shall be blocked if the voltage is less than 80% of the rated
voltage.
The transformer differential protection device shall be able to protect 2 and 3-winding
transformers. The protection principle is the comparison of currents of the different
voltage levels to detect any difference i.e. fault condition. The measured current values
are changed to restraining and differential currents. Tripping takes place if the
comparison of the couple restraining /differential current is within the tripping zone
(exception inrush). Faults within the protection range e.g. phase faults, earth faults and
interturn faults shall be recognised.
The analogue input signals of the relay are sent through a RC lowpass filter to suppress
high frequency parts ("aliasing"). The sampling rate shall not be less than 12
samples/period. This means a minimum sampling rate of 600 Hz for 50 Hz systems.
The input signals are digitalized by A/D converter. The transformer vector group will be
compensated. The CT ratio fault is to take into account by program. Digital filtering leads
to the harmonic contents of the differential (basic and second harmonic) and the
restraining current (basic harmonic). The content of the second harmonic is used to
restrain tripping during inrush conditions. The tripping characteristic has to be stabilised
against external faults to avoid false tripping.
The relay shall be able in case of tripping events to store the input data for 1 s with 2
periods prefault data. The digital relay shall be controlled by self control routines (e.g.
every 10 s) to avoid false function and to permit early detection of any fault inside the
relay.
The Parameterizing of the relay shall be able by local control by keyboard or PC and on
the other hand by MMI from the station or network control level.
The measured values are compared phase by phase. If there is one phase faulty the
tripping takes place. If in only one phase inrush conditions are detected tripping is
restrained. The command time of the relay shall not be higher than 35 ms.
The differential protection device shall provide the possibility of external binary signal
acquisition for the purpose of indication and fault recording. Interposing CT's included on
the relay.
Tripping and Lockout relays should be provided to prevent re-closure, both manual and
automatic, until the lockout relays are reset (shall be electrical reset).
- 29 -
Page7-SA-30
PM5-0403-WBX
12.6 Overcurrent Protection (50/51, 50/51N)
The overcurrent protection device shall be provided built-in BCUs with phase and earth
fault elements. This relay shall be segregated measuring, alarms, annunciations and
settings.
At least four selectable characteristics for the phase elements shall be included
according to IEC 60255-4 and BS 142 :-
Instantaneous trip order for the phase element with a implemented timer and a set
position to block their trip shall be provided.
12.7 Breaker failure protection (50BF)
Breaker failure protection (50BF) shall be provided built-in for all BCUs and Distance
Protection. The phase currents of the feeders shall be monitored for each phase.
The overall reset function of the 50BF system shall not be slower than 25 ms. It shall be
sensitive to detect from 0.2 to 2.0 times the rated feeder current, adjustable in steps of
less or equal to 0.2 times of this current and being able to be operated continuously at
1.2 times the rated current.
12.8 Feeder Protection 24/12 kV
The overcurrent protection device shall be provided with phase and earth fault elements.
Overcurrent protection
Overcurrent Earth Fault protection
3 phase overcurrent with the same characteristics as directional overcurrent
protection
At least four selectable characteristics for the phase elements shall be included
according to IEC 60255-4 and BS 142:
All setting will be entered by means of a built-in keypad and a external software.
Comprehensive data accumulated in the memory for post fault analysis retrieved through
the serial interface into a personal computer.
Instantaneous trip order for the phase and earth element with a implemented timer and a
set position to block their trip if necessary.
A sensitive earth fault relay (0.02 - 0.8 In) shall be provided. A extensive timer 0.1 - 6.0
sec shall provided the co-ordination with the down stream overcurrent relays.
- 30 -
Page7-SA-31
PM5-0403-WBX
The Earth Fault protection shall be controlled “ON” and “OFF” by BCU internal S-R
Flip-Flop which can be operated by a manual switch on the panel or through the SA
control command.
One lamps, LED, marked “OFF” shall be fixed on the panel near the double throw switch
to indicate the status of earth fault protection.
12.9 Auto-Reclosing for Feeder 24/12 kV
Auto-reclosing function shall be provided at least 3 shots. The auto-reclosing
function shall be started from overcurrent and earth fault protections and shall
operate in the following manner :
After being started by either protection, and after the circuit breaker has tripped,
the first auto-reclosing shot shall be 0.2- 4 seconds(adjustable) dead time, a
second shot after 15-60 seconds(adjustable) dead time, and the third and last
shot after another 30-180 second(adjustable) dead time. After closing circuit of
the circuit breaker has been energized , the auto-reclosing shall start reclaim
time for 15-180 seconds(adjustable) to start an autoreclosing sequence, in case
of close on to fault the reclaim time shall be stopped immediately by tripping
command of protection functions.
In addition to after first re-closing, the instantaneous overcurrent and
instantaneous earth fault functions shall be blocked, in order to allow
coordination of protection functions with downstream protections devices. The
auto-reclosing shall be provided with an operation counter according to auto-
reclosing sequence timing diagram.
The auto-reclosing function shall be controlled “USE” and “LOCK” (meaning “in use”
and “blocked”) by BCU internal S-R Flip-Flop which can be operated by a manual
switch on the panel and through the SA control command.
Two lamps, LED, marked “USE” and “LOCK” shall be fixed on the panel near the double
throw switch to indicate the status of auto-reclosing function.
- 31 -
Page7-SA-32
PM5-0403-WBX
Reclaim Time
Reclaim Time
CB Status
Reclaim Time & Lock out Time
CB Close
Lockout
CB open
Dead Time 1st Dead Time 2nd shot Dead Time 3th shot
shot
- 32 -
Page7-SA-33
PM5-0403-WBX
Schneider Electric
- 34 -
Page7-SA-35
PM5-0403-WBX
These actions prepare the standby CCU for reassignment as the primary CCU, should
the need arise or a test be conducted.
Control commands, configuration changes, value substitutions, file transfers and
deletions, and reports, are only executed through the primary CCU. The standby CCU
only makes system log entries and Repository updates that result from these actions.
The standby CCU shall become the primary CCU if any of the following occurs:
The Operator Interface [MMI] unit designates it as the primary CCU.
The primary CCU is not issuing heartbeat messages or indicates that it has serious
health problems. In this case, the switchover shall be automatic.
In this case, the system temporarily promotes the standby CCU to primary. When
the failed CCU is restored on-line, the system will want to again make it the primary
CCU, per the operator’s standing preference. This shall not occur until the restored
CCU has read and processed the system logs from the other CCU. In addition, a
user-defined delay interval (e.g. 30 minutes) shall be imposed to give the restored
CCU a reasonable time to update its Repository.
Current thinking is that redundant CCUs shall be used at all sites as a defense against
critical system failures, since the CCU is responsible for a number of critical functions and
resources (e.g. the Local Repository).
4. The Portable Operator Interface [MMI]
It has been noted elsewhere that Terminal Stations shall have a permanent, desktop-
based Operator Interface [MMI], whereas Substations, being normally unmanned, shall
not. When Substations require the use of an MMI unit, a portable, notebook-based unit
shall be taken to the site for temporary use. This portable MMI concept also provides a
ready solution to the problem of backup, should an Operator Interface [MMI] unit fail at
any site, whether Terminal Station or Substation. For Terminal Stations, it means that a
permanent backup MMI is not required.
The one problem that needed to be solved, however, is how to bring a portable MMI into
a station site and make it aware of the system’s operational history. Otherwise, the
operator cannot see anything more than the system’s current state. The solution, in line
with the groundwork laid in this specification, is to enable the MMI unit to read and
process the system logs resident in the primary CCU. This is discussed more fully under
the Operator interface [MMI] heading.
5. Redundant Power and Converters
The following groups of equipment shall be powered separately from station battery using
independent converters, so that no power failure can bring down more than one group:
IEDs and equipment normally associated with Substation LAN A
IEDs and equipment normally associated with Substation LAN B
6. Redundant IEDs
Redundant IEDs (e.g. CCUs, as described above) can lower the risk associated with
certain kinds of system failures, since their functions continue to operate when one of the
pair fails.
7. Use of Contingent Peers
It is frequently the case that IEDs work interdependently to implement some distributed,
programmed logic application. In such cases, each IED depends on its peers to keep the
- 35 -
Page7-SA-36
PM5-0403-WBX
application working properly. If one of these IEDs detects that the heartbeat of one of its
dependent peers is not being broadcast, it may use a contingent peer to substitute for the
non-operational one. (Refer to the description of the heartbeat function under the heading
titled Programmable Logic Applications.) Use of contingent peers requires planning, of
course, and would generally be used only for critical functions. This approach has been
successfully applied in an operating station in Tennessee.
8. Managed Ethernet Switches
Managed switches can provide capabilities that deal with communications network faults,
different classes of IEDs, and priority issues. Some of these capabilities and related
industry standards are bulleted below:
IEEE 802.1p: Prioritization to allow real-time, critical messages to get through
IEEE 802.1Q: VLAN to allow isolation of critical IEDs from non-critical IEDs
IEEE 802.1w: Rapid Spanning Tree to allow fault-tolerant ring architectures with
rapid reconfiguration times
Managed Ethernet Switches acceptable to MEA shall be from RuggedCom Inc. or
equivalent. Each Managed Ethernet Switch shall be provided with a minimum of at 20
% spare communication ports.
For Bay level (all BCUs and Protection relay), Integrated Ethernet Switches is also
accepted.
9. Redundant Systems Testing and Demonstration
All Redundant Systems shall be tested and demonstrated during FAT and SAT.
- 36 -
Page7-SA-37
PM5-0403-WBX
3 FUNCTIONAL REQUIREMENTS
This clause describes the functions to be supported by the delivered systems. These functions
shall enable dispatchers from the SCADA/EMS control center and substation operators to monitor
and control MEA’s station systems and shall fully support advanced applications specified in this
specification.
The SA system shall incorporate hardware and software interlocks to ensure that substation plant
controls can only be affected from one location at any time.
- 37 -
Page7-SA-38
PM5-0403-WBX
Any time a related configuration file is updated and downloaded to a CCU or IED,
the affected schemas shall be automatically updated. Given the way file
management is specified, any reconfiguration of IED ‘Server Views’ shall
automatically result in an identical reconfiguration of the corresponding Proxy
‘Server Views’ in both the primary and standby (if present) CCUs. Reconfiguration
of Proxy ‘Client Views’ does not affect any IED besides CCUs, unless changes to
structure and data affect existing client subscriptions. Such issues are generally
handled by the SCL configuration process.
Proxy ‘Client Views’
While IED Server Views tend to be product-oriented, Client Views tend to be
application-oriented. Client Views rearrange the way information is grouped and
organized. This is done to suit the convenience and viewpoint of the client. In this
specification, MEA is primarily focused on an operations viewpoint.
For example, MEA may wish to use Logical Device ‘XB_691’ to represent a
transformer bay. The desired information content for this bay may include (1)
breaker control and status, recloser status, and lockout status for two circuit
breakers, (2) control and status for disconnect switches, (3) various transformer
data and LTC control, (4) status for earthing switches, and (5) power system
measurements at more than one point. Other views could be designed to suit
maintenance, power quality, or station metering, or engineering perspectives. Each
client is typically interested in a different slice of the available data and would like to
see it represented in a way that best meets their needs. It frequently depends on the
work culture of the group.
The desired content may be provided by several IEDs, each having a portion of the
required data, so those various pieces need to be mapped to the content of XB_691
in the Client Views.
As shown in Figure 3, each Logical Node in a Client View may draw its data from
one to several IEDs. Logical Nodes in the IED Servers may send different pieces of
their data to different Logical Nodes in the Client Views. This requires a mapping
process that links IED Server components with Client View components. SCL tools
provide this capability. Note that this is a ‘pick-and-choose’ process that begins at
the Logical Device level, and proceeds down through IEC 61850’s data modeling
hierarchy:
Logical Device
Logical Node
Common Data Class
Data
Data Attribute
Some components at the lower end are mandatory, some are optional, and some
involve interdependencies. The mapped linkages determine how data from the IED
Servers is used to keep the Client Views up to date.
All data that the CCU selectively acquires (e.g. subscribes, polls) from IED Servers shall
be stored in the Local Repository under both Proxy Server Views and Proxy Client Views.
Related support data (e.g. operational parameters, configuration parameters, text
descriptions) specified by the IEC 61850 data models shall also be included, except for
those items that both optional and of no interest to MEA. Other categories of data to be
represented within Client Views include the following, as long as they serve a defined
purpose for MEA:
- 38 -
Page7-SA-39
PM5-0403-WBX
Calculated data
Data generated by application programs
Diagnostic data (e.g. operational status) and system performance statistics
These are to be represented in a manner consistent with standard IEC 61850 information
models and application usage.
The contractor shall consult with MEA and recommend schema for IEDs and client
applications installed at the individual stations. The Repository structure and content shall
be designed according to these specifications, documented by the contractor, and
presented for MEA’s approval.
Per the IEC 61850 standard, real-time data values stored in the Local Repository are
represented in engineering units. Where there is latitude in how those units are
expressed (e.g. Volts or kV), the contractor shall propose choices for MEA’s approval.
4. Things to Avoid
Delivered equipment shall not use DIP switches, connection jumpers, wire-wrap
techniques, or any similar technique for user-defined parameters.
5. Contractor Responsibilities
The contractor shall be responsible for integrating and configuring all required system
software, applications, and equipment. These shall all be reconfigurable by MEA, using
tools and procedures provided by the contractor, so that evolving operational
requirements can be met.
- 39 -
Page7-SA-40
PM5-0403-WBX
These views
reflect the way
one or more
system clients
(e.g. operations)
’
in es
i th vic see the
Server Views w e
s ed al D substation.
u i c
ly og
IED Server A t ive t ‘L
c
le re n There may be
se iffe
is d different views
ent use
nt h LOCAL REPOSITORY
’ co hic for different
e w ’, w
IED Server B r Vi ews clients.
ve Vi
er t
‘S lien
‘C
IE
IED Server C in D ‘ Proxy ‘Server Views’
t h Se
e rv
Lo e
ca r V
l R iew IED Server A
ep s
os ’ a
…
ito re
ry re p
lic
IED Server D at
ed
IED Server B
The structure and content of Proxy Server Views must be IED Server C
identical to the corresponding IED Server Views, to the extent
that the Proxy Server Views show Server View information. As a
minimum, all Logical Devices (i.e. domains ) must be shown.
…
Any file associated with a Proxy Client View is referenced IED Server D
through its associated Logical Device directory.
Server Views and Proxy Client Views are created through the
system configuration process.
- 40 -
Page7-SA-41
PM5-0403-WBX
IED Server A
LD root
LD_A Domain A
Client
LN_1 LD root
LN_2
LD root LN_11
LN_4 LN_13
LN_14
LN_5
LD_B2 Domai n B 2
LD_ E Domain E
LN_6
IED Server C
LD root LN_15
LN_16
LD_C Domain C
LN_17
LN_7
LN_8
LN_9
LN_10
- 41 -
Page7-SA-42
PM5-0403-WBX
3.1.1 IEC 61850 Configuration Tools and Process
The IEC 61850 communication standard provides a System Configuration Language (SCL) that
can be used to configure communications for both IEDs and the entire system. It involves the use
of several types of files, created for different purposes, and two levels of tools for creating and
managing those files. The files are represented in XML (Extensible Mark-up Language), enabling
the interoperable exchange of configuration and capability information between supplier tools. The
semi-automated process (i.e. people still need to enter design intentions), illustrated in Figure 4,
virtually eliminates hand-entry of information and manual configuration of equipment.
The four types of files that comprise SCL, listed roughly in the order they are used to produce a
configured system, are the following:
1. ICD: IED Capabilities Description
This file describes the communications capabilities of an individual IED, and it is typically
installed in the IED before shipment from the factory. The file can be extracted from the
IED at any time. It contains no information about how the device is to be used in a target
system, but does fully describe what communication services and information models can
be supported by the IED.
2. SSD: System Specification Description
This file describes the functional specification of the whole secondary system at the
station, including the communications system. Among other things, it captures a one-line
diagram of the targeted system. It allows Logical Nodes [LNs] (i.e. functional pieces of the
whole IEC 61850 information model) to be assigned to the various IEDs according to their
functional roles and capabilities. These actions are typically performed using a single
System Configuration Tool, selected from among those offered by IED manufacturers.
3. SCD: System Configuration Description
This file is created using the System Configuration Tool, the SSD file and ICD files for all
IEDs used in the system. The result is a complete ‘process configuration’ for the
secondary system, with IEDs bound to individual process functions, primary equipment,
and client-access privileges. It also includes all predefined network associations and all
client-server connections with LNs on a data level.
4. CID: Configured IED Description
When the SCD file has been created, it is used to create an individual, downloadable
Configured IED Description file for each IED in the secondary system. This is achieved
using the IED Configuration Tool provided by each manufacturer. As long as these tools
have an interoperable SCL interface, as described by the IEC 61850 standard, they may
be proprietary. This is often necessary, so that the tools can download additional IED
configurational data that is proprietary in nature, but which does not affect system
interoperability.
- 42 -
Page7-SA-43
PM5-0403-WBX
An IED-independent,
‘IED Capabilities Description’ system-level tool ‘System Specification Description’
for every IED ( ICD Files ) ( SSD File )
System
Configuration
IED #1 Tool
IED #2
…
‘System Configuration Description’
IED #n ( SCD File )
IED
Different manufacturers
Configuration
have different tools
Tools
6 System
Database
‘Configured IED Description’
( CID File ) for each IED
All files are stored in a
‘substation database’
The CID file (or a vendor-specific file) may
for record keeping
be used to configure the corresponding IED
and ongoing use
(via network download)
- 43 -
Page7-SA-44
PM5-0403-WBX
3.2.1 Objectives
Files of various types are used with the IEDs of these systems. They include configuration files,
software files, user-application files, and IED-generated data files. These files need to be managed
and occasionally transferred, so that the system operates properly, reliably, and efficiently. MEA’s
specific objectives include the following:
1. Download Capability: Devices need all their software, application program components,
and configuration files if they are to work properly. Even if they are preloaded when the
system is first commissioned, they will very likely need to be updated or replaced in the
future.
MEA needs to be able to accomplish these changes via file-download procedures over
the network, initiated from a remote location or at the station site, per MEA’s discretion on
each occurrence. File services are needed to perform these downloads and to delete files
that are no longer relevant.
2. Upload Capability: Sometimes, during system operation, IEDs may generate data files
(e.g. disturbance files). These files need to be uploaded to a higher system level and then
directed to one or more clients for analysis. The IEDs that generate these files have
limited resources, and they may need to get the current file uploaded relatively quickly, so
that they have freed resources (e.g. memory) to accept the next file, whenever it may be
generated. So a mechanism is needed for the responsible system component to
recognize when a new data file is present and a file-upload service is needed to transfer
the file.
3. File Attribute and Directory Services: The file management procedures must be
relatively simple and foolproof, to avoid confusion and ensure reliable results. And
because operators occasionally need to check their assumptions, they will want confirm
that files reside where they are expected and that the files have the proper attributes (e.g.
last-time-modified). So file services are needed to provide these capabilities.
4. Audit Trail for File Transfer Activity: From a system perspective, it is important to keep
an audit trail of significant occurrences. File transfers are always important, as personnel
need a reliable record of past transfers. Such information may be needed at a future time
when analyzing a problem and deciding how to proceed. An audit trail should create a
record each time a file is transferred or deleted, recording the file name, its attributes,
where it was transferred from and to, and what party (or client) authorized the transfer.
3.2.2 An Approach
The selected approach to file management is based on the IEC 61850 communication standard’s
file services. These five services are combined with the creation of a File Agent application that
runs on the CCU. Unlike programmable logic applications, which are typically applied to implement
user-related functions, the File Agent is a software utility that performs a general system function.
The File Agent performs file transfers when necessary, sometimes automatically and sometimes
when a system client initiates the action. The way this happens is shown in Table 1 for the various
file transfer scenarios. The File Agent does not need to interpret file content.
The File Agent also creates and maintains a chronological FileLog, which records information
about each transfer and thus provides an audit trail for file transfers. The FileLog is available to
system clients at any time and can be read selectively, using IEC 61850 log services. System
- 44 -
Page7-SA-45
PM5-0403-WBX
clients shall use the FileLog, StatusLog, CommandLog, SubLog, and ChangeLog to reconstruct
recent system history when necessary.
File-Related IEC 61850 Service IEC 61850 File Types Target IEDs Authorized
System Service Affected Initiating Client
Capability Model
Download files SetFile File Configuration BCU, TDS, CCU Remote File Mgr
to IEDs Software Op. Interface [MMI] Op. Interface [MMI]
(via File Agent) Prot. Relays
User Apps BCU, CCU Remote File Mgr
Op. Interface [MMI] Op. Interface [MMI]
Prot. Relays
Upload files GetFile File Configuration BCU, TDS, Remote File Mgr
from IEDs to Op. Interface [MMI] Op. Interface [MMI]
CCU
Prot. Relays
(via File Agent)
Data Prot. Relays (future) File Agent (CCU)
Delete files DeleteFile File Configuration BCU, TDS, CCU Remote File Mgr
from IEDs Software Prot. Relays Op. Interface [MMI]
(via File Agent) User Apps
Note: Initiated by using SetFile service to place the target file into the target IED directory of the Local Repository.
- 45 -
Page7-SA-46
PM5-0403-WBX
The File Agent shall use the file services, file structure, file attributes, and other file
characteristics specified (or recommended) by IEC 61850 to maintain interoperability
within the station.
For example, file names shall use extensions to differentiate the various kinds of files
(e.g. programs, configuration, disturbance records). All files shall use a single file format:
sequential unstructured binary. All files shall carry three attributes: File name, file size,
and last-time-modified.
Per IEC 61850-8-1, Clause 23.1: Files names may be constructed as file name
references, beginning with a sequence of directory names (separated by a ‘slash’
delimiter) and ending with the actual name-of-a-file. The sequence of directory names
always begins with a LogicalDevice directory under the LD root directory of the Server
(i.e. server IED). This is because IEC 61850 requires every file to be contained within an
associated LogicalDevice. This file naming convention shall be universally used in the
delivered systems, because it is necessary for the capabilities described in item 3 below.
IEC 61850 services shall be used to implement all file services for transfers within the
station. These can be found in IEC 61850-7-2 under Server Class Services
(GetServerDirectory) and File Services (all the others). These services shall operate over
MEA’s Substation LANs (as specified by the IEC 61850 network profile) and MEA’s fiber
optic SDH WAN. File transfers shall be segmented and transferred with low priority to
prevent contention with higher-priority transfers.
3. Synchronize File Presence between the Local Repository and Server IEDs
As the System Configuration clause describes, IED ‘Server Views’ and Proxy ‘Server
Views’ shall be identical. In particular, this means they both contain the same set of
Logical Devices. This is an important issue, because it affects how files are stored and
managed, as described below:
When an authorized system client uses the SetFile service to send a file to the CCU, the
File Agent shall ensure that files associated with Server Views are written in two places:
(1) the associated IED and (2) the CCU(s). In both cases, the targeted location is
provided by the file name reference, which always begins with a Logical Device name. If
the downloaded file has the same name as an existing file, the File Agent shall replace
the existing file with the new one in both places.
Similarly, if an authorized system client applies the FileDelete service to a file associated
with a Server View, the File Agent shall ensure the file is deleted from two places: (1) the
associated IED and (2) the CCU(s). As before, the targeted location is provided by the file
name reference, which always begins with a Logical Device name. See Figure 5.
Files associated with Proxy ‘Client Views’ are similarly written or deleted, but only in the
CCU(s).
If an authorized system client uses the GetFile service to fetch a file, no collateral action
is required. If the file is associated with a Server View, the File Agent shall use the CCU
source.
4. Transfer Only One File at a Time
The File Agent shall enforce the rule that only one file can be transferred at a time.
5. File Transfer Blocking Option
The File Agent shall allow the SCADA/EMS system to block file transfers altogether in
periods of high stress, using an SBO-controlled File Transfer Mode Switch (FTMS).
- 46 -
Page7-SA-47
PM5-0403-WBX
6. FileLog Maintenance
The File Agent shall create and maintain a chronological FileLog. A new FileLog entry
shall be made when each file transfer has been completed. The recorded information
shall include the date and time, all file attributes, where it was transferred from and to,
and what party (or client) authorized the transfer.
LD root
FileDir1 names-of-files
IEC 61850 ‘File References’
Allan LD_A/FileDir1/Allan
Boris LD_A/FileDir1/Boris
Charles LD_A/FileDir1/Charles
FileDir2 names-of-files
Derek LD_B/FileDir2/Derek
Ernest LD_B/FileDir2/Ernest
- 47 -
Page7-SA-48
PM5-0403-WBX
- 48 -
Page7-SA-49
PM5-0403-WBX
data for conversion, the data quality conversion to IEC 61850 shall follow, in the best way it can be
mapped. The same goes for data derived from a legacy source. If no data quality is available for a
value, look for criteria to assess it and fold those criteria into the IEC 61850 data quality scheme.
- 49 -
Page7-SA-50
PM5-0403-WBX
Time-tagging resolution shall be a maximum of 1 ms, relative to the internal clock of
the monitoring/processing source.
Event records can be cleared at the source once successfully reported. Reports use
confirmed services, which ensure that the server is notified whether each transfer is
successful. Pending events at a server shall not be lost.
Contact inputs: Changes in signal state shall be time-tagged at the time of
transition, although such changes must be validated before they can be accepted,
processed, and reported.
Validation shall be achieved by applying digital filtering to ensure changes persist
for at least a user-defined period of time before they are accepted as genuine.
IEDs shall be able to detect a quick sequence of multiple changes in status for the
same point and ensure that all those changes are reported. This assumes that
individual status transitions persist sufficiently long to qualify for validation.
These sequences of changes may arise, for example, from breaker TRIPs
alternating with RECLOSE operations.
Server IEDs shall support both buffered and unbuffered IEC 61850 event reporting.
It shall include integrity reporting, set at a user-defined interval. Buffered reports for
any server shall be capable of supporting 10 times the number of reportable entities;
this minimizes the chances of data loss if reporting capabilities are temporarily
disabled. Event buffer overflows shall be reported to the CCU.
The contractor shall recommend which optional and/or new attributes to support in
each CDC placed into service for the delivered systems.
- 50 -
Page7-SA-51
PM5-0403-WBX
Voltage
Current
Apparent power (VA)
Real power (W)
Reactive power (VAr)
2. Sources
Mainly CTs and PTs connected to and processed by BCUs (i.e. no DC transducers).
Measurement values are used in IEC 61850 CDCs MV, CMV, SAV, WYE, DEL,
SEQ, HMV, HWYE, and HDEL.
DC transducers (perhaps a few, if necessary)
3. Processing
Measurement values shall be reported when changes since the last report exceed a
user-defined deadband
Deadbands and operating regions shall be user-defined for each individual
measurement. Deadbands shall be specified in 1% steps. These capabilities are
supported by the IEC 61850 standard.
Measurement values shall be reported after device power up, after power recovery,
or when the device is returned to on-line status.
DC Analog Inputs: Analog input modules shall be regularly checked against a stable
reference voltage for linearity and DC-offset at zero volts. Encountered problems
shall be recorded in data quality, causing the data to be marked invalid, and this can
be returned to the SCADA/EMS control center and MMI workstations.
- 51 -
Page7-SA-52
PM5-0403-WBX
A supervisory control request shall be rejected if any of the following conditions exists for the
targeted control point:
1. The device is not subject to supervisory control of the type being attempted.
2. Another control operation is in progress.
3. The requested control operation is inhibited by a tag.
4. The point has failed or is otherwise out-of-service, or if an associated status point is
represented by manually substituted data.
- 52 -
Page7-SA-53
PM5-0403-WBX
3.4.5.2.2 Control of Three-State Devices
These operations are identical to that of two-state devices, except they are typically applied to
slowly switching devices like motor-operated disconnect switches. The status of these devices may
be open, closed, or in-transition, which requires three possible states. These operations are
supported by the DPC (Controllable Double Point) CDC. A two-bit binary status is provided, with
the fourth state interpreted as invalid.
3.4.6 Calculations
Calculations shall be supported as necessary to derive values that are not directly acquired by the
secondary system. Calculations may be required in BCU, CCU, and MMI units as part of their core
or programmable logic responsibilities. In all cases, the data types for calculated variables shall be
- 53 -
Page7-SA-54
PM5-0403-WBX
consistent with the data types used in the IEC 61850 information models for the same or similarly
defined data. If the calculated variable is available for use by subscribing clients, it shall be
maintained in the Local Repository in a structural location that is consistent with IEC 61850’s
established information models. Its value shall be updated at a rate that supports the application
requirements that depend on it.
- 54 -
Page7-SA-55
PM5-0403-WBX
dependent on a non-operational peer, it may use a contingent peer to complete its responsibilities,
if that contingency has been provided in its programmable logic or through other means.
In particular, the Operator Interface [MMI] units shall monitor heartbeat messages to determine
which IEDs are operational and which are not. This information shall be displayed, logged, and
reported to the SCADA/EMS system.
Heartbeat messages from the various IEDs shall be offset in time by some mechanism that
prevents all system heartbeat messages from being issued simultaneously.
- 55 -
Page7-SA-56
PM5-0403-WBX
3.5.4 Breaker Operating Time Checks
This application shall run in the CCU and be applied to all circuit breakers at the station. The
objective is to determine how long it takes each breaker to TRIP, from the time that the tripping
mechanism starts to work to the time that the tripping action is complete. The results are used to
direct breaker maintenance, and they need to be stored in the Local Repository for each breaker.
Breaker operating times can be calculated by monitoring ‘a’ and ‘b’ auxiliary contacts on the
breaker. The interval begins at the instant when both ‘a’ and ‘b’ contacts are open; the interval
ends the instant the ‘b’ contact is closes (with the ‘a’ contact remaining open).
‘Breaker Operating Time’ measurements shall be included in the Local Repository, associated with
other data related to the circuit breaker (e.g. the TRIP Counter).
- 56 -
Page7-SA-57
PM5-0403-WBX
It must be possible to enable or to inhibit the LTO application, and to select the preferred line, from
the Operator Workstation, and (subject to Station Level interlocking) from the SCADA/EMS control
center.
3-phase voltage relays (U<) for lines voltage supervision shall be provided built-in both Distance
protections and line BCUs.
The LTO shall be controlled “AUTO” and “MANUAL” by BCU internal S-R Flip-Flop which can be
operated by a manual switch on the panel and through the SA control command.
One lamps, LED, marked “OFF” shall be fixed on the panel near the double throw switch to
indicate the status of LTO function. Preferred Line key switch shall be provided.
LTO functions for 3 incoming lines much more complex than LTO functions, the Contractor shall
consult MEA for detail description before implementation.
- 57 -
Page7-SA-58
PM5-0403-WBX
CTO logic shall close the bus coupler to receive electric power from the healthy line after a user
definable time delay of 0.2 seconds (total dead time). Time delay shall be able to adjustable in
range of 0 to 10 seconds.
The CTO functions shall be blocked if the any line breaker is tripped by over-current, breaker fail or
bus differential protection. In addition, if both lines voltage is lost the CTO logic shall not operate.
When the unhealthy line voltage returns to normal, the CTO shall switch back to this line and open
the bus coupler after a user definable time delay of 60 seconds. Time delay shall be able to
adjustable in range of 0 to 180 seconds.
It must be possible to enable or to inhibit the CTO application from the substation MMI, and
(subject to Station Level interlocking) from the SCADA/EMS control center.
3-phase voltage relays (U<) for lines voltage supervision shall be provided built-in both Distance
protections and line BCUs.
The CTO shall be controlled “AUTO” and “MANUAL” by BCU internal S-R Flip-Flop which can be
operated by a manual switch on the panel and through the SA control command.
One lamps, LED, marked “OFF” shall be fixed on the panel near the double throw switch to
indicate the status of CTO function.
- 58 -
Page7-SA-59
PM5-0403-WBX
HV HV
Incoming
HV
Line Bays
LTO LTO
Motor-Operated
Bus Switch
M
Transformer HV
Bays Busbar
BTO
MV MV
… …
- 59 -
Page7-SA-60
PM5-0403-WBX
HV HV
Incoming
HV
M
M
Line Bays
M
M
Motor-Operated
Switch
HV Busbar
M
BUS A
M
M
M
M M
CTO
M M M M M
M
BUS B
HV Busbar
Bus Coupler
Transformer Bay
Bays
M
M
Bus Breaker
MV MV
… …
- 60 -
Page7-SA-61
PM5-0403-WBX
The load shedding application shall block any auto-reclosing functions. The under-frequency
application shall be enabled or disabled from the Operator Interface [MMI]or (subject to Station
Level interlocks) from the SCADA/EMS control center.
The under-frequency load shedding application shall be guaranteed to run at user definable
voltage limits between +10% to –40% of rated voltage, and shall be blocked if the voltage is less
than a user-definable level.
Load restoration of a trip-group shall be manually initiated from the Operator Interface [MMI] , or
(subject to Station Level interlocks) from the SCADA/EMS control center. Restoration of any trip–
group shall be by single command and the programmable logic applications shall automatically
sequence closing of the feeders so as to avoid troublesome load initiation surges.
Load restoration application shall switch an auto-reclosing function in ON position after feeders
circuit breaker have been closed. Auto-reclosing function shall be switched ON only feeders were
tripped by load shedding function).
A second alternative for the load shedding and restoration scheme using the dry contact from the
under frequency/under-voltage relays at the substation. Provision for a selection of each alternative
and the reset of the under-frequency/under-voltage tripping relay from the Operator Interface [MMI]
shall be provided. In addition, automatic PT voltage selection function for frequency-voltage
measurement shall be provided to switchover to the other PT in case of the main MV busbar PT
supply is lost.
The overall reset function of the 50BF system shall not be slower than 25 ms. It shall be sensitive to
detect from 0.2 to 2.0 times the rated feeder current, adjustable in steps of less or equal to 0.2 times
of this current and being able to be operated continuously at 1.2 times the rated current.
The 50BF relay has to be provided for each individual CB. It shall be initiated by all other protection
devices tripping commands. The starting and tripping provided from a protection to be infeed from
the same DC auxiliary circuit. Starting from protection relays with single pole tripping shall be
transferred segregated per phase.
All lock-out functions provided by the CBs i.e. SF6 underpressure, N2 and oil monitoring shall be
incorporated to the BFR tripping logic. In case one of these lock-out functions is activated the trip
signal to the remote CB shall be sent or performed without delay.
External signal inputs provided for non-current sensing elements e.g. Buchholz performed via binary
inputs shall be incorporated in a tripping logic with an auxiliary contact of the CB.
A software matrix shall allow to use the 50BF in different tripping configurations, send signals and
combination with several timers.
Trip cut out switches shall be provided as required. All such switches shall provide with suitable
nameplate stating the device number and function.
- 61 -
Page7-SA-62
PM5-0403-WBX
One lamps, LED, marked “OFF” shall be fixed on the panel near the double throw switch to
indicate the status of breaker failure protection.
- 62 -
Page7-SA-63
PM5-0403-WBX
The operator shall be able to print the report or to temporarily display fields of data
graphically (e.g. a trend graph, displayed against a time-marked axis). The amount of
data in a report shall only be limited by available data and the size of an Excel worksheet.
4. Predefined Historical Points
The contractor shall provide the following historical points, already set up in the delivered
systems:
Hourly snapshots of all status, analog, and counter values.
Daytime maximum values of all analog and counter readings collected during the
time interval 06:00 to 17:00, along with the date and time of the maximum reading.
Nighttime maximum values of all analog and counter readings collected during the
time interval 18:00 to 05:00, along with the date and time of the maximum reading.
MEA shall be able to alter these predefined points (e.g. changing the time intervals;
adding more historical points, or deleting historical points.
5. Archives
All historical data shall be saved and available on-line for the present month plus the prior
three months. Older data shall be archived on an end-of-the-month basis. Archives shall
be stored on disk and retrievable on a read-only basis for queries.
- 63 -
Page7-SA-64
PM5-0403-WBX
7. Application Area: The main area of the window, from the SA system functions and
applications are operated.
It shall be possible to change the size of windows by dragging edges, and to drag the
complete window to any position on the screen.
3.7.1.3 Toolbars
Toolbars with pull-down menus shall provide fast navigation to functions and displays. It shall be
possible to navigate to functions and displays by clicking the toolbars and entries on their pull-
down menus. The layout of toolbars and the rest of the navigation schemes shall be developed in
consultation with MEA and shall be subject to MEA’s approval. Provisions are required for
programmers to edit the toolbars and the navigation trees, and to construct new ones, through an
interactive procedure and without programming.
1. A main toolbar shall appear near the top of each display. The main toolbar and pull-down
menus initiated from it shall provide fast navigation to frequently used SA system
functions and displays, and to functions that have to be quickly accessible for handling
emergencies.
- 64 -
Page7-SA-65
PM5-0403-WBX
2. One or more application toolbars shall be provided for application displays to facilitate
navigation to functions and displays that belong to the application itself or are used in
conjunction with it. Each application’s toolbar shall provide fast and convenient access to
HELP information associated with the specific application.
- 65 -
Page7-SA-66
PM5-0403-WBX
No artificial restrictions as to the placement of data or the format of its presentation shall
limit the way in which displays can be defined. It shall be possible to access every
attribute of any point or object in any database of the SA system in order to dynamically
control its appearance in displays. The presence, appearance and location of quality
indicators, tags, alarm inhibit indications, and any other indications or display features
that depend on point attributes shall be defined via the Display Editor during display
creation/modification.
3. Graphical Display Capabilities
The capability to include bar charts, x-y plots and pie charts shall be available.
- 66 -
Page7-SA-67
PM5-0403-WBX
4. Using function keys or keyboard functions (defined earlier) that may be designated for the
selection of frequently-called displays.
5. By entering a short display mnemonic in a location reserved for this purpose on the
screen.
6. It shall be possible to call an Alarm Summary display by clicking a data point on any
substation display where it appears.
If there is an entry for the selected point in an Alarm Summary, that portion of the
summary which includes the entry, shall be shown. The point’s alarm entry shall be
highlighted by scrolling the Alarm Summary down to where the entry appears at the top of
the display.
If no such entries appear in the Alarm Summary, a message confirming that fact shall be
presented to the user.
Methods shall be provided to call displays within the active window or within a new window.
- 67 -
Page7-SA-68
PM5-0403-WBX
Control requests shall be canceled and the selection of the point shall be terminated
when the user cancels a request, does not perform the next step of the control
procedure within the selection time-out period, or the request is rejected.
2. Incremental (RAISE/LOWER) Control
Supervisory control of RAISE/LOWER control devices shall involve the same set of
consecutive actions as specified above for device state control, with the following
exceptions:
Only RAISE and LOWER control operations may be selected.
The command shall be issued as soon as RAISE or LOWER is selected, without an
EXECUTE step. It shall be possible for substation operator to initiate control
repeatedly without reselection of the controlled point, provided that the execution of
the previous control command has successfully been completed.
A separate timeout period shall be provided for incremental control points. This
selection timeout period shall be user-defined within the range 10 - 120 seconds.
The timer shall reset and start counting again whenever a RAISE or LOWER
command is issued.
- 68 -
Page7-SA-69
PM5-0403-WBX
Incoming data shall not be processed for a deactivated point. A deactivated point shall retain the
last value or state that was successfully retrieved before being deactivated, and shall be assigned
an appropriate IEC 61850 data quality code corresponding to DEACTIVATED. Upon reactivation,
the SA system shall resume processing of data reported for the point from the field. The data
quality of a reactivated point shall be set to FAILED (or an equivalent IEC 61850 data quality) until
up-to-date data is successfully received for it.
When an entire IED server is deactivated, the SA system shall stop processing any control
command for the IED and mark the IEC 61850 data quality for all points belonging to the IED as
DEACTIVATED (or equivalent). Supervisory control requests, issued by either the station operator
or applications, shall be rejected for deactivated control points of the IED; the reason for the
rejection shall be noted in a message displayed to the station operator or reported to the
requesting application. When the IED is reactivated, the associated quality codes shall be set to
FAILED (or an equivalent IEC 61850 data quality) until up-to-date data is received from the IED.
However, points that had been individually deactivated, either before or after the IED was
deactivated, shall remain in the DEACTIVATED state.
- 69 -
Page7-SA-70
PM5-0403-WBX
3.7.3.1 Operator Mode
The station operator is authorized to perform all the control and monitoring functions.
3.7.4.1 Events
The following occurrences shall be processed as events:
1. All changes of status points resulting from supervisory control commands.
(These shall result in StatusLog entries.)
2. Substation operator’s actions including, but not limited to, the following:
- 70 -
Page7-SA-71
PM5-0403-WBX
Supervisory control.
(These shall result in CommandLog entries.)
Tagging and removal of tags.
(These shall result in CommandLog entries.)
MMI log-on or log-off.
(These shall result in ChangeLog entries.)
Changing of MMI modes.
(These shall result in ChangeLog entries.)
Alarm acknowledgement.
(These shall result in AlarmLog entries.)
Deactivation and activation of data and command points and of audible alarming.
(These shall result in ChangeLog entries.)
Manual substitution for process values.
(These shall result in SubLog entries.)
System warm restart.
(These shall result in ChangeLog entries.)
3. Events declared by application programs.
(These shall result in entries to the most appropriate system log, according to the defined
purpose of each system log.)
4. Other conditions that may be specifically called out in this specification
- 71 -
Page7-SA-72
PM5-0403-WBX
It shall be possible to assign points and specific alarm conditions to major and minor alarms.
Therefore, for instance, it shall be possible to define the excursion of a value of an analog value
outside the operational limits as a minor alarm and exceeding of emergency limits as a major
alarm.
- 72 -
Page7-SA-73
PM5-0403-WBX
An entry shall be made in an AlarmLog for each occurrence of an event that is defined as
an alarm, provided alarming for the item is not currently suppressed (e.g. alarm-inhibited).
The alarms shall be chronologically ordered. Unlike the Alarm Summary, the AlarmLog
shall have a time-tagged entry for every occurrence, rather than just the most recent
occurrence.
The AlarmLog is not to be considered as one of the system logs. It is private to an MMI
unit and only serves as an audit trail for the handling of Alarm Summary entries (e.g.
alarm entry, acknowledgement, and deletion). The AlarmLog shall be incrementally saved
in non-volatile or disk memory. It shall be archived monthly.
The AlarmLog, along with the system logs (i.e. StatusLog, CommandLog, ChangeLog,
SubLog, and FileLog) shall be part of the Historical Database (HIS), and entries shall be
kept on-line for the period specified for historical data.
3. Alarm and AlarmLog Entry Format
All entries in Alarm Summaries and the AlarmLog shall be a maximum one (1) monitor
line in length. Display and print versions shall be identical. No unduly cryptic
abbreviations shall be used in alarm and AlarmLog entries. The exact format of the alarm
and AlarmLog entries shall be subject to MEA’s approval.
Alarm and AlarmLog entries shall contain the following information, as applicable:
Class or Priority
Major alarm or minor alarm, indicated through color and a symbol.
Date and Time
Date and time of the detection of the condition, or of the user’s action. Date shall be
in the format DD /MM/ YYYY.
The User ID (for user-initiated events)
Location (e.g. substation ID or application)
Point name
Point descriptor
Statement of the nature of the alarm or event
For status changes: TRIPPED/CLOSED/TRIPPED or ‘Clearance Tag Placed’.
For analog value transitions between operating regions: The region entered, as well
as the analog value shall be stated.
- 73 -
Page7-SA-74
PM5-0403-WBX
The CompositeLog shall maintain entries for the prior 100 days, including the present one. At the
end of each calendar month (or at the first opportunity thereafter), all entries for the just-completed
month shall be saved in a separate ‘CompositeLog Archive’, regardless of whether event entries
have been acknowledged on the Alarm Summary display. CompositeLog Archives shall be saved
on the local disk and on all CCU(s). File names for these archives shall be labeled as follows:
CompLogArchive%’StationName’%’Year-Month’.log
(actual name) (actual year & month)
Operators shall be able to open and display LogArchives on a view-only basis. They may be
printed in the same format as the CompositeLog if a printer is available. CompositeLog archives
shall not be deletable at an Operator Interface [MMI] unit or CCU, but may be duplicated to
separate media (e.g. a portable disk) for backup or analysis at a different site (where deletion shall
be allowed).
The operator shall have the capability to enter a mode in which he can select and sort
CompositeLog entries for viewing and printout (if a printer is available), using various field-related
search keys. For example, he should be able to search for events related to a specific circuit
breaker, across a particular period of time. It shall be possible to apply several search criteria at
the same time.
The ‘annotation’ field shall provide quick-reference information for each line entry. More than one
annotation code may be used for the field entry (e.g. ‘m e’).
‘C’ for command
‘M’ for major status alarm
‘M/’ for transition out of major alarm
‘m’ for minor status alarm
‘m/’ for transition out of minor alarm
‘S’ for manual value substitution
‘S/’ for return to actual system values
‘F’ for file transfer
‘D’ for file deletion
‘P’ for a configuration parameter change
‘e’ for entry time (when date & time reflect Alarm Summary entry time, rather than a time-
stamp from the data source).
- 74 -
Page7-SA-75
PM5-0403-WBX
navigation of these information models, but they do not otherwise have a bearing on the objectives
presented here.
This specification refers to these captured ‘terminal leaves’ as d-tags (short for ‘data tags’ to
prevent confusion with utility equipment tags). D-tags shall be used for several purposes. D-tags
(or whatever they are called by the contractor) shall be an MMI implementation mechanism for
identifying important pieces of station data, whether they represent real-time values, data quality
(which is really real-time data, too), operating parameters, configuration parameters, or descriptive
text. IEC 61850 simplifies life here, because object references include a field called a functional
constraint. The functional constraint classifies the object reference as to its purpose. Examples
include status (ST), control (CO), measurement value (MX), configuration (CF), description (DC),
substitution value (SV), and so on.
The MMI software shall sort these captured d-tags into several lists according to their functional
constraint. These lists shall be used in templates, allowing the maintenance engineer to assign
familiar (and shorter) names in lieu of their IEC 61850 object reference handles. These d-tag
names shall be used in displays and reports. These lists shall be used to coordinate and simplify
coordination of MMI activities with the content of the Local Repository. For example …
1. D-tags with Functional Constraint = CF
D-tags in this list shall be used to support MMI templates for modifying operational
parameters. Care is required. Some of these d-tags are closely tied to software or
hardware processes (e.g. sample rate), and the maintenance engineer would be ill-
advised to alter them. Others can be changed at his discretion. The contractor shall ‘gray
out’ any configuration parameters that should not be changed in this way.
Note that not all operational parameters are defined by the IEC 61850 information
models, as occasionally explained in other clauses of this specification. The contractor
shall include those outlying operational parameters in this list, if appropriate.
2. D-tags with Functional Constraint = MX
D-tags in this list shall be used to support the selection and positioning of real-time
measurement values for displays and reports, as part of the editing process. They can
also be referenced for defining historical data points, as defined under the Historical Data
clause.
3. D-tags with Functional Constraint = ST
D-tags in this list shall be used to support the selection and positioning of real-time status
values for displays and reports, as part of the editing process. They can also be
referenced for defining historical data points, as defined under the Historical Data clause.
4. D-tags with Functional Constraint = CO
D-tags in this list shall be used to support the selection and positioning of control points
for displays (e.g. the one-line diagram), as part of the editing process.
5. D-tags with Functional Constraint = SV
D-tags in this list shall be used to support an MMI template that allows an operator to
perform data value substitution. (Substitution services are supported by the IEC 61850
standard.) They can also be used, when a substituted value is being used for a process
value, for insertion into historical data records. This requires appropriate annotation of the
record to avoid confusion between process and substituted values.
6. D-tags with Functional Constraint = DC
D-tags in this list shall be used to support an MMI template that allows the operator to
change these descriptions.
- 75 -
Page7-SA-76
PM5-0403-WBX
3.7.7 Displays
Displays to be included in the SA system are listed and described below. This is not an exhaustive
list and the contractor shall prepare all the displays necessary for the required functions in
consultation with MEA. Display generation tools shall be provided for MEA in order to integrate
displays created for future applications. Some screen displays specified in this specification.
3.7.7.1 Directories
These are hierarchically organized lists of displays from which displays can be selected for viewing
by clicking on items in the lists.
- 76 -
Page7-SA-77
PM5-0403-WBX
Each alarm entry shall contain the following fields:
Date and Time: Alarm entries shall be time-tagged with the date and time of
occurrence, as reported from the original source.
Alarm entries for status data without a reported time-tag shall be posted with the
time of entry into the summary; these time entries shall be annotated with the
symbol ‘e’, meaning ‘display entry time’.
Alarm Source: Device name, application name, or ‘system’.
Description of the Alarming Entity: Related to the IEC 61850 LD, LN, and CDC
attribute, but described in power system, equipment, or functional terms that are
familiar and useful to the operator. The operator shall be able to right-click
‘properties’ for this field to see the associated IEC 61850 ‘object reference’ (if
applicable).
State Description: A state description shall be assigned to each discrete status
value, where a particular interpretation is intended. Examples follow:
Open/Closed/In-Transition, On/Off, In/Out, Energized/De-energized, Lockout/Reset;
Warning region, Emergency Region, Out-of-Range. These shall correlate with CDC
assignments in the IEC 61850 standard, where applicable. The operator shall be
able to right-click ‘properties’ for a ‘State Description’ field entry to see the
associated CDC attribute name (if applicable).
The state description used with each discrete status value for each reportable entity
shall be user-defined, using a standardized, on-screen template in off-line mode.
State descriptions considered ‘normal’ shall also be user-defined.
Normal / Abnormal State: A ‘normal’ or ‘abnormal’ entry shall be made, according
to user-defined assignments. The operator shall be able to right-click ‘properties’ for
a ‘Normal / Abnormal State’ field entry to see the associated value (if applicable).
The appropriate IEC 61850 data type representation shall be used.
2. Abnormal Summary
This summary shall be a list of analog points that are outside of operational limits, and of
status points that are not in the state defined as “NORMAL” in the Local Repository.
3. Tagged Device Summary
This is a list of all devices that have been electronically tagged. Each entry shall show the
date and time that the tag was placed, the log-on ID of the substation operator placing the
tag, the substation and point name of the tagged device, the type of the tag, and a
operator-entered comment. Entries shall be deleted when tags are removed.
4. Substituted Values Summary
This display identifies the data points whose process value is currently being substituted
by an operator-supplied value. The substitute value being used shall be displayed for
each point.
5. Alarm Inhibited Summary
This is a list of points for which alarming has been inhibited by operators.
Operators shall be able to select entries from summaries for viewing or for printing, using
appropriate search keys for each type of summary.
- 77 -
Page7-SA-78
PM5-0403-WBX
3.7.7.6 Log Displays
1. System Logs
StatusLog
CommandLog
ChangeLog
SubLog
FileLog.
2. CompositeLog
An operator shall be able to selectively enable which system logs are used for displaying
or printing CompositeLog entries. Entries from the enabled system logs shall be
chronologically interleaved, with the most recent entries at the bottom..
3. AlarmLog
This display is for viewing AlarmLog entries in chronological order, with the most recent
entries at the bottom.
- 79 -
Page7-SA-80
PM5-0403-WBX
The editing tools and capabilities shall allow MEA to designate whether alarms are major
or minor, to determine the normal states for all status data (as appropriate), and to
identify the electrical equipment contact associated with each status input (e.g. ‘b’,
normally closed contact).
The resulting files from all these editing activities shall be backed up on portable media
and/or the CCU(s), as a hedge against loss.
- 80 -
Page7-SA-81
PM5-0403-WBX
All power conversion circuits shall provide overvoltage protection against normal-mode transients
at their supply inputs and provide common-mode voltage standoff capability suitable for the
substation environment. Power unit outputs shall be isolated from earth ground and short-circuit
proof. In general, any load condition (including short-circuit) that exceeds the unit’s capability to
deliver quality power shall cause the power unit to temporarily shut down. After a reasonable delay
(two seconds, for example), the unit shall start up again, testing the load conditions. This cycle
shall repeat indefinitely until the power unit can support the load. The important thing is that the
unit be capable of automatically handling abnormal load conditions and recovering normal
operation without human intervention.
Overvoltage and undervoltage protection at the power unit outputs shall be included to protect load
circuits. Normal power unit operation shall not be disrupted by brief load transients, which may
occur when individual system loads are added or removed. LEDs shall be used to indicate that the
unit has is working properly and that input and output voltages are within the proper ranges.
DC/DC converters shall incorporate reverse polarity protection at the inputs to protect against
connection errors. Station battery shall not be earth grounded.
Power supply busbars in cabinets shall be carefully routed and each busbar shall be shrouded. It
shall not be possible to inadvertently short busbars, either between themselves or to earth.
Below the cut-off levels for distribution voltages, equipment (being powered) shall shut down in an
orderly manner without generating spurious alarms, generating wild fluctuations in analog
readings, or causing unintended control operations.
The stated power unit ratings and reliable operation shall be maintained over the full system
temperature operating range and over the entire input supply (i.e. station battery) voltage range.
The contractor shall state the power requirements and dissipation rates for each modular sub-rack
and fully populated rack in the detailed design documents.
The power unit shall comprise two units and transfer switch. The DC input and AC output shall be
isolated from each other (two batteries). The AC. output neutral point shall be solidly earthed. The
power units shall be arranged with a main bypass supply, an electronic transfer switch and
maintenance bypass circuit.
The transfer switch shall be rated to match the output of the power unit. The transfer time shall not
exceed 1 ms. The transfer shall normally be synchronous, but the transfer switch shall be capable
of a synchronous operation. Transfer from the main bypass circuit to a power units shall only be
initiated manually.
- 81 -
Page7-SA-82
PM5-0403-WBX
- 82 -
Page7-SA-83
PM5-0403-WBX
happen and to mitigate the overall risk to an acceptable level. Risks can be expressed in terms of
probabilities, and those probabilities can be combined mathematically to calculate an estimate of
annual system downtime. Those calculations depend on the system configuration,
interdependencies of system components, and how well the individual components are designed.
Realistically, low failure rates are heavily dependent on consideration of environmental and
electrical susceptibility factors in equipment selection and design, good engineering judgment and
practice, competent and trained O&M personnel, proper attention to system problems, and
avoidance of electrical components that require manual adjustment or repositioning during
configuration or maintenance (e.g. electronic connectors, jumpers, and switches). The contractor
shall keep these and related factors in mind when responding to this specification with a proposed
design.
The contractor shall submit his rationale, reliability data, and availability calculations in support of
his proposal. The contractor may use any widely recognized reliability tool or method that he
believes helps construct his case, but how these are applied must be documented for MEA’s
review. MEA will expect cogent, credible, and persuasive evidence for the selected approach.
Proven track records will carry greater weight than purely theoretical calculations, although track
records need to be substantiated through a number of customer references for like systems
(including contact information for persons who can provide authentic testimony). Cherry-picking of
several customer references is strongly discouraged; a greater number or references will dispel
this concern. Documents supporting the contractor’s reliability/availability claims shall be submitted
to MEA within 30 days of the bid opening date. MEA has a strong preference for a system
approach that does not require routine maintenance. The IEC 60870-4 standard shall be used as a
guide for addressing these issues.
MEA requires the following guaranteed reliability criteria:
1. Annual availability of the system shall be 99.95% or better on average (IEC 60870-4,
Table 2 – Class A3). This requires that system downtime be less than 262 minutes per
year.
2. MTTR: Trained maintenance personnel shall not require more than six (6) hours to
restore the SA system to normal service (IEC 60870-4 Table 3 – Class M4).
The above figures shall exclude administration time and traveling time. Recommended test
equipment and replaceable spares are assumed to be locally available to sites needing their use,
although these assumed resources must consequently be included in the proposal.
- 83 -
Page7-SA-84
PM5-0403-WBX
Programmable logic application processing or supervision
Proper operation of the system logs
System configuration control or diagnostics
Field data acquisition and processing
Time synchronization
3. Any other failure that interrupts system capability beyond that solely attributable to the
failed resource.
For example, loss of a single BCU may be excluded if it only results in the loss of data for which it
is directly responsible. Loss of all data acquisition, however, comprehensively disables
SCADA/EMS support, requiring that failure be subject to the guaranteed reliability criteria.
- 84 -
Page7-SA-85
PM5-0403-WBX
2. Historical Data
Number of values stored once per hour for a All values in the Local
period of 3 months, plus the current month. Repository
Number of values stored twice per day for a All analogs and counters in the
period of 120 days (peak daytime values and Local Repository
peak nighttime values)
3. Summaries
Alarm file entries 1,000
A&E file entries 2,000
Abnormal summary entries 500
Alarming inhibited summary entries 500
Tag summary entries (maximum number of 500
equipment tags)
** Note: The IEC 61850 information models include a considerable number of additional data
components to support the real-time data components identified above. Local
Repository sizing requirements for these additional data components are not
included here and shall be determined by the contractor.
- 85 -
Page7-SA-86
PM5-0403-WBX
4.1.4.1 Initially Delivered Systems
Upon delivery, each SA system’s technical infrastructure shall be sized to meet the substation’s
ultimate configuration, as specified in Appendix C. By ‘technical infrastructure’ this specification
means the wiring, cabling, connections, enclosures, IED mounting positions, Ethernet switch ports,
Repository memory sizing, etc shall all be planned and ready to accept new equipment boxes for
the system expansion expected in the future. No new technical infrastructure or engineering shall
be required to expand from the initially installed system to the ultimate, planned system
configuration. The I/O point counts can be anticipated from the information in Appendix D.
Programmable logic applications and other requirements shall be interpreted from descriptions
elsewhere in this specification.
All screen displays and other items related to the non-existent or spare bays shall be included in
the design of the SA system, as if it already existed, but shown on the screen in a distinctive
manner to indicate that it is ‘future’ in nature.
1. Reserved Capacities
At least fifty percent (50%) of installed RAM in the CCU, bay, and MMI processors shall
be provided as spare memory. The system shall be able to meet all functional and
performance requirements with the spare capacity blocked off or physically removed.
At least eighty percent (80%) of each installed disk’s capacity shall be uncommitted and
reserved for future use.
During all performance and functional tests of the Factory Acceptance Test (FAT), the
spare RAM and disk capacities shall be blocked off, removed, disabled, or loaded with
dummy information, to prevent their use by the supplied software.
2. Utilization Requirements
Over any five (5) minute period (including end-of-hour, end-of-day and end-of-month), the
utilization of SA system components during the system activities defined for system
performance testing shall not exceed the following limits:
The total loading of a CCU processor shall not exceed thirty percent (30%)
The total loading of a bay processor shall not exceed thirty percent (30%)
The total loading of an Operator Interface [MMI] processor shall not exceed fifty
percent (50%).
No disk associated with the CCU shall be busy with data transfers more than twenty
percent (20%) of the time.
No more than 8% of SubLAN bandwidth shall be in use at any time.
(Ethernet contention becomes a problem when bandwidth exceeds 20%.)
The SA system shall be provided with hardware and software measuring tools to enable
precise measurement or calculation of utilization for all system components.
- 86 -
Page7-SA-87
PM5-0403-WBX
4.1.4.2 Expansion and Upgrading
In order to accommodate system expansion beyond the ultimate size, MEA requires that the
system incorporate hardware and software capabilities that support operational and quality of
supply applications that are expected to emerge in the future. This concept requires that the
system be design in a manner that progressively allows older equipment to be replaced with new
equipment, so that system performance, maintainability, and reliability can be improved. This
specification refers to this as a planned migration strategy. In his bid, the contractor shall lay out
his vision for a credible migration strategy, supported by the system implementation that he
proposes.
The contractor shall indicate in his bid which portions of these technical specifications will be met
by existing products, which portions will require additional development, and when the various
pieces of additional development will be available. The contractor shall describe how the various
pieces are to be integrated to produce the desired system capabilities.
The system shall be designed to facilitate the future addition of station bay equipment, as follows:
1. The system hardware and software modules shall be scaleable, configurable, standard
types, employed in similar projects elsewhere. For future modifications or expansions,
this system structure shall be easily extendible through the addition of new components
of same or similar type. For new components, having the same functionality as the
original system, additional programming shall not be required; only the configuration shall
be adapted.
2. With appropriate training by the contractor, MEA personnel shall be able to make all
database and system changes to support system growth, using tools and procedures
supplied with the installed system and without regeneration of system software.
Bidders shall also identify how the supplied system can be modified to accommodate the following
system capability options:
1. Communications with each of two SCADA/EMS control centers, using independent
communication channels and separate sets of system configuration parameters, over the
existing SDH network using DNP3 protocol.
2. Autonomous supervisory control and automation of a remote distribution plant outside the
substation fence. For such applications up to thirty (30) typical items of an outside
distribution plant (e.g. primary and secondary system devices, such as load-break
switches, reclosers, voltage regulators, etc) would be connected via satellite IEDs
connected via fiber-optic cables to the SA system. Either IEC 61850 or DNP3
communications might be used, depending on technical and cost factors.
- 88 -
Page7-SA-89
PM5-0403-WBX
This document shall be used as the project planning reference for addressing
reliability, availability, maintainability, security, time parameters affecting
performance, and overall accuracy of the delivered systems. Although written for
telecontrol systems using serial communications lines, the broad content of this
document applies to the systems to be delivered under this technical specification. If
any aspects of this document’s content are contraindicated by IEC 61850, the latter
shall prevail in those instances.
2. IEC 61010-1: Safety Requirements for Electrical Equipment for Measurement, Control,
and Laboratory Use: General Requirements
The SA systems delivered under this technical specification shall conform to the
requirements of this standard.
3. IEC 61850: Communication Networks and Systems in Substations
This standard represents the principal communications architecture for the SA systems to
be delivered under this technical specification. It includes a network profile,
communication services, and information models. During Factory Acceptance Testing
and other times, MEA personnel or their agents may inquire how these safety
requirements have been applied to the delivered systems and request testing in specific
areas of interest.
IEC 61850-1: Communication Networks and Systems in Substations – Part 1:
Introduction and Overview.
IEC 61850-2: Communication Networks and Systems in Substations – Part 2:
Glossary
IEC 61850-3: Communication Networks and Systems in Substations – Part 3:
General Requirements
IEC 61850-4: Communication Networks and Systems in Substations – Part 4:
System and Project Management
IEC 61850-5: Communication Networks and Systems in Substations – Part 5:
Communication Requirements for Functions and Device Models
IEC 61850-6: Communication Networks and Systems in Substations – Part 6:
Configuration Description Language for Communications in Electrical Substations
Related to IEDs
IEC 61850-7-1: Communication Networks and Systems in Substations – Part 7-1:
Basic Communication Structure for Substation and Feeder Equipment / Principals
and Models
IEC 61850-7-2: Communication Networks and Systems in Substations – Part 7-2:
Basic Communication Structure for Substation and Feeder Equipment / Abstract
Communication Service Interface
IEC 61850-7-3: Communication Networks and Systems in Substations – Part 7-3:
Basic Communication Structure for Substation and Feeder Equipment / Common
Data Classes
IEC 61850-7-4: Communication Networks and Systems in Substations – Part 7-4:
Basic Communication Structure for Substation and Feeder Equipment / Compatible
Logical Node Classes and Data Classes
IEC 61850-8-1: Communication Networks and Systems in Substations – Part 8-1:
Specific Communication Service Mapping (SCSM) / Mappings to MMS (ISO 9506-1
and ISO 9506-2) and to ISO/IEC 8802-3
- 89 -
Page7-SA-90
PM5-0403-WBX
IEC 61850-10: Communication Networks and Systems in Substations – Part 10:
Conformance Testing
4. IEEE C37.1-1994: Definition, Specification, and Analysis of Systems used for Supervisory
Control, Data Acquisition, and Automatic Control
This standard shall be applied to any implementation involving field connections for I/O
points, such as BCU field circuits. It overlaps IEC standards 60870-2-1, 60870-2-2, and
60870-3, but addresses issues that the IEC standards may not address as well [e.g.
common mode voltage standoff for analog input signal processing, rejection of normal
and common mode voltages in analog input signal processing, rejection of false status
changes, time-tagging precision and time of application, change of status monitoring, and
change validation (i.e. digital signal filtering)].
5. IEEE C37.90.1-2002: IEEE Standard Surge Withstand Capability (SWC) Tests for Relays
and Relay Systems Associated with Electric Power Apparatus
6. IEEE C37.90.2-2004: IEEE Standard for Withstand Capability of Relay Systems to
Radiated Electromagnetic Interference from Transceivers
7. IEEE C37.111-1999: Common Format for Transient Data Exchange (COMTRADE) for
Power Systems
8. IEEE C37.115-2003: Test Method for Use in the Evaluation of Message Communications
between IEDs in an Integrated Substation Protection, Control, and Data Acquisition
System
9. IETF – RFC 542: FTP standard
- 90 -
Page7-SA-91
PM5-0403-WBX
4.2.3 CCU
- 91 -
Page7-SA-92
PM5-0403-WBX
1. The delay between the occurrence of a status event at the station and the appearance of
the corresponding Alarm Summary entry shall not exceed two (2.0) seconds.
2. Updates of measured or status values appearing on a display shall occur within two (2.0)
seconds of their being updated in the Local Repository. This shall be tested with values
that change once per second.
3. System time shall be shown on displays with a resolution of one (1.0) second and shall
be updated once per second.
System Restarts shall cause a major alarm to be generated. This status shall be mapped and
automatically sent to the SCADA/EMS control center.
System Restarts shall not clear system logs, which shall normally be kept in non-volatile memory
and archived on disk.
4.2.5 Communications
- 92 -
Page7-SA-93
PM5-0403-WBX
CCU IED: 50
Operator Interface [MMI}: 6
TDS: 4
- 93 -
Page7-SA-94
PM5-0403-WBX
Inverters -
DC/DC converter -
Nom. Input voltage: 125 Vdc
Input voltage range: -20% to +15% IEC 60870-2-1 Class DC3
Input earthing condition: Floating earth IEC 60870-2-1 Class EF
Input voltage ripple: < 5% IEC 60870-2-1 Class VR1
If a piece of equipment cannot accept 125 Vdc, it is acceptable to use 48 Vdc through provision of
a stand-alone 125VDC/48VDC converter.
The load on a power supply, converter, or inverter shall not exceed 70% of its rated power output
capacity. Power unit efficiency shall be 75% or higher.
- 94 -
Page7-SA-95
PM5-0403-WBX
4.3.3 Substation LANs
Operation of the Substation LANs shall comply with the IEC 61850 Ethernet profile using TCP/IP.
Substation LANs shall support 10/100 Mbps operation, with consideration of whether 1Gbps is
technically and economically appropriate.
All connections to Substation LANs shall be made using ST or SC or LC connectors. Unless
otherwise specified, the Substation LANs shall use multi-mode cable and be sheathed for
protection against abrasion and cuts. Fiber optic cable shall be terminated and routed according to
best industry practices. All materials shall be industry standard, commercially available, and
supportive of the open systems concept. A service loop shall be provided at connection points to
allow flexibility for future equipment upgrades.
The Substation LAN design shall not require any routine engineering administration or manual
reconfiguration to remedy an equipment failure or to facilitate failure recovery.
The Substation LAN shall be designed to ensure that, in the event of a single LAN cable or LAN
interface module failure, none of the SA system functionality shall be lost and at most one IED
server (e.g. BCU) shall be isolated from the CCU.
4.3.4 CCU
The CCUs shall be a 19” rack type, industrial standard, computer system and shall be capable of
operating under the specified ambient conditions for indoor equipment. The CCU shall conform to
UL approved safety standards and be certified to FCC Class B. The statistical MTBF for the CCU
shall be not less than 50,000 hours, when analyzed at 75% loading and 25°C.
The CCU shall be manufactured by IBM, Dell, Hewlett Packard, or an equivalent source approved
by MEA. Alternatively, an SA system supplier’s computer system hardware is also acceptable if it
is designed for use in the electrical substation environment, designed for this purpose, and
otherwise meets all requirements. Full repair services shall be available in THAILAND for the
selected equipment.
Aside from hardware requirements, the equipment shall incorporate an acceptable real-time
operating system and other required system software. Refer to the Software Requirements clause.
The CCU shall be equipped with certain interfaces that enable data and file communication
exchanges with other SA system components:
1. Dual Ethernet ports for connection to the SubLANs.
The CCU shall connect to both Substation LANs through separate fiber optic interfaces.
Use of the two connectors is described under the ‘Dual Substation LAN Connections’
heading.
2. A serial maintenance port for connecting to a portable Operator Interface [MMI] unit, even
though such connections will usually be made via a SubLAN.
The portable MMI unit shall support configuration, testing, commissioning, operational
monitoring and control, and troubleshooting of the CCU as described elsewhere in this
technical specification.
3. USB ports for connection to a portable flash memory drive (i.e. thumb drive), Zip drive, or
hard drive.
- 95 -
Page7-SA-96
PM5-0403-WBX
4.3.5 Operator Interface [MMI]
The MMI unit shall conform to UL approved safety standards and be certified to FCC Class B. The
statistical MTBF for the MMI unit shall be not less than 50,000 hours, when analyzed at 75%
loading and 25°C. The equipment shall be capable of operating under the specified ambient
conditions for indoor equipment.
The MMI unit shall be manufactured by IBM, Dell, Hewlett Packard, or an equivalent source
approved by MEA. The equipment shall be warranted to work in MEA’s electrical substation
environments. Full repair services shall be available in THAILAND for the selected equipment.
The MMI unit shall connect to both Substation LANs through separate fiber optic or coppper media
interfaces, using ST or RJ-45 connectors. Use of the two connectors is described under the ‘Dual
Substation LAN Connections’ heading.
Aside from hardware requirements, the equipment shall incorporate the required system software.
Refer to the Software Requirements clause.
Keyboard USB standard keyboard with a minimum of 104 keys with Thai/English key labels. Function keys
required for dedicated MMI functions.
Operating System Genuine Windows® 7 Professional 64-bit with Thai language support and latest service pack
Accessories Recovery CDs and operating system
Microsoft Wheel Mouse™ (USB Interface)
Mouse pad
Speaker/sound card for audible alarming and for use with future functions
Real-time clock, calendar with battery backup, and support for CCU time-synchronization
Auto-restart capability
2 @ spare expansion PCI slots for future expansion
Diagnostics, on-site installation, and validation
- 96 -
Page7-SA-97
PM5-0403-WBX
4.3.5.2 MMI Units based on Notebook PCs
MMI units based on a notebook PC shall meet the minimum specifications shown in Table 5,
unless the contractor believes that the specifications are not sufficient for meeting requirements or
that the specifications can be better oriented to available, mainstream products. In either case, the
contractor shall submit a counterproposal to MEA, accompanied by reasons for the proposed
changes.
Processor Intel® Core™ i7 Mobile Processor Family with Turbo Boost Technology
RAM DDR3 SDRAM (1333 MHz), two slots supporting dual-channel memory, 2048 MB SODIMMs, up
to 8192 MB total
Hard Drive 500 GB 7200rpm SMART SATA II HDD
Other Storage Blu-ray ROM DVD+/-RW SuperMulti DL LightScribe Drive
Display 14-inch diagonal LED-backlit HD+ Anti-Glare (1600 x 900 resolution)
Video Card ATI Mobility Radeon™ HD 540v with 512MB dedicated video memory or equivalent
Ports 1 @ 9-pin RS-232C port
1 @ 25-pin bidirectional ECP and EPP (Parallel port)
3 @ Universal Serial Bus ports (USB 2.0)
1 @ 15-pin VGA port
1 @ Ethernet LAN jack: 10/100 Base TX (RJ45) + 100 Base-FX fiber optic interface (ST) or
adapter required
1 @ RJ11 phone jack
1 eSATA/USB 2.0 combo port
1 docking connector
Network Interface Dual Fast Ethernet NIC (10/100/1000Mbps) communications adapter with all necessary facilities
& for Ethernet TCP/IP networking per the IEC 61850 network profile specifications, including
Communications compatible TCP/IP stack. (Note: Two independent ports required with same IP address
- 97 -
Page7-SA-98
PM5-0403-WBX
4.3.6 Time and Date Server
One (1) GPS satellite disk and receiver shall be provided for time synchronization purposes at
each SA system station site. The physical connection and installation of the GPS hardware
components shall simple, not requiring any RF or GPS expertise. Any software for configuring or
operating the unit shall be provided with the system.
A GPS antenna unit with remote power supply and supporting cable shall be provided. The
antenna shall be dc-insulated with dielectric strength of 1,000 V. The interface between the GPS
receiver and the GPS input of the TDS module shall be a standard serial interface equipped with
an optical-to-serial converter (or equivalent interface with isolation, approved by MEA).
The GPS clock receiver shall withstand operating temperatures up to 70°C and humidity up to
100% non-condensing. The contractor shall supply all necessary cables, connectors, accessories,
and mounting hardware needed to support positioning and adjustment of the antenna.
At a MINIMUM the GPS clock receiver shall require no more than one (1) minute to synchronize,
using a known receiver position and valid almanac, or twelve (12) minutes if this data is not known.
The following specifications shall be met for the time-synchronization subsystem:
1. The accuracy of the GPS clock receiver shall be better than ±250 nanoseconds
immediately after synchronization and ±2 us after 20 minutes of operation (in the absence
of further synchronization).
If the GPS signal is temporarily lost, the GPS clock receiver shall continue to provide
precise time measurements to the TDS module based on its own low-drift time-keeping,
per the drift specification stated directly above.
2. When the SA system is synchronized using SCADA/EMS control center time, the
maximum allowable time synchronization error (i.e. deviation from absolute time) shall be
not more than 20 ms plus the propagation delay in the SDH network.
The default delay between loss of GPS signal and the use of SCADA/EMS control center
time shall be four (4) hours, unless the CCU determines that the time provided by the
TDS module is unreasonable for the elapsed time (for example, the TDS module may
have failed). In that case, the CCU shall immediately start using the SCADA/EMS control
center time for time synchronization. The default delay may be changed via a user-
defined parameter.
- 99 -
Page7-SA-100
PM5-0403-WBX
4.3.10 Printing Facilities
The contractor shall provide printers (for the stations that require them) and all necessary
installation components (e.g. LAN interfacing, cabling, connectors). Printers shall be located in
close proximity to the Operator Interface [MMI] units.
Table 6 summarizes the current I/O point types used by MEA and whether there is support for
using each type of point within IEC 61850. Fact is, the IEC 61850 communications standard
supports a broader range of capabilities than has been offered by traditional practice.
What follows is a description of each point type and how it is applied within MEA’s power delivery
system. This information strongly correlates with the content of IEC 60870-3, concerning interfaces
used in telecontrol equipment and systems, although it is a rather obtuse standard to apply. For the
purposes of this technical specification, the contractor’s bid response shall describe in detail how
the proposed equipment meets these requirements. Equipment shall be examined and tested
during Factory Acceptance Tests to ensure these requirements are adequately met.
Supported by
Point Type IEC 61850?
Analog inputs
AC-AI: AC Analog Inputs Yes
DC-AI: DC Analog Inputs Yes, but information is limited by the loss
of knowledge due to DC representation
Digital Inputs
Single contact, 2-state Yes (including SOE)
Double-contact, 2-state Yes (including SOE)
MCD: 2-state with memory Yes (including SOE)
Digital Outputs
ON/OFF Device Control Yes
Raise/Lower Control Yes
Set-point Control Yes
Variable-Length Control Yes
Direct-Operate Control Yes
(and pulse output)
- 100 -
Page7-SA-101
PM5-0403-WBX
4.3.11.1 Analog Inputs
The following descriptions apply to BCU servers that acquire and process analog input values.
MEA has traditionally used DC transducers for acquiring values, but going forward, that approach
shall only be used in exceptional cases, where other approaches are not convenient or feasible or
where economic considerations dominate. For the systems to be delivered under this technical
specification, AC analog inputs are the strongly preferred approach. Once protective relays are
added to these systems, measurement values shall be acquired from those devices.
- 101 -
Page7-SA-102
PM5-0403-WBX
4.3.11.1.2 DC Analog Inputs (DC-AI)
BCU servers shall support DC inputs from linear transducers and other DC instrument sources.
These shall be used where CT and PT inputs are not available, where the measurement does not
represent power system data, or where economics dictates the choice.
For this project, the interfacing to plant parameters, such as transformer temperature values,
transformer tap position, etc shall use a live-zero transducer of 4 to 20mA value. The transducer (if
not already installed in a current system) shall come factory-fitted with precision scaling resistors,
conform to IEC 60688-2 standards, and be approved by MEA. It shall be possible to remove or
replace scaling resistors at site without any resoldering.
The DC Analog Input (DC-AI) Sub-Module shall be configurable to accept DC inputs in the
following signal ranges:
Unipolar Voltage : 0-1V, 0-2.5V, 0-5V, 1-5V
Unipolar Current : 0-10mA, 0-20mA, 4-20mA
Bipolar Voltage : ±1V, ±2.5V, ±5V
Bipolar Current : ±10mA, ±20mA
It shall be possible to adapt each individual DC analog input terminal to any of the above input
ranges with minimal difficulty. Programmable ‘gain factor’ shall be employed to enable a range of
current inputs to be used.
The DC Analog Input (DC-AI) Sub-Module shall support differential inputs to provide maximum
noise immunity and shall exhibit common-mode noise rejection characteristics of at least 85 dB
between 0 to 50 Hz and normal-mode (differential) rejection of at least 48 dB at 50 Hz.
The Overall Accuracy of the DC Analog Input (DC-AI) Sub-Module, from input terminal to digital
value, shall be at least ±0.2% of full scale for current and voltage inputs, over the full temperature
operating range. For the definition of accuracy, “FULL SCALE” shall mean the measurement span,
which is the difference between maximum positive and negative readings.
The DC analog processing shall use at least a 12-bit-plus-sign A/D converter.
For current inputs, the input impedance shall be such that the voltage across the input terminals
does not exceed 5 V with full-scale input current [ IEC 60870-3 Table 12 ], and no damage shall
occur for sustained 100% overcurrent. For voltage inputs, the input impedance shall not be less
than 200kΩ per volt [ IEC 60870-3 Table 12 ].
- 102 -
Page7-SA-103
PM5-0403-WBX
A soft-filtering technique shall be provided to eliminate noise effects and false-change detections,
and to ensure that a changed status signal level persists for a user-defined, minimum period of
time before being accepted as a valid change. The user-defined parameter shall be settable
between 10 and 100ms. Note that time-stamping is to be performed at the initial transition of the
change, but that the change shall only be accepted if validated through the filtering process. The
precision of time-stamps must comply with the specification stated under the ‘Time
Synchronization and Time-Stamping’ heading. Hard-filtering techniques (using passive electrical
components) are discouraged, as they inevitably distort time-stamping values.
The wetting voltage used for input contacts shall be the same as the primary control voltage (125
Vdc from station battery) used within the control cabinet from which the digital input point is
acquired.
Note that it is an MMI planning issue as to whether any digital state is to be considered abnormal,
whether any state is to be classified as an alarm, and if an alarm, whether major or minor. This
interpretive information shall be part of the MMI unit’s configuration, and it is not part of an BCU
server’s responsibilities.
The following types of digital input points shall be supported and shall be configurable without the
requirement for different hardware.
- 103 -
Page7-SA-104
PM5-0403-WBX
The type of relay output contacts used shall be normally-open (Form A) and they shall be able to
make and break at least 5A inductive (L/R ≤ 40 ms) at 125 Vdc. All individual digital output points
shall be equipped with an individual BCU to confirm the operation (i.e. energization) of each control
relay coil. For heavy-current circuits (e.g. TRIP/CLOSE circuits for circuit breakers), the output
relay may be integrated within the BCU server; alternatively, it may be provided by the contractor
as an interposing relay. These interposing relays shall be mounted and wired as an integral part of
the BCU server’s enclosure assembly and shall be included in the scope of supply. The interposing
relays shall be also able to make and break at least 5A inductive (L/R ≤ 40 ms) at 125 Vdc.
Where individual control outputs operate existing circuits that require lower contact ratings, the
contractor may propose using lower power-handling relays that are integral to the BCU server. In
such cases, the contractor shall be responsible for ensuring that the current handling
characteristics of the relay are adequately rated to match the existing interface circuit.
All modules providing digital output points shall be equipped with a control disable switch to
disconnect power from control relay contacts, thereby disabling control of equipment. Variations of
this approach may be used if approved by MEA.
An auxiliary contact shall be provided on each control disable switch. This auxiliary contact shall be
wired to one (1) digital input to provide a remote indication of the switch’s status. These indicators
shall be included in the specified point counts.
Each Digital Output (DO) Sub-Module shall be equipped with a dummy breaker (latching relay) as
a test indication for control functionality.
One (1) pair of control outputs in each equipped Digital Output (DO) Sub-Module shall be used to
handle TRIP and CLOSE commands from a communicating host (e.g. SCADA/EMS or MMI) and
two pole trip one pole close of control outputs shall be used to handle TRIP and CLOSE
commands from protection functions. The status of the relay shall be acquired by the BCU server
as a digital input point for transmission to the communicating host.
The BCU servers shall support the following types of digital output points in order to support control
actions initiated by the communicating host or, where applicable, the integrated programmable
logic facilities of the BCU servers or SCADA/EMS software applications:
- 104 -
Page7-SA-105
PM5-0403-WBX
4.3.11.3.1 ON/OFF Device Control
The DO Sub-Module shall perform ON/OFF control actions using complimentary pairs of contact
outputs. One contact output shall perform the “ON” control action, and a second output contact
shall perform the “OFF” control action.
The DO Sub-Module shall be designed such that only one output of a complimentary pair can be
activated at a time.
These control commands shall use the SBO control procedure.
- 105 -
Page7-SA-106
PM5-0403-WBX
It is preferred that BCU servers supporting direct-operate (pulse output) control functionality use
the same module as used for secure control. In such a case, the module is able to operate in either
mode, according to operational parameters associated with a control point. The direct-operate
capability, however, may be provided by a different module.
All control outputs (secure and direct-operate) shall be equipped with individual BCUs to confirm
the energized-coil status of each control relay.
- 106 -
Page7-SA-107
PM5-0403-WBX
3. Time synchronization functions.
4. Field data acquisition and pre-processing functions.
5. Control of primary system devices.
6. Local Repository functions.
7. ‘SCADA/EMS control center’-requested functions.
8. DNP3 communication services and functions
9. Bay- and station-level interlocking functions.
10. System log functions.
11. Configuration capabilities supporting –
IEC 61850 SCL configuration
Operator templates and procedures for setting and modifying operational
parameters
Proprietary configuration of devices
Programmable logic and other applications
12. Use of programmable logic and other application functions
(but not including the application code itself)
13. Generation, editing, and maintenance functions for –
Displays and reports
Programmable logic and other applications
DNP database
14. Diagnostic functions
15. Archiving and recall functions
16. File-related functions
17. Security functions
18. Use of displays
19. Use of system peripherals (e.g. monitor, printer, keyboard, mouse)
20. Any other functions associated with device or subsystem responsibilities -
CCU functions
SubLAN or CGW functions
Operator Interface [MMI] functions
TDS functions
BCU functions
- 107 -
Page7-SA-108
PM5-0403-WBX
4.4.2 General Requirements
The following are general comments on MEA’s software expectations for the systems to be
delivered.
- 108 -
Page7-SA-109
PM5-0403-WBX
4.4.2.5 Buffer Overflows
System software shall identify and alarm any buffer or FIFO overflows. If these occur during
system operation, they represent system design deficiencies. They indicate that some aspect of
system operation or loading has been underestimated. It is imperative that these kinds of problems
be identifiable so that they can be fixed. The occurrence of such problems damages system
reliability.
IED products (e.g. protection relays, BCUs) that support IEC 61850 over Ethernet will include this
software. If the contractor integrates IEDs based on PC systems (e.g. CCU, Operator Interface
[MMI] units), he shall ensure this software is properly integrated and tested. This software is
typically obtained from one of three principal suppliers who work closely with the electric utility
industry in support of the IEC 61850 communications standard.
- 109 -
Page7-SA-110
PM5-0403-WBX
to also install them in the corresponding IED Server View and in any Proxy Client View mapped to
the same information. Refer to Figures 2 and 3.
- 110 -
Page7-SA-111
PM5-0403-WBX
4.4.7.1 Binary Command Operation
The SA system shall support Control Relay Output Blocks (Object 12, Variation 1). With special
emphasis: all DNP binary command operations shall be performed via Control Relay Output Blocks
(Object 12, Variation 1). Use of Write (Function Code 2) for this purpose is not permitted.
4.4.7.2 Time Synchronization
‘Delay Measurement’ (Function Code 23) on ‘Time Delay Fine’ (Object 52 Variation 2) shall be
supported for synchronizing SA system time with the SCADA/EMS control center, should the GPS
capability fail.
4.4.7.3 Data Point Configuration
For the DNP protocol, the following shall be configured and modified on a point basis: (1) class, (2)
variation, and (3) point address.
4.4.7.4 Data Class
The SA system shall support the assigning and re-assigning of data objects to classes dynamically
(i.e. during run-time). An assign class (Function code 22) of all class objects shall be supported by
the SA system.
4.4.7.4 Unsolicited Response
Where required for the data in Appendix E, the SA system shall support ‘Unsolicited Response’
(Function Code 130).
The SA system must accept commands from the SCADA/EMS control center in order to enable
and disable unsolicited responses by event class (using object headers with group number 60)
even if the device does not have class 1, 2 or 3 data when the request arrives.
The SA system shall support end-use configuration of at least following parameters:
Regardless of the cause, when the SA system is reset or restarted, all of its points must be
disabled form initiating unsolicited responses. The SA system shall not report unsolicited events
until its points are explicitly enabled by a request from the master, and then only data from the
enabled points are permitted to be included in the response.
When the SA system receives a function code DISABLE_UNSOLICITED request to disable
initiation of unsolicited responses from points identified by the object headers in the request, it
must no longer transmit any data via an unsolicited response for those points. The request also
cancels any pending expectation of confirmation for an unsolicited response that has already been
sent from the outstation, but for which confirmation has not yet been received.
The SA system must not lose or discard event data as a result of receiving the
DISABLE_UNSOLICITED function code; the SA system must report events if they are requested in
a master poll for those points that were disabled from reporting in unsolicited responses.
The response to enable unsolicited and disable unsolicited requests are null responses.
- 111 -
Page7-SA-112
PM5-0403-WBX
4.4.8 Protocol Analyzer Software
The contractor shall provide test set software for DNP3 protocol and the IEC 61850
communications architecture. The test set software is for testing and monitoring system
communications capabilities, enabling the user to diagnose problems and maintain the system. All
necessary interfaces and facilities (e.g. cables, connectors) shall be provided for use on both
notebook and desktop PC platforms.
The DNP3 protocol analyzer software shall be capable of emulating both master and slave and
supporting DNP Levels 2 and 3. The software shall be capable of listening to both the master and
slave concurrently. Operation over a serial port or Ethernet / IP shall be supported. The software
shall support multiple frame message processing and the full range of objects, variations, function
codes, and application service data units (ASDUs).
In support of the IEC 61850 communications architecture, the analyzer shall include stack and
related communications software that enable the unit to sit on the network and act as an initiating
or receiving network node. The user shall be able to set the network address and data link address
as MAC address, enabling the unit to operate in lieu of a system node taken off-line. The analyzer
shall be able to record and analyze traffic at any of the various stack levels of various nodes in the
same time, particularly at the applications level. Application data shall be appropriately presented
as text and numbers, so that the user can interpret results in a manner consistent with use of the
information models. Similarly, the user shall be able to set up a message with a template and issue
it to another designated node in client-server mode. Alternatively, the analyzer shall be able to
broadcast messages in GOOSE mode. All control block capabilities and communication services
shall be supported.
The protocol analyzer software shall provide dynamic data display during monitoring and
‘simulation mode’ test sessions(e.g Master, Slave). It shall be capable of continuously monitoring
communications without interfering with normal operation. The message data shall be displayed in
a format that can be easily interpreted by the user and also can be displayed in the raw format if
the user request. Selection of number base (e.g. decimal, hexadecimal, octal and binary) shall be
also available. The protocol analyzer software shall allow the user to store all data resulting from
communication tests into memory (e.g. disk, flash) for subsequent analysis.
- 112 -
Page7-SA-113
PM5-0403-WBX
1, IEC 60870-2-2, IEC 61850-3, IEEE C37.1-1994, IEEE C37.90.1-2002, and IEEE
C37.90.2-2004.
Type-testing shall be performed by internationally accredited testing laboratories that are
independent of the bidder and equipment manufacturers. Tests performed by an in-house
laboratory are not acceptable.
All test reports shall be submitted to MEA within 180 (one hundred and eighty) days after
the Effective Date of Contract. The detailed testing facilities and procedures, including
schematic diagrams and photographs, if any, shall also be included.
The type-testing must be performed on the same equipment models and configurations
as proposed for the SA systems.
Refer to the ‘Compatibility Test Criteria (for Type-Testing)’ heading.
2. IEC 61850 Certification
Test certification shall be submitted for all proposed IEDs, configuration tools, and test
tools used to fulfill IEC 61850 communication requirements. The certificates shall confirm
compliance with mandatory aspects of the standard and any non-mandatory aspects
claimed by the manufacturer.
3. DNP3 Certification
A DNP3 Level 2 conformance certificate is required. Beyond that, the contractor shall
demonstrate the successful implementation of additional Level 3 capabilities required for
implementation of the delivered systems.
4. Factory Acceptance Testing
The contractor shall conduct a Factory Acceptance Test that is interactively witnessed
and critiqued by selected MEA personnel and/or MEA’s agent. The test objectives, upon
which a subsequent test plan shall be based, shall be recommended by MEA or its agent,
reviewed by the contractor, and finally approved by MEA. Thereafter, the contractor shall
submit a test plan with supporting procedures for MEA’s approval. These tests shall be
conducted at the contractor’s facilities, before delivery of any portions of the system.
Exceptions must be approved by MEA in writing. The approved test objectives and test
plan shall be included in the Work Statement, following award of contract and adequate
review of the technical proposal.
The test objectives and test plan shall include integration issues (e.g. interfaces),
functional issues, and performance issues. In general, compliance issues shall not be
included where type-testing or other certification has addressed those issues, unless a
reason arises to doubt their validity.
The Factory Acceptance Test shall use sufficient equipment to reasonably represent
actual system behavior at site. Circuit breaker simulators, Doble (or equivalent) PT and
CT simulators, and monitoring equipment shall be included to support visual confirmation
of test results. The contractor shall submit in writing his rationale as to how the proposed,
integrated system test plan and set-up fulfills the test objectives.
MEA, its agent, and the contractor shall note variances as testing proceeds. Descriptions
of these variances shall be entered into a Test Log kept by MEA and shared with the
contractor. The contractor shall respond to each variance in writing, detailing the problem
and the specific, proposed solution. These responses shall be submitted to MEA for
review and approval before the proposed solutions are implemented by the contractor.
- 113 -
Page7-SA-114
PM5-0403-WBX
5. Site Testing
Site testing shall be performed at each site to ensure the installed and configured system-
at-large and individual components perform as intended. With the problems identified
during the Factory Acceptance Test already resolved, test objectives at this stage shall
focus on verification of complete-system functionality and performance. The test
objectives shall be proposed by MEA or its agent, reviewed by the contractor, approved
by MEA or its agent, and specified in the Work Statement. The contractor shall submit a
site test plan with supporting procedures for MEA’s approval, and this, too, shall be
included in the Work Statement. Both functional and performance testing shall be
included. The successful testing of each aspect of system behavior shall be witnessed by
MEA personnel and/or their agent. Testing at each site shall be concluded with a
successful 100-hour test (i.e. no failures and no discrepancies). The Test Log procedures
used during Factory Acceptance Testing shall be used here as well. Finally, each system
shall be commissioned and placed into service. As part of the contract, the contractor
shall successfully and expediently resolve any problems that arise during the first six
months of station service.
MEA’s failure to detect or recognize a problem during Factory Acceptance Testing, Site Testing, or
at any other time shall not release the contractor from the responsibility of (1) correcting problems
that are eventually recognized or of (2) producing and delivering reliable systems that perform in
the manner intended by these specifications. The contractor shall assist MEA and its agent with
‘tightening’ these technical specifications where necessary.
- 115 -
Page7-SA-116
PM5-0403-WBX
Equipment Applicability
Severity
Applicable Level or Control DC AC
Test Class Description Standard Class Comments Telecom & Signal Power Power
o o
Climatic Operating temperature IEC 60068-2-2 ---- 0 to 55 C, 20 C/hr, 96 hrs (indoors) x x x x
o o
0 to 70 C, 30 C/hr, 96 hrs (outdoors)
o
Relative humidity IEC 60068-2-3 ---- 40 C, 5 to 95%, 10 days (indoors) x x x x
o
40 C, 0 to 100%, 10 days (outdoors)
o o
---- 25 C to 55 C at 95% RH (indoors); six-cycle test x x x x
Table 8: Insulation Withstand Tests (No damage permitted to pass; performed on de-energized equipment)
Equipment Applicability
Severity
Applicable Level or Control DC AC
Test Class Description Standard Class Comments Telecom & Signal Power Power
Dielectric Insulation resistance IEC 60870-3 ---- Insulation resistance to earth > 1 MΩ at x x x x
(Table 7) 500 Vdc
Hi-pot IEC 60060 ---- Inputs with direct connection to items of substation x x x x
equipment: Shall withstand 2kVrms to earth for 60s.
---- Across open relay contact circuits: Shall withstand x x x x
1kVrms to earth for 60s.
Impulse Common-mode IEC 60060 ---- 2kV test voltage (1.2/50us waveform; 0.5J) x x x x
Differential mode IEC 60060 ---- 1kV test voltage (1.2/50us waveform; 0.5J) x x x x
- 116 -
Page7-SA-117
PM5-0403-WBX
Table 9: EMC Immunity & Emission Tests [2 sheets]
(To pass immunity tests, no improper operation is permitted)
Equipment Applicability
Severity
Applicable Level or Control DC AC
Test Class Description Standard Class Comments Telecom & Signal Power Power
Conducted Voltage & current surges: IEC 61000-4-1 ---- Either the IEC or IEEE test may be performed; x x
Transient & 100/1300us compliance with both is preferred.
High-Freq (Test A.2.1)
Disturbance
Immunity Surge immunity: 1.2/50us IEC 61000-4-5 4 4kV open circuit test voltage / short circuit current x x x
voltage & 8/20us current
(Test A.2.2)
Fast transient bursts IEC 61000-4-4 4 x x x x
(Test A.2.3) or
IEEE C37.90.1 ----
Damped oscillatory IEC 61000-4-12 3 Either the IEC or IEEE test may be performed; x x x x
waves or ---- compliance with both is preferred.
(Test A.2.5) IEEE C37.90.1
Surge immunity: IEC 61000-4-5 4 x
10/700us voltage
(Test A.2.8)
- 117 -
Page7-SA-118
PM5-0403-WBX
Equipment Applicability
Severity
Applicable Level or Control DC AC
Test Class Description Standard Class Comments Telecom & Signal Power Power
ESD Electrostatic discharges IEC 61000-4-2 3 6kV test voltage for contact discharge tests; 8kV for air x x x x
Immunity (Test A.3.1) discharge tests
Magnetic and Radiated E/M field IEC 61000-4-3 4 Field strength of 10V/m over freq range 80 to 1000MHz x x x x
E/M Field disturbance (Test A.5.1) (80% AM; 1kHz)
Immunity
Power frequency IEC 61000-4-8 5 100 A/m continuous; x x x x
magnetic field 1000 A/m for 3s pulse
(Test A.4.1)
Damped oscillatory IEC 61000-4-10 4 x x x x
magnetic fields
(Test A.4.3)
Other 50Hz interference IEC 61000-4-16 ---- Tests immunity to power freq voltage interference on x x
Immunity control & signal lines.
Tests Common-mode test: 500Vrms for 2s
Differential-mode test: 250Vrms for 2s
DC voltage on control IEC 61000-4-16 ---- x
and signal lines
- 118 -
Page7-SA-119
PM5-0403-WBX
- 119 -
Page7-SA-120
PM5-0403-WBX
5.2 Training Courses
The contractor shall recommend a menu of training courses for the purpose of preparing MEA
personnel to configure, operate, program, and maintain the delivered systems. It is understood that
MEA shall have no programming or configuration responsibilities for the systems under contract,
but they may well need these skills after system deliveries.
MEA and the contractor shall come to agreement in the Work Statement regarding which courses
shall be presented prior to the Factory Acceptance Tests, so that MEA has a solid foundation for
witnessing and evaluating the structure and results of tests.
- 120 -