Operational Technology (OT) Software-Defined Networking (SDN)

Meet IEC 61850 system demands with purpose-engineered Ethernet networking

To ensure uninterrupted protection, IEC 61850-based systems need a robust network—one that delivers high-speed failover, manages high volumes of traffic, and mitigates cybersecurity vulnerabilities. Ethernet switches intended for IT environments make that difficult to accomplish.

Our OT SDN solution is purpose-engineered for critical infrastructure and meets IEC 61850 system demands. It employs a deny-by-default architecture that inherently eliminates many security vulnerabilities. Through pre-determining all primary and backup flows and eliminating unnecessary network traffic, OT SDN ensures bandwidth availability and delivers high-speed failover that meets GOOSE and Sampled Values (SV) protocol requirements.

OT SDN also simplifies data collection for NERC CIP compliance.

High-Speed Network Healing

All network flows—including primary and backup paths—are preconfigured in the OT SDN controller. This allows OT SDN to respond rapidly to a link failure, rerouting traffic immediately without waiting for network discovery or convergence. With this approach, OT SDN is able to fail over in less than 0.1 milliseconds—100 times faster than traditional networks—which is critical for reliable IEC 61850 communications.

Streamlined NERC CIP Compliance Reporting

NERC CIP compliance reporting requires that you know all devices and conversations happening on your network. With OT SDN, this information is already at your fingertips, because it is the same information that was needed to configure the network. For this reason, OT SDN simplifies the data collection process to minutes instead of hours or days.

Precise Traffic Management

On traditional networks, IEC 61850 communications generally behave like broadcast traffic—each device transmits all data to all other devices. This results in a lot of unnecessary traffic, which can limit bandwidth availability and degrade network performance. So instead, OT SDN is engineered for targeted multicast traffic—allowing you to specify exactly which messages are sent to which devices.

Cybersecure Architecture

Because OT SDN has predefined network flows, it doesn’t rely on traditional features like MAC tables or the Rapid Spanning Tree Protocol (RSTP). By removing those features, OT SDN eliminates numerous cybersecurity vulnerabilities, such as MAC flooding and table poisoning.

OT SDN also strengthens cybersecurity by employing a deny-by-default architecture—in which communications are only forwarded if they match a strict set of predefined rules. This provides an additional layer of defenses that prevents malware or other unauthorized traffic from traveling within the substation LAN.

Flexible Mounting Options

To support a greater range of applications, OT SDN is now offered with two different Ethernet switches—the new DIN-rail- or surface-mounted SEL-2742S switch and the rack-mounted SEL-2740S switch. Both switches are designed with durable materials to withstand harsh environments and extreme temperatures.

Learn more about engineering a better network with OT SDN—
request a follow-up from your local SEL sales representative today.

Request a Follow-Up