SEL Sampled Values (SV) Process Bus Solutions

Merging units are installed next to primary equipment, such as within breaker control cabinets, to perform several functions:

• Convert analog voltage and current measurements to IEC 61850-9-2 SV data.
• Digitize additional signals, such as the breaker status, via publication of GOOSE messages.
• Perform control actions upon receipt of GOOSE messages from protective relays.

If process bus communications are lost, intelligent merging units provide backup protection and control functions. When SEL relays are used as intelligent merging units, they also provide information-rich event records and Sequential Events Recorder (SER) data for troubleshooting and system restoration.

Process bus data are communicated via fiber-optic cables and time-synchronized using PTP.

In an IEC 61850 SV-based process bus, relays perform protective functions and other control actions based on the data streams they subscribe to as well as direct communication from other devices. 

Relays send communications-assisted protection, interlock, and control signals to merging units and other relays.

Merging units transmit digital data streams to many devices using an Ethernet network and to specific devices using direct connections.

While SV-based process bus systems most commonly use networked communications, direct-connection topologies also meet IEC 61850 network guidelines and are a desirable option in certain applications.

Protective relays and other IEDs subscribe to data streams from and exchange GOOSE messages with one or more merging units. Relays also communicate with other devices using GOOSE, Mirrored Bits communications, synchrophasors, and other common protocols to coordinate protective actions and share data over station bus and wide-area communications.

High-Performance Networks

In addition to satisfying rigorous privacy, security, and performance requirements, process bus networks must have high bandwidth and fast recovery times to achieve fast tripping. The Gigabit data transfer capability enables the subscriber relay to exchange data with a large number of merging units.

Duplicate networks and PRP are used to improve communications availability, while VLANs segment traffic and improve performance.

Traditional PRP duplication technology increases the risk of nonalarmed data flow faults because it masks failures and introduces “dangerous undetectable faults,” as defined by IEC 61508. SEL PRP enhancements detect (and self-alarm for) message failure, prompting corrective action, reducing the risk of Ethernet faults, and improving reliability.

SEL SDN is an Ethernet technology specifically engineered to meet the demands of IEC 61850 systems. It features failover times of typically better than 0.1 ms, plus the security of a deny-by-default architecture, automated network configuration, and real-time situational awareness. SDN applications also support duplicate networks and PRP.

Data transmitted across the process bus system must be time-aligned to enable protection logic to generate accurate and timely trip and control signals. Networked process bus systems use satellite clocks and protocols like PTP for distributed time synchronization.

An IEC 61850 SV-based system often needs to collect more than current and voltage measurements and binary statuses to perform protection actions. Many SEL protection, control, and monitoring devices collect and digitize ancillary data, such as temperature, alarms, and control actions, to supplement the protection data digitized by other merging units. SEL offers devices that support traditional CT/PT, Rogowski coil, and digital messages to connect to a wide variety of protection, control, and monitoring sensors.

In addition to its protective functions, there are other important factors that must be considered when designing and implementing a system.

Various protocols allow communication between digital devices and between process bus and station bus networks. Using protocols defined in the IEC 61850 standard, as well as IEC 61158 EtherCAT, synchrophasors, Mirrored Bits communications, and SEL-2600 RTD Module communications, helps ensure that devices from various manufacturers function together. (EtherCAT® is a registered trademark and patented technology, licensed by Beckhoff Automation GmbH, Germany.)

SEL relays in a SV-based system also exchange information with TiDL-enabled relays and other devices using common protocols. This capability allows substations to integrate process bus systems with a variety of station bus protocols, such as DNP3, FTP, Telnet, HTTP, IEC 61850 MMS, and GOOSE.

Cybersecurity is a vital consideration in process bus systems. However, because OT and IT systems have different purposes, the cybersecurity solutions for one system may not be appropriate for another.

Preserve System Availability With Privacy Methods

Networked IEC 61850-based solutions use privacy methods, such as direct connections and SDN, to preserve the availability of data and restrict access.

Direct connections provide privacy by physically isolating communications paths. Private links between devices enable immediate detection of intentional or unintentional disturbances to data flows, so that devices issue alarms and perform automatic corrective action to maintain security.

SDN solutions enhance cybersecurity by identifying and denying all communications that do not match a predefined set of rules. Both SDN and traditional Ethernet networks can use security gateway devices, which provide features like VLANs, VPNs, firewalls, malware detection, password management, and user-based access permissions to restrict access to critical networks.

Secrecy Methods Reduce Availability

Network connections that are not engineered to maintain privacy often require coordinated secrecy methods like TLS within each device to obscure data, generally by encryption, making them unreadable to other devices and unauthorized users. This solution is undesirable in secondary systems because the additional processing load and time required to encrypt and decrypt data can slow protective action. Encryption also makes data unavailable to engineers, technicians, other devices, and systems that lack the appropriate decryption capabilities. 

In addition, the increased frequency of firmware updates required to stay current with secrecy technologies poses a serious obstacle for maintaining system availability, requires that devices be updated simultaneously, and introduces new supply chain and personnel vulnerabilities. Unintended consequences that affect protection reliability include device down time during firmware upgrades to address security vulnerabilities and a lack of communications among devices until they are all upgraded to the same firmware version. 

From our knowledge base:

• Do IT Cryptographic Secuirty Controls Work for Energy Systems?
• Defense-in-Depth Security for Industrial Control Systems

As part of a digital secondary system implementation, SV-based process bus systems are as simple or sophisticated as an application demands, but many important factors must be considered in designing the system. Partner with SEL Engineering Services to create a turnkey solution that addresses the needs of your system and puts you in control. Our expert engineers provide thorough training in all products applied in a solution, ensuring that you can achieve your operational goals once a system is in place.

We’ve collaborated closely with our customers since the company was founded nearly 40 years ago—a major reason why we’re North America’s most trusted provider of protective relays and ranked #1 by international utilities in price, service, and support.