Upload File

just say no to transient computers · 2020-03-13 · document, implementation guide for industrial...

  • Home
  • Documents
  • Just Say No To Transient Computers · 2020-03-13 · document, Implementation Guide for Industrial Control Systems, has been developed. Computers used on the substation network will
6
Just Say No To Transient Computers Randy Kimura AltaLink Management Ltd. Calgary, Canada Eric Oh AltaLink Management Ltd. Calgary, Canada Abstract— Interactive local access with substation intelligent electronic equipment is typically accomplished using a temporary computer. This transient computer is connected to the substation network for the duration of the substation activities and disconnected when the work has been completed. Although many cyber security programs are based on NERC CIP, AltaLink has adopted additional standards, for example ISO 27019 and the Center for Internet Security Critical Security Controls. I. INTRODUCTION Utilities utilize various strategies to perform work inside of their substations to maintain and upgrade their assets. In general utilities will staff with employees, contract to third parties, or have a hybrid of the two. AltaLink adopts the latter where there is a hybrid of AltaLink field staff and third party contractors who complete work in the field. In this paper, we discuss the many cyber security challenges with a hybrid staffing approach and the efforts in AltaLink to mitigate the security concerns with the introduction of a substation computer. II. NOMENCLATURE AESO Alberta Electric System Operator CIP Critical Infrastructure Protection CIS Center for Internet Security CSC Critical Security Control CSWG Cyber Security Working Group GPS Global Positioning System ICS Industrial Control System IEC International Electrotechnical Commission ISA International Society of Automation ISMS Information Security Management System ISO International Organization for Standardization IT Information technology NERC North American Electric Reliability Corporation NIST National Institute of Standards and Technology OT SGIP Smart Grid Interoperability Panel SNMP USB Universal Serial Bus III. ALTALINK Headquartered in Calgary, with offices in Edmonton, Red Deer and Lethbridge, AltaLink is Alberta's largest electricity transmission provider with a 212,000 square kilometer service area. Our network of more than 13,000 kilometers of transmission lines and 300 substations delivers electricity safely, reliably and efficiently to more than three million Albertans. AltaLink is partnering with its customers to provide innovative solutions to meet the province’s demand for reliable and affordable energy. A wholly-owned subsidiary of Berkshire Hathaway Energy, AltaLink is part of a global group of companies delivering energy services to customers worldwide. IV. TRADITIONAL APPROACH AltaLink personnel (e.g. field techs, engineers, etc.) use AltaLink issued and maintained laptops to interface with substation equipment. The image (i.e. installed software), operating system patches, and malware updates are approved and deployed by AltaLink IT. AltaLink IT laptop security includes: Anti-virus Application whitelisting USB whitelisting Hard drive encryption Contractors are also used to supplement AltaLink personnel. Contractors use their own laptops when conducting business on behalf of AltaLink. Contractor laptops are also used to interface with substation equipment. Substation equipment specific application software and versions are specified in AltaLink engineering standards. The operating system patches and malware updates are approved and maintained by the contractor’s IT.

Upload: others

Post on 20-Jul-2020

1 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Just Say No To Transient Computers · 2020-03-13 · document, Implementation Guide for Industrial Control Systems, has been developed. Computers used on the substation network will

Just Say No To Transient Computers

Randy Kimura

AltaLink Management Ltd.

Calgary, Canada

Eric Oh

AltaLink Management Ltd.

Calgary, Canada

Abstract— Interactive local access with substation intelligent

electronic equipment is typically accomplished using a

temporary computer. This transient computer is connected to

the substation network for the duration of the substation

activities and disconnected when the work has been completed.

Although many cyber security programs are based on NERC

CIP, AltaLink has adopted additional standards, for example

ISO 27019 and the Center for Internet Security Critical Security

Controls.

I. INTRODUCTION

Utilities utilize various strategies to perform work inside of their substations to maintain and upgrade their assets. In general utilities will staff with employees, contract to third parties, or have a hybrid of the two. AltaLink adopts the latter where there is a hybrid of AltaLink field staff and third party contractors who complete work in the field. In this paper, we discuss the many cyber security challenges with a hybrid staffing approach and the efforts in AltaLink to mitigate the security concerns with the introduction of a substation computer.

II. NOMENCLATURE

AESO Alberta Electric System Operator CIP Critical Infrastructure Protection CIS Center for Internet Security CSC Critical Security Control CSWG Cyber Security Working Group GPS Global Positioning System ICS Industrial Control System IEC International Electrotechnical Commission ISA International Society of Automation ISMS Information Security Management System ISO International Organization for Standardization IT Information technology NERC North American Electric Reliability Corporation NIST National Institute of Standards and Technology OT SGIP Smart Grid Interoperability Panel SNMP USB Universal Serial Bus

III. ALTALINK

Headquartered in Calgary, with offices in Edmonton, Red Deer and Lethbridge, AltaLink is Alberta's largest electricity transmission provider with a 212,000 square kilometer service area. Our network of more than 13,000 kilometers of transmission lines and 300 substations delivers electricity safely, reliably and efficiently to more than three million Albertans. AltaLink is partnering with its customers to provide innovative solutions to meet the province’s demand for reliable and affordable energy. A wholly-owned subsidiary of Berkshire Hathaway Energy, AltaLink is part of a global group of companies delivering energy services to customers worldwide.

IV. TRADITIONAL APPROACH

AltaLink personnel (e.g. field techs, engineers, etc.) use AltaLink issued and maintained laptops to interface with substation equipment. The image (i.e. installed software), operating system patches, and malware updates are approved and deployed by AltaLink IT. AltaLink IT laptop security includes:

Anti-virus

Application whitelisting

USB whitelisting

Hard drive encryption

Contractors are also used to supplement AltaLink personnel. Contractors use their own laptops when conducting business on behalf of AltaLink. Contractor laptops are also used to interface with substation equipment. Substation equipment specific application software and versions are specified in AltaLink engineering standards. The operating system patches and malware updates are approved and maintained by the contractor’s IT.

Page 2: Just Say No To Transient Computers · 2020-03-13 · document, Implementation Guide for Industrial Control Systems, has been developed. Computers used on the substation network will

V. CONSIDERATIONS FOR A SUBSTATION COMPUTER

In Alberta a regionalized NERC CIP version 5 is implemented and audited for compliance.

The SANS Institute created the initial CIS Critical Security Controls for Effective Cyber Defense. Ownership of the document has transferred to the Center for Internet Security (CIS). This guideline approaches security with 20 best practices, referred to as the Critical Security Controls (CSC). Although the initial focus of the CSCs is IT, the adoption of these controls has evolved and a specialized guidance document, Implementation Guide for Industrial Control Systems, has been developed. Computers used on the substation network will also benefit from the specialized guide, CIS Controls Microsoft Windows 10 Cyber Hygiene Guide, applying the CSCs to Windows 10.

The ISO/IEC 27000 series of guidelines, developed and maintained by the ISO and IEC, defines requirements for an Information Security Management System (ISMS). The ISO/IEC 27000 series standards referenced for the substation computer are listed in Table 1.

Table 1 ‒ ISO 27000 Standards

Standard Application

ISO/IEC 27001 Requirements for an ISMS.

ISO/IEC 27002 Controls for the implementation of the ISO/IEC 27001 requirements.

ISO/IEC 27019 Guidance on the application of the ISO/IEC 27002 controls to Industrial Control Systems within the energy utility industry.

The IEC 62351 series of standards are developed and maintained by IEC Technical Committee 57, Working Group 15 to address security concerns of the TC57 communication protocols. The TC57 communication protocols include the IEC 60870-5 series, the IEC 60870-6, and the IEC 61850. The IEC 62351 series is directly applicable as IEC TC57 standards development is focused on information exchange for power systems and other related systems including SCADA.

Figure 1 ‒ IEC 62351 Series

The International Society of Automation ISA99 committee develops and maintains a standards series for industrial automation and control systems security. This standards are being adopted by the IEC and published as the IEC 62443 series.

Figure 2 ‒ ISA 62443 Series

The 2007 Energy Independence and Security Act tasked NIST with the responsibility security of a Smart Grid:

(1) Increased use of digital information and controls technology to improve reliability, security, and efficiency of the electric grid.

(2) Dynamic optimization of grid operations and resources, with full cybersecurity.[1]

The Smart Grid Interoperability Panel (SGIP) Cyber Security Working Group (CSWG) developed the Guidelines for Smart Grid Cyber Security. The National Institute of Standards and Technology has developed additional standards applicable to a substation computer.

Table 2 ‒ NIST Guidance

Standard Title

SP 800-40 Creating a Patch and Vulnerability Management Program

SP 800-53 Security and Privacy Controls for Federal Information Systems and Organizations

SP 800-82 Guide to Industrial Control Systems (ICS) Security

SP 800-83 Guide to Malware Incident Prevention and Handling

SP 800-92 Guide to Computer Security Log Management

NISTIR 7628 Guidelines for Smart Grid Cyber Security

VI. ARCHITECTURE

For years transient field laptops were connected to the substation network. These field laptops were owned by AltaLink or a third party contractor. The AltaLink owned laptops were managed per the AltaLink corporate IT policies while the third party laptops were independently managed by the owner.

A program was created to replace the transient field laptops with a computer permanently connected to the substation network. The permanent connectivity enables the use of traditional IT tools, to manage and secure the computer.

Page 3: Just Say No To Transient Computers · 2020-03-13 · document, Implementation Guide for Industrial Control Systems, has been developed. Computers used on the substation network will

IED IED IED

Substation

Computer

Event CollectorPatch Management

Malware ManagementAccess Management

A. Network Access Control

The substation network is static, with a few exceptions substation equipment is seldom added or removed. Temporary substation network access points are required for the field laptops.

Table 3 Network Access Control Guidance

Reference Control

CIP-007-AB-5 Protect against physical ports used for network connectivity.

CSC 1.5 Deploy network level authentication and control for connection to the network.

ISO 27002 9.1.2 Management control to protect network connections

NISTIR 7628 SG.AC-17

Authorize connection to Smart Grid information systems

When network access control is deployed only approved devices can connect via an unused port on substation LAN networking equipment. Disabling all of the unused ports on the substation networking equipment will block the connection of all devices. This approach blocks by default. An approval process will be applied to insure only valid devices are requesting a connection. After approval the port can be manually enabled and a connection established.

MAC address whitelisting prevents the connection of unapproved equipment to a physical port currently enabled for an approved connection. A MAC address whitelist contains the approved MAC addresses permitted to connect to the substation network. When a device is connected to an unused port it is denied a connection by default. The MAC address must be added to the whitelist before a connection can be established.

The substation computer is permanently connected to the substation network to conduct the tasks typically done with the transient field laptop. The substation computer removes the requirement for the transient field laptops.

B. User Access Management

Access to AltaLink field laptops uses the AltaLink corporate Active Directory. Access to third party field laptops is external to AltaLink and therefore unknown.

TABLE 4 ‒ USER ACCESS MANAGEMENT GUIDANCE

Reference Control

CIP-007-AB-5 R5.1 Enforce authentication of interactive user access

CIP-007-AB-5 R5.2 Inventory enabled default and generic accounts.

CIP-007-AB-5 R5.3 Identify individuals with shared account access.

CIP-007-AB-5 R5.7 Limit the number of unsuccessful login attempts.

CSC 5.6 Use multi-factor authentication for administrative access.

CSC 16.2 Monitored and enforced account expiration date.

CSC 16.3 Revoke access upon termination.

CSC 16.5 Screen lock after a defined period of inactivity.

CSC 16.7 Account lockout after a defined number of failed login attempts.

CSC 16.8 Monitor attempts to access deactivated accounts.

CSC 16.9 Configure access through centralized authentication.

CSC 16.11 Multi-factor authentication for user accounts.

NISTIR 7628 SG.AC-3 Manage accounts including the authorization, activation, modification, disabling and removing accounts.

NISTIR 7628 SG.AC-9 Display an approved system use message before granting access

NISTIR 7628 SG.AC-12

Initiate a session lock after a period of inactivity

Substation computer access management is deployed using an OT Active Directory. The OT Active Directory is a separate instance from the corporate Active Directory. OT Active Directory accounts are required to use a unique password (i.e. the corporate Active Directory password cannot be used.)

Access to the substation computer can be remotely granted or revoked using the OT Active Directory. User access can be:

1. Single substation computer – For example a contractor whose work scope is limited to a single site.

2. Group of substation computers – For example, a regional field technologist whose work scope is limited to a geographical area.

Active Directory enforces password rules on the user accounts:

1. Minimum complexity including length and characters.

Page 4: Just Say No To Transient Computers · 2020-03-13 · document, Implementation Guide for Industrial Control Systems, has been developed. Computers used on the substation network will

2. Expiration dates to ensure timely changes.

An appropriate use message is displayed when a user logs on to the substation computer. A screen lock is enabled after a period of inactivity.

C. Patch Management

Patch management includes the operating system and application software. Windows patches are released on the second Tuesday of each month. Occasionally patches are also released the fourth Tuesday of a month. AltaLink IT evaluates, approves and deploys the relevant patches to AltaLink field laptops. A patch is installed on a field laptop when it is connected to the corporate network. There may be a delay between the approval of a patch and installation when the user is unable to connect to the corporate network for a period of time. Patching of third party field laptops is external to AltaLink IT therefore the approved patches and installation is unknown.

Application software patches are identified, evaluated and approved using the AltaLink OT patch management process. The current process requires individual users to install updates on their field laptops.

TABLE 5 ‒ PATCH MANAGEMENT GUIDANCE

Reference Control

CIP-007-AB-5 R2.1

Process for installing patches.

CIP-007-AB-5 R2.3

Within 35 days apply the applicable patches

CSC 4.5 Deploy automated patch management tools

ISO 27002 12.5.1 Updating operational software and applications limited to administrators with appropriate authorization.

ISO 27002 12.6.1 Define and establish roles and responsibilities associated with technical vulnerability management. Test and evaluate patches prior to deployment.

Substation computer operating system patches are inherited from the corporate evaluation and verification program. Once approved, the operating system patches are motely pushed to the substation computers.

The OT patch management program leverages the IEEE C37.231 methodology. Although IEEE C37.231 is protection equipment centric, the OT patch management program is applied to all of the substation equipment. Substation equipment have firmware controllers assigned to review, test, and approve application software patches. Approved application software patches are remotely installed on the substation computer.

D. Malware Protection

AltaLink field laptops are deployed with anti-virus, application whitelisting and USB whitelisting managed by AltaLink IT. Malware protection on third party laptops is unknown.

TABLE 6 ‒ MALWARE PROTECTION GUIDANCE

Reference Control

CIP-007-AB-5 R3.1 Deploy method(s) to deter, detect, or prevent malicious code.

CIP-007-AB-5 R3.2 Mitigate the threat of detected malicious code.

CIP-007-AB-5 R3.3 Have a process to update signatures or patterns

CSC 2.2 Application software to run software included on the whitelist and prevent the execution of other software.

CSC 8.1 Send malware detection events to an enterprise malware prevention tool and log server.

CSC 8.2 Use centralized anti-malware protection.

ISO 27002 12.2.1 Detection and prevention controls to protect against malware including prohibiting unauthorized software (application whitelisting) plus the installation and regular updating of malware detection software.

Anti-virus software is typically a signature based approach to prevent, detect, and remove malware. The anti-virus deployed on the AltaLink corporate computers will be used for the substation computer. The anti-virus update will be transferred to the substation computer using the OT network.

Application software whitelisting ensures only approved application software can run on the substation computer. The application software solution deployed on the AltaLink corporate computers will be used on the substation computer. The application software whitelist will be remotely managed to add or remove software.

USB whitelisting grants or denies the use of USB devices on the substation computer. The USB whitelisting solution deployed on the AltaLink corporate computers will be used on the substation computers. The USB whitelist will be remotely managed. The encrypted USB drives approved for the AltaLink corporate network will also be approved for the substation computer.

E. Logging and Monitoring

Monitoring and logging computers is typically replotted in a static environment. Third party laptops are monitored external to AltaLink IT.

TABLE 7 ‒ LOGGING AND MONITORING GUIDANCE

Reference Control

CIP-007-AB-5 R4.1 Log events including:

Detected unsuccessful login attempts;

Detected failed access attempts and failed login attempts;

Detected malicious code

CIP-007-AB-5 R5.7 Generate an alert after the threshold of unsuccessful login attempts

Page 5: Just Say No To Transient Computers · 2020-03-13 · document, Implementation Guide for Industrial Control Systems, has been developed. Computers used on the substation network will

Reference Control

CSC 5.5 Log any unsuccessful login to an administrative account

CSC 6.1 Time synchronize to at least two NTP sources.

ISO 27002 9.4.2 Log unsuccessful and successful attempts

ISO 27002 12.4.4 Synchronize to a reference clock.

NISTIR 7628 SG.AC-8 Log unsuccessful login attempts

The substation computer is time synchronized to multiple master satellite clocks in the OT network thereby ensuring consistent and accurate event time stamps. The master clocks can be remotely changed.

Unlike the deployment of AltaLink and third party field laptops, substation computers are permanently connected to the OT network and, more importantly, interfaced to the OT event systems. Substation computer Windows events, Syslog messages, and SNMP messages can be centrally collected for evaluation and archiving. Corporate IT tools, for example the Network Management System software, can be leveraged.

F. Hard Drive Encryption

Confidential and sensitive information must be secured on field laptops. AltaLink field laptops utilize hard drive encryption to secure the confidential and sensitive information. Third party laptops information is secured by the owners IT, and may be insufficient.

TABLE 8 ‒ HARD DRIVE ENCRYPTION GUIDANCE

Reference Control

CSC 13.2 Deploy hard drive encryption.

ISO 27002 10.1.1 Use encryption to protect sensitive or critical information.

ISO 27002 11.2.7 Disk encryption reduces the risk of disclosure of confidential information when equipment is disposed of or redeployed.

G. External Devices

External or removable media is a topic of significant concern for the introduction of malware. Malware protection on AltaLink owned field laptops can be managed and updated per AltaLink IT requirements. Malware protection on third party field laptops is independent from AltaLink programs. The third party malware protection tools and update frequency may be different.

TABLE 9 ‒ EXTERNAL DEVICE GUIDANCE

Reference Control

CIP-007-AB-5 R1.2 Protect against physical ports used for network connectivity.

CSC 8.3 Only use approved external devices. Monitor external device usage. Disable external device auto run.

Reference Control

CSC 13.5 Allow only specific USB devices (based on serial number or other unique property) to be accessed

ISO 27002 8.3.1 Removable media drives should only be enabled if there is a business reason

NISTIR 7628 SG.AC-17

Usage restrictions for removable media.

Only AltaLink issued USB flash drives are permitted on corporate computers and the substation computer. The approved device supports 256 bit AES hardware-based encryption and complex passwords. Auto-run removable media content is disabled on the substation computer.

The USB whitelisting solution deployed on the corporate network will be applied on the substation computer and remotely managed using the OT network. Only AltaLink issued USB flash drives with approved serial numbers will be permitted on the substation computer. The USB whitelist management (e.g. addition, revocation) is remotely managed.

VII. CONCLUSIONS

As the work force resource demand requires third party contractors, the introduction of a permanent substation computer helps mitigate introduction of cyber threats. As this program continues to develop, AltaLink recognizes that the single substation computer limits the ability for contractors to perform work when they are executing a large scope of work. As this issue is addressed, AltaLink is leveraging the scope of this substation computer to develop solutions to augment this functionality to support all types and sizes of work.

REFERENCES

[1] The CIS Critical Security Controls for Effective Cyber Defense,

Center for Internet Security, Version 6.1, August 31, 2016 [2] Information technology – Security techniques – Code of practice

for information security controls, ISO 27002, Second edition,

2013-10-01 [3] Energy Independence and Security Act, Public Law 110-140,

Section 1301, 2007

[4] Guidelines for Smart Grid Cyber Security: Vol. 1, Smart Grid Cyber Security Strategy, Architecture, and High-Level

Requirements, NISTIR 7628, The Smart Grid Interoperability

Panel – Cyber Security Working Group, August 2010

Page 6: Just Say No To Transient Computers · 2020-03-13 · document, Implementation Guide for Industrial Control Systems, has been developed. Computers used on the substation network will

BIOGRAPHIES

Randy Kimura received his Bachelor of Science and Master of Science in Electrical Engineering from the University of Alberta. His 30+ years of work experience ranges from developing SCADA applications and communication protocols to System Engineering for domestic and international substation automation projects. Randy is a member of the IEEE Power and Energy Society, the Power Energy Automation Conference organizing committee, several IEC TC57 Working Groups (10/15/17), and several IEEE PSCC subcommittees. He is a registered Professional Engineer in the province of Alberta.

Eric Oh received his Bachelor of Science in Electrical Engineering from the University of Alberta. His 15+ years of work experience includes electronics design for oil and gas monitoring tools and electrical utility SCADA system designs where he is currently the Senior SCADA Engineer Technical Lead in the Project Development group. Eric is a member of the IEEE 1588 ICAP Committee, IEEE Power and Energy Society, and is a registered Professional Engineer in the province of Alberta.


Distribution Substation Manual- Section 3 – Substation Arrangements

Sustainable SubstationSustainable Substation Solutions Meeting... · Sustainable SubstationSustainable Substation Solutions IEEE Substation Conference ... • 115-kV/13.8- kV Substation

Substation L1/ Booster Substation Y-BE2 Update #3

Warehouse-Scale Computers to Exploit Request-Level and ...cc.sjtu.edu.cn/Upload/20171116120138921.pdf · The substation switches from 115,000 volts to medium-voltage lines of 13,200

CAPACITOR SWITCHING TRANSIENT ANALYSIS ON A TRANSMISSION GRID SUBSTATION (CASE STUDY … · 2018. 11. 14. · Ceylon electricity board (CEB) has also installed total of 370 Mvar capacitor

Substation Standard Z6-32D Zone Substation Control ... · PDF file1 z6-32d zone substation ikeu

Converter Station Subsea Cable Substation Substation Transition

Microprocessors used in Personal Computers. The Memory Map of a Personal Computers Transient Program Area (TPA): Holds the operating system (interrupt

Types of Computers Super Computers Super Computers Mainframes Mainframes Mini Computers Mini Computers Micro Computers Micro Computers

SUBSTATION - 3D VIEW SOUTHEAST SUBSTATION …

DIGITAL SUBSTATION: EXPERIENCES WITH A SUBSTATION ...digitalsubstation.com/wp-content/uploads/2017/10/Hutt-erer_Stefan.pdf · digital substation: experiences with a substation automation

Analysis of Very Fast Transient over Voltages of … of Very Fast Transient over Voltages of Transformer in Gas Insulated Substation (GIS) using Wavelet Technique K. Prakasam, Member

esign your substation 50% faster with the Substation esign

Using ETAP Load Flow Analysis of 132/11kv Kohat Substation: A … · 2019-11-29 · research makes effective use of ETAP (Electrical Transient Analyzer Program) to carry out load

Substation - Pulse Supply€¦ · IEC-101 Substation SecFlow Substation SecFlow Substation • Support Ethernet-based IEC 61850 substation communications for mission-critical automation

New mitigation methods for transient overvoltages in gas ... · Figure 2: Classification of VFTO in high voltage GIS substation . For the discussion about the severity of the traveling

Advantech Energy Automation Solutions - Elmark · Its UNO-4600 series Substation Automation Computers can operate as HMI/SCADA, Terminal (serial-port) Servers, Protocol or Communication

Analysis of effective factors on transient ground ... · PDF fileAnalysis of effective factors on transient ground potential rise in gas insulated substations ... GIS substation is

Substation - Pulse Supply · RTU RS-232 ETH IEC-101 Substation SecFlow Substation SecFlow Substation • Support Ethernet-based IEC 61850 substation communications for mission-critical

Pinal Central substation to tortolita substation 500-kV

Analysis of effective factors on transient ground ...GIS substation. This substation is a switching substation of a pump storage power plant situated in a mountainous region in the

Report on Ichchhapore substation Substation...2014/07/06  · Date:02/02/2018 Report on Ichchhapore substation Substation: SubstationEquipment: 1] PowerTransformer: A

ADVANCING SUBSTATION INFRASTRUCTURE - … SUBSTATION INFRASTRUCTURE - elp.com

Substation: From the Outside Looking In. - avotraining.com · § Step and Touch Potential within a Substation § Substation grounding grid § IEEE Std 80-2000 ... Substation Safety

Substation Design-Substation Installation

FERRUM SUBSTATION TO GARONA SUBSTATION 400kV OVERHEAD TRANSMISSION LINE

What is in a substation? What makes substation work?

Propagation and mitigation of Very Fast Transient ...790036/FULLTEXT01.pdfPropagation and mitigation of Very Fast Transient Overvoltage in Gas Insulated Substation FRANÇOIS GALLIANO

SUBSTATION OVERVIEW - A presentation on substation

Geolocation Tool – A Transient Geographic …iyoun/geo/paper/GeolocationTool.pdfGeolocation Tool – A Transient Geographic Mapping System for Intrusion Detection Background As computers

A Substation is a Part Electrical Substation

Design Analysis of 220/132 KV Substation Using ETAP... short circuit, transient stability, relay coordination, ... Transformer 2 25 MVA Transformer 3 and Transformer 4 is 220kV

SUBSTATION DESIGN / APPLICATION GUIDE3.2 SUBSTATION TYPE Substations are classified as two types of substation, i.e. Air Insulated Switchgear (AIS) ‘open terminal’ substation and

Monitoring of transient overvoltages on the power transformers …€¦ · shunt-reactor unit 100 MVAr in one 400/110 kV substation. In this paper, two events recorded by transient

Substation Automation Future Trends Substation Automation ... · PDF fileSubstation Automation Future Trends Substation Automation and IEC 61850 ... Operation principle ... and substation