IEC 61850 LAN Design, Testing & Cybersecurity
主要特点
Ethernet is considered a fast, reliable, and scalable local area (LAN) technology that is becoming the predominant LAN technology within electrical substations. Through a combination of lectures and instructor demonstration lab exercises, students will learn how to correctly design and test Ethernet LANs for digital substation applications. The course will then progress to provide a strong foundation in the fundamentals of substation OT LAN cybersecurity.
学习目标
- Understand the requirements of an IEC61850 OT Ethernet LAN
- Understand the fundamentals of Ethernet LAN operation
- Understand how to design, configure, and commission an Ethernet LAN for the digital substation
- Understand the fundamentals of OT LAN cybersecurity
内容
- Introduction to IEC 61850
- OMICRON IEC 61850 Testing Tools
- Ethernet Layer 1
- Ethernet Layer 2
- Operation of RSTP
- Configuration of primary and alternate data paths
- Substation LAN Redundancy
- Virtual LANs
- Precision Time Protocol Operation
- Ethernet Layer 3: The network layer
- IPv4 addressing
- Introduction to IP Static routing
- NAT/PAT
- Introduction to firewalling (layers 1 to 4)
- IPsec
- Cybersecurity attacks we can learn from
- Substation Cybersecurity
- IT versus OT-security versus substations
- FERC, NERC & CIP
- Defense-in-depth principle applied to the electrical substation.
- Electrical Energy OT Substation Architecture (Purdue Model)
- NIST Security Framework
- Typical substation attack vectors
- Stateful firewalling
- Introduction to traffic filtering beyond layer 4
- Deep packet inspection
- Intrusion detection
- Signature-based intrusion detection
- Learning-based intrusion detection
- Functional security monitoring intrusion detection System (StationGuard)
- Demonstration
时间
3 days
时间表
8am - 5pm, each day
You will receive a tentative confirmation within a couple days of registering.
Do NOT purchase any flights until you receive the FINAL confirmation confirming that we will still be hosting the in-person class.
资料
This class is eligible for PDH and NETA Credits.
参加者
Electrical Engineering staff, IT and Security officers from utilities, transmission and distribution networks, railway grids, service companies, and manufacturers involved in protection design.
必备知识
Basic knowledge of electrical engineering
产品
DANEO 400, IEDScout, StationScout, StationGuard, Quick CMC, CMC GOOSE module, CMC IEC61850 Client/Server module
Agenda
Day 1
Introduction to IEC61850 Services
- GOOSE
- Sampled Values
- Overview of OMICRON Testing Solutions
Ethernet Fundamentals
- Modern Ethernet Media
- Basic Hub Operation
- Basic Switch Operation
Overview Switch General Management Features
- Admin and User accounts
- Time
- Switch system internal log
- Syslog
- Switch IEC61850 buffered reports
- Instructor demonstration exercise Lab 1:
o Switch Web-based Network Management Interface
o Configuration and observation of syslog.
o Examining switch IEC 61850 Data model and buffered report operation using IEDScout.
The Ethernet Frame
- Media Access Control (MAC) Address
- Switch Learning
- Port Mirroring
- Instructor Demonstration Lab 2: LAN latency measurement of GOOSE using the DANEO 400
Network Redundancy
- Overview of RSTP Operation
- Instructor Demonstration Lab 3: RSTP configuration and failover time measurement using the DANEO 400
- Parallel Redundancy Protocol (PRP)
- Highly Available Seamless Redundancy Protocol (HSR)
- Instructor Demonstration Lab 4:
o Testing DANEO 400 GOOSE Supervision Operation OVER a PRP Network
Day 2
IEEE 802.1Q Header
- Priority
- VLANs
MMS, GOOSE, and SV filtering using VLAN and priority
- Student Lab 5: VLAN design exercise.
- Instructor Demonstration Lab 6: VLAN configuration and testing exercise
- Configuring trunk and edge ports for GOOSE and MMS.
- Verification using the DANEO 400 and IED Scout for both the normal and failover traffic path.
- Troubleshooting using DANEO 400 and StationScout
Introduction to precision time protocol (PTP)
- Overview of PTP operation and settings.
- Instructor Demonstration Lab 7: Examination of PTP operation and redundancy followed by a discussion of considerations for substation LAN design.
- Overview of sampled values relay test procedures.
- Instructor Demonstration Lab 8: Configuration of a CMC test set for sampled values testing:
CMC Hardware configuration
CMC Quick CMC
Optional: CMC GOOSE module and CMC IEC 61850 Client/Server module
„所有的培训主题都很有意思并且培训师很好的进行了演示和说明。“