Reference
Substation
IEC 61850 substation automation, IEC 62443 zone-and-conduit design, and IEC 62351 protocol-level cryptography.
- ADMSAdvanced Distribution Management System — the control-centre platform a distribution system operator uses for network optimisation, outage management, switching, and DER integration.
- BayThe functional unit of a substation — one circuit (line, transformer, generator) connected to the busbar through its own breaker, disconnectors, and instrument transformers, with its own protection and control.
- ConduitAn IEC 62443 communication path between two zones — the place where the integrity and confidentiality controls actually have to live, because zones-in-isolation aren't a system.
- Copper TrunksThe multi-core copper cables that carry analogue CT/VT secondary signals and DC trip/close commands from the switchyard to the control building — the legacy wiring that the IEC 61850 process bus replaces.
- DisconnectorA mechanical switching device that provides visible isolation of a circuit for maintenance — distinct from a circuit breaker in that it cannot interrupt load or fault current.
- DNP3Distributed Network Protocol — the SCADA protocol most widely used in North American power utilities and increasingly common in GB transmission. Plain-text by default; secured by IEC 62351-5.
- EMSEnergy Management System — the control-centre platform a transmission system operator uses for state estimation, contingency analysis, generation scheduling, and real-time security assessment of the high-voltage grid.
- Foundational RequirementsThe seven categories that IEC 62443 evaluates a Security Level claim against — IAC, UC, SI, DC, RDF, TRE, RA. The vector that turns a single SL number into something operationally meaningful.
- GOOSEGeneric Object Oriented Substation Event — IEC 61850's publish/subscribe peer-to-peer Ethernet messaging service for fast event signalling between IEDs, with a 3 ms transfer-time budget for trip messages.
- HistorianA process historian (or data historian) is a specialised time-series database that records every measurement, alarm, and event from SCADA and DCS systems — the continuous operational record of the grid.
- IEC 60870-5-104The TCP/IP companion standard of the IEC 60870-5 telecontrol family — common in European transmission for SCADA-to-RTU traffic. Plain-text by default; secured by IEC 62351-3/-5.
- IEC 61131-3The PLC and IED programming-languages standard. Five textual and graphical languages — Ladder Diagram, Function Block Diagram, Structured Text, Sequential Function Chart, and the deprecated Instruction List — that define what's actually written into the protection and control logic of every modern substation device.
- IEC 61400-25The IEC 61400-25 family — communications for monitoring and control of wind power plants. Extends IEC 61850's data and service models to wind turbine generators, electrical balance-of-plant, and meteorological sensing, so a wind farm presents the same logical interface to SCADA as a conventional substation.
- IEC 61850The foundational standard for substation automation — defines the data model, communication services, and configuration language used by modern digital substations.
- IEC 61850-3Environmental, EMC, and reliability requirements for IT and communications equipment installed inside electrical substations. The standard that decides whether a generic blade server can sit in a control-cabinet, and the reason substation hardware is fanless.
- IEC 61850-7-420The IEC 61850 part that defines logical nodes for Distributed Energy Resources — solar PV, battery storage, EV charging, fuel cells, microturbines, demand response. The standard that lets a battery, a rooftop PV inverter, or an EV charger present the same interface to the grid as a substation IED.
- IEC 61970 / 61968 — CIMThe Common Information Model — a UML-based semantic model of a power system that lets EMS, ADMS, and market systems exchange network topology, equipment, and operational state in a vendor-neutral way. The model that lets a new ADMS know what is in the substation it is being asked to operate.
- IEC 62351The protocol-specific cyber-security complement to IEC 62443 — TLS profiles, embedded HMACs, RBAC vocabularies, and key management for the IEC and DNP3 protocols used in power-systems automation.
- IEC 62351-3TLS profile for any TCP-based protocol in the IEC and DNP3 families. Wraps MMS, DNP3, and IEC 60870-5-104 sockets in mutually-authenticated TLS with constrained cipher suites.
- IEC 62351-4Application-layer security for MMS and IEC 61850 station-bus traffic. Adds end-to-end authentication above the TLS layer that 62351-3 supplies underneath.
- IEC 62351-5The IEC standardisation of DNP3 Secure Authentication. Adds HMAC-based challenge/response to DNP3 so outstations can verify commands actually came from an authorised master.
- IEC 62351-6Security for IEC 61850 GOOSE and Sampled Values. Embedded HMAC and signature fields inside the protocol PDU itself, because TLS isn't usable at the latencies involved.
- IEC 62351-8Role-based access control vocabulary for power-systems management. Defines a standard set of roles (VIEWER, OPERATOR, ENGINEER, INSTALLER, SECADM, RBACMNT, AUDITOR) so that authorisation is portable across vendors.
- IEC 62351-9Cyber-security key management for power-system equipment — the certificate, symmetric-key, and lifecycle profile that every other 62351 part depends on. Often the limiting factor on cryptographic deployment.
- IEC 62443The joint ISA/IEC family for cyber-security of Industrial Automation and Control Systems — the OT cyber-security framework that introduced zones, conduits, and Security Levels.
- IEC 62443-4The component-and-product-supplier half of IEC 62443. -4-1 specifies a secure development lifecycle for OT product vendors; -4-2 specifies the technical security requirements components must meet at each Security Level. Together they're what 'designed to 62443-4-2' means on a vendor data sheet — and what the absence of certification means.
- IEEE 1613North American standard for environmental and testing requirements for communications networking devices installed in electric power substations. The IEEE counterpart to IEC 61850-3, with explicit Class 1 / Class 2 pass criteria for each test.
- IEEE C37.118 and the Synchrophasor StandardsThe IEEE C37.118 family — and its IEC/IEEE 60255-118-1 successor — that defines synchrophasor measurements and data transfer for Phasor Measurement Units. The standard that turns GPS-time-stamped voltage and current phasors into the substrate for wide-area monitoring (WAMS) and the Dynamic Line Rating systems modern grid operators depend on.
- IndustroyerThe 2016 ICS malware that took the Pivnichna substation offline outside Kyiv. Spoke IEC 60870-5-104 and IEC 61850 natively — the substation's own protocol stack as the attack surface. Refined into Industroyer2 in 2022.
- Instrument TransformerCurrent transformers (CTs) and voltage transformers (VTs) that scale high-voltage/high-current signals down to measurable levels for protection relays and metering — the analogue sensors that merging units digitise.
- Intelligent Electronic DeviceMicroprocessor-based power-system device — protection relay, breaker controller, bay controller — and the bay-level citizen of an IEC 61850 substation.
- Logical NodesThe atomic functional units of an IEC 61850 data model — standardised function blocks like XCBR (circuit breaker), PTOC (overcurrent protection), MMXU (measurement) that compose into a substation.
- Merging UnitProcess-bus device that samples analogue voltage and current from instrument transformers and publishes them as IEC 61850-9-2 Sampled Values frames. The enabling technology for retrofit-in-place modernisation.
- MMSManufacturing Message Specification (ISO 9506) — the application-layer client/server protocol on the IEC 61850 station bus, used for reads, writes, control, and reporting between IEDs and station-level applications.
- ModbusThe 1979-vintage Modicon serial protocol that became the world's de facto industrial-fieldbus interlingua. Plain-text, no authentication, no encryption — and still the protocol of last resort for any piece of plant that needs to be polled by anything else. Modbus TCP is the same protocol over Ethernet, with the same security posture.
- NERC CIPNorth American Electric Reliability Corporation Critical Infrastructure Protection — the mandatory cyber-security standards for the Bulk Electric System in North America. The legal regime that turns 'we should secure the substation' into 'a FERC fine if we don't', and the closest the world has to a directly-enforced OT cyber-security framework.
- NIS Regulations 2018The UK transposition of the EU NIS Directive that places legally binding cyber-security obligations on Operators of Essential Services in electricity, gas, water, transport, health, and digital infrastructure. Enforced for energy by Ofgem; assessed against the NCSC Cyber Assessment Framework. Currently being expanded by the Cyber Security and Resilience Bill.
- OPC ClassicOLE for Process Control — the late-1990s Microsoft-DCOM-based bridge that let Windows applications read industrial process data. Notorious for needing port 135 plus a wide dynamic port range, which gutted IT/OT firewalling. Superseded by OPC UA.
- OPC UAOPC Unified Architecture — the platform-independent, transport-secure successor to OPC Classic. A single TCP port (4840), TLS and X.509 mutual auth natively, runs on Linux and embedded RTOSes — none of which DCOM ever did. The default IT/OT bridging protocol for new-build substation gateways.
- Operational TelecomsThe dedicated telecommunications network that transmission and distribution operators build and maintain to carry SCADA, protection signalling, and operational voice between substations and control centres.
- Protection RelayThe device that detects faults and commands circuit breakers to open — evolved from electromechanical relays through static and digital designs to today's numerical IEDs.
- PRP and HSRParallel Redundancy Protocol and High-availability Seamless Redundancy — the IEC 62439-3 mechanisms that give an IEC 61850 process bus zero-recovery-time fault tolerance. Two physical networks (PRP) or a single ring (HSR), in both cases delivering both copies and discarding duplicates.
- PTP and the Power Utility ProfilePrecision Time Protocol — IEEE 1588 — and the substation-specific IEC/IEEE 61850-9-3 Power Utility Profile that delivers sub-microsecond time synchronisation across an Ethernet process bus. The substrate that lets multiple merging units publish coherent Sampled Values.
- Purdue ModelThe Purdue Enterprise Reference Architecture (PERA) — a 1990s layered diagram of the manufacturing plant that became the dominant mental model for IT/OT segregation. Levels 0-4, plus the post-hoc Level 3.5 industrial DMZ.
- RTURemote Terminal Unit — the substation-edge device that aggregates telemetry from IEDs and exposes it northbound to SCADA over DNP3 or IEC 60870-5-104. Increasingly deployed as a virtualised function in the control-centre data hall.
- Sampled ValuesIEC 61850-9-2 digital representation of voltage and current waveforms, multicast from merging units to subscribing IEDs at 4 kHz (protection) or 12.8 kHz (metering).
- SCADASupervisory Control and Data Acquisition — the system class that runs in the control centre, polling RTUs across the WAN to provide operator situational awareness and remote control.
- SCLSubstation Configuration Language — the XML engineering description language defined in IEC 61850-6 that makes multi-vendor 61850 substations tractable.
- Security LevelThe IEC 62443 measure of how capable an adversary the system is sized to repel — SL 1 stops typos, SL 4 stops nation-states. Expressed as a vector across the seven Foundational Requirements.
- StuxnetThe 2010 ICS malware that targeted Siemens S7-300 PLCs running specific frequency-converter configurations at uranium-enrichment RPMs. The event that ended the air-gap conversation.
- Substation-to-Control-Centre WANThe wide-area network connecting every transmission substation to the control-centre data hall — carrying SCADA telemetry, protection inter-tripping, PMU streams, engineering access, and operational voice over the operational telecoms backbone.
- SwitchgearThe assembly of circuit breakers, disconnectors, busbars, and their enclosures that switches, protects, and isolates electrical circuits in a substation — available as air-insulated (AIS) or gas-insulated (GIS).
- ZoneAn IEC 62443 partition — a set of assets that share the same security requirement. The unit of security analysis in zone-and-conduit thinking.