Substation

Advanced Distribution Management System — the control-centre platform a distribution system operator uses for network optimisation, outage management, switching, and DER integration.

The functional unit of a substation — one circuit (line, transformer, generator) connected to the busbar through its own breaker, disconnectors, and instrument transformers, with its own protection and control.

An IEC 62443 communication path between two zones — the place where the integrity and confidentiality controls actually have to live, because zones-in-isolation aren't a system.

The multi-core copper cables that carry analogue CT/VT secondary signals and DC trip/close commands from the switchyard to the control building — the legacy wiring that the IEC 61850 process bus replaces.

A mechanical switching device that provides visible isolation of a circuit for maintenance — distinct from a circuit breaker in that it cannot interrupt load or fault current.

Distributed Network Protocol — the SCADA protocol most widely used in North American power utilities and increasingly common in GB transmission. Plain-text by default; secured by IEC 62351-5.

Energy Management System — the control-centre platform a transmission system operator uses for state estimation, contingency analysis, generation scheduling, and real-time security assessment of the high-voltage grid.

The seven categories that IEC 62443 evaluates a Security Level claim against — IAC, UC, SI, DC, RDF, TRE, RA. The vector that turns a single SL number into something operationally meaningful.

Generic Object Oriented Substation Event — IEC 61850's publish/subscribe peer-to-peer Ethernet messaging service for fast event signalling between IEDs, with a 3 ms transfer-time budget for trip messages.

A process historian (or data historian) is a specialised time-series database that records every measurement, alarm, and event from SCADA and DCS systems — the continuous operational record of the grid.

The TCP/IP companion standard of the IEC 60870-5 telecontrol family — common in European transmission for SCADA-to-RTU traffic. Plain-text by default; secured by IEC 62351-3/-5.

The PLC and IED programming-languages standard. Five textual and graphical languages — Ladder Diagram, Function Block Diagram, Structured Text, Sequential Function Chart, and the deprecated Instruction List — that define what's actually written into the protection and control logic of every modern substation device.

The IEC 61400-25 family — communications for monitoring and control of wind power plants. Extends IEC 61850's data and service models to wind turbine generators, electrical balance-of-plant, and meteorological sensing, so a wind farm presents the same logical interface to SCADA as a conventional substation.

The foundational standard for substation automation — defines the data model, communication services, and configuration language used by modern digital substations.

Environmental, EMC, and reliability requirements for IT and communications equipment installed inside electrical substations. The standard that decides whether a generic blade server can sit in a control-cabinet, and the reason substation hardware is fanless.

The IEC 61850 part that defines logical nodes for Distributed Energy Resources — solar PV, battery storage, EV charging, fuel cells, microturbines, demand response. The standard that lets a battery, a rooftop PV inverter, or an EV charger present the same interface to the grid as a substation IED.

The Common Information Model — a UML-based semantic model of a power system that lets EMS, ADMS, and market systems exchange network topology, equipment, and operational state in a vendor-neutral way. The model that lets a new ADMS know what is in the substation it is being asked to operate.

The protocol-specific cyber-security complement to IEC 62443 — TLS profiles, embedded HMACs, RBAC vocabularies, and key management for the IEC and DNP3 protocols used in power-systems automation.

TLS profile for any TCP-based protocol in the IEC and DNP3 families. Wraps MMS, DNP3, and IEC 60870-5-104 sockets in mutually-authenticated TLS with constrained cipher suites.

Application-layer security for MMS and IEC 61850 station-bus traffic. Adds end-to-end authentication above the TLS layer that 62351-3 supplies underneath.

The IEC standardisation of DNP3 Secure Authentication. Adds HMAC-based challenge/response to DNP3 so outstations can verify commands actually came from an authorised master.

Security for IEC 61850 GOOSE and Sampled Values. Embedded HMAC and signature fields inside the protocol PDU itself, because TLS isn't usable at the latencies involved.

Role-based access control vocabulary for power-systems management. Defines a standard set of roles (VIEWER, OPERATOR, ENGINEER, INSTALLER, SECADM, RBACMNT, AUDITOR) so that authorisation is portable across vendors.

Cyber-security key management for power-system equipment — the certificate, symmetric-key, and lifecycle profile that every other 62351 part depends on. Often the limiting factor on cryptographic deployment.

The joint ISA/IEC family for cyber-security of Industrial Automation and Control Systems — the OT cyber-security framework that introduced zones, conduits, and Security Levels.

The component-and-product-supplier half of IEC 62443. -4-1 specifies a secure development lifecycle for OT product vendors; -4-2 specifies the technical security requirements components must meet at each Security Level. Together they're what 'designed to 62443-4-2' means on a vendor data sheet — and what the absence of certification means.

North American standard for environmental and testing requirements for communications networking devices installed in electric power substations. The IEEE counterpart to IEC 61850-3, with explicit Class 1 / Class 2 pass criteria for each test.

The IEEE C37.118 family — and its IEC/IEEE 60255-118-1 successor — that defines synchrophasor measurements and data transfer for Phasor Measurement Units. The standard that turns GPS-time-stamped voltage and current phasors into the substrate for wide-area monitoring (WAMS) and the Dynamic Line Rating systems modern grid operators depend on.

The 2016 ICS malware that took the Pivnichna substation offline outside Kyiv. Spoke IEC 60870-5-104 and IEC 61850 natively — the substation's own protocol stack as the attack surface. Refined into Industroyer2 in 2022.

Current transformers (CTs) and voltage transformers (VTs) that scale high-voltage/high-current signals down to measurable levels for protection relays and metering — the analogue sensors that merging units digitise.

Microprocessor-based power-system device — protection relay, breaker controller, bay controller — and the bay-level citizen of an IEC 61850 substation.

The atomic functional units of an IEC 61850 data model — standardised function blocks like XCBR (circuit breaker), PTOC (overcurrent protection), MMXU (measurement) that compose into a substation.

Process-bus device that samples analogue voltage and current from instrument transformers and publishes them as IEC 61850-9-2 Sampled Values frames. The enabling technology for retrofit-in-place modernisation.

Manufacturing Message Specification (ISO 9506) — the application-layer client/server protocol on the IEC 61850 station bus, used for reads, writes, control, and reporting between IEDs and station-level applications.

The 1979-vintage Modicon serial protocol that became the world's de facto industrial-fieldbus interlingua. Plain-text, no authentication, no encryption — and still the protocol of last resort for any piece of plant that needs to be polled by anything else. Modbus TCP is the same protocol over Ethernet, with the same security posture.

North American Electric Reliability Corporation Critical Infrastructure Protection — the mandatory cyber-security standards for the Bulk Electric System in North America. The legal regime that turns 'we should secure the substation' into 'a FERC fine if we don't', and the closest the world has to a directly-enforced OT cyber-security framework.

The UK transposition of the EU NIS Directive that places legally binding cyber-security obligations on Operators of Essential Services in electricity, gas, water, transport, health, and digital infrastructure. Enforced for energy by Ofgem; assessed against the NCSC Cyber Assessment Framework. Currently being expanded by the Cyber Security and Resilience Bill.

OLE for Process Control — the late-1990s Microsoft-DCOM-based bridge that let Windows applications read industrial process data. Notorious for needing port 135 plus a wide dynamic port range, which gutted IT/OT firewalling. Superseded by OPC UA.

OPC Unified Architecture — the platform-independent, transport-secure successor to OPC Classic. A single TCP port (4840), TLS and X.509 mutual auth natively, runs on Linux and embedded RTOSes — none of which DCOM ever did. The default IT/OT bridging protocol for new-build substation gateways.

The dedicated telecommunications network that transmission and distribution operators build and maintain to carry SCADA, protection signalling, and operational voice between substations and control centres.

The device that detects faults and commands circuit breakers to open — evolved from electromechanical relays through static and digital designs to today's numerical IEDs.

Parallel Redundancy Protocol and High-availability Seamless Redundancy — the IEC 62439-3 mechanisms that give an IEC 61850 process bus zero-recovery-time fault tolerance. Two physical networks (PRP) or a single ring (HSR), in both cases delivering both copies and discarding duplicates.

Precision Time Protocol — IEEE 1588 — and the substation-specific IEC/IEEE 61850-9-3 Power Utility Profile that delivers sub-microsecond time synchronisation across an Ethernet process bus. The substrate that lets multiple merging units publish coherent Sampled Values.

The Purdue Enterprise Reference Architecture (PERA) — a 1990s layered diagram of the manufacturing plant that became the dominant mental model for IT/OT segregation. Levels 0-4, plus the post-hoc Level 3.5 industrial DMZ.

Remote Terminal Unit — the substation-edge device that aggregates telemetry from IEDs and exposes it northbound to SCADA over DNP3 or IEC 60870-5-104. Increasingly deployed as a virtualised function in the control-centre data hall.

IEC 61850-9-2 digital representation of voltage and current waveforms, multicast from merging units to subscribing IEDs at 4 kHz (protection) or 12.8 kHz (metering).

Supervisory Control and Data Acquisition — the system class that runs in the control centre, polling RTUs across the WAN to provide operator situational awareness and remote control.

Substation Configuration Language — the XML engineering description language defined in IEC 61850-6 that makes multi-vendor 61850 substations tractable.

The IEC 62443 measure of how capable an adversary the system is sized to repel — SL 1 stops typos, SL 4 stops nation-states. Expressed as a vector across the seven Foundational Requirements.

The 2010 ICS malware that targeted Siemens S7-300 PLCs running specific frequency-converter configurations at uranium-enrichment RPMs. The event that ended the air-gap conversation.

The wide-area network connecting every transmission substation to the control-centre data hall — carrying SCADA telemetry, protection inter-tripping, PMU streams, engineering access, and operational voice over the operational telecoms backbone.

The assembly of circuit breakers, disconnectors, busbars, and their enclosures that switches, protects, and isolates electrical circuits in a substation — available as air-insulated (AIS) or gas-insulated (GIS).

An IEC 62443 partition — a set of assets that share the same security requirement. The unit of security analysis in zone-and-conduit thinking.