SUBSTATION AUTOMATION SYSTEMS PRODUCT SOLUTIONS

DS Agile v5.1
Digital Control System for electrical substations

As power networks are The complete solution for substation

becoming more efficient
and intelligent, substation protection, automation and control
automation systems need
to offer smarter and more
secure solutions.
Alstom's DS Agile v5.1
Digital Control System
now adds advanced
cyber-security capabilities
to the ultimate hardware,
software and
communications
technologies under
IEC 61850 standards.
WIDE-AREA AUTOMATION
STANDARDISATION DS Agile v5.1 enables rapid data
exchange and communications between
Based on IEC 61850, the international all control and protection IEDs, not only
standard for digital data communica- across the substation and the substation
tions and systems interoperability in gateway, but also through Wide-Area
CUSTOMER BENEFITS substations, DS Agile facilitates Control Units (WACU) that can manage
complete integration between the realtime automation taking into account
Scalable solution different devices, ensuring an optimal the topology of multiple substations.
High level of standardisation use of data. The WACU solution developed by Alstom
Grid makes inter-substation automation
IEC 61850 inter-operability COMPLETE RELIABILITY and protection possible, helping protect
NERC-CIP compliant your assets and optimise power flows.
cyber-security The DS Agile digital control system
provides the ultimate reliability via fully PROJECT DELIVERY AND SUPPORT
Reliable redundant redundant architectures, like Alstom's
architectures Self-Healing Ring and Dual-Homing Alstom has experienced teams located
Star, or the recently developed worldwide, with a proven track record in
Wide-area automation interoperable Parallel Redundancy project management, engineering,
Global teams for project Protocol (PRP "RedBox'). Thanks to application support, maintenance and
the wide range of Alstom switches, the training. Our experts can provide
delivery and support possibility of an outage is practically assistance in any of these areas, allowing
eliminated. users to make the best use of DS Agile.

Grid-SAS-L3-DS_Agile_v5.1-2879-2014_09-EN. Information contained in this document is indicative only. No representation or warranty is given or should
be relied on that it is complete or correct or will apply to any particular project. This will depend on the technical and commercial circumstances. It is provided
without liability and is subject to change without notice. Reproduction, use or disclosure to third parties, without express written authority, is strictly prohibited.
Alstom contributes to the protection of the environment. This leaflet is printed on environmentally friendly paper.
DS AGILE v5.1 FUNCTIONS

DATA CONCENTRATION AND PROCESSING CONTROL

One of the main functions of the DS Agile is to concentrate and process data: Once a control operation is initiated by
the information can come from a variety of sources, both analog and digital. For an operator -locally or remotely-,
example, when re-using legacy equipment, analog data can be acquired directly from multiple checkings are performed by the
current and voltage transformers and digital data can be acquired over serial system before the effective issue of the
communica-tions links or via hardwired links. control order or signal, in order to make
it fully secure. For instance, interlockings
DS Agile manages many types of data from the substation's primary and secondary are ensured by logical equations or as
equipment such as: tapchanger and switchgear positions, control signals, the result of a dynamic topological
measurement values, disturbance records, settings, etc. Each item of qualified data is analysis coupled with expert rules.
uniquely referenced in the system configuration tool in order to ensure full consistency Interlocks are managed as close to the
of the information, as well as allowing it to be re-used in other parts of the system. process as possible in order to provide
the best security of operation.
MONITORING AND ANALYSIS Interlocking conditions are graphically
displayed on the operator’s screen in
Among the numerous DS Agile standard features, diverse functions for local or remote order to immediately identify the locking
monitoring and analysis of collected data are available. Key situational information is conditions (if any), allowing the operator
offered by the embedded LCD screen of the C264 bay controller, that is able to display to make the appropriate changes before
single-line diagrams, alarms, measurement values and lists of event sequence. issuing the order.

Additionally, une or more screens can be added at substation level in order to get more AUTOMATION
sophisticated monitoring. The user can then benefit from colour displays for easier
awareness and maintenance, comprehensive alarm annunciator screens and accurate An operator can configure specific
fault localisation within the system. Other features include advanced reporting, dual- control sequences or automation
language display and disturbance record analysis. schemes, across one or more sites (e.g.
automatic reclosing, System Integrity
Protection Schemes (SIPS), load
shedding). Such applications can be
based on local or remote data. Similarly,
the outputs can perform local or remote
actions. Programmable logic can be
implemented using either
Programmable-Scheme Logic (PSL) or
Programmable-Logic Controller (PLC)
methods. PSL is used for fast
automation applications and it is
available within the C264 bay controller.
Since PSL is event-driven, there is no
cycle time. The optional PLC tool is fully
compliant with IEC 61131-3 and it can
be used for complex or sequential
automation applications, not only at bay


 
 level (in the C264) but also at inter-
substation (or inter-system) level

 through the programmable Wide-Area


Control Units (WACU A400 series).

 



DS Agile v5.1 provides additional in-built
libraries of automation functions,
including functions for feeder protection,
automatic reclosing and voltage
Typical components of a DS Agile system regulation of parallel transformers.

DS AGILE v5.1 ARCHITECTURE
HOMOGENEOUS
DS Agile v5.1 offers a unified architec-
tural framework for building multiple
solutions tailored to the real needs of
almost any application. It allows for
progressive upgrading of the system
design according to the evolving
requirements in terms of functions, size,
performance, etc.
EXTENDABLE
A DS Agile solution can be contained
within a single standard panel or be
geographically distributed, depending on
the application. The DS Agile system
architecture is structured in a series of
hierarchical levels. Each level maintains
a given performance in terms of
transmission time, dependability and
automation independently of the other
levels. It therefore ensures that the
system can be extended consistently and
securely.
STANDARDISED
The combination of modern, multi-
functional and highly programmable
IEDs together with fast communications
greatly improves the capabilities for
producing a “standard bay”. A standard
bay is a product made of standard
hardware, software and engineering
libraries (automation, graphical
representations, wiring interface and IED
composition). It can then be customised
to the exact requirements of the project
through changes to the database.
SUBSTATION AUTOMATION SYSTEMS PRODUCT SOLUTIONS
DS AGILE v5.1
RELIABLE
System availability is a function of the reliability of each individual component and the
architecture in which they are combined. DS Agile v5.1 accommodates a variety of
redundancy solutions, ranging from the switch redundant power supply to the
complete redundancy of each component, including configuration database
redundancy.
A DS Agile solution can be engineered from a few integrated components or have its
functions split into several components, thus offering a balance between functional
availability, cost and compactness.
In addition to the self-checks carried out by each component, DS Agile v5.1 offers a
variety of system test modes such as 'device maintenance management' and 'data
forcing' to further increase the overall availability.
COMMUNICATIONS PROTOCOLS
Physical communications between components are based on both ethernet and serial
RS links in order to cope with different applications such as the reuse of existing
devices and the integration of third-party equipment. DS Agile v5.1 supports the most
extended serial protocols (T103, DNP3, and MODBUS) in order to interface with
existing devices and it can be fully integrated within a remote control scheme. When
using MiCOM Alstom devices, the same link can be used to retrieve settings or
disturbance records. Communications with remote control centres is possible through
IEC 60870-5-101, IEC 60870-5-104 and DNP3, or other older protocols on demand.
State-of-the-art communication technologies based on client-server and peer-to-peer
links such as IEC 61850 is standard across the whole architecture of the DS Agile
system. It relies on fast ethernet networks and offers new perspectives in terms of
distributed functions, performance and flexibility. DS Agile enables innovative
automation schemes and the flexible addition of new application clients.
DS Agile v5.1 Operator Interface (System view)
 SIMPLE ARCHITECTURE
Printer The DS Agile base architecture inter-
connects a Remote Terminal Unit (RTU)
-like Alstom's C264 controller- or a
substation PC with a group of Intelligent
Maintenance Electronic Devices (IEDs) such as
and configuration protection relays or measurement and
recording devices.



 This centralised architecture is typically
used within a distribution substation, a
wind farm or at a bay level of a
transmission substation (a feeder, for
example).

Simple, C264 RTU-based architecture

DS Agile OI COMPLETE ARCHITECTURES


 + H15x switch
   DS Agile C264

 BCU A DS Agile complete architecture is built
around an ethernet network that links
H35x
switch the components from the base
architecture with an Operator Interface
(OI), a gateway and protection and
DS Agile control IEDs.
A30x
Gateway
+ H15x switch The ethernet network may be local to a

  substation -typically for a transmission
   application- or it can interconnect
dispersed sites commonly found in
MiCOM P40 Protection relays industrial or infrastructure applications
DS Agile self-healing ring through Wide-Area Control Units.
redundant ethernet-based architecture

 The client-server communications
  


exchange avoids any central point
between local and remote control (as
DS Agile OI found in the simple architecture) and
DS Agile A30x + H18x/H16x
Gateway switch
allows for tailored redundancy of the
+ H18x/H16x switch client and/or server.

The full architecture is also typically

T1000 T1000 implemented as a way to make an
switch switch existing installation evolve progressively
via new technologies. The older system
then becomes a slave to an IEC 61850
converter and new devices can
successively be plugged into this
H38x/H36x network.
DS Agile switch
C264 BCU
MiCOM P40


Protection relays 
 
DS Agile PRP / dual-homing star
redundant ethernet-based architecture

DS AGILE v5.1 COMPONENTS
A typical DS Agile solution integrates
many Intelligent Electronic Devices
(IEDs) such as protection relays,
measurement centres, bay controllers,
etc. In addition to those supplied by
Alstom, DS Agile is fully open to the
integration of third-party devices so
that existing devices in the field and
user preferences can be
accommodated.
When third-party devices are integrated,
strict tests are realised in order to
validate functional interoperability limits,
data retrieval, control capabilities and
remote settings.
C264 MODULAR SUBSTATION
BAY CONTROLLER
The C264 bay controller is a
sophisticated modular computer that
supports many applications and
functions for substation control,
communications, monitoring,
protection and automation.
Typical applications include:
Bay control
Remote Terminal Unit (RTU)
IED gateway / Data concentrator
Automation – PLC & PSL
Sequence-of-events recorder (SOE)
Measurement centre
Power quality monitoring
Integrated feeder protection
Automatic voltage regulation
Synchro-check
C264 substation / bay controller
SUBSTATION AUTOMATION SYSTEMS PRODUCT SOLUTIONS
DS AGILE v5.1
MICOM ALSTOM Px40 PROTECTION IEDS
Alstom Grid provides a complete family of protective relays for transmission,
sub-transmission, generation and industrial substations.
Typical protection applications include:
Voltage/Frequency
Auto reclose and breaker failure
Busbar
Transformer
Line differential
Distance
Generator
Motor
Feeder
Phasor measurement
System integrity protection schemes MiCOM P40 Agile protection IEDs
ALSTOM MEASURING AND
RECORDING IEDS
The new Alstom Reason range of IEDs
can be integrated in DS Agile v5.1 for
fast, highly accurate, real-time fault
recording and analysis, power quality
measurements and trend recording -
Ideal for analysing network faults,
reactions of protection IEDs, dynamic
network stability and long term trends. Reason RPV311 Digital fault recorder
H-SERIES SWITCHES
Alstom’s H-series ethernet switches use a combination of advanced redundancy
protocols and fibre-optic connections to ensure the reliability, availability and
dependability of substation communications networks - All this while maintaining the
flexibility of being able to connect to standard ethernet networks and thus ideal for
substation refurbishment or upgrades.
They are available as standalone,
embedded and PCI card (for integration
into a PC) versions.
New additions to Alstom Grid's
H-series range for DS Agile v5.1
include GOOSE switches and Parallel
Redundancy Protocol (PRP) switches,
also called "RedBox".
Additionally, DS Agile offers integration
with off-the-shelf communications MiCOM H38 PRP "RedBox"
components. redundant ethernet switch
DS AGILE GATEWAY
Combining full compliance with
IEC 61850, hot-standby redundancy and
ease of commissioning, the DS Agile
A301 Gateway offers a powerful solution
for interfacing bay level devices
(measurement, protection or control),
station level devices (DS Agile clients
and servers) and upper level systems
(Network Management Systems or
Digital Control Systems).
The A301 is ruggedised, solid-state and
designed to work within stringent
substation environmental conditions
(EMC complianc eaccording to the
IEC 61850-3 standard, etc.).
DCS OPERATOR INTERFACE (OI)
The state-of-the-art DS Agile OI user
interface is integrated in the DS Agile
v5.1 system.
This proven HMI provides efficient and
secure access to information and
archives, tailored to the substation
environment and the end-user’s specific
requirements.
Key modules include:
Real-time display
Single-line diagrams
System component status
Alarm viewer
Sequence of events
Alstom's DCS Operator Interface
DS Agile A-series Gateway / WACU
DS Agile Configuration Editor (SCE)
WIDE-AREA CONTROL UNIT
(WACU)
Based on the A301 Gateway, the new
DS Agile A401 WACU allows the same
gateway functionalities as well as
substation inter-voltage and inter-
substation exchange through IEC 61131
PLC automation.
This wide-area automation capability
becomes highly valuable whenever the
implementation of multi-substation
control is needed. Real application cases
of the WACU include, for example,
islanding a section of the grid under non-
stability conditions, automating the
configuration of multiple substations
across railway lines or exchanging data
between the generation subsystem and
the transmission inter-tie substation in
the connection of a power generation
source to the grid.
SYSTEM ENGINEERING TOOLS
Alstom's DCS engineering software
tools cover the complete lifecycle of the
electrical application including system
engineering, IED engineering,
substation automation, network
analysis, system maintenance and IED
maintenance – all integrated with a
consistent look and feel.
The DCS Equipment Simulator (ES) can
reproduce a missing or existing device,
or group of devices, in order to test any
user action or automation procedure
before running on site.
 SUBSTATION AUTOMATION SYSTEMS PRODUCT SOLUTIONS
DS AGILE v5.1 CYBER SECURITY STRATEGY
Being integrated in the utility IT system and infrastructure, the
substation digital control system can be the target of
deliberate or inadvertent attacks from different sources,
whether external or internal to the IT system.
A defense in-depth strategy including multiple layers of
security is implemented in DS Agile to counter these attacks
and limit their impact, increasing the substation cyber-security
in line with the recommendations from international standard
bodies, regulators and known IT good practices such as NERC,
NIST, IEC, IEEE, etc. The different technical countermeasures
used to ensure cyber threat detection, prevention and
protection of the DS Agile LAN are organised as a defense in-
depth strategy.
DS AGILE NETWORK PROTECTION
Protection against external threats begins with limiting the
number of access points to the DS Agile LAN architecture.
The access point is generally a router combining Virtual
Private Network (VPN) to communicate with remote
systems, LAN Firewall to allow only specific protocols
communication between specific devices / zones and
Authentication proxy functions. The firewall's built-in IDPS
(Intrusion Detection and Prevention System) is configured to
detect, block and report malicious traffic.
Remote maintenance is done by adding a “jump box”
(standard PC) in the substation's DMZ ("demilitarized zone")
and, from there, accessing a restricted list of devices and
applications on the private zone. This allows securing the
traffic to the substation IEDs.
Finally, host firewalls running on Windows PC allow only the
required communication flows between authorised PCs, while
the Ethernet switches also participate to reduce threat impact
on the network by organising the LAN traffic.
Router / Firewall securing communication with remote centres
and bringing a single mandatory path to the DCS LAN
DS AGILE v5.1
DS AGILE HARDENING
Hardening aims at reducing the number of possibilities a threat
has to disrupt or take control of the DS Agile software.
OS Upgrade
The Windows PC in DS Agile are updated to the latest security
patch set provided by OS vendors before the DCS final testing.
System Hardening
Operator Interface (OI) and SCADA Gateways
• The OI and Gateway are installed on Windows 7 PCs.
• Unused USB ports are disabled in the BIOS or Windows.
• Unnecessary user accounts and daemons / services are
disabled.
• Many registry keys are setup to increase security and the
audit and password policies are set.
C264
• All unused protocols are disabled; the C264 controller has
no USB port.
• There are no backdoors or hardcoded user accounts that
give “write” access to the device.
• A user session is automatically ended after a settable time
out.
Secure Protocols for SCADA link
The SCADA link is secured via the VPN feature of the router /
firewall. The VPN can transport IEC-60870-5-104 as well as
serial protocol IEC-60870-5-101.
Secure Maintenance Protocols
In addition to the standard maintenance protocols (such as
http, ftp and telnet), secure protocols are implemented to
increase confidentially and integrity (Ftps or sftp, rdp over
https).
Software Integrity
All Alstom software is free of malware and digitally signed to
guarantee authenticity and integrity at installation time.
Authentication, Authorisation, Accounting (AAA)
Authentication
All users are required to authenticate for interacting with any IED.
Users have individual accounts and passwords (no shared accounts).
Password complexity is reinforced and its storage strictly managed.
Authorisation (Role-Based-Access-Control, RBAC)
DS Agile implements RBAC to fully manage the authorized users.
Each user account is assigned one or more roles and associated
non-overlapping rights.
Auditability
All basic security events are logged on each device.
No sensitive information (such as passwords) are logged.
 SUBSTATION AUTOMATION SYSTEMS PRODUCT SOLUTIONS
DS AGILE v5.1

MALWARE PREVENTION DS AGILE DEFENSE IN-DEPTH

When it comes to protecting and controlling critical STRATEGY
DS Agile uses two techniques in each of its Windows PC to improve malware
assets, good products are not enough.
prevention, anti-virus and whitelisting, depending on the PC role (“real-time” or Alstom has strongly reinforced the
“non-real-time” functions). substation cyber security by
On top of our excellence in state-of-the-art products,
Anti-virus implementing in DS Agile this
Alstom Grid can also provide you with: differentiated defense in-depth
An antivirus can be installed at the customer request on each Windows PC.
However, antiviruses have some drawbacks, like the need for regularly updating the strategy with emphasis on
malware signature database or the consumption of CPU and memory resources of prevention and detection at each
the PC, thus this solution is less recommended for PCs running "real-time" level in the DS Agile architecture.
applications such a Gateway or HMI.
Application control (Whitelist)
Contrary to antiviruses that work with a “allow by default” policy, whitelisting
software have a “deny by default” policy. Only software that is present in the
white list is allowed to be executed. This approach is particularly adapted to the
substation automation system where the system being stable, the whitelist
seldom changes. The result is that malware, which are processes, cannot run on
the protected system.

All Windows PC in the DS Agile system come with whitelisting software installed and
configured. Following whitelist activation, only software digitally signed by Alstom
can be installed or updated on the PC. This guarantees its integrity and authenticity.

When it comes to protecting and controlling your critical assets, good products are not enough.
On top of our excellence in state-of-the-art products, Alstom Grid can also provide you with:

Strong systems design and manufacturing

Highly experienced project execution teams located worldwide
Support and advice to make existing installations evolve
Long-term maintenance, refurbishment and asset life-extension
Technical training programs
After-sales services with worldwide regional coverage

For more information

please contact Alstom Grid:

Alstom Grid Worldwide Contact Centre

www.alstom.com/grid/contactcentre/

Phone: +44 (0) 1785 250 070

Visit us online: www.alstom.com

Grid-SAS-L3-DS_Agile_v5.1-2879-2014_09-EN. Information contained in this document is indicative only. No representation or warranty is given or should
be relied on that it is complete or correct or will apply to any particular project. This will depend on the technical and commercial circumstances. It is provided
without liability and is subject to change without notice. Reproduction, use or disclosure to third parties, without express written authority, is strictly prohibited.
Alstom contributes to the protection of the environment. This leaflet is printed on environmentally friendly paper.