IEC61850-3 Certified Computers Enable Cybersecurity in Automated Substations - Lanner Electronics | Network Appliance | uCPE SD-WAN| MEC Server | Intelligent Edge Appliance

Background

Cybersecurity holds critical significance for substations, given their integral role in the electrical grid as key nodes for electricity distribution to various sectors including residential areas, commercial establishments, and vital services. A breach in substation cybersecurity can lead to not just interruptions in the power supply, but also carry substantial safety hazards. This includes possible physical damages which might pose risks to both the workforce and the public.

The growing interconnectivity of the electrical grid raises the risk of extensive disruptions from cyberattacks. Server-grade industrial network security appliances ensure network security for substations through a combination of advanced hardware and software features specifically designed to meet the rigorous demands of industrial environments like substations.

Requirements

A leading integrator in the South East Asia, specializing in substation automation, faced significant challenges in securing its critical infrastructure against increasing cyber threats. The integration of digital technologies in their substations, while improving efficiency and control, also introduced vulnerabilities that could be exploited by cyber attackers. To address these challenges, the integrator decided to implement a robust cybersecurity solution utilizing Lanner’s hardware. The system needed to meet the following requirements.

• IEC-61850-3 & IEEE 1613 Certifications –
  Critical infrastructure environments can be harsh, with unexpected ambient temperature fluctuations, shocks and vibrations, or other external factors. Therefore, deployments in these environments require IEC-61850-3/IEEE 1613 certifications to meet the required robustness in power substation environments.
   
• Wide Operating Temperature –
  Given the extreme temperature in a critical infrastructure environment, the rugged computing system must be able to sustain harsh environments without sacrificing operation safety and productivity.
   
• Multiple I/O Features –
  The platform system requires multiple I/O connectivity for meters and relays, and Ethernet connectivity for IEC 61850 IEDs.
   
• Expansive Memory Support –
  Hardware equipment in substations may generate high volume of data, and to assure data integrity, ECC (error-correcting code) memory is a necessary mechanism to correct data corruption in memory areas, increasing reliability in substation environments.
   
• Secure Technology –
  An on-board TPM 2.0 module for secure crypto-processing and tamper resistance at the hardware level.
   
• Redundant Power Supply –
  For equipment deployed in the utility sector, the appliance must be high-availability and maintenance-friendly, featuring a backup power supply with either AC+DC or dual DC inputs. This ensures uninterrupted operation during maintenance and avoids network service disruptions.

Talk to Us
 

Solution

The primary objective was to enhance the cybersecurity posture of the substation automation systems while ensuring minimal disruption to the existing infrastructure and operations. The solution aimed to provide reliable, real-time threat detection and response, ensuring the security and integrity of the substation's critical systems.

The use of Lanner's LEC-3340 and ICS-P371 proved to be a successful strategy in enhancing the cybersecurity of substation automation. The LEC-3340, a durable, rack-mountable industrial computer system, was implemented as a high-performance platform for running advanced cybersecurity applications. Its multiple I/O ports enabled easy integration with the substation's existing equipment and network to monitor traffic and analyze data for potential security threats. The ICS-P371, a device tailored for industrial cybersecurity, was deployed for real-time network monitoring and protection, placed to monitor critical communication points, providing an additional layer of security. This solution provided a robust, scalable, and efficient approach to protecting critical infrastructure against the evolving landscape of cyber threats.

Lanner's ICS-P371, equipped with the Intel® Atom™ X6211E/X6413E/X6425E CPU, is an advanced cybersecurity gateway designed for substations. This next-gen device features hardware enhancements like LAN bypass technology and TPM, and complies with IEC 61850-3 and IEEE 1613 standards for harsh environments.

The newly advanced LEC-3340, supports the Intel® Xeon® W-11000 series (Tiger Lake H) processor, is tailored for substation use. It features an extensive range of IO ports for IoT connectivity, including 5x USB 3.0, 4x isolated COM ports with 15KV ESD protection, 4x GbE RJ45 or SFP ports, 2x HDMI, and optional TPM 2.0. The device also supports SATA and PCIe M.2 boot drives and has 2x swappable 2.5” HDD/SSD bays with RAID, offering advanced storage flexibility.

The LEK-IS401, Lanner's industrial-grade PCIe network card, features four GbE RJ45 LAN ports powered by the Intel® i210IS Ethernet controller. Designed for rugged conditions, it operates between -40 to 70ºC and supports Jumbo Frame for larger data packets. Compatible with Windows 7/8/10 and Linux Kernel 2.6.x/3.x/4.x, it has a PCIe x4 interface and integrated LED indicators.

The LEK-IG401 from Lanner is an industrial-grade PCIe network card with four GbE RJ45 LAN ports, powered by the Intel® i210IT Ethernet controller. Suitable for harsh environments, it operates between -40 to 70ºC and supports Jumbo Frame for larger data payloads. Compatible with various operating systems, including Windows and Linux, it features a PCIe x4 interface and integrated LED indicators.

Featured Products

---

---

---

---