Our Services

Power Systems Consulting

  • Power Quality

    • Power Quality

    Power Quality Service Overview

  • Power Systems

    • Power Systems

    Power Systems Service Overview

    Our studies and analysis capabilities support a wide range of service offerings for our clients, including:

    • Advanced power system modeling and simulation studies (power system dynamics, electromagnetic transients and harmonics)
    • Prototype engineering software development
    • Technology assessments
    • Requirements definitions for new products
    • Insulation coordination
    • Overcurrent protection
    • Event/failure analysis and troubleshooting
    • Facility design review
    • Transmission and distribution system interconnection evaluations
    • Standards development
    • Contract research and development

    Wind Energy: We provide expert guidance and support with wind turbine technology, wind plant design and operating issues, as well as technical questions associated with transmission grid interconnection and power system operation.

    Distributed Resources(DER): We conduct technical studies, contract research and development, DER technology characterization and evaluation, DER equipment design and advanced protection system design. We can help you navigate a broad range of technical questions related to the impact of DER on distribution system design, operation and protection.

    Transmission and Distribution System Studies: Our power system modeling and simulation capability covers the range of technical phenomena and issues important for highly-reliable power system design and operations.

    Software Tools: We are able to develop models and generate results using a variety of programs utilized by our clients. This includes ASPEN OneLiner, ASPEN Line Constraints, PSS/E, GE PSLF, PSCADEMTDC, EMTP-RV, ATP, CAPE, WindMil and many more.

  • Systems Monitoring

    • Systems Monitoring

    Systems Monitoring Service Overview

    EnerNex personnel have been working in monitoring of electric power systems for many years. Our staff has experience in a number of areas including product specification, software development, system applications and enterprise level data acquisition and management. We have provided support in systems monitoring for electric utilities, end-use customers, instrument manufacturers and government and private-sector research programs.

    Capabilities

    • Data acquisition, analysis and presentation over secure Web sites
    • Advanced algorithm development from raw data such as event analysis
    • Data acquisition device specification and development support
    • Database configuration and data correlation
    • Requirements definition for product development, application, and support
    • Embedded software development
    • Development and support of software for data downloading and analysis
    • Communication network development/configuration support for data acquisition
    • Monitoring project management
    • Testing equipment against industry standards
    • Training on industry standards and communication protocols
  • Transmission and Distribution System Studies

    • Transmission and Distribution System Studies

    Transmission and Distribution System Studies Service Overview

  • Wind Energy Consulting

    • Wind Energy Consulting

    Wind Energy Consulting Service Overview

    Wind power is the fastest growing source of new electric power generation in the world. The cost of energy from large commercial wind plants in good wind sites is now competitive with that from more conventional sources, and costs are forecast to decline further with future generations of multi-MW turbines.

    Large wind plants are complex dynamic systems, comprised of many individual wind turbines interconnected with the transmission grid through an extensive medium voltage collector network. Auxiliary systems and equipment may be employed for reactive power control and voltage regulation within the network or at the point of interface to the transmission grid. Supervisory control systems monitor and direct the operation of individual turbines and auxiliary equipment in real time.

    EnerNex has extensive experience with wind turbine technology, wind plant design and operating issues, and technical questions associated with transmission grid interconnection and power system operation. Our years of power systems engineering expertise, along with more than a decade of experience working with wind generation technologies and systems, is unparalleled in the industry. We can assist with almost any power system issue relating to electric system planning, design, and operations relating to wind, including:

    Capabilities

    Bulk Transmission System Studies - evaluate the impacts of large wind plants on bulk transmission system operations, including steady-state and contingency analysis, impacts on inter-regional power transfer capability, network voltage stability, reactive power requirements and transient stability.

    Distributed Wind Plant Integration Studies - assess the influence of smaller distributed wind plants on distribution feeders and local loads, including voltage flicker, harmonics and protection system operation. We maintain feeder simulator and flicker calculations for UWIG’s Distributed Wind Impact Project.

    Design and Operational Analysis of Wind Plant Power Systems - evaluate intra-plant electrical systems within large wind plants, focusing on:

    • Reactive Power Management
    • Voltage Regulation
    • System Dynamics including Capacitor Operations and Reactive Power
    • Generation from Advanced Turbines
    • Event Analysis to Determine Root Causes
    • System and Equipment Performance Validation and Design Improvements
    • Investigations of Equipment Misoperation and Failure

    Technology Consulting - provide expert opinion and perspective on wind generation and electrical system technologies, including power electronics and electric machinery for wind turbines and transmission and distribution system equipment.

    Monitoring and Information Systems - specify, design, install and operate data acquisition systems for collecting, analyzing, and reporting on plant operations.

    Special Studies - use sophisticated simulation and analysis tools to conduct specialized and custom studies of new technologies for wind generation applications, including advanced power electronics systems for wind turbine and electric power system applications.

    Our staff has extensive experience working with a wide range of clients on wind issues. Our client list includes:

    • the U.S. Department of Energy and the National Renewable Energy Laboratory
    • Electric Reliability Council of Texas
    • Sacramento Municipal Utility District
    • Xcel Energy
    • Public Service Company of New Mexico
    • Vestas-Americas Wind Technologies
    • GE Wind

    Completed projects include:

    • Interconnection studies required by regional reliability councils and individual utilities for approval of requests to interconnect with the transmission system.
    • Transmission capacity and voltage stability studies, which can be critically important for wind plants located in sparsely populated areas remote from large load centers.
    • Investigations of wind plant operating problems, including distribution feeder voltage unbalance and regulation, nuisance turbine transformer failures, induction generator self-excitation, capacitor bank switching failures, harmonic resonance, high neutral-to-earth potentials on rural utility feeders paralleling wind plant collector feeders, and surge protection equipment failures.
    • Wind plant and wind turbine electrical system design improvements - improving feeder and turbine voltage regulation, reactive power management strategies, and dynamic thermal rating of transformers for increased capacity.
    • Technology assessment and evaluation - design projects for state-of-the-art wind turbine and wind plant technology, including advanced power electronics, control technologies, and novel electric machinery.
    • Technology consulting - expert testimony and analysis in intellectual property and patent matters, and in support of insurance or contractual issues.
    • Leading-edge research and development - assessing the impact of substantial amounts of wind power on utility control area operations planning and scheduling, determining ancillary services requirements (regulation, load following, reserves) for wind plants, quantifying the value of next-hour and next-day wind forecasting from a control operations perspective.
    • Detailed simulation and modeling - developing sophisticated electromechanical models of wind turbines, electric machinery, and power electronics elements for time-domain computer simulations to enhance design processes and improve system performance.

    In addition to these services, we provide operating and technical support to the Utility Wind Integration Group (UWIG), comprised of utilities, associations, and governmental agencies interested in technical and economic issues related to wind generation. This has helped us to establish and build span working relationships with wind generation providers, customers and others interested in facilitating a growing industry. It has also enabled us to keep tabs on the state of the art in the integration of wind power into electric power systems.

    Our staff has extensive experience working with a wide range of clients on wind projects including:

    • US Department of Energy
    • National Renewable Energy Laboratory
    • Electric Reliability Council of Texas
    • Sacramento Municipal Utility District
    • Xcel Energy
    • Public Service Company of New Mexico
    • Vestas-Americas Wind Technologies
    • GE Wind
    • Minnesota Department of Commerce
    • NSTAR Electric and Gas

Smart Grid Engineering

  • Advanced Metering Infrastructure

    • Advanced Metering Infrastructure

    AMI Service Overview

    The “I” in AMI also allows a utility to cost-effectively implement a variety of modern grid applications. EnerNex knows how to help a utility get the most out of the “I” in AMI. Advanced Metering Infrastructure (AMI) consists of everything needed to support advanced metering – from the meter itself to the back-end applications associated with demand response, billing, etc. Effective AMI development, implementation and operation relies on a marriage of electric power engineering with information technology expertise – a key component of EnerNex’s capabilities.

    EnerNex provides a wide array of engineering and consulting services geared towards smart implementation of AMI. This covers all phases of AMI project development, including:

    • Policy Development
    • Business Case Modeling
    • Assembling Functional Requirements
    • Conceptual Architecture Creation
    • Trade Off Analysis
    • Reference Design Construction
    • Performing Technology Assessments
    • Project Management Support
    • Product Testing and Vendor Evaluation
    • Systems Integration Support

    Leveraging experience and methodologies established during the development of the EPRI IntelliGrid Architecture, as well as expertise gained through work with a number of clients including Southern California Edison, TXU and the California Energy Commission, EnerNex is undertaking ground-breaking work in AMI development, implementation and application. EnerNex has experience with all the major components and applications associated with AMI, including:

    • Automated Meter Reading
    • Billing and Customer Information Systems
    • Customer Interface
    • Load Control/Curtailment
    • Time-Based, Critical Peak, and Real Time Pricing Programs
    • Telecom and Network Communication
    • Integrating Advanced Distribution Automation with the Metering System
    • Distributed Energy Resources
    • Energy Procurement
    • Field Services
    • Integrated Outage Management
    • Asset Installation and Maintenance
    • Program Review and Benchmarking
  • Cyber Security

    • Cyber Security

    Cyber Security Service Overview

    EnerNex practices an evolutionary, standards-based approach to solving real-world information security problems. We are well-positioned with memberships in the industry’s key standards-making groups to provide services and solutions for security policy and architecture development.

    We provide our clients with personal insight into security issues because we are the premier consulting firm for intelligent grid development. We have proven experience in regulatory issues and are performing ground-breaking work in utility communications security architecture. We can work in collaboration with your organization’s security department because we understand both the technology of information security and the demands of the power industry. EnerNex has provided software development and engineering support for the implementation of key utility standards and protocols.

    Capabilities

    • Security Policy Development – We can develop effective security policies tailored to your organization’s needs.
    • Security Architecture Development – We can design a technical solution to solve your security problems.
    • Vulnerability Analysis
    • Risk Assessments
    • Security Audit Development
    • Regulatory Compliance
  • Demand Response

    • Demand Response

    Demand Response Service Overview

    EnerNex has experience in all aspects of demand response, advanced metering and pricing programs. Our expertise ranges from analyzing and developing new technology to developing business cases and cost-benefit analyses and even includes creating and facilitating industry-wide initiatives that coordinate demand response requirements and help influence public policy.

    Capabilities

    • Automated Meter Reading
    • Billing and Customer Information Systems
    • Customer Interface
    • Load Control/Curtailment
    • Time-Based, Critical Peak, and Real Time Pricing Programs
    • Telecom and Network Communication
    • Integrating Advanced Distribution Automation with the Metering System
    • Distributed Energy Resources
    • Energy Procurement
    • Field Services
    • Integrated Outage Management
    • Asset Installation and Maintenance
    • Program Review and Benchmarking
  • Enterprise Architecture

    • Enterprise Architecture

    Enterprise Architecture Service Overview

    The Information Technology world is full of failures because the business drivers and automation implications were not fully understood in the beginning. For this reason, systematic enterprise architectural (EA) methodologies were developed providing clarity and risk mitigation. EA accomplishes this by focusing upon identifying and translating your organization’s business goals into the requisite business procedures, and underlying automation services.

    To minimize risk, EnerNex provides:

    • Leadership in National evolving standards, architecture and requirements, including EPRI Intelligrid, OpenSG, DoE GWAC, NIST SGIP and SGAC, IEC CIM, and IEC 61850.
    • A tailored The Open Group Architecture Framework (TOGAF) including embedded use-case methodology (EPRI Intelligrid), and incremental Smart Grid artifiacts/deliverables. TOGAF is used by hundreds of organizations, numerous utilities, NIST’s SGIP and DOE’s GWAC activities.
    • Experienced architects
    • A proven suite of architecture offerings tiered to support a client’s level of depth, budget and timeframes. In Summary, EnerNex’s key assets are their highly skilled and experienced staff who are closely connected to both the Smart Grid and EA standards and practices. EnerNex’s leadership strengths enable us to provide our clients insight and a practical path forward from Smart Grid vision to a fully functioning Smart Grid, which is flexible, scalable, and vendor independent.
  • IEC 61850 Testing

    • IEC 61850 Testing

    EnerNex has the largest concentration of IEC 61850 experts in the industry, including four former heads of IEC 61850 software development teams and the original project manager. Our team helped create the standard and continue to participate in its evolution and application.

    IEC 61850 presents an attractive standardization scheme for electric power utilities because it defines a single automation technology for the entire substation and has the potential to cut configuration and upgrade costs across the life cycle of the substation by 75% or more. It is an international standard that is accepted and implemented worldwide by all major vendors of control, protection and monitoring equipment. Utilities implementing the IEC 61850 standard are now laying the groundwork for an enterpriselevel common communication infrastructure for electric power utilities. IEC 61850 has the potential to transform the substation like no other communications standard, through “plug and play” automatic configuration, elimination of dedicated protection wiring and the creation of smart instrumentation transformers. It specifies the requirements, engineering processes, supporting tools, system life-cycle, conformance testing and the quality assurance requirements and maintenance for the entire substation automation system.

    Services for Utilities

    • Architecture and requirements definition
    • Feature set determination and guidance
    • Advanced protection scheme design
    • IED selection and specification
    • Data model development
    • Multi-vendor interoperability testing
    • Pre-pilot site testing
    • IEC 61850 product acceptance testing
    • IEC 61850 integration and system level testing
    • Enterprise integration
    • Commission testing
    • Training

    Services for Manufacturers

    • IEC 61850 implementation planning and software architecture
    • IEC 61850 embedded software development
    • Preparation for certification testing – pre-testing
    • Training

    Our Involvement

    • IEC Technical Committee 57 Working Groups
    • Working Group 3: Telecontrol
    • Working Group 10: Substations (IEC 61850 core)
    • Working Group 13: Control Center
    • Working Group 14: Distribution
    • Working Group 15: Security
    • Working Group 17: Distributed Generation
    • Working Group 19: Harmonization
    • TC 88 IEC 61400 Part 25 Working Group on Wind Power Plant Communications
    • UCA International Users Group
    Click here to view our presentation covering an Intro to 6180 Testing – the Features and Benefits.
  • Smart Grid Collaborative

    • Smart Grid Collaborative

    Utility investments are usually large. Smart Grid investments are huge and will impact a broad range of stakeholders – and the impact on those stakeholders will be tremendous. The relationship between customers and energy providers will be fundamentally changed. Costs will be certain; however, benefits will be dependent on programs designed for Smart Grid users and customer participation. Customers will have the opportunity to realize significant benefits. Change to the customer-utility relationship brings the potential for confusion, misunderstanding, and risk.

    The greatest risk to utilities and consumers is that the investment will not be realized as beneficial to stakeholders to their fullest extent possible. Regulators will also be faced with a bewildering array of smart grid-related policy decisions – on everything from cost recovery, to rate design, to customer data privacy and security. Left to the traditional adversarial process in which stakeholders operate in silos, smart grid benefits can get delayed or never materialize.

  • Smart Grid Development

    • Smart Grid Development

    Smart Grid Development Service Overview

    EnerNex has played a critical role in several industry efforts in helping to design, architect or otherwise facilitate a smart grid. EnerNex was part of the original team that developed the EPRI IntelliGrid Architecture. This team gathered information from several hundred industry stakeholders to develop dozens of use case scenarios for how the power system of today operates and how it should work in the future.

    Capabilities

    EnerNex is helping deploy the EPRI IntelliGrid Architecture in the utility industry. Key components of this deployment include:

    • Field demonstrations ranging from narrowly-scoped automation projects to enterprise-wide integration
    • Training workshops for utility partners and others
    • Establishing and maintaining working liaisons with key industry standards organizations and consortia
    • Encouraging standards harmonization and cross-pollination of technology between industry groups
    • Miscellaneous technology transfer and industry outreach support
    • Smart Grid roadmaps
    • Advise on business case development
    • Advise on enterprise architecture development and guide enterprise vendors
    • Develop technology and vendor evaluation methodology, write/review RFP’s and responses

    Our staff is at the top of the industry. We have employees involved with a number of key industry initiatives. In addition to the IntelliGrid Architecture, EnerNex is involved in other key smart grid initiatives.

    • EPRI IntelliGrid team
    • DOE GridWise Architecture Council
    • Galvin Electricity Initiative
    • DOE Modern Grid Initiative Development of a reference design for demand responsive infrastructure for the California Energy Commission
    • Coordinator/facilitator of the UtilityAMI organization
    • Facilitation for the formation of OpenAMI
    • Member of the UCA International Users Group, where company co-founder and principal consultant, Erich Gunther sits on the board of directors.
    • Consultant to CEC PIER Smart Grid Program
  • Utility Automation

    • Utility Automation

    Utility Automation Service Overview

    Our Philosophy of Utility Automation: EnerNex is committed to using the latest domestic and international standards, as well as off-the-shelf tools, wherever possible, to cost-effectively solve customer problems. This open systems philosophy limits your exposure to proprietary software and hardware that often becomes too expensive to maintain and support.

    EnerNex is also actively working with utility customers in the development of security architectures and Advanced Distribution Automation applications. We not only have decades of experience implementing communication protocols, but we have helped create them. Many of our staff are heavily involved with standards organizations such as the IEEE, IEC, Cigre` and ANSI and can bring to your company the skills necessary to architect optimal solutions for distribution and substation automation.

    Capabilities

    • Requirements development
    • Standards based conceptual design
    • Communication network design
    • Business case development
    • Procurement specification development
    • Implementation assistance
    • Training
    • Security assessment
    • Contract research and development
    • System studies

    Our Experience
    EnerNex understands the requirements of your utility automation applications:

    • Fault location, isolation, sectionalization and restoration
    • Volt/VAr control
    • Substation automation
    • AMI
    • Power quality monitoring
    • Protective relaying
    • Equipment condition monitoring for reliability centered maintenance
    • Phasor measurement and reporting
    • Advanced distribution automation
  • Utility Communications

    • Utility Communications

    Utility Communications Service Overview

    EnerNex provides recognized expertise in utility communications, particularly in industry standards and communication protocols. Our staff has decades of experience with numerous utilities, research organizations and government agencies in the development, implementation, integration and verification of communication standards and protocols.

    Our involvement in international standards-making organizations and other standardization efforts such as the IEEE, IEC, ANSI and Cigré is the key to our work. We not only use these utility communications standards, but we help create them. This expertise ideally positions us to help you with implementation, integration or deployment of communications technologies.

    Capabilities

    • Personnel Training – Training personnel in communications protocols and technologies
    • Communication Network Recommendations
    • Coordinating Communications Projects
    • Supervising and coordinating your communications projects
    • Facilitating Information Exchange
    • Facilitating information exchange with standards and regulatory organizations
    • Research – Researching the usefulness of new communications technologies to your business
    • Define Requirements – Helping to define requirements for your new utility communications products
    • Hardware and Software Design – Designing hardware and software systems to fit your communication needs
    • Communications Software Development – Developing communications software
    • Equipment Testing – Testing equipment against industry communications standards
    • Opportunity Awareness – Notifying you of opportunities for interoperability demonstrations and partnerships

Smart Grid Labs

Security Projects

Cyber Security Press:

May 27, 2011, Press release:  EnerNex takes next step in reducing cyber attack risks

 

EnerNex Support of TVA PowerWAN Security Policy

EnerNex helped TVA with the development of the PowerWAN, a new wide area network empowering real-time access to operational and non-operational data. The scope of work falls into four broad areas: Solution Development; Training & Outreach; Security Policy; and Testing. The EnerNex team performed on-site stakeholder engagement interviews to help TVA identify anticipated use cases and discover unforeseen applications and then established an overall framework for the PowerWAN Security Policy. We worked closely with TVA all the way down to the application-level details needed for real-world implementation. Specific sections addressed have been General Policies, Platform Security and Network Security.

In parallel, we are helping TVA put together a next-generation substation in Bradley County, Tennessee, using IEC 61850, an IP-based, self-describing, object-oriented protocol suite implementing a common data model agreed upon by major substation vendors.

As part of the security policy development effort, EnerNex created a Secure Device Specification for TVA to provide to vendors for intelligent electronic devices intended to be deployed on the PowerWAN. The specification was designed to ensure that devices had the capability to meet the PowerWAN Security Policy, allowing TVA to meet the Critical Infrastructure Protection standards, produced by the North American Electric Reliability Council (NERC). The specification is intended to provide a means of setting goals for vendors providing Intelligent Electronic Devices that will reside on the PowerWAN. EnerNex also developed an accompanying Rationale document, explaining in detail the motivation and importance behind each of the requirements. The Secure Device Specification and accompanying Rationale are referenced by the Vendor Relations Guidelines, which will point to TVA-defined Minimum 61850 Functionality and Environmental Requirements documents as well. The Vendor Relations Guidelines also provide a reporting format for communicating test results and reconciliation with the vendor.

For more information on our work with TVA and the PowerWAN Security Policy Project, please send e-mail to info@enernex.com.

Southern California Edison Utility AMI

EnerNex was retained by Southern California Edison (SCE) to provide consulting engineering services in the areas of requirements capture, technology assessment, requirements analysis, and architecture development. This effort is the first part of a planned three-phase program to specify, procure, test, and deploy advanced metering infrastructure (AMI) for SCE’s 4.6 million customers.

We assisted SCE with developing business requirements, examining feasibility of technologies, and cost benefit analysis, which comprise the 18-month first phase of the overall program. The second phase will focus on final development activities, including lab and field testing advanced metering solutions. After successful completion of development and authorization by the California Public Utilities Commission, full deployment of the company’s AMI program could begin in late 2009.

The overall systems engineering approach being taken by SCE is based on the EPRI IntelliGrid Architecture guidelines. Specifically, SCE is using the use-case-based IntelliGrid methodology to ensure that all aspects of an AMI system -meters, communication infrastructure, and enterprise software — are evaluated in a rigorous manner that results in high quality, traceable and defendable requirements.

In the IntelliGrid methodology adopted by SCE, cross-organizational teams developed 18 use cases, or narratives, describing the expected near and long-term use of the AMI system. The teams divided each use case into multiple alternate scenarios and then developed a detailed sequence of steps for each scenario. Finally, the teams translated each step into one or more requirements to be placed on the components of the AMI system. The IntelliGrid methodology permitted teams to map these requirements to specific customer and business needs. EnerNex personnel trained members of the other SCE consulting systems engineering contractor – IBM – in the IntelliGrid methodology. EnerNex lead two of the three requirements capture and analysis facilitator / analysis teams and IBM lead the third.

After an eight-month process involving more than 200 subject matter experts and 40 workshops, SCE released in June 2006 a preliminary set of requirements for its AMI system. These preliminary requirements were used to perform cost-benefit analyses and create an AMI system architecture and design, leading to a complete set of requirements to engage vendors in next generation product development. EnerNex participated in the business case development process using SCE’s business case analysis methodology (as opposed to EnerNex’s own methodology which is similar).

EnerNex’s support of this effort started with implementing a series of workshops with stakeholders to aid in the definition of business requirements, compiling use cases to facilitate requirements definition and the cost/benefit analysis, and support in the identification and examination of possible technologies. EnerNex is also participating in the project’s system architecture and engineering teams, the external technical advisory board, and is facilitating technical information exchange with external groups and projects such as the GridWise Architecture Council, OpenAMI, IntelliGrid, the UCA International Users Group and numerous standards organizations.

Aviat Networks – NERC Critical Infrastructure Protection Standards (CIP 002-009) Support

EnerNex provided Aviat Networks (www.aviatnetworks.com) with consulting services to support their activities in providing microwave communication solutions to the electric utility industry. The effort provided technical content for the development of an Aviat published whitepaper and focused on utility communications systems and their relationship to the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP 002-009) standards. EnerNex provided a summarization of modern electric utility communications including Smart Grid domains and applications, evolution and convergence of utility communication systems, and associated cyber security needs and drivers. From this foundation, EnerNex provided an analysis of how microwave communication systems may be affected, both directly and indirectly, by the requirements outlined in the NERC CIP standards.

Consumers Energy AMI Security

U.S. Department of Homeland Security

The purpose of this research, funded under the Small Business Innovative Research Program, was to evaluate the requirements and feasibility of implementing high security encryption using IEC 61850 in low cost gateways suitable for securing new and existing SCADA systems.

EnerNex proposed the implementation of a proof-of-concept device that would embody a protocol converter and gateway based on low cost, off-the-shelf hardware. The project looked at implementing a wide variety of cryptographic technologies and proposed methods to use those technologies to secure IEC 61850 and related protocols.

The project also assessed roadblocks to implementing SCADA system cyber security. The idea was to demonstrate that strong security could be implemented on small, low cost systems without compromising system performance, yielding a readily implemented, low cost means to enhance the security of electric power SCADA systems.

A key component of this project was analysis of third party market research relating to deployment and securing of SCADA systems and conducting a survey of SCADA system owners and operators regarding issues related to communication links to SCADA systems, protocols utilized, and level of awareness of cyber security issues.

U.S. Department of Energy – Lemnos Interoperable Security Project

AEnerNex is the project lead and prime contractor to the U.S. Department of Energy (DOE) for the Lemnos Interoperable Security Project which is a $3.75M public-private partnership. Lemnos is a multiyear effort under the DOE Office of Electricity Delivery and Energy Reliability’s Cybersecurity for Energy Delivery Systems (CEDS) program which supports the Roadmap to Secure Energy Delivery Systems. In addition to EnerNex, the core team supporting the effort includes Tennessee Valley Authority, Sandia National Laboratories, and Schweitzer Engineering Laboratories. Adding to the core team effort is collaboration from additional industry participants in the project including the Electric Power Research Institute (EPRI), Alien Vault, Cisco, Encore Networks, GarrettCom, Industrial Defender, N-Dimension Solutions, Phoenix Contact, RuggedCom, and Siemens.

As project lead of the Lemnos effort, EnerNex’s utilized its comprehensive understanding of the electric utility industry, supporting applications, and technologies along with its extensive cyber security knowledge and ability to facilitate industry collaborative efforts to address the problem set utilizing a requirements based methodology which focused on open standards and interoperability. In this manner, Lemnos is helping to foster the partnership between utilities and vendors by helping the two parties to clearly communicate utility requirements, product features, and configuration parameters relating to cyber security functions.

Project Background
The manner in which the control systems are being designed and operated in the energy sector is undergoing some of the most significant changes in history due to the evolution of technology and the increasing number of interconnections to other system. With these changes however come two significant challenges that the energy sector must face; 1) Cyber security is more important than ever before, and 2) Cyber security is more complicated than ever before. A key requirement in helping utilities and vendors alike in meeting these challenges is interoperability. While interoperability has been present in much of the discussions relating to technology utilized within the energy sector and especially the Smart Grid, it has been absent in the context of cyber security.

The Lemnos project addresses these challenges by focusing on the interoperability of devices utilized within utility control systems which support critical cyber security functions. In theory, interoperability is possible with many of the cyber security solutions available to utilities today. The reality is that the effort required to achieve cyber security interoperability is often a barrier for utilities. For example, consider IPSec, a widely-used Internet Protocol to define Virtual Private Networks, or “ tunnels”, to communicate securely through untrusted public and private networks. The IPSec protocol suite has a significant number of configuration options and encryption parameters to choose from, which must be agreed upon and adopted by both parties establishing the tunnel. The exercise in getting software or devices from different vendors to interoperate is labor intensive and requires a significant amount of security expertise by the end user. Scale this effort to a significant number of devices operating over a large geographical area and the challenge becomes so overwhelming that it often leads utilities to pursue solutions from a single vendor. These single-vendor solutions may inadvertently lock utilities into proprietary and closed systems.

Lemnos is built on the successes of Open PCS Security Architecture for Interoperable Design (OPSAID), a previous DOE National SCADA Test Bed (NSTB) project. It enhances security interoperability by identifying basic cyber security functions based on utility requirements and then selecting open source solutions, namely Internet Engineering Task Force (IETF) RFCs, to support these functions. Once identified, specific configuration parameters for each RFC suitable for the electric utility control system environment are identified and documented. These configuration parameters are referred to as Interoperable Configuration Profiles (ICP) and their effectiveness within the utility control systems environment is verified with comprehensive testing as the final step in the process. The project focused on development of ICPs for four security protocols (IPsec, SSH, LDAP, and Syslog) which represent fundamental building blocks which can be utilized for securing utility control systems. These ICPs are product agnostic and can be applied modularly to any device (router, substation gateway, intelligent electronic device, etc.) within the utility control system as the end user deems necessary for their unique system architecture.

As part of the Lemnos industry outreach efforts, the project team is working closely with the SG Security Working Group under the OpenSG Technical Committee of UCA international Users Group. This group has established the Cybersec-Interop Task Force which will serve as long term stewards of the technical work after project completion.

Recent news:
May 24, Cyber Security Interoperability Project Reaches Milestone

Related Documents, Presentations and Links:

AMI-SEC

A working group formed under the UtilityAMI activity in the Utility Communications Architecture International Users Group (UCAIug) to define common requirements and produce standardized specifications for securing AMI system elements.

DNP Secure Authentication

EnerNex is the editor and primary author of a specification to provide cyber security to the most popular utility communications protocol in North America, the Distributed Network Protocol (DNP3). This addition to DNP3 provides an open, standardized method for a master station, remote terminal unit, sensor or intelligent electronic device (IED) to verify that any given message was transmitted by an authorized user, and that the message was not tampered with in transit. This specification is an important step forward in securing critical infrastructure in North America, Australia, the UK and elsewhere in the world.

EnerNex has been working with the DNP Users Group Technical Committee and the International Electrotechnical Commission (IEC) to develop this specification since 2005. Version 1.0 of the specification was released in March of 2007. Based on comments from implementers, version 2.0 was released in August 2008 and source code is already available from suppliers. The specification is now in a testing phase sponsored by the Electrical Power Research Institute (EPRI), which will include:

  • Analysis of the specification by cryptographic experts at U.S. National Laboratories
  • Security evaluation of the protocol running on desktop computers
  • Update of the protocol to include a method for online distribution of new keys
  • Mapping of the mechanism to the IEC 60870-5-101 and -104 protocols popular in Europe and elsewhere in the world
  • Development of standard RFP language for specifying this feature of DNP3

In 2009, it is intended that this EPRI program will be expanded to include a full pilot test hosted at the U.S. National SCADA Testbed using commercially available DNP3 devices. For further information on participating in this program, click here or refer to the same notice posted on

The DNP Secure Authentication mechanism is based on approved protocols, methods and algorithms from the International Standards Organization (ISO), U.S. National Institute for Standards and Technology (NIST) and the IEC. EnerNex has spearheaded its development in parallel with, and as a compliant implementation of, the IEC 62351-5 technical specification for utility data communications security in telecontrol networks. DNP Secure Authentication has also been adopted by the Water Industry Telemetry Standards (WITS) group in the UK.

The DNP specification is available to DNP Users Group members on the DNP Users Group web site,www.dnp.org.

A PDF is attached to provide more information on the EPRI sponsored project.

Advanced Security Acceleration Project for the Smart Grid (ASAP-SG)

ASAP-SG provides all electric utilities uniform access to a greater body of knowledge and expertise than would otherwise be available to any one utility.

EnerNex, along with the utilities of the Open Smart Grid Subcommittee of the UCA International Users Group in collaboration with the US Department of Energy (DOE), the Electric Power Research Institute (EPRI), and other interested parties, joined to form ASAP-SG.

The project was created to be a utility-driven, public-private collaborative effort to develop recommendations and best practices for architecting, designing, acquiring, integrating, and operating smart grid systems. DOE is helping to support ASAP-SG by matching contributions from utilities dollar-for-dollar.

In January 2011, EnerNex announced the latest deliverables in the ASAP-SG series of Smart Grid related Cyber Security documents which provide prescriptive, actionable guidance for utilities and vendors implementing Smart Grid systems.

The documents, also referred to as Cyber Security Profiles, are part of the 2010 phase of the Advanced Security Acceleration Project for the Smart Grid (ASAP-SG) to accelerate the development of security requirements and standards for the electric utility industry.

In the first phase of the project, three application centric Security guidelines were produced and delivered to the Open Smart Grid Subcommittee and National Institute of Standards and Technology (NIST) Smart Grid Interoperability Panel (SGIP) - Cyber Security Working Group covering:

  • Advanced Metering Infrastructure (AMI)
  • Third Party Energy Data Access
  • Distribution Management

Documents are maintained on http://www.smartgridipedia.org/index.php/ASAP-SG under the Creative Commons 3.0 – Attribution licensing making the work free to copy, distribute, transmit and adapt the work.

There is opportunity for all North American electric utilities to take advantage of DOE funding and the concerted effort of industry stakeholders to produce proper, timely, and cost-effective security best practices for Smart Grid. EnerNex, DOE and EPRI are looking for additional participants to ensure the widest range of requirements are addressed. To get involved and participate in the next phase of the project, please contact EnerNex.

These living documents were made possible through substantial funding by a group of North American utilities in collaboration with the DOE. The project leverages dedicated domain expert resources from EnerNex, EPRI, Consumers Energy, Florida Power & Light, Pacific Gas and Electric (PG&E), Southern California Edison, InGuardians, Oak Ridge National Laboratory and the Software Engineering Institute at Carnegie Mellon University.

The project is also contributing work to other standards bodies, such as the International Electrotechnical Commission (IEC) 62351 Data and Communications Security, to facilitate and accelerate community Cyber Security efforts. Moving forward, additional Security guidelines are being developed based on utility stakeholder requirements and priorities.