Phasor Measurement Unit for Monitoring Power Systems

Architecture of a Synchrophasor networks

A typical architecture of a synchrophasor network is shown in the figure. PMUs produce synchronized measurements of the phasors, frequency and the rate of change of frequency of the voltage and current signals, and output time stamped phasor data to a communication network using a standard format at a predefined reporting rate. PMUs are generally located in different substations of a power system. Time signals from the GPS are used to synchronize the phasor measurements to a common time base, as well as to time stamp the measurements. Synchrophasor measurements transmitted from PMUs at various locations of an interconnected power system are communicated to Phasor Data Concentrators (PDCs) over a wide area communication network. PDCs might be arranged in a hierarchical order. The role of a PDC is to collect, time align and send the synchrophasor data from PMUs to higher level PDCs. Data can be stored and use the time-aligned data for wide-area monitoring applications.

A reliable communication network is essential to proper functioning of a wide area synchrophasor network. Loss of communication can leave the synchrophasor application with insufficient information to carry out its operations. The communication network used by the control application may be a dedicated network or a part of the corporate data network of the power utility. A corporate network may carry other user traffic; hence the behaviour of the wide area control system can be affected by other uses, and it is important to understand the effect of network traffic characteristic on the power system operation. The communication between PMUs and PDCs is a packet-based communication network, where reliability is related to the probability of packet loss and bit errors. Both latency and packet-loss probability depend on the network congestion. The maximum usable data-rate, which is determined by the bandwidth of the communication link and the latency of the switches and routers directly impact the communication latency. Performance and reliability of the core components in the synchrophasor network, including the communication network, are critical for real-time wide area monitoring and control applications.

Another communication requirement is regarding security. The communication network supporting the dissemination of synchrophasor data must be robust against different malicious attacks such as distributed denial-of-service (DDoS) attacks, data snooping and spoofing, etc. since loss of grid observability, even for a short time, can be very costly and some synchrophasor data is potentially business-sensitive. The communication protocol defined in C37.118 do not support any basic integrity and confidentiality for PMU data, so they must be implemented using external devices.

With many deployed PMUs being implemented as additional functionality in other devices such as relays, it is also a concern that channels used to control and monitor the PMU could become avenues for compromise of the other devices’ functionality which may be even more sensitive than the PMU data.

Primary techniques include firewalls, virtual private networks (VPNs) such as those based on IPsec standards, transport layer protocols such as Transport Layer Security (TLS, known in earlier, now-deprecated, versions as Secure Socket Layer (SSL)) and Secure Shell (SSH) as well as the possibility of using utilities’ owned or leased private networks for synchrophasor communication. Regardless of the techniques used, careful attention must be paid to defining, enforcing, and coordinating the electronic security perimeters within which devices that generate, transport, and process synchrophasor data operate.

Encryption-based techniques bring challenges associated with securely managing cryptographic keys and cryptographic software–challenges that are far closer to the realm of IT security than control and monitoring system engineering. There are papers that notice the rate at which new vulnerabilities are discovered in software, such as openSSL – a popular code base for implementing TLS – and also suggests that implementing cryptographic solutions at network boundaries, such as a substation gateway, is far more manageable than trying to do it on every PMU device. This, however, comes with a cost in the form of risk that communications may be tampered with between the origin device and the gateway. There are also papers that offers practical suggestions for configuring communication channels for PMUs to minimize the risk that channels used for PMU functionality could be exploited to compromise other functionality housed in the same devices.

This project has received funding from the European Union’s Horizon 2020 research and Innovation programme under grant agreement N°832989. All information on this website reflects only the authors’ view. The Agency and the Commission are not responsible for any use that may be made of the information this website contains.

Sign up to our newsletter