Frame 6 Users Group Conference. Cincinnati, OH. June 8-11 WELCOME USERS

Transcription

1 Frame 6 Users Group 2009 Conference Cincinnati, OH. June WELCOME USERS

2 Control System Integration The Past, The Present and The Future (?) Presented By: Craig Corzine President & CEO June 10, :15 AM to 9:15 AM

3 Who is CSE Engineering? CSE Engineering, Inc. is a full-service engineering firm providing controls related engineering and technical services specifically to the power generation industry. CSE has a wide range of experience with gas turbine, steam turbine, balance-of of-plant, and ancillary based control systems and overall control system integration.

4 Mission Statement CSE Engineering, Inc. is in business to help the power generation industry achieve their maximum level of availability, reliability y and overall efficiency. CSE obtains these results by providing customized control system solutions tailored to meet the needs, requirements and equipment of each individual customer.

5 Affiliations Distributor for California and Western Nevada Recognized Turbine Retrofitter (RTR) CSE is an Advanced Integrator of VTS software. 505, 505E, 505Enhanced, 505LST, 505DE, 2301, GTC-190, GTC-250, Peak-150, Protech-203 VTS HMI Software VTScada SCADA VTS Alarm Dialer VTS Internet Server VTS Web Services VTS ODBC Server VTS OPC Server VTS WAP Server

6 Control System Integration The Past

7 Control System Integration of the Past PROBLEM: Standalone Configuration No Single HMI Software Solution PROBLEM: No automatic time synchronization between control systems to provide a common, system wide data time-stamp. PROBLEM: No Control-To To-Control communications for data exchange. PROBLEM: Multiple operator interface systems.

8 PROBLEM: No Single HMI Software Solution Control System Integration of the Past Hardwired I/O PROBLEM: No automatic time synchronization between control systems to provide a common, system wide data time-stamp. PROBLEM: No Control-To To-Control communications for data exchange. PROBLEM: Multiple operator interface systems.

9 Control System Integration The Present

10 PROBLEM: No Single HMI Software Solution Control System Integration of the Present The Modbus Solution PROBLEM: Modbus not capable of time-stamped data. PROBLEM: Modbus is not the native protocol for the controllers. Results in limited data access. PROBLEM: No automatic time synchronization between control systems to provide a common, system wide data time-stamp. PROBLEM: Time skewed data between the plant DCS and stand-alone alone controllers. PROBLEM: Multiple operator interface systems.

11 Control System Integration IBECS /<ITC>

12 Introducing IBECS

13 What Is IBECS? IBECS is CSE Engineering s name for the ultimate in plant control human-machine-interface software technology. The heart of the IBECS system is the industrial monitoring and control software that has been specifically designed to integrate a wide variety of legacy and newer monitoring and control devices into a plant-wide, DCS (Distributed Control System) style environment that provides state-of-art, fully-redundant communication capabilities and data display technology providing the operators with the same look, feel, and function regardless of the control system providing the data. Most plants have a variety of monitoring, control, and data acquisition devices that have been installed over the years. Many of these devices were supplied as stand-alone systems or else use components which have no data networking capability. While plant operators would like to have all data brought into a centralized control room, it is not always possible to justify the complete replacement of these devices. Even newer systems are not always supplied with compatible data communication capabilities. The IBECS system provides the plant operation, maintenance, and management staff with an easy-to-use, highly reliable, robust, fully redundant man-machine-interface system that makes maximum use of existing control equipment capabilities and provides the latest in communication and data presentation technology to a plant of any vintage.

14 Resolved: Single HMI solution for ALL controllers Control System Integration The Present The IBECS Solution Resolved: Unlimited data exchange between the individual control systems and the operator interface using the control system s s native communications protocol. Resolved: Automatic time synchronization between control systems to provide a common, system wide data time-stamp. Resolved: Capable of time-stamped data.

15

16 What Is <ITC>? <ITC> is an acronym that stands for IBECS for Turbine Control. <ITC> is a specialized IBECS software application specifically designed to replace the SmartRemote, Mark IV <D>, <I> and HMI operator interface systems provided with GE SpeedTronic Mark IV s, Mark V s and Mark VI s. What Does <ITC> do? The <ITC> system provides all the functionality of the Mark V <I> or HMI interface. The <ITC> system communicates directly with the Mark IV+ (80286) and Mark V turbine control panels over the existing StageLink using standard off-the-shelf PCI ARCnet interface technology. Incorporated into the <ITC> application are standard operator screens to monitor and control the turbine plus standard utility programs such as Control Sequence Program editor (modify, compile, and download), I/O Configuration editor (modify, compile, and download), Control Constant Editor (compile and download), LVDT Auto-Calibration, etc. Additionally, the <ITC> application has a Real- Time Rung Display (RRD) with sophisticated search and navigation tools to display the Control Sequence Program (CSP) with dynamic real-time data. Additionally, the <ITC> system is designed to as a gateway between the Mark V and any other computer or control system providing a direct read/write data exchange path between the devices for monitoring and control. This feature is very useful for DCS monitoring and control, remote (off-site) monitoring and control, historical data storage, report generation, etc.

17 Control System Communication Configuration Diagram 6 HMI Server 1, Server 2, and Server 3 are redundant of each other. Unlimited number of Servers. Unlimited number of Clients. Time-Stamped Analog data. Time-Stamped Digital data. Time-Stamped Alarm data. Servers and Clients act as redundant gateways to external systems such as PI, OPC, DCS, and PLC s. Communicates to Mk IV s s and Mk V s V s using native ARCnet based protocol. Utilizes standard off-the the-shelf hardware. Utilizes standard off-the the-shelf software. Utilizes non-proprietary, standard off-the the-shelf ARCnet cards. Encrypted communications for remote Thin and Thick clients.

18 <ITC> Utilities Real-Time Rung Display (RRD) Sophisticated search and navigation tools Control Sequence Program (CSP) Dynamic real-time data Logic Forcing Control Constant Adjustor (Compile and Download) Auto-Calibrate EEPROM Interface (Upload and Download) View Tools Pre-Vote Data Diag_C Interface Mk5 Sequence Editor (Modify, Compile, and Download) I/O Configurator (Modify, Compile, and Download)

19 Control Constant Modification

20 Auto Calibrate

21 EEProm Utility

22 Logic Forcing

23 View Tools

24 Pre-Vote Display

25 Quick Sheet Display

26 Real-Time Rung Display

27 Real-Time Rung Display

28 Networking and Redundancy

29 Alarm and Event Management Time Stamped Data To the Mill-Second using Mk V clock

30 Data Trending Real-Time Historical Zoom in X Zoom in Y Export Data

31 Data Trending Logged Comments

32 <ITC> - Reporting

33 Control System Integration The Future

34 Control System Integration The Future FERC / NERC Who is FERC and NERC and why should I care? FERC is the Federal Energy Regulatory Commission (Commission) Section 215 of the Federal Power Act (FPA) requires a Commission-certified Electric Reliability Organization (ERO) to develop mandatory and enforceable Reliability Standards, which are subject to Commission on review and approval. Once approved, the Reliability Standards may be enforced by the ERO, subject to Commission mission oversight, or the Commission can independently enforce Reliability Standards. Pursuant to section 215 of the FPA, the Commission established a process to select and certify an ERO and, subsequently, certified NERC as the ERO. NERC is the North American Electric Reliability Corporation (ERO) Prior to being certified by the Commission as the ERO, NERC had developed a cyber security standard for the electric industry on a voluntary basis. This voluntary standard, Urgent Action 1200, was adopted in 2003, and remained in effect on a voluntary basis until June 1, 2006, at which w time the eight CIP Reliability Standards that are the subject of the current rulemaking replaced the Urgent Action 1200 standard.

35 Control System Integration The Future FERC / NERC NERC submitted to the Commission for approval the following eight t CIP Reliability Standards: CIP Cyber Security Critical Cyber Asset Identification: Requires a responsible entity to identify its critical assets and d critical cyber assets using a risk- based assessment methodology. CIP Cyber Security Security Management Controls: Requires a responsible entity to develop and implement security management controls to protect critical cyber assets identified pursuant to CIP CIP Cyber Security Personnel & Training: Requires personnel with access to critical cyber assets to have identity verification and a criminal check. It also requires employee training. CIP Cyber Security Electronic Security Perimeters: Requires the identification and protection of an electronic security perimeter and access points. The electronic security perimeter is to encompass the critical cyber c assets identified pursuant to the methodology required by CIP

36 Control System Integration The Future FERC / NERC CIP Cyber Security Physical Security of Critical Cyber Assets: Requires a responsible entity to create and maintain a physical security plan that ensures that all cyber assets within an electronic security perimeter are kept in an identified physical security perimeter. CIP Cyber Security Systems Security Management: Requires a responsible entity to define methods, processes, and procedures for securing the systems identified as critical cyber assets, as well as the non-critical cyber assets within an electronic security perimeter. CIP Cyber Security Incident Reporting and Response Planning: Requires a responsible entity to identify, classify, respond to, and report cyber security incidents related to critical cyber assets. CIP Cyber Security Recovery Plans for Critical Cyber Assets: Requires the establishment of recovery plans for critical cyber assets using established business continuity and disaster recovery techniques and practices.

37 Control System Integration The Future FERC / NERC Why should I be concerned about complying with these standards if I don t meet the existing criteria? Because it s on the way!!!!! Section 41. California Commission comments that small entities can become a weak link whose failure could harm Bulk-Power System reliability. It is concerned that an entity that should be registered may slip through the identification process. Accordingly, California Commission suggests that any entity connected to the Bulk-Power System, regardless of size, must comply with the CIP Reliability Standards irrespective of their registration status. 122 FERC 61,040 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION 18 CFR Part 40 [Docket No. RM ; Order No. 706] Mandatory Reliability Standards for Critical Infrastructure Protection (Issued January 18, 2008)

38 Control System Integration The Future FERC / NERC Section 49. The Commission also adopts its CIP NOPR approach and concludes that reliance on the NERC registration process at this time is an appropriate means of identifying the entities that must comply with the CIP Reliability Standards. We are concerned, like the California Commission, that some small entities that are not identified in the NERC registry may become gateways for cyber attacks. However, we are not prepared to adopt California Commission s suggested approach of requiring that any entity connected to the Bulk-Power System, regardless of size, must comply with the CIP Reliability Standards irrespective of the NERC registry. We believe this approach is overly-expansive and may raise jurisdictional issues. Rather, we rely on NERC and the Regional Entities to be vigilant in assuring that all appropriate entities are registered to ensure the security of the Bulk-Power System. 122 FERC 61,040 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION 18 CFR Part 40 [Docket No. RM ; Order No. 706] Mandatory Reliability Standards for Critical Infrastructure Protection (Issued January 18, 2008)

39 Control System Integration The Future FERC / NERC / NIST Section 25. The Commission believes that the NIST standards may provide valuable guidance when NERC develops future iterations of the CIP Reliability Standards. Thus, as discussed below, we direct NERC to address revisions to the CIP Reliability Standards CIP through CIP considering applicable features of the NIST framework. However, in response to Applied Control Solutions, we will not delay the effectiveness of the CIP Reliability Standards by directing the replacement of the current CIP Reliability Standards with others based on the NIST framework. 122 FERC 61,040 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION 18 CFR Part 40 [Docket No. RM ; Order No. 706] Mandatory Reliability Standards for Critical Infrastructure Protection (Issued January 18, 2008)

40 Control System Integration The Future FERC / NERC / NIST 1 Section 279. The Commission accepts the explanation of the ERO and Reliability First that a control system could be a critical cyber asset, but not a critical asset As was stated in the CIP Assessment, a control system is a device or set of devices to manage, command, direct or regulate the behavior of other devices or systems. It is typically a specialized computer system or programmable logic controller that manages, commands, directs or regulates the behavior of other devices or systems in a physical environment, e.g., open or close switches or relays, start or stop motors, or control motor speed FERC 61,040 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION 18 CFR Part 40 [Docket No. RM ; Order No. 706] Mandatory Reliability Standards for Critical Infrastructure Protection (Issued January 18, 2008)

41 Control System Integration The Future FERC / NERC / NIST 1 For the purpose of Standard CIP-002-2, Critical Cyber Assets are further qualified to be those having at least one of the following characteristics: R3.1. The Cyber Asset uses a routable protocol to communicate outside the Electronic Security Perimeter; or, R3.2. The Cyber Asset uses a routable protocol within a control center; or, R3.3. The Cyber Asset is dial-up accessible. What's the Routable Protocol Data being sent from one LAN to another along any of several available paths is routed. The protocols that support multipath LAN-to-LAN communications are known as 'Routable Protocols'. Because routable protocols can be used to tie several LANs together and create new wide-area environments, they are becoming increasingly important. TCP/IP is the 'routable protocol'. Because Routable Protocols are relatively large protocols than the non-routable ones, they are slow in everything. They involve many types of error-checking and other functions, which increase the size of data-packets. 1 Standard CIP Cyber Security Critical Cyber Asset Identification

42 Control System Integration The Future FERC / NERC Compliance

43 In Summary

44 Where s s Your Pain? Control System Obsolete? Reliability Issues? Always Tripping Offline? Parts Hard to Find? Patients At An End? Yelling, Kicking, Screaming Not Solving Anything?

45 Do you have a CRAPPY control system? Tell us what causes you the most problems WE CAN FIX IT! csesupport@cse-