FIGURE 4-2 Simplified diagram of the sensing, communication, and control systems associated with a typical power system. Programmable logic controllers, protective relays, systems to control transformer tap settings and capacitor banks, automated metering systems, and distributed control systems as well as a variety of field devices all operate at this level. NOTE: Numbers refer to points of vulnerability discussed in the text.
uploads measurement data from the station and downloads control orders from the SCADA system. Within the station, the RTU is either directly connected to the equipment being controlled, or (because the new equipment is increasingly being controlled by microprocessors) through intra-station local communication networks. RTUs contain analog-to-digital and digital-to-analog converters, digital inputs for status, and digital or analog output for control.
A newer development is the intelligent electronic device, which often implies a built-in network capability such as Internet Protocol. Networked devices are, of course, more susceptible to cyber attacks. Sensors and the devices discussed below may also be considered intelligent electronic devices.
Programmable Logic Controller
Programmable logic controllers (PLCs) have been used extensively in manufacturing and process industries for many years and are now being used to implement relay and control systems in substations and power plants. PLCs replace binary (Boolean) logic networks of series and parallel combinations of electromechanical coils and contacts. They are used in mission-critical applications such as the special protection systems described in chapter 6, sometimes in fault-tolerant confgurations (e.g., triply redundant with two out of three required to agree for an output decision). PLCs have extended input/output (I/O) systems similar to those of transmission substation RTUs. The control outputs can be controlled by software residing in the PLC