### End to End Resilient Timing Architecture – Digital Substation with Process Bus



A Leading Provider of Smart, Connected and Secure Embedded Control Solutions



Marcel Geor March 2021

### Agenda

- Digital substation with process bus time synchronization requirements
- Time synchronization vulnerabilities and mitigation
- End to end resilient timing architecture



# Digital Substation with Process Bus

**Time Synchronization Requirements** 



### **Digital Substation with Process Bus** Time Synchronization Requirements

- Digital substation with process bus inter-substation protection typically requires IEC 61850-5 Time Performance Class T5 (<1 μs)</li>
  - Substation merging units require master to be advertising PTP clock Class 6 or 7 with accuracy better than 250 ns
- Time synchronization must be high availability
- Real-time monitoring of time synchronization assets



# Vulnerabilities and Mitigation



### **Vulnerabilities and Mitigation**

| Time synchronization vulnerabilities                                                  | Mitigation                                                                                                                  |
|---------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------|
| GNSS jamming or interference                                                          | Holdover, alternate high accuracy sync sources                                                                              |
| GNSS spoofing                                                                         | Machine learning and signal characterization,<br>multiband and multi constellation, alternate<br>high accuracy sync sources |
| Poor antenna placement and urban canyons                                              | Multiband and multi constellation, holdover                                                                                 |
| Lightning or other environmental events                                               | Holdover, GM redundancy, alternate high accuracy sync sources                                                               |
| Erroneous data caused by third party subsystems                                       | Machine learning, sanity checking and alternate high accuracy sync sources                                                  |
| Erroneous data broadcast through the constellations                                   | Machine learning, sanity checking and alternate high accuracy sync sources                                                  |
| Hardware failure                                                                      | GM redundancy, network redundancy, dual power supplies                                                                      |
| Leap seconds, GPS week number rollover, epochs and eras, software arithmetic overflow | Machine learning, sanity checking and alternate high accuracy sync sources                                                  |



## **Mitigation Techniques**

- Multiband and multi constellation (< 5 ns RMS)
- Alternate high accuracy sync sources
  - Optical networks (DWDM, OTN) PTP Telecom Profile ITU-T G8275.1 < 100 ns from core to the network edge</li>
- Enhanced holdover through high grade oscillators
  - OCXO, Rubidium
- Machine learning, Sanity checking and signal characterization
- PTP grandmaster redundancy
- Dual power supplies
- Network redundancy
  - IEC 62439-3 Parallel Redundancy Protocol (PRP)



# End-to-End Resilient Timing Architecture



### **Communications Network – Timing Requirements**

#### Communications

#### Substation

Core to the Edge - ePRTC to HP BC PTP Output < =100 ns

Digital Substation Clock PTP Output < =250 ns



| Source of Time   | Transport BC Class       | Edge Timing Requirement |
|------------------|--------------------------|-------------------------|
| PRTC A: < 100 ns | A: cTE < 50 ns           | < 100 ns                |
| PRTC B: < 40 ns  | B: cTE < 20 ns           |                         |
| ePRTC: < 30 ns   | C: cTE < 10 ns (HP BC)   |                         |
|                  | D: cTE For further study |                         |



### **Substation – Timing Requirements**

| Communications             | Substation                                      |
|----------------------------|-------------------------------------------------|
| HP BC PTP Output < =100 ns | Digital Substation Clock<br>PTP Output <=250 ns |
| HP BC<br>68275.1           |                                                 |

| Clock Type             | IEC 61850-9-3 Time Inaccuracy |
|------------------------|-------------------------------|
| Grandmaster Clock (GM) | < 250 ns                      |
| Transparent Clock (TC) | < 50 ns                       |
| Boundary Clock (BC)    | < 200 ns                      |



## **Resilient Timing Architecture**

### **Communications Network**



## **Resilient Timing Architecture**

### **Substation Protection and Control System Network**

Digital Substation Clock PTP Utility/ Power Profile Output to SS IED < =1  $\mu$ s



<sup>© 2021</sup> Microchip Technology Inc. and its subsidiaries

### End-to-End Resilient Timing Architecture Consolidated Solution





## **Thank You!**

Marcel Geor Email: marcel.geor@microchip.com

