Digital Substations

Experience concerning availability and reliability of Digital Substation Automation Systems (DSAS) based on CIGRE Working group B5.42

By Massimo Petrini, Terna, Italy and Rannveig S. J. Loken, Statnett, Norway

Digital Substation Automation Systems (DSAS), with some form of communication facility on station or bay level, have already been in service for several decades. Their functions include protection, command, control, supervision, grid and equipment monitoring, auto diagnosis and metering, to varying degrees of capability and complexity.

The performance of the DSAS is a vital element for the efficiency of the power system operation. Concerning operation and failure analysis of DSASs, most utilities and vendors have their individual procedure to gather information from the field, analyse these data and initiate specific maintenance or replacement actions on this basis.

Feedback from the experience gained to date has been identified as of major benefit to users, for effective design and life-time management of protection and control systems. The operational experience concerning dependability and reliability of these systems, but also problems related to hardware or software of IEDs, are the base for new developments or improvements.

The CIGRE Brochure 687 “Experience concerning availability and reliability of digital substation automation systems (DSAS)” from WG B5.42 was published in 2017.

This article is based on the survey from work of Cigre Working Group B5.42 and it will discuss how Users, Manufacturers and System Integrators can use experiences related to Reliability, Availability, Maintainability and Performance (RAMP) to specify, design, develop, operate and maintain the DSAS systems. 

The survey shows that many utilities use little efforts to gather thorough knowledge of RAMP, make detailed fault statistics of DSAS or specify detailed requirements for RAMP of DSAS.

The Tecnhnical Brochure 687, and so this article, has been organized according to the main phases of DSAS life cycle: concept and definition, design and development, manufacturing, installation, operation and maintenance, disposal.

DSAS Concept and Definition

During the concept and definition phase, the users state their DSAS philosophies, requirements and rules for functionality, performance, capacity and for RAMP, which they document in their procurement/design specifications. In this phase, the manufacturers in turn release their product and design specifications, accordingly, trying to meet the market needs as comprehensively as possible and in a competitive way.

The utilities have stated which RAMP requirements they define either in the implementation and/or in the maintenance contracts. Few utilities today make significant efforts in specifying detailed requirements for RAMP of DSAS. Nearly 40% of the respondents have no requirements for RAMP, 40% of them mainly specify wide system RAMP requirements and about 20% specify RAMP only for some specific devices and/or functions. 

Related to the Figure 1, the most commonly used method (50% of the cases) is to ask the manufacturer for a description of the solution adopted to fulfil the RAMP requirements.

33 % of the utilities ask the manufacturers to provide DSAS RAMP calculations and 22 % of them specify stress tests. Only 11 % give a technical weight of the fulfilment of the RAMP requirements in the tender evaluation. Finally, 22 %  do not specify RAMP at all. Utilities usually define DSAS maintainability either in their DSAS technical specifications or in their maintenance contract specifications. 

The majority of respondents (utilities) define requirements for DSAS documentation, remote accessibility to the system devices and parts, DSAS configurability and re-configurability along the whole life cycle, criteria of independence of parts in order to allow taking them out of service without any impact on the rest of the system and, last but not least, for spare part strategy. 

According to the utilities’ experiences, relating to RAMP, some functions prove to be more important than others. This can influence the selected DSAS architecture, in order to improve the dependability of the DSAS and the specific functions.

Figure 2 shows an overview of DSAS architecture, where bay protection is normally distributed at bay level (86%), busbar protection is mainly centralized at station level (58%), control is both distributed at bay level (61%) and centralized per each voltage level (58%), HMI is normally centralized at station level (98%), and monitoring is often distributed at bay level (72%).

Design and Development

For a DSAS system or equipment manufacturer, actions during the design and development phase include RAMP requirements specification, product hardware and/or software specification, quality procedures, certification definition, and compliance testing.

The type of solution that maximizes the RAMP of a DSAS along its whole lifecycle was chosen as “sophisticated” by 60% of respondents, compared to “basic” (simple) by 18% of respondents. 

This ratio is consistent between utility respondents and vendor respondents. However, vendors gave weight to factors including design rules, component selection guidelines and validation routines, which can be understood to be factors influencing the product design. Despite the utility preference for sophisticated solutions, the additional comments provided by the utilities mention a “keep it simple” approach, with critical functions/equipment identified for special consideration or specification. The utility comments also show a strong trend to prefer solutions that they have successfully implemented, rather than simply document RAMP requirements in their procurement/design specifications. 

Utilities and vendors gave equal importance to RAMP optimization, showing that it is a major consideration in the DSAS solution selection for both. There is also an agreement between vendors and utilities about RAMP optimization as a reason for adopting/proposing different DSAS architectures. 

The top 6 design solutions preferred by the manufacturers to improve the RAMP of the DSAS, among those proposed by the survey, are: use of watchdog; redundancy of ethernet switches; redundancy of station computers, redundancy of communication between IEDs; hot standby of components and automatic restart. 

The top 5 solutions preferred by utilities are: redundancy of protection devices; backup of power supply; system self-supervision and monitoring; redundancy of system power supply; standardization of devices used and design solutions.


The aim of this part was to get information from vendors whether utilities/end users require RAMP parameters either directly or in another way.

More than 80% of the utilities/end users use DSAS prototypes or pilot projects. This practice is the preferred one to validate the DSAS solution before putting it in a “Go Live” stage. Another common practice is to perform detailed tests in the laboratory/vendor facility before the deployment approval.

Table 1 shows the vendors’ top 10 items considered as key for RAMP. The results of the survey show that vendors provide more importance in terms of RAMP to the devices that, in case of failure, leave the bay without protection, forcing customer to provide an urgent action to recover the failure as soon as possible. 


For DSAS, installation is not limited to green field applications, but also concerns the refurbishment of live systems.  Especially in case of substation modification and extension, the interoperability and compatibility of the installed new DSAS components with the existing ones must be secured.

Related to where the vendors have technical staff ready to provide support when needed during and after installation, along the whole DSAS life cycle, 75 % of the utilities report that vendors have local staff. 21 % reported that vendors have “international central staff” and 12,5% inform that vendor cooperate with local consultants as their country representatives. 

There was a question related to the level of quality of the products delivered after the pilot project. The vendors report that the main cause for degradation of DSAS RAMP is that the test procedures were not detailed enough or not updated. 

Other important causes of degradation from the vendor point of view were the lack of DSAS documentation, the introduction of additional requirements not included in the first/validated project, and the time between the prototype/pilot project validation and the following systems delivery not sufficient to implement all the modifications. The utilities reported that the main causes for degradation of DSAS RAMP were the lack of DSAS documentation, too short time to perform all the tests, the human resources involved not being skilled enough and the introduction of additional requirements not included in the first/validated project.  

Vendors and utilities both report that the main cause for improvement of DSAS RAMP is the consolidation/further development of the standard solution and also the use of well validated test procedures in the pilot project.

Operation and Maintenance 

During the operation of the DSAS the users can engage many types of maintenance, by themselves or with the contribution of the vendor or a third-party company.  

Figures concerning RAMP are mostly collected for the IEDs, followed by whole DSAS and then for Bay level. Almost no one collects figures about IED components. According to the answers, the levels of detail of collecting figures are “DSAS” and “IED.” 

Post warranty maintenance and support for DSAS is mostly contracted to the vendors, but almost as many of the utilities buy maintenance or support from the vendors only occasionally, when they need it. On the other hand, one third of the utilities perform DSAS maintenance in-house. Some utilities also use third party companies for DSAS maintenance. 

Almost 66% of the respondents use remote maintenance, mostly for fault data retrieval from the substations. These include collection of disturbance recordings, event data, evaluation of protection performance, failure diagnosis of both HV and DSAS equipment, checking of settings, etc. Half of the respondents also allow vendors or third parties to access systems for remote maintenance. 

The most common approaches, adopted by more than 75% of the utilities and the vendors to reduce MTTR of DSAS are the availability of spare parts and the creation of archives for DSAS software, firmware and configuration data, followed by the quality of documentation. Vendors also use specialized teams dedicated to DSAS configuration and maintenance, while utilities, more often, emphasize regular training of the operation staff and interoperation with resources of the specification departments, for their experience and for the appropriate feedback to the future specifications. Vendors also value very much the availability of DSAS spare parts and the use of remote maintenance, which are valued considerably lower by utilities. Instead, utilities value the limitation of the number of software\firmware versions of each DSAS in operation very highly, followed by the quality of documentation and the use of specialized teams dedicated to DSAS configuration and maintenance. In turn, vendors value regular training of operation staff, sharing of experiences related to occurred faults and availability of recovery plans for DSAS more than the utilities do. In-house maintenance and interoperation with specification department are considered medium high by both utilities and vendors.

The best improvements brought by digital technology, according to both utilities and vendors, are about fault analysis, followed by the lesser need for preventive maintenance, and lesser need for testing. This is due to self-monitoring and remote supervision for the first ones and to reduction of wiring and lack of drift of protection settings for the last ones.

According to the majority of the respondents, IEC 61850 can help in improving DSAS RAMP. Regarding this point, as shown in Figure 3, we can observe a large difference of perception between utilities and vendors, i.e. 83% of the vendors declare an improvement vs a 52% of the utilities. Utilities are doubtful about the level of complexity of systems based on IEC 61850 and notice different interpretations of the standards that affect the actual interoperability. 

For the vendors the main benefits brought by the IEC 61850-based systems are the possibility of wide area control by means of the exchange of GOOSE messages between substations, the monitoring extended to primary equipment, the large use of fiber optic between process level and bay level, the adoption of the merging units, a better integration of third party IEDs, the overall simplification and standardization.

The majority of the utilities consider that, in order to increase RAMP, vendors should improve their skills in testing and in post sales assistance. More than 40% think they also should improve their skills in maintenance, upgrading and commissioning. The majority of the vendors consider that, in order to improve RAMP utilities should improve their skills in specification, commissioning, testing and maintenance. 30% of the vendors think utilities should also improve their skills related to the definition of general requirements and the support during the design and upgrading phases.


This phase concerns the end-of-life cycle of the systems. The main issues are to state the level of obsolescence and to determine the residual lifetime of the systems. 

Most of the utilities consider that the useful life of a DSAS based on proprietary protocols or platforms is 15-20 years. 30% of the vendors say that the useful life is 10-15 years. A shown in figure 4, IEC 61850 based DSAS based useful life, most of both utilities and vendors consider the useful life is 15-20 years. 

The main reason for disposal or refurbishment/upgrading of a DSAS is the difficulty in finding spare parts. It is considered by 75% of both utilities and vendors. Obsolescence is also considered by 60% of the utilities and 40% of the vendors. 

The other main reason, particularly for disposing a DSAS is the complete renewal of the substation including HV devices. They are followed by the lack of knowledge about the old DSAS, equally weighted by utilities and vendors. The lower level of flexibility of old DSAS is much more considered by utilities than by vendors.

On the other side, vendors, more than utilities, give more importance to compatibility with new substation requirements.

RAMP degradation and high cost of the maintenance of old DSAS are incredibly not really main issues for the utilities. At the contrary, high cost of maintenance is weighted second level by vendors. (Figure 4).

New Frontier & Challenges

The CIGRE Brochure 687 from WG B5.42 was published in 2017. In the meantime, digital technology has made steps forward, in the opportunities and tools offered, in its diffusion among the utility human resources minds, that are now even more confident with it, and in its concrete application in the electrical substations.

In particular, IT technology open to new possibilities: the management of a big quantity of data for predictive maintenance and the virtualization of the system architecture are only two, but significant, examples.

Two different behaviors can be observed: 

  • On one side, people skilled in protection and control can sometimes be a little bit too conservative and look at these new opportunities and tools with mistrust or fear, thinking that everything can keep on working as it worked so far
  • On the other side IT people may want to fill the substation automation environment with new instruments and solution in order to eliminate dust and spiderwebs from those old-fashion wired systems

It’s really important to be open to new frontiers, but at least two things must not be forgotten:

  • The experience gathered from the technicians who have been dealing with substation stuff for years. Everything can easily and superficially look older and/or simpler that how it really is, if we don’t know it very well. Furthermore, if things have been done so far in a certain way everywhere, there must be some reason
  • The scope, that must be clear to all the company resources. In this specific case (DSAS vendors and electric utilities) the scope is releasing and operating DSAS solutions with the best possible performance, availability, reliability, along their whole life cycle, with the lowest possible cost of procurement and operation. Just to give an example, Cyber security, typical issue related to digital technology (and a real and continuous challenge, deserving to be written in capital letters), is an extremely important constraint that must be considered as a requirement, and therefore satisfied and guaranteed, in order to reach the final goal, that is, again, releasing and operating the substations and the grid in an efficient, flexible, reliable, safe and secure way

In other words, we don’t need to change by definition, we don’t need to change because the New is better than the Old. We always have to be curious and open to the New, but we have to evaluate (technically, economically, strategically), compare, test and review it, before sending to retirement the previous solutions and going on air with the new ones.

While we are doing this, we should always consider and keep in mind the whole product life cycle since the concept, definition and specification phase (of course, also considering this, we can’t foresee the future, therefore the scenario in which our today-new DSAS will operate in 25 years, when they will probably need to be disposed, is now partially unknown).

But, again, let’s be open: For instance, Artificial Intelligence seems already to be very promising for the big data analysis, and so for the predictive maintenance of our DSAS and, more generally, of all the assets (provided that somebody with experience, see above, knows which information to collect, how to interpret it and what to do with it). Artificial Intelligence today is maybe not ready yet to support deterministic issues, such as interlocking, but it could be only a question of time for future developments or, why not, a need for changing our mindset in the next years.

Coming back on Earth, while we are going toward an even more massive diffusion of the IEC 61850-based solutions, important issues like DSAS full interoperability and rapid obsolescence have not been overcome yet, neither by the last technologies: the DSAS with all its components lasting 25 years, as well as the DSAS in which each component can be easily replaced with other ones, as well as the disposable “throw away” DSAS, easy end economic to replace, have not yet been invented.

A fundamental principle, applicable to the past, the present and the future, to the Old and the New, not only to DSAS RAMP, not only to DSAS, is “keep it simple,” rule number one for everything, everywhere, every time.


A clear tendency to refer to the past experience, related to electromechanical\non digital SASs, in order to design digital SAS with a high level of RAMP emerges from the answers received, but this attitude could affect the whole exploitation of potentials offered by the digital technology.

A suggestion, mainly to utilities, is hence to get more confidence with the digital technology, for example gaining experiences from inhouse DSAS integration, in order to take advantage from all the possible benefits of it. 

The knowledge about RAMP among users varies a lot, so there could be a need, for many users, for improving it.

Detailed fault statistics will play an important role in the analysis of the DSAS assets. Utilities should pay more attention to the DSASs whole life cycle, considering DSAS maintainability not only during the operation phase, but already in the technical specification.

Survey analysis states that utilities/end users are concerned about RAMP values, such as redundancy and availability, when they look at the whole DSAS solution, but, when vendors are asked directly about which topic is the main concern of utilities/end users in terms of RAMP, then the survey shows that specific IEDs is the most voted response. 

Furthermore, although utilities are interested in the level of RAMP of the whole DSAS, there is not a common practice to calculate it. Prototypes and redundancies are generally used to achieve a good level of RAMP. 

The pilot project/prototype approach gives utilities an objective idea, in terms of system performance and functionality, maintainability, reliability and availability related to the early life. Pilots could be also used for a quantitative measurement of RAMP parameters.

To improve the DSAS deliveries subsequent to the first one, the following suggestions can be given:

  • DSAS project documentation and test procedures should be complete, detailed and continuously updated along the delivery time of each DSAS
  • Specifications should be self-consistent and not subject to evolution during the project development
  • In case of development of special or new functionalities, the test procedures must be updated
  • Utilities and vendors staff should be properly trained
  • Required time to test should be agreed between utilities and vendors according to the experience gained along the delivery of each system

Fault statistics are essential for collecting unambiguous and objective information about the condition of the DSAS assets, which then can be used for the optimization of the utility’s asset management both along the DSASs useful life, and referring to their renewal, refurbishment, and risk management related strategies.

About the future challenges, as reported in the previous paragraph, a general suggestion is being always curious and open to new ideas and opportunities, but never stepping on the experience. New solutions always need to be deeply tested before going into operation, in order to ensure functional benefits, availability, reliability, economic and strategi advantages.

Finally, the” keep it simple” principle always applies.


Massimo Petrini received his Degree in Electrical Engineering from the Politecnico di Torino (Turin, Italy) in 1990. Massimo works for Terna, the Italian TSO, where, since 2022, he is Head of Technology Management Support and has been involved in projects dealing with the integration of the components of the HV power grid (overhead lines, cables, new machinery, FACTS, substation automation systems, and so on). Along the past years, since 1997, as Head of Systems Engineering, he led the teams that developed and managed the PAC systems projects, driving their transition from the electromechanical to the digital technology.  Cigre B5 member since 2005, former B5 Italian Delegate, Massimo has been involved, both as a member and as a convenor, in different Cigre WGs focused on protection, automation and monitoring.

Rannveig S. J. Loken received her Master of Science in Electric Power engineering from the Norwegian University of Science and Technology (NTNU) in 1992. She works in Statnett, the TSO of Norway, currently Head of Protection department in Statnett. In September 2018, she became Chair of CIGRE SC B5. Her special field of interest is protection and control for the transmission system. In addition, working in Cigre Working groups is of great interest – she is currently a member of WG B5.69. Rannveig is in the Advisory board of PAC world, Committee member of IET DPSP, and Member of the International Advisory Committee APAP.