Smart Grid Protection, Automation and Control: Challenges and Opportunities

Abstract

The evolution of Protection and Control (P&C) systems has developed though analogue and digital generations, and is presently advancing towards the utilization of Virtualization of Protection, Automation and Control environments (VPAC). This article focuses on redefining the features of traditional and modern P&C systems, Centralized Protection Automation and Control (CPAC), and VPAC, focusing on the integration of Intelligent Electronic Devices (IEDs) with secure communication that is time-effective in the centralized distribution of power and prevention of network vulnerability. Though standards such as IEC 61850-9-2 LE have been adopted, the actualization of full interoperability between diverse IED manufacturers remains elusive. With the digitization of technologies, P&C systems are naturally transitioning to virtual environments, with timing precision, redundancy and security being imperative. Latency and resource management and allocation in VPAC systems are considerable global issues. This paper discusses the issues of maintaining low operational performance in virtual substation environments while satisfying the requirements for performance in real time. The impacts of large volumes of data and artificial intelligence on the management of the grid are studied, and AI-based analytics that predict system failures and automatically change load flows are shown, as they have the potential to increase the flexibility and stability of the grid. The use of big data enables electric power utilities to enhance their protection systems, anticipate disturbances and improve energy management methods. The paper presents a comparative analysis between traditional P&C and its virtualized counterparts, with strong emphasis placed on the flexibility and scaling of VPAC resources.

1. Introduction

P&C systems, which are indispensable in intelligent grids, have undergone significant advancements in the 20th century [1]. From the early days of analogue systems to the modern digital frameworks found in electrical substations, P&C systems are now transitioning into VPAC environments. The evolution of protective relays is illustrated in Figure 1 [2,3]. Numerous factors, including the need for energy efficiency, the increase in distributed generation, the rapid advancement of technology, and the expansion of infrastructure for electric vehicle charging are driving the necessary transformation. Therefore, the utility industry has to change, and manufacturers must produce more dependable, safe, and adaptable systems to satisfy current consumer demands. The IEC 61850 standard [4] has greatly improved interoperability among IEDs from different manufacturers, fostering the development of CPAC.

Figure 1. Different aeras of protective relays.

The standard represents an important step toward lowering future maintenance and investment expenses, despite full interoperability still being an issue. The CPAC system architecture is centralized and offers several advantages, including easier maintenance, improved information management, and the improved coordination of protection functions. In addition, these systems are capable of supporting sophisticated digital solutions including but not limited to having real-time monitoring, predictive maintenance, and movable protection schemes, which enhance grid performance and robustness. Figure 2 depicts the model of communication related to the IEC 61850 standard from [3]. Systems centralization began in the 1960s with the work of organizations like Westinghouse Electric and ABB, in which the integration of the protection and the control functions was envisaged [2].

Figure 2. Communication model for the IEC 61850 standard.

The works of ABB, especially during the 2000s, focused on using IEC 61850 and Ethernet standards to design and develop digitally enabled relays that were on the roadmap for future centralized PAC systems [3,5]. Consolidated PAC architectures integrate protection functions within a single-system platform, and facilitate the incorporation of distributed generation and a complex grid structure [6,7]. The evolution of the grid is characterized by the pressure to incorporate more and more distributed generation, deploy mesh topologies, and integrate large amounts of varying renewable sources. Virtualized PAC (VPAC) systems are the systems of the future that will allow the large-scale management of the grid by incorporating resources such as big data, artificial intelligence and machine learning [8]. These tools will, in turn, allow for predictive maintenance, autonomous load management, improved cybersecurity, and other things. In practice, migration to VPAC also supposes overcoming a number of challenges regarding time synchronization, redundancy, and cybersecurity, especially since cloud-based systems open their systems to new types of vulnerabilities. But even now, the VPAC systems have a very important fail-safe—the electromechanical relays. Even if there is a complete failure of the digital system, the electromechanical devices will be able to provide protection in a very reliable manner, as they are independent of software and digital communications. These devices, together with protocols for manual intervention, ensure safety and stability in the worst-case scenario. The transformation from electromechanical systems to VPAC can therefore turn power systems into more intelligent and adaptive networks. Much ongoing research is required, along with standardization like IEC 61850, and the integration of advanced technologies in overcoming the present challenges and assuring the reliable and secure operation of modern electrical grids.

2. Methodology

A systematic review of electronic resources was performed in order to analyze papers on smart grid protection, automation, and control to ensure replicability. Papers were then chosen to correspond to the specific inclusion and exclusion criteria outlined below. Using the keyword “Protection system”, 106,695 results were found from an initial search. Several key topics came up in preliminary studies, including “Protection Methods”, “smart grid”, “time synchronization”, “redundancy”, “cybersecurity”, and “Virtualization Technology”. Specific databases were used to refine the results. High-quality peer-reviewed papers were taken from SpringerLink [9], IEEE Explore [10], Web of Science [11], SCOPUS [12], ScienceDirect [13], Specialized Journals [14], and also the report provided by the IEEE PES PSRC WG K15 [14]. Keywords were combined with rigorous inclusion and exclusion criteria in order to mitigate potential bias and ensure the selection of the most relevant and highest-quality publications. In addition, the search results were subjected to a detailed analysis incorporating both recent and historical publications, thus reducing any possible bias in the final results. This rigorous review process resulted in the selection of 105 relevant publications for further analysis.

According to the McKinsey Digital 2023 Technology Trends Outlook report [15], electrification and climate technologies lead us toward a sustainable, zero-emission future. Communication and advanced connectivity technologies, such as 5G and WiFi 6, drive productivity and growth across multiple industries, while advances in generative artificial intelligence mark a new level of business and economic impact. One of the first steps in planning was to brainstorm some research questions, as follows:

• What are the current and possible substation architectures for protection, automation and control?
• What are the general demands during migration from CPAC to VPAC systems?
• Describe the role of time synchronization, redundancy and cyber security in this migration.

This study will therefore provide the answers to these questions based on the review of relevant literature. To this end, this paper has discussed in detail the needs for protection, automation, and control, and finding solutions to possible shortcomings.

The structure of this paper is designed to ensure a logical progression from foundational principles to advanced system-level challenges, facilitating a comprehensive understanding of modern substation developments. It begins with an exploration of the evolution of substation architectures, providing historical context and tracing the transition toward digital modernization. Next, it addresses critical technical aspects such as time management, synchronization, redundancy, and cybersecurity, which are fundamental for ensuring reliability and resilience. Building on these core elements, the paper then examines interoperability, emphasizing the importance of seamless integration between diverse technologies and vendor solutions. Finally, it explores future challenges and autonomous network management, outlining the transformative potential of AI-driven systems in shaping next-generation substations.

3. Evolution of Substation Architectures and Digital Modernizations for Smart Substations

Traditional substations, designed in the late 20th century, rely on analogue control and legacy communication protocols like Modbus and Distributed Network Protocol (DNP), which introduce specific vulnerabilities. While still operational, many have been supplemented with additional monitoring systems. Communication between master and slave devices occurs via fiber converters, as shown in Figure 3. A failure in a fusion unit could compromise circuit protection, exposing weaknesses in this architecture.

Figure 3. Typical communication architecture using Modbus/DNP protocols.

With the development of digital technologies, the substations move from legacy analogue systems to fully integrated digital solutions. As described in [16], the architecture of the substations may involve several communication protocols coexisting due to the gradual development towards modernization. In [17], the detailed review of digital substations has shown increasing requirements for secure systems and algorithms regarding access restrictions and cyber threat detections. It also stresses that personnel operating smart substations should have sophisticated skills related to network and data analysis. The authors trace the evolution of communication protocols and automation systems, showing how these digital environments are increasingly complex environments [18]. Figure 4 presents a typical architecture for fast bus protection schemes using proprietary protocols. Once more, the relays with limited communication capability use converters for fiber communications to guarantee the effectiveness of the communications means to ensure the robustness of the protection of the power system. Figure 5 illustrates the more enhanced configuration, wherein the relays that have native IEC 61850 station bus capabilities are interconnected via an Ethernet switch and have direct fiber optic outputs from the relays. This allows the relays to perform internal logic and the protection signals to communicate without additional devices managing the logic, a serious enhancement in substation technology. Finally, Figure 6 presents a protection automation and control architecture based on IEC 61850, where Generic Object Oriented Substation Event (GOOSE) messages and sampled values are utilized. Relays subscribe to the needed sampled values for protection and metering with significant increases in design efficiency. The instrument’s transformer wiring is minimal, as all signals can be transmitted over the same Ethernet fiber network. This is another way in which modern substation integration may be improved and reliability increased. Figure 7 shows a simplified view of the transition from legacy to centralized substation; we are currently at what would be described as the fourth generation of substation.

Figure 4. Standard architecture for implementing a fast bus protection scheme using a proprietary protocol.

Figure 5. Typical architecture used to implement a fast bus protection scheme using IEC 61850.

Figure 6. Typical IEC 61850 P&C architecture using GOOSE messages and sampled values.

Figure 7. Evolution from conventional to centralized substation.

3.1. Comparasion of a Conventional P&C Systems vs. CPAC Approach

A traditional protection and control system implements numerous distributed devices for the protection and control of different substation sections. This can bring certain operational and maintenance difficulties into the application [19,20]. In contrast, under the Centralized Protection Automation and Control approach, by centralizing all the critical intelligence into one system, the engineering, commissioning, and maintenance become easier by providing a single view for the whole substation [18]. This approach gives improved synchronism between protection and control schemes via Precision Time Protocol (PTP) and redundancy via protocols such as RSTP (Rapid Spanning Tree Protocol), MRP (Multiple Spanning Tree Protocol), HSRP (Hot Standby Router Protocol) and PPP (Point-to-Point Protocol) [2]. The CPAC concept allows the centralized configuration of multiple protection and control functions, as shown in Figure 8. It implements complex schemas and reduces lifecycle costs due to the redundancy of spare parts and the faster reconfigurations that are allowed by evolving protection requirements. On top of that, CPAC allows better flexibility in both engineering and operations, enhancing the efficiency, reliability, and adaptability of electrical substations.

Figure 8. Simplified diagram of a CPAC system.

The fundamentals of the CPAC allow for consolidating critical protection intelligence into one device, which permits the redundancy within to lower risks and systematically provides segregation to the sections controlled by software, allowing more flexibility in the deployment of protection and control systems, as represented in Figure 9.

Figure 9. SoC design principle with CPAC concept.

Moreover, the CPAC can reduce substation lifecycle costs by as much as 15% compared to conventional ones [19]; this is mainly due to the reduced maintenance and operational costs [20]. The CPAC architecture may be implemented in different ways, i.e., centralized, hybrid and decentralized architectures. The choice depends on the protection philosophy of the substation, real-time application needs, and requirements for redundancy (Figure 10).

Figure 10. Substation architecture alternatives.

Table 1 comprehensively compares the conventional P&C systems with the CPAC approach in aspects of flexibility, costs, scalability, security, and operational efficiency. In the case of redundancy, standard protocols like PRP [21] and HSR [22], under the IEC 62439-3 [23], allow a communication network that is not only resilient but also minimizes recovery time in case one fails. These are inclusive of IEEE 1686 [24], IEC 62351 [25] and NERC CIP [26], among others, prescribing the protection and control measures of a system against the cyber threat. There are several recommendations, such as role-based access control, secure protocols for communication, and remote asset management, among others, regarding the safety and security of the critical electrical infrastructure systems. The centralized architectures concentrate all the important protection functions within one device, hybrid architectures integrate centralized intelligence with localized elements, and decentralized architectures distribute protection among several NPRs. From the point of view of synchronization, the CPAC systems must implement technologies such as IEEE 1588v2 [27] and IEC 61850-9-3 that reach an accuracy of 1 μs, which is of paramount importance in time-critical applications.

Table 1. Conventional P&C system vs. CPAC approach.

Criteria/Test Feature	Conventional P&C System	CPAC Approach
Flexible Configuration	Flexibility is limited by the need to configure each device individually.	High flexibility with rapid, centralized reconfiguration capabilities.
Commissioning and Maintenance	Requires time and effort for each individual device.	Centralized configuration and maintenance streamline the process, enhancing efficiency.
Startup Costs	Lower initial costs due to reliance on existing devices and mature technology.	Requires an initial investment in new technology and staff training.
Life-Cycle Cost	High maintenance and upgrade costs due to the distributed nature of the system.	Centralization leads to cost reduction and life-cycle simplification.
Reconfiguration	Time-consuming and costly; each device needs individual reconfiguration.	Quick and easy reconfiguration from a central point.
Communication Infrastructure	Leverages existing infrastructures but may face capacity and speed limitations.	May require upgrades to support centralization and increased data traffic.
Resistance to Change	Less resistance due to reliance on established technologies.	Potential resistance due to the need for adopting new technologies and modifying established processes.
Protection and Control	Relies on discrete, distributed devices, each responsible for specific protection and control tasks.	Centralizes protection and control, consolidating multiple functions into a single management point for enhanced coordination.
System Complexity	Simpler initial configuration, but maintenance and upgrades are challenging due to dispersed devices.	More complex initial configuration, but significantly easier maintenance and upgrades due to system centralization.
Scalability	Limited scalability: expansions require significant hardware and software modifications at multiple points.	Facilitates the addition of new functions and system expansion with upgrades at strategic points.
Security and Cybersecurity	Inconsistent security, relying on individual device security.	Enhanced cybersecurity through centralized authentication, authorization, auditing, and system hardening measures.
Factory Pre-Shipment Tests	Individual testing of each relay.	Tests are comparable to those conducted on conventional systems.
Commissioning Tests	Individual on-site testing of each relay with secondary injection of currents and applied voltages.	Secondary injection is performed on the merging units (MUs), similar to conventional system testing.
Periodic Maintenance Tests	Each relay is regularly tested throughout its operational lifespan.	Sampled value (SV) simulations and GOOSE messages enable maintenance testing without altering wiring or communication setups.
Test Configuration	Test equipment is configured at each stage of the relay’s lifecycle.	Test equipment configuration remains unchanged, saving time in wiring and connecting equipment.
Test Automation	Limited applicability in test automation.	Test process can be automated using GOOSE and SV simulation capabilities per IEC 61850 standards.
Secondary Injection	Conducted directly on the protection relays.	Conducted on the MUs, allowing the CPAC to disregard actual MU values during testing in simulation mode.
Time Synchronization	Information is distributed without facilitating synchronization.	Fault detection and analysis information is consolidated in a single location with built-in time synchronization.
Alarm Notification	Alarm information is dispersed across multiple devices.	Trigger information from multiple feeders is consolidated on a single alarm notification page.
Waveform Capture	Waveform capture is completed individually for each relay.	The same disturbance recorder function is used across all feeders, enabling waveform comparison from multiple feeders.
Sequence of Events	Events are listed individually for each relay.	Events from multiple feeders are presented chronologically within the CPAC system for a clear and comprehensive view.
SCADA System Cost	Additional investment required for SCADA system.	SCADA system advantages are provided at no additional financial cost.

Redundancy protocols like PRP and HSR introduce zero recovery time upon failure for enhancing system reliability. Figure 11 illustrates this.

Figure 11. Fully centralized architecture with PRP-based communication redundancy.

Expanding on the concept of hybrid architectures, Figure 12 shows an example of hybrid architecture with Numerical Protection Relays (NPR).

Figure 12. Hybrid architecture example with numerical protection relays.

In this configuration, all relays must be capable of handling the Sampled Analogue Values (SAV) communication profile of IEC 61850-9-2. This enables them to function as merging units for an existing feeder. This hybrid architecture combines relays and merging units to provide process-level information to the CPAC unit, allowing for the implementation of separate process units for critical and redundant feeders to channel protection commands from the CPAC unit. This setup offers the advantages of decentralized and centralized protection schemes.

As the research focused on hybrid architectures continues, Figure 13 presents another example of a hybrid architecture with an NPR. In this configuration, the NPR located in the individual bays is interfaced with the CPAC unit via an ethernet switch.

Figure 13. Hybrid architecture example with numerical protection relays using simplified local protection.

This makes it possible for relays in the bays to offer basic local protection and handle advanced substation protection in the CPAC unit. Centralized protection requires this hybrid architecture to have a core CPAC, which allows new functionalities to be added to the substation. Its functional requirements, pros and cons are summarized in Table 2 for both the centralized and hybrid architectures of substations, with greater detail than their respective merits and demerits.

Table 2. Summary of CPAC architectures.

Criteria	Centralized Architecture with Communication Redundancy	Hybrid Architecture with Numerical Protection Relays	Hybrid Architecture with Numerical Protection Relays Using Simplified Local Protection
Main feature	Fully centralized protection system with PRP-based communications redundancy using Merging Units (MU) and CPAC systems to send and receive data over independent LAN networks.	Protection system that integrates numerical protection relays capable of handling the Sampled Analogue Values (SAV) communication profile of IEC 61850-9-2, enabling them to function as merging units and provide information to the CPAC unit.	Protection system with numerical protection relays in the individual bays that communicate with the centralized CPAC unit via an Ethernet switch. This setup allows simplified local protection within the bays and advanced substation-level protection within the CPAC unit.
Advantages	This solution ensures the availability of functional protection in cases of device failure. It enhances engineering and maintenance efficiency through identical configurations in redundant units. It also enables a redundant unit to take over during upgrades or testing.	This solution facilitates the implementation of both local and advanced protection schemes, leveraging the advantages of both decentralized and centralized protection. It provides flexibility by integrating relays and merging units, allowing it to address diverse protection requirements.	This solution integrates the flexibility of centralized protection with the capability to add new functionalities to the substation via the centralized CPAC unit. It also enables the efficient distribution of protection across different levels.
Disadvantages	This solution requires a higher initial investment in redundant communication infrastructure. Additionally, the increased configuration complexity can elevate implementation and maintenance costs.	The configuration and coordination of relays and fusion units will become more complex, which may result in higher implementation and maintenance costs.	Greater coordination between the relays in the bays and the centralized CPAC unit is necessary to ensure optimal performance. A robust communication infrastructure is essential to support the increased configuration complexity.

Today, maintenance in electrical substations is somewhat complicated due to the use of different electronic devices from various manufacturers. Each device requires constant care, making management more difficult and affecting the system’s efficiency. In the last decade, CPAC solutions have emerged to make hardware in substations simpler. These integrated solutions combine several functions in a single system, reducing the complexity and enhancing the efficiency of the maintenance activities, but in different brands, functionalities are quite different, and this is an essential aspect during the selection of the best solution for each substation. For example, some of the equipment from the most important brands is described in Table 3. At the time of writing, equipment from major manufacturers such as GE [28,29], Schneider Electric [30], and Ingeteam [31] does not offer compact devices with the functionalities presented by the ABB’s SSC600. These manufacturers still maintain a protection and control devices categorization depending on a certain fault, rather than assembling all functionalities in one device unit. These solutions in functionalities are only comparable with SIPROTEC 7SX85 [32], the SEL-487E [33,34,35], and the SSC600 [20,36,37,38]. Another distinct feature of the ABB SSC600 is its centralized approach, housing all protection and control functions in one device. This not only simplifies the system architecture, but also reduces complexity.

Table 3. Comparative table of protection and control devices—state of the art.

Characteristic	SIPROTEC 7SX85	MULTILIN B90	MICOM Agile P747	Easergy MiCOM P40	SEL-487E	ABB SSC600
Brand	SIEMENS	GE	GE	SCHEINDER ELECTRIC	SEL	ABB
Protection	Feeders, lines, transformers, motors, generators, capacitor banks	Low-impedance busbars	Busbars	Lines, transformers, generators, busbars	Transformers, buses, lines, feeders	Lines, transformers, busbars, generators
Control and Automation	Yes	Yes	Yes	Yes	Yes	Yes
Monitoring and Diagnostics	Advanced	Advanced	Advanced	Advanced	Advanced	Advanced
Communication Protocols	IEC 61850, GOOSE, Ethernet	IEC 61850, DNP3, Modbus	IEC 61850, DNP3, Modbus	IEC 61850, DNP3, Modbus	IEC 61850, DNP3, Modbus	IEC 61850, GOOSE, IEC 60870-5-104 [39], Ethernet
User Interface	Graphical display, specialized software	Graphical display, specialized software	Graphical display, specialized software	Graphical display, specialized software	Graphical display, specialized software	Web HMI, Graphical display, specialized software
Flexibility and Scalability	Modular, configurable	Modular, configurable	Modular, configurable	Modular, configurable	Modular, configurable	Modular, configurable, controls up to 30 devices
Firmware Updates	Yes	Yes	Yes	Yes	Yes	Yes
Customizable Functions	Yes	No	No	No	Yes	Yes
Reduction of Devices	No	No	No	No	Yes	Yes
AI Capabilities	No	No	No	No	No	Yes

3.2. Migration from Conventional to Digital Substations

Migration from conventional substations to digital substations represents a big transformation in electrical infrastructure [40]. The challenges of conventional substations are shown in Table 4, summarizing the main drawbacks of conventional substations.

Table 4. Main issues associated with traditional substations.

Aspect	Drawbacks
Hardwiring	Copper wiring not supervised High costs of hardwiring CT/VTs Long installation and manual testing
Control Panels	Conventional protection relays Different relays for different functions The low-impedance busbar 87B requires additional secondary windings on CTs Lower flexibility: new function requires a new relay High costs for construction of the panels
Substation	High costs for the protection and control room inside the substation Separate panels for gateways and local SCADA

A conventional substation is burdened with several disadvantages, such as a shortage of supervision, high installation and maintenance expenses, and a lack of flexibility. Standardization through the introduction of digital technologies and standards such as IEC 61850 holds the key to overcoming most of these drawbacks, and provides a boost toward operational efficiency, security, and flexibility to meet future demands. Conventional protection relays can only provide a very basic level of protection by acting on preset settings and thresholds. Their principle of operation is the invasion of these threshold values. Central protection systems with high computing capabilities can offer sophisticated concepts, which continuously monitor the network for aberrant conditions and disturbances. Real-time data analysis, along with advanced algorithms, provides proactive and adaptive protection guarantees for a higher degree of reliability and efficiency, in line with IEC/IEEE standards [41,42]. The digitalization of a substation, in simple words, encompasses critical steps that range from conventional architecture to a completely digital AI-powered infrastructure. The road ahead from the existing scenario of conventional substations to a fully digital AI-powered substation is presented in Table 5. This holistic strategy discusses the shortcomings of the present conventional substations and probes for the latest digital technologies to develop an electrical infrastructure that would be more efficient, flexible, and future-friendly.

Table 5. Steps to migration from conventional to digital substation.

Step	Description	Tasks	Benefits
1	Conventional Substations—Protection and Control	Existing state with copper wiring and conventional relays.	Existing challenges with high costs, long installation, and low flexibility.
2	Digital Substation “Light” Hardwiring Replaced by Process Bus FOProtection and Control	Replace copper hardwiring with fiber optic (FO)-based IEC 61850 Process Bus (61850-9-2LE). Implement IEC 61850 GOOSE messaging for communication.	Faster deployment: Quicker installation process due to reduced physical wiring. Monitored communication: Real-time monitoring of communication channels. Cost reduction: Lower costs associated with reduced copper wiring. Interoperability: Enhanced compatibility with various devices and manufacturers. Faster deployment. Monitored communication. Cost reduction. Improved interoperability.
3	Digital Substation “FULL” Process Bus FO + Centralized PACS Protection and Control	Implement a full process bus FO infrastructure. Deploy a centralized Protection, Automation, and Control System (PACS).	Simplification: Reduced complexity with centralized control. Space savings: Less physical space required for equipment. Enhanced flexibility: Easier to add new functions through software updates.
4	Digital Substation “FULL” Process Bus FO + Centralized PACS Backups/Faults + Anomalies Recordings	Integrate backup systems and fault/anomalies recording capabilities within the centralized PACS.	Improved reliability: Enhanced fault detection and recording for better analysis. Data management: Centralized storage and management of fault and anomaly data.
5	Digital Substation “FULL” Process Bus FO + Centralized PACS AI Fault Analysis	Implement AI-based fault analysis within the centralized PACS.	Advanced diagnostics: AI algorithms provide detailed fault analysis, improving maintenance and response times. Predictive maintenance: Early detection of potential issues before they cause significant problems.
6	Digital Substation “FULL” Process Bus FO + Centralized PACS AI Fault Analysis + AI Fault Prediction	Enhance AI to include fault prediction.	Proactive maintenance: AI predicts faults before they occur, allowing for proactive maintenance. Operational efficiency: Reduced downtime and maintenance costs through predictive insights.

Presently, the commercially available models of the SSC600 from ABB have the capacity for recording anomalies, which they have had since firmware version 1.4. [37].

Table 6 summarizes the benefits, risks, challenges, and research directions of integrating Software-Defined Networks (SDN) and Programmable Data Planes (PDP) into IEC 61850 substations, focusing on network management, security, and automation. Advanced safety technologies are essential for protecting personnel and equipment. CPAC systems enhance safety through remote operations, non-conventional transformers, and arc sensors. These technologies improve accuracy and response speed, and reduce hazard exposure. Table 7 highlights key aspects and benefits of these advancements in modern electrical safety.

Table 6. Advantages, unresolved risks and challenges, and future research lines in integrating SDN and PDP with the IEC 61850 standard in electrical substations.

Aspect	Description
Advantages
Network Management	Automatic topology detection Efficient management of multicast traffic (GOOSE, SV) Logical partitioning (slicing) to improve QoS and prioritize critical traffic fast fault recovery
Security and Cybersecurity	Global visibility and control Putting in place security measures that include the blocking of traffic or network segregation Integration of lightweight machine learning within programmable switches for intrusion detection Future-proofed platform for patching and cybersecurity upgrades
Automation and Error Reduction	Reduction in manual configuration Decrease in human errors In-band telemetry for real-time data collection and proactive maintenance
Unresolved Risks and Challenges
Implementation Complexity	The effective coordination and management of SDN and PDP present significant challenges, requiring substantial investment in infrastructure and training
Critical Time Requirements	For some critical messages inside the substation, such as Type 1A GOOSE messages, the driving requirements are very strict in terms of time (3–10 ms); any such PDP integration should make sure these requirements are met without adding unacceptable latency Real-time performance in an SDN-based substation depends upon appropriate hardware: inappropriate switches or bad servers degrade operations. The loss of a GPS clock or weak time synchronization as a result of poor engineering will also make the protection systems disturbed, reducing stability and reliability
Security and Resilience	Although SDNs and PDPs improve security, both also introduce new attack surfaces. Consistency with rapid response without overloading the processing of traffic remains an open issue
Lack of Datasets	Only a few datasets that can be used to train machine learning-based security models are public, and thus, constructing generalized and effective security solutions is limited
Future Research Lines
Standardized Frameworks	Standardized frameworks that take into account the integration of security requirements in IEC 61850 with the demand for cybersecurity in programmable networks must be developed
Telemetry and Data Analysis	Farther research in in-band telemetry techniques and real-time data analysis to forestall failures and attacks should be considered
Automated Network Management	Further investigate the aspects of the combination in the use of SDN and PDPs that will enable the complete automation of network management, including firmware updates, security patching, and incident response, autonomously
Advanced Cybersecurity	It should be carried out in the context of improved intrusion detection and response techniques, specifically binarized neural networks, and other forms of Machine Learning that efficiently operate on programmable devices
Power Quality, Line Differential Protection Over IP and Interoperability	One major future direction of research will be connected with the increase in the sampling rate up to 14.4 kHz in order to meet EN50160 [43] in the case of power quality monitoring and to reach Official Metering Class 0.2 S accuracy. Another technical challenge is given by the deployment of line differential protection over IP-based networks [44,45]. Plug-and-play merging units are foreseen to ease interoperability and expand system flexibility while reducing the engineering efforts and commissioning time.

Table 7. Key aspects of safety in electrical systems.

Aspect	Characteristics	Benefits
Remote Operation	Remote monitoring and control Integration with automation systems	Reduces risk by minimizing personnel exposure to electrical hazards Increases efficiency through quick response without physical intervention
Non-Traditional Instrument Transformers	Rogowski current sensors and voltage sensors	Prevents hazards such as high voltages in open CTs and ferro-resonance Easier, safer installation and maintenance
Arc Flash Sensors [46]	Rapid detection of arcs via light and heat	Protects personnel and equipment by quickly extinguishing arcs Enhances system reliability and availability through reduced damage

The autonomous local operation of IEDs and relays at the time of a complete failure of the digital system is the last line of defence in a modern substation P&C system—the loss of synchronization due to failure or redundancy of the synchronization source, or even a cyber-attack. These devices are designed for autonomous operation in the case of failure of external communications or centralized control. They are set to function in the detection and response to overcurrent, voltage, or short-circuit conditions without relying on the wider network. Modern IEDs and relays have built-in logic and local processing that can make critical decisions based on real-time input. This ensures protection for the critical assets continuously, hence enabling active autonomous fault isolation, the tripping of breakers, or the activation of any emergency operation protocol. In the event of failure in digital systems, such as time synchronization or cyber security, these relays automatically fall back to their default operational setting based on local information while maintaining the protection of the system. Besides this, almost every substation has hardwired backup systems that provide critical protection but are reliable against failures of the digital communication network. In this way, a hybrid nature will ensure that the locally autonomous P&C devices maintain substation integrity and security in the face of failures originating from the digital systems. Eventually, the protection for substations under any conditions will be achieved by combining digital and hardwired systems.

3.3. Virtualization of Protection, Automation and Control (VPAC)

VPAC systems for effectiveness and reliability need to be highly technically qualified in such critical environments. Data privacy laws and regulations, industrial standards, and government certifications must therefore be thoroughly studied and considered to ensure availability and high reliability. The design of the VPAC system should be made in such a way that redundancy mechanisms ensure the lowest possibility of a downtime occurrence as is practically possible. Security will be on par with encryption, strong authentication, and threat protection. Interoperability with existing equipment is of the utmost importance, coupled with adherence to open standards. It is essential to maintain lists of detailed hardware and software behavior while monitoring, and auditing should always be present to ensure integrity within a system. Besides this, the management of access control should be restricted, allowing access only to authorized persons. Finally, good backup and disaster recovery plans should be implemented to ensure that a system is resilient, if not fault-tolerant, and can recover from failures with minimum delay. VPAC systems are also deployed based on strict performance requirements, such as those governed by IEC 61850-5, so that they can remain capable of handling the increasing demands of modern power systems [47,48]. Further, some important technical challenges must be considered in the case of the deployment of VPAC in digital substation environments for achieving better performance and safety. Aspects include considerations of a virtualization solution, hardware acceleration, network virtualization, time synchronization, and redundancy [6,49]. The most active associations for promoting the standard-based, open, interoperable, and secure architecture are VPAC Alliance [50] and Edge for Smart Secondary Substation (E4S) [51]. Both indeed support the digitalization of substations to make the grid future-ready, adaptable, resilient, and intelligent. Both organizations offer a solid base for the development of both CPAC and VPAC systems. Additionally, they support having identical requirements on conventional CPAC systems and virtualized systems. However, the VPAC systems include more challenges brought about by themselves due to their virtualized features. Standardization aspects of performance requirements, application architecture, cybersecurity, testing, new firmware deployment, and operation-related considerations stand as some main features of the system [49]. Standardization needs include the capacity for flexibility and scalability in solutions and systems that are deployed, interoperability, and the ability to integrate products from various vendors into a single solution. The systems will have to be designed on the back of widely deployed global standards, such as IEC 61850, to limit vendor lock-in risks; this would ensure hardware–software compatibility. Protection and control entities modeling in conformity with the IEC 61850 standard as discrete logical devices (LD) is the basis of the application architecture. Generally, one of the goals includes assigning functionality in a flexible way according to the system requirements, avoiding traditional relay approaches, and making the choice for LD at the station level, which will provide engineering more efficiently adapted to the current technologies. The detailed overview of the architecture of the application in a virtualized substation environment is given in Table 8 below. Classical relay-based protection systems have disadvantages, such as hardware failure due to aging infrastructure or environmental causes. The complexity of these often leads to misconfigurations during installation or maintenance that affect system reliability. Most such systems also suffer from insufficient redundancy, slow response times, and limited interoperability between devices from different manufacturers. CPAC and VPAC system solutions have their own sets of associated risks. In a CPAC system, the centralization of protection functionality creates a problem whereby one single point of failure may affect an entire substation. In VPAC systems, the presence of software and virtualization introduces risks such as software vulnerabilities and performance degradation due to virtualization overhead.

Table 8. Summary of the architecture of applications in virtualized medium-voltage substations.

Infrastructure	Description
Data and Communication Model	IEC 61850: It is an international standard that defines data models and communication services for substation automation, ensuring seamless interoperability among devices from different manufacturers.
Software Virtualization	Software and hardware decoupling: It allows applications to run in virtual environments independent of physical hardware. Virtual Machines (VMs) and containers: Applications can run in VMs or containers, virtualizing different operating system layers.
Resource Allocation and Management	CPU and memory: Exclusive CPU core and memory bandwidth allocation policies for critical applications. Cache and memory partitioning: Minimizes interference between applications through cache partitioning and the exclusive reservation of memory bandwidth.
System Interoperability and Efficiency	Avoiding the duplication of inherited relay logic: Simplify control logic and efficiently distribute functionality. Adaptability and scalability: Facilitates integration of new technologies and adaptation to changes in the electrical grid.
Safety and Reliability	Real-time protection: Meet stringent real-time data processing requirements. High availability: Ensures continuous availability of critical applications, even during hardware or software failures.
Communication Network	Virtual and physical networks: The deployment of network virtualization technologies facilitates the interconnection of virtualized applications with the underlying physical network infrastructure. IEC 61850 standard: It defines communication via Ethernet, thereby facilitating data exchange and control between substation devices.
Deployment And Maintenance	Flexible and rapid deployment: The implementation of new applications and updates is conducted flexibly, thereby reducing the time and costs associated with maintenance. Testing and validation: Comprehensive laboratory testing and field validation are conducted to guarantee compliance with operational requirements before deployment.

CPAC and VPAC systems depend on communication networks, whereby failures or delays can impact synchronization and protection response times. A proper redundancy setup is crucial to prevent system-wide failures. Enhancing redundancy, strict software management, advanced monitoring, and strong network design are necessary. Modular architectures allow scalability, upgrades, and improved cybersecurity. Regular testing and simulations ensure system reliability and efficiency. Table 9 outlines key differences and considerations between traditional protection, CPAC, and VPAC systems.

Table 9. Comparative Table: traditional P&C vs. CPAC and VPAC systems.

Aspect	Traditional Protection Systems	CPAC Systems (e.g., SSC600)	VPAC Systems
Hardware Failures	High risk due to numerous individual relays and aging infrastructure.	Centralized hardware reduces the number of components, but central failure risk exists.	Virtualization reduces hardware dependency but introduces potential performance overhead.
Complexity and Misconfiguration	Complex systems with many devices lead to a higher risk of misconfiguration.	A centralized system simplifies configuration, but a misconfiguration can impact the entire system.	Complexity in managing virtual environments; misconfigurations can affect multiple virtual instances.
Redundancy	Often lacks sufficient redundancy; single failures can compromise protection.	Dual redundancy with hot–hot modes is recommended to ensure continuous operation.	Redundancy can be implemented through virtual machines but relies on robust network infrastructure.
Response Time	Slower response times, especially in detecting and isolating faults.	Faster response due to centralized control and real-time processing.	Performance depends on the virtualization layer; careful management is needed to avoid delays.
Interoperability	Limited interoperability between different vendors’ devices.	Designed for interoperability, especially with compliance with standards like IEC 61850.	High interoperability due to the use of open standards and vendor-independent hardware.
Security	Basic security; often reliant on physical security and legacy protocols.	Advanced security with encryption, authentication, and compliance with IEC 62443 [52].	Comprehensive security measures are needed, including virtual environment protection.
Network Dependencies	Less reliant on complex networks; simpler communication protocols.	Highly dependent on robust network infrastructure; requires redundancy in communication paths.	Strong dependency on network reliability; latency and bandwidth can impact performance.
Software Vulnerabilities	Limited software components reduce the risk, but a lack of updates can expose vulnerabilities.	Regular software updates and rigorous testing are essential to prevent failures.	Increased risk due to the complexity of the virtual environment; robust management of the software lifecycle is critical.
Maintenance and Testing	Maintenance-intensive; testing can be cumbersome due to multiple devices.	Simplified maintenance with fewer devices; regular testing in simulated environments is crucial.	Virtualized testing environments allow for extensive testing but require careful management.
Scalability and Flexibility	Limited scalability; difficult to adapt to new requirements.	Highly scalable and flexible; easy to reconfigure and expand.	Maximum scalability means it can quickly adapt to new demands and integrate new applications.

Application-level performance requirements: These represent one of the most critical features of VPAC systems. Following IEC 61850-5, these are based on the real demands of the P&C applications themselves, and thus must be the same for traditional relay-based systems and virtualized platforms. This consistency ensures that VPAC systems will not escape the duty to live up to the same high standards as traditional P&C systems, providing reliable and timely protection and control [53].

Performance Indicators: The performance evaluation of VPAC systems will include several key metrics that guarantee operation systems are reliable [54]. One of the key metrics involves response time, which refers to the speed at which protection mechanisms can detect a fault and take remedial measures. It includes the round-trip time, tracking the complete fault-handling process, starting from fault injection, and progressing through MU signal conversion to SMV, the communication latency, VPAC preprocessing, the execution of protection algorithms, and GOOSE message transmission to trigger tripping at the MU. In fact, internally required benchmarks for the VPAC systems are very high. For example, pre-processing cycles need to be under 200 µs, and configuration cycles should be completed within 1000 µs. Virtual switches—be they by KVM or VMW—can play their role in defining overall performance, and might result in higher latencies after all. A proper system design is required to counteract additional latencies. Another important metric is that of data throughput, ensuring that the VPAC system will be able to support high volumes of data from sensors, relays, and merging units without degradation, hence allowing for real-time control and monitoring. It is also very important to have high reliability in this context; that is, the system should not be interrupted for at least a little while in order to maintain the safety and stability of electrical grids. These metrics demonstrate the need for fine engineering and system validation, because any delay in processing or the failure of any communication used can compromise the detection of fault conditions and their response. The optimization of hardware and software configuration is the key feature within the VPAC framework that ensures high-speed deterministic performance for modern power systems.

Benchmarking against standards: VPAC implementations are benchmarked against the performance standards specified by IEC 61850 to ensure that the VPAC implementations are indeed effective. During this rigorous testing and validation process, one can be assured that the VPAC system satisfies the criteria to operate in digital substations. Such an application of standards thus allows VPAC systems to be validated toward their effective performance in real-world situations, hence offering some level of confidence to their stakeholders regarding their reliability and performance [50].

Figures and Data: The graphical figures in the technical documentation [53], such as white papers, support the illustration of performance requirements provided by IEC 61850. These figures provide the reference point, enhancing the understanding of the benchmarks needed to be reached by VPAC systems. They make it very clear and concise how the levels of performance are to be attained; this makes it much easier for the engineer or decision-maker to assess whether VPAC solutions will satisfy their needs.

Challenges in the Implementation of VPAC: VPAC systems offer significant advantages but face challenges in integration with legacy infrastructure, requiring complex and costly adaptations. A common misconception is their internet connectivity; in reality, they use private networks, enhancing cybersecurity but still requiring strict protection measures. A lack of hardware standardization leads to interoperability issues, as vendors develop different specifications. Future efforts should focus on defining universal standards for seamless integration and real-time performance across vendors. Additionally, dedicated hardware resources must be efficiently managed to ensure reliability. Despite these challenges, VPAC systems hold great potential for modernizing substations while maintaining security and performance. Nevertheless, the engineering of a dedicated hardware resource would also call for managing such shared resources efficiently without compromising on system reliability [55,56,57].

The implementation cost varies by region and market demands: European substations can use simpler overcurrent relay arrangements, whereas in ANSI markets, which are generally more advanced and complex, with up to 20–30 control panels and multiple functions, the cost–benefit analysis may be clearly seen, hence justifying such deployments. These regional differences affect initial investment costs as well as operational costs.

The migration from legacy protocols like C37.94 line differential or pilot wire to modern IEC 61850-90-5 R-SV requires greater bandwidth and adaptation to specifications in accordance with the relevant standards. Please be advised that VPAC servers do not currently support C37.94 NICs.

The recommended solution is as follows: investing in a high-capacity communication infrastructure with accommodation for evolving standards in future hardware. Licensing and subscription models present additional considerations regarding upgrades, redundancy, and lifetime costs. It is crucial for organizations to evaluate whether their licensing models are perpetual or subscription-based. It is essential to ensure that redundancy is created via the duplication of VMs to maintain high availability.

This requires careful planning to avoid any disruptions during updates and to mitigate the risk associated with limited license durations. VPAC systems represent a significant shift in power system management, offering flexibility, scalability, and enhanced security. However, integration, standardization, cost, and licensing issues must be sorted out to achieve this.

With regard to centralized protection, ABB’s SCC600 [37] represents one such platform, while SCC600 SW [48] introduces the idea of virtualization to impart much higher flexibility (Table 10). In summary, in the process ahead, as the industry moves forward on these issues of standardization, cybersecurity, and judicious engineering, VPAC systems will be leading from the front.

Table 10. Comparison between SSC600 (CPAC) and SSC60 SW (VPAC).

Feature	SSC600	SSC600 SW
Type of Protection	Centralized	Virtualized
Function Integration	Protection, control, monitoring, and communication	Virtualized protection and control
Interoperability	Compliance with IEC 61850	Compliance with IEC 61850
Cybersecurity	Advanced measures aligned with IEC 62443 and NERC CIP	Advanced measures aligned with IEC 62443 and NERC CIP
Flexibility	More rigid structure due to dedicated hardware	High flexibility and scalability
Hardware	Requires multiple physical devices	Reduces the need for physical hardware
Costs	Potentially higher due to additional hardware	Potentially lower due to reduced hardware
Implementation and Updates	Requires hardware installation and updates	Faster and more efficient implementation and updates

VPAC systems require virtualization solutions, hardware acceleration, dedicated networks, time synchronization, and redundancy to ensure secure and efficient protection in digital substations. These elements guarantee performance, security, and scalability. Table 11 highlights key considerations for VPAC applications, emphasizing reliability. Future developments must focus on time management, redundancy, and cybersecurity.

Table 11. Key technical requirements for VPAC systems.

Consideration Area	Description	Additional Details
Compliance	Ensure compliance with laws, regulations, and security standards; obtain necessary certifications and audits.	Compliance with standards like IEC 62443 and NERC CIP ensures cybersecurity and operational consistency across all substation systems.
Availability and Reliability	Design with high robustness, including redundancy at all levels to ensure continuous operation.	Implement redundancy for station and process bus traffic; network recovery methods (IEC 61850, IEC 62439-3) like PRP and HSR with zero recovery time.
Real-Time Performance	Challenge: Historically, virtualization technologies have struggled to deliver the real-time performance required for critical applications. Current Shift: New solutions are emerging that promise improved real-time performance.	Handling real-time operations is critical in VPAC applications, which require immediate responses. Current improvements in hardware and software are addressing these limitations. New hardware/software solutions address historical performance issues. Immediate responses are critical for handling SMV and GOOSE traffic.
Software Development Lifecycle (SDLC)	Follow SDLC best practices, excluding unnecessary services and componentsm to minimize the attack surface and performance issues.	Integrating security into every stage of the software development lifecycle helps reduce vulnerabilities and ensure performance optimization.
Integrated Security	Implement strong encryption, authentication protocols, and protection against internal and external threats.	Ensure security across the virtual infrastructure, including hypervisors, management platforms, and data in transit and at rest.
Interoperability	Adhere to open standards and communication protocols to interact with diverse devices and systems.	VPAC systems should work seamlessly across different manufacturers, especially under IEC 61850-9-2 LE for SV communication.
System Monitoring and Auditability	Implement continuous monitoring and auditing to detect and respond to anomalies, ensuring system integrity.	Monitoring is critical for maintaining stability, especially in real-time VPAC systems. Implement logs for real-time event detection and response.
Data Integrity and Isolation	Protection: Ensure that data in a virtualized environment are properly isolated and protected against unauthorized access through network segmentation and data encryption in transit and at rest.	Network Segmentation: Divide the network into isolated segments to enhance security. Encryption: Protect data both in transit and at rest to prevent unauthorized access.
Hypervisor Types and Solutions (Hardware-Based Virtualization)	Type-1 Hypervisors: Run directly on the hardware, providing more predictable performance. Type-2 Hypervisors: Run on a host operating system, which can introduce delays and security issues. Kernel-Based Virtualization (KVM): Enables live migration and resource scheduling, though it may not be ideal for critical traffic due to switching times. OS-Level Virtualization: Offers low resource overhead and additional services but provides less isolation.	Type-1: Lower overhead, higher performance. Ideal for production environments. Type-2: Easier to implement but less efficient for critical applications. KVM: Suitable for diverse workloads, but live migration requires caution. OS-Level: Highly efficient but less isolated, making it suitable for less critical applications.
Hardware Acceleration	Usage: Hardware acceleration is preferred for PAC virtualization because it provides guaranteed service for SMV and GOOSE traffic. Type-1 Hypervisors: Utilize hardware acceleration through the host BIOS. Type-2 Hypervisors: Dependent on the host operating system for acceleration, potentially resorting to software emulation if native support is unavailable.	Advantages: Improves performance and efficiency for intensive tasks. Disadvantages: Requires compatible hardware and proper configurations.
Network Virtualization	Real-time traffic handling: Crucial for VPAC applications that rely on SMV and GOOSE data. Technologies: NIC Virtualization—Utilizes features like guaranteed bandwidth for SMV traffic. SR-IOV—PCI Express extension for virtualizing NIC resources. Potential issues: Risk of broadcast storms and internal latencies.	NIC Virtualization: Allows reservation of specific bandwidth for critical traffic. SR-IOV: Enhances NIC resource efficiency but requires hardware support. Latencies: Minimizing latency and managing network load is essential for performance.
Access Control Management	Establish robust access control to restrict system access to authorized personnel.	Utilize Role-Based Access Control (RBAC) with LDAP integration. Automation of access rights management can reduce unauthorized access risks.
Backup and Disaster Recovery	Develop and maintain comprehensive backup and disaster recovery plans for rapid system recovery.	Ensures rapid system recovery during failures. The regular testing of backup systems is necessary to validate the reliability of disaster recovery protocols.
Time Synchronization	Precision: Ethernet can achieve software-based synchronization with 1 ms precision. Advanced Protocols: IEEE 1588v2 and IEC 61850-9-3 allow for 1 μs precision, necessary for IEC 61850-9-2 process buses. Alternatives: In the absence of GPS, the Best Master Clock algorithm can be used for synchronization.	IEEE 1588v2: Provides high precision for critical applications requiring exact synchronization. GPS: Offers precise synchronization but depends on signal availability. SNTP: Less precise, suitable only for less demanding systems.
Redundancy and High Availability	Importance: Ensuring high availability and reliability in the communication network is essential. Standards: IEC 61850 and IEC 62439-3 define network recovery methods with zero recovery time, such as PRP and HSR. Implementation: Redundancy is preferred for station and process bus traffic, while other applications may use virtual redundancy.	PRP and HSR: Guarantee recovery times without packet loss in case of network failures. Virtual Redundancy: Can be less costly but is less robust than physical redundancy. Monitoring: Crucial for maintaining network stability and preventing failures.
Virtual Resource Optimization	Management: Efficiently managing virtual resources is crucial to avoid overload and ensure optimal system performance. Key Areas: Proper configuration of virtual machines, virtual networks, and storage.	Configuration: Adjust virtual resources to balance load and avoid bottlenecks. Monitoring: Track resource usage to make proactive adjustments
Virtual Infrastructure Security	Approach: Ensure that the software and the underlying virtual infrastructure, including hypervisors and management platforms, have specific security measures for virtual environments.	Security Measures: Implement regular patches and updates and protect virtualization management platforms. Isolation: Ensure virtual resources are protected against unauthorized access.
Scalability and Flexibility	Requirement: VPAC systems must be scalable and flexible, allowing for the easy addition of new nodes and virtual resources without interrupting system operation.	Scalability: Facilitate system expansion to support growth in demand. Flexibility: Adapt the system to changing needs and infrastructure.
Hardware Material List	Maintain an inventory of all hardware components to ensure quality and compatibility.	Hardware selection must comply with IEC 61850 and IEEE 1613 standards for reliability in harsh substation environments.
Hardware	Flexibility: Virtualization aims to provide flexibility in hardware selection. Environmental Requirements: Comply with environmental standards to ensure reliability in electrical substations. Standards: Requirements specified in IEC 61850 and IEEE 1613 for electromagnetic compatibility and hardware reliability.	Regulatory Compliance: Ensures hardware suitability for industrial environments. Robustness: Hardware must be resilient to operate in substation conditions. Flexibility: Allows adaptation to different configurations and needs.
Software Behaviour List	Provide detailed software behavior and connection descriptions to manage system interactions effectively.	Mapping the interactions between virtual and physical devices helps avoid conflicts and ensures proper system operation.

4. Time Management and Synchronization

In IEC 61850-9-3:2016 [58,59], for the electrical systems design phase, the calculation of timing inaccuracy has to be done to ensure the proper processing and synchronization of time, particularly where communication utilizing sample values (SV) is used. The proper configuration of GMC will be needed with prioritized standards such as IEC 61588 and UNE-EN IEC 62439-3:2022 [23], among others, for proper synchronization [60]. The implementation of PTP is a challenging task in virtualized environments because virtualization latency occurs. However, such difficulties can be reduced by the application of different solutions, such as hardware support for PTP or passthrough [55,61].

For less critical applications, the alternative could be NTP. Precise time synchronization, which depends on proper network configuration and validation, is an important factor in modern electrical systems’ reliability and effectiveness [62]. The verification of GNSS-related requirements, such as multi-GNSS support and spoofing and interference detection, significantly improves the reliability of the system, and such considerations are critical for the stability and security of the power grid. The main aspects can be seen in Table 12. This at least challenges the latency and consistency of implementation for the Precision Time Protocol in virtualized environments.

IEC 61850-90-4 itself provides the essential time synchronization for the VPAC system, but even this in practice requires a lot of careful planning and thorough validation to impart the required precision and reliability within the critical infrastructure. Precise time synchronization is required for protection systems to perform optimally in electrical networks, mainly in applications that involve more than one input of sampled values, such as differential protection functions of transformers and buses.

Different methods for time synchronization have specific characteristics and applications [56,63,64], as given in Table 13. Each of these timing methods has a different relative accuracy, and is thus suited for different applications. GPS and PTP are the most accurate methods and are necessary for critical applications.

The IRIG-B is less accurate but is appropriate for a lot of the substation applications; NTP is appropriate where a very accurate time is not needed.

Precision Time Protocol PTP, as defined in IEEE 1588 [65], is a key enabler of high-precision synchronization for distributed systems, in particular for a critical infrastructure like electrical grids. This would mean the careful consideration and proper implementation of PTP, more so in virtual environments where accurate time would have to be distributed across all network elements. The best practices and key considerations that shall form the basis for the successful implementation of PTP, taking into consideration network configuration, latency management, consistency across virtualized environments, and strict testing and validation procedures, are summarized in Table 14. Such considerations are fundamental to maintaining the high level of precision and reliability required by today’s modern electrical systems.

Table 12. Technologies and considerations for time synchronization in electrical systems.

Aspect	Description
Atomic Clocks vs. Grandmaster Clocks (GMC) [60]	Atomic Clocks: The vibration of atoms, such as those of cesium or rubidium, can be harnessed to provide an exceptionally precise measure of time. These atoms are a standard component in a multitude of scientific and telecommunications applications. GMC: Can use atomic technologies, high-quality crystal oscillators, or GPS to maintain network time accuracy. They act as the primary synchronization source in a network.
Time Synchronization in Networks [65]	Standards: Synchronization must comply with IEEE 1588 v2 (Precision Time Protocol, PTP) for station bus and process bus environments, and with the data models specified in IEC 61850. Requirements: Support for SNMP MIB from Annex E of UNE-EN IEC 62439-3:2022, and automatic adjustments for daylight saving time changes.
Implementation of PTP in Virtualized Environments	PTP Hardware Support on Host: Specialized hardware that supports PTP and synchronizes with an external server. PTP Passthrough: Uses direct I/O to minimize latency and improve accuracy. PTP Software Solutions: Specific software implementations for PTP. Network Time Protocol (NTP): Alternative for non-critical environments. Synchronization with External PTP Grandmaster: Synchronizes hosts and virtual machines with an external master clock. Virtualization Tools for Time Synchronization: Virtualization tools that synchronize with the host but do not meet PTP accuracy.
Additional Considerations	Network Infrastructure: Switches and routers must support and be configured for PTP. Latency in Virtualization: Consider latency and jitter in virtualized environments. Consistency in Synchronization: In order to prevent drift, it is essential that all components are synchronized with the same time source. Configuration Validation: Check and validate PTP configuration before deployment in production environments.

Table 12. Technologies and considerations for time synchronization in electrical systems.

Aspect	Description
Atomic Clocks vs. Grandmaster Clocks (GMC) [60]	Atomic Clocks: The vibration of atoms, such as those of cesium or rubidium, can be harnessed to provide an exceptionally precise measure of time. These atoms are a standard component in a multitude of scientific and telecommunications applications. GMC: Can use atomic technologies, high-quality crystal oscillators, or GPS to maintain network time accuracy. They act as the primary synchronization source in a network.
Time Synchronization in Networks [65]	Standards: Synchronization must comply with IEEE 1588 v2 (Precision Time Protocol, PTP) for station bus and process bus environments, and with the data models specified in IEC 61850. Requirements: Support for SNMP MIB from Annex E of UNE-EN IEC 62439-3:2022, and automatic adjustments for daylight saving time changes.
Implementation of PTP in Virtualized Environments	PTP Hardware Support on Host: Specialized hardware that supports PTP and synchronizes with an external server. PTP Passthrough: Uses direct I/O to minimize latency and improve accuracy. PTP Software Solutions: Specific software implementations for PTP. Network Time Protocol (NTP): Alternative for non-critical environments. Synchronization with External PTP Grandmaster: Synchronizes hosts and virtual machines with an external master clock. Virtualization Tools for Time Synchronization: Virtualization tools that synchronize with the host but do not meet PTP accuracy.
Additional Considerations	Network Infrastructure: Switches and routers must support and be configured for PTP. Latency in Virtualization: Consider latency and jitter in virtualized environments. Consistency in Synchronization: In order to prevent drift, it is essential that all components are synchronized with the same time source. Configuration Validation: Check and validate PTP configuration before deployment in production environments.

Table 13. Most common synchronization methods used in the field of electric utility automation.

Synchronization Method [66]	Typical Accuracy	Description	Application
GPS	10 ns	Synchronization based on the Global Navigation Satellite System (GNSS) with Coordinated Universal Time (UTC). Requires a hardware receiver and antenna. Generally used as a master time source.	High-precision synchronization for critical applications such as power utilities and telecommunications.
PTP	100 ns	High-precision time distribution protocol with error correction through boundary or transparent clocks. Supports multiple sources with Best Master Clock Algorithm (BMCA) and LAN or WAN switching.	Critical and time-sensitive applications such as sample values (SV) and synchrophasors.
IRIG-B [67,68]	1 µs	Precise time distribution requiring local cabling. Generally sourced from GPS clocks. For Intelligent Electronic Devices (IEDs), the typical accuracy of IRIG-B time synchronization is as follows: - Unmodulated IRIG-B (DC-level shift): ±1 microsecond. This version is preferred in IEDs used in critical applications such as protection relays and automation systems, ensuring precise event logging and deterministic behavior; - Modulated IRIG-B (1 kHz sine wave)—±100 microseconds. While less precise, this variant is sometimes used for compatibility with legacy equipment. Most modern IEDs adopt unmodulated IRIG-B to meet the stringent timing requirements of standards like IEC 61850, ensuring reliable event sequencing (SOE) and precise fault location through synchronized measurements.	Less critical applications such as GOOSE, MMS, and supervisory data in utility substations.
NTP	200 µs (over LAN)	Lower precision time distribution protocol, including its stateless derivative Simple Network Time Protocol (SNTP). Achieves better precision when distributed from a local source.	Non-critical network devices and computing platforms.

Table 13. Most common synchronization methods used in the field of electric utility automation.

Synchronization Method [66]	Typical Accuracy	Description	Application
GPS	10 ns	Synchronization based on the Global Navigation Satellite System (GNSS) with Coordinated Universal Time (UTC). Requires a hardware receiver and antenna. Generally used as a master time source.	High-precision synchronization for critical applications such as power utilities and telecommunications.
PTP	100 ns	High-precision time distribution protocol with error correction through boundary or transparent clocks. Supports multiple sources with Best Master Clock Algorithm (BMCA) and LAN or WAN switching.	Critical and time-sensitive applications such as sample values (SV) and synchrophasors.
IRIG-B [67,68]	1 µs	Precise time distribution requiring local cabling. Generally sourced from GPS clocks. For Intelligent Electronic Devices (IEDs), the typical accuracy of IRIG-B time synchronization is as follows: - Unmodulated IRIG-B (DC-level shift): ±1 microsecond. This version is preferred in IEDs used in critical applications such as protection relays and automation systems, ensuring precise event logging and deterministic behavior; - Modulated IRIG-B (1 kHz sine wave)—±100 microseconds. While less precise, this variant is sometimes used for compatibility with legacy equipment. Most modern IEDs adopt unmodulated IRIG-B to meet the stringent timing requirements of standards like IEC 61850, ensuring reliable event sequencing (SOE) and precise fault location through synchronized measurements.	Less critical applications such as GOOSE, MMS, and supervisory data in utility substations.
NTP	200 µs (over LAN)	Lower precision time distribution protocol, including its stateless derivative Simple Network Time Protocol (SNTP). Achieves better precision when distributed from a local source.	Non-critical network devices and computing platforms.

Table 14. Best practices and considerations for PTP.

Aspect	Descriptions
Network Configuration	Ensure the network infrastructure, including switches and routers, supports PTP and is appropriately configured.
Latency and Jitter	Solutions that minimize latency and jitter are preferable. Enabling “latency-sensitive” features in the hypervisor can help reduce these issues.
Consistency in the Environment	Ensure that all components in the virtualized environment are synchronized with the same time source to avoid time drift issues.
Testing and Validation	Before deploying PTP in a production environment, it is crucial to test and validate the configuration to ensure the required level of precision.
Round Trip Time (RTT) Testing	Conduct RTT tests using GOOSE messages between synchronized applications to verify the accuracy of synchronization.

Table 14. Best practices and considerations for PTP.

Aspect	Descriptions
Network Configuration	Ensure the network infrastructure, including switches and routers, supports PTP and is appropriately configured.
Latency and Jitter	Solutions that minimize latency and jitter are preferable. Enabling “latency-sensitive” features in the hypervisor can help reduce these issues.
Consistency in the Environment	Ensure that all components in the virtualized environment are synchronized with the same time source to avoid time drift issues.
Testing and Validation	Before deploying PTP in a production environment, it is crucial to test and validate the configuration to ensure the required level of precision.
Round Trip Time (RTT) Testing	Conduct RTT tests using GOOSE messages between synchronized applications to verify the accuracy of synchronization.

Indeed, precise time synchronization is one of the key bases for the effective operation of protection systems in electrical networks [56]. Time synchronization accuracy directly impacts a protection system’s capability to carry out critical functions related to event stamping and digital fault recording—essential building blocks in maintaining reliability and safety within power systems. Different synchronization methods have different precisions, and selection is performed based on the application to be implemented; examples could range from transformer protection up to real-time monitoring events [65,69]. Table 15 describes important standards and guides concerning time management and synchronization within electrical substations, and forms the base for system operation in a uniform and organized way, which is critical in modern power grids for protection, control, and efficiency.

Table 15. Standards related to time management and synchronization.

Standard/Recommendation	Description	Application
IEEE 1588 [27]	Standard for a precision clock synchronization protocol for networked measurement and control systems	Defines the Precision Time Protocol (PTP) for clock synchronization in networked measurement and control systems.
IEC 61850-9-3:2016 [59]	Communication networks and systems for power utility automation	Specifies time accuracy and synchronization requirements in substation automation networks.
IEC 61588 [70]	Precision clock synchronization protocol for networked measurement and control systems	Equivalent to IEEE 1588, applicable in industrial automation and control networks.
NIST SP 800-82 [71]	Guide to Industrial Control System (ICS) Security	Provides guidelines for the security of industrial control systems, including aspects of time synchronization.
IEEE C37.238 [72]	Standard Profile for Use of IEEE 1588 Precision Time in Power System Applications	Defines the profile for using IEEE 1588 in power system applications, ensuring precise synchronization in electrical environments.

Standards and guidelines ensure electrical systems operate coherently to meet protection, control, and efficiency requirements. Time synchronization is crucial for accurate event stamping and fault recording, requiring strict precision, especially with PTP implementations. Detailed specifications, testing procedures, and best practices are essential for maintaining high accuracy in virtual and physical environments. Before deployment, systems must meet predefined accuracy thresholds and undergo validation tests. Table 16 outlines key specifications and recommended tests. Table 17 classifies time synchronization accuracy based on IEC 61850-5, detailing precision requirements and synchronization errors. Table 18 provides transfer time requirements for different message types. These elements form a comprehensive framework for ensuring effective time synchronization in modern electrical networks.

Table 16. Specifications and recommended tests.

Aspect	Descriptions
Required Precision	Network precision must be better than ±1 µs before commissioning.
GMC Precision	Each Grandmaster Clock (GMC) should have an inaccuracy of less than 250 ns and maintain this precision for at least 5 s after losing the reference signal.
Current Transducer Requirements	Transducers should have an accuracy error of less than 50 ns and a drift of less than 15 µs. Once synchronized, they must maintain 1 µs precision within a 5 s window.
MU/IED Precision [58].	Measurement units (MU) and Intelligent Electronic Devices (IEDs) must have clocks synchronized to a minimum precision of 1 µs, in accordance with T5 class of IEC 61850-5.
Network Time Inaccuracy	Confirm that network time inaccuracy is less than ±1 µs.
GMC Testing	Verify the precision of the GMC and its ability to maintain accuracy after losing the reference signal.
Slave Clock Verification	Confirm the accuracy of slave clocks using a 1 PPS output and measure the PTP fields generated by each GMC.
Current Transducer Testing	Confirm the correctness of the PTP message correction field and verify the accuracy of current transducers under different traffic conditions.
Network Configuration and Topology	Verify that all network components are configured correctly and that all clocks are synchronized to the same time domain.

Table 17. Time synchronization classes according to IEC 61850-5.

Synchronization Class	Precision (μs)	Sync. Error	Application
TL	>10,000	Low precision	General synchronization for various low-precision applications.
T0	10,000	10 ms	Event stamping with 10 ms precision.
T1	1000	1 ms	Event stamping with 1 ms precision.
T2	100	100 μs	Zero-crossing tagging and data for distributed synchronization checks. Waveform-based switching tags.
T3	25	25 μs	Various applications.
T4	4	4 μs	Sample tagging or synchronized sampling.
T5	1	1 μs	High-precision sample tagging or highly synchronized sampling.

Table 18. Integrated message types according to IEC 61850-5.

Type	Description	Performance Class	Requirement Description	Transfer Time (ms)	Typical Interface (IF)
1A “Trip”	The trip message is the most critical fast message in the substation, with more stringent requirements than other fast messages. Also applicable to interlocking, intertrips, and logical discrimination between protection functions.	P1	Total transmission time must be less than a quarter cycle (5 ms for 50 Hz, 4 ms for 60 Hz).	TT6: ≤3 ms	3, 5, 8
4Raw Data (“Samples”)	Includes output data from digitizer transducers and digital instruments, consisting of continuous streams of synchronized samples from each IED, interleaved with data from other IEDs.	P7a	Acceptable delay for protection functions using these samples (Equivalent to P1).	TT6: ≤3 ms	4, 8
		P8b	Acceptable delay for other functions using these samples (Equivalent to P2).	TT5: ≤10 ms	2, 4, 8

5. Redundancy

The station-level assurance enables the substation to act as a single switchgear that is unified and reliable. Safety, backup, and redundancy are the major considerations. This includes monitoring and controlling substation components, assessment and mitigation of cybersecurity risks of substation devices, and taking corrective action. Process-level assurance targets the safe and efficient operation of the selected substation processes. Data are acquired and continuously monitored against predefined criteria to meet the process operation requirements by mitigating cybersecurity risks accordingly. Redundancy in virtualized systems invariably features two active VMs such that protection functions will be retained during failures. In this respect, to achieve effective redundancy, primary and secondary systems should be isolated, having different hardware and software vendors to avoid common failure modes. The physical separation of A and B redundant systems is basic for avoiding common failure due to local events. Standards like IEC 61850-90-4:2000 and IEC TC 57, e.g., PWI TR 61850-90-20, specify minimum requirements for redundancy and LAN within VPAC systems. The VPAC system can make use of the RCT in SV messages for higher error detection and correction capability in the fault-tolerance networks using PRP or HSR. Conformity to IEC 61850 and UNE-EN IEC 62439-3:2022 norms ensures the reliability of communication and redundancy in substation automation [73,74]. PRP permits redundancy at the Process Bus, while redundancy of the station bus between different LANs must be made by RSTP. The storage of data shall be based on principles of redundancy, while the critical application control shall be supported by a Centralized Monitoring System with the integration of PRP and PTP. A well-designed redundant system has several requirements in handling failures and maintaining service availability without interruption. These requirements span hardware, software, and operational procedures, as summarized in Table 19.

Table 19. Essential requirements for implementing an effective redundant system.

Category	Requirement	Description
Hardware	Duplication of Critical Components	Essential components like servers, power supplies, networks, and storage units must be duplicated to prevent a single point of failure.
	Network Devices	Routers, switches, and cables should be configured redundantly to ensure continuous connectivity.
	Load Balancing	Workload distribution among active components to avoid overloading a single component.
	Automatic Failover	Automatic mechanisms to switch to a backup component in case of primary component failure.
	Physical Isolation	Redundant components should be in different physical locations to protect against local events affecting both systems.
Software	Application Redundancy	Critical applications should run on redundant instances, on the same server (virtualization) or different servers.
	State and Data Management	Synchronize data and maintain state consistency between active and backup systems.
	Failover Mechanisms	Enable seamless and automatic transition between the primary and backup systems in case of failure.
Operational Procedures	Testing and Validation	Perform regular failover tests to ensure that the backup system operates correctly.
	Seamless Updates	Allow updates and maintenance without interrupting service, using appropriate update strategies.
	Patching and Maintenance	Apply patches and conduct maintenance without affecting system availability.
	Monitoring and Alerts	Implement active monitoring with real-time alerts for failures and anomalous conditions.
Management and Procedures	Documentation and Procedures	Maintain comprehensive documentation of the redundant system architecture, failover procedures, and recovery plans.
	Personnel Training	Train personnel in the redundant system’s operation, maintenance, and recovery, and conduct emergency drills.

The design of redundant systems for critical applications places demands on operating systems for support for redundancy protocols such as Parallel Redundancy Protocol (PRP) [74] and High availability Seamless Redundancy (HSR) [22] within virtual or software defined networks, as shown in Figure 11. It provides these protocols with the abilities of the function of virtual switches acting as Dually Attached Nodes (DAN), while aggregating traffic across applications. Limitations on PRP pairs and the transmission of packets must be overcome in real-time performance. Having a digital twin operating in parallel or on standby is key to the seamless backup and restoration of data, ensuring less than 10 milliseconds of downtime with active–active systems.

It requires, for instance, support from the operating system for active–active configurations to allow for unbroken services, even when an upgrade of the equipment is being performed or any maintenance that may be necessary is being undertaken. In the same vein, cooling systems should be duplicated in those installations with high thermal load to avoid failures. It is at this point recommended to analyze the effects of energy storage systems on availability [57]. Such measures ensure a high level of availability and resilience, following the standards and regulations of critical systems for environments including electrical substations and communication networks resilience [75,76]. Table 20 summarizes some of the major standards and legislation relevant to redundancy.

Table 20. Standards and regulations associated with redundancy.

Standard/Regulation	Descriptions
IEC 61850 [77]	Standard for electrical network automation, including redundancy in communication and protection systems to ensure high availability.
IEC 61850-3 [78]	General hardware requirements for devices in electrical substations.
IEC 61850-5 [4]	Performance and functionality requirements for automation and control devices in substations.
IEC 61850-9-2 [79]	Standard for the transmission of sampled values and synchronization data over Ethernet.
IEC 61850-90-4 [80]	Part of IEC 61850 addresses redundancy in network and communication systems.
IEC 61850-90-2 [81]	Standard for integrating communication systems in substation automation, including redundancy in message communication.
IEC 61508 [82]	Standard for the functional safety of electrical, electronic, and programmable systems, including redundancy requirements to ensure safety systems.
IEC 62439 [83]	Standard covering protocols for redundancy in industrial networks, including PRP and HSR.
IEC 62439-3 [84]	Part of IEC 62439 specifies PRP and HSR to ensure network availability.
IEC 62351 [85]	Security standard for communications in industrial automation and control systems.
IEC 60870-5-7 [86]	Security extensions for IEC 60870-5-104.
IEC 60870-5-104 [39]	Standard for remote control of electrical power systems over a network protocol.
IEEE 1588 (PTP) [27]	Standard for time synchronization over Ethernet networks, may involve redundant mechanisms to ensure time precision and availability.
NERC CIP [87]	Critical Infrastructure Protection standards, including redundancy and security requirements for power grid control and protection systems.
DNP SA V5/6 [88]	Standard for security and authentication in distribution automation and control networks.
ISO 27001 [89]	Standard for information security management, may include measures for redundancy in handling critical data and systems.
TIA/EIA-942 [90]	Standard for data center design, covering redundancy in IT infrastructure to ensure high availability.

Redundancy is essential for ensuring reliable, secure, and safe substation automation and control. Adhering to standards and best practices strengthens infrastructure resilience against failures and cyber threats. Local backups and redundant systems, such as Grandmaster Clock links, maintain network protection during communication failures. Medium-voltage (MV) substations typically do not require redundant merging units, while high-voltage (HV) systems demand them due to their critical nature. Table 21 summarizes redundant systems in CPAC, detailing their advantages, disadvantages, and applications.

Table 21. Different redundant systems for a CPAC system.

System	Description	Advantages	Disadvantages	Application
System 1	Two CPAC units to eliminate loss of protection if one CPAC fails. Only one Merging Unit (MU) per protected circuit.	High availability of protection in case one CPAC unit fails.	If the MU fails, the specific circuit will be unprotected.	Users rely on a single multifunction relay per circuit in a conventional setup.
System 2	One CPAC unit and a multifunction relay or Intelligent Merging Unit (IMU) per circuit can act as an MU.	The IMU provides protection if the CPAC unit fails.	If the IMU fails, the circuit where it was used will be unprotected.	Users with multifunction relays capable of acting as merging units are looking to add new functions or backup protection.
System 3	Two MUs per protected circuit to eliminate a single point of failure.	No system failure will compromise protection.	The number of circuits protected by the CPAC unit is halved.	Clients aim to avoid a single point of failure and provide all protection and control functions at the CPAC level.
System 4	Two CPAC units for the entire system, one MU and one IMU per protected circuit.	High reliability: the failure of both CPACs and an MU or IMU leaves no circuit unprotected.	The system’s complexity increases due to the integration of multiple components, necessitating rigorous management and expertise to ensure seamless operation and coordination.	Users seeking the highest levels of reliability.
System 5	One CPAC unit for the entire system, one MU and one IMU per protected circuit.	Avoids a single point of failure by adding an IMU; the system is protected even if the CPAC, MU, or IMU fails.	The number of circuits protected by the CPAC unit is halved.	Users with microprocessor relays that can act as merging units and wish to add additional functions or backup protection without a single point of failure.

Deploying two CPAC or VPAC systems at the substation level enhances reliability and efficiency by ensuring continuous operation, even in the event of system failure. This redundancy allows for uninterrupted control and monitoring, optimizing investment in protection schemes without excessive costs. Redundancy is crucial for both local and remote control systems, ensuring continuous functionality during failures. It is vital to design both hardware and software redundancy to support standards like IEC 61850-0-2 and IEC 62351, ensuring smooth communication and system backup without disrupting protection functions.

Different redundancy methods enhance the availability and resilience of the system, as summarized in Table 22 by comparing methods against their advantages and disadvantages and their general effectiveness [49].

Table 22. Comparison of redundancy methods.

Method	Advantages	Disadvantages	Weaknesses	Strengths	Opportunities	Threats
N	Low initial cost.	No failure tolerance.	High probability of total service disruption.	Simplicity in implementation.	Ideal for non-critical systems.	High risk of significant downtime in case of failure.
N + 1	Improves resilience against single failures.	Limited protection against multiple failures.	Does not ensure high availability.	Increases availability.	Suitable for critical systems with tolerance for one failure.	Risk if failures are multiple or simultaneous.
2N	High availability.	Expensive and complex to implement and maintain.	High duplication cost.	High resilience.	Reduces downtime risk significantly in critical applications.	Complexity in management and high operational costs.
2N + 1	Maximum availability and resilience.	Very high cost and extreme complexity in design and maintenance.	Complex operation and high maintenance costs.	Protects against multiple failures.	Ideal for mission-critical environments.	Management complexity and high operational costs.

Amongst the available redundancy methods, the parallel redundancy protocol is the most effective for digital substation communication, providing seamless failover on link failure without data loss in a link failure [91]. For station buses, PRP has emerged as a standard for implementing communication redundancy. In fact, this has combined with ring network architectures to provide an effective solution that ensures the availability and dependability of protection and control systems in digital substations.

6. Comprehensive Cybersecurity Framework for VPAC Systems in Electrical Substations

Cybersecurity is important in VPAC systems deployed in electrical substations from various perspectives, including hardware, software, and management processes [73,92,93]. Standardization for the IACS security mainly includes IEC 62443 standard [94] and IEC 62351 [25]. These standards provide flexible update mechanisms, the capability to manage vulnerability, and Role-Based Access Control (RBAC) [95], which integrate with enterprise LDAP servers [96]. The challenges are very serious—from proprietary operating systems not up to date with state-of-the-art security features, to heterogeneous network technologies introducing vulnerabilities, to ensuring VM isolation for preventing breaches [97,98]. Virtualized environments introduce other risks due to the existence of the hypervisor layer, which could be compromised by “hyperjacking” attacks [99,100]. The mitigation of these challenges requires a mix of traditional cybersecurity best practices and adaptive ones specific to virtualized systems, based on standards such as the IEC 62443 [94,101] and NERC CIP [26,102,103].

The strategies presented in Table 23 are crucial for ensuring that cybersecurity risks related to VPAC systems are at their minimal levels.

Table 23. Strategies form the basis for a resilient cybersecurity.

Challenge	Proposed Strategy
Proprietary Operating Systems	Implement a multi-layered security framework to enhance protection.
Heterogeneous Network Technologies	Integrate cybersecurity measures with legacy systems while upgrading them.
VM Isolation	Employ advanced isolation techniques and conduct regular security audits.
Vulnerabilities in Automation Systems	Ensure systems are modular, scalable, and compliant with established cybersecurity standards.
Threats in Virtualized Environments	Utilize cutting-edge security measures to prevent and detect hyperjacking and similar threats.

Table 24 gives an overview of the Cybersecurity Standards and Practices for Electric Substations, a basic document that permits the establishment of a complete cybersecurity framework for the protection of critical infrastructures [92].

Table 24. Cybersecurity standards and practices for electric substations.

Standard	Description	Application
IEC 61850 [94]	Communication in electric substation automation systems.	Facilitates information exchange between devices in substations.
IEEE 1613 [104]	Environmental and testing requirements for communication network devices in electric power substations.	Ensures the reliability of communication devices under adverse environmental conditions.
IEC 62439-3 [23]	Highly available and redundant network protocols, such as PRP and HSR, ensure continuous communication.	Ensures continuous and redundant communication in substation networks.
IEC 62443 [94]	Cybersecurity standards for Industrial Automation and Control Systems (IACS).	Comprehensive protection of industrial automation and control systems against cyber threats.
NERC CIP [102]	Critical Infrastructure Protection standards in North America.	Protects energy control systems and critical data in electric infrastructure.
IEC 62351 [25,105]	Cybersecurity for energy management systems and information exchange.	Protects data and communications in energy management systems.
IEEE 1686 [24]	Cybersecurity standard for Intelligent Electronic Devices (IEDs).	Defines cybersecurity requirements for IEDs in automation systems.
IEEE 1547.3 [93,106]	Cybersecurity for distributed energy resources (DERs) interconnected with electric power systems.	Ensures secure integration of DERs with electric power systems.
IEEE C37.240-2014 [92]	Cybersecurity requirements for automation, protection, and control systems.	Implements security measures in automation and protection systems.
NIST Cybersecurity Framework [107]	Framework for improving cybersecurity in organizations (Versions 1.1 and 2.0).	Provides guidelines for enhancing organizational cybersecurity.
NIST SP 800-53 Rev.5 [108]	Security and privacy controls for organizations and information systems.	Establishes security and privacy controls for information systems.
NIST SP 800-82 Rev. 3 [109]	Guide to Industrial Control System (ICS) security.	Enhances security in industrial control systems.
NIST SP 800-63 [108]	Guidelines on digital identity and authentication.	Defines policies and procedures for digital identity and authentication.
TPM 2.0 [110]	Trusted Platform Module specification for cybersecurity evaluation.	Ensures hardware integrity based on TPM standards.
CISA Zero Trust [98]	The maturity model for cybersecurity is based on the Zero Trust principle.	Implements a cybersecurity model that assumes no actor is inherently trusted.
IEC 61850-3 [40]	Mandatory compliance for systems in substations, covering environmental and security criteria.	Ensures environmental resilience and security in substation equipment.
PWI TR 61850-90-20 [25]	Guidelines for redundancy systems in network and communication for utility automation.	Implements redundancy systems in utility network automation.
IEC 62351:2023 SER [105]	Security for data and communications in energy management systems.	Protects the integrity and confidentiality of data in energy management systems.

The implementation of these standards ensures the secure operation, resilience, and continuous availability of critical systems against evolving cyber threats. In [97], it incorporates all smart grid standards that describe cybersecurity issues and provide information on their contents. One of the most relevant specifications for these systems today is the IEC 62443 family of standards, which specifies cybersecurity standards, policies, and procedures for IACS (Figure 14). Cybersecurity in VPAC systems considers the big picture of security integration in hardware, software, and networks. Table 25 summarizes key cybersecurity specifications for VPAC systems and their respective implementation strategies. Commitment to such specification and implementation strategies will ensure that organizations secure their critical infrastructure against the dynamic evolution of cyber threats. Protocols and tools are the very bases for ensuring the integrity, availability, and resilience of critical infrastructures at electrical substations. Among them, the protocols and tools used in cybersecurity stand out, as presented in Table 26.

Figure 14. The ISA/IEC 62443 series [101,111].

Table 25. Cybersecurity specifications and implementation for VPAC systems.

Component	Security Specification	Implementation Strategy
Server Hardware	Ensure the physical and logical integrity and security of servers.	Subject servers to additional cybersecurity certifications and compliance with safety standards.
Networks	Implement network segmentation and access controls.	Use firewalls, VLANs, and access control lists to enforce segmentation and limit unauthorized access.
Configuration and Testing Tools	Utilize secure tools that do not introduce vulnerabilities.	Deploy secure configuration and testing tools that are validated and regularly updated.
Support Systems	Comply with best practices in monitoring and management systems.	Implement continuous monitoring and automated alerts to maintain system integrity.
Substation Software	Protect through regular patching and updates.	Establish a rigorous patch management process to ensure timely updates and vulnerability mitigation.
Solution Management	Implement security measures throughout the solution lifecycle.	Integrate security protocols from the design phase through to decommissioning, ensuring consistent security.
Risk Assessment and Management	Identify and mitigate cyber risks.	Conduct regular risk assessments and implement risk mitigation strategies tailored to the specific threats.
Security Requirements for System Components	Ensure all components are protected against threats.	Harden all components, including hardware, software, and networks, against known vulnerabilities.
Operational Security Measures	Protect the continuous and secure operation of the system.	Implement real-time monitoring, incident response plans, and failover mechanisms to ensure resilience.
Hardware Protection	Compliance with additional cybersecurity certifications and safety standards.	Enforce strict compliance with IEC 62443 and related physical and logical security standards.
Communication Protection	Implement network segmentation and access controls.	Use secure communication protocols (e.g., TLS, VPNs) and robust authentication mechanisms to protect data in transit.
Software Integrity	Ensure software integrity through regular patches and updates.	Automate software updates and patching while validating changes against cybersecurity standards.
Access Management	Define roles and authentication systems for software access.	Implement Role-Based Access Control (RBAC) integrated with enterprise LDAP for streamlined access management.

Table 26. Protocols and tools in cybersecurity.

Protocol/Tool	Description
GOOSE	Facilitates communication between protection and control devices in substations.
SV (sampled values)	Transmits voltage and current readings within substations.
PRP (Parallel Redundancy Protocol)	Ensures uninterrupted communication by providing network redundancy.
TPM (Trusted Platform Module)	Secures the integrity of devices through hardware-based security.

7. Interoperability

Interoperability is another crucial attribute of electrical substations, especially for VPAC systems, ensuring that communication and functionality exist among the diverse devices and systems. Although interoperability has not been well studied in general, emerging standards such as IEC 61869-13:2021 Instrument transformers Part 13: Stand-alone merging unit (SAMU) [112,113] have begun to contribute toward this important requirement through the stipulation of requirements from sensors to new sampled values merging units (SAMU). These standards are critical for achieving a uniform integrated result for different aspects of the substation. Interoperability is enabled by the UCA International Users Group [114] by providing devices compliant to the IEC 61850 standard. This certification process is important because any vendor, although in the process of developing their merging units, can claim IEC 61850 compliance, which may or may not be true. Certification by the UCA ensures that devices implement the IEC 61850 standard; thus, a better interoperability between devices from different manufacturers is assured [115]. It will bring much more reliability and efficiency into substation operations, without the risks of integration problems compromising the performance of systems. While the road to complete interoperability in VPAC systems requires the navigation of evolving standards and certification processes, the efforts put in by standardization bodies and industry groups chart a course toward more cohesive and dependable substation environments. Interoperability continues to hold a place in the spotlight as the industry will continuously evolve, and it will become an important focal point for future electrical infrastructure development [116,117].

Interoperability in smart grids faces several key challenges. First, a Common Information Model (CIM) is required to accommodate evolving business needs, but integrating new models into legacy systems remains complex. Second, harmonization between different standards like CIM and IEC 61850 is problematic due to overlapping functionalities and inconsistent data exchange formats. Lastly, validation is crucial to ensuring accurate information exchange, yet differences in system configurations and a lack of standardized validation methods create obstacles. Addressing these issues requires improved semantic models, automated ontology mapping, and refined data validation techniques [118].

8. Future of Electrical Substations, Challenges, and Advancing Towards Autonomous Network Management

These innovations enable end-users and industries to better manage production and consumption. However, the variability of renewable energy sources greatly challenges the DSO’s ability to maintain the stability of the grid. Traditional methods, such as upgrading cable sections, cannot be good enough to address such complexities that arise in modern grids [119]. One of the major trends being followed is the shift toward an AI/ML-based autonomous network management approach to improve the grid operations [120,121].

It also involves smart metering, substation virtualization, and higher data analytics on the data arriving from smart meters, PMUs, and GIS-network topology in order to develop predictive models for fault detection and real-time management. The beta version of ABB’s ADAM AI/ML fault prediction module is a prime example. It deals with the problem of incipient fault detection and increasing situational awareness, all without the need for dedicated sensors or devices. This cloud-based tool offers high-precision fault predictions that enable proactive maintenance to be performed, thus reducing downtime to a near negligible value.

Electrical substation development in technology is increasingly driving the development of electrical substations, including centralized and virtualized protection and control systems, such as the ADAM 2.0 fleet management software [122]. In the recent industry survey [123], involving over 3200 firms, it emerged that for 92%, reliability remains an issue for their operations, while 60% want to increase investments in maintenance over the next three years. This trend moves toward outcome-based agreements in maintenance, where monetary incentives are tied to the performance outcomes of improved uptimes and energy efficiency.

The integrated AI/ML-based Fault Prediction module enhances situational awareness and proactive fault detection. This brought massive improvements to maintenance planning while reducing downtimes. The system uses existing infrastructure, with capabilities for current and potential transformers, which positions it as cost-effective. Indeed, it integrates well with current operations [124,125].

Concentrating on reliability not only guards against potential losses, but also positively influences the business’s reputation and its financial performance. As the industry shifts further in the direction of predictive and autonomous network management systems, solutions like ADAM 2.0 will prove to be essential instruments for optimizations in performance, operation cost reduction, and overall network stability development, along with future definitions for electrical substations.

Ongoing activities based in the University of Belgrade include implementing a real-time simulation platform making use of HIL technology [126,127] by Q1-2025. The initiative will simulate the entire transmission network of Serbia for the validation of Autonomous Grid Management concepts, and it will explore new technologies. There are utilities like Enedis and Hydro-Québec that are embracing the advantages for a more resilient grid, moving from existing infrastructure management to adopting innovative technologies. Challenges in the transition to virtualized P&C systems include interoperability, strengthening cybersecurity, and managing huge data sets associated with predictive analytics.

Some advanced cybersecurity methods, the standardization of communication protocols and enhancements in virtual redundancy techniques should be developed in future research. Innovative predictive analytics, real-time performance optimization, and scalable VPAC systems will be crucial for improving reliability, security and efficiency in today’s P&C systems.

Artificial intelligence (AI) is transforming power systems and substations by enabling predictive and preventive fault analysis, improving reliability, and paving the way for fully autonomous network management. Traditional substations rely on deterministic protection schemes and manual intervention for fault detection and grid management. However, AI-powered systems can leverage vast amounts of real-time data, advanced analytics, and machine learning models to anticipate failures, optimize operations, and enhance decision-making.

One of the key contributions of AI in power systems is predictive maintenance. By analyzing historical and real-time operational data, AI algorithms can detect early warning signs of equipment degradation, such as anomalies in transformer temperatures, circuit breaker wear, and insulation deterioration. This reduces unexpected outages, minimizes maintenance costs, and extends equipment lifespan. Similarly, fault localization and analysis benefit from AI-powered techniques, which can rapidly identify the location and root cause of a fault by analyzing waveform distortions, transient events, and system dynamics. This leads to faster restoration times and reduced downtime.

AI also plays a crucial role in grid management and stability, helping operators optimize load balancing, voltage regulation, and frequency control. Through reinforcement learning and adaptive optimization algorithms, AI-driven systems can respond dynamically to fluctuations in demand and supply, integrating renewable energy sources more efficiently while maintaining grid reliability. Moreover, cybersecurity in substations can be enhanced using AI-based anomaly detection techniques, which monitor communication networks for signs of cyber threats, unauthorized access, or malicious attacks.

A fully autonomous power system requires a combination of intelligent fault detection, alarm management, and automated network reconfiguration. AI enables real-time fault isolation and self-healing capabilities, allowing substations to automatically reconfigure networks after disturbances, ensuring minimal service disruption. AI-driven alarm management prioritizes critical events, reducing operator workload and improving situational awareness.

Ultimately, AI-powered autonomous substations represent the future of electrical grid management, offering higher efficiency, resilience, and reliability. As AI continues to evolve, the integration of digital twins, edge computing, and decentralized decision-making will further enhance self-sustaining grid operations, leading to a new era of intelligent and autonomous energy infrastructure.

As illustrated in Figure 15, the transition from conventional substations to AI-powered systems has been driven by technological advancements in protection, automation, and digitalization. Initially, substations relied on electromechanical relays and manual fault detection, which limited their adaptability. The integration of microprocessor-based relays and SCADA systems enhanced monitoring and control, paving the way for digital substations with IEC 61850 communication.

Figure 15. Evolution of power substations.

Figure 16 highlights AI-driven solutions, such as ADAM 2.0, that enable predictive maintenance, autonomous fault detection, and real-time optimization, ensuring resilience, efficiency, and cybersecurity in future power networks.

Figure 16. Key element of future autonomous network management systems.

9. Conclusions

According to the methodology and the questions posed, we reached the conclusions that we try to summarize in this section.

Traditional substations operate with CPAC systems, which rely on dedicated hardware-based devices, such as relays and centralized controllers. These systems, while reliable, are often rigid, and require significant manual intervention for configuration and maintenance. Modern digital substations leverage IEDs, process buses, and IEC 61850 communication protocols to enable seamless data exchange, remote control, and enhanced automation. These substations improve interoperability and provide real-time diagnostics, reducing maintenance efforts and improving response times. Looking towards the future, VPAC systems are emerging. These architectures replace dedicated hardware with software-defined solutions running on virtual machines or cloud-based platforms. By decoupling protection and control functions from physical devices, VPAC enables scalability, cost reduction, and enhanced cybersecurity. The increased flexibility of VPAC systems allows for dynamic reconfiguration, improving adaptability in response to grid disturbances, and facilitating integration with artificial intelligence (AI) and machine learning algorithms for predictive maintenance and fault detection.

Migrating from CPAC to VPAC requires a structured approach to ensure reliability, interoperability, and security. Key demands during the transition include the following:

• System reliability and real-time performance—VPAC solutions must match or exceed the performance of CPAC systems, ensuring low-latency operation for protection and control functions;
• Interoperability and legacy integration—The migration should allow for coexistence between legacy hardware and new digital systems, ensuring a smooth transition without full infrastructure replacement. Compatibility with IEC 61850 standards is critical;
• Robust communication infrastructure—A high-speed, deterministic network is essential to handle the increased data exchange between virtualized applications and field devices;
• Seamless deployment and minimal downtime—Planning the transition carefully is necessary to avoid service disruptions and operational risks. VPAC must be deployed in phases, allowing gradual adoption while maintaining system integrity.
• Scalability and maintainability—VPAC must support future expansions and software updates without requiring major system overhauls, reducing long-term operational costs.

In a VPAC environment, precise time synchronization ensures accurate event recording, fault analysis, and system coordination. Technologies such as IEEE 1588 Precision Time Protocol (PTP) and GPS-based synchronization provide the required nanosecond-level accuracy. Synchronization is crucial for sampled values, sequence-of-events recording, and differential protection schemes.

Redundancy in substations has become increasingly digital, while redundancy mechanisms ensure uninterrupted operation. This includes the following:

• Network redundancy, using PRP (Parallel Redundancy Protocol) or HSR (High-availability Seamless Redundancy);
• Hardware redundancy, deploying multiple physical processing units;
• Software redundancy, ensuring VPAC applications run on geographically dispersed virtual machines for fault tolerance.

Regarding cybersecurity, the migration to VPAC increases attack surfaces, making cybersecurity a critical concern. To protect substation operations, utilities must implement the following:

• Encryption and authentication protocols to prevent unauthorized access;
• Network segmentation and firewall protections to isolate critical assets;
• AI-driven anomaly detection to identify and mitigate cyber threats in real time.

By integrating time synchronization, redundancy, and cybersecurity into the migration strategy, substations can achieve higher reliability, resilience, and security, fully leveraging the benefits of virtualization while safeguarding the power grid from emerging threats.

Modern distribution substations are changing, with the increasing penetration of distributed energy resources, electric vehicle charging, and virtual power plants. These innovative technologies bring about enormous opportunities for the optimization of production and consumption, but at the same time, they raise challenges with grid stability due to the variability in the energy sources. Most of these measures have proven ineffective time and again; hence the drive toward Autonomous Network Management with AI and ML techniques. This approach further enhances grid operations through smart metering, substation virtualization, and higher data analytics, thereby allowing for predictive fault detection and real-time management of the grid. One perfect example is ABB’s beta version, known as the ADAM AI/ML fault prediction module with a cloud-based solution enabling proactive maintenance. While these are being investigated, including the collaboration projects on the Hardware-in-the-Loop simulation platform, the industry is moving from pure infrastructure management toward the adoption of state-of-the-art technologies that improve resilience and efficiency.

However, critical challenges will be raised with respect to interoperability, cybersecurity, and large datasets by transitioning into VPAC systems. Overcoming such challenges will demand a structured approach, with advanced techniques for redundancy, cybersecurity measures, and strategies for integration of physical and digital systems. Ensuring that IEDs in the physical grid are well integrated with digital systems is highly crucial for grid stability and reliability. This allows the system to operate seamlessly by embedding robust backups, thereby enhancing fault detection and response with minimal disruption. Besides this, the system optimizes maintenance through the potential for predictive intervention, and adapts to evolving technologies without overhauling existing infrastructure. This will be especially important in resilience against cyber threats. They can do this by collaborating physical with digital components to avoid a possible cyberattack and ensure that the physical IEDs continue independently as a backup in case of any failure within the digital systems. This is going to be vital in terms of safety and security in protection and control systems. Considering all these complexities, Table 27 shows a full SWOT analysis that has been conducted on the strengths, weaknesses, opportunities, and threats that VPAC systems offer.

Table 27. SWOT analysis for transitioning to VPAC systems.

Aspect	Strengths	Weaknesses	Opportunities	Threats
Efficiency and Cost	CPAC systems streamline operations and reduce costs.	Transition involves managing significant technical and operational changes.	Exploring SaaS and IaaS models can drive innovation and flexibility.	Technological advancements may outpace current systems.
Safety and Flexibility	Improved safety through non-traditional sensors.	Virtualized systems may experience performance issues and increased latency.	Leveraging big data and AI/ML for predictive analytics can enhance fault prediction and maintenance.	Increased reliance in cloud-based solutions may create single points of failure.
Redundancy	Advanced redundancy techniques like PRP enhance resilience and availability.	Ensuring full interoperability between different manufacturers’ IEDs remains challenging.	Developing integrated systems that combine physical and digital elements can enhance reliability.	Cybersecurity threats such as malware and ransomware pose risks to virtualized systems.
Technology Integration	Adoption of modern technologies like AI and ML improves predictive capabilities.	Dependency on cloud and network infrastructure requires robust management.	Partnerships and pilot programs can help identify optimal solutions and best practices.	System integration with legacy technologies may lead to compatibility issues.
Data Management	AI/ML tools like ABB’s ADAM offer high-precision predictive analytics for better maintenance.	Complexity of managing large amounts of data and ensuring data integrity.	Utilizing analytics and big data can improve operational efficiency and reduce downtime.	Regulatory and compliance challenges may arise with evolving standards and requirements.

Based on these critical areas of improvement, the action plan presented in Table 28 is suggested. The final conclusion is that virtualization has huge potential and is ready for broader use, but several factors need to be considered in order to ensure the reliability, robustness, and security of the results.

Table 28. Action plan from SWOT analysis.

Action	Goal
Strengthening Cybersecurity Measures	Implement advanced protocols and conduct regular assessments to protect against cyber threats.
Improving Interoperability	Adopt open standards for seamless integration between systems and manufacturers.
Enhancing Real-Time Performance	Invest in hardware acceleration and optimize virtualization techniques to reduce latency.
Expanding Predictive Analytics	Utilize AI/ML tools and big data for predictive maintenance and enhanced fault detection.
Ensuring Physical and Digital Integration	Develop strategies for coordinating physical IEDs with digital systems and establish robust backups.