Ethernet-level redundancy protocols for communication networks in electrical substation automation

Ethernet-level redundancy protocols for communication networks in electrical substation automation

In electrical substation automation systems, responding to failures and ensuring information integrity are key requirements for quality assurance in control and data acquisition systems. In non-redundant communication networks, the response to failures in the channel or in the communication network is a serious problem, due to the fact that there are losses of information and high reconfiguration times, limiting the operation of the system and producing dead time and loss of information.

Redundant communication networks and the implementation of redundancy protocols help to minimize reconfiguration times and guarantee the integrity of the information. Therefore, they are presented as a solution to this problem. At first, it would seem too much to duplicate the entire communications network infrastructure, because it requires a high level of investment. However, when evaluating the benefits that this would bring, it can be said that, for automation systems with high requirements in critical fields such as the automation of electrical substations, the implementation of robust networks that guarantee the integrity of the information using redundancy protocols increases the reliability and availability of the system.


Currently, there are different redundancy protocols, which seek to solve this problem. Their differences lie in the reconfiguration time, which is the time it takes for the system to recover its active state in the event of a communications network failure. Among the different redundancy protocols, PRP and HSR stand out. These guarantee the integrity of the information and offer an almost instantaneous response to failures, with zero reconfiguration time. The following table shows the requirements and tolerance in the implementation of communication between different devices in electrical substation automation systems.

Table 1. shows a brief overview of some redundancy protocols, emphasizing their reconfiguration times and failure response mechanisms.

Table 1. Response times and mechanisms to failures redundancy protocols

Rapid Spanning Tree Protocol RSTP IEEE 802.1W

Currently, the use of RSTP (Rapid Spanning Tree Protocol), an enhancement of STP (Spanning Tree Protocol), is highlighted. Focused on the implementation of redundancy in industrial communication networks, especially at the level of electrical substations. The RSTP protocol makes use of redundant links to provide several possible paths between the different nodes. Thus, in the case of a failure in any section of the network, the system is able to re-establish the connection using other paths and carry the information between source and destination.  One of the strong advantages of the RSTP protocol over other traditional redundancy protocols is its reconfiguration time, since it is relatively low, around 6 to 10 seconds. In addition, this protocol allows avoiding loops at the link layer level.

The protocol works on a tree topology as shown in Figure 1, which uses a hierarchy that is displayed at the switch level. It starts from the root switch, which is the device in charge of controlling the architecture, and deploys to the rest of the switches in the network. The RSTP protocol operates by establishing paths between nodes, finding a main path and an alternate one, which will be the least expensive paths to a network segment. These paths allow the protocol to establish redundancy in the network as well as a response to failures.

Figure 1. RSTP protocol topology

 Media Redundancy Protocol MRP IEC-62439-2

MRP is based on concepts of intelligent redundancy over a ring network, without the need for switches. One of the devices takes the role of redundancy manager in the network and establishes the network configuration and information flow direction. In case of a failure, the redundancy manager reconfigures the ring network, changing the information flow and allowing a constant information flow (Figure 2). This protocol reduces the complexity of the implementation and decreases the hardware used, making it, in principle, a viable solution. However, the reconfiguration time in case of failure is around 200 ms, which makes it weak compared to other protocols and unsuitable for implementation in control and data acquisition systems in electrical substation

Figure 2. MRP protocol ring network reconfiguration


MultiPath is a protocol very similar to PRP, focused mainly on mobile telecommunications. It arises from the limitations of TCP systems, to support mobility between networks. When there is a drop in the connection to the network through one interface, the devices cannot make use of other interfaces to maintain the connection, which causes delays in reconfiguration times of the device to make use of the other interface and be able to reconnect. Having the ability to access the network from multiple interfaces at the same time allows for better system performance and failure response. The TCP protocol in response to failures takes a long time to reconnect, as it has to re-establish the connection. The MultiPath TCP protocol is based on the principle of simultaneous use of resources, making use of multiple interfaces for sending data, providing immediate failure response and congestion control. It is based on the creation of a MultiPath sub-layer within the transport layer that creates TCP sub-flows using different interfaces, see Figure 3.

Figure 3. MPTCP MultiPath TCP

Parallel Redundancy Protocol PRP

The biggest advantage of PRP implementation over other redundant protocols is that it implements redundancy functions at the nodes and not on the network. A PRP node is connected to two arbitrarily topological LANs which are disjointed and operate in parallel. Both LANs are independent from the other network, so they must have different power supplies and must not have direct connections, as shown in figure 4. The implementation of the PRP protocol must be transparent to the topology of both networks, no matter if they are structured in a ring, bus or tree, the protocol operates in the same way.

Figure 4. PRP redundancy structure

The Parallel Redundancy Protocol PRP, is seen as a very good option for the implementation of redundancy in electrical substation control networks, since the reconfiguration time in case of failure is 0 seconds. This guarantees that the system is operating at all times and never interrupts the flow of information regardless of failures in one of the two networks. In addition to its principle operation, it offers availability and interoperability between different manufacturers. This protocol is supported by a wide variety of devices on the market. Different manufacturers of products focused on automation of electrical substations, such as Axon Group, Siemens, ABB, SEL and GE among others, have devices that support communication over PRP, which gives the protocol greater flexibility, compatibility and interoperability between devices from different manufacturers.

The protocol provides the possibility of establishing redundancy in nodes that do not support it, using devices called RedBox. RedBoxes serve as an interface between nodes that do not support PRP and the network, allowing them to behave as if they support the PRP protocol. The different manufacturers in the market offer this in their RedBox catalogs, allowing you to reduce the modifications of an already existing network in which you want to implement PRP.

 One disadvantage of PRP over other protocols is cost, because it requires duplication of the communications network for implementation. Due to the requirements in terms of availability and uninterrupted operation of the communication networks of power generation and distribution systems, these additional costs become necessary to ensure high availability and immediate response to network failures.

High-availability Seamless Redundancy IEC-62439-3.5

The HSR protocol, capable of working hand in hand with PRP, applies to any topology, but in particular rings and ring arrangements. As in PRP, double-connected nodes with two ports operating in parallel (DANH) are used. An HSR network allows the connection and communication of individually connected nodes (SAN), making use of an entity called a redundancy box (RedBox), converting them into VDANHs (virtual DANH nodes). To send, a DANH node receives the upper layer frame; it attaches an HSR identifier to it; it duplicates it and sends a copy for each of its ports. On the receiver side, a DANH node receives two identical frames, one for each of its ports. It removes the HSR tag from the first received frame and sends it to its upper layers; finally, it discards duplicates of this frame. The HSR protocol, since it does not require reconfiguration time in case of system failures and since it can be implemented together with the PRP protocol, is a good option for use in the control and data acquisition of electrical substations. Furthermore, there are several devices in the market that support this protocol and it can be used in different topologies, so its implementation becomes viable.

Figura 5. Structure High-availability Seamless Redundancy (HSR) protocol

 Artículo redactado por: Nicolás Hernández y Luis Rueda, Axon Group

Para poder descargar el contenido de forma gratuita debe iniciar sesión: