ELECTRICAL AND COMPUTER ENGINEERING DEPARTMENT ELECTRICAL POWER ENGINEERING STREAM Computer Application of Power System

SCADA SYSTEM Presented By: Mohammed A. March 2013

OUTLINE
SCADA Systems Introduction Evolution and Topology Requirements for the SCADA master station SCADA Architectures SCADA Protocols Security and Vulnerability of SCADA Systems

INTRODUCTION
The main objective in power system is maintaining the balance b/n power generation and production, assuring the reliability of the system

POWER SYSTEM CHALLENGES

CONTD
A.

Power system load is the main aspect to be considered for a good operation of the grid (maintaining the power balance of the system: active power production should meet consumers needs). In order to maintain the load balance in the power system, generation, planning and forecasting is an essential task. Generation planning usually involves centralized generation facilities with a reasonable size and with an operation that is controlled by a dispatching center. Regarding load balance, the challenge is to forecast or to plan the distributed generation in a way that does not affect the stability of the system.

CONTD
B. The problems related to the quality of the electricity supply concerns network operators and network users (energy consumers or producers) also. Mainly, from consumers point of view, power quality reduces to the continuity in power supply and the voltage characteristics. The power supply continuity is also related to the load balance. But voltage quality is set according to its characteristics: frequency, amplitude, waveform and symmetry. C. Grid efficiency refers to a load balances in an economical and environmental manner. The main purpose is to reduce the power consumption during the peak load demand and to increase it when the load demand is low.

CONTD
D. The behavior during fault condition should be monitored and data should be stored in a historian server in order to improve system stability. E. System adequacy represents the PS capability of matching the evolution of the power flux. The system adequacy can be considered from two points of view: The capacity of the production units in the PS to cover the demand (load). The ability of the transmission system to transport the power flows b/n the generator units and the consumers.

CONTD
F. System stability is influenced by both voltage and frequency control. All the previous are subjective to the presence of the distributed generation units,--decentralized plants. Most of these plants bring uncertainties into the system System operators are intended to overcome these PS challenges by:
adopting a probabilistic approach for managing the network; foreseeing greater power flux flexibility b/n centralized and decentralized plants; transferring most of the ancillary services to the centralized units; reviewing reactive energy compensation plans for voltage regulation; ensuring a clean network infrastructure to guarantee stability.

CONTD
SCADA systems are intended to provide a human operator with updated real-time info about the current state of the remote process being monitored, as well as the ability to manipulate the process remotely It is a method of monitoring and controlling large process, often scattered over thousands of Kms. Applications are for distribution systems such as: water distribution and wastewater collection systems, oil and natural gas pipelines, electrical utility transmission and distribution systems, rail and other public transportation systems. experimental facilities such as nuclear fusion

CONTD
SCADA systems consist of both hardware and software. Typical hardware includes an MTU placed at a control center, communications equipment (e.g., radio, telephone line, cable, or satellite), and one or more geographically distributed field sites consisting of either an RTU or a PLC, which controls actuators and/or monitors sensors. The control center collects and logs information gathered by the field sites, displays information to the HMI, and may generate actions based upon detected events. The control center is also responsible for centralized alarming, trend analyses, and reporting. The MTU stores and processes the info from RTU inputs and outputs, while the RTU or PLC controls the local process.

CONTD
Field sites are often equipped with a remote access capability to allow field operators to perform remote diagnostics and repairs usually over a separate dial up modem or WAN connection. The communications hardware allows the transfer of info and data back and forth b/n the MTU and the RTUs/PLCs. The software is programmed to tell the system what and when to monitor, what parameter ranges are acceptable, and what response to initiate when parameters change outside acceptable values.

CONTD

CONTD
SCADA systems integrate data acquisition systems with data transmission systems and HMI software to provide a centralized monitoring and control system for numerous process inputs and outputs. SCADA systems are designed to collect field info, transfer it to a central PC facility, and display the info to the operator graphically/textually, thereby allowing the operator to monitor/control an entire system from a central location in real time. Based on the sophistication and setup of the individual system, control of any individual system, operation, or task can be automatic, or it can be performed by operator commands. SCADA is not a full control system, but rather focuses on the supervisory level. SCADA is used for gathering, analyzing and to storage real time data.

CONTD
Used to monitor and remotely control critical industrial processes Industrial control systems (ICS)
SCADA systems Distributed Control Systems (DCS) Programmable Logic Controllers (PLC)

SCADA Components
Master Terminal Unit (MTU) Human Machine Interface (HMI) Remote Terminal Unit (RTU) Communications network

CONTD
Highly distributed Geographically separated assets Centralized data acquisition and control are critical Oil and gas pipelines Electrical power grids Railway transportation systems Field devices control local operations

Evolution and Topology

SCADA Evolution 1960s Integrated Circuit led to minicomputers capable of computer control of processes Confined to one physical location Not connected to an external network Local area network Closed loop control Proprietary protocols

CONTD
1960 -1980s Central Architectures Single powerful computer performing all functions 2nd identical computer for redundancy

CONTD
1980s to present Distributed Architectures
Multiple computers networked together with each performing a specific function LAN improvements practical and possible Functions:
Remote terminal polling Complex applications processing Historian data archiving and trending

Graceful degradation

CONTD
1990s to present Client/Server
Powerful PCs TCP/IP networking High speed Ethernet Commercial real-time operating systems

Looking more like IT systems

Scalable and fault tolerant Smart software makes redundancy easy

CONTD
Human Machine Interface
Printouts Map board Mimic panel Video projection technology

SCADA TOPOLOGY

CONTD

CONTD

CONTD

Choose this topology if you need a peer-to-peer communication connection, such as a back-up communication link between remote stations at a site and the master station at the control site.

CONTD
PointPoint-toto-multipoint (multi(multi-drop) it is a communication link among three or more stations with one station being a communication arbitrator (master) that controls when the other stations (remote stations) can communicate. The stations can be connected using: permanent public media like leased lines or digital data services. atmospheric connections, such as microwave, radio, or satellite transmissions. Point-to-multipoint is the main topology for SCADA applications.

CONTD
MultipointMultipoint-toto-multipoint it is a radio modem communication link among three or more stations where there is no communication arbitrator (master) and any station can initiate communication with any other station. This is the topology used by spread-spectrum Ethernet radio modems. It provides a peer-to-peer network among stations.

CONTD
Point-to-point is functionally the simplest type; however, it is expensive because of the individual channels needed for each connection. Series configuration reduces the number of channels used; however, channel sharing has an impact on the efficiency and complexity of SCADA operations. The series-star and multi-drop configurations use one channel per device which results in decreased efficiency and increased system complexity.

CONTD

CONTD

CONTD

CONTD

Major Functions of SCADA

Power flow control - by evaluating network reliability, considering anticipated total load, network configuration, load flow, and contingencies; Data maintenance - Enables operator to modify the database of power device status and network topology by defining parameters; Voltage/reliability monitoring - Monitors present voltage reliability and transient stability and predicts future status some hours ahead; Supervisory control and data acquisition - Supervises the status or the changes of breakers, connectors, and protective relays; induces of charged/uncharged status of lines and buses; supervises active/reactive power against operational/emergency limit; judges network faults; State estimation and scheduling; scheduling Load forecasting by utilizing historical data about weather and load;

SCADA master station

The SCADA master station should perform the following functions in a power system automation system: Display real-time data received from the IEDs, relays, bay controllers, RTUs or PLCs connected in the power system Keep historical records of data received and retrieve these records when required Activate alarms when necessary Display sequence-of-event reports and disturbance recordings when required Provide an active operator interface for supervisory control and remote configuration of IEDs and other devices Perform communication control over the network, depending on the protocol used

CONTD
Hardware A SCADA master station may be utilized to control one substation only, as will be the case in large generation or transmission high-voltage substations

CONTD
Smaller distribution substations will normally not justify a SCADA station for each substation & several substations will be connected to one SCADA master station,

CONTD
The hardware for a PS automation master station will normally consist of one or more desktop PCs or workstations, with its normal peripheral devices and one or more communication ports. The reliability of the hardware is crucial. Electrical protection functions will not, or should not, be dependent on the availability of the SCADA master or the communications network.

CONTD
However, real time data acquisition and remote control will be unavailable in case of hardware failure. This may be catastrophic in a SA system, depending on the criticality of the power system. Therefore, a high-end and reliable PC (or workstation) should be installed for the SCADA master. Its cost low, but it is the single most crucial element of the whole system It is good practice to utilize two PCs at the master station. 1st PC - operator terminal or SCADA master: all remote control commands will be initiated by the operator from this terminal.

CONTD
1.

2.

2nd PC - engineering terminal: has two main functions for redundancy, to take over as SCADA master should the first PC fail; to retrieve and view disturbance records, sequence-ofevent recordings, change relay settings and/or configurations, etc, without interfering with the operator functions. This could be especially useful in abnormal power system conditions, A great attention should be given to the power supply to the PCs The most reliable way is to provide a dedicated UPS to the PCs.

CONTD
It is always good practice to feed the UPS with two power supplies the normal supply as well as a backup or emergency supply if available. The UPS should be monitored constantly by the SCADA system and an early warning given should the UPS become unhealthy. The normal peripheral devices will be required, like a keyboard, mouse, etc, as well as a data comms port. A CD writer or digital tape drive should be installed to regularly back-up and archive data. A dot-matrix printer and a laser or ink-jet printer could be installed at the operator terminal and engineering terminal to print events as they occur

CONTD
Software 1) Operating system software Reliable, stable software should be chosen for the operating system. It should be ascertained on which platform the SCADA system software can run and perform the best. 2) SCADA system software It will usually be supplied as a standard package and then configured for or by the particular user.

CONTD
There are typically five tasks in any SCADA system. Each of these tasks performs its own separate processing: Input/output task This program is the interface between the control and monitoring system and the plant floor. Alarm task: manages all alarms by detecting digital alarm points and comparing the values of analog alarm points to alarm thresholds. Trends task: collects data to be monitored over time. Reports task: are produced from plant data. These reports can be periodic, event triggered or activated by the operator. Display task: manages all data to be monitored by the operator and all control actions requested by the operator.

CONTD

REMOTE TERMINAL UNITS (RTUS) An RTU as the title implies, is a standalone data acquisition & control unit, generally microprocessor based, which monitors and controls equipment at some remote location from the central station. Its primary task is to control and acquire data from process equipment at the remote location and to transfer this data back to a central station. It generally also has the facility for having its configuration and control programs dynamically downloaded from some central station. There is also a facility to be configured locally by some RTU programming unit.

CONTD
Although traditionally the RTU communicates back to some central station, it is also possible to communicate on a peer-to-peer basis with other RTUs. The RTU can also act as a relay station (sometimes referred to as a store and forward station) to another RTU, which may not be accessible from the central station. Small sized RTUs generally have less than 10 to 20 analog and digital signals, medium sized RTUs have 100 digital and 30 to 40 analog inputs. RTUs, having a capacity greater than this can be classified as large.

CONTD
General SCADA features The following are some general features that should be present in any well-designed SCADA system, and which is also applicable to power system automation: Alarms Trends IED interface Access to data Networking Client/server distributed processing

CONTD
Expandability of the system At the same time, performance and efficiency of the SCADA package with the current plant is important, the package should be easily upgradable to handle future requirement. The system must be easily modifiable as the requirements change, and expandable as the task grows i.e. the system must use a scalable architecture. A typical figure quoted in industry is that if expansion of the SCADA system is anticipated over the life of the system the current requirements of the SCADA system should not require more than
60% of the processing power of the master station and the available mass storage (on disk) and memory (RAM) should also be approximately 50% of the required size.

CONTD
It is important in specifying the expansion requirements of the system that: The additional hardware that will be added will be of the same modular form as that existing and will not impact on the existing hardware installed. The existing installation of SCADA hardware/control cabinets/operator displays will not be critically impacted on by the addition of additional hardware. This include items such as power supply/air conditioning/SCADA display organization. The operating system will be able to support the additional requirements without any major modifications. The application software should require no modifications in adding new IEDs or operator stations at the central site/master station.

SCADA Architectures
SCADA systems have evolved in parallel with the growth and complexity of modern computing technology. There are three generations of SCADA systems. These are:
First Generation Monolithic Second Generation Distributed Third Generation Networked

MONOLITHIC SCADA SYSTEMS

SCADA systems were standalone systems with virtually no connectivity to other systems The WANs that were implemented to communicate with RTUs were designed with a single purpose &nothing else In addition, WAN protocols in use today were largely unknown at the time protocols were generally very lean, supporting virtually no functionality beyond that required scanning and controlling points within the remote device Connections to the master typically were done at the bus level via a proprietary adapter or controller plugged into the Central Processing Unit (CPU) backplane. Redundancy in the 1st generation systems was accomplished by the use of two identically equipped mainframe systems, a primary and a backup,

CONTD

DISTRIBUTED SCADA SYSTEMS

took advantage of developments & improvement in system miniaturization and LAN technology to distribute the processing across multiple systems Multiple stations, each with a specific function, were connected to a LAN and shared information with each other in real-time. smaller & less expensive than their 1st generation processors Distribution of system functionality across networkconnected systems served not only to increase processing power, but also to improve the redundancy and reliability of the system as a whole. The WAN used to communicate with devices in the field were largely unchanged by the development of LAN connectivity between local stations at the SCADA master. These external communications networks were still limited to RTU protocols

CONTD

NETWORKED SCADA SYSTEMS

This generation of SCADA master station architecture is closely related to that of the 2nd generation, with the primary d/f being that of an open system architecture rather than a vendor controlled, proprietary environment The major improvement in the 3rd generation is that of opening z system architecture, utilizing open standards & protocols and making it possible to distribute SCADA functionality across a WAN and not just a LAN. Another advantage brought about by z distribution of SCADA functionality over a WAN is that of disaster survivability. The distribution of SCADA processing across a LAN in 2nd generation systems improves reliability, but in the event of a total loss of the facility housing the SCADA master, the entire system could be lost as well.

CONTD
By distributing the processing across physically separate locations, it becomes possible to build a SCADA system that can survive a total loss of any one location. For some organizations that see SCADA as a super-critical function, this is a real benefit.

SCADA PROTOCOLS

CONTD
In a SCADA system, the RTU accepts commands to operate control points, sets analog output levels, and responds to requests. It provides status, analog and accumulated data to the SCADA master station. The data representations sent are not identified in any fashion other than by unique addressing. The addressing is designed to correlate with the SCADA master station database. The SCADA master station is the part of the system that should know that the first status point of RTU number 27 is the status of a certain circuit breaker of a given substation. This represents the predominant SCADA systems and protocols in use in the utility industry today.

CONTD
Each protocol consists of two message sets or pairs. 1) the master protocol, containing the valid statements for master station initiation or response, and 2) the RTU protocol, containing the valid statements an RTU can initiate and respond to. In most but not all cases, both can be considered a poll or request for info or action and a confirming response. The SCADA protocol between master and RTU forms a viable model for RTU-to-IED communications. Currently, in industry, there are several different protocols in use. The most popular are IEC 60870-5 series, specifically IEC 60870-5-101 (commonly referred to as 101) and DNP3

IEC 60870-5-101
IEC 60870-5 specifies a number of frame formats & services that may be provided at different layers. It is based on a three-layer EPA reference model for efficient implementation within RTUs, meters, relays, and other IEDs. (See fig.) Additionally, It defines basic application functionality for a user layer, which is situated b/n the Open System Interconnection (OSI) application layer and the application program. This user layer adds interoperability for such functions as clock synchronization and file transfers.

CONTD
A. IEC 60870-5-1 specifies the basic requirements for

services to be provided by the data link and physical layers for telecontrol applications. it specifies standards on coding, formatting, and synchronizing data frames of variable and fixed lengths that meet specified data integrity requirements. B. IEC-60870-5-2 offers a selection of link transmission procedures using a control field and optional address field; the address field is optional b/c some point-to-point topologies do not require either source or destination addressing.

CONTD
C. IEC 60870-5-3 specifies rules for structuring application data units in transmission frames of telecontrol systems. to support a great variety of present and future telecontrol applications. describes the general structure of application data and basic rules to specify application data units without specifying details about information fields and their contents. D. IEC 60870-5-4 provides rules for defining info data elements and a common set of info elements, particularly digital and analog process variables that are frequently used in telecontrol applications. E. IEC 60870-5-5 defines basic application functions that perform standard procedures for telecontrol systems, which are procedures that reside beyond layer 7. These utilize standard services of the application layer. Its specifications serve as basic standards for application profiles that are then created in detail for specific telecontrol tasks.

Distributed Network Protocol3 (DNP3)

DNP3 is a protocol for transmission of data from point A to point B using serial communications. developed for inter-device communication involving SCADA RTUs, and provides for both RTU-to-IED and master-toRTU/IED It is based on the three-layer EPA model contained in the IEC 60870-5 standards, with some alterations to meet additional requirements of a variety of users in the electric utility industry DNP3 provides the rules for substation computers and master station computers to communicate data and control commands. DNP3 is a non-proprietary protocol that is available to anyone. Only a nominal fee is charged for documentation, but otherwise it is available worldwide with no restrictions.

CONTD
DNP3 was designed to optimize the transmission of data acquisition information and control commands from one PC to another. It is not a general purpose protocol for transmitting hypertext, multimedia or huge files. An array of binary input values represents states of physical or logical Boolean devices. fig Values in the analog input array represent input quantities that the server measured or computed. An array of counters represents count values, such as kilowatt hours, that are ever increasing Control outputs are organized into an array representing physical or logical on-off, raise-lower and trip-close points. Lastly, the array of analog outputs represents physical or logical analog quantities such as those used for set points.

CONTD
Notice that the DNP3 client, or master, also has a similar database for the input data types. The master, or client, uses values in its database for the specific purposes of displaying system states, closed-loop control, alarm notification, billing, etc. An objective of the client is to keep its database updated. It accomplishes this by sending requests to the server asking it to return the values in the servers database. This is termed polling. Fig Both shown in Fig each have two software layers. The top layer is the DNP3 user layer. In the client, it is the software that interacts between the database and initiates the requests for the servers data. In the server, it is the software that fetches the requested data from the servers database for responding to client requests.

CONTD
It is interesting to note that if no physical separation of the client and server existed, eliminating the DNP3 might be possible by connecting these two upper layers together. However, since physical or possibly logical separation of the client and server exists, DNP3 software is placed at a lower level. The DNP3 users code uses the DNP3 software for transmission of requests or responses to the matching DNP3 users code at the other end.

CONTD
one-on-one system having one master station and one slave. The physical connection between the two is typically a dedicated or dial-up telephone line. Multi-drop design: one master station communicates with multiple slave devices. Conversations are typically between the client and one server at a time. The master requests data from the first slave, then moves onto the next slave for its data, and continually interrogates each slave in a round robin order. The communication media is a multi-dropped telephone line, fiber optic cable, or radio. Each slave can hear messages from the master and is only permitted to respond to messages addressed to itself. Slaves may or may not be able to hear each other. In some multi-drop forms, communications are peer-to-peer. A station may operate as a client for gathering information or sending commands to the server in another station. Then, it may change roles to become a server to another station.

CONTD
Hierarchical type system: the device in the middle is a server to the client at the left and is a client with respect to the server on the right. The middle device is often termed a sub-master. data concentrator applications and protocol converters: A device may gather data from multiple servers on the right side of the figure and store this data in its database where it is retrievable by a master station client on the left side of the figure. This design is often seen in substations where the data concentrator collects information from local intelligent devices for transmission to the master station.

SECURITY AND VULNERABILITY OF SCADA SYSTEMS

Due to SCADA evolution towards more open-based standards has made it easier for the industry to integrate various diverse systems together, it has also increased the risks of less technical personnel gaining access and control of these industrial networks.

DEVELOPING A SCADA SECURITY STRATEGY Developing an appropriate SCADA security strategy involves analysis of multiple layers of both the corporate network and SCADA architectures including others. Strategies for SCADA Security should complement the security measures implemented to keep the corporate network secure Most corporate networks employ a No. of security countermeasures to protect their networks.

CONTD
Border Router and Firewalls: Firewalls, properly configured and coordinated, can protect passwords, IP addresses, files and more. However, without a hardened OS, hackers can directly penetrate private internal networks or create a Denial of Service condition. Proxy Servers: A Proxy server is an internet server that acts as a firewall, mediating traffic between a protected network and the internet. They are critical to re-create TCP/IP packets before passing them on to, or from, application layer resources such as HTTP and SMTP. However, the employment of proxy servers will not eliminate the hazard of application layer attacks.

CONTD
Operating Systems: OS can be compromised, even with proper patching, to allow network entry as soon as the network is activated. This is due to the fact that OSs are the core of every PC system and their design and operating characteristics are well known world wide. As a result, OSs are a prime target for hackers. Further, inplace OS upgrades are less efficient and secure than design-level migration to new and improved OS. Applications: Application layer attacks; i.e., buffer overruns, worms, Trojan Horse programs and malicious ActiveX5code, can incapacitate anti-virus software and bypass the firewall as if it wasnt even there.

CONTD
Policies and Procedures: constitute the foundation of security policy infrastructures. They include requiring users to select secure passwords that are not based on a dictionary word and contain at least one symbol, capital letter, and number, and should be over eight characters long. Users should not be allowed to use their spouse, child, or pets name as their password. The above list is common to all entities that have corporate networks. SCADA systems for the most part coexist on the same corporate network. The following list suggests ways to help protect the SCADA network in combination with the corporate network: SCADA Firewalls: SCADA Systems and Industrial Automation Networks, like corporate network OS, can be compromised using similar hacking methods.

CONTD
Oftentimes, SCADA systems go down due to other internal software tools or employees who gain access into the SCADA systems, often without any intention to take down these systems. For these reasons, it is suggested that strong firewall protection to wall off your SCADA networking systems from both the internal corporate network and the Internet be implemented. This would provide at least two layers of firewalls between the SCADA networking systems and the Internet. SCADA Internal Network Design: SCADA networks should be segmented off into their own IP segment using smart switches and proper sub-masking techniques to protect the Industrial Automation environment from the other network traffic, such as file and print commands. Facilities using Wireless Ethernet and Wired Equivalent Protocol (WEP) should change the default name of the Service Set Identifier (SSID).

CONTD
SCADA Server OS: Simply installing a firewall or segmenting SCADA IP addresses will not ensure their SCADA Infrastructure is secure. An experienced hacker can often bypass firewalls with ease and can even use Address Resolution Protocol (ARP) trap utilities to steal Media Access Control (MAC) addresses. The hacker can also deploy IP spoofing techniques to maneuver through switched networks. OS running the SCADA applications must also be maintained. SCADA applications on Windows NT, 2000, or XP are properly patched against the latest vulnerabilities, and that all of the default NULL NT accounts and administrator accounts have been removed or renamed. SCADA applications running in UNIX, LINUX, Novell, or any other OS, must also be maintained as above. All operating systems have back doors and default access accounts that should be removed and cleaned off of these SCADA Servers.

CONTD
SCADA Applications: You must also address security within the SCADA application itself. Trojan horses and worms can be inserted to attack application systems, and they can be used to manipulate data or issue commands on the server. There have even been cases of Trojan horses being deployed that completely emulate/copy the application. The operator or user thinks that he is clicking on a command to stop a pump or generate a graph of the plant, but he is actually clicking on buttons disguised to look like the SCADA screen, and these buttons start batch files that delete the entire hard drive, or send out pre-derived packets on the SCADA system that turn all outputs to ON or 1 state. Trojan horses and viruses can also be planted through an email opened by another computer in the plan, and then it is silently copied over to adjacent SCADA servers, where they wait until a specified time to run. Many times plant control rooms will have corporate computers with the Internet and email active on them within the same physical room, and network switches as SCADA computers.

CONTD
Methodologies to mitigate against these types of situations are: the use of anti-virus software running on the computer where the SCADA application resides; systems administrators disabling installation of any unauthorized software unless the user has administrator access; and Policies and Procedures applicable to SCADA systems, which are addressed below.

CONTD
SCADA Policies and Procedures: SCADA policies and procedures associated with remote vendor and supervisory access, password management, etc. can significantly impact the vulnerabilities of the SCADA facilities within the SCADA network. Properly developed Policies and Procedures that are enforced will greatly improve the security posture of the SCADA system. In summary, these multiple rings of defense must be configured in a complementary and organized manner, and the planning process should involve a cross-team with senior staff support from operations, facility engineering, and Information Technology (IT). The SCADA Security team should first analyze the current risks and threat at each of the rings of defense, and then initiate a work plan and project to reduce the security risk, while remembering to avoid any major impacts to operations.

Function of SCADA
Data Acquisition- Furnishes status information & measurands data to operator Control - Allows the operator to control the devices e.g. ckt breakers, Xmer, tap changer from a remote centralized location. Data Processing - Includes data quality & integrity check, limit check, analog value processing etc. Tagging - Operator identifies any specific device & subjects to specific operating restrictions to prevent from unauthorized operation Alarms - Alerts the operator of unplanned events & undesirable operating conditions in the order their severity & criticality Logging- Logs all operator entries, alarms &selected entries Trending- Plots measurements on selected scale to give information on the trends e.g. one minute, one hour etc. Historical Reporting - save & analyze the historical data for reporting, typically for a period of 2 or more years & to archive.