Computer Standards & Interfaces 27 (2005) 679 – 695

www.elsevier.com/locate/csi

Understanding and using the IEC 61850: a case for meta-modelling

Tatjana Kostic*, Otto Preiss, Christian Frei
Corporate Research, ABB Switzerland Ltd., 5405 Daettwil, Switzerland
Received 12 July 2004; received in revised form 23 August 2004; accepted 3 September 2004
Available online 18 October 2004

Abstract

This paper argues for means to rigorously specify data models and communications services of industrial data
communications standards. It uses the example of the recently published IEC 61850 standard bCommunications networks
and systems in substationsQ. The latter applies mainly to electrical supply systems such as substations and decentralised power
resources (based on wind, photovoltaic, fuel cells, hydropower). However, the concepts of the IEC 61850 could be used in other
industrial areas, as well.
The paper shows how the complex standard can be modelled elegantly and precisely with a meta-modelling approach, in
which we utilise the UML for the model representation. The conceptual approach presented makes the inherent complexity of
the standard’s data model manageable for both humans and machines. That is, it facilitates human comprehension and machine
processability and thereby contributes to a better understanding of the standard as well as to a better utilisation of the standard
through functionality provided in today’s CASE tools. One important aspect is that it allows one to establish and maintain
consistency across the standard’s data and communications models.
D 2004 Elsevier B.V. All rights reserved.

Keywords: UML; Meta-modelling; Modelling tools; Formal model; IEC 61850; Communication networks and systems; Specification
consistency

1. Introduction order to do so, many domain-specific data communi-

Industrial automation is largely based on distrib-
uted systems, which increasingly have to integrate
products and applications of different vendors. In
* Corresponding author. Tel.: +41 58 586 8303; fax: +41 58 586
7365.
E-mail addresses:
cations standards (often called bprotocol standardsQ)
are defined. This can be for domains such as
manufacturing control, automotive control, or control
of substations and equipment which are part of our
electric power systems.
In the past, protocol standards were rather simple.
That is, they had a relatively small number of domain-

[email protected] (T. Kostic)8 specific data types defined and also a small number of
[email protected] (O. Preiss)8 [email protected]

types of application communications services. Fur-
(C. Frei). thermore, the data types were comparably simple and
0920-5489/$ - see front matter D 2004 Elsevier B.V. All rights reserved.
doi:10.1016/j.csi.2004.09.008
680 T. Kostic et al. / Computer Standards & Interfaces 27 (2005) 679–695
close to what software programmers would call
primitive data types. The mapping of the application
data items to underlying communications stacks was
also rather straightforward, not at last because the
standards usually defined all or the required layers1 of
a communications stack on their own.
This simplicity, however, has turned into com-
plexity. The complexity has a number of reasons. (a)
Structurally much more complex pieces of informa-
tion shall be exchanged. (b) More elaborate com-
munications services are realised through the
adoption of communications techniques and service
models that were introduced in standard information
technology (IT). For example, this includes commu-
nications techniques based on confirmed and uncon-
firmed services, elaborate event models, security
services, transaction support, remote procedure calls,
etc. (c) It is desirable that the communications
standards can make use of existing communications
layers or profiles (such as Ethernet for physical and
link layer, IP and TCP for network and transport
layer, etc.).
However, these more complex pieces of infor-
mation and more complex types of services are still
constrained by the soft real-time nature of the
industrial control applications. Thus, the mix of
domain-specific requirements with the reuse of
standard IT approaches and technologies leads to
big, complex standards with many implicit and
explicit dependencies among parts of such a stand-
ard. It is typically the case that such domain-
specific protocol standards are defined by domain
experts who, while experts in their domain, have
limited knowledge about IT-related methods and
practices to rigorously specify data and other
models. Consequently, the standards contain a lot
of implicit domain knowledge, which is hardly
accessible to software engineers. This is for two
reasons: first, the domain-specific concepts and
connotations of the vocabulary are not known and
leave a lot of room for interpretation and therefore
also for the conceptual mapping to software con-
cepts; second, the lack of preciseness in the (natural
language) representation does not constrain the
1
Layers in the sense of the seven-layer model of the ISO/IEC
7498 [9].
interpretation space. After all, we should not forget
that it is the software engineers who are to
understand the standard so as to develop standard’s
compliant software.
The IEC 61850 standard [1], which deals with
different aspects of communications in substations of
electrical power networks, is not an exception to the
picture painted in the previous paragraph. Content-
wise and related to the topic of a communications
protocol, the standard specifies three aspects, which
are relevant for the software to be developed by
vendors of substation automation equipment: (1) a
comprehensive data model (the bwhatQ); (2) the
communication services to access and exchange data
(the bhowQ); and (3) the substation configuration
language (SCL), a formal way to describe how
individual devices are configured; that is, what data
and services they are supposed to be supporting. The
goal of the standard is to facilitate integration and
inter-operability of different devices when building
new or refurbishing old substations with automation
equipment.
Albeit hugely complex, a notable contribution of
the standard is its elaborate compilation of data items
that can be transferred among communicating sub-
station equipment. We call this compilation the bdata
modelQ. It reflects the semantics of the application
domain (substation automation), as opposed to a
simple syntax. However, apart from the SCL, which
is specified as a W3C XML Schema, all the normative
specifications are natural language texts largely
structured by means of tables. Some tables and
elements of tables may have explicit references to
other tables and elements (see left side of Fig. 12), but
quite often there are no explicit links. In the latter
case, the reader is assumed to understand the
substation automation domain, which would help
him to consider implicit relationships when appro-
priate. One really has to be domain expert to under-
stand what was meant with, for instance, the attribute
A in the table T1 in one part of the standard, and what
is its relationship to the (same or not?) attribute A in
the table T23 in another part of the standard. This
2
Note that the figure has mnemonic value only; that is, the reader
is not assumed to read the figure contents in detail but understand
our high level objective: tables vs. UML.
 T. Kostic et al. / Computer Standards & Interfaces 27 (2005) 679–695
Fig. 1. Objective: Make the references defined in IEC 61850 tables (left) explicit and rigorous (right).
situation is problematic because we are talking about
more than 150 tables distributed over more than 600
pages in five different documents.
In our opinion, there are three main categories of
problems within the standard, as it is defined now:
(1) During its definition, we suspect the lack of an
explicit bdesignQ phase, which would have
introduced a solid conceptual foundation (pre-
cisely defined concepts and concept relation-
ships, modelling terminology) on which the
remaining parts of the standards could have
built their precise models.
(2) Although it would be highly favourable and
natural to clearly separate the application data
model and communications concerns (e.g.,
related to efficiency), it is not fully achieved in
the standard. Hence, the application data model is
bclutteredQ with concepts that relate to commu-
nications—rather than application data issues.
(3) While SCL is the only part of the standard
normatively defined in a machine processable
way (W3C XML Schema), it does introduce its
own concepts, which are partly inconsistent or
redundant to concepts specified in the other
normative parts of the standard. Consequently, a
mapping is needed within the standard itself in
order to maintain consistency between the con-
figuration language concepts and concepts of the
data or service models of the core standard.
681
To circumvent the first point above, we propose an
original, formal data type model using four levels and
being expressed in UML [2]. This is the main topic of
this paper. Our meta-model cannot eliminate the
coupling of data and communications (cf. point 2),
but it can at least localise it precisely. While we have
addressed the third deficiency in our work, it is out of
scope for this writing (and would deserve a paper on
its own).
We have developed a formal UML model [3] in
Rational Rose, which contains the full specification of
both the data and the communications models. In the
rest of this paper, we will refer to this model as bthe
UML ModelQ. We believe that such a formal model
already contributes to some of our goals:
! It makes the standard accessible to software
engineers, who are literate in UML. They need
not know much about the application domain.
! It allows for the leverage that CASE tool support
can provide, not only in the support of consistency
checking or for controlled extensions, but also in
automatic natural language documentation or even
code generation.
The rest of the paper is structured as follows. In
Sections 2 and 3, we introduce the application domain
and the basic concepts of the standard, respectively.
This should be enough to follow and appreciate the
main discussion and contribution of this paper—the
682 T. Kostic et al. / Computer Standards & Interfaces 27 (2005) 679–695
data type model—being presented in detail in Section
4. Section 5 summarises the benefits of the more
rigorous approach before Section 6 concludes the
paper.
2. The application domain
Electric power networks (power grids) are respon-
sible to transport energy from generation sites to
end-consumers, such as individual households or
larger organisations. The nodes in such a network are
called substations and take over the voltage trans-
formation and/or the routing of energy flow by
means of the installed switchgear (e.g., transformers,
circuit breakers). Substations are controlled by
Substation Automation Systems (SAS), which are
composed of all the electronic equipment that
continuously control, monitor, and protect the net-
work and its high voltage equipment, so as to avoid
unplanned network outages.
An SAS can be classified as a distributed soft real-
time system and represents one possible type of data
acquisition and process control system. It is usually
composed of 20–100 Intelligent Electronic Devices
(IED) which are connected by a high-speed commu-
nications network with possibly routers and gateways.
Any device that can run executable code and provides
a data communications interface would classify as an
IED (e.g., an intelligent sensor, an embedded device, a
programmable controller, a workstation PC, etc.).
While some real-time critical functions are executed
more or less autonomously on a single IED, other
functions are realised in distributed manner over many
IEDs.
3. The IEC 61850 standard
The IEC 61850 set of documents [1] is divided into
10 parts (Parts 1–10), but content-wise, circles around
five major topics, where all but the functional model
have a normative character:
! Functional modelling: a functional model of the
SA domain is conceived, but is mainly used to
derive the quality of service requirements on the
communications system (standard’s Part 5). How-
ever, it implicitly documents the authors’ thinking,
i.e., their conceptualisation of the relevant aspects
of the SA domain.
! Data modelling: a data model for SAS is defined. It
defines the syntax (naming scheme) and semantics
of the application level data that can be exchanged
in SA systems (Parts 7-2, 7-3 and 7-4).
! Communication service modelling: a communica-
tions service model defines the different ways of
accessing data of IEDs (Part 7-2).
! Communications protocol stacks: the communica-
tion services and data models are mapped to
concrete data communications protocol stacks
(Parts 8 and 9).
! SAS engineering and testing: a W3C XML based
Substation Configuration Language (SCL, Part 6)
is defined to describe the substation and the
automation system topology, as well as the
communications-relevant configuration data of
IEDs. Part 10 describes the recommended con-
formance testing for IEC 61850 compliance.
The most important contents of the standard, which
is applicable to this paper, are found in its Parts 7-x.
However, we need to introduce some few basic
concepts found in other parts of the standard.
3.1. The basic IEC 61850 concepts
The standard implicitly introduced a terminology
that we conceptualised and explain with the help of
Figs. 2 and 3. We will only briefly visit those
concepts that are relevant to the discussion in this
paper. More details on the standard can be found in
the standard’s documentation set, as well as in the
UML Model itself.
The functionality of a substation automation
system is described by a blogical systemQ that is
comprised of the set of functions that operate in the
substation environment. This is seen on the left
branch of the conceptual model in Fig. 23. Functions
can be thought of as high-level system operations,
e.g., bopen a high voltage switch (called breaker) to
3
The role annotations of associations are used to support the
reading of the conceptual diagram; for example, a Function is
b+distributed overQ 1. . .n Physical Devices.
 T. Kostic et al. / Computer Standards & Interfaces 27 (2005) 679–695
Fig. 2. Conceptual model of the key terms used in the IEC 61850.
Fig. 3. An SA function is realised by a set of collaborating LNs
distributed over IEDs.
683
de-energise an overhead lineQ. Functions are con-
ceptually realised by (collaborations of) primitive,
atomic functional building blocks, the so-called
Logical Nodes (LN). The standard identifies some
90 predefined types of logical nodes in Part 7-4. The
physical configuration of an SAS is modelled as a
distributed system of interconnected devices, typi-
cally IEDs (right branch of Fig. 2). A certain SAS
function is considered distributed, if it is realised
through the deployment of its collaborating LNs to
two or more IEDs (see also Fig. 3, where Function
XYZ is realised by four LNs). LNs are logically
connected by the concept of a Logical Connection
(LC). In software architectural terms, an LC repre-
sents the connector between LNs; that is, it models a
communication association and thus abstracts the
protocol of interaction between two LNs [4]. The
abstract communications services are defined for
LNs in Part 7-2 through the envisioned types of
LCs.
684 T. Kostic et al. / Computer Standards & Interfaces 27 (2005) 679–695

The application data, which is exchanged over LCs
through the defined types of communications serv-
ices, is modeled and described by the concept of a
Data Object (DO). Hence, it is the LNs that have
abstract communications services specified and that
contain Data Objects, which they can make available
as part of a data exchange. A Data Object defines the
structure and the semantics of the exchanged data
items in the form of a well-specified, domain specific,
abstract data types. The standard defines about 30
specific types of DOs. These predefined types are
generally called Common Data Classes (CDC) and
are described in Part 7-3.
For easier understanding, Fig. 3 depicts an instance
diagram with a fictitious usage of the concepts as
shown in Fig. 2. Theoretically, the components of the
logical system have no predefined allocation to the
components of the physical system; that is, LNs may
be distributed in any way and thus are not bound to
certain types of IEDs. Practically however, the
performance-related requirements together with the
limited physical resources (network band width,
processing power) constrain the number of feasible
mapping scenarios.
In summary, the IEC 61850 models described
above result in (a) a logical network, composed of
logically connected functional units and (b) a physical
network, composed of physically connected devices.
! LLN0, Logical Node Zero, for accessing data that
is relevant for any Logical Device, as discussed
later in Section 3.3.
All other defined LNs are relevant to the SA
application domain and its functionality. They are
called Domain Logical Nodes and are divided into 12
groups. However, with the exception of the defined
LN naming scheme (i.e., the first letter in the four-
letter LN acronym indicates the LN’s group, such as P
for Protection LNs), the LN grouping is used
informally only. In other words, it is a semantically
useful grouping, but there are no distinct properties
for the specific groups that would distinguish LN
members as belonging to this or the other group.
3.2.1. A concrete example
Almost all functions are realised by at least three
LNs: one LN for the core functionality (bthe business
logicQ), one for the process interface (i.e., the interface
to the substation high voltage equipment), and one for
the HMI-related part. We show in Fig. 4 an example
taken from Ref. [5], which realises three use cases.
The schematically depicted high voltage equipment

3.2. Logical nodes

The most prominent concept in the standard is that

of a Logical Node (LN). As mentioned earlier, it
conceptualises a standardised atomic functional build-
ing block from which applications are constructed.
Hence, each application function is conceptually
realised by, or composed of, a set of non-exclusive
LNs. The set is non-exclusive in the sense that the
same LN (class and instance) may be a part of the
realisation of different functions. LNs are the fulcrum
point for integrating the functional model with the
data model and the communications service model, as
will be discussed later in the context of Fig. 11.
There are two specific infrastructure LNs:

! LPHD, Physical Device Logical Node, for access-

ing data that is related to the physical condition
(the hardware) of an IED, and, Fig. 4. A simple protection and measurement example.
 T. Kostic et al. / Computer Standards & Interfaces 27 (2005) 679–695
(circuit breaker Q0, current and voltage measurement
transformers T1 and T2) is the relevant part of a
substation to energise the overhead line to city X. The
SAS equipment consists of two physical devices:
IED1 and IED2. IED1 is a device similar to a
programmable logic controller. It is connected to
IED2, a PC, via a LAN-type physical connection.
IED1 and IED2 host seven and two instances of
Logical Nodes, respectively. The LNs XCBR, TCTR,
and TVTR realise proxies of the physical equipment
(thus, their dependency association to the respective
switchgear), the LN IHMI realises the visualisation,
and the other LNs realise the specific business logic.
The example use cases are as follows:
(1) Display of operational measurements: The
operational values of the overhead line, actual
current in Ampere and actual voltage in Volt,
must be displayed for operators. This use case is
realised through LN instances TCTR-MMXU-
IHMI (for current), and TVTR-MMXU-IHMI
(for voltage).
(2) Over-current protection for the overhead line: If
the measured current exceeds an adjustable limit
the corresponding circuit breaker (Q0) needs to
be opened. This is realised by the collaboration
of TCTR-PIOC-CSWI-XCBR, whereby POIC
encapsulates the measurement detection logic
and CSWI the control logic for the circuit
breaker activation.
(3) Revenue metering: The line measurements must
be used for metering purpose (e.g., to do billing
for city X). Metered values shall continuously be
stored in 1-min intervals, but displayed to the
Fig. 5. A conceptual model of the client–server model defined in Part 7.
685
operator on request. The use case is realised by
the collaboration of TCTR-MMTR-IARC-IHMI.
3.3. Communications service model
Fundamentally, the data communications model of
the IEC 61850 assumes a domain data type model
(discussed in Chapter 4 and illustrated by LNs in the
above discussion), and a relatively independent
communications service model that we briefly intro-
duce here. While the data model defines the semantics
and syntax of all the data that can possibly be
communicated within an SAS, the communication
services define how to obtain such defined data from
IEDs.
Part 7-2 of the standard details the Abstract
Communications Service Interface (ACSI), which
models a set of communications services that an
IEC 61850 compliant IED has to support. In general,
Part 7 (7-1. . .7-4) assumes client–server architecture
for the SA communications infrastructure, where an
IED provides one or more (ACSI) servers (see Fig. 5).
A client will therefore gain access to the defined data
of LNs through the ACSI services supported by the
ACSI server. Conceptually, an IED contains one or
more ACSI servers, each of which contains a number
of Logical Devices, each of which contains a number
of Logical Nodes, which themselves finally contain
the Data.
If the ACSI server were seen as a black-box
component, one could represent an IED with its ACSI
servers and the supported services as in Fig. 6. Every
defined service group would map to a service inter-
face with its defined set of services.
686 T. Kostic et al. / Computer Standards & Interfaces 27 (2005) 679–695

terminology which are still present in the final

versions of the document.
We introduce the following four levels (see Fig. 7):

– Meta-Meta Model: It deals with the very generic

Fig. 6. The communications services of an ASCI server hosted by
an IED.
– Meta Model: This level describes all the basic but
3.4. Summary
In Section 3, we presented only as much about LNs
as needed to understand their relevance with respect to
functions and (very briefly) with respect to the
communications services model.
Section 4 will now discuss LNs and their relevance
in the data type model.
issues that the standard implicitly assumes. For
instance, in many places the editors of the standard
want to express that the data at hand can be
composed of other data; that is, data can be
complex or primitive. Complex means that it is
composed of other data, i.e., supports levels of
nesting. Primitive means that no further decom-
position is possible.
still abstract concepts and the relationships among
the concepts that were specifically introduced for
the standard. For instance, it defines that any LN
has a number of data attributes, so called Data.
However, it does not say what the specific LNs are
and thus what the specific Data for these LNs are.
The meta-model can serve as a basis to enforce
rules that are relevant for every instance of a meta-
model concept. In general, the definitions at this
level are not even application domain specific, but
could be used for any other application domain

4. Data type model

The data communications model of the IEC

61850 relies on a domain data type model that
defines the semantics and syntax of all the data that
can possibly be communicated within an SAS. The
data model suggested in the standard is not easy to
understand. This is partly due to the inconsistent
terminology and partly due to the fact that there seem
to be implicit underlying data models (let us call it
meta-models or conceptual ideas) that would rather
have been made explicit to improve the reader’s
understanding.
To make up for this deficiency, we present an
original approach to explaining the data model of the
IEC 61850. It employs four conceptual levels. A
fashionable term for this approach is Meta-modelling,
i.e., models of models, or models to create models. By
presenting it this way, we hope to not only improve
the accessibility of the introduced data model but also
to make explicit the causes of much confusion, which
stems from inconsistent definitions and use of Fig. 7. Levels of meta-models in IEC 61850.
 T. Kostic et al. / Computer Standards & Interfaces 27 (2005) 679–695
Fig. 8. Example of meta-modelling structure for the case of two
PIOC LN instances.
that tried to define data models for distributed
systems.
– Domain Type Model: On this level the concepts of
the Meta Model are made concrete. That is, here
we find the named list of defined, SA specific,
LNs, Data, etc. It is here where the rich set of
domain specific data knowledge and normative
definitions are found. The domain type model must
make clear what the semantically interesting
information is and how it is represented and
organised.
– Data Instance Model: For a concrete instance of
an IED, the data instance model shows how
many instances of what domain data type are
present on a certain IED and how these instances
are named.
As in any meta-modelling structure, every entity
on a certain level is an instance of its corresponding
entity on the next higher level. For example,
consider Fig. 8: a Data Instance Model contains a
specific IED (called IED1_StationX) with two
instances (PIOC1 and PIOC2) of the defined
protection LN called PIOC (Domain Type Model),
which in turn is an instance of the concept of a
Logical Node (in the Meta Model); that is, it follows
all the rules and relationships defined for a LN. The
687
latter is again just an instance of a Complex Data
Type defined in the Meta-Meta Model.
4.1. The Meta-Meta Model
Implicit in the data modelling approach is the wish
to express the construction of data types in the OO or
abstract data type fashion. In essence, several parts of
the Meta Model rely on the composition/nesting of
data types. Because this is not made explicit and the
terms such as members, attributes, properties, or
classes are limited, the editors of the various parts of
the standard have tried to express their desire of
describing complex data types with, sometimes,
awkward name creations. For instance, a bLogical
Node Class Data ClassQ refers to the same modelling
desire as a bCommon Data Class Data AttributeQ,
namely to model complex data types as a composite
of data attributes. Thus, instead of defining a meta-
model (or Meta-Meta Model as in Fig. 9), every Part
of the standard defines such a generic construct with
its own invented terminology.
Thus, the basic and implicit model for all data
modelling activities is one similar to Fig. 9. The
Meta-Meta Model is very simple and represents an
application of Composite pattern to our problem. It
expresses that a data type (bComponentQ) is either
complex (bCompositeQ) or primitive (bLeafQ). A
complex data type is built from other data types;
that is, it is composed of several data attributes and
thus supports nesting. The contained data attributes
can be complex (further nesting) or primitive. For
some complex data types, the standard specifies a
fixed number of nesting levels. The IEC 61850 data
model is built from a few primitive data types (the
so-called Basic Types, see later in the Meta Model)
and consequently, every complex data type must at
the end bunfoldQ as a collection of primitive data
types.
Fig. 9. Meta-Meta Model of the IEC 61850 data model.
688 T. Kostic et al. / Computer Standards & Interfaces 27 (2005) 679–695
Fig. 10. The Meta Model of the data model of IEC 61850.
4.2. The Meta Model
The complexity of the data type model of IEC
61850 and, consequently, a difficulty in understanding
it, stem from three sources:
(1) A meta-modelling approach was not introduced
in the IEC 61850 data model from the very
beginning. Therefore, helper constructs such as
the CommonXXX types were created over time
to provide a path to the domain types while still
trying to keep the conceptual idea (Logical
Nodes, Data, etc.) intact.
(2) Although the standard’s explanations of the
data model (and the standard in general)
employ the notion of object orientation and
particularly inheritance in several places, what
usually is meant is either a composite type or
subtype construct.
(3) A separation of communications and data
model concerns was not fully achieved (see
Section 4.3.2).
In this section, we address a solution to the first
two points above, by proposing a Meta Model that
(we believe) facilitates the understanding of the
overall data type system of the standard. The
separation of communications and data models (point
3) cannot be eliminated, because this is normatively
defined. We do, however, reflect this fact with the
corresponding constructs in the Meta Model.
The construction of the Meta Model relies on a
repeated application (or instantiation) of the Meta-
Meta Model. It introduces essentially three levels of
data refinement as depicted in Fig. 10.4
– A Logical Node contains one or more Data. Each
Data is one of the defined Common Data Classes
(CDC). The latter is the lead over to the Domain
4
We have defined the Meta Model in the same UML model file,
which contains the bnon-metaQ concepts with the same name. To
avoid naming clashes, the meta-types have a name with the prefix
bmQ.
 T. Kostic et al. / Computer Standards & Interfaces 27 (2005) 679–695
Fig. 11. A selection of the standardised domain-specific Logical Nodes shown as an excerpt of the UML model.
Type Model in that the CDCs stand for the set of
normatively defined and commonly reused Data in
the Domain Type Model.
– A Data is composed of individual Data Attributes.
Each Data Attribute is unfortunately not just one of
any of the defined DATypes (standing for Data
Attribute Type), but one of the many FCDATypes
(standing for Functionally Constrained Data
Attribute Types5). They reflect the non-separation
of communications and data model concerns,
introduced by definition of optionally up to two
Trigger Options (TrgOp) and a mandatory Func-
tional Constraint (FC).
– The basic types to create FCDATypes are the
selected (primitive) Basic Types and complex
types created from them. They are all referred to
as DATypes6. The complex data types are either
those defined in Part 7-3 as Common Data
Attribute Types or those defined in Part 7-2 as
Common ACSI Types.
5
This is one more example of an unfortunate naming: with
respect to what this type is used for, it should have been
Functionally Constrained Data Attribute, or FCDataAttribute (i.e.,
without bTypeQ suffix).
6
With respect to what this type is used for, a more appropriate
name would have been simply DataAttribute, instead of DAType
(i.e., without the bTypeQ suffix).
689
In summary however, every Data of a Logical Node
is finally a composite of Basic Types (which, without
doubt, follows tricky rules for its composition).
4.3. The domain type model
The SA domain semantics is captured through (a)
the predefined set of Logical Nodes and their Data, (b)
the set of predefined Common Data Classes and their
construction in terms of (c) the set of defined
DATypes (which in our case subsumes all construc-
tions of FCDATypes). All this is covered in Parts 7-4,
7-3, and 7-2 of the standard.
4.3.1. Logical nodes and common data classes
The domain type model defines 89 types of
Logical Nodes (plus LLN0 and LPHD), which belong
to one of the 12 defined LN groups (LLN0 and LPHD
belong to a 13th group). Fig. 11 shows some LN
groups and the concrete Logical Nodes they contain.
In addition, dependencies on the functional require-
ments for Logical Nodes (Part 5 of the standard) are
explicitly shown.
Fig. 12 gives an example of the small LN GroupX
with one of its two LNs: XCBR. An LN is depicted
with its named attributes such as, for instance,
MaxOpCap. These attributes are either optional
(cardinality 0..1), or mandatory attributes (those found
in the attribute compartments of the class boxes). The
690 T. Kostic et al. / Computer Standards & Interfaces 27 (2005) 679–695

Fig. 12. Domain LN GroupX with one of its LNs and their data.

named attributes of an LN, in other words its Data, are
the named instances of CDCs (see the meta-model in
Fig. 10 and some defined types of CDCs in the
domain type model of Fig. 13). For every concrete LN
of the domain type model, the standard defines up to
41 Data instances, of which some are mandatory and
some are optional. All together, there are about 500
defined Data. Note that it is only the name of a Data
and perhaps the context, i.e., the type of LN that
determines its domain specific semantics.
In general, the defined CDCs and their construction
can be viewed as the underlying standardised generic
type system. The type system is generic in the sense
that it would not only be applicable to many power
system applications, but also in the sense that it
provides the basic types for defining domain specific
Data. Fig. 13 depicts some out of the 29 Common
Data Classes defined explicitly in the standard, as well
as (again) 29 specialisations, which are only implicit
in the standard, but explicitly specified in the UML
Model. Those specialisations are due to enumerations
(26) and to the btransientQ property for three CDCs.
The specialised CDCs are easy to recognise, since
their names are longer than three characters.
Although the CDCs are divided into categories
(StatusCtl, AnalogueInfo, etc.), it needs to be noted
that the relation of a specific Data name to CDC type
is not unique! For instance, depending on the
invocation context (i.e., the communication service
invoked on an instance name), the named Data bAmpQ
(current) could be an instance of CDC type Measured
Value (bMVQ) or type Sampled Value (bSAVQ).

Fig. 13. A model excerpt with a selection of standardised domain-specific Common Data Classes.
 T. Kostic et al. / Computer Standards & Interfaces 27 (2005) 679–695
In general, a Data is composed of bData
AttributesQ (see again the meta-model in Fig. 10).
However, these data attributes are complexly con-
structed data types (the aforementioned FCDATypes,
that are discussed in Section 4.3.2 below). Fig. 14
shows the specification of the Common Data Class
SPS (single point status) in terms of its constituent,
optional (like subEna, etc.) or mandatory data
attributes (such as stVal, q, t). The permissible types
for these data attributes are the defined FCDATypes
(e.g., BOOLEAN_SV for subEna).
4.3.2. FCDATypes
FCDATypes are based on the three DATypes (see
again the meta-model in Fig. 10): Common Data
Attribute Type, Common ACSI Type and Basic Type.
Conceptually, an FDCAType could be seen as an
extension (or subtype) of one of the DATypes. The
extension would then consist of defining a mandatory
Functional Constraint (FC) and up to two optional
Triggering Options (TrgOp). However, some FCs
really constrain the bnormalQ functionality of
DATypes, such as bdisablingQ some DATypes services.
This prevents one from concretely defining FCDA-
Types as extensions (subtypes) of DATypes—they
must be defined as composition. In OO terms, this
corresponds to the idiom busing delegation instead of
inheritanceQ. Fig. 15 gives a selection of those
Fig. 14. The SPS Common Data Class in more detail.
691
FCDATypes that are based on Common Data Attribute
Types. The UML Model contains more such diagrams,
which define FCDATypes based on all the other
DATypes, namely, Common ACSI Types and Basic
Types (including enumerations). Note that the FCDA-
Types are not explicitly (normatively) defined in the
standard. The type naming convention that we used is
as follows: DAType_FC[_TrgOp1[_TrgOp2]]. A con-
crete example from Fig. 15 is Vector_MX_dchg_dupd,
where DAType=Vector, FC=MX, TrgOp1=dchg and
TrgOp2=dupd.
The definition of FCDATypes in terms of TrgOp
and FC, in addition to DATypes, causes a tight
coupling between communications and data type
models. Both TrgOp and FC represent a semantic hint
for some services (mentioned in Section 3.3). FC, in
addition, restricts DATypes with respect to services that
are applicable to it. In a general case, according to the
current specifications in the standard, it is impossible to
use any of services directly, i.e., to say, for example,
that all the services of Data apply to an FCDAType with
a given FC. In other words, a FC must bcarryQ
somewhat strange combinations of methods from
different services. This is the reason for representing
each FC as an interface with appropriate combination
of services, according to the specification in Part 7-3.
The above discussion should be a sufficient
illustration on how awkward the FDCAType concept
692 T. Kostic et al. / Computer Standards & Interfaces 27 (2005) 679–695

Fig. 15. A selection of FCDATypes based on Common Data Attribute Types (excerpt of the UML model).

is, and how tight is the coupling with communications
services on the level of domain data types.
4.3.3. DATypes
An FCDAType is based on DATypes, Data Attribute
Types (see again the meta-model in Fig. 10). A DAType
may be one of the defined (primitive) Basic Types, or a
complex type that is composed of Basic Types. Such
complex types are defined as Common Data Attribute
Types in Part 7-3 or as Common ACSI Types in Part 7-
2. Basic Types are also defined in Part 7-2. These
different sub-types of DAType have been introduced in
the standard at the place of their definition (Part 7-2 or
7-3), to be able to bformally nameQ an additional set of
types. In our opinion, it would be sufficient to
distinguish between Basic Types, which are primitive
(e.g., BOOLEAN, INT8, FLOAT32, ENUMER-
ATED), and the complex DATypes (see Fig. 16), along
the line of the Meta-Meta Model in Fig. 7.
The standard introduces ENUMERATED as an
abstract type for enumerations, but it does not
normatively define concrete ENUMERATED types.
This results in ambiguous informal definitions (e.g.,
enumerations that have no type names, or that have no

Fig. 16. A selection of Common Data Attribute Types.

 T. Kostic et al. / Computer Standards & Interfaces 27 (2005) 679–695
attribute values) throughout all the Parts 7-2, 7-3 and 7-
4. As an attempt to reinforce the formality in type
definitions, the UML Model defines the enumerations
explicitly. For example, bUnitQ in Fig. 16 has the
mandatory attribute bSIUnitQ and the optional attribute
bmultiplierQ. Their types are bSIUnitsQ and bMultiplierQ,
respectively, and both are typed enumerations.
5. Benefits
The deduction of the Meta Model (level 2) from
the specifications in Parts 7-4, 7-3 and 7-2 of the IEC
61850, and then the definition of the Domain Type
Model (level 3) in the UML Model revealed a number
of inconsistencies in the current standard’s documen-
tation set. For instance, since 2002, when we started to
model early drafts the IEC 61850 standard, we were
able to identify many inconsistencies and problems.
Over a hundred comments were sent to the IEC 61850
authors. Some of them were incorporated bas isQ in the
standard, while others triggered discussions and
clarifications, and again others were not considered
at all.
We have used some parts of the UML Model to
implement a prototype tool [6], which converts some
parts of the IEC 61850 model into another electrical
utility related data model: CIM, standing for Common
Information Model. CIM has recently been published
as one part of the IEC standard 61970 [7]. The
prototype tool development was realised by computer
scientists, which had no previous domain knowledge,
neither on substations, their devices and communica-
tions, nor about electrical networks in general
(covered by CIM). In that context, the Meta Model
and the Domain Type Model, both realised in the
UML Model, proved extremely useful.
Another use of the UML Model has been to
automatically generate text documentation of Part 7-4
of the IEC 61850, which is almost identical to the
format of the original MS Word documents. The big
difference is, however, that in the automatically
generated version the table entries are absolutely
consistent. For this purpose, we have used another
Rational tool, SoDA, to develop a highly customised
template and to autogenerate the Part 7-4 bcloneQ
directly from the UML Model. We have submitted the
resulting document to the IEC editors, as a demon-
693
stration of what can be done with a formal model and
appropriate tools. By this, we hope to stir discussions
that would consider making the UML Model an
integral part of the standard or one of its next releases.
We think that further benefits arise in the development
and the maintenance of the standard as well as in the
use of it. In particular, we would like to stress the
following points, taken from Ref. [8]:
5.1. CASE tool support
The rigorous UML model, maintained with a CASE
tool, inherently provides consistency with respect to
the defined bvocabularyQ (concepts and concept
relationships). Based on this, tools may then provide
a wealth of features such as pop-up menus to select
available types, support propagation of changes, etc. It
is also easy to display for a specific type all the
attributes (inherited or not), operations, associations
and their cardinalities. This facilitates checking of the
logical correctness of the type definition. The possi-
bility to selectively display the model elements of
interest on a class diagram allows one to create
complex diagrams, such as the full version of what is
depicted in Fig. 14, while keeping their partial display
manageable. CASE tools can usually provide comple-
mentary views of the model on the same screen. For
instance, UML diagrams, the model browser, and the
model element documentation may appear simulta-
neously. Consequently, it is easy to navigate between a
UML model element in the browser and its representa-
tion in a class diagram, while still having informal,
textual annotations of the selected element. Providing
the same level of checking and comfort for the informal
definitions based on text documents, even with an
elaborate hyperlinking scheme, is almost impossible.
5.2. Model maintenance and extensions
The formal model makes the model maintenance
easier. It allows for consistent modifications from one
version of the standard to another. For instance, if a
type name is to be changed, it is done and potentially
documented at one place within the model. This
supports impact analysis and regression testing of
planned modifications. Contrast this to the changes
necessary at several places in at least three documents
in the standard and the subsequent activities to assess
694 T. Kostic et al. / Computer Standards & Interfaces 27 (2005) 679–695
further implications. A further argument for the UML
model is the ease for programmers to extend the
model with potential private, vendor specific exten-
sions while preserving the compliance with the
standard and its base model.
5.3. Code and documentation generation
UML models can be used for code generation,
which includes the direct use of inheritance relation-
ships defined in the model. CASE tools also usually
support roundtrip engineering. Both features facilitate
the developers’ tasks. Finally, the model documenta-
tion and, if needed, the code documentation can be
automatically generated from the same model. For
instance, with the use of advanced documentation
plug-ins, we were able to reproduce the text and table
look of the standard from the UML model. Moreover,
other representations can be produced automatically,
such as W3C XML (with some limitations obviously)
or RDF schemas for data serialisation.
5.4. Formal data mappings or conversions to other
standards
The devices and applications, which implement the
IEC 61850 specification, are not restricted to the
substation automation domain. They have to inter-
operate with systems and applications in the entire
electric utility environment. In that sense, they do not
only communicate with each other within a substa-
tion, but also with network control centres or even
back-office applications. The UML model allows one
to specify mappings to other existing UML models in
a formal way. An example of such a mapping of the
proposed UML Model for the IEC 61850 was our
mapping to CIM (Common Information Model).
Details can be found in Ref. [6]. CIM specifies a
data model as part of an IEC standard [7] for electrical
network control centres. Another mapping of the data
model is that to lower communication layers. For
instance, the UML model of the IEC 61850 should
also facilitate a formal mapping to the Manufacturing
Messaging Specification (MMS [9]). MMS is indeed
one of defined application layer protocols defined in
the IEC 61850. Hence, the standard defines appro-
priate communications mappings in Part 8-1, but
again in text-and-table fashion.
6. Conclusions and outlook
All of the abovementioned points show potential
benefits of having the IEC 61850 standard itself
specified formally: (1) with a tool, (2) in a standard
modelling language, and (3) in an electronically
processable format. We have presented how an
informal btext-and-tableQ definition of the IEC 61850
data communications standard can be formally mod-
elled using meta-modelling approach and the UML.
Besides facilitating human comprehension, the bene-
fits of such a formalisation are numerous and take
advantage of the power of CASE tools. Such tools
support easy navigation in the model, validation
(typically, unknown classes will be identified imme-
diately), and consistent maintenance (which is prob-
ably the hardest to meet with standards provided in
text-and-table form). Moreover, software code (at least
the skeleton, including the profile of the methods) can
be generated automatically, thereby reducing the effort
of developers and avoiding mistakes. Additionally, for
those not familiar with UML CASE tools, text
documentation can be generated automatically too,
and be it in a stylish text-and-table format, if so
expected by domain experts.
Our hope is that, similar to what has been done
with CIM and its UML model, some of the future
revisions of IEC 61850 will adopt this kind of
approach, i.e., to have a formal model included at
least for the data specification part. This would
certainly facilitate the acceptance and speed up the
market penetration of compliant devices.
Acknowledgements
The authors would like to express their gratitude to
the anonymous reviewers of this paper. Their feedback
was well to the point and improved the final result.
References
[1] IEC-TC57-WG10/11/12, Communications Networks and Sys-
tems in Substations, International Electrotechnical Commission,
Geneva, International Standard IEC 61850-1..10, 2003.
[2] G. Booch, I. Jacobson, J. Rumbaugh, OMG Unified Modeling
Language Specification, Version 2.0, Object Management
Group, Specification, 2003.
 T. Kostic et al. / Computer Standards & Interfaces 27 (2005) 679–695
[3] T. Kostic, O. Preiss, IEC 61850 UML Model, Rational Rose
model file, IEC61850_May2004.mdl, v.6, ed. Daettwil: ABB
Switzerland Corporate Research, May 2004 (contact the
authors).
[4] M. Shaw, R. DeLine, G. Zelesnik, Abstractions and Imple-
mentations for Architectural Connections, Proceedings of the
Third International Conference on Configurable Distributed
Systems, 1996.
[5] O. Preiss, A. Wegmann, Towards a composition model problem
based on IEC61850, in: The Journal of Systems and Software,
vol. 65/3, Elsevier Science, 2003, pp. 227 – 236.
[6] T. Kostic, O. Preiss, C. Frei, Towards the formal integration
of two upcoming standards: IEC 61970 and IEC 61850, Proc.
of 2003 LESCOPE Conference, Montreal, May 7–9, 2003,
pp. 24 – 29.
[7] IEC-TC57-WG13, Energy management system application
programming interface (EMS API)—Part 301: Common
Information Model (CIM) Base, International Electrotechnical
Commission, Geneva, International Standard IEC 61970-301,
2003.
[8] O. Preiss, T. Kostic, C. Frei, Data communications standards: a
case for the UML, To be Presented at UML 2004 Conference,
Lisbon, Portugal, October 11–15, 2004.
[9] ISO 9506-1 and ISO 9506-2: Industrial automation systems—
Manufacturing Message Specification; first edition, 2000-08-15.
Tatjana (Tanja) Kostic holds a diploma
and an MSc in Electrical Engineering from
the University of Belgrade, Yugoslavia, and
the Dr. ès Sc. Techn. degree from the Swiss
Federal Institute of Technology (EPFL),
Lausanne, Switzerland. After her post doc
year with Mitsubishi Electric, Amagasaki,
Japan, she joined ABB Corporate Research
in Switzerland in June 1999, where she is
currently working as a principal scientist in
the Utility Solutions group. Her research
interests include IT applications for power system operation and for
utility asset management, standardised utility domain models,
object-oriented analysis and design, and artificial intelligence. She
is a member of the IEEE PES and Computer societies, of the ACM,
a working member of the Cigré WG C2.01, and an IEC expert in
TC57 WG14.
695
Otto Preiss holds a B.Sc. in Electrical
Engineering (FH Aargau, Switzerland), an
MSc in Computer Science (University of
Colorado at Boulder), and the Dr. ès
Sciences degree from the Swiss Federal
Institute of Technology in Lausanne
(EPFL), Switzerland. He has worked for
more than 10 years in the area of distributed
systems, mainly in the application domains
of data acquisition and process control for
power systems. Otto held different posi-
tions in development, engineering, commissioning, and product
management. Before he joined ABB Corporate Research in May
1998 he was heading ABB Power Automation’s R&D department
for product and system development of substation automation and
protection systems. He is currently program manager of the Power
T&D Applications research program within ABB group.
Christian Frei holds a diploma in Com-
puter Science and the Dr. ès Sciences
degree from the Swiss Federal Institute of
Technology in Lausanne (EPFL), Switzer-
land. He received the 2000 ECCAI Artifi-
cial Intelligence Dissertation Award for his
PhD. He then joined the start-up he
cofounded, Iconomic Systems S.A., where
he was CTO and system architect. Late
2001, he joined ABB Corporate Research,
where he is currently working as a research
scientist in the Software Solutions and Processes group. His
research interests include constraint satisfaction, abstraction and
problem reformulation techniques, web services, peer-to-peer
computing, ontology languages, graph theory, and resource alloca-
tion problems in general. He is a member of the IEEE Computer
Society, and the ACM.