The document discusses guidelines for certifying wind turbine service technicians, including safety rules and cybersecurity concerns. It outlines the roles of organizations like RenewableUK, the Health & Safety Executive, and WindHSE.org in developing wind turbine safety standards. The Wind Turbine Safety Rules version 3 include guidelines around high voltage boundaries and transformers. The document also warns that industrial control systems like those used in wind turbines are vulnerable to cyber attacks, referencing malware like Stuxnet that have targeted these systems in the past. Technicians must be aware of cybersecurity protocols to safely operate and maintain wind farm equipment.
The document discusses surge protection considerations for fieldbus systems. It begins by outlining the benefits of fieldbus systems but notes that reliability in harsh lightning-prone environments is not well understood. It then covers the probability of lightning strikes based on location, the types of damage lightning-induced surges can cause, and the need to consider every point where a surge could invade the system. The document advocates performing a risk analysis to determine if surge protection is needed based on the likelihood of damage and cost of protection versus repair. It also notes that fieldbus systems have more potential points of entry for surges compared to conventional wiring.
This document provides an overview of SCADA (Supervisory Control and Data Acquisition) security challenges and strategies. It describes common SCADA system components and functionality. It then discusses increasing cyber threats to SCADA systems from sources like hostile governments and employees. The document outlines various physical and cyber vulnerabilities in SCADA systems and components. It recommends security standards from organizations like NIST, ISA, and NERC to help mitigate risks. The document also provides guidelines on physical asset security and cybersecurity strategies.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
NetSpi Whitepaper: Hardening Critical Systems At Electrical Utilities
Whitepaper Abstract
Securing our nation's critical power infrastructure has never been more important. Utilities systems are vulnerable to cyber threats, which can be malicious attacks from hackers or terrorists, as well as unintentional damage done by employees.
In response, industry regulators have implemented a number of regulations and standards to address these weaknesses and ensure the continued safe and reliable generation of electricity.
This NetSpi whitepaper discusses the options — including application whitelisting — that are available to harden critical systems and meet key regulatory requirements. In particular, the paper identifies options for addressing NERC Critical Infrastructure Protection standards CIP-002 through CIP-009.
The document discusses standards for cybersecurity in the energy sector. It notes that threats are increasing as energy infrastructure becomes more connected and data-driven. The document outlines some key cybersecurity standards for the energy industry including NERC CIP, IEEE1686, and IEC 62351. It maps these standards based on their level of technical detail and completeness. The document also discusses best practices for cybersecurity including technological and operational controls and how standards relate to controls for protection, detection and response.
The Department of Homeland Security (DHS) has become more concerned with cyber attacks on infrastructure such as supervisory control and data acquisition (SCADA) systems. An attack in Iran has proven that the landscape of cyber warfare is continually evolving. As the SCADA systems are the systems that autonomously monitor and adjust switching among other processes within critical infrastructures such as nuclear plants, and power grids DHS has become concerned about these systems as they are unmanned frequently and remotely accessed. A vulnerability such as remote access could allow anyone to take control of assets to critical infrastructure remotely. There has been increasing mandates, and directives to ensure any system deployed meets stringent requirements. As the Stuxnet worm has become a reality, future attacks could be malicious code directly targeting specific locations of critical infrastructure. This paper will address methods to protect infrastructure from cyber attacks using a hybrid of certification & accreditation (C&A) processes and information assurance (IA) controls.
This document discusses safety engineering for systems that contain software. It covers topics like safety-critical systems, safety requirements, and safety engineering processes. Safety is defined as a system's ability to operate normally and abnormally without harm. For safety-critical systems like aircraft or medical devices, software is often used for control and monitoring, so software safety is important. Hazard identification, risk assessment, and specifying safety requirements to mitigate risks are key parts of the safety engineering process. The goal is to design systems where failures cannot cause injury, death or environmental damage.
The NIST SP 800-82 document provides guidance on establishing secure industrial control systems (ICS). It discusses ICS characteristics and security challenges. It recommends developing a comprehensive ICS security program that includes senior management support, risk assessments, defined policies and procedures, inventory of assets, and training. It also provides recommendations on network architecture design and implementing NIST SP 800-53 security controls for ICS environments.
Dr Dev Kambhampati | Security Tenets for Life Critical Embedded Systems
This document outlines security tenets for life critical embedded systems. It discusses the need for clearly defined security best practices as more devices take on life critical roles. The document proposes seven areas of security tenets: general security, communications security, boot-time security, run-time security, securely managing systems, backend system security, and monitoring for advanced threats. It emphasizes the importance of implementing all tenets to mitigate threats to human life, equipment, or the environment. Threat models must consider all system aspects and assumptions to address protection against known threats.
This document summarizes a presentation given to the American Bar Association on securing critical infrastructures. It defines critical infrastructures as physical and digital systems essential to the economy and government. It notes that advances in IT have increased interdependence between infrastructures, creating new vulnerabilities. The presentation discusses issues like lack of cooperation between infrastructure owners, need for regular vulnerability assessments, and taking a holistic approach. It introduces SCADA and control systems, noting differences from conventional IT systems in prioritizing availability over security. The presentation covers legal and practical considerations for securing control systems and standards for control system security.
Information security management guidance for discrete automation
This document summarizes guidance for establishing an information security management program for industrial automation departments. It finds that while standards and guidance are now readily available, implementing a comprehensive security program requires extensive cross-functional collaboration. None of the publications can be implemented alone by automation departments due to their complexity and need for interdepartmental expertise in areas like risk assessment and network segmentation. Effectively addressing vulnerabilities will require integrating security practices with existing organizational processes and acquiring new technical knowledge across roles.
The document discusses reusable software components in safety-critical real-time systems. It notes that safety-critical systems must be certified to demonstrate acceptable safety. The use of off-the-shelf components poses challenges for certification. Contracts and pre/post-conditions can be used to specify requirements for components and ensure consistency across contexts. Reliability must also be considered when components are reused in new environments.
Project SHINE (“SHINE” is an acronym meaning “SHodan INtelligence Extraction”) was created to extrapolate metadata from the SHODAN search engine, which is a custom search engine designed for searching embedded devices (routers, servers, etc.) or computer systems based on a searchable term criteria set, returning service port header information. This project investigated the scope and magnitude of how many SCADA/control systems were directly exposed to the Internet, with this report representing findings resulting from the project's efforts.
This document provides recommendations for securing an FIU (financial intelligence unit) computing center. It discusses threats from both internal and external sources and outlines defensive measures. These include separating networks, implementing international security standards, securely transmitting intelligence reports, and establishing user management policies around identification, authentication and access controls. The document also recommends regular backups, disaster recovery planning, and applying security patches and updates.
Doha Industrial Safety Services (DISS) provides occupational health, safety, and environmental training and consultancy services in Qatar. They offer a variety of classroom and online courses covering topics such as road safety, food safety, health and safety, fire safety, risk management, and more. These courses are accredited by several international certification bodies and are designed to provide qualifications at different levels, from introductory awareness courses to advanced diploma programs. In addition to training, DISS also offers consultancy, competency assessment, equipment supply, and human resources services to support clients' health and safety needs.
The document provides guidance on implementing secure architectures for industrial control systems such as process control and SCADA systems. It advises understanding the business risks fully through risk assessment before selecting and implementing security measures. The risk assessment identifies the most critical vulnerabilities to address. Then a risk reduction workshop should be held to agree on target security architecture and an implementation plan for security improvements.
Cyber-Defensive Architecture for Networked Industrial Control SystemsIJEACS
This paper deals with the inevitable consequence of the convenience and efficiency we benefit from the open, networked control system operation of safety-critical applications: vulnerability to such system from cyber-attacks. Even with numerous metrics and methods for intrusion detection and mitigation strategy, a complete detection and deterrence of internal code flaws and outside cyber-attacks has not been found and would not be found anytime soon. Considering the ever incompleteness of detection and prevention and the impact and consequence of mal-functions of the safety-critical operations caused by cyber incidents, this paper proposes a new computer control system architecture which assures resiliency even under compromised situations. The proposed architecture is centered on diversification of hardware systems and unidirectional communication from the proposed system in alerting suspicious activities to upper layers. This paper details the architectural structure of the proposed cyber defensive computer control system architecture for power substation applications and its validation in lab experimentation and on a cybersecurity testbed.
This document provides guidance on securing industrial control systems (ICS), including supervisory control and data acquisition (SCADA) systems, distributed control systems (DCS), and programmable logic controllers (PLC). It discusses ICS and typical topologies, identifies common threats and vulnerabilities, and recommends security countermeasures. The document aims to address ICS unique performance, reliability, and safety requirements. It has been updated with the latest ICS threats, practices, architectures, activities, and security capabilities. An overlay of tailored NIST SP 800-53 controls for low, moderate, and high impact ICS is included.
Surge Protection for Fieldbus Systems - ICA 2006Alvin CJ Chin
The document discusses surge protection considerations for fieldbus systems. It begins by outlining the benefits of fieldbus systems but notes that reliability in harsh lightning-prone environments is not well understood. It then covers the probability of lightning strikes based on location, the types of damage lightning-induced surges can cause, and the need to consider every point where a surge could invade the system. The document advocates performing a risk analysis to determine if surge protection is needed based on the likelihood of damage and cost of protection versus repair. It also notes that fieldbus systems have more potential points of entry for surges compared to conventional wiring.
This document provides an overview of SCADA (Supervisory Control and Data Acquisition) security challenges and strategies. It describes common SCADA system components and functionality. It then discusses increasing cyber threats to SCADA systems from sources like hostile governments and employees. The document outlines various physical and cyber vulnerabilities in SCADA systems and components. It recommends security standards from organizations like NIST, ISA, and NERC to help mitigate risks. The document also provides guidelines on physical asset security and cybersecurity strategies.
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
NetSpi Whitepaper: Hardening Critical Systems At Electrical UtilitiesCoreTrace Corporation
Whitepaper Abstract
Securing our nation's critical power infrastructure has never been more important. Utilities systems are vulnerable to cyber threats, which can be malicious attacks from hackers or terrorists, as well as unintentional damage done by employees.
In response, industry regulators have implemented a number of regulations and standards to address these weaknesses and ensure the continued safe and reliable generation of electricity.
This NetSpi whitepaper discusses the options — including application whitelisting — that are available to harden critical systems and meet key regulatory requirements. In particular, the paper identifies options for addressing NERC Critical Infrastructure Protection standards CIP-002 through CIP-009.
Standards based security for energy utilitiesNirmal Thaliyil
The document discusses standards for cybersecurity in the energy sector. It notes that threats are increasing as energy infrastructure becomes more connected and data-driven. The document outlines some key cybersecurity standards for the energy industry including NERC CIP, IEEE1686, and IEC 62351. It maps these standards based on their level of technical detail and completeness. The document also discusses best practices for cybersecurity including technological and operational controls and how standards relate to controls for protection, detection and response.
Protecting Infrastructure from Cyber AttacksMaurice Dawson
The Department of Homeland Security (DHS) has become more concerned with cyber attacks on infrastructure such as supervisory control and data acquisition (SCADA) systems. An attack in Iran has proven that the landscape of cyber warfare is continually evolving. As the SCADA systems are the systems that autonomously monitor and adjust switching among other processes within critical infrastructures such as nuclear plants, and power grids DHS has become concerned about these systems as they are unmanned frequently and remotely accessed. A vulnerability such as remote access could allow anyone to take control of assets to critical infrastructure remotely. There has been increasing mandates, and directives to ensure any system deployed meets stringent requirements. As the Stuxnet worm has become a reality, future attacks could be malicious code directly targeting specific locations of critical infrastructure. This paper will address methods to protect infrastructure from cyber attacks using a hybrid of certification & accreditation (C&A) processes and information assurance (IA) controls.
This document discusses safety engineering for systems that contain software. It covers topics like safety-critical systems, safety requirements, and safety engineering processes. Safety is defined as a system's ability to operate normally and abnormally without harm. For safety-critical systems like aircraft or medical devices, software is often used for control and monitoring, so software safety is important. Hazard identification, risk assessment, and specifying safety requirements to mitigate risks are key parts of the safety engineering process. The goal is to design systems where failures cannot cause injury, death or environmental damage.
The NIST SP 800-82 document provides guidance on establishing secure industrial control systems (ICS). It discusses ICS characteristics and security challenges. It recommends developing a comprehensive ICS security program that includes senior management support, risk assessments, defined policies and procedures, inventory of assets, and training. It also provides recommendations on network architecture design and implementing NIST SP 800-53 security controls for ICS environments.
Dr Dev Kambhampati | Security Tenets for Life Critical Embedded SystemsDr Dev Kambhampati
This document outlines security tenets for life critical embedded systems. It discusses the need for clearly defined security best practices as more devices take on life critical roles. The document proposes seven areas of security tenets: general security, communications security, boot-time security, run-time security, securely managing systems, backend system security, and monitoring for advanced threats. It emphasizes the importance of implementing all tenets to mitigate threats to human life, equipment, or the environment. Threat models must consider all system aspects and assumptions to address protection against known threats.
This document summarizes a presentation given to the American Bar Association on securing critical infrastructures. It defines critical infrastructures as physical and digital systems essential to the economy and government. It notes that advances in IT have increased interdependence between infrastructures, creating new vulnerabilities. The presentation discusses issues like lack of cooperation between infrastructure owners, need for regular vulnerability assessments, and taking a holistic approach. It introduces SCADA and control systems, noting differences from conventional IT systems in prioritizing availability over security. The presentation covers legal and practical considerations for securing control systems and standards for control system security.
Information security management guidance for discrete automationjohnnywess
This document summarizes guidance for establishing an information security management program for industrial automation departments. It finds that while standards and guidance are now readily available, implementing a comprehensive security program requires extensive cross-functional collaboration. None of the publications can be implemented alone by automation departments due to their complexity and need for interdepartmental expertise in areas like risk assessment and network segmentation. Effectively addressing vulnerabilities will require integrating security practices with existing organizational processes and acquiring new technical knowledge across roles.
The document discusses reusable software components in safety-critical real-time systems. It notes that safety-critical systems must be certified to demonstrate acceptable safety. The use of off-the-shelf components poses challenges for certification. Contracts and pre/post-conditions can be used to specify requirements for components and ensure consistency across contexts. Reliability must also be considered when components are reused in new environments.
Project SHINE (“SHINE” is an acronym meaning “SHodan INtelligence Extraction”) was created to extrapolate metadata from the SHODAN search engine, which is a custom search engine designed for searching embedded devices (routers, servers, etc.) or computer systems based on a searchable term criteria set, returning service port header information. This project investigated the scope and magnitude of how many SCADA/control systems were directly exposed to the Internet, with this report representing findings resulting from the project's efforts.
This document provides recommendations for securing an FIU (financial intelligence unit) computing center. It discusses threats from both internal and external sources and outlines defensive measures. These include separating networks, implementing international security standards, securely transmitting intelligence reports, and establishing user management policies around identification, authentication and access controls. The document also recommends regular backups, disaster recovery planning, and applying security patches and updates.
Doha Industrial Safety Services (DISS) provides occupational health, safety, and environmental training and consultancy services in Qatar. They offer a variety of classroom and online courses covering topics such as road safety, food safety, health and safety, fire safety, risk management, and more. These courses are accredited by several international certification bodies and are designed to provide qualifications at different levels, from introductory awareness courses to advanced diploma programs. In addition to training, DISS also offers consultancy, competency assessment, equipment supply, and human resources services to support clients' health and safety needs.
No restrictions, no fallback: DXN company's Marketing PlanGergely Takács
In DXN Ganoderma coffee MLM business there is no compulsion, no nulling, no fallback. After steadfast work one can achieve the state where no work is needed to get paid: one gets money after the continuous everyday products purhcase of a well-built network of products users. Financial independence is getting paid for a lifetime after a job one did well once, DXN networks are inheritable too!
DXN products order: http://dxnproducts.com/shop
New DXN membership registration:http://dxnproducts.com/membership-contract-for-private-persons/
This document is a record of achievement certifying that Marina Pontjakova completed an openSAP course called "Software Development on SAP HANA (Delta SPS 09)" from September 15 to October 14, 2015. The course covered updates on tooling, data modeling, and testing for SAP HANA development. Pontjakova scored 147 out of a possible 180 points through weekly assignments and a final exam.
This document outlines a 3-step blueprint for rapidly growing a network marketing business. Step 1 is to enroll as a distributor and recruit two new distributors. Step 2 is for those two distributors to each recruit two more, growing the network. Step 3 is for all new distributors to repeat this process of recruiting two people, allowing the network to exponentially expand through duplication at each level. Specific strategies are provided, such as using professionally designed email templates and targeted advertising, to help new distributors promote the opportunity.
The document outlines the volunteer activities and plans of the "OŠ’’BRANKO RADIČEVIĆ’’ PROJECT 2011/2012", including training volunteer leaders in September 2011, workshops for teachers and headmasters, establishing a Volunteer Club, and potential volunteer actions like renewing school benches and chairs or painting walls in the school yard. It also mentions a volunteer action that took place at another school in Ilidža in December 2011 and thanks the volunteer organization ACES.
This document provides information about the health benefits of Ganoderma lucidum (Reishi mushroom). It discusses Ganoderma's 5,000 year history in Chinese medicine and lists some of its active ingredients like polysaccharides, organic germanium, and triterpenoids. It also describes Ganoderma's 5 stages of health improvement: scanning, detoxification, regulation, building/repairing, and rejuvenation. Finally, it summarizes how Ganoderma can help with many chronic diseases and health issues like diabetes, arthritis, asthma, allergies, heart disease, cancer, and stress.
Safety Engineering - Compilation of ReportsJahh Lavz
The document summarizes Department Order No. 13, which provides guidelines for occupational safety and health in the construction industry in the Philippines. It defines key terms, establishes the jurisdiction of the Department of Labor and Employment in setting safety standards, allows for delegation of authority to local governments and accredited organizations, specifies coverage of construction projects and operations, and outlines requirements for construction safety and health programs and personal protective equipment. The order aims to protect workers' welfare and ensure harmonious labor relations in the industry.
O documento discute o processo de impeachment da presidente Dilma Rousseff no Brasil. As principais razões para o pedido de impeachment são a crise econômica, escândalos de corrupção e "pedaladas fiscais". Se aprovado pela Câmara em 17 de abril, o processo pode seguir para votação no Senado em 12 de maio, quando Dilma pode ser afastada temporariamente.
introduction to #OT cybersecurity for O&M teams.pdfPrabaKaran649935
The document discusses the importance of operational technology (OT) cybersecurity to protect industrial control systems from cyber threats and ensure their continued availability and integrity. It notes that OT environments face different risks and priorities than information technology (IT) networks. The document advocates applying a defense-in-depth strategy through effective risk assessment and selecting appropriate countermeasures informed by standards like ISA/IEC 62443.
This document provides an overview of threats to industrial control systems (ICS) in 2015-2016. It finds that ICS incidents increased significantly, with 295 reported in 2015 alone. The main targets were critical manufacturing, energy, water and dams, and transportation systems. Nation-states, cybercriminals, and insiders engaged in attacks that disrupted operations and in some cases caused physical damage. Going forward, the threats are expected to grow as adversaries develop new tactics like ransomware targeting ICS and insider threats continue to be a problem. Organizations must take steps to strengthen ICS security through measures like secure network architecture and incident response planning.
The document discusses cyber security risks for SCADA systems used in water and wastewater treatment plants. Modern SCADA systems now use open network protocols and wireless connectivity, leaving them vulnerable to attacks. The most destructive cyber attack targeted Siemens PLCs at an Iranian nuclear facility using a infected USB drive. If a water treatment plant's SCADA system is compromised, it could lead to over or under dosing of chemicals, loss of water pressure, or disabled alarms. Mott MacDonald offers cyber security risk analyses and programs to help clients address vulnerabilities and obtain federal funding to implement solutions.
A Defense-in-depth Cybersecurity for Smart SubstationsIJECEIAES
The increase of cyber-attacks on industrial and power systems in the recent years make the cybersecurity of supervisory control and data acquisition and substation automation systemsa high important engineering issue. This paper proposes a defense in depth cybersecurity solution for smart substations in different layers of the substation automation system. In fact, it presents possible vulnerabilities in the substation automation system and propose a multiple layer solution based on best practice in cyber security such as the hardening ofdevices, whitelisting, network configuration, network segmentation, role-based account management and cyber security management and deployement.
This document presents a preliminary study on developing a Wide Area Protection Monitoring System (WAPMS) that would automatically collect and analyze data from protection devices. The proposed system would gather information through various communication protocols, analyze the data to determine fault types and locations, and generate reports with diagnoses for operators. This would provide operators a comprehensive overview of the power system's behavior during faults to help make better decisions. The system is currently being tested in Colombia and future work involves predictive analytics to identify potential protection device failures.
Induction motor is rotating type of electro-mechanical device. Induction motor convert electrical energy into mechanical energy. Induction motor is highly reliable, require less maintenance and have high efficiency. Induction motor are wide in range of operation and it used in many application because its construction is simple and robust. In past induction motor can be protected by manual operation of component such as timer, contactor, electromagnetic switch, voltage and current transformer. Protection of an induction motor against problem such as short circuit, temperature rise, single phasing and motor vibration occurring in the operation is very important. Manual operation of protection system are very slow and is not accurate. Looking to this issues, in this paper PLC based protection method is used. Which operated automatically, provide higher accuracy and quick response.
Impact of IEC 61508 Standards on Intelligent Electrial Networks and Safety Im...Schneider Electric
Improper integration of Intelligent Electronic Devices (IED) into medium / high voltage electrical networks can impact both network performance and safety. Now, standards such as IEC 61508 provide a framework from which new safety risks can be managed. This paper simplifies the complexity of integrating new devices into existing grid networks by explaining how to implement IEC safety and maintenance standards. Examples are presented for how to minimize cost and maximize safety benefits.
NIST Guide- Situational Awareness for Electric UtilitiesDr Dev Kambhampati
This document is a draft of a NIST special publication providing guidance on situational awareness solutions for electric utilities. It includes an executive summary, approach, architecture, and security characteristics for implementing situational awareness. The publication describes a NCCoE project that developed an example solution to converge monitoring across IT, operational technology, and physical access systems in order to improve utilities' ability to detect cyberattacks and security incidents. The solution is presented as a modular guide to help utilities implement standards-based technologies in a risk-based manner to gain efficiencies in monitoring, identification, and response to cyber incidents.
Dr Dev Kambhampati | Electric Utilities Situational AwarenessDr Dev Kambhampati
This document is a draft of a NIST special publication providing guidance on situational awareness solutions for electric utilities. It includes an executive summary, approach, architecture, and security characteristics for implementing situational awareness. The publication describes a challenge electric utilities face in gaining comprehensive visibility across separate IT, operational technology, and physical security systems. It then outlines a solution developed by NIST to integrate these systems using commercial and open source tools to improve detection of cybersecurity incidents and support regulatory compliance. The benefits of the solution include improved cybersecurity, faster incident response, and more effective risk management.
Circuit breaker Maintenance By Mobile Agent Software Technologysiddhartha muduli
This seminar report discusses using mobile agent software technology for circuit breaker maintenance. It outlines the types of circuit breakers and components that require maintenance. The report proposes a maintenance system using software agents that can autonomously gather information from distributed sources like the enterprise maintenance system and substation concentrators. The mobile agents would help create failure reports, monitor circuit breakers, and facilitate information sharing between the maintenance crew and databases. The approach provides advantages like automated information retrieval, report generation, and security while reducing maintenance costs and workload.
This document discusses how applying process safety best practices can improve operational technology (OT) cybersecurity. It outlines the five independent protection layers (IPLs) for process safety - inventory and configuration management, automatic process controls, human intervention, safety instrumented systems, and physical protection. Applying best practices to each IPL layer improves OT cybersecurity by making any operational changes from cyber attacks more apparent so they can be addressed quicker. Effective configuration management and change control are especially important, as the Stuxnet attack showed how undetected changes could damage equipment over time. Overall, following process safety practices enhances control performance, alarms, interfaces, and system resilience while countering modern cyber threats.
Augmentation of a SCADA based firewall against foreign hacking devices IJECEIAES
This document summarizes a research paper that implemented a SCADA-based firewall to protect data transmission from external hacking devices. The paper first discusses a case study where an industrial control system was hacked 46 times. It then provides an overview of industrial firewalls and the differences between industrial and IT firewalls. The paper describes configuring a Tofino industrial firewall with SCADA-HMI and PLC assets. It tests the firewall by simulating scenarios without and with the firewall, showing the firewall prevents an attacker from accessing the PLC simulator based on communication protocols. The paper concludes customized industrial firewalls are needed and protocols must be regularly updated as cyber attacks evolve.
This document discusses issues related to smart grid resilience and proposed enhancements. It begins with an introduction to smart grids and the concept of resilience. Major issues discussed include cyber threats like false data injection attacks and denial-of-service attacks, as well as natural disasters. Several enhancement techniques are then proposed, such as using energy storage systems, distributed energy resources, microgrids, and blockchain technology. The document focuses on cybersecurity issues in more depth, outlining various false data injection attacks and their potential impacts. It also discusses denial-of-service attacks and proposes detection and mitigation methods. Overall, the document analyzes resilience challenges in smart grids and presents technical solutions aimed at improving system reliability and recovery capabilities.
The document discusses burner management systems (BMS) and the importance of safety in their design and operation. It notes that BMS use programmable electronic systems like PLCs to control burners safely. However, these systems can fail in dangerous and undetectable ways. Therefore, international standards require safety features like input checking, output monitoring, watchdog circuits, and alarming to be designed into BMS to mitigate risks from failures. The document provides examples of how output monitoring, guarded outputs, and processor protection like watchdog timers can be implemented in typical PLC-based BMS.
The document discusses burner management systems (BMS) and how programmable electronic systems (PES) can be used for burner control while ensuring safety. It outlines several key requirements for PES-based BMS to be certified, including using redundant safety-related PES, obtaining independent safety certification, and the designer demonstrating proper development and testing practices. The document also describes various safety features that can be designed into BMS, such as input/output monitoring, guarded outputs, processor watchdog timers, and power monitoring. It discusses architectures for safety programmable logic controllers (PLCs) including 1oo1D (one out of one with diagnostics) and 1oo2D (one out of two with diagnostics).
This document describes a condition monitoring system for induction motors that uses both vibration and electrical signals for fault diagnosis. The system includes an embedded device that acquires real-time vibration and electrical data from sensors attached to the motor. It then uses these signals to perform both operating condition monitoring and fault diagnosis analysis. For condition monitoring, it assesses the motor's health based on vibration levels. If an abnormality is detected, it uses a hybrid approach involving both vibration and electrical signals to classify the specific type of fault, such as stator, rotor, bearing, or eccentricity issues. The system is intended to help maintenance workers more efficiently diagnose problems and schedule repairs.
This document summarizes a project to automate online monitoring of compressed air status in an industry with alarms. Sensors measure air pressure, temperature, dew point, and vibrations. A PIC microcontroller displays the sensor readings on an LCD and sounds an alarm if vibrations exceed a limit. The same data is sent wirelessly to a PC using Zigbee. The PC allows remotely controlling the compressor and dryer power. The automation aims to safely manage air quality without constant human monitoring and reduce costs compared to wired networks.
Review of Online Monitoring of status of air for Automation with alarmiosrjce
IOSR Journal of Electronics and Communication Engineering(IOSR-JECE) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of electronics and communication engineering and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in electronics and communication engineering. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.
The document discusses combining functional safety and industrial cyber security standards. It notes that IEC 61511 (functional safety) and IEC 62443 (industrial cyber security) take similar risk assessment and risk reduction approaches. The standards both use risk matrices and define target and achieved security/safety levels. The document suggests a combined approach could assess risks and close gaps to meet both safety and security targets together. Taking a unified view of both helps address new regulatory requirements linking the two domains.
Similar to Guideline for the Chartered Certification WTSR of Wind Turbine Service Technicians 2015July (20)
Guideline for the Chartered Certification WTSR of Wind Turbine Service Technicians 2015July
1. Chartered Technician Wind Turbine Safety Rules guidelines
WTSR v3 & SCADA cyber security
__________________________________________________________________________________
1 Guideline for the Chartered WTSR v3 Certification of Wind Turbine Service Technicians
(Edition 2015)
Michael Mattocks, City & Guilds Examiner and Microsoft HQ User Groups mentor, explained the
relevance of the new guidelines:
“It is important for owners and manufacturers of wind turbines as well as banks and insurers
involved to know the different certification processes and guidelines for Wind Turbine Service
Technicians.
The updates incorporate the new releases from RenewableUK Wind Turbine Safety Rules version 3
(WTSRv3) including the High Voltage boundaries for WTG internal transformers. Currently there are
Operational Safety Rules Group discussions whether Technicians should attain the HV Certification
as well.
It has been developed primarily to enable those Engineers who have not attained funding for an
Apprenticeship to complete the first week of learning and attain the Chartered status to progress to
be an Authorised Engineer”
This Guideline was compiled by WindHSE.org in cooperation with the Health & Safety Executive,
Lloyd’s Underwriters representative of the European Wind Turbine Committee and RenewableUK
steering committee members including Siemens , Repower, Vestas and utilities such as RWE.
City & Guilds WTSR v3 Certification has been successfully piloted by DNV-GL the certification body
for Wind Turbines.
This Guideline comes into force on 1st July 2015
Interpretation of the Guideline is the exclusive prerogative of WindHSE.org
Any reference to the application of this Guideline is permitted only with the consent
of WindHSE.org
WindHSE.org City & Guilds Certification
CoOpMuseum Satellite Campus OL126UE, Rochdale, United Kingdom
Phone: +44 1706 814736
admin@WindHSE.org
www.WindHSE.org
The latest edition of the General Terms and Conditions
of WindHSE.org is applicable.
Published by: WindHSE.org, United Kingdom
2. WindHSE.org 2015 Page 2
Table of Contents
City & Guilds Qualification Level 3 Electrical Power Engineering-Wind Turbine Maintenance
2339 79 Unit 750 Health and Safety in the power industry
Demonstrate an understanding of Health and Safety
1.1 Identify statutory regulations and organisational requirements for Health and Safety……..page 3
1.2 List the roles and responsibilities of relevant Health and Safety organisations
(Wind Turbine Safety Rules version 3 WTSR v3 including WTG internal transformer)……….……page 5
1.3 State accident and emergency procedures ……………………………………………………………………….page 8
1.4 Demonstrate and implement safe working practices with respect to safe working areas….page 11
1.5 Identify relevant safety and hazard warning signs. ……………………………………………………………page 13
1.6 Identify the reasons for accidents happening and the importance of putting in place preventative
measures
(reference IEEE.org: ‘Cyber intrusion of wind farm SCADA system and its impact analysis’) ……page 14
1.7 Identify First Aiders, as well as situations where First Aid should be administered. ………….page 15
1.8 State how to isolate an electrical source safely in an emergency and non-emergency
situation……..................................................................................................................................page 16
1.9 Outline safety procedures when manually handling a range of products of different size, shape
and weight ……………………………………………………………………………………………………………………………..page 17
1.10 Outline safety procedures associated with mechanical and non-mechanical access equipment
………………………………………………………………………………………………………………………………………………..page 19
1.11 Outline safety procedures associated with mechanical lifting equipment……………………….page 20
1.12 Define safe working procedures whilst operating in confined spaces …………………………….page 21
1.13 Identify hazards associated with fire (OSHA 4 MINUTE RESCUE regulation)………………………page
22
3. WindHSE.org 2015 Page 3
1.1 Identify statutory regulations and organisational requirements for Health and Safety
It is paramount for Wind Turbine Service Technicians to understand that they have a partnership arrangement with their
Operational Controllers when controlling the supply of Wind generated electricity. There are important control panel
security protocols that they must be aware of as Ethernet Technicians.
Cyber Security of industrial processes is now so pertinent that inter/national government departments are forming
partnerships to raise employee awareness of these threats.
http://www.hse.gov.uk/horizons/current-issues/science-and-technology/cybersecurity.htm
‘Implications:
Accidental failure or malicious attack on process control systems could result in loss of system-critical safety
functions such as interlocking and emergency shutdown systems and disruption of control of the
process, potentially resulting in serious risks to operators and possibly the public. Whilst it is good practice to
isolate safety-critical control or protection systems from any connectivity to the ‘outside world’ this approach is
being challenged by the changing nature of plant electronic control and management systems. This is leading to
increased vulnerability of plant to electronic attack, whilst at the same time the threat level is increasing. The
possibility of such electronic attack of control systems is recognised as a threat to the Critical National
Infrastructure . Understanding electronic attacks .’
http://www.automation.siemens.com/mcms/topics/en/wind-automation/pages/default.aspx
http://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=43876783&caller=view%20%20
Updated Current status of infected computers
11.03.2011 To date a total of 24 Siemens customers in the industrial sector worldwide have reported being infected with the Trojan horse. The malware was
able to be removed in all cases. In none of these cases did the infection have an adverse impact on the automation solution.
Recommended procedure to identify and remove a Stuxnet infection
We recommend examining the following types of computers:
1. Embedded systems (e.g. Microbox)
2. Other computers
Infrastructure computers (file servers, domain controllers, other servers...)
Computers with and without WinCC installation
The following safety precautions also apply:
o All connections with the outside world must be checked and cleaned (customer data, USB devices, others).
o If possible, do not use any third-party USB sticks and/or mobile data carriers.
o Always check the safety concepts. For example, disable/uninstall services that are not needed.
o Installation of the Microsoft Patch is recommended for the operating systems listed by Microsoft
http://www.us-cert.gov/control_systems/pdf/ICSA-12-158-01.pdf
These vulnerabilities may be remotely exploited.
AFFECTED PRODUCTS
Siemens WinCC 7.0 SP3 web server and web applications are affected. These vulnerabilities may allow an attacker to gain
unauthorized access, read from, or write to files and settings on the target system.
4. WindHSE.org 2015 Page 4
BACKGROUND
Siemens SIMATIC HMI is a software package used as an interface between the operator and the programmable logic
controllers (PLCs) controlling the process. SIMATIC HMI performs the following tasks: process visualization, operator
control of the process, alarm display, process value and alarm archiving, and machine parameter management. This
software is used in many industries, including food and beverage, water and wastewater, oil and gas, and chemical.
WinCC web applications are susceptible to reflected cross-site scripting because they do not filter out characters when
parsing URL parameters. Exploitation of this vulnerability may give an attacker authenticated access to WinCC web
applications.
The object-oriented SCADA system Simatic WinCC Open Architecture allows you to implement integration of a wide variety
of components
However this comes at a cost of potential intrusion & technicians need to be mindful of this during their operations:
http://www.industry.siemens.com/verticals/global/en/wind-turbine/wincc/pages/default.aspx
Efficient Wind Farm Management
Central Control Desk with SIMATIC WinCC Open Architecture
SIMATIC WinCC Open Architecture from Siemens is a SCADA system that can be flexibly adapted to your specific
requirements. This system is ideally suited as a central control desk for high-availability wind power plants. If personnel are
distributed over a large geographical area or if a large number of wind farms have to be managed, the scalability of our
SCADA system across several spatially distributed servers is a distinct advantage. Your benefit: From a central control desk,
you have full access to all measured data, alarms, histories, and configurations of your wind turbines
WinCC and PCS 7 are the first SCADA systems to be specifically targeted by malware. The Stuxnet worm can spy on and
even reprogram infected systems.It can cause Blades to overspin in replay control instructions where Blades can cause
physical damage to a tower. Stuxnet can provide false feedback to controllers 'ensuring that they will not know is going
wrong till it's too late to do anything about it' (IEEE.org)
5. WindHSE.org 2015 Page 5
1.2 List the roles and responsibilities of relevant Health and Safety organisations
(Wind Turbine Safety Rules version 3 WTSRv3)
The national Wind Energy Association comprising all major Wind Energy Corporation members works in partnership with
the national Health & Safety regulator to implement evolving standards
Renewable UK (formerly the British Wind Energy Association) is responsible for the Wind Turbine Safety Rules or ‘hierarchy
of controls’
These are increasingly being adopted by Wind Energy Companies worldwide as far away as New Zealand
Wind Turbine Safety Rules
The RenewableUK (formerly known as BWEA) Wind Turbine Safety Rules (WTSR) have been developed by wind farm
owners and operators for the purpose of formalising a safe system of work for operational wind turbines (onshore and
offshore).
" The WTSR have been operational since late 2005 and they have been used at over 100 wind farms in the UK and Ireland.
There is wide-scale buy-in, including positive feedback from site technicians. In June 2009 they were revised to include
minor improvements identified by operators based on experiences gained from their use.
The WTSR set down the procedures to be followed when undertaking work or testing on plant and low-voltage (LV)
apparatus associated with a wind turbine generator (WTG). Any work or testing on the high-voltage (HV) infrastructure
that forms part of the wind farm or WTG should only be permitted under a set of approved HV safety rules
The Wind Turbine, its plant with their associated (LV) infrastructure (WTSR apply)
The boundary between these two systems needs to be clearly defined - a typical example is shown below:
7. WindHSE.org 2015 Page 6
To carry out work on equipment in a wind turbine, the WTSR require Approved Written Procedures (AWP's) to be put in
place for each work package significant enough to warrant it. An AWP is a procedure which specifies how work on plant &
apparatus below 1000V AC or 1500V DC, will be carried out safely - it is similar to a method statement and it includes
checkpoint signatures as auditable proof that safety precautions were applied for the duration of the work. The WTSR's
also give guidance on when AWP's are required and when they are not necessary
RenewableUK HSE Guidelines
10.3 Operation 10.3.1 Operational instructions
Under the requirements of CDM, the EU Machinery Directive and CE Marking process, and the WTG Certification
programme specified in IEC WT01, manufacturers of the wind farm hardware (including electrical infrastructure equipment
and WTG) are required to supply to the owners/operators with an operations and maintenance manual. This manual is
required to explain how the equipment is to be safely operated, maintained and inspected. The manual should also detail
the frequency of maintenance checks and appropriate maintenance activities (including recommendations for component
replacements) to be performed to maintain the integrity and the ongoing safety of the device.
Philosophy of the WTSRs : Wind Farms consists of two distinct systems:
A) The High Voltage Infrastructure (>1,000V AC/1500V DC)
B) The Wind Turbine Plant & associated Low Voltage infrastructure
Boundary between the two Systems must be clearly defined and understood - historically recognised within the industry as
the switchgear associated with the LV side of the WTG transformer
AWP are required for each work package with Checkpoint Signatures and as these will become electronically recorded we
will see the use of Digital Checkpoint Signatures (eg for recording IP Sensors & Actuators)
WTSR 'hierarchy of controls' stipulate handover from the 'control centre' to the Authorised Technician/Engineer
You as a WTG will receive WTSR similar to that provided by your Association
COMPANY ‘A’
WIND TURBINE SAFETY RULES
Third Edition
Operative from (DAY) (MONTH) (YEAR)
Issued by COMPANY ‘A’
Issued to:
................................................................................................... (Signed)
................................................................................................. (Print Name)
.................................................. Date
8. WindHSE.org 2015 Page 7
10.9.3 The RenewableUK OSR sub-group has identified a need to examine how the rules could be developed to encompass
the HV equipment that provides the connection to the grid, and which is now becoming increasingly present inside wind
turbines. The result of this work is a new set of rules that can be applied to the turbines alone, or to the whole wind farm.
The progress and results of a set of new rules, currently under operational trials, are available on the RenewableUK
website (www.renewable-uk.com).
10.9.4 In order to establish a safe system of work, consider: • the need to establish safe working methods and written
procedures; • the need to establish permit-to-work procedures; • any requirements for isolation, locking-off or tagging; •
cross boundary/interface safety, e.g. with Distribution Network Operators;
9. WindHSE.org 2015 Page 8
1.3 State accident and emergency procedures
Emergency Response Procedures are essential to the WTG Technician and for this reason the Guidelines are updated by
the Professional Association
http://www.renewableuk.com/download.cfm?docid=EBE2B090-0537-4315-BCFF2826FA5D96FC
9.10 Emergency arrangements
9.10.1 A site Emergency Response Plan (Project ERP) must be in place during the construction phase, with appropriate
additions or adjustments for specific or ‘one-off’ operations.
When developing the ERP, consideration should be given to the remoteness of the site location and response times of
emergency services, and appropriate arrangements provided, i.e. equipment and trained personnel (e.g. first aid / rescue
training), to ensure self sufficiency and preservation of life until emergency services are in attendance.
Emergency Response Plans must include (as a minimum):
• the roles and responsibilities of all key personnel appointed to effectively manage the organisation’s emergency response
arrangements, including those in overall control and those appointed to control each site;
• contact details for organisation’s legal advisers to be used in the event of serious incidents;
• emergency contact details for all internal and external parties involved in the works;
• vessel contact details (note: vessels >300 tonnes will be ISO-registered with a certified ISM system);
• third-party emergency service contact details;
• the location of all site access points and site plans;
• details of potential hazards and emergency situations that the emergency services may encounter;
• details and locations of significant hazards, e.g. high-voltage equipment;
• details and locations of nearby installations that may provide assistance in an emergency;
• emergency communications procedures;
• emergency response procedures for initial actions in emergencies that could be anticipated, including:
- evacuation of nacelle and WTG,
- emergency shutdown of energised equipment,
- failed lifting operations,
- fire,
- sickness,
- injury,
- pollution,
- bomb threat / sabotage,
10. WindHSE.org 2015 Page 9
- extreme weather,
- man overboard,
- vessel collision / grounding / punch-through,
• emergency response arrangements, including the provision of first aid equipment, rations and equipment in the event of
stranding.
9.10.2 The following procedures should be established in line with the ERP, based on suitable and sufficient risk
assessments and following consultation with local emergency services:
• all foreseeable emergency situations relevant to both onshore and offshore sites, including evacuation and escape;
• safe transportation and storage of hazardous materials, e.g. flammable substances;
• hazardous activities, such as hot work (the application of heat, including welding, burning or grinding on plant containing
flammable materials), potentially including cable jointing/terminating;
• abnormal weather conditions, e.g. extreme cold, floods and lightning; and
• abnormal sea states, high winds and poor visibility.
9.10.3 Based on a suitable and sufficient fire risk assessment, working areas should be provided with:
• means of raising the alarm;
• clear and accessible evacuation instructions;
• suitable means of escape, including signage, emergency lighting and designated assembly areas;
• portable fire-fighting equipment;
• means of disposing of scrap and waste materials safely;
• fixed fire detection and extinguishing systems, where appropriate;
• additional precautions/devices as recommended by the fire risk assessment (e.g. smoke hoods, places of safety, refuges
etc.); and
• provision for disabled egress (in case of injury and for Disability Discrimination Act compliance).
When all of these are in place WTG Technicians will be well placed for any Emergency Procedures such as
12. WindHSE.org 2015 Page 11
1.4 Demonstrate and implement safe working practices with respect to safe working areas.
Control system involves three basic elements: sensors to measure process variables, actuators to manipulate energy
capture and component loading, and control algorithms to coordinate the actuators based on information gathered by the
sensors.
[
As explained earlier WTG Technician understanding of the Wind Turbine Safety Rules (WTSR) as provided by your
Professional Association are paramount in work involving electrical isolation before ANY maintenance is undertaken
In addition WTG Technician familiarity of WTG Security should become second nature
Refer to your downloaded Professional Association guidelines in the first instance
(cite http://www.renewableuk.com/download.cfm?docid=EBE2B090-0537-4315-BCFF2826FA5D96FC )
9.15 Security
The Occupier’s Liability Act 1957 and 1984 requires employers to make provision for both lawful and unlawful visitors.
Security measures should be sufficient to prevent access by any unlawful visitors without causing them harm.
All security measures should be put into effect prior to construction work starting and should be updated as necessary
throughout occupation of the site. The measures should:
• ensure provision to prevent unauthorised access to the site;
• ensure materials are stored without risk to Health and Safety;
• ensure construction plant is secured against unauthorised operation;
• establish procedures for control of visitors;
• establish procedures for visiting workers; and
• ensure provision to monitor the effectiveness of the security arrangements.
Additional measures will be required when reviewing security arrangements during the construction and operational
phases offshore'
These Additional measures whether for offshore or onshore wind farms increasingly include measues to prevent
unauthorised Electronic access of the PLC
Before any operations or maintenance the WTG should remember the advice of their association you have downloaded
with regards to
10.16 Safety equipment
10.16.1 The requirement for safety equipment should be identified within risk assessments. This may typically include:
• cable detectors;
• high-voltage measuring devices;
• portable earthing devices;
• temporary barriers, screens and notices;
• isolation devices for installed equipment, e.g. locks, chains, mechanical clamps; and
13. WindHSE.org 2015 Page 12
• survival/immersion suits, lifejackets, buoyancy aids, throwing lines and personal location beacons.
10.16.2 Ensure that when safety equipment is used:
• it is recorded on a register;
• persons are trained and competent in its use;
• it is properly stored, cleaned and maintained;
• it is periodically checked to ensure it remains in good working order and is safe to use; and
• all inspections and examinations are recorded, and records are retained.'
WTSR should also become second nature for WTG Technicians globally as they set the precedent for the HV/LV
demarcation & thus the hierachy of controls
Scenario WTSR
The hierarchy of control (safety rules) under normal maintenance conditions as applied in a wind
turbine
o Confirmation and identification of the turbine to be worked on, Authorised Technician liaises with the control
centre
o Depending on the design of turbine, the remote control centre will stop operation of the turbine directly or
hand over control of the turbine to the technician
o The turbine is put into ‘service’ mode by the Authorised Technician
o Manual brake is applied to the rotor
o Only competent technicians to work on the turbine, one of whom must be an Authorised Technician
o Once the maintenance is complete and all technicians have left the turbine, the Authorised Technician
removes the manual brake and returns the turbine from ‘service’ mode to operational mode and control of the
turbine is handed back to the remote centre
14. WindHSE.org 2015 Page 13
1.5 Identify relevant safety and hazard warning signs.
According to Wind Farm operators association safety & hazard signs are paramount to visualise potential dangers to WTG
technicians
Refer to the British Wind Energy Association guidelines:
HEALTH AND SAFETY (SAFETY SIGNS AND SIGNALS) REGULATIONS
Safety signs must be provided where the risk assessment indicates that risks cannot be avoided or adequately controlled in
other ways.
9.10.3 Based on a suitable and sufficient fire risk assessment, working a
• suitable means of escape, including signage, emergency lighting and designated assembly areas
9.14 Site access
• should be marked with warning signs and notices
Danger areas
All work areas that present a risk of falling or being struck by a falling object must be fitted with equipment and signage
that prevents unauthorised access.
9.19 Electrical Safety
Signage should be installed on all electrical generating equipment, junction boxes, switchgear panels and doors to identify
the Health and Safety risks that personnel may be exposed to should they open covers, doors or panels. All covers, doors
and panels should be locked, or otherwise prevented from being opened without a mechanical device/tool, to restrict
access and prevent exposure to live electrical components and systems.'
The Lock Out Tag Out scenario is probably the most important for the WTG Technician as before they consider maintenace
the Turbine has to be isolated electrically
The sign is usually red to increase visibility and allow workers to readily see if a device is isolated.
15. WindHSE.org 2015 Page 14
1.6 Identify the reasons for accidents happening and the importance of putting in place preventative measures
Control intelligence may be distributed around the turbine, including in the hub. Control panels contain controller PLCs
plus standard panel hardware to interface with sensors and auxiliary systems and combined may weigh up to 500kg. In
some cases, CANbus or similar systems are used for interfacing between controller hardware and sensors, including via
fibre-optic cables.
In parallel to the control system, a safety system protects the turbine from control system or operator error. Key sensors
for this overriding safety system include speed and vibration sensors. This make up is illustrated here
As IEEE.org paper
"Cyber Intrusion of Wind Farm SCADA System and Its Impact Analysis"
indicates there is a Technician responsibility to maintain PIN and ethernet security with regards to Control Panel control of
components
This can be done through avoid leaving chemical based fingerprints on pin pads. Thus wiping clean pin pads should become
second nature.
Best practice would also mean avoid using USB sticks collected at conferences or 'on the ground' that could be infiltrated
with malware such as Stuxnet or Flame.
Encryption and anti-virus checks of all files on PDAs would become common practice to avoid malware that could be used
for espionage and direct 'replay attacks'. These attacks could lead to distorted PLC instructions and direct physical
damage as oversped blades that may crash into the Towers or cause short circuit generator fires.
System logs (syslogs) on the Control software should be checked and any anomalies should be immediately elevated to the
Computer Incident Response Team
16. This has been more recently highlighted in May 2015 Windpower Monthly edition ‘Wind farm owners should also
emphasise the importance of never using USB drives or other peripheral media devices of unknown origins on secure
systems - it still surprises me how many employees collect and use USB drives from unknown sources’
17. WindHSE.org 2015 Page 15
1.7 Identify First Aiders, as well as situations where First Aid should be administered.
When it comes to the Power Sector because of the risk of severe electric shock or electrocution all Technicians should be
trained in the use of First Aid to assist their buddies & team
http://en.wikipedia.org/wiki/Electric_shock
'Assuming a steady current flow (as opposed to a shock from a capacitor or from static electricity), shocks above
2,700 volts are often fatal, with those above 11,000 volts being usually fatal'
Remember according to the WTSR you are authorised to work with 1000V AC or 1500V DC
This professionalism is covered by your Association HSE Guidelines eg RenewableUK
Under the Health and Safety (First Aid) Regulations all workplaces should have first aid material in a clearly identified box
and an appointed person(s) to ensure the proper management of injuries or illnesses at work. The first aid provision will
depend on a variety of factors including: the nature and degree of the hazards at work, whether there is shift-work, what
medical services are available, and the number of employees.
(The Government HSE regulator publications will describe further eg 'HSE booklet First Aid at Work' explains the
requirements and provides guidance to help employers meet their obligations')
9.9 First Aid
Suitable risk assessments should be conducted to ensure that adequate and appropriate equipment, facilities and
personnel are provided to ensure employees receive immediate attention if they are injured or taken ill at work. This
should conform to the duties set out in the Health and Safety (First-Aid) Regulations
Specific examples that may require further attention for wind related projects include consideration of:
• Adequate eye wash, defibrillators, emergency showers, stretchers and other specific items of equipment relevant to the
project
• Suitable measures to ensure first aid provisions are properly maintained;
• Additional training with respect to electric shock/burns, hypothermia, suspension syncope. (Note: Only following advice
from a suitable competent person)
• The need to communicate to everyone on site what first aid provisions there are and where to find/summon them
including the equipment and first-aiders
• Recording of first aid treatment in accordance with the statutory and company specific requirements'
18. WindHSE.org 2015 Page 16
1.8 State how to isolate an electrical source safely in an emergency and non-emergency situation
Define how to isolate an electrical source safely in a non-emergency:
The Wind Turbine Safety Rules (WTSR) has been developed by wind farm owners and operators for the purpose of
formalising a safe system of work for operational wind turbines (onshore and offshore).
The WTSR set down the procedures to be followed when undertaking work or testing on plant and low-voltage (LV)
apparatus associated with a wind turbine generator (WTG). Any work or testing on the high-voltage (HV) infrastructure
that forms part of the wind farm or WTG should only be permitted under a set of approved HV safety rules
The Wind Turbine, its plant with their associated (LV) infrastructure (WTSR apply)
The Authorised Technician is responsible for:
•Transfer of Control of the WTG
•Establishing safe conditions for work as demonstrated by this educational video putting the WTG into service mode
•Checking safe conditions have been established or implementing specialist procedures that apply if equipment is still
energised
•Confirming in writing that it is safe to commence work
•Supervising safety during the course of the work
•Confirming that the procedure is complete, return the WTG to an operational state and transfer operational control
(Transfer Of Control)
This is achieved by following written procedures with signature checkpoints
LV Apparatus -
A voltage not exceeding 1000 volts alternating current or 1500V direct current.
o isolation where practicable
o Plant - isolation followed by draining and venting (unless the work requires the Plant to remain
energised)
A2.3 Requirements for work under Approved Written Procedure
• Plant shall be clearly defined
• Plant shall be isolated, locked where practicable & Caution Notices shall be attached
• Contents adjusted (drained)
• De-pressurisation, if necessary (vented)
• For internal access, purge if residue of contents could cause Danger
• Stored Energy - contain or dissipate
A3.11 Only fused leads for portable test instruments should be used to safeguard persons from Danger
• Isolation by fuses, links isolators or other isolating devices Only
The use of time or float switches, thermostats, Emergency Stop Buttons etc.is not acceptable
• Where reasonably practicable immobilise and lock isolations
• Hand-held Apparatus - Remove plug and ensure that it is not replaced during work or testing (i.e. controller)
• Safety Keys and removable isolating devices retained by AT in safe custody (must be readily identifiable)
• Management Instruction states how AT retains items taken into safe custody
•For ongoing work transfer process as per Rule B2.3
Precautions for adjacent Live conductors (e.g. specifically appointed AT; screen off adjacent hazards; use insulated tools;
mats; PPE remove metal jewellery; consider accompaniment etc.)
• Always prove ‘dead’ with Approved tester (at start and resumption of work and following any interruption)
Transfer of Control Process
The Transfer Of Control process must take place between an Operational Controller and an Authorised Technician before
the work or testing can start under an Approved Written Procedure.
19. WindHSE.org 2015 Page 17
Authorised Technician reports to Operational Controller when on-site and ready to start work
Transfer Of Control of specific WTG from Operational Controller to Authorised Technician (details logged in accordance
with a Management Instruction)
Authorised Technician retains responsibility of that WTG until control is transferred back to the Operational Controller
B2.3 Transfer
B2.3.1 Each AWP includes a Transfer Record to be used when work transfers from one AT to another or to record the
progress of work beyond one working day
Rule C2: Authorised Technicians
(ii) following instructions on AWP and signing Signature Checkpoints'
The WTG Technician should follow the instructions on the signage
and proceed to apply red tickets around the Control Panel and Generator to warn other technicians and everyone
Non Emergency scenario:
Sometimes in extreme cases such as severe weather or Cyber Attacks we need to Isolate WTG electrical source safely in an
Emergency
However the Wind Technician Must be sure it is an Emergency as shut down can cause damage to the machine due to the
sudden shock
The Technician should activate the emergency stop button in the nacelle or bottom of the tower which will trip the main
breakers and set off alarms
20. WindHSE.org 2015 Page 18
1.9 Outline safety procedures when manually handling a range of products of different size, shape
and weight
Mechanical apparatus must be islolated in accordance with the Wind Turbine Safety Rules before any manual handling is
undertaken
Reference to RenewableUK HSE Guidelines
MANUAL HANDLING OPERATIONS REGULATIONS
The Manual Handling Operations Regulations require employers to take reasonably practicable steps to avoid manual
handling activities where there is a risk of injury. Where such manual handling cannot be avoided, the employer should
make an assessment and take appropriate measures to reduce the risk of injury to the lowest level reasonably practicable.
The assessment will form part of the overall risk assessment required by the Management of Health and Safety at Work
Regulations
Further guidance on the Regulations is given in the HSE booklet - Manual Handling.
10.17.4 Lifting and handling
This includes daily manual handling activities and lifting operations on site, both routine and major lifts.
When establishing the procedures required for manual handling, and to control the use of mechanical lifting equipment
and devices, consider the following issues:
• identification and risk assessment of manual handling operations;
• the provision and use of equipment that reduces the need for manual handling;
• the provision of information, instruction and training to increase awareness and improve techniques;
• the need for health surveillance'
21. WindHSE.org 2015 Page 19
1.10 Outline safety procedures associated with mechanical and non-mechanical access equipment
Accessing the nacelle from the base of a tower may be achieved using either a fixed ladder or a lift.
A Tower Ladder is regarded as non-mechanical access equipment and the pre-requisite training to use a tower ladder is:
o Working at height training according to current wind turbine access standards
o Current certification (less than 12 months old)
The Personal Protective Equipment includes:
o Full body harness
o Lanyard
o Fall arrester
o Climbing helmet (must have chinstrap)
o Safety boots
o Gloves
Ideally the training should incorporate Save and Rescue of a buddy.
Your professional association has a special focus on Working at Height for obvious reasons as the size of Turbine are now
over 100m in height
RenewableUK HSEGuidelines
WORK AT HEIGHT REGULATIONS
These Regulations have been made to prevent the deaths and injuries caused each year by falls at work. They replace all
the earlier regulations about working at height. The Work at Height Regulations consolidate previous legislation on working
at height and implement European Council Directive 2001/45/EC concerning minimum Health and Safety requirements for
the use of equipment for work at height (the Temporary Work at Height Directive).
The regulations apply to all work at height where there is a risk of a fall liable to cause personal injury.
Working at height must be avoided if possible. If this is not possible then all working at height should be properly planned,
organised, risk-assessed, controlled, appropriately supervised and carried out in accordance with a safe system of work.
The safe system of work and selection of equipment for working at height must give priority to the provision of fall
prevention methods (e.g. barriers or guardrails) over personal fall protection measures (e.g. fall arrest or work restraint).
22. WindHSE.org 2015 Page 20
1.11 Outline safety procedures associated with mechanical lifting equipment
The WTG Technician is well advised to consider the guidelines defined by their association when considering lifting
operations. Ideally a physiotherapist would design each task analysis with the association members
RenewableUK HSE Guidelines
LIFTING OPERATIONS AND LIFTING EQUIPMENT REGULATIONS
In the main, the Lifting Operations and Lifting Equipment Regulations (LOLER) replace existing legal requirements relating
to the use of lifting equipment. They aim to reduce risks to people’s Health and Safety from lifting equipment provided for
use at work. In addition to the requirements of LOLER, lifting equipment is also subject to the requirements of the
Provision and Use of Work Equipment Regulations
10.15 Site services
Due account must be taken of:
• overhead power lines and suitable safety clearances;
• underground services, e.g. gas, electricity, telephone, water;
• the need to inform landowners, mariners and fishermen;
• the location and depth of underground services and accuracy of installation drawings;
• the need to provide detection equipment, e.g. cable-location devices;
• the owners of the services;
• electrical hand tools: power supply is to be 110V centre tapped earth, and a favourable risk assessment is to be provided
for other voltages; and
• subsea pipelines, export power cabling and telecommunication cables, during work activities and when travelling over
them.
10.17.4 Lifting and handling
• the periodic testing and thorough examination of lifting equipment and accessories;
• risk assessment for lifting operations;
• preparation of safe systems of work and use of competent personnel for lifting operations, especially offshore where an
Offshore Lift Supervisor must control lifting operations'
23. WindHSE.org 2015 Page 21
1.12 Define safe working procedures whilst operating in confined spaces
There is an emphasis on a requirement for a specific Work permit when working in confined spaces by your professional
association. The Work Permit should outline the steps to be taken to make the space safe for entry and egress. The work
location is not designed for continuous worker occupancy.
RenewableUK HSE Guidelines :
CONFINED SPACES REGULATION
The key duties are:
• to avoid entry to confined spaces, e.g. by doing the work from outside;
• if entry to a confined space is unavoidable, to identify the hazards and follow a safe system of work- normally using a
permit to work; and
• to put in place adequate emergency arrangements before the work starts.
FACTORIES ACT
Still needed to cover particular industries and workplaces that have specific hazards and associated risks that need to be
regulated and controlled. These regulations include The Breathing Apparatus.'
There are many locations of Confined Spaces in a WTG including nacelle, tower, hub and blade.
Low levels of oxygen and relevant breathing apparatus is a must consideration
24. WindHSE.org 2015 Page 22
1.13 Identify hazards associated with fire
There are many possible sources for fire hazards in a WTG as there alot of flammable liquids and gases. It is important that
the WTG Technician uses all sensors and actuators to diagnose and minimise any risk of fire
Lets re-examine the cause of a fires described in recent popular industry online publications:
Two dead after Dutch turbine Fire
30/10/2013
Two service technicians have died following a turbine fire at Deltawind’s 21MW Piet de Wit wind farm near Ooltgensplaat
in the Netherlands.
The mechanics, aged 19 and 21, were working on one of 12 Vestas V66-1.75MW units at the site when the fire broke out
yesterday afternoon.
Deltawind said it is possible that a short circuit on the unit caused the fire but warned it is awaiting the result of a police
report into the incident.
The company said that the team had been on the site to perform scheduled maintenance
Whilst the incident is under investigation LinkedIn professional discussion have placed emphasis on Evacuation devices
In the USA OSHA have now introduced the 4 MINUTE RESCUE regulation in the light of the tragic incident and insurance
companies such as Chubb Security will be checking for appropriate Certification of Wind Turbine Service Technicians….