---------------------------------------------------------------------
----- 
| Reprinted with permission from INFORMATION SECURITY PRODUCT NEWS,  
| 
| Vol. 2, No. 2, March/April 1991.                                   
| 
| Copyright (C) 1991 by MIS Training Institute Press, Inc.           
| 
| All rights reserved.                                               
| 
---------------------------------------------------------------------
----- 
| Information Security Product News                                  
| 
| 498 Concord Street, Framingham, MA 01701-2357                      
| 
| (508) 879-9792      Fax: (508) 872-1153      MCI-Mail: 243-9796    
| 
---------------------------------------------------------------------
----- 
 
                         SURGE SUPPRESSION FOR NETWORKS: 
                           PROBLEMS, MYTHS, & SOLUTIONS 
 
 
By Wendell H. Laidley, President, Zero Surge Inc., Bernardsville, NJ 
 
 
              Surge suppressors that protect stand-alone equipment 
              may actually cause damage to computers and other 
              peripherals in a network. 
 
       The sensitive, low-energy circuits in today's computer 
networks are uniquely vulnerable to disturbances originating in the 
110 volt power lines. In fact, ordinary surge protectors and 
uninterruptible power supplies (UPSes) can actually divert dangerous 
electrical surges into network data lines and damage equipment 
connected to that network.  Because of this, computer networks need 
specially designed surge protection. 
 
 
HOW SURGE PROTECTORS WORK 
 
       First-generation surge protectors followed the conventional 
wisdom of diverting unwanted surge energy to ground, the ultimate 
surge sink.  The most common practice was to build voltage-sensitive 
shunt components (usually metal oxide varistors, or MOVs) into 
extension cord boxes or power strips. The MOVs were originally wired 
only between the line and neutral conductors. Unfortunately, this 
practice created a large common-mode surge problem with a risk of 
electrical arcing between neutral and ground connections inside the 
computer.
 
       In response, most surge suppressor makers redesigned their 
systems, conecting MOVs between all three power-line conductors 
(line, neutral and ground). This configuration is usually called 
"three-mode protection." For simple, stand-alone electronic 
equipment, this provided basic protection, particularly if the user 
understood the limitations of the components, e.g., the fact that 
MOVs deteriorate from surges, even small ones. 
 
       This three-mode approach to surge protection was based on the 
premise that the effect of surge voltage would be neutralized if the 
surge was spread evenly among all three power-line conductors, since 
equipment damage should only occur if voltage _differences_ arose. 
By interconnecting all three lines with shunt components, such 
differences are precluded. Once this is done, however, a surge now 
causes some current to be shunted into the ground wire, allowing the 
system ground level to rise with respect to an actual earth ground. 
 
       It was assumed that, so long as voltage differences between 
the three power lines were kept down to acceptable levels, it would 
not matter if all three conductors were allowed to "float up." 
 
       Equipment protected in this way would be analogous to a raft 
without an anchor floating on water. When a wave came along, the 
whole raft would float up; as long as there were no anchor to 
prevent the raft rising, it could float up and down harmlessly. 
 
 
GROUND: SURGE SINK OR VOLTAGE REFERENCE, BUT NOT BOTH 
 
       The advent of computer networks invalidated this fundamental  
assumption, much as a fixed-length anchor line would prevent the 
raft from floating free in a rising tide. The source of the problem 
is that signals are transmitted across data lines, and the voltage 
of these signals is established using ground as a reference. And the 
only ground available is the safety ground conductor on the power 
line, represented by the round pin on a standard three-pronged plug. 
 
       If a power surge in one node is shunted to its power-line 
ground, the node's reference ground also rises. As a direct result, 
signals transmitted from that node are elevated with respect to the 
ground at other network nodes. Thus the surge, instead of being 
disposed of harmlessly, is propagated across the network and into 
the sensitive, low-voltage internal circuitry of other workstations 
or nodes.[1] 
 
       The damage caused by diverting surges to ground in networked  
electronics was first reported by Francois Martzloff of the National 
Bureau of Standards (now the National Institute of Standards and  
Technology) in 1988.[2] Martzloff's research team had been 
performing surge tests in an office building over a weekend; when 
office workers returned Monday morning, they found that their 
printers did not work and that the printer data ports had been 
damaged. Initially, the research team had not expected that surges 
applied only to the power line would damage data lines as well. On 
reflection, they recognized that the power-line surges had indeed 
been diverted by shunt protection circuitry into the printer data 
lines through the common reference ground. 
 
       Potential problems caused by the interaction of the power 
line and data lines through the common ground include physical 
hardware damage and disruption, program lock-ups, data alteration, 
parity errors, and transmission failures. If high-frequency surges, 
sometimes with considerable energy, are coupled into digital 
circuitry, they may alter data being processed by the workstation. 
Given this problem, the power-line ground conductor should never be 
used as a surge sink with interconnected computers where it is 
needed for voltage reference by data lines. 
 
 
11 MYTHS OF SURGE PROTECTION 
 
       Because transient analysis is complex and not widely 
understood by computer users, a number of myths have grown up around 
the subject of surge protection over the years. 
 
 
*  MYTH 1. ANY SURGE PROTECTION IS BETTER THAN NO SURGE PROTECTION.
 
       This is perhaps the most reasonable, yet the most misleading 
of all.  With no surge protector at all, incoming surges will hit 
only the computer's power supply (which is considerably more surge 
tolerant than the data line circuitry), and will not affect the 
system ground level at all. Since shunt surge suppressors divert 
power-line surges into data lines, using the wrong type of surge 
suppressor with networked computers can actually cause failures 
throughout the network. Thus the network is likely to be better off 
if individual nodes have _no_ surge suppressor than if they have 
ones that shunt power-line surges into data-lines.[4] 
 
 
*  MYTH 2. A UPS WILL PROVIDE DEPENDABLE SURGE PROTECTION. 

       Because a UPS costs far more than a surge protector, it is 
often assumed to provide better surge protection. However, virtually 
all UPS units designed for microcomputers simply combine an 
inexpensive MOV surge suppressor with a battery backup power source. 
The MOV surge protection is designed primarily to protect the UPS's 
own circuitry, and diverts incoming surges to ground, just like a 
common surge protector. 
 
       Unfortunately, once the surge hits the UPS ground, it will 
then couple directly into the computer's data lines.[5] Since many 
microcomputer UPSes are used in the context of local area networks, 
this problem must be addressed or the UPS will endanger the network 
data lines.  Some UPS makers show how surges which encounter the UPS 
battery are eliminated. This is true for those surges which actually 
reach the battery; but most are diverted away from the UPS circuitry 
to ground before they ever reach the battery. Thus the belief that 
the battery in a UPS is an effective surge sink is not entirely 
relevant or dependable. Just like the basic surge suppressor, the 
UPS protects the computer power supply; but in doing so, it 
endangers the data lines. 
 
       Another problem with UPSes is the existence of an alternative 
surge path around the battery and invertor. So called standby UPSes 
normally provide direct utility power to the computer, with only the 
MOVs at the UPS power inlet offering any surge protection. On-line 
UPSes generally have a bypass circuit to enable utility power to 
flow directly to the load in the event of UPS failure. Both these 
circuits provide paths for incoming surges. In the case of the 
standby UPS, the path is direct, while for the on-line UPS, the 
surge must pass through the transfer switch. These switches are 
often solid-state components with modest tolerance for high energy 
surges, so they may not prevent a surge from passing through. 
 
 
*  MYTH 3. TRANSFORMERS ARE THE BEST SURGE PROTECTORS. 

       Transformers are designed to transmit power, not to suppress 
it. The two major advantages of transformers are their surge-
absorbing mass (technically, their leakage inductance) and their 
availability as a complete subassembly, which eliminates the need to 
design a custom surge-processing circuit. And while the 
transformer's leakage inductance offers some surge protection, it 
provides much less than would inductors designed specifically for 
surge suppression. In fact, a transformer is far from being an ideal 
surge suppressor, and it presents significant disadvantages 
including ringing, regulation, increased source impedance, and 
efficiency loss. Transformers also have substantial parasitic 
capacitance to ground, and this can couple surges to ground.[6] 
Finally, transformers used for surge protection often incorporate 
MOVs, since the transformer itself may be unable to handle the 
higher voltages in surges. 
 
       The often-cited benefit that isolation transformers protect 
against common-mode surges is somewhat of a red herring when applied 
to computers, as will be discussed under myth 5. 
 
 
*  MYTH 4. VOLTAGE-REGULATING TRANSFORMERS ARE HELPFUL WITH
           COMPUTERS. 

       Most modern desktop computers use switch-mode power supplies 
rather than older style, linear designs. A switch-mode power supply 
draws from the AC power line only as much energy as it requires to 
maintain its output power. In this sense it responds spontaneously 
to voltage fluctuations. If the line voltage drops, the power supply 
draws current for a longer period, until it replenishes the energy 
it put out since the previous cycle of the power wave. Because of 
this natural ability to accommodate varying source voltages, a 
switch-mode power supply gains no benefit from a voltage regulating 
transformer. 
 
       However, switch-mode power supplies are more sensitive to 
source impedance than source voltage, and the increased impedance 
inserted into the line by the transformer may actually hinder the 
power supply by restricting the current available. A tap-switching, 
voltage-reducing transformer may also introduce noise if the tap 
switch hunts back and forth between adjacent output taps. Computer 
switch-mode power supplies often have a wider tolerance for input 
voltage than do regulating transformers themselves. Thus the primary 
benefit of a voltage regulating transformer is its leakage 
inductance, which is much less than that of an isolation 
transformer, but the regulator introduces offsetting disadvantages. 
Moreover, the transformer's primary function, voltage regulation, 
offers no material benefits. 
 
 
*  MYTH 5. COMMON-MODE SURGES CAUSE COMPUTER PROBLEMS. 

       Just as modern switch-mode power supplies compensate 
spontaneously for voltage variations, they also naturally attenuate 
common-mode noise (i.e., voltage differences between the neutral and 
ground lines).  Desktop computers have five orders of magnitude of 
common-mode noise attenuation built-in, from the EMI/RFI filter and 
the high frequency isolation transformer in the power supply. Low-
voltage, low-frequency ground potential differences will not cause 
disruption or damage, because the primary cause of disruption is 
coupling, which depends on frequency and amplitude. 
 
       Computers are inherently immune to common-mode disturbances 
below a certain threshold, but problems occur when high-energy 
incoming normal-mode surges (i.e., differences between the hot and 
neutral lines) are converted to common mode surges by the action of 
shunt surge suppressors. Surges originating from outside your 
building are always normal mode, since neutral and safety ground 
lines are tied together to an earth ground at the service entrance. 
Keeping shunt surge suppressors off circuits powering computers will 
eliminate the conversion from normal mode to common mode. 
 
 
*  MYTH 6. COMPUTER MODEM DAMAGE IS CAUSED BY SURGES ON THE PHONE 
           LINE. 

       The phone line is a high-impedance circuit which cannot 
support high energy surges, so they die away rapidly after the 
inducing source (e.g., lightning) disappears. In contrast, the low-
impedance power-line provides an ideal propagation network for high-
energy surges.  Also, the telephone service entrance is protected to 
under 300 volts, while power-line surges can reach 6000 volts before 
they will arc over in 110 volt fixtures. 
 
       Most computer modem damage is caused when high energy power-
line surges are diverted to the reference ground and coupled into 
the digital side of the modem. This elevated voltage then seeks the 
phone line ground reference on the analog side of the modem and arcs 
through the modem.[7] 
 
       As a corollary to this, phone-line protectors which provide 
shunts to the power-line ground (commonly found as cube taps which 
provide two phone line jacks that plug into a 110-volt receptacle) 
may introduce more disturbance to the phone line than they relieve, 
creating more problems than they solve. 
 
 
*  MYTH 7. SIGNAL GROUND IS ISOLATED FROM CHASSIS GROUND. 

       Some manufacturers attempt to isolate signal ground from 
frame ground, but all such isolation configurations have coupling 
coefficients and dynamic ranges which are likely to be exceeded by 
high-energy surges.  The effectiveness of most such isolation 
circuits is generally limited to short-duration, low-energy noise. 
 
 
*  MYTH 8. THE ONLY RISK FROM THE POWER LINE IS HARDWARE DAMAGE. 

       Computers are vulnerable to data alterations as bit streams 
pass through microprocessors. Stray power surges can alter data or 
programs, causing data errors that may never be found, or program 
errors or lock-ups which cannot be traced. The consequential cost of 
such soft damage can be very high, especially if errors are not 
found and data files are contaminated.[3] 
 
 
*  MYTH 9. SURGE PROTECTORS ARE PERMANENT DEVICES. 

       Most point-of-use surge protectors use metal oxide varistors 
as their primary protection component. Despite all its strengths, 
this inexpensive (15 cent) component wears out a little with each 
surge[8] above a very modest threshold ... a threshold that is 
exceeded many times a day in most environments. Unfortunately, the 
race among surge protector manufacturers to provide the "best" 
protection (i.e., the lowest let-through voltage) has led them to 
use lower voltage MOVs which age faster and fail sooner.[9] The 
normal failure mode for an MOV is overheating, and they have been 
known to cause fires.[10] (See Figure 1.) Thus MOVs wear out and 
should be replaced periodically.  Unfortunately, equipment to test 
MOVs is very expensive (on the order of $20,000). Indicator lights 
purporting to show that protection is operational are not always 
reliable; in fact, these are sometimes wired across the power line 
and thus only indicate that the power line is live. 
 
 
*  MYTH 10. NOTHING CAN STOP LIGHTNING. 

       While this simple statement is true in absolute terms, it is  
misleading for all but the rarest of cases. Two important factors  
limit damage from lightning. First, a direct lightning strike is  
extremely rare, although in that event equipment may be destroyed 
and people killed. But lightning normally manifests itself in the 
power line as induced currents caused by the lightning's magnetic 
field.  Thus we normally need only deal with the induced surge, not 
the lightning strike itself, and the energy of that induced surge 
will be limited by the capacity of the conductor to carry the surge 
energy.  The second factor is that surge voltages are limited to 
6000 volts because any higher voltage will cause 110-volt circuit 
fixtures to arc. Thus surge protectors need only deal with voltages 
up to 6000 volts, and currents determined by the circuit impedance. 
There are surge protectors available which suppress surges up to 
6000 volts and unlimited current to under 250 volts without 
degradation, and without disturbing the critical reference ground. 
 
 
*  MYTH 11. YOU GET WHAT YOU PAY FOR. 

       The assumption that higher priced surge protectors provide 
greater effectiveness and reliability is often not valid. Almost all 
surge suppressors priced under $200 rely on the same fundamental MOV
components. Much of the supplementary circuitry is actually 
peripheral to the surge protection function, such as lights and 
switches, or it provides a minimal level of noise filtering that 
will be ineffectual in the face of an actual surge. Many users would 
be just as well served with a $3 hardware store MOV protector that 
they discard and replace periodically, as they would with an 
expensive protector using the same MOVs, which will also wear out. 
 
 
COMPUTER RELIABILITY AND THE HIGH COSTS OF NETWORK FAILURE 
 
       As computers perform increasingly critical functions in 
industry and government, the issue of reliability assumes greater 
importance.  No longer is computer failure, especially in networks, 
just a matter of running down to the computer store for a new power 
supply or motherboard. In sophisticated computer installations, many 
people may be unable to perform their normal work until their 
computers are restored. In addition to physical damage, the 
potential for costly data errors and "no problem found" disruptions 
from power-line disturbances makes computer power protection a poor 
candidate for minor cost savings. 
 
       The costs of computer network failures were studied in 1989 
by Infonetics, a California research firm.[3] They reported that 
local area network downtime cost the average Fortune 1000 company 
$3.48 million annually, with the average respondent reporting 23.6 
network failures a year, with an average outage of 4.9 hours. 
Certainly these huge costs deserve attention, and power surges are a 
clear cause of network failure. Thus, total failure costs far exceed 
hardware expenses for repairing or replacing equipment, although 
many of these extra costs are often hidden, buried in overhead 
expense. 
 
 
IDEAL SURGE PROTECTION FOR NETWORKS 
 
       Power protection is important to the reliable operation of 
computer networks. Network managers need to make informed decisions 
about how to protect their equipment, and they can only do so when 
they understand the critical role of the reference ground and how it
provides a "back door" entry into a computer's low-voltage logic 
circuitry. 
 
       Computers need power-line protection that: 
 
       * Provides low let-through voltage (under 250 volts peak is 
           harmless). 
       
       * Does not use the safety ground as a surge sink and 
           preserves it for its role as voltage reference. 
 
       * Attenuates the fast rise times of all surges, to avoid 
           stray coupling into computer circuitry. 
 
       * Intercepts all surge frequencies, including internally
           generated high-frequency surges. 
 
       * Does not convert normal mode surges to common mode. 
 
       * Does not degrade in service or, if it does, at least is 
           thoroughly safe in the event of thermal runaway and 
           employs reliable status indicator circuitry. 
 
       The ideal surge protector would disconnect the load from the 
power line for the duration of the surge, then reconnect it. Since 
this is not possible with today's switch technology, a practical 
approach is to present a high impedance to the surge and a low 
impedance to the power wave, coupled with storage for surge energy 
and frequency-modification circuitry that will remove the potential 
for disruption and damage from the surge. All of this must be 
accomplished without using the critical reference ground as a surge 
sink, but rather only neutral as the return circuit. Such systems 
are available, including the patented Surge Eliminator by Zero 
Surge, which operates like a surge storage bucket with a hole in it, 
slowly releasing the surge energy to the neutral circuit. 
 
       Protection which meets the above criteria without diverting 
surges to the reference ground will reliably protect networks, while 
surge suppressors which use the ground as a surge sink may well 
create problems elsewhere in the network. In fact, the proper 
decision for network protection should perhaps be reliable 
protection or no protection, but not the risky middle course of 
ordinary, ground-disrupting shunt suppressors. 
 
 
REFERENCES 
 
[1] Charles P. Koontz, "Changes Considered for UL 1449", _LAN 
    Times_, July 1990, p. 102. 

[2] Francois D. Martzloff, "Coupling, Propagation, and Side Effects 
    of Surges in an Industrial Building Wiring System," _Conference 
    Record of the IEEE-IAS 1988 Annual Meeting_, pp. 1467-75. 

[3] Peter H. Lewis, "Beware Those Network Failures," _The New York 
    Times_, September 17, 1989. 

[4] "Surge Protection Revisited," _LAN Times_, May 1990, p. 89. 

[5] Wendell H. Laidley, "Power Line Protection--A Danger to Network 
    Datalines," _Power Quality_, Premier II 1990, p. 104. 

[6] "Transformer Parasitic Capacitance Affects Switcher Design", 
    _PCIM_, May 1990, p. 56. 

[7] Andy Baird, "Surge `Protectors'--Worse Than Useless?" _Princeton
    Macintosh Users' Group Newsletter_, June 1990. 

[8] Vernon L. Chi, "Zero Surge Model ZS1800 Surge Eliminator--
    Product Review and Report," Department of Computer Science, 
    University of North Carolina, Chapel Hill, July 31, 1990. 

[9] Francois D. Martzloff and T. F. Leedy, "Selecting Varistor 
    Clamping Voltage: Lower Is Not Better!" _Proceedings of the 
    Zurich International EMC Symposium_, April 1989. 

[10] "SAFE-ALERT Report of Fire Incident with MOV Surge Protector," 
     Government-Industry Data Exchange Program, September 20, 1988. 
 
 
--------------------------------------------------------------------
 
WENDELL H. LAIDLEY is president of Zero Surge Inc., which he co-
founded in 1989. Prior to that, he was president of Laidley 
Interconnect Systems, a cable systems manufacturer. He has also 
served as president of Isomedix Inc. Earlier in his career, he 
worked with IBM in Montreal, Booz Allen & Hamilton (Canada) Ltd., 
and Aquila/BST. He holds a Bachelor of Engineering degree from 
McGill University and an MBA from the University of Western Ontario. 
 

