c-dax: a cyber-secure data and control cloud for power grids · a cyber-secure data and control...
TRANSCRIPT
![Page 1: C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids · A Cyber-Secure Data and Control Cloud for Power Grids ... 60870"5"104,&IEEE&C37.118& • Combinaon&of&advanced](https://reader034.vdocuments.net/reader034/viewer/2022051509/5ae4c48b7f8b9ae74a8f8d35/html5/thumbnails/1.jpg)
C-‐DAX is funded by the European Union's Seventh Framework Programme (FP7-‐ICT-‐2011-‐8) under grant agreement n° 318708
C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids http://www.cdax.eu
Mario Paolone for the C-DAX Consortium IEEE Dynamic Measurements
Working Group July 28th, 2014
![Page 2: C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids · A Cyber-Secure Data and Control Cloud for Power Grids ... 60870"5"104,&IEEE&C37.118& • Combinaon&of&advanced](https://reader034.vdocuments.net/reader034/viewer/2022051509/5ae4c48b7f8b9ae74a8f8d35/html5/thumbnails/2.jpg)
C-DAX Project § EC FP7-‐ICT-‐2011-‐8 call project
• C-‐DAX: Cyber-‐secure Data And Control Cloud for power grids
§ DuraQon: 01.10.2012 – 30.09.2015 § Total budget: 4.315.303 Euro § EU-‐funding: 2.931.000 Euro
§ C-‐DAX middleware • Enables smart grid applicaQons to
exchange informaQon • Implements informa/on-‐centric
networking (ICN) paradigm • Supports publish/subscribe
§ Targeted use cases • Real-‐/me state es/ma/on based on
PMU measurements • Future retail energy market (REM)
§ Project coordinaQon: Alcatel-‐Lucent § Project website: h[p://www.cdax.eu
§ Project partners
2 C-‐DAX: A Cyber-‐Secure Data and Control Cloud for Power Grids
![Page 3: C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids · A Cyber-Secure Data and Control Cloud for Power Grids ... 60870"5"104,&IEEE&C37.118& • Combinaon&of&advanced](https://reader034.vdocuments.net/reader034/viewer/2022051509/5ae4c48b7f8b9ae74a8f8d35/html5/thumbnails/3.jpg)
Publish-Subscribe Basics
§ Basic idea • Decouple data produc/on and
consump/on in space, Qme, and synchronizaQon
• Improve scalability (compared to tradiQonal client-‐server)
§ Core components • Publisher client: produces data • Subscriber client: consumes data • Broker: stores and forwards data • Broker discovery service: tells publishers
and subscribers what broker to use
§ Basic interacQons • Broker discovery • Client join • Data disseminaQon
Publisher
Subscriber
Broker Pub/sub middleware Application
Join message Data
Broker discovery service
Broker
1
1
2
2
3
4
Subscriber Subscriber
4 4
3 C-‐DAX: A Cyber-‐Secure Data and Control Cloud for Power Grids
![Page 4: C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids · A Cyber-Secure Data and Control Cloud for Power Grids ... 60870"5"104,&IEEE&C37.118& • Combinaon&of&advanced](https://reader034.vdocuments.net/reader034/viewer/2022051509/5ae4c48b7f8b9ae74a8f8d35/html5/thumbnails/4.jpg)
Example: Integrating Different Applications Using the Same Pub/Sub Middleware
§ Examples for topics • SCADA data from RTUs • PMU measurements
§ Benefit of decoupling publishers and subscribers • CommunicaQon partners do not need to know each other • Asynchronous communicaQon possible • FacilitaQng extensibility, management and configurability
4
Publ. A
Pub/sub middleware
Publ. B
Publ. C
Sub. D
Sub. E
Sub. F
Topic 1
Topic 2
Only interested in Topic 1
Only interested in Topic 2
Interested in Topic 1 and Topic 2
C-‐DAX: A Cyber-‐Secure Data and Control Cloud for Power Grids
![Page 5: C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids · A Cyber-Secure Data and Control Cloud for Power Grids ... 60870"5"104,&IEEE&C37.118& • Combinaon&of&advanced](https://reader034.vdocuments.net/reader034/viewer/2022051509/5ae4c48b7f8b9ae74a8f8d35/html5/thumbnails/5.jpg)
C-DAX Entities Explained En/ty Func/onality Plane
Client Produce or consume topic data; provides access for SG applicaQons to the C-‐DAX cloud (through an API)
Control & Data
Designated node (DN)
• Provide access for clients to the C-‐DAX cloud (first point of contact)
• DN for publisher (PubDN) and DN for subscriber (SubDN)
Control & data
Data broker (DB)
• Receive topic data from PubDNs and forward them to SubDNs
• Cache topic data
Data
Resolver (RS) Resolves topic names to DBs Control
Security server Provide security-‐related funcQonaliQes to the C-‐DAX cloud, including authenQcaQon, authorizaQon, and key distribuQon
Control
Monitoring / management system
• Gather, aggregate, and forward monitored informaQon in the C-‐DAX cloud
• Management of C-‐DAX network resources
Management
5 C-‐DAX: A Cyber-‐Secure Data and Control Cloud for Power Grids
![Page 6: C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids · A Cyber-Secure Data and Control Cloud for Power Grids ... 60870"5"104,&IEEE&C37.118& • Combinaon&of&advanced](https://reader034.vdocuments.net/reader034/viewer/2022051509/5ae4c48b7f8b9ae74a8f8d35/html5/thumbnails/6.jpg)
Data Plane
C-DAX Architecture
Control Plane Resolver (RS)
Data Broker (DB)
Security Server
C-DAX Monitoring/ Management System Monitor
Control
C-DAX Communication Platform
Join Join Client
(Publisher) Client
(Subscriber)
Application data to be published
Application data to be consumed
Designated Node (DN)
Designated Node (DN)
6 C-‐DAX: A Cyber-‐Secure Data and Control Cloud for Power Grids
Configure
![Page 7: C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids · A Cyber-Secure Data and Control Cloud for Power Grids ... 60870"5"104,&IEEE&C37.118& • Combinaon&of&advanced](https://reader034.vdocuments.net/reader034/viewer/2022051509/5ae4c48b7f8b9ae74a8f8d35/html5/thumbnails/7.jpg)
Three Communication Modes
§ Streaming-‐based • Publishers conQnuously send data to DB • Subscribers conQnuously receive data
from DB
§ Query-‐based • Subscriber sends query to message broker • DB returns data matching the query
§ Point-‐to-‐point • Publishers send data directly to
subscribers
§ CommunicaQon modes are set per topic to fit the requirements of the applicaQon, e.g., • Low latency for PMUs
7
Publisher
DB
Subscriber
Publisher Subscriber
DB
Subscriber
Query
C-‐DAX: A Cyber-‐Secure Data and Control Cloud for Power Grids
![Page 8: C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids · A Cyber-Secure Data and Control Cloud for Power Grids ... 60870"5"104,&IEEE&C37.118& • Combinaon&of&advanced](https://reader034.vdocuments.net/reader034/viewer/2022051509/5ae4c48b7f8b9ae74a8f8d35/html5/thumbnails/8.jpg)
Resilience Concept
§ Topic data should be highly available • Data is stored on two nodes
§ Resilience of the infrastructure • Each system component is replicated
physically • Each criQcal communicaQon path is
divided into § A path during failure free operaQon § AlternaQve path(s) due to failures
§ Three resilience support levels:
8
C-DAX cloud
Subscriber Publisher
DN DN DB
DN DN DB
: Path during failure free operation : Alternative paths due to failures : Synchronization
Level Data loss (during failover)
Data delay (during failover)
Complexity
L1 Y N Low
L2 N Y Middle
L3 N N High
C-‐DAX: A Cyber-‐Secure Data and Control Cloud for Power Grids
![Page 9: C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids · A Cyber-Secure Data and Control Cloud for Power Grids ... 60870"5"104,&IEEE&C37.118& • Combinaon&of&advanced](https://reader034.vdocuments.net/reader034/viewer/2022051509/5ae4c48b7f8b9ae74a8f8d35/html5/thumbnails/9.jpg)
Security Concept
§ General security requirements • Confiden/ality and integrity
§ End-‐to-‐end security, e.g., IEC 62351 • Availability
§ PrevenQon of a[acks, e.g., DoS a[acks, replay a[acks, spoofing
§ Security features of C-‐DAX • End-‐to-‐end security between C-‐DAX clients • Availability of C-‐DAX infrastructure • Scalable key management mechanism
§ C-‐DAX security raQonale • Strong authenQcaQon of clients and nodes
based on asymmetric cryptography • Symmetric or asymmetric cryptography for
topic data • Minimal trust in underlying infrastructure
§ Nodes do not have to trust each other inside C-‐DAX cloud
§ Clients do not have to trust C-‐DAX cloud for guaranteed end-‐to-‐end security
• Flexible match of security parameters to requirements of use cases, e.g., data rates, latency, confidenQality, integrity
9
Publisher DN DB … Subscriber
Encode AuthenQcate AuthenQcate Decode
SecServ Key distribuQon Key distribuQon
Data Data Data Data
C-‐DAX: A Cyber-‐Secure Data and Control Cloud for Power Grids
![Page 10: C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids · A Cyber-Secure Data and Control Cloud for Power Grids ... 60870"5"104,&IEEE&C37.118& • Combinaon&of&advanced](https://reader034.vdocuments.net/reader034/viewer/2022051509/5ae4c48b7f8b9ae74a8f8d35/html5/thumbnails/10.jpg)
Domain B Domain A
Inter-Domain Concept
§ Companies • Define C-‐DAX domains • Want to exchange informaQon à Inter-‐domain concept necessary
§ C-‐DAX DN • Provides access for external subscribers to
C-‐DAX cloud • Only point of contact for external
subscribers • Triggers authenQcaQon and authorizaQon
of external clients • Manages external subscripQons • Forwards data from internal nodes to
external clients § External subscribers
• May re-‐publish received informaQon in own domain
§ Inter-‐domain security • DN hides domain’s network • Access from external domains only
allowed through DNs • SecServ of each domain manages
respecQve rights
C-DAX cloud
RS
SecServ
DB DN External subscriber
C-DAX cloud
: Security signaling : Publish/subscribe signaling : Publish/subscribe data transfer
10 C-‐DAX: A Cyber-‐Secure Data and Control Cloud for Power Grids
![Page 11: C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids · A Cyber-Secure Data and Control Cloud for Power Grids ... 60870"5"104,&IEEE&C37.118& • Combinaon&of&advanced](https://reader034.vdocuments.net/reader034/viewer/2022051509/5ae4c48b7f8b9ae74a8f8d35/html5/thumbnails/11.jpg)
Comparison with Existing Pub/Sub Architectures
Architecture End-‐to-‐End Security
Resilience Message Persistence
Broker-‐based Communica/on
Mode
Direct Communica/on
Mode
C-‐DAX X X X X X
OMG DDS O X X -‐ X
JMS -‐ X X X -‐
NSQ -‐ O -‐ -‐ X
Data Turbine -‐ X X X -‐
ZeroMQ O O -‐ O X
11
X O -‐
: Supported : Partly supported : Not supported / unspecified
C-‐DAX: A Cyber-‐Secure Data and Control Cloud for Power Grids
![Page 12: C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids · A Cyber-Secure Data and Control Cloud for Power Grids ... 60870"5"104,&IEEE&C37.118& • Combinaon&of&advanced](https://reader034.vdocuments.net/reader034/viewer/2022051509/5ae4c48b7f8b9ae74a8f8d35/html5/thumbnails/12.jpg)
Protocol Adaptation Layer
§ Problem • ExisQng smart grid protocols rely on
bidirecQonal one-‐to-‐one communicaQon, e.g., IEEE C37.118, IEC 61850
• C-‐DAX provides unidirecQonal many-‐to-‐many communicaQon
• C-‐DAX provides a unified pub/sub interface for communicaQon
§ SoluQon • Protocol adaptaQon layer translates
between smart grid protocols and C-‐DAX
§ Benefits for operators • Hardware and sopware compliant to
exisQng standards can be used with C-‐DAX with li[le configuraQon changes
• C-‐DAX can be transparent for legacy hardware and sopware
§ ImplementaQon • Protocol adaptaQon layer for IEEE C37.118
has been implemented and tested
12
PMU/Client/AdaptaQon Layer DN
IP
C37.118
TCP/UDP
C-‐DAX C37.118
IP
TCP/UDP
C-‐DAX
C37.118
C-‐DAX: A Cyber-‐Secure Data and Control Cloud for Power Grids
![Page 13: C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids · A Cyber-Secure Data and Control Cloud for Power Grids ... 60870"5"104,&IEEE&C37.118& • Combinaon&of&advanced](https://reader034.vdocuments.net/reader034/viewer/2022051509/5ae4c48b7f8b9ae74a8f8d35/html5/thumbnails/13.jpg)
Prototype § Purpose
• ValidaQon of baseline communicaQon funcQonaliQes and basic failure management of C-‐DAX
• ValidaQon of security framework
• ValidaQon of IEEE C37.118 protocol adaptaQon layer
§ Environment • IEEE 34 Bus as power grid
topology • PMU measurement data
provided by EPFL • Virtual Wall network test bed
provided by iMinds • RTSE applicaQon by EPFL
C-‐DAX: A Cyber-‐Secure Data and Control Cloud for Power Grids
13
RTSE LabView
PMU-Bus3 PubClient
PMU-Bus4 PubClient
PMU-Bus7 PubClient
PMU-Bus1 PubClient
PDC Adapter
SubClient
Base Station
Bus1 Bus3 Bus4 Bus7
LAN
Bus7Node Bus4Node Bus3Node
Security Server
Bus1Node
Monitor
Monitor
BaseStation Resolver
Virtual Wall
![Page 14: C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids · A Cyber-Secure Data and Control Cloud for Power Grids ... 60870"5"104,&IEEE&C37.118& • Combinaon&of&advanced](https://reader034.vdocuments.net/reader034/viewer/2022051509/5ae4c48b7f8b9ae74a8f8d35/html5/thumbnails/14.jpg)
Laboratory validation
14
PMU PMU PMU PMU
PDC PDC
C-DAX cloud
Real-‐Qme state esQmaQon of the targeted
electrical network
C-‐DAX: A Cyber-‐Secure Data and Control Cloud for Power Grids
Real-‐Qme model of the electrical grid
![Page 15: C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids · A Cyber-Secure Data and Control Cloud for Power Grids ... 60870"5"104,&IEEE&C37.118& • Combinaon&of&advanced](https://reader034.vdocuments.net/reader034/viewer/2022051509/5ae4c48b7f8b9ae74a8f8d35/html5/thumbnails/15.jpg)
Field Trial
§ Purpose • Deploy C-‐DAX sopware in an exisQng
distribuQon grid • Evaluate applicability of C-‐DAX under
realisQc condiQons • Show-‐case several smart grid applicaQons
using a common pub/sub middleware § Environment
• Distribu/on grid provided by Alliander including a solid and fast IP network
• PMUs provided by NaQonal Instruments • RTSE applicaQon by EPFL • C-‐DAX sopware
§ Time plan • Deployment of PMUs and C-‐DAX sopware:
late 2014 • Scheduled start of field trial: late 2014
§ Alliander’s MS Livelab
§ NaQonal Instruments’ PMU for MV level
15
Source: Alliander N.V.
Source: NaQonal Instruments Sweden
C-‐DAX: A Cyber-‐Secure Data and Control Cloud for Power Grids
![Page 16: C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids · A Cyber-Secure Data and Control Cloud for Power Grids ... 60870"5"104,&IEEE&C37.118& • Combinaon&of&advanced](https://reader034.vdocuments.net/reader034/viewer/2022051509/5ae4c48b7f8b9ae74a8f8d35/html5/thumbnails/16.jpg)
Example of latencies (computed)
16 C-‐DAX: A Cyber-‐Secure Data and Control Cloud for Power Grids
CumulaQve distribuQon funcQon of end-‐to-‐end delay for 500kb/s PLC links. Adapted from [K.V. Katsaros, W.K. Chai, N. Wang, G. Pavlou, H. BonQus and M. Paolone, “InformaQon-‐centric networking for machine-‐to-‐machine data delivery: a case study in smart grid applicaQons,” IEEE Network Magazine, vol.28, no.3, pp.58,64, May-‐June 2014]
1. Plain PLC scenario (no opQcal fiber) 2. Hybrid, dmax = 1 (67 sink nodes); 3. Hybrid, dmax = 2 (41 sink nodes); 4. Hybrid, dmax = 3 (30 sink nodes); 5. OpQcal fiber.
![Page 17: C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids · A Cyber-Secure Data and Control Cloud for Power Grids ... 60870"5"104,&IEEE&C37.118& • Combinaon&of&advanced](https://reader034.vdocuments.net/reader034/viewer/2022051509/5ae4c48b7f8b9ae74a8f8d35/html5/thumbnails/17.jpg)
Benefits and Features of the C-DAX Architecture
§ General benefits of pub/sub communicaQon § Flexibility and agility for integraQon of emerging smart grid applicaQons
§ Transparent exchange of informaQon § Scalability § Avoid repeated investment in ICT per applicaQon
www.cdax.eu
§ Unique C-‐DAX benefits • Support for inter-‐domain communicaQons
• Support for established smart grid protocols, e.g., IEC 61850, IEC 60870-‐5-‐104, IEEE C37.118
• CombinaQon of advanced features § Cyber-‐secure layer addressing authenQcaQon, privacy, and integrity in end-‐to-‐end fashion
§ Support for streaming, query and point-‐to-‐point communicaQon
§ Resilience • Flexible provisioning strategy
17 C-‐DAX: A Cyber-‐Secure Data and Control Cloud for Power Grids
![Page 18: C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids · A Cyber-Secure Data and Control Cloud for Power Grids ... 60870"5"104,&IEEE&C37.118& • Combinaon&of&advanced](https://reader034.vdocuments.net/reader034/viewer/2022051509/5ae4c48b7f8b9ae74a8f8d35/html5/thumbnails/18.jpg)
Contact
www.cdax.eu
Thank you for your aQen/on! Ques/ons?
Mario Paolone Distributed Electrical Systems Laboratory Swiss Federal InsQtute of Technology of Lausanne Thank you.
18 C-‐DAX: A Cyber-‐Secure Data and Control Cloud for Power Grids