Secure Multi-Service Communication Architecture for Smart Grids Maik G. Seewald, Sr. Technical Lead maseewal@cisco.com

Cisco Systems

11-October-2016

2

A Secure Multi-Service Communication Architecture is an enabler and key requirement for Smart Grids and other grid modernization efforts

The electrical trend: The grid is being transformed into a two-way power delivery infrastructure where system balance is maintained by matching controllable resources with variations in load and supply

The communication trend: More and more end points, systems, and applications to connect

Solution: An efficient network infrastructure that enables reliable communication among disparate control elements of the power grid

Requirements: Step-wise migration, reliability, scalability, flexibility, extensibility, and security

Introduction

3

Transition of Utility Networks Convergence of Application Infrastructure

Existing vertical applications and networks Many networks were built for specific applications

Business Application #1

System #1

Business Application #2

System #2

Business Application #3

Device #3

Converged network based on open standards and common data models

Business Application #1

System #1

Business Application #2

System #2

Business Application #3

Device #3

Converged IP-Based Network

Multi-Service Application Infrastructure

Network #2

Network #3

Network #1

Multiple distributed energy sources Enhanced grid automation

4

GridBlocks ™ Reference Model Utility communications networks & security

11 tier reference model of communications for the whole power delivery chain

Helps define the increasing interaction across tiers

Contains architecture for each tier: components, structure, protocols, properties, and standards

Also contains comprehensive security interlay

Substation and System Control Tier is one key component and comprises:

Substation Automation

SCADA, Tele-protection

Integration of Synchro-phasors / PMU’s

WAMPAC and other new applications

5

Industry Trends Packet-Switched Networks as Enabler

Future Grid WAN Architecture

Power

Generation Control

Center

Power

Generation

Power

Generation

Substation

Substation

Substation

SP

SP

CC CC

Sub

Sub

Sub

Sub

Sub

Sub

Sub

Sub

Sub Sub

Sub Sub Substation

Control Center

SP leased transport

Sub

CC

SP

Uptake in migration from TDM to packet

End-of-life of TDM

Discontinuation of legacy services

Consolidating to common packet infrastructure

Minimize OpEx: IT and OT service integration

One single network, Less complexity

Influenced by industry standards (IEC)

Moving to advanced architectures

Facilitating new requirements for bandwidth and data flows

Multipoint connectivity, and less centralized architecture

Focus on cybersecurity requirements

Enhanced timing capabilities

Optimizing for real-time applications

Supports deterministic traffic for critical operations

WAN Network Architecture

6

Substation Network Multiservice Digital Substation as flexible Building Block

FAN Aggregation

Multiservice Bus

Physical Security

Workforce Enablement

Substation Network

Serial, C37.94, E&M

Substation MPLS Router

Electronic Security Perimeter (ESP)

PT Breaker CT CT PT

Defined Physical Boundary (DBP)

Breaker IED

IEC 61850 Station Bus

IEC 61850 Process Bus

Distributed Controller

HMI

Legacy RTU

PT CT Sensor

Legacy Teleprotection

Relay

Breaker

Security Router or Appliance

Private WiMax or LTE to Field Area Network

Utility Private MPLS/IP WAN

MU

Bay Controller

RTU Protection

Relay Comm

Processor PMU PDC

Teleprotection Relay

HMI

Hardwired I/O

7

GridBlocks ™ Reference Model Field Area Networks

Field Area Networks (FAN) provide the infrastructure for applications such as

AMI, Demand-Response Distribution Automation, DER Volt/Var control EV Charging Station

End-to-end architecture with impact on services and security

IPv6 as architectural principle Open Standard based Mesh-Networks are agnostic to lower

layers (IEEE 1901.2 NB-PLC, IEEE 802.15.4g Smart Utility Network)

Zero-touch deployment Platform for Distributed Intelligence

8

Use Case Preference Less concerns to power consumption to endpoint High deployment density in geo High data rate applications

AMI Distribution Substation

DG / DER EV Charging Infrastructure

City Facilities Water/Gas/Waste

Smart Parking

Smart Environment

Asset Vision And Tracking

Power consumption very sensitive to endpoint Massively scattered deployment in geo Low data rate applications

Cisco FAN Architecture Multi-Service Networks

IEEE-802.15.4g/e WPAN IEEE 1901.2 Narrowband PLC

Cisco Connected Grid Security and Network

Management Ethernet,

WiMAX, WiFi

MDMS Load Control DRMS DMS, SCADA

AMI Head-End CG-NMS

2G/3G

Low Power Wide Area Network

Analytics Asset Managment

DI

9

Distributed Intelligence Hosted Applications and Fog Computing

Traditional Computing Model (Terminal/Mainframe, Client-Server, Web)

Assumes Infinite, Bandwidth, 0 Delay

IoT Computing Model

Data Center/ Cloud

Endpoint

Assumes Limited Bandwidth, Variable Delay, and Intermittent Connectivity

Data Center/ Cloud

Device

Fog

Assumes Limited Bandwidth, Variable Delay, and Intermittent Connectivity

Speed of Light Latency-Critical

Responsiveness Required

Resiliency

Security

Data Grows Faster Than Bandwidth

10

Changing customer expectations resulting from the digitization of personalized services

Rise of social networks the ability to quickly form communities of interest and communicate instantaneously

Social Networks

Economic Networks

Electric Networks

Cyber Networks

Expansion of energy markets for distributed energy resources

enabling greater adoption and increased transactions

Financial innovation

that is enabling a wide range of customers to amortize initial

capital costs of DER to align with benefit cash flows and make a

stronger value proposition

Energy technology advancements

for power system and distributed energy technologies are accelerating

at exponential rates while also converging to enable breakthroughs on

business models and system performance

Big Data and analytics Analyze and optimize processes, support grid operations

Pervasive connectivity and computing new applications and productivity gains for businesses, deterministic networking for large control loops, distributed intelligence, self-learning networks

Utility Mega Trends Digitization and opportunities

Security Privacy

Thank you.