C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids C-DAX Consortium



Similar documents
C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids

Vortex White Paper. Simplifying Real-time Information Integration in Industrial Internet of Things (IIoT) Control Systems

Fast Innovation requires Fast IT

Security of smart grid communication protocols

A Survey Study on Monitoring Service for Grid

Internet of things (IOT) applications covering industrial domain. Dev Bhattacharya

WSO2 Message Broker. Scalable persistent Messaging System

ICN based Architecture for IoT

How can the Future Internet enable Smart Energy?

Tier Architectures. Kathleen Durant CS 3200

SCADA System Overview

THE FUTURE OF SMART GRID COMMUNICATIONS

SGTech Europe 2015 September 22 th Amsterdam. Pedro Gama, Head of SCADA & Telecom Department at EDP Distribuição, SA

Distribution transparency. Degree of transparency. Openness of distributed systems

Ethernet-based Software Defined Network (SDN) Cloud Computing Research Center for Mobile Applications (CCMA), ITRI 雲 端 運 算 行 動 應 用 研 究 中 心

VALLIAMMAI ENGNIEERING COLLEGE SRM Nagar, Kattankulathur

How To Improve Your Communication With An Informatica Ultra Messaging Streaming Edition

Smart Grid Innovation: A Look at a Microgrid Testbed Industrial Internet Energy Summit Houston, TX June 23, Brett Burger, NI Brett Murphy, RTI

2.1 What are distributed systems? What are systems? Different kind of systems How to distribute systems? 2.2 Communication concepts

What can DDS do for You? Learn how dynamic publish-subscribe messaging can improve the flexibility and scalability of your applications.

ICN-IoT and its Evaluation

be architected pool of servers reliability and

How To Manage A Virtualization Server

System Stability through technology

Software Service Defined Network: Centralized Network Information Service

Software-Defined Networks Powered by VellOS

Developing Scalable Smart Grid Infrastructure to Enable Secure Transmission System Control

Disaster Recovery White Paper

Data Compression and Deduplication. LOC Cisco Systems, Inc. All rights reserved.

GigaSpaces Real-Time Analytics for Big Data

Distributed Systems LEEC (2005/06 2º Sem.)

Comparing Microsoft SQL Server 2005 Replication and DataXtend Remote Edition for Mobile and Distributed Applications

Stretched Active- Active Application Centric Infrastructure (ACI) Fabric

Combining Service-Oriented Architecture and Event-Driven Architecture using an Enterprise Service Bus

ORACLE COHERENCE 12CR2

Principles and Foundations of Web Services: An Holistic View (Technologies, Business Drivers, Models, Architectures and Standards)

Classic Grid Architecture

Signaling Delivery Controller : Control Your 4G Network

SDN and NFV in the WAN

DNP Serial SCADA to SCADA Over IP: Standards, Regulations Security and Best Practices

Making Multicore Work and Measuring its Benefits. Markus Levy, president EEMBC and Multicore Association

Design for Failure High Availability Architectures using AWS

Testing Software Defined Network (SDN) For Data Center and Cloud VERYX TECHNOLOGIES

WAN Traffic Management with PowerLink Pro100

White Paper. ThinRDP Load Balancing

software networking Jithesh TJ, Santhosh Karipur QuEST Global

Sikkerhet Network Protector SDN app Geir Åge Leirvik HP Networking

Cable Modems. Definition. Overview. Topics. 1. How Cable Modems Work

Towards a common definition and taxonomy of the Internet of Things. Towards a common definition and taxonomy of the Internet of Things...

Decoding the Big Data Deluge a Virtual Approach. Dan Luongo, Global Lead, Field Solution Engineering Data Virtualization Business Unit, Cisco

Chapter 5. Data Communication And Internet Technology

Global Server Load Balancing

IRATI - Investigating RINA as an Alternative to TCP/IP

Superior Disaster Recovery with Radware s Global Server Load Balancing (GSLB) Solution

An introduction to Cryptosoft

Monitoring Infrastructure (MIS) Software Architecture Document. Version 1.1

Service-Oriented Architecture and Software Engineering

Microsoft Exchange Load Balancing. Unique Applied Patent Technology By XRoads Networks

Sentinet for Windows Azure SENTINET

SDN- based Mobile Networking for Cellular Operators. Seil Jeon, Carlos Guimaraes, Rui L. Aguiar

Integrating Mobile apps with your Enterprise

Request Routing, Load-Balancing and Fault- Tolerance Solution - MediaDNS

Designing a Cloud Storage System

Project Overview. Collabora'on Mee'ng with Op'mis, Sept. 2011, Rome

Manjrasoft Market Oriented Cloud Computing Platform

Principles and characteristics of distributed systems and environments

SCADA Cloud Computing

Cisco Active Network Abstraction Gateway High Availability Solution

The Service Availability Forum Specification for High Availability Middleware

PRISMACLOUD. Privacy and Security Maintaining Services in the Cloud Thomas Loruenser AIT Austrian Institute of Technology GmbH

Operational Core Network

Multi-Datacenter Replication

DATA CENTER. Best Practices for High Availability Deployment for the Brocade ADX Switch

LTE Solution and Requirements for Smart Grids

Mobile Application Development Platform Comparison

Data Storage in Clouds

AquaLogic ESB Design and Integration (3 Days)

Data Management in an International Data Grid Project. Timur Chabuk 04/09/2007

Leveraging SDN and NFV in the WAN

Motivation Definitions EAI Architectures Elements Integration Technologies. Part I. EAI: Foundations, Concepts, and Architectures

Cluster, Grid, Cloud Concepts

Deployment Topologies

Deploying the Barracuda Load Balancer with Office Communications Server 2007 R2. Office Communications Server Overview.

Load Balancing for Microsoft Office Communication Server 2007 Release 2

WORK PROGRAMME Topic ICT 9: Tools and Methods for Software Development

Testing Intelligent Device Communications in a Distributed System

Securely Connect, Network, Access, and Visualize Your Data

Flexible Plug & Play Smart grid cyber security design and framework. Tim Manandhar

Module 1: e- Learning

IP/MPLS. Marios Parperis - Alcatel-Lucent Energy Systems Integration Division. October Alcatel-Lucent 2010 All Rights Reserved

NEN Community REANNZ. Design Statement: NEN Edge Device

Transcription:

C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids C-DAX Consortium C- DAX is funded by the European Union's Seventh Framework Programme (FP7- ICT- 2011-8) under grant agreement n 318708

C-DAX Project EC FP7- ICT- 2011-8 call project C- DAX: Cyber- secure Data And Control Cloud for power grids DuraQon: 01.10.2012 30.09.2015 Total budget: 4.315.303 Euro EU- funding: 2.931.000 Euro Project coordinaqon: iminds Project website: h]p://www.cdax.eu C- DAX middleware Enables smart grid applicaqons to exchange informaqon securely Implements informaqon- centric networking (ICN) paradigm Supports publish/subscribe across different administraqve domains Targeted use cases Future retail energy market (REM) Real- Qme state esqmaqon based on PMU measurements Project partners 2

Publish-Subscribe Basics Basic idea Decouple data producqon and consumpqon in space, Qme, and synchronizaqon Improve scalability (compared to tradiqonal client- server) Core components Publisher client: produces data Subscriber client: consumes data Broker: stores and forwards data Broker discovery service: tells publishers and subscribers what broker to use Publisher 2 4 Subscriber 3 Broker 4 4 2 Subscriber 1 Broker discovery service 1 Subscriber Basic interacqons Broker discovery Client join Data disseminaqon Join message Data Broker Pub/sub middleware Application 3

Example: Integrating Different Applications (Within the Same or Different Administrative Domains) Using the Same Pub/Sub Middleware Publ. A Pub/sub middleware Sub. D Publ. B Topic 1 Only interested in Topic 1 Publ. C Topic 2 Sub. E Examples for topics SCADA data from RTUs PMU measurements Benefit of decoupling publishers and subscribers CommunicaQon partners do not need to know each other Asynchronous communicaqon possible FacilitaQng extensibility, management and configurability Only interested in Topic 2 Sub. F Interested in Topic 1 and Topic 2 4

C-DAX Entities Explained En#ty Func#onality Plane Client Produce or consume topic data; provides access for SG applicaqons to the C- DAX cloud (through an API) Control & Data Designated node (DN) Data broker (DB) Provide access for clients to the C- DAX cloud (first point of contact) DN for publisher (PubDN) and DN for subscriber (SubDN) Receive topic data from PubDNs and forward them to SubDNs Control & data Data Cache topic data Resolver (RS) Resolves topic names to DBs Control Security server Monitoring / management system Provide security- related funcqonaliqes to the C- DAX cloud, including authenqcaqon, authorizaqon, and key distribuqon Gather, aggregate, and forward monitored informaqon in the C- DAX cloud Management of C- DAX network resources Control Management 5

C-DAX Architecture Monitor C-DAX Monitoring/ Management System C-DAX Communication Platform Control Client (Publisher) Security Server Join Control Plane Configure Resolver (RS) Join Client (Subscriber) SG application data to be published Designated Node (DN) Data Broker (DB) Data Plane Designated Node (DN) SG application data to be consumed 6

Three Communication Modes Streaming- based Publishers conqnuously send data to DB Subscribers conqnuously receive data from DB Publisher DB Subscriber Query- based Subscriber sends query to message broker DB returns data matching the query DB Query Subscriber Point- to- point Publishers send data directly to subscribers Publisher Subscriber CommunicaQon modes are set per topic to fit the requirements of the applicaqon, e.g., Low latency for PMUs Improved scalability for retail energy markets 7

Resilience Concept : Path during failure free operation : Alternative paths due to failures : Synchronization Topic data should be highly available Data is stored on two nodes Resilience of the infrastructure Each system component is replicated physically Each criqcal communicaqon path is divided into A path during failure free operaqon AlternaQve path(s) due to failures Three resilience support levels: Level Data loss (during failover) Data delay (during failover) Complexity L1 Y N Low L2 N Y Middle L3 N N High C-DAX cloud DN DB DN Publisher Subscriber DN DB DN 8

Security Concept General security requirements Confiden#ality and integrity End- to- end security, e.g., IEC 62351 Availability PrevenQon of a]acks, e.g., DoS a]acks, replay a]acks, spoofing Security features of C- DAX End- to- end security between C- DAX clients Availability of C- DAX infrastructure Scalable key management mechanism C- DAX security raqonale Strong authenqcaqon of clients and nodes based on asymmetric cryptography Symmetric or asymmetric cryptography for topic data Minimal trust in underlying infrastructure Nodes do not have to trust each other inside C- DAX cloud Clients do not have to trust C- DAX cloud for guaranteed end- to- end security Flexible match of security parameters to requirements of use cases, e.g., data rates, latency, confidenqality, integrity Key distribuqon SecServ Key distribuqon Publisher DN DB Subscriber Data Data Data Data Encode AuthenQcate AuthenQcate Decode 9

Inter-Domain Concept Domain A RS Domain B C-DAX cloud Companies Define C- DAX domains Want to exchange informaqon à Inter- domain concept necessary C- DAX DN Provides access for external subscribers to C- DAX cloud Only point of contact for external subscribers Triggers authenqcaqon and authorizaqon of external clients Manages external subscripqons Forwards data from internal nodes to external clients External subscribers May re- publish received informaqon in own domain SecServ DB DN External subscriber C-DAX cloud : Security signaling : Publish/subscribe signaling : Publish/subscribe data transfer Inter- domain security DN hides domain s network Access from external domains only allowed through DNs SecServ of each domain manages respecqve rights 10

Comparison with Existing Pub/Sub Architectures Architecture End- to- End Security Resilience Message Persistence Broker- based Communica#on Mode* Direct Communica#on Mode** Inter- Domain Communica#on C- DAX X X X X X X SeDAX X X X X - - OMG DDS O X X - X - JMS - X X X - - NSQ - O - - X - Data Turbine - X X X - - ZeroMQ O O - O X - * Broker- based communicaqon is good for scalability ** Direct communicaqon may be beneficial for interacqve real- Qme applicaqons with hard latency requirements X : Supported O : Partly supported - : Not supported / unspecified 11

Protocol Adaptation Layer Problem ExisQng smart grid protocols rely on bidirecqonal one- to- one communicaqon, e.g., IEEE C37.118, IEC 61850 C- DAX provides unidirecqonal many- to- many communicaqon C- DAX provides a unified pub/sub interface for communicaqon SoluQon Protocol adaptaqon layer translates between smart grid protocols and C- DAX PMU/Client/AdaptaQon Layer C37.118 C37.118 C- DAX TCP/UDP IP DN C37.118 C- DAX TCP/UDP IP Benefits for operators Hardware and sorware compliant to exisqng standards can be used with C- DAX with li]le configuraqon changes C- DAX can be transparent for legacy hardware and sorware ImplementaQon Protocol adaptaqon layer for IEEE C37.118 has been implemented and tested 12

Prototype Virtual Wall Purpose ValidaQon of baseline communicaqon funcqonaliqes and basic failure management of C- DAX ValidaQon of security framework ValidaQon of IEEE C37.118 protocol adaptaqon layer Environment IEEE 34 Bus as power grid topology PMU measurement data provided by EPFL Virtual Wall network test bed provided by iminds RTSE applicaqon by EPFL Monitor BaseStation Security Server Resolver Base Station Monitor LAN Bus3Node Bus4Node Bus7Node PMU-Bus3 PubClient PMU-Bus4 PubClient PMU-Bus7 PubClient Bus3 Bus4 Bus7 Bus1Node PDC Adapter SubClient Bus1 PMU-Bus1 PubClient 13 RTSE LabView C- DAX: A Cyber- Secure Data and Control Cloud for Power Grids

Laboratory validation Real- Qme state esqmaqon of the targeted electrical network PDC PDC C-DAX cloud PMU PMU PMU PMU Real- Qme model of the electrical grid 14

Field Trial Purpose Alliander s MS Livelab Deploy C- DAX sorware in an exisqng distribuqon grid Evaluate applicability of C- DAX under realisqc condiqons Show- case several smart grid applicaqons using a common pub/sub middleware Environment Distribu#on grid provided by Alliander including a solid and fast IP network PMUs provided by NaQonal Instruments Source: Alliander N.V. RTSE applicaqon by EPFL NaQonal Instruments PMU for MV level C- DAX sorware Time plan Deployment of PMUs and C- DAX sorware: late 2014 Scheduled start of field trial: late 2014 Source: NaQonal Instruments Sweden C- DAX: A Cyber- Secure Data and Control Cloud for Power Grids 15

Benefits and Features of the C-DAX Architecture General benefits of pub/sub communicaqon Flexibility and agility for integraqon of emerging smart grid applicaqons Transparent exchange of informaqon Scalability Avoid repeated investment in ICT per applicaqon Unique C- DAX benefits Support for inter- domain communicaqons Support for established smart grid protocols, e.g., IEC 61850, IEC 60870-5- 104, IEEE C37.118 CombinaQon of advanced features Cyber- secure layer addressing authenqcaqon, privacy, and integrity in end- to- end fashion Support for streaming, query and point- to- point communicaqon Resilience Flexible provisioning strategy www.cdax.eu 16

Contact www.cdax.eu Thank you for your apen#on! Ques#ons? MaPhias Strobbe (iminds) maphias.strobbe@intec.ugent.be 17

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information