THE FUTURE OF SMART GRID COMMUNICATIONS KENNETH C. BUDKA CTO STRATEGIC INDUSTRIES MAY 2014
THE GRID OF THE FUTURE WIDE-SCALE DEPLOYMENT OF RENEWABLES INCREASED ENERGY EFFICIENCY PEAK POWER REDUCTION, DEMAND RESPONSE 2
THE GRID OF THE FUTURE IMPROVED RELIABILITY LOWER ENERGY DELIVERY COSTS CONSUMER PARTICIPATION 3
THE GRID OF THE FUTURE PERVASIVE DISTRIBUTED ENERGY RESOURCES MARKET RETAIL TRANSACTIONS MICROGRIDS DISTRIBUTED CONTROL DATA ANALYTICS 4
TRADITIONAL POWER GRID GENERATION TRANSMISSION DISTRIBUTION 5
TRADITIONAL GRID APPLICATIONS TELEPROTECTION SUPERVISORY CONTROL AND DATA ACQUISITION (SCADA) SUPPLY-DEMAND BALANCE SAFETY EFFICIENCY MOBILE WORKFORCE GENERATION ENTERPRISE VOICE & DATA TRANSMISSION DISTRIBUTION 6
TRADITIONAL GRID COMMUNICATIONS NETWORKS SMALL NUMBER OF ENDPOINTS MULTIPLE, SILOED NETWORKS MISSION-CRITICAL RELIABILITY, PERFORMANCE, SECURITY LOWSPEED WIRELINE, WIRELESS GENERATION LIMITED CONNECTIVITY BEYOND THE SUBSTATION TRANSMISSION DISTRIBUTION 7
ICT FOR SMART GRID: FORCES OF CHANGE Distribution Automation Automated Demand Response Microgrids Electric Vehicles Retail Energy Markets Dynamic Line Rating Wide Area Monitoring And Control DISTRIBUTED GENERATION & STORAGE DISTRIBUTED SENSORS & CONTROLLERS NEW APPLICATIONS NEW SECURITY THREATS (PHYSICAL, CYBER) 8
SMART GRID ENDPOINTS ++ BANDWIDTH ++ DATA ++ DATA SHARING ++ SUPPLY-DEMAND VARIABILITY ++ UNIVERSAL CONNECTIVITY DIVERSE QUALITY OF SERVICE, RELIABILITY REQUIREMENTS 9
TOMORROW S ELECTRIC GRID CONVERGED COMMUNICATIONS NETWORK Substations Control Centers Data Centers Generation External Networks Edge Routers Backbone Routers External Networks IP WAN over Fiber, Microwave (MPLS) ALL-IP (IP/MPLS) INFRASTRUCTURE SUPPORT OF LEGACY APPS AND INTERFACES SCALABILITY Wireline Service VPN, P2P Ether, VPLS, Wireless LTE, GPRS, Leased Lines E1, Private PLC, GPON, Field Area Networks MULTIPLE LAST-MILE OPTIONS DA IEDs PMUs Substations EV Charging Stations DER storag e EMS Microgrids Mobile Workforce Distributed Generation Advanced Metering Infrastructure (AMI) Traffic Aggregation Substations Field Area Network MISSION-CRITICAL PERFORMANCE, RELIABILITY, SECURITY 10
IP/MPLS MISSION CRITICAL NETWORK FEATURES VIRTUAL NETWORKS Traffic Isolation Confidentiality Integrity Support of Legacy TDM interfaces VIRTUAL LEASED LINE (VLL) MULTIPLE VIRTUAL NETWORKS ON COMMON PHYSICAL NETWORK VIRTUAL PRIVATE LAN SERVICE (VPLS) IP-VIRTUAL PRIVATE NETWORK (IP-VPN) 11
IP/MPLS MISSION CRITICAL NETWORK FEATURES HIERARCHICAL QOS LESS OVERALL BANDWIDTH REQUIRED LOWER OVERALL COST PRIORITY AND BEST-EFFORT TRAFFIC EQUALLY WELL SERVED PREDICTABLE PERFORMANCE 12
IP/MPLS MISSION CRITICAL NETWORK FEATURES FAST RE-ROUTE, TRAFFIC ENGINEERING FAST RE-ROUTE <50 ms restoration PROTECTION AGAINST MULTIPLE FAILURES TRAFFIC ENGINEERING SELECTION OF BEST PATH BANDWIDTH RESERVED END-TO-END 13
TOMORROW S ELECTRIC GRID SUBSTATION DIGITALIZATION STANDARDIZED, IP-BASED CONTROL AND MONITORING (IEC-61850) STATE-OF-THE-ART CYBER-SECURITY SECURE NETWORK ACCESS FOR FIELD PERSONNEL FIREWALL IDS/IPS ENCRYPTION WIFI HMI VIDEO MONITORING, ACCESS CONTROL REDUNDANCY, RELIABILITY PRIMARY L2 HARDENED SWITCH REDUNDANT L2 HARDENED SWITCH IP/MPLS NODE 14
TRENDS IN SECURITY THREATS more destructive more complex more frequent 15
ITU-T X.805 SECURITY ARCHITECTURE FOR COMMUNICATIONS SYSTEMS PROVIDING END-TO-END SECURITY VULNERABILITIES Vulnerabilities Can Exist In Each Layer, Plane Security Layers Applications Security Services Security Infrastructure Security Access Management Control Authentication repudiation Non - Data Confidentiality Communication Security Data Integrity Integrity Availability Privacy THREATS Destruction Corruption Removal Disclosure Interruption ATTACKS Security Planes End User Security Control/Signaling Security Management Security 8 Security Dimensions GLOBAL SECURITY STANDARD DEVELOPED BY BELL LABS 16
CYBER ATTACK ENTRY POINTS LAN telephone GENERATION Intelligent Electronic Device IP/MPLS Router internet PABX Network Operations Center CONTROL CENTER router IP/MPLS Network IP/MPLS Router database SCADA IP/MPLS network management IP/MPLS Router TDM IP/MPLS Router SUBSTATION Intelligent Electronic Device Meter CCTV WiFi Teleprotection Relay smart meter homes HOME 17
END-TO-END SMART GRID COMMUNICATIONS NETWORK SECURITY Hierarchical QoS MPLS-TE Fast Re-Route Encryption Authentication Firewall ENSURE HIGH AVAILABILITY ENSURE PRIVACY & INTEGRITY OF DATA CONTROL ACCESS NAT CONCEAL & SIMPLIFY NETWORK TOPOLOGY IDS/IPS Anti-virus Hardened Network Infrastructure Security Management DETECT SUSPICIOUS BEHAVIOUR WITHSTAND CYBER ATTACKS MONITOR & REPORT 18
ENCRYPTION POINT-TO-POINT ANY-TO-ANY IP/MPLS network internet OLD GRID SMART GRID 19
OPTICAL LAYER ENCRYPTION SMART GRID SECURE, IN-FLIGHT PROTECTION OF MISSION-CRITICAL DATA LAN 10G ENCRYPTED 10G Encrypted LAN SAN 10G NOT ENCRYPTED SAN DATA/CONTROL CENTER OLD GRID DATA/CONTROL CENTER 20
FIREWALLS OLD GRID ACCESS CONTROL LISTS STATELESS FIREWALL CCTV zone smart meter zone public WAN zone STATEFUL FIREWALL SERVICE-AWARE ZONE-BASED STATEFUL FIREWALL teleprotection zone IED zone L3VPN IP/MPLS SMART GRID SMART GRID 21
SMART GRID COMMUNICATION NETWORK TRANSFORMATION MAKING IT REAL INTRODUCTION OF NEW GRID APPS REDUCED TOTAL COST OF OWNERSHIP PRESENT MODE OF OPERATIONS ASSESSMENT GAP ANALYSIS WIDE AREA NETWORK MODERNIZATION AND EXPANSION PLAN FIELD AREA NETWORK EVOLUTION PLAN MIGRATION TO TARGET ARCHITECTURE FINAL TARGET ARCHITECTURE & HIGH-LEVEL NETWORK DESIGN MIGRATION TO TARGET ARCHITECTURE INTERIM PHASE(S) 0.5 1 year 0.75 1.5 years 2 15 years 3 x years 22
BELL LABS AND SMART GRID NEXT-GENERATION SMART GRID COMUNICATIONS SMART GRID NETWORK TRANSFORMATION Pervasive Distributed Energy Resources Microgrids Market Retail Transactions E-MOBILITY SMART GRID DATA ANALYTICS Demand Management ICT for Charging 23
THE FUTURE GRID RELIES UPON A HIGH-PERFORMANCE RELIABLE SECURE SCALABLE UBIQUITOUS COST-EFFECTIVE COMMUNICATIONS NETWORK AND DATA INFRASTRUCTURE 24
GRID APPLICATIONS Criticality Most Least SCADA (poll-response) Synchrophasors System Protection Video AMI-Critical Voice Mobile Data PTT SCADA (Distribution) Transformer Protection/Control Fault Data AMl DIVERSE QoS, RELIABILITY REQUIREMENTS 0,1s 0,2s 0,3s 0,4s 0,5s 0,6s 0,7s 0,8s 0,9s 1s Delay 26