Software-Defined Networking for the Utilities and Energy Sector



Similar documents
A Presentation at DGI 2014 Government Cloud Computing and Data Center Conference & Expo, Washington, DC. September 18, 2014.

Leveraging SDN and NFV in the WAN

SDN and NFV in the WAN

Conference. Smart Future Networks THE NEXT EVOLUTION OF THE INTERNET FROM INTERNET OF THINGS TO INTERNET OF EVERYTHING

THE FUTURE OF SMART GRID COMMUNICATIONS

SDN Security Considerations in the Data Center. ONF Solution Brief October 8, 2013

Making the Case for Open Source Controllers

Virtualization, SDN and NFV

Data Center Network Evolution: Increase the Value of IT in Your Organization

How OpenFlow -Based SDN Transforms Private Cloud. ONF Solution Brief November 27, 2012

Driving SDN Adoption in Service Provider Networks

Extreme Networks Software Defined Networking (SDN) Platform: Open, Standards-based and Comprehensive

OpenFlow-enabled SDN and Network Functions Virtualization. ONF Solution Brief February 17, 2014

SDN/Virtualization and Cloud Computing

Boosting Business Agility through Software-defined Networking

THE SDN TRANSFORMATION A Framework for Sustainable Success

Simplifying Data Data Center Center Network Management Leveraging SDN SDN

Strategic Direction of Networking IPv6, SDN and NFV Where Do You Start?

U s i n g S D N - and NFV-based Servi c e s to M a x i m iz e C SP Reve n u e s a n d I n c r e ase

Business Cases for Brocade Software-Defined Networking Use Cases

Introduction to Software Defined Networking (SDN) and how it will change the inside of your DataCentre

Testing Challenges for Modern Networks Built Using SDN and OpenFlow

INTEGRATING SUBSTATION IT AND OT DEVICE ACCESS AND MANAGEMENT

Why Service Providers Need an NFV Platform Strategic White Paper

Transport SDN - Clearing the Roadblocks to Wide-scale Commercial

IT Infrastructure Services. White Paper. Utilizing Software Defined Network to Ensure Agility in IT Service Delivery

Testing Software Defined Network (SDN) For Data Center and Cloud VERYX TECHNOLOGIES

Network Virtualization

WHITE PAPER. 4G: The Distributed Intelligence Revolution

Customers will receive other significant benefits in this example:

Simplify IT. With Cisco Application Centric Infrastructure. Roberto Barrera VERSION May, 2015

INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY

software networking Jithesh TJ, Santhosh Karipur QuEST Global

The promise of SDN. EU Future Internet Assembly March 18, Yanick Pouffary Chief Technologist HP Network Services

White Paper. SDN 101: An Introduction to Software Defined Networking. citrix.com

A Mock RFI for a SD-WAN

Embracing Transport SDN for Open Networking Architectures

VIRTUALIZING THE EDGE

Simplifying IT with SDN & Virtual Application Networks

The Mandate for a Highly Automated IT Function

Mock RFI for Enterprise SDN Solutions

Business Case for Open Data Center Architecture in Enterprise Private Cloud

Ethernet Wide Area Networking, Routers or Switches and Making the Right Choice

Software-Defined Networks Powered by VellOS

Software-Defined Networking. Starla Wachsmann. University Of North Texas

Management & Orchestration of Metaswitch s Perimeta Virtual SBC

Cisco Network Services Orchestrator enabled by Tail-f Multi-Vendor Service Automation & Network Programmability Stefan Vallin, Ph D

ADVANCED SECURITY MECHANISMS TO PROTECT ASSETS AND NETWORKS: SOFTWARE-DEFINED SECURITY

Software-Defined Networking: The New Norm for Networks. ONF White Paper April 13, 2012

NFV Management and Orchestration: Enabling Rapid Service Innovation in the Era of Virtualization

Virtualization: The entire suite of communication services can be deployed in a virtualized environment 2.

SDN for Wi-Fi OpenFlow-enabling the wireless LAN can bring new levels of agility

Sikkerhet Network Protector SDN app Geir Åge Leirvik HP Networking

Cisco Satellite Services Platform Delivering Managed Services over Satellite

THE THINKING NETWORK. Software Defined Networks will provide the intelligence the network needs to keep up in a cloud centric world.

SIMPLE NETWORKING QUESTIONS?

What is SDN all about?

alcatel-lucent converged network solution The cost-effective, application fluent approach to network convergence

future data and infrastructure

Cisco Unified Access Technology Overview: Converged Access

Network Functions Virtualization (NFV) for Next Generation Networks (NGN)

5G Backhauling_. Luis M. Contreras GCTO Unit, Transport, Telefónica

HOW SDN AND (NFV) WILL RADICALLY CHANGE DATA CENTRE ARCHITECTURES AND ENABLE NEXT GENERATION CLOUD SERVICES

Delivering Managed Services Using Next Generation Branch Architectures

Assessing the Business Value of SDN Datacenter Security Solutions

SK Telecom CUSTOMER CASE STUDY CUSTOMER CASE STUDY

Requirements When Considering a Next- Generation Firewall

SDN and FTTH Software defined networking for fiber networks

Testing Network Virtualization For Data Center and Cloud VERYX TECHNOLOGIES

Business Case for NFV/SDN Programmable Networks

The governance IT needs Easy user adoption Trusted Managed File Transfer solutions

Software Defined Networking (SDN) Solutions, Market Opportunities and Forecast

Welcome to New Style of Networking. Budhaditya Mukherjee Product Manager HP Networking India

Pervasive Security Enabled by Next Generation Monitoring Fabric

Cyber Security and Privacy - Program 183

Networks that know data center virtualization

Implementing Software- Defined Security with CloudPassage Halo

Software Defined Networks Virtualized networks & SDN

Expert Reference Series of White Papers. Is Network Functions Virtualization (NFV) Moving Closer to Reality?

A Look at the New Converged Data Center

White Paper. BTI Intelligent Cloud Connect. Unblocking the Cloud Connectivity Bottleneck. btisystems.com

Supporting Municipal Business Models with Cisco Outdoor Wireless Solutions

AMI and DA Convergence: Benefits of Growing Your Smart Grid Infrastructure with a Multi Technology Approach

Transport SDN Toolkit: Framework and APIs. John McDonough OIF Vice President NEC BTE 2015

Business Case for Virtual Managed Services

Tufin Orchestration Suite

How do software-defined networks enhance the value of converged infrastructures?

STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview

SOFTWARE DEFINED NETWORKING

A Guide to Hybrid Cloud An inside-out approach for extending your data center to the cloud

Cisco NFV Solution for the Cisco Evolved Services Platform

ZTE Issues SDON Whitepaper, Explaining in Detail the Key. Technologies for Optical Network Evolution

Unified Threat Management, Managed Security, and the Cloud Services Model

CoIP (Cloud over IP): The Future of Hybrid Networking

FROM A RIGID ECOSYSTEM TO A LOGICAL AND FLEXIBLE ENTITY: THE SOFTWARE- DEFINED DATA CENTRE

Virtualization Essentials

Transcription:

shaping tomorrow with you

One of the challenges for the utilities and energy sector is the constant maintenance and improvement of communications networks, which span multiple domains. These domains mainly include the Core (WAN), AN, FAN, and/or NAN. Utilities may own these networks or lease them from service providers; in some cases they have a combination of both. Utilities networks also use a variety of wireline and wireless technologies. The Smart Grids that connect Smart Homes are being built by utilities to collectively shape Smart Cities, and will have to facilitate many new applications and services. The new and/or improved services over utilities networks will include video surveillance, Internet access, power distribution automation, context-aware security, and many more that we have yet to develop. All these new services require collecting ambient intelligence, situation awareness, and frequent communication between equipment pieces and the control center. The Smart Grid will emphasize machine-to-machine communication and big data storage and analysis. If data centers and public and/or private clouds are not already part of the utilities and energy sector IT infrastructure, they will become so in the near future. However, this market sector has for some time been concerned about the security/privacy of data and the vulnerability of such a complex, heterogeneous communication system. Repeated network and system intrusion attempts are inevitable, but connecting individual instances of intrusion and determining the patterns they follow will help facilitate intelligent prevention of attacks based on solid prediction techniques. SDN as a Next-Generation Software-Centric Approach to Communications s Current networks are quite complex, costly, and cumbersome. They are based on purpose-built hardware for each network function and use technology-specific connections. For these reasons, a recent paradigm change in networking seems to be picking up speed. Many startups, leading incumbent vendors, and large network operators, are investing heavily in Software-Defined ing (SDN) as their next-generation software-centric approach to networking. When it comes to defining SDN, more than one definition is offered by different organizations, but the good news is they all converge on some common points. Among all the organizations, the ONF is the main organization behind SDN [1]. The ONF organizes education about and implementation of this new paradigm, as well as making recommendations for potential migration scenarios [2]. SDN is a programmable open-source approach to designing, building, and managing networks. It decouples network control from forwarding in network devices and offloads its functions to central controller software, called the SDN controller, as shown in Figure 1. Placing the control intelligence into logically centralized SDN controller(s) captures the global view of the entire network and provides the operations personnel with vendor-independent control. An immediate benefit is simplification and consequent cost reduction through consolidation of network devices. SDN-capable networks will be much easier to manage than networks typically are today. administrators will be able to programmatically configure the network at the SDN control layer, instead of having to manually integrate configurations scattered around the network devices. The SDN controller will provide the common network services like routing, access control, dynamic bandwidth management, QoS, storage optimization, and policy management to various utility/energy-specific applications through open NB APIs. SDN s unified control plane allows network abstraction and enables easy and efficient implementation of these applications with required customization and optimization. These abstractions and simplifications will create a fruitful environment for innovation, since turning up new services will be an easier task, once the appropriate software tools have been implemented. The same unified control plane facilitates a virtualized network and makes it possible to slice pieces of the physical network or any other hardware along the lines of specific functions, and virtualize these functions. Flexibility is another benefit that SDN offers; mixing and matching of solutions from different vendors will be accomplished more easily with SDN. A summary of how SDN can benefit the current network is provided in Figure 2. For your convenience, a list of acronyms can be found at the end of this document. 1

Framework for SDN Application Layer Business Applications NB API NB API NB API Layer Control SDN Control Software Services SB Interface (OpenFlow) Infrastructure Layer Figure 1. SDN framework Current s SDN s Benefit provisioning complexity Self-provisioning Additional revenue opportunity Managed network functions Automated network functions Reduced OPEX Technology-specific connections Technology-agnostic connections Reduced CAPEX and OPEX Purpose-built hardware for each network Software-based network functionality Reduced CAPEX function (routing, firewalling, etc.) Multivendor EMSs and their orchestration OS with Southbound APIs Reduced OPEX Application-ware networks -aware applications Innovative applications and increased revenue opportunity Figure 2. SDN benefits in comparison with current network challenges 2

Common Communications ing Challenges Utilities and energy companies own and operate multiple networks, as shown in Figure 3, covering large areas and requiring complex management. Core s Access s Wireless Field Area s (FAN) Access s Wireless and Wireline Figure 3. Typical utility communications networks Utilities and energy companies also lease connectivity services from network service providers and use multiple vendors with different product life cycles and potential incompatibilities. They have to deal with variety of equipment maintenance and upgrades, which are not easy tasks. Applications and services that run on these networks differ from regular carrier networks. Oil and gas, in particular, have three levels of applications: upstream, midstream, and downstream. Upstream applications are usually mission-critical emergency response applications and they are near well-heads or entry points in the field. It is desirable to keep these applications on-premises, rather than having them hosted by a third party. Midstream applications are management and maintenance applications for the energy distribution networks and/or vehicle fleets. These applications are lower priority compared to upstream applications. Downstream applications are the retail apps facing end-customers, and internal training apps. These have the lowest priority. All these applications/services need flexible bandwidth for efficient use of network resources. Resiliency is another important aspect of self-healing networks that need to provide high availability. To accomplish this, millisecond-level restoration should be backed up by controlled delay and jitter. However, it can be challenging to meet these performance benchmarks. The technology adoption cycle for modernization is slower for utilities compared to any other industry due to heavy emphasis on taxpayer investment and sourcing difficulties. For example, a rip-and-replace model may not be common practice for the utilities and energy sector because it may not be financially practicable. 3

Management, maintenance, and migration of the network and its software are another challenge for the utilities and energy sector. These activities are very labor-intensive due to high emphasis on manual configurations, even for a single-domain network, let alone a multiple-domain network. During the process of adopting multiple different networks with a cocktail of technologies in the various domains (WAN, AN, FAN, etc.), the overall topology for these networks changes constantly. Software upgrades are also challenging in such an environment. Regulatory compliance, since it is changing all the time, presents itself as a moving target. Especially in the security area, it is essential to quickly absorb and implement these frequent changes. Mergers and acquisitions are also more frequent these days in every business sector and utilities and energy sector are no exception; therefore, they frequently face the task of merging multiple networks or seamlessly integrating one into the other. New equipment and improved technology should also make their way into the networks of this sector without any disruption to the existing older equipment; which makes interoperability a big concern. How SDN can Solve Challenges and Enable Modernization Modernization is a journey for all network operators rather than a destination. As technology evolves, the network needs to implement these changes in the interests of improved functionality and/or reduced costs. Modernization and the implementation of evolved or improved technology allows more services and functionality to be integrated to the network; therefore the network grows. Current challenges and the push for modernization call for a natural move towards open standards and nonproprietary solutions to reduce OPEX and mitigate the risk of rapid technology shifts. Following this trend, SDN can not only solve some of the network-related challenges facing the utilities and energy sector, but it also presents a solid option for future-proof modernization; see a summary in Figure 4. SDN, in simple terms, provides a global end-to-end view of the network; therefore, the complexity of multiple domains and networks can be reduced or more effectively managed with this new approach. SDN adopts open standards and introduces technology abstraction, which provides a vendor-agnostic approach to configuring and maintaining various types of network elements. Hardware virtualization is one of the goals of SDN and is used to divide the physical network into virtual slices to ease the burden of managing different networks while using resources efficiently. SDN will help to connect multiple data centers in different physical locations and make their use efficient. Programmatic network control using SDN provides service abstraction and can simplify configuration activities. Due to its holistic view of network, the SDN-based network will provide superior control of delay and jitter in the network. This will help teleprotection of control traffic, including SCADA. The bandwidth-on-demand feature of SDN will solve the problem of elastic bandwidth need for new and emerging apps in the utilities and energy industry. SDN s bandwidth-on-demand capabilities will also create opportunities to increase revenue through accelerated service velocity in cases where the utility also serves as a communication service provider in the coverage area. More and more utility companies are functioning as service providers in rural areas. Fast restoration and self-healing is one performance aspect that may not be implemented in the SDN controller due to its reliance on millisecondrange restoration requirement. This feature may be one of the very few control features that, at least initially, remain resident on the network equipment rather than being pulled into the SDN controller. However, with the anticipated improvements and developments in SDN controller performance, moving restoration and self-healing capabilities into the SDN controller may become possible in future. In new SDN-based network infrastructure, utility-specific apps on the applications layer will have the opportunity to blossom. These apps could facilitate power/energy peak shaving, analytics of system and customer data, M2M communication, fast restoration from failure, better management of heterogeneous network devices, rapid diagnostics over a large inventory of network devices, distributed automation enablement, AMI network monitoring, and many more. 4

Utilities Challenge/Need How SDN Can Address Outcome Complexity of multiple networks Provides global view and control Simplicity Multiple vendors and product lifecycles Software-defined network configuration plus open standards No vendor lock-in Data center efficiency Data center virtualization Efficient resource use Large security coverage: ability to control traffic per app Need for flexible bandwidth scalability for new and emerging apps Logically centralized security control and more granular security arrangements Bandwidth on-demand Reduced security breaches Revenue opportunity Figure 4. Sector challenges addressed by SDN Security and SDN 200 SCADA intrusions were reported between Oct 2012 and May 2013 [3]. More than 60% of those intrusions targeted energy and utilities networks. More concerning, these attacks are on the rise, which justifies the recent increase in awareness followed by many conferences and workshops in or around security of critical infrastructure networks and assets. These networks require large security coverage due to their footprint with multiple domains and numerous endpoints. Each one of these endpoints is a point of attack and increases the risk and vulnerability of the system. There are many guidelines, best practices, and standards for security of utilities/energy sector administered by multiple organizations each looking at security from a different angle, as shown in Figure 5. For a long time we have used the same, strictly defense-oriented technologies and practices for security. This block everything mentality has emphasized the use of firewall appliances everywhere in the network. SDN has a potential to change this trend in a smarter way and enable security developers to implement more innovative solutions as applications for perceived threads, since SDN will provide better visibility across the entire network, at both the control and data layers. With logically centralized control, the confusion about where to place the security appliances will end. SDN s security-enabled infrastructure allows network security administrators to route all traffic to a logically central firewall which can be virtually present wherever needed in the network. In addition to brute-force defenses, we can expect more intelligent security applications like smarter quarantine systems, faster emergency broadcasts, advanced honeypots, and context-aware detection systems. The tradeoff between the opportunity that SDN provides for enabling more intelligent and dynamic security applications in the new infrastructure and the risk it poses as a new and unproven technology being integrated to the current systems still remains to be seen. All we know at this point is that the security is a prerequisite for SDN s commercial success, especially for critical infrastructures like utilities and energy sector networks. 5

Security NERC/DHS SGTF: Reliability considerations for Smart Grid IEC 62443-2-4: Building secure ICS systems IEC 62351 Series CIP 001-009: Cybersecurity utility security standards IEEE 802.x: Security standards IEEE 1686 IED Cybersecurity IEEE 1711 Serial encryption DHS Cybersecurity procurement language for control systems Radius (RFC 2865) SSH (RFC 4251/6239) LDAP (RFC 4511/4510) TLS (RFC 5246) DTLS (RFC 4347) IPsec (RFC 2401) Syslog (RFC 5424) ANSI C12.22: Encryption of metrology data Security profiles: AMI, substation automation NIST IR 7628 Smart Grid Security FIPS PUB 140-2 cryptography modules SP 800-82 ICS security Figure 5. Security for Utilities and Energy Conclusion SDN is coming to networks near you and the utilities and energy sector need to work on how to best utilize the benefits of this new technology for their day-to-day needs in telecommunication networks and share their expertise to shape the future of this new happening. References [1] Open ing Foundation https://www.opennetworking.org [2] ONF Migration Working Group https://www.opennetworking.org/working-groups/migration [3] Brute Force Attacks on Internet-Facing Control Systems, ICS-CERT Monitor, April-June 2011, U.S. Department of Homeland Security. http://ics-cert.us-cert.gov/sites/default/files/ics-cert_monitor_april-june2013_3.pdf (last checked on Feb. 10, 2014) 6

Acronyms AMI Automated Metering Infrastructure AN Access API Application Programming Interface CAPEX Capital Expenditure EMS Element Management System FAN Field Area M2M Machine-to-Machine NAN Neighborhood Area s NB Northbound ONF Open ing Forum OPEX Operating Expenses QoS Quality of Service SCADA Supervisory Control and Data Aquisition WAN Wide-Area Copyright 2014 Fujitsu Communications Inc. FUJITSU (and design) and shaping tomorrow with you are trademarks of Fujitsu Limited. All Rights Reserved. All other trademarks are the property of their respective owners. Configuration requirements for certain uses are described in the product documentation. 7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information