CDAX is funded by the European Union's Seventh Framework Programme (FP7ICT20118) under grant agreement n° 318708 C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids http:// www.cdax.eu Mario Paolone for the C-DAX Consortium IEEE Dynamic Measurements Working Group July 28 th , 2014
18
Embed
C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids · A Cyber-Secure Data and Control Cloud for Power Grids ... 60870"5"104,&IEEE&C37.118& • Combinaon&of&advanced ...
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
C-‐DAX is funded by the European Union's Seventh Framework Programme (FP7-‐ICT-‐2011-‐8) under grant agreement n° 318708
C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids http://www.cdax.eu
Mario Paolone for the C-DAX Consortium IEEE Dynamic Measurements
3 C-‐DAX: A Cyber-‐Secure Data and Control Cloud for Power Grids
Example: Integrating Different Applications Using the Same Pub/Sub Middleware
§ Examples for topics • SCADA data from RTUs • PMU measurements
§ Benefit of decoupling publishers and subscribers • CommunicaQon partners do not need to know each other • Asynchronous communicaQon possible • FacilitaQng extensibility, management and configurability
4
Publ. A
Pub/sub middleware
Publ. B
Publ. C
Sub. D
Sub. E
Sub. F
Topic 1
Topic 2
Only interested in Topic 1
Only interested in Topic 2
Interested in Topic 1 and Topic 2
C-‐DAX: A Cyber-‐Secure Data and Control Cloud for Power Grids
C-DAX Entities Explained En/ty Func/onality Plane
Client Produce or consume topic data; provides access for SG applicaQons to the C-‐DAX cloud (through an API)
Control & Data
Designated node (DN)
• Provide access for clients to the C-‐DAX cloud (first point of contact)
• DN for publisher (PubDN) and DN for subscriber (SubDN)
Control & data
Data broker (DB)
• Receive topic data from PubDNs and forward them to SubDNs
• Cache topic data
Data
Resolver (RS) Resolves topic names to DBs Control
Security server Provide security-‐related funcQonaliQes to the C-‐DAX cloud, including authenQcaQon, authorizaQon, and key distribuQon
Control
Monitoring / management system
• Gather, aggregate, and forward monitored informaQon in the C-‐DAX cloud
• Management of C-‐DAX network resources
Management
5 C-‐DAX: A Cyber-‐Secure Data and Control Cloud for Power Grids
Data Plane
C-DAX Architecture
Control Plane Resolver (RS)
Data Broker (DB)
Security Server
C-DAX Monitoring/ Management System Monitor
Control
C-DAX Communication Platform
Join Join Client
(Publisher) Client
(Subscriber)
Application data to be published
Application data to be consumed
Designated Node (DN)
Designated Node (DN)
6 C-‐DAX: A Cyber-‐Secure Data and Control Cloud for Power Grids
Configure
Three Communication Modes
§ Streaming-‐based • Publishers conQnuously send data to DB • Subscribers conQnuously receive data
from DB
§ Query-‐based • Subscriber sends query to message broker • DB returns data matching the query
§ Point-‐to-‐point • Publishers send data directly to
subscribers
§ CommunicaQon modes are set per topic to fit the requirements of the applicaQon, e.g., • Low latency for PMUs
7
Publisher
DB
Subscriber
Publisher Subscriber
DB
Subscriber
Query
C-‐DAX: A Cyber-‐Secure Data and Control Cloud for Power Grids
Resilience Concept
§ Topic data should be highly available • Data is stored on two nodes
§ Resilience of the infrastructure • Each system component is replicated
physically • Each criQcal communicaQon path is
divided into § A path during failure free operaQon § AlternaQve path(s) due to failures
§ Three resilience support levels:
8
C-DAX cloud
Subscriber Publisher
DN DN DB
DN DN DB
: Path during failure free operation : Alternative paths due to failures : Synchronization
Level Data loss (during failover)
Data delay (during failover)
Complexity
L1 Y N Low
L2 N Y Middle
L3 N N High
C-‐DAX: A Cyber-‐Secure Data and Control Cloud for Power Grids
Security Concept
§ General security requirements • Confiden/ality and integrity
• C-‐DAX provides a unified pub/sub interface for communicaQon
§ SoluQon • Protocol adaptaQon layer translates
between smart grid protocols and C-‐DAX
§ Benefits for operators • Hardware and sopware compliant to
exisQng standards can be used with C-‐DAX with li[le configuraQon changes
• C-‐DAX can be transparent for legacy hardware and sopware
§ ImplementaQon • Protocol adaptaQon layer for IEEE C37.118
has been implemented and tested
12
PMU/Client/AdaptaQon Layer DN
IP
C37.118
TCP/UDP
C-‐DAX C37.118
IP
TCP/UDP
C-‐DAX
C37.118
C-‐DAX: A Cyber-‐Secure Data and Control Cloud for Power Grids
Prototype § Purpose
• ValidaQon of baseline communicaQon funcQonaliQes and basic failure management of C-‐DAX
• ValidaQon of security framework
• ValidaQon of IEEE C37.118 protocol adaptaQon layer
§ Environment • IEEE 34 Bus as power grid
topology • PMU measurement data
provided by EPFL • Virtual Wall network test bed
provided by iMinds • RTSE applicaQon by EPFL
C-‐DAX: A Cyber-‐Secure Data and Control Cloud for Power Grids
13
RTSE LabView
PMU-Bus3 PubClient
PMU-Bus4 PubClient
PMU-Bus7 PubClient
PMU-Bus1 PubClient
PDC Adapter
SubClient
Base Station
Bus1 Bus3 Bus4 Bus7
LAN
Bus7Node Bus4Node Bus3Node
Security Server
Bus1Node
Monitor
Monitor
BaseStation Resolver
Virtual Wall
Laboratory validation
14
PMU PMU PMU PMU
PDC PDC
C-DAX cloud
Real-‐Qme state esQmaQon of the targeted
electrical network
C-‐DAX: A Cyber-‐Secure Data and Control Cloud for Power Grids
Real-‐Qme model of the electrical grid
Field Trial
§ Purpose • Deploy C-‐DAX sopware in an exisQng
distribuQon grid • Evaluate applicability of C-‐DAX under
realisQc condiQons • Show-‐case several smart grid applicaQons
using a common pub/sub middleware § Environment
• Distribu/on grid provided by Alliander including a solid and fast IP network
• PMUs provided by NaQonal Instruments • RTSE applicaQon by EPFL • C-‐DAX sopware
§ Time plan • Deployment of PMUs and C-‐DAX sopware:
late 2014 • Scheduled start of field trial: late 2014
§ Alliander’s MS Livelab
§ NaQonal Instruments’ PMU for MV level
15
Source: Alliander N.V.
Source: NaQonal Instruments Sweden
C-‐DAX: A Cyber-‐Secure Data and Control Cloud for Power Grids
Example of latencies (computed)
16 C-‐DAX: A Cyber-‐Secure Data and Control Cloud for Power Grids
CumulaQve distribuQon funcQon of end-‐to-‐end delay for 500kb/s PLC links. Adapted from [K.V. Katsaros, W.K. Chai, N. Wang, G. Pavlou, H. BonQus and M. Paolone, “InformaQon-‐centric networking for machine-‐to-‐machine data delivery: a case study in smart grid applicaQons,” IEEE Network Magazine, vol.28, no.3, pp.58,64, May-‐June 2014]