Cisco Live 2014 - OECD. · PDF file2014 Cisco Public CG-NMS Visualization © 2014 Cisco and/or its affiliates. All rights reserved. afiocco IOT Dec 2014 Cisco Public Cisco 1240 Connected

Alain Fiocco

Sr. Director CTO Office

[email protected]

© 2014 Cisco and/or its affiliates. All rights reserved.

afiocco IOT Dec

2014 Cisco Public

7.2 6.8 7.6

The Internet of Things Is Already Here

Rapid Adoption Rate of Digital Infrastructure: 5X Faster Than Electricity and Telephony

50 Billion

“Smart Objects”

50

2010 2015 2020

0

40

30

20

10

BIL

LIO

NS

OF

DE

VIC

ES

25

12.5

Inflection Point

TIMELINE

Source: Cisco IBSG, 2011

World Population

Cisco Confidential 3 © 2011 Cisco and/or its affiliates. All rights reserved.

PROCESS MANUFACTURING ENERGY

TRANSPORTATION CITIES RETAIL


afiocco IOT Dec

2014 Cisco Public

IoT Device Characteristics


afiocco IOT Dec

2014 Cisco Public

Assumptions & Constraints for Protocols


afiocco IOT Dec

2014 Cisco Public

Field Area Network (FAN)

Neighborhood Area Network

Wide Area Network

Field Area Network Router

6


afiocco IOT Dec

2014 Cisco Public

From To

IoT Architectural Philosophy

Standardized Networks (IP Based/ISO Stack)

Distributed Intelligence (e.g. Fog Computing)

Standardized Interfaces (Wireless/Wired)

Closed Systems

(Little external interaction)

Proprietary Networks (Usually layer 2 based)

Protocol Gateways (Inherently complex,

inefficient and fragmented

networks)

Various Protocols

(Modbus, SCADA, BACnet,

LON, HART)


afiocco IOT Dec

2014 Cisco Public

Convergence of Applications

Existing Proprietary Vertical

Applications and Networks

Business Application #1

Device #1


Device #2


Device #3

Network #1

Network #2

Network #3

Converged Network Based on Open

Standards and Common Data Models


Device #1


Device #2


Device #3

Converged IP-Based Network

Converged Application Infrastructure


afiocco IOT Dec

2014 Cisco Public

Why Distribute Computing?

Traditional Computing Model (Terminal/Mainframe, Client-Server, Web)

Assumes Infinite, Bandwidth, 0 Delay

IoT Computing Model

Data Center/ Cloud

Endpoint

Assumes Limited Bandwidth, Variable Delay, and Intermittent Connectivity

Data Center/ Cloud

Device

Fog

Assumes Limited Bandwidth, Variable Delay, and Intermittent Connectivity

Speed of Light Latency-Critical

Responsiveness Required

Resiliency

Security

Data Grows Faster Than Bandwidth

IOx


afiocco IOT Dec

2014 Cisco Public

Well Established Eco-Systems Fog computing use cases

Build Your Own Interface

Application Layer Gateway

Protocol Translation

Application Layer Security

Application Data Processing

Distributed Control

IoT Protocol Stack : Smartgrid example


afiocco IOT Dec

2014 Cisco Public

Open Standards IP-based Reference Model

IPv6

UDP/TCP

IEEE 802.15.4e MAC enhancements

IPv6 RPL

Web Services, EXI, SOAP,

RestFul,HTTPS/CoAP

• Open Standards – at all levels to ensure interoperability and reduce technology risk for utilities

• 15-20 years lifetime and future proofing – Internet has 25 years lifetime and is continuously evolving

802.1x / EAP-TLS & IEEE 802.11i based Access Control

Physical

Layer

IEEE 802.15.4g

2.4GHz, 915, 868MHz

DSSS, FSK, OFDM

IEEE 1901.2

NB-PLC

OFDM

IEEE 802.11

Wi-Fi

2.4, 5 GHz, Sub-GHz

IEEE 802.3

Ethernet

UTP, FO

2G, 3G, LTE

Cellular

IEEE 802.16

WiMAX

1.x, 3.xGHz

Data

Link

Layer

IEEE 802.15.4

including FHSS

IEEE 1901.2

802.15.4 frame

format

IEEE 802.11

Wi-Fi

IEEE 802.3

Ethernet

2G, 3G, LTE

Cellular

IEEE 802.16

WiMAX

6LoWPAN (RFC 6282) IPv6 over Ethernet (RFC 2464) IPv6 over PPP

(RFC 5072)

IP or Ethernet

Convergence SubL.

Network

Layer

Transport

Layer

Application

Layer

Addressing, Routing, Multicast,

QoS, Security

Security (DTLS/TLS)

DNS, NTP, IPfix/Netflow, SSH

RADIUS, AAA, LDAP, SNMP,…

(RFC 6272 IP in Smart Grid)

Metering

IEC 61968 CIM, ANSI C12.22,

DLMS/COSEM,…

SCADA

IEC 61850, 60870

DNP3/IP, Modbus/TCP,…

LLC

M

A

C

Mgmt


afiocco IOT Dec

2014 Cisco Public

Field Area Network Architecture

MDMS

DMS

Data Center, Enterprise Apps

MDM

DB

MDMCIS

AMI Head-End

SCADA

ORS

DMS

Billing & Pre-Payment

Mgmt

DMS

Intrusion Prevention

HER

Certificate Authority

Access Control

Directory Services

NMSCG-NMS

SIEM

SIEM

Public or Private

IP Infrastructure

Network & Security Services

Data Integrity & privacy: IPSec

Traffic prioritization: IP QoS

Scalable & reliable IP VPN

Zero Touch Provisioning

Users and devices Authentication

Devices management

Open standards Neighborhood Area Network (NAN): IEEE 802.15.4g/e RF or/and IEEE 1901.2 PLC Mesh

IPv6 based communications – 6LoWPAN, RPL,…

Fully Secured – AES 128 encryption, IEEE 802.1x authentication, IEEE 802.11i key management

Network Management – CoAP based, Zero Touch Provisioning, Over-the-Air firmware upgrade


afiocco IOT Dec

2014 Cisco Public

FAN Aggregation Layer

within Substation

Automation Network

Neighborhood Area Network

(RF Mesh)

Smart Meters

AMI Head-End

NMS HES

AAA Server

Certificate

Authority

Intrusion

Prevention

Directory

Services

SIEM

Security Services

Secure storage for encryption keys

Secure encryption keys

Network-layer encryption (IPSec)

Link-layer encryption (AES-128)

• Certificate-based identities, user names & passwords

• Role based Access Control

• 802.1x-based access control for meters, routers, grid devices

• Link-layer encryption in RF Mesh

• Group-based key generation and management (mesh)

• Network-layer encryption for WAN Backhaul (IPSec)

Field Area

Router (FAR)

CGR 1000

Series

Secure Device Identity via Digital Certificates

Strong user identities with Role-Based Access

Time-stamped logs, correlation at SIEM

Separation of AMI vs. non-AMI traffic, segmentation

Mobile Workforce

Public or Private

WAN

Security Architecture

15

Cisco Confidential 16 © 2013-2014 Cisco and/or its affiliates. All rights reserved.

Sub-1GHz Regulations around the World USA

Canada

Chile

Colombo

Mexico

Argentina

Uruguay

Venezuela

902-928MHz

4 W *

Source: CEPT - DKE 731.09r1 JSC

860 870 880 890 900 910 920 930 940 950 MHz 850

Singapore

2 W **

Singapore

0.5 W **

S.A.

4 W **

China

2 W **

Thailand

2 W *

Europe

India

Hong-Kong

Iran

UAE

2 W **

Malaysia

2 W **

Israel

2 W *

* e.i.r.p. ** e.r.p.

Brazil

902-907.5,

915-928 MHz

4 W *

840

China

2 W **

Japan (2012)

915-930MHz

4 W*

0.5 / 0.02 W *

Licensed/unlicensed

E.U CEPT new frequency bands discussion (870-876MHz 500mW and 915-921MHz 25mW)

• Allocated Frequency bands

• Licensed/unlicensed (ISM)

• Transmit power

• Time transmitting

Korea

917-923.5MHz

4 W *

Australia

915-928MHz

Hong-Kong

920-924 MHz

Ultra

NarrowBand


afiocco IOT Dec

2014 Cisco Public

Wi-SUN Alliance

Vision: Drive industry to embrace open standards and interoperability.

• Definition of Wi-SUN profile based on IEEE 802.15.4g/e

• Reduce technology risk

• Testing

• Certification

• www.wi-sun.org

17

http://www.wi-sun.org




afiocco IOT Dec

2014 Cisco Public

• Certification for products built on the IEEE 1901.2 Low-Frequency, Narrow-Band Powerline Communications standard

• Leverages HomePlug’s long established programs & expertise in testing & certifying powerline networking products.

• HomePlug will promote the adoption of Netricity products to foster an ecosystem served by multiple technology vendors.

The Netricity™ program is supported by

HomePlug Alliance member companies:

twitter: @alainfiocco

email: [email protected]


afiocco IOT Dec

2014 Cisco Public

Connected Grid Network Management

The Connected Grid NMS Solution provides grid operators

• Scalable, Utility Ops communication management

• Enterprise-class visibility for up to 10M endpoints

• Secure network commissioning, monitoring and life cycle management via well-defined interfaces

• Integration with Utility Operations and Enterprise Bus

The Cisco Connected Grid Device Manager provides

• Device level network monitoring and troubleshooting

23


afiocco IOT Dec

2014 Cisco Public

CG-NMS Visualization


afiocco IOT Dec

2014 Cisco Public

Cisco 1240 Connected Grid Router

Ethernet Switch 2GE WAN (Cu or SFP), 4FE LAN

Integrated Antennas for: RF Mesh, WiMAX, 2G/3G, WiFi

2 RS 232/RS 485 Serial Ports

Battery

Backup

GPS Antenna

Liquid Tight

(IP67) Adapter

Ruggedized, IP67

Ethernet (RJ-45)

Connector

Outdoor Model (Pole Mounted)

Estimated dimensions: 30.5 cm (H) x 20.3 (W) x 19 cm (D) = 12“(H) x 8.0” (W) x 7.5” (D)

Antennas shown above are optional; can be deployed with external antennas

Four Module Slots


afiocco IOT Dec

2014 Cisco Public

Cisco 1120 Connected Grid Router

• Substation hardened

– IEC61850-3 and IEEE1613-compliant

– Fixed memory

– Din-rail mounted

• Convection cooled

– No fans and/or moving parts

– Increased operating temp

• Dimensions

– 8.9 cm (H) x 22.9 cm (W) x 20 cm (D) = 3.5" (H) x 9.0" (W) x 7.8" (D)

Indoor Model (Din-Rail Mounted)

DC Input Integrated AC

and DC PS

Ethernet Switch

2GE WAN, 6FE Serial RS-232,

RS-485

Fiber WAN

2 GE SFP

Console and

Alarm Ports

Slot 1 Module Slots

GPS Antenna Wi-Fi Antenna

Slot 2

Three Phase

AC Input


afiocco IOT Dec

2014 Cisco Public

Industrial Router 500 915 MHz RF Mesh DA Gateway

Form Factor Specifications

• Compact form factor: 4.5” x 5.5” x 1.25”

• Fixed configurations- Panel / DIN rail mount

• IP-30 rating

• IEC 61850-3 / IEEE 1613

• Extended Temperature range (-40C to +70C)

Reset Switch

One 10/100 Ethernet Port

Mounting Feet (can be

moved to front and back) USB Port 915 MHz RF Connector

9-60 VDC PWR/Alarm

Two Serial Ports

LEDs viewable from

top and front

• Transport Distribution Automation and SCADA over IPv6 RF Mesh

• Ruggedized for harsh industrial environments

• Compact size and low power

• Authentication and encryption

• IP quality of service

• RF mesh aggregated by CGR1000 Series

• Managed by Connected Grid NMS and Device Manager

Cisco Live 2014 - OECD. · PDF file2014 Cisco Public CG-NMS Visualization © 2014 Cisco and/or its affiliates. All rights reserved. afiocco IOT Dec 2014 Cisco Public Cisco 1240 Connected

Documents