Volume 16.1 www.lannerinc.com Energy & Industrial Cyber Security Energy Management and Industrial Cyber Security Solutions Singel 3 | B-2550 Kontich | Belgium | Tel. +32 (0)3 458 30 33 | [email protected] | www.alcom.be Rivium 1e straat 52 | 2909 LE Capelle aan den Ijssel | The Netherlands | Tel. +31 (0)10 288 25 00 | [email protected] | www.alcom.nl V. 7/17
20
Embed
Energy & Industrial Cyber Security*Surge 1.2/50 us - 2kV line to line, 4kV line to ground, AC power supply - 1kV line to line, 2kV line to ground, DC power supply-2kV, line to line,
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Volume 16.1 www.lannerinc.com
Energy & Industrial Cyber SecurityEnergy Management and Industrial Cyber Security Solutions
Versatile I/O DesignVarious communication interface options,
including multiple Copper, Fiber LAN ports
and serial ports.
Certified Reliability and QualityCE/FCC class A certification, tested and certified for
harsh conditions. Without any mechanical rotation
parts, our systems provide 20+ years MTBF and
keep very high quality.
Excellent Network DesignProvide more than 4.8Gbps
throughput at UDP, 1518 bytes.
www.lannerinc.com 9
LEC-6032
- Fanless DIN Rail Box PC
- Intel® Atom™ E3845 SoC CPU
- 1 x Serial Ports with ESD and Surge Protection
- 3 or 5 x GbE LAN with LAN Bypass
- 2 or 4 x Fiber GbE SFP Ports
Target Applications:
- Industrial UTM
- Security Gateway
- Industrial Firewall
- SCADA Network Security Appliance
LEC-6021
- Fanless DIN Rail Box PC
- Intel® Atom™ N2600 with NM10
- 1 x Serial Ports with ESD and Surge Protection
- 5 x GbE LAN with LAN Bypass
- 2 x Fiber GbE SFP Ports
LEC-3231
- Intel® Core™ i7-3517UE CPU with HM65 Chipset
- 2 x RS-232 Serial Ports with ESD and Surge Protection
- 8 x GbE LAN and 4 x Fiber GbE SFP Ports
- Rackmount Installation
ICS structures are implemented in segregated environments to control
and monitor critical infrastructures. In recent years, we have heard various
incidents of critical infrastructures such as nuclear plants being breached
by malicious cyber attacks. One of the most discussed is the Stuxnet which
devastated the computing system of Iran’s nuclear plant. There are reports
indicating that hackers usually attack the weak sides of DCS, PLC and HMI.
Therefore, it is necessary to implement firewalls designed with endurance in
harsh environments.
To protect your valuable investments in infrastructures, Lanner offers solutions
as cyber security appliances designed to cope with challenging conditions
and extreme temperatures. These systems are ideal gateway platforms for
industrial firewall/UTM to provide white-listing function, alerting the system
administrator when abnormal network events occur.
Factory Cyber Security Application
Operating Center
LEC-3231
LEC-6032
LEC-6021
PLC controllers
DCSHMI
Factory_B
Factory_A
10 www.lannerinc.com
Modbus
Pyranometer
Wind Detector Inverter
Open API for Re-development
Customized Web UI & Mobile App
Power Meter
IEEE1888
Modbus TCP
SSL/VPN
DNP 3.0
MQTT
AmphiGate Cloud
Renewable Energy Management
Building Energy Management
Lanner has been dedicated in renewable energy platforms, building automation and smart city management
solutions. We offer comprehensive solution and software services for our smart energy gateways that will
help improve manageability, service-availability and cyber security of your critical infrastructures.
In the age of IoT, cloud computing has become an essential fundamental force which triggers massive
growth upon industries and enables efficient communication among devices. Lanner, a communication
platform expert, devotes its resources to create our value-added cloud service specialized in Smart Energy
domain.
Smart Energy
Cloud-based Energy Management System
www.lannerinc.com 11
Optional Private Storage
IP Surveillance
SOS Alarm
Digital Signage
Weather Station
Pump
Water Chiller
Lighting Control
Mobus
XML
HTTP Command
Zigbee/ WiFi/ LoRa
Smart City Management
Data
Control
Security
Lighting Control
Availability
• Hybrid cloud integration support to protect confidential data
• Rich database type support to enable different front-end and back-end systems
• Redundant database design to prevent accidental data crash
• Flexible data storage policy to reduce non-necessary cloud space expenses
Manageability
• Friendly UI/UX design to manage devices easily
• Flexible dashboard design to increase management efficiency
• Remote service deployment to waive non-necessary field trip
• Real-time device status monitoring to reduce local service cost
Security
• Proprietary firewall mechanism to enhance system security
• Secured access control mechanism to prevent non-authorized intrusion
12 www.lannerinc.com
Suggested Hardware
LEC-3030, LEC-3030T Intel Atom Platform
Generic
OS Support Linux, Ubuntu
Device Management
Maximum Device Registry 256
Data Aggregation Locally aggregate device data to produce events and translate protocols
Downlink Protocol Support Modbus, Ethernet
Control Protocol Support DNP3.0, OpenADR
Connection Management
Uplink Protocol MQTT, IEEE1888, Modbus TCP, XML
Device Status Sync frequency Real-time
Data Upload Frequency 30 seconds
Security SSL, VPN
Fail safe Management
Local Storage Period Max. 3 Months
Renewable Energy Management System
Lanner REMCS is a cloud-based monitoring and control system which enables
power plant owner or third party operator to execute 24/7 management task
to ensure that energy generation is reliable and sustainable. With intuitive
Web GUI and dashboard, managers can easily observe and track energy
generation status of PV farm or wind farm.
More importantly, by utilizing DNP/OpenADR protocol, Lanner REMCS helps
substation SCADA to manage energy supply while it is upscale on grid. In
terms of modern energy storage technology development, it can also be
integrated with BMS and achieve continuous energy supply.
Gateway Specification
LEC-3030T
LEC-3030T
Inverter
PV Cell
PV Cell
Temp. meter
Wind Detector
Pyranometer
Operating Center
Temp. meter
Wind Detector
PyranometerInverter
www.lannerinc.com 13
Building Energy Management System
To effectively collect electricity usage from thousands of electricity meters in
urban buildings, the administrators needed an intelligent electricity monitoring
system for collecting and storing data from various terminal devices, as well as
uploading collected data back to a datacenter.
Our SEG-1000 Series are ideal for building energy monitoring. This ultra-
compact fanless industrial computer features 2 LAN ports with magnetic
isolation and 4 isolated serial ports. The compact, DIN rail form factor, front
facing I/O ports and the ARM9260 CPU together make the SEG-1000 Series
energy and space-efficient appliances for energy monitoring applications.
SEG-1000 Gateway Specification
Technical Specification
Computing ARM9 Cortex
Serial 4 x RS-232/485 & 1 x RS-232
Ethernet 2 x 10/100 LAN
OS Embedded Linux 2.6.30
Operating Temperature -40~70ºC
Storage Temperature -40~85ºC
Power Input 10~36 Vdc
Dimensions (mm) 69(W) x 170(H) x 127(D)
Software Specification
Data Relication Network status monitoring, autosave when network failure and autoupload after connected
Uplink Protocol XML, IEEE1888
Device Config Specialized utility software which supports Excel format import
Terminal Support multi-terminal and manual protocol configu-ration
Encryption AES128 and MD5 algorithm
Data Acquisition Fre-quency
1 sec.
Auto-upload Frequency Configurable from 5 mins to 1 hour
Synchronization Allow to sync with application server
Data Processing Data analysis, data compression and data splitting
Remote Management 1. Support remote monitoring and remote configura-tion2. Support connection monitoring against tunnel sta-tus, device status and real-time status display
Data Center Support data upload to mutiple Data Centers
DNS Lookup Support DNS lookup function
Converter Support thrid-party communication gateway's unified data format and be able to revert originl protocols and parameters
Operating Center
Cloud
SEG-1000
SEG-1000
PLC
Devices
Power Meter
Intelligent Building
Intelligent Building
Distribution Panel
14 www.lannerinc.com
LEC-3231
- Fanless Rack Mounting Box PC for Power Substation
- IEC 61850-3 and IEEE-1613 Compliance
- Intel® Celeron® 847E, Core™ i3-3217UE or i7-3517UE CPU
- Up to 10/18 Isolated Serial Ports and 4/8 Magnetic Isolated
LAN ports
- Redundant Power Supply Options : 36~48Vdc or
[90~246Vac and 100-300Vdc]
Target Applications:
- Power SCADA System Communication Gateway
- Automation Platform for Substation
- IED Communication Gateway
Substation Automation Application
LEC-3231
RTU
IED
Operating Center
Utility institutions today are relying on substation automation systems to have a secured and reliable solution
for controlling and monitoring status of the substations and grids. Lanner provides IEC 61850 compliant
industrial communication platforms that integrate substation’s control, automation, monitoring and
protection system in one device while eliminating possible compatibility issues among devices with various
communication protocols.
Communication Gateway
Substation Automation
Cyber Security Gateway
Enterprise Systems
Power Substation
22ºC
22ºC
12345
67890
X ok
Gateway
Applications Devices/Controllers
- IED, RTU, Controller
- Control monitoring
- Protection
Smart Grid
www.lannerinc.com 15
Testing Standards
Lanner’s communications gateway platforms for power systems are specifically designed for versatile
deployments in substation and renewable energy plants. Our solutions offer high levels of stability and
reliability, as well as well-rounded balance of size, cost, performance and power consumption. Lanner’s
power communications gateway and their key features are illustrated.
Key Features & Benefits
IEC 61850-3:2013 IEEE 1613:2009
Compliance
Isolated/Surge/ESD protected I/O ports
ESD:Air,15kV, contact 8kV
Wide Temperature-40~70ºC
RPS/Dual powerPW1:36~48Vdc,
PW2:90-264Vac/100-300Vdc
LEC-3231
Phoenix Contact Serial Connectors
Test Category Summary Applicable Standard
Electrostatic DischargeESD, Contact ±2, ±4, ±6,±8Kv, Air ±2, ±4, ±8,±15Kv
Fast Transient/Burst, 4kV, 5kHz on AC/DC power supply*4kV ,5KHz on communication line
IEC-61850-3:2013, IEC-61000-4-4, IEEE C37.90.1
*Surge 1.2/50 us- 2kV line to line, 4kV line to ground, AC power supply- 1kV line to line, 2kV line to ground, DC power supply-2kV, line to line, 4kV line to ground, communication ports
IEC-61850-3:2013, IEC-61000-4-5
Conduced Disturbances, induced by Radiofrequency Fields- Severity Level: 10V, 80%AM(1kHz)
IEC-61850-3:2013, IEC-61000-4-6
Electromagnetic Compatibility Emissions- Power Line Conducted Emission- Telecommunication ports Conducted Emission- Radiated Emission Below/Above 1GHz
CISPR22
Insulation
Dielectric Strength- Power supply input 2.0kV(rms)- Signal port 0.5kV(rms) Impulse Voltage- Severity Level:- 5kV power supply, communication ports
IEEE C37.90
Mechanical PerformanceVibration Response and Endurance Test IEC 61850-3: 2013, IEC 60255-21-1
Shock Response Withstand and Bump Test IEC-61850-3: 2013, IEC 60255-21-2
Environment Tests
Cost Test IEEE 1613-2003, IEC-60068-2-1, IEC-61850
Dry Heat Test IEEE 1613-2003, IEC-60068-2-2, IEC-61850
Damp Heat Cyclic Test IEEE 1613-2003, IEC-60068-2-30, IEC-61850
Change of Temperature Test IEC-60068-2-14, IEC-61850
16 www.lannerinc.com
With the trend of automation, the demand for efficient power equipments is increasing by multiples.
Communication management is one of the main concerns for automation as it often attracts cyber
threats. To enhance communication and cyber security in automation, Lanner introduces the industrial-
grade, rackmount Box PC LEC-3231, designed for power substation deployment. The rugged, fanless box
Part Number
LEK-2G2F: 4x Gigabit Ethernet module
LEK-EN1: 4x Gigabit Ethernet module
LEK-8GE: 8x Gigabit Ethernet module
LEK-2GE2MM: Ethernet module w/ Gigabit and 100M MM optic fiber
LEK-2GE2MMA: Ethernet module w/ Gigabit and 100M SM optic fiber
LEK-COM8A: Isolated RS-232/422/485 module
Feature • Intel i210T/i210IS
• 2 x RJ45, 2 x SFP
• Windows 7/Linux driver
• Intel 82583V
• 4 x RJ45
• Windows/Linux driver
• Intel 82583V
• 8 x RJ45
• Windows/Linux driver
• Intel 82583V / VIA VT6105M controller
• 2 x RJ45, 2 x multi-mode ST
• Windows/Linux driver
• Intel 82583V / VIA VT6105M controller
• 2 x RJ45, 2 x single-mode ST
• Windows/Linux driver
• EXAR 17B358
• 8 x RS-232/422/485
• Windows/Linux driver
Modular Industrial Communication Device
LEC-3 Series LEC-3230 LEC-3231Processor Options
Intel® Celeron 847E,Core™ i3-3217UE/i7-3517UE
Intel® Celeron 847E,Core™ i3-3217UE/i7-3517UE
Chipset Intel HM65 Intel HM65BIOS AMI Flash BIOS AMI Flash BIOS
SystemMemory
Sockets 1 x 204-pin DDR3 1 x 204-pin DDR3 Technology DDR3 SO-DIMM x1 DDR3 SO-DIMM x1Max. Capacity Up to 8 GB Up to 8 GB
USBUSB2.0 compliant, 2x Type A connector,1x internal Type A connector, 3x internal pin header
USB2.0 compliant, 2x Type A connector,1x internal Type A connector, 3x internal pin header
Expansion Bus PCIe expansion slot PCIe expansion slot
OS Support Windows 7,Windows 7 Embedded, Linux Windows 7,Windows 7 Embedded, Linux
NetworkingLAN
8 x 10/100/1000 MbpsAutosensing, RJ45
8 x 10/100/1000 MbpsAutosensing, RJ45
Magnetic Isolation Protection 1.5 KV built-in 1.5 KV built-in
Serial Interface
Serial Standard 2 x DB9,& 2x2x10pin terminal block for 10 x RS-232/422/485 2 x DB9,& 2x2x10pin terminal block for 10 x RS-232/422/485
ESD Protection 15 KV for all signals 15 KV for all signalsIsolation Protection
2 KV digital isolation 2 KV digital isolation
Display Display Interface DB15 x1 for VGA DB15 x1 for VGAWeight 5.8 kg 6 kgDimensions (W x H x D) 440 x 89 x 351.5 mm (17.32”x3.50”x13.84”) 440 x 88 x 301.2 mm (17.32”x3.46”x11.85”)
Environment
Operating Temperature
-20~55°C -40~70°C
Storage Temperature
-40~80°C -40~85°C
PowerInput Voltage
AC power input100~240Vac
36~48Vdc or 90~264Vac/100~300Vdc
Redundant PSU - Yes
ReliabilityAlter tool Built-in buzzer and RTC (real-time clock) with battery lithium backup Built-in buzzer and RTC (real-time clock) with battery lithium backup
GraphicController Intel® HD Graphics Intel® HD Graphics Intel Integrated Intel Integrated Intel® HD Graphics Intel® HD Graphics Intel® HD Graphics 4600
Magnetic Isolation Protection 1.5KV magnetic isolation protection 1.5KV magnetic isolation protection 1.5KV build-in 1.5KV build-in 1.5KV build-in 1.5KV magnetic isolation protection 1.5KV build-in
Storage
Type - m-SATA mini CompactFlash socket CompactFlash socket - - mSATA mini
Installation - m-SATA mini connector Type I/II x1 Type I/II x1 - - mSATA mini connector
Type SATA II SATA II SATA II SATA II SATA II SATA II SATA II
Installation 1x 2.5” Drive Bay 1x 2.5” Drive Bay - 1x 2.5” Drive Bay (Optional) 1x 2.5” Drive Bay 1x 2.5” Drive Bay 1x 2.5” Drive Bay
I/O
Serial Port2x Isolation RS-232/RS422/RS485 + 1 x RS-232 pin header
LEC-3031-A4/A6/A8: 4/6/8 x RS232/422/485LEC-3031-I4: 4 isolated RS-485LEC-3031-I10: 8 isolated RS485, 2 x isolated RS-232/485LEC-3031-DI4: 4 isolated RS-232/485, 1xRS-232
6020A: 2x 10 pin terminal block for 4x RS-232/422/485, 1x internal header (RS232)6020B: 1x internal header for RS2326020C/D: 1x COM RS-232
1x DB9 for RS-232, Internal pin-header x 1 1x DB9 for RS-232, Internal pin-header x 12x Isolation RS-232/RS422/RS485 + 1 x RS-232 pin header
1x DB9 support RS-232,Internal pin-header x 1
ESD Protection 15KV ESD protection 15KV ESD protection 15KV for all signals 15KV for all signals 15KV for all signals 15KV ESD protection 15KV for all signals
Isolation Protection 2KV Digital Isolation 2KV Digital Isolation - Digital isolation protection - 2KV Digital Isolation Digital isolation protection
Digital I/O 1x 2x5 Pin terminal block for 4x DI/DO (without isolation) LEC-3031-DI4: 4x DI/ 4x DO (without isolation) - - - - -
USB 2.0 1x Type A, 1 x internal pin header 1 or 3 x Type A 2 or 4 Type A 2x Type A 1x Type A 1x Type A, 1 x internal pin header 1x internal pin header
USB 3.0 1x Type A 1x Type A - - 1x Type A 1x Type A 2x Type A
Dimension (W x H x D)LEC-3030A: 52x 130x127mm LEC-3030T 57.5x 130 x 127mm
69x169.5x127 mm (2.71"x 6.67"x 5.00") 65x146x127 mm (2.56"x 5.75"x 5.00") 53.5x186x160 mm (2.11"x 7.32"x 6.30") 78x146x127 mm (3.07"x 5.75"x 5.00") 170 x 138 x 41.5 68x210x190 mm (2.68"x 8.27"x 7.84")
Mounting DIN rail, Wallmount DIN rail, Wallmount DIN rail, Wallmount DIN rail, Wallmount DIN rail, Wallmount DIN rail, Wallmount DIN rail, Wallmount
Driver Support
Microsoft Windows Windows 7, Windows 7 Embedded Windows 7, Windows 7 Embedded Windoows 7, Windoows 7 Embedded Windoows 7 Embedded Windoows 7, Windoows 7 Embedded Windows 7, Windows 7 Embedded Windoows 7, Windoows 7 Embedded
GraphicController Intel® HD Graphics Intel® HD Graphics Intel Integrated Intel Integrated Intel® HD Graphics Intel® HD Graphics Intel® HD Graphics 4600
Magnetic Isolation Protection 1.5KV magnetic isolation protection 1.5KV magnetic isolation protection 1.5KV build-in 1.5KV build-in 1.5KV build-in 1.5KV magnetic isolation protection 1.5KV build-in
Storage
Type - m-SATA mini CompactFlash socket CompactFlash socket - - mSATA mini
Installation - m-SATA mini connector Type I/II x1 Type I/II x1 - - mSATA mini connector
Type SATA II SATA II SATA II SATA II SATA II SATA II SATA II
Installation 1x 2.5” Drive Bay 1x 2.5” Drive Bay - 1x 2.5” Drive Bay (Optional) 1x 2.5” Drive Bay 1x 2.5” Drive Bay 1x 2.5” Drive Bay
I/O
Serial Port2x Isolation RS-232/RS422/RS485 + 1 x RS-232 pin header
LEC-3031-A4/A6/A8: 4/6/8 x RS232/422/485LEC-3031-I4: 4 isolated RS-485LEC-3031-I10: 8 isolated RS485, 2 x isolated RS-232/485LEC-3031-DI4: 4 isolated RS-232/485, 1xRS-232
6020A: 2x 10 pin terminal block for 4x RS-232/422/485, 1x internal header (RS232)6020B: 1x internal header for RS2326020C/D: 1x COM RS-232
1x DB9 for RS-232, Internal pin-header x 1 1x DB9 for RS-232, Internal pin-header x 12x Isolation RS-232/RS422/RS485 + 1 x RS-232 pin header
1x DB9 support RS-232,Internal pin-header x 1
ESD Protection 15KV ESD protection 15KV ESD protection 15KV for all signals 15KV for all signals 15KV for all signals 15KV ESD protection 15KV for all signals
Isolation Protection 2KV Digital Isolation 2KV Digital Isolation - Digital isolation protection - 2KV Digital Isolation Digital isolation protection
Digital I/O 1x 2x5 Pin terminal block for 4x DI/DO (without isolation) LEC-3031-DI4: 4x DI/ 4x DO (without isolation) - - - - -
USB 2.0 1x Type A, 1 x internal pin header 1 or 3 x Type A 2 or 4 Type A 2x Type A 1x Type A 1x Type A, 1 x internal pin header 1x internal pin header
USB 3.0 1x Type A 1x Type A - - 1x Type A 1x Type A 2x Type A
Dimension (W x H x D)LEC-3030A: 52x 130x127mm LEC-3030T 57.5x 130 x 127mm
69x169.5x127 mm (2.71"x 6.67"x 5.00") 65x146x127 mm (2.56"x 5.75"x 5.00") 53.5x186x160 mm (2.11"x 7.32"x 6.30") 78x146x127 mm (3.07"x 5.75"x 5.00") 170 x 138 x 41.5 68x210x190 mm (2.68"x 8.27"x 7.84")
Mounting DIN rail, Wallmount DIN rail, Wallmount DIN rail, Wallmount DIN rail, Wallmount DIN rail, Wallmount DIN rail, Wallmount DIN rail, Wallmount
Driver Support
Microsoft Windows Windows 7, Windows 7 Embedded Windows 7, Windows 7 Embedded Windoows 7, Windoows 7 Embedded Windoows 7 Embedded Windoows 7, Windoows 7 Embedded Windows 7, Windows 7 Embedded Windoows 7, Windoows 7 Embedded