c-dax is funded by the european union's seventh framework programme (fp7-ict-2011-8) under...

C-DAX is funded by the European Union's Seventh Framework Programme (FP7-ICT-2011-8) under grant agreement n° 318708

C-DAX:A Cyber-Secure Data and Control Cloud for Power Grids

C-DAX Consortium

C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 2

C-DAX Project EC FP7-ICT-2011-8 call project

• C-DAX: Cyber-secure Data And Control Cloud for power grids

Duration: 01.10.2012 – 30.09.2015 Total budget: 4.315.303 Euro EU-funding: 2.931.000 Euro

C-DAX middleware• Enables smart grid applications to

exchange information securely• Implements information-centric

networking (ICN) paradigm• Supports publish/subscribe across

different administrative domains Targeted use cases

• Future retail energy market (REM)• Real-time state estimation based on

PMU measurements

Project coordination: Alcatel-Lucent Project website: http://www.cdax.eu

Project partners

http://www.cdax.eu/


Targeted use case with PMU-PDC real-time app


Publish-Subscribe Basics

Basic idea• Decouple data production and

consumption in space, time, and synchronization

• Improve scalability (compared to traditional client-server)

Core components• Publisher client: produces data• Subscriber client: consumes data• Broker: stores and forwards data• Broker discovery service: tells publishers

and subscribers what broker to use

Basic interactions• Broker discovery• Client join• Data dissemination

Publisher

Subscriber

Broker Pub/sub middleware Application

Join message Data

Brokerdiscoveryservice

Broker

1

1

2

2

3

4

SubscriberSubscriber

44


Example: Integrating Different Applications (Within the Same or Different Administrative Domains) Using the Same Pub/Sub Middleware

Examples for topics• SCADA data from RTUs• PMU measurements

Benefit of decoupling publishers and subscribers• Communication partners do not need to know each other• Asynchronous communication possible• Facilitating extensibility, management and configurability

Publ. A

Pub/sub middleware

Publ. B

Publ. C

Sub. D

Sub. E

Sub. F

Topic 1

Topic 2

Only interested in Topic 1

Only interested in Topic 2

Interested in Topic 1 and Topic 2


C-DAX Entities ExplainedEntity Functionality Plane

Client Produce or consume topic data; provides access for SG applications to the C-DAX cloud (through an API)

Control & Data

Designated node (DN)

• Provide access for clients to the C-DAX cloud (first point of contact)

• DN for publisher (PubDN) and DN for subscriber (SubDN)

Control & data

Data broker (DB)

• Receive topic data from PubDNs and forward them to SubDNs

• Cache topic data

Data

Resolver (RS) Resolves topic names to DBs Control

Security server Provide security-related functionalities to the C-DAX cloud, including authentication, authorization, and key distribution

Control

Monitoring / management system

• Gather, aggregate, and forward monitored information in the C-DAX cloud

• Management of C-DAX network resources

Management


Data Plane

C-DAX Architecture

Control Plane Resolver(RS)

Data Broker (DB)

Security Server

C-DAX Monitoring/ Management System

Monitor

Control

C-DAX CommunicationPlatform

JoinJoinClient

(Publisher)Client

(Subscriber)

SG applicationdata to be published

SG applicationdata to be consumed

Designated Node (DN)

Designated Node (DN)

Configure


Three Communication Modes

Streaming-based• Publishers continuously send data to DB• Subscribers continuously receive data

from DB

Query-based• Subscriber sends query to message broker• DB returns data matching the query

Point-to-point• Publishers send data directly to

subscribers

Communication modes are set per topic to fit the requirements of the application, e.g.,• Low latency for PMUs• Improved scalability for retail energy markets

Publisher

DB

Subscriber

Publisher Subscriber

DB

Subscriber

Query


Resilience Concept

Topic data should be highly available• Data is stored on two nodes

Resilience of the infrastructure • Each system component is replicated

physically• Each critical communication path is

divided into A path during failure free operation Alternative path(s) due to failures

Three resilience support levels:

C-DAX cloud

SubscriberPublisher

DN DNDB

DN DNDB

: Path during failure free operation: Alternative paths due to failures: Synchronization

Level Data loss(during

failover)

Data delay(during

failover)

Complexity

L1 Y N Low

L2 N Y Middle

L3 N N High


Security Concept

General security requirements• Confidentiality and integrity

End-to-end security, e.g., IEC 62351• Availability

Prevention of attacks, e.g., DoS attacks, replay attacks, spoofing

Security features of C-DAX• End-to-end security between C-DAX clients• Availability of C-DAX infrastructure• Scalable key management mechanism

C-DAX security rationale• Strong authentication of clients and nodes

based on asymmetric cryptography• Symmetric or asymmetric cryptography for topic

data• Minimal trust in underlying infrastructure

Nodes do not have to trust each other inside C-DAX cloud

Clients do not have to trust C-DAX cloud for guaranteed end-to-end security

• Flexible match of security parameters to requirements of use cases, e.g., data rates, latency, confidentiality, integrity

Publisher DN DB … Subscriber

Encode Authenticate Authenticate Decode

SecServ

Key distributionKey distribution

Data Data Data Data


Domain BDomain A

Inter-Domain Concept

Companies• Define C-DAX domains• Want to exchange information Inter-domain concept necessary

C-DAX DN• Provides access for external subscribers to

C-DAX cloud• Only point of contact for external

subscribers• Triggers authentication and authorization

of external clients• Manages external subscriptions• Forwards data from internal nodes to

external clients External subscribers

• May re-publish received information in own domain

Inter-domain security• DN hides domain’s network• Access from external domains only

allowed through DNs• SecServ of each domain manages

respective rights

C-DAX cloud

RS

SecServ

DB DN External subscriber

C-DAX cloud

: Security signaling: Publish/subscribe signaling: Publish/subscribe data transfer


Comparison with Existing Pub/Sub Architectures

Architecture End-to-End Security

Resilience Message Persistence

Broker-based Communication

Mode

Direct Communication

Mode

C-DAX X X X X X

OMG DDS O X X - X

JMS - X X X -

NSQ - O - - X

Data Turbine - X X X -

ZeroMQ O O - O X

XO-

: Supported: Partly supported: Not supported / unspecified


Protocol Adaptation Layer

Problem• Existing smart grid protocols rely on

bidirectional one-to-one communication, e.g., IEEE C37.118, IEC 61850

• C-DAX provides unidirectional many-to-many communication

• C-DAX provides a unified pub/sub interface for communication

Solution• Protocol adaptation layer translates

between smart grid protocols and C-DAX

Benefits for operators• Hardware and software compliant to

existing standards can be used with C-DAX with little configuration changes

• C-DAX can be transparent for legacy hardware and software

Implementation• Protocol adaptation layer for IEEE C37.118

has been implemented and tested

PMU/Client/Adaptation Layer DN

IP

C37.118

TCP/UDP

C-DAXC37.118

IP

TCP/UDP

C-DAX

C37.118

C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids

Prototype Purpose

• Validation of baseline communication functionalities and basic failure management of C-DAX

• Validation of security framework

• Validation of IEEE C37.118 protocol adaptation layer

Environment• IEEE 34 Bus as power grid

topology• PMU measurement data

provided by EPFL• Virtual Wall network test bed

provided by iMinds• RTSE application by EPFL

14

RTSE LabView

PMU-Bus3PubClient

PMU-Bus4PubClient

PMU-Bus7PubClient

PMU-Bus1PubClient

PDC Adapter

SubClient

Base Station

Bus1 Bus3 Bus4 Bus7

LAN

Bus7NodeBus4NodeBus3Node

Security Server

Bus1Node

Monitor

Monitor

BaseStationResolver

Virtual Wall


Laboratory validation

PMU PMU PMU PMU

PDC PDC

C-DAX cloud

Real-time state estimation of the targeted

electrical network

Real-time modelof the electrical grid


Field Trial

Purpose• Deploy C-DAX software in an existing

distribution grid• Evaluate applicability of C-DAX under

realistic conditions• Show-case several smart grid applications

using a common pub/sub middleware Environment

• Distribution grid provided by Alliander including a solid and fast IP network

• PMUs provided by National Instruments• RTSE application by EPFL• C-DAX software

Time plan• Deployment of PMUs and C-DAX software:

late 2014• Scheduled start of field trial: late 2014

Alliander’s MS Livelab

National Instruments’ PMU for MV levelSource: Alliander N.V.

Source: National Instruments Sweden


Benefits and Features of the C-DAX Architecture General benefits of pub/sub

communication Flexibility and agility for integration of

emerging smart grid applications Transparent exchange of information Scalability Avoid repeated investment in ICT per

application

www.cdax.eu

Unique C-DAX benefits• Support for inter-domain

communications• Support for established smart grid

protocols, e.g., IEC 61850, IEC 60870-5-104, IEEE C37.118

• Combination of advanced features Cyber-secure layer addressing

authentication, privacy, and integrity in end-to-end fashion

Support for streaming, query and point-to-point communication

Resilience• Flexible provisioning strategy


Contact

www.cdax.eu

Thank you for your attention!Questions?

PLEASE FILL IN CONTACT INFORMATION BEFORE PUBLIC DISSEMINATION.

Thank you.

c-dax is funded by the european union's seventh framework programme (fp7-ict-2011-8) under...

Documents