c-dax is funded by the european union's seventh framework programme (fp7-ict-2011-8) under...
TRANSCRIPT
C-DAX is funded by the European Union's Seventh Framework Programme (FP7-ICT-2011-8) under grant agreement n° 318708
C-DAX:A Cyber-Secure Data and Control Cloud for Power Grids
C-DAX Consortium
C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 2
C-DAX Project EC FP7-ICT-2011-8 call project
• C-DAX: Cyber-secure Data And Control Cloud for power grids
Duration: 01.10.2012 – 30.09.2015 Total budget: 4.315.303 Euro EU-funding: 2.931.000 Euro
C-DAX middleware• Enables smart grid applications to
exchange information securely• Implements information-centric
networking (ICN) paradigm• Supports publish/subscribe across
different administrative domains Targeted use cases
• Future retail energy market (REM)• Real-time state estimation based on
PMU measurements
Project coordination: Alcatel-Lucent Project website: http://www.cdax.eu
Project partners
C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 3
Targeted use case with PMU-PDC real-time app
C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 4
Publish-Subscribe Basics
Basic idea• Decouple data production and
consumption in space, time, and synchronization
• Improve scalability (compared to traditional client-server)
Core components• Publisher client: produces data• Subscriber client: consumes data• Broker: stores and forwards data• Broker discovery service: tells publishers
and subscribers what broker to use
Basic interactions• Broker discovery• Client join• Data dissemination
Publisher
Subscriber
Broker Pub/sub middleware Application
Join message Data
Brokerdiscoveryservice
Broker
1
1
2
2
3
4
SubscriberSubscriber
44
C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 5
Example: Integrating Different Applications (Within the Same or Different Administrative Domains) Using the Same Pub/Sub Middleware
Examples for topics• SCADA data from RTUs• PMU measurements
Benefit of decoupling publishers and subscribers• Communication partners do not need to know each other• Asynchronous communication possible• Facilitating extensibility, management and configurability
Publ. A
Pub/sub middleware
Publ. B
Publ. C
Sub. D
Sub. E
Sub. F
Topic 1
Topic 2
Only interested in Topic 1
Only interested in Topic 2
Interested in Topic 1 and Topic 2
C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 6
C-DAX Entities ExplainedEntity Functionality Plane
Client Produce or consume topic data; provides access for SG applications to the C-DAX cloud (through an API)
Control & Data
Designated node (DN)
• Provide access for clients to the C-DAX cloud (first point of contact)
• DN for publisher (PubDN) and DN for subscriber (SubDN)
Control & data
Data broker (DB)
• Receive topic data from PubDNs and forward them to SubDNs
• Cache topic data
Data
Resolver (RS) Resolves topic names to DBs Control
Security server Provide security-related functionalities to the C-DAX cloud, including authentication, authorization, and key distribution
Control
Monitoring / management system
• Gather, aggregate, and forward monitored information in the C-DAX cloud
• Management of C-DAX network resources
Management
C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 7
Data Plane
C-DAX Architecture
Control Plane Resolver(RS)
Data Broker (DB)
Security Server
C-DAX Monitoring/ Management System
Monitor
Control
C-DAX CommunicationPlatform
JoinJoinClient
(Publisher)Client
(Subscriber)
SG applicationdata to be published
SG applicationdata to be consumed
Designated Node (DN)
Designated Node (DN)
Configure
C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 8
Three Communication Modes
Streaming-based• Publishers continuously send data to DB• Subscribers continuously receive data
from DB
Query-based• Subscriber sends query to message broker• DB returns data matching the query
Point-to-point• Publishers send data directly to
subscribers
Communication modes are set per topic to fit the requirements of the application, e.g.,• Low latency for PMUs• Improved scalability for retail energy markets
Publisher
DB
Subscriber
Publisher Subscriber
DB
Subscriber
Query
C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 9
Resilience Concept
Topic data should be highly available• Data is stored on two nodes
Resilience of the infrastructure • Each system component is replicated
physically• Each critical communication path is
divided into A path during failure free operation Alternative path(s) due to failures
Three resilience support levels:
C-DAX cloud
SubscriberPublisher
DN DNDB
DN DNDB
: Path during failure free operation: Alternative paths due to failures: Synchronization
Level Data loss(during
failover)
Data delay(during
failover)
Complexity
L1 Y N Low
L2 N Y Middle
L3 N N High
C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 10
Security Concept
General security requirements• Confidentiality and integrity
End-to-end security, e.g., IEC 62351• Availability
Prevention of attacks, e.g., DoS attacks, replay attacks, spoofing
Security features of C-DAX• End-to-end security between C-DAX clients• Availability of C-DAX infrastructure• Scalable key management mechanism
C-DAX security rationale• Strong authentication of clients and nodes
based on asymmetric cryptography• Symmetric or asymmetric cryptography for topic
data• Minimal trust in underlying infrastructure
Nodes do not have to trust each other inside C-DAX cloud
Clients do not have to trust C-DAX cloud for guaranteed end-to-end security
• Flexible match of security parameters to requirements of use cases, e.g., data rates, latency, confidentiality, integrity
Publisher DN DB … Subscriber
Encode Authenticate Authenticate Decode
SecServ
Key distributionKey distribution
Data Data Data Data
C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 11
Domain BDomain A
Inter-Domain Concept
Companies• Define C-DAX domains• Want to exchange information Inter-domain concept necessary
C-DAX DN• Provides access for external subscribers to
C-DAX cloud• Only point of contact for external
subscribers• Triggers authentication and authorization
of external clients• Manages external subscriptions• Forwards data from internal nodes to
external clients External subscribers
• May re-publish received information in own domain
Inter-domain security• DN hides domain’s network• Access from external domains only
allowed through DNs• SecServ of each domain manages
respective rights
C-DAX cloud
RS
SecServ
DB DN External subscriber
C-DAX cloud
: Security signaling: Publish/subscribe signaling: Publish/subscribe data transfer
C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 12
Comparison with Existing Pub/Sub Architectures
Architecture End-to-End Security
Resilience Message Persistence
Broker-based Communication
Mode
Direct Communication
Mode
C-DAX X X X X X
OMG DDS O X X - X
JMS - X X X -
NSQ - O - - X
Data Turbine - X X X -
ZeroMQ O O - O X
XO-
: Supported: Partly supported: Not supported / unspecified
C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 13
Protocol Adaptation Layer
Problem• Existing smart grid protocols rely on
bidirectional one-to-one communication, e.g., IEEE C37.118, IEC 61850
• C-DAX provides unidirectional many-to-many communication
• C-DAX provides a unified pub/sub interface for communication
Solution• Protocol adaptation layer translates
between smart grid protocols and C-DAX
Benefits for operators• Hardware and software compliant to
existing standards can be used with C-DAX with little configuration changes
• C-DAX can be transparent for legacy hardware and software
Implementation• Protocol adaptation layer for IEEE C37.118
has been implemented and tested
PMU/Client/Adaptation Layer DN
IP
C37.118
TCP/UDP
C-DAXC37.118
IP
TCP/UDP
C-DAX
C37.118
C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids
Prototype Purpose
• Validation of baseline communication functionalities and basic failure management of C-DAX
• Validation of security framework
• Validation of IEEE C37.118 protocol adaptation layer
Environment• IEEE 34 Bus as power grid
topology• PMU measurement data
provided by EPFL• Virtual Wall network test bed
provided by iMinds• RTSE application by EPFL
14
RTSE LabView
PMU-Bus3PubClient
PMU-Bus4PubClient
PMU-Bus7PubClient
PMU-Bus1PubClient
PDC Adapter
SubClient
Base Station
Bus1 Bus3 Bus4 Bus7
LAN
Bus7NodeBus4NodeBus3Node
Security Server
Bus1Node
Monitor
Monitor
BaseStationResolver
Virtual Wall
C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 15
Laboratory validation
PMU PMU PMU PMU
PDC PDC
C-DAX cloud
Real-time state estimation of the targeted
electrical network
Real-time modelof the electrical grid
C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 16
Field Trial
Purpose• Deploy C-DAX software in an existing
distribution grid• Evaluate applicability of C-DAX under
realistic conditions• Show-case several smart grid applications
using a common pub/sub middleware Environment
• Distribution grid provided by Alliander including a solid and fast IP network
• PMUs provided by National Instruments• RTSE application by EPFL• C-DAX software
Time plan• Deployment of PMUs and C-DAX software:
late 2014• Scheduled start of field trial: late 2014
Alliander’s MS Livelab
National Instruments’ PMU for MV levelSource: Alliander N.V.
Source: National Instruments Sweden
C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 17
Benefits and Features of the C-DAX Architecture General benefits of pub/sub
communication Flexibility and agility for integration of
emerging smart grid applications Transparent exchange of information Scalability Avoid repeated investment in ICT per
application
www.cdax.eu
Unique C-DAX benefits• Support for inter-domain
communications• Support for established smart grid
protocols, e.g., IEC 61850, IEC 60870-5-104, IEEE C37.118
• Combination of advanced features Cyber-secure layer addressing
authentication, privacy, and integrity in end-to-end fashion
Support for streaming, query and point-to-point communication
Resilience• Flexible provisioning strategy