cisco industrial
DESCRIPTION
TRANSCRIPT
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1
May 7, 2013
Cisco Connected Grid Securing and Modernizing the Grid Over An Intelligent, Secure Network
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
Modernize
Cisco Connected Grid Substation Solution Designed for both mission critical and support communications, delivering
greater visibility, control and management of grid assets
What Are We Announcing Solutions To Accelerate Grid Security and Modernization
Cisco Connected Grid Security Architecture A framework for protecting critical infrastructure and information based on a layered security approach
Secure
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
Cisco Connected Grid Global Customer Momentum
FGC UES
2013 Highlights
• New Customers
• New partnerships
• Industry awards
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
Use Cases
Substation Physical Security
Remote Workforce
Management
Remote Configuration
Substation Automation
Tele-Protection
System Integrity Schemes
supervisory control and data
acquisition (SCADA)
Wide Area Monitoring
Advanced Meter Reading
Dynamic Line Rating
Fault Isolation and System
Restoration (FISR )
Applications Reference Model Architectures
Cisco GridBlocksTM Architecture Systematic Approach To Grid Modernization
Integrating Security Throughout
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
Cisco Connected Grid Expanded Portfolio
Data Center & Control
Center
Grid Operations &
Inter-Utility Network
Transmission
& Substation Network
ARCHITECTURE + SECURITY + SERVICES
Field Area Network Neighborhood
Area Network
Customer Premise
Area
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
Address
• Safety
• Reliability
• Regulatory compliance, standards and guidelines
Plan
• Legacy integration
• Vulnerability identification and management
• User / device identity and access control
Deliver
• Customer privacy and data confidentiality
• Integrity across operations
• High resiliency
Utility Top Of Mind Issues
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
Grid Changes Driving Security And Risk Mitigation
Grid Increased
Automation
Interconnections
Across Grid
Components
Modernization
and Resiliency
Interoperability
Challenges Security and
Privacy
Legacy
System
Integration
Increased
Attack
Surface
Emerging Applications and Increased Grid Traffic Contribute to Risk
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
Connected Grid Security Architecture
Access Control
• User and Device Identity
• Authentication, Authorization & Accounting
Data Integrity, Confidentiality and Privacy
• Network Segmentation
• Security Connectivity and Encryption (VPN)
Threat Detection and Mitigation
• Security Zones with Firewall
• Intrusion Prevention with SCADA signatures
Device and Platform Integrity
• Device Hardening
• Configuration Assurance
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
Security Services and Ecosystem
• Advanced services dedicated to Energy industry to assist customers in security strategy and deployment
• Cisco security intelligence operations: threat and vulnerability analysis and notification services
• Broad partner ecosystem we leverage for our customers - to help them with their business issues
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
Customer Case Study: Network Design for Critical Transmission Application
Challenge Meets six nines of availability; 50 msec RTT latency
Securely Transports non-routable GOOSE Ethernet frames
Scalability for fast-growing network of telemetry devices
NERC-CIP, IEC 61850-3 and IEEE 1613 compliance
Solution
• Cisco Connected Grid router and switches in integrated network
• Centralized security and operational management
• NERC-CIP compliance and security
• Scalable availability and QoS models
Results
• Improved visibility into
substation operations and
logging of telemetry data
• Flexible platform to support
multiple transmission functions
• Address changing regulatory
requirements while taking a
comprehensive security
approach
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
Customer Case Study: Utility Backbone MPLS Network
Challenge
• Unify multiple legacy networks onto MPLS network
• Achieve reliability within secured network segments
• Reduce OPEX, time to provisioning
• Improve network convergence and availability
Solution
• Cisco Services design: highly available MPLS backbone
• Cisco Connected Grid Portfolio
• Comprehensive network management and security
• Operational management models for network and substation
• Comprehensive Security and NERC-CIP compliance
Results
• Cost reduction with standards-
based products and technologies
• Reliable consolidation of multiple
operational networks
• Reduced time to provision new
sites
• Greater operational efficiency
• Robust network foundation to
support evolving smart grid
applications: PMUs, field area
network backhaul, mobile
workforce solutions
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
Use Cases
Substation Physical Security
Remote Workforce
Management
Remote Configuration
Substation Automation
Tele-Protection
System Integrity Schemes
supervisory control and data
acquisition (SCADA)
Wide Area Monitoring
Advanced Meter Reading
Dynamic Line Rating
Fault Isolation and System
Restoration (FISR )
Applications Reference Model Architectures
Grid Modernization: Cisco’s Systematic Approach
Integrating Security Throughout
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
Neighborhood Area Network
Wide Area Network
One Systematic Approach for All Places in The Network
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
CGS-2k
CGS-1k ASR 903
CGR 2010
ASR 9000
CRS
Nexus 1000V
Nexus 2000
Nexus 3000
Nexus 4000
Nexus 7000 Nexus 5000
UCS Blade Servers UCS Rack Servers
Fabric Interconnect & Extenders
Substation LAN
Data Center & Control Center
Substation WAN Core
Iron Man
Prime NGN
Network Management
Field Area Network
CGR 1240
CGR 1120
Connected Grid NMS Connected Grid
Design Suite Prime Infrastructure Prime Data Center
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
Control Center Router
ISR-G2
Contr
ol C
ente
r /
NO
C
Multi-service Bus
IP Telephony Physical
Security
Substa
tion
EMS /
SCADA
Prime, ISE
Network and Security Management Systems
Cisco Design,
Network and Security Management
applications
Wide Area Monitoring
and Controls System Historian
CG-DS
Operations Edition Physical Security Operations
Manager
Control Center
Partner Applications
WA
N
Remote
Workforce
FAN Aggregation
Process Bus
Protection IED CG-DS
Substation Workbench Merging Unit PT/CT
Station Bus
IEDs / PMUs RTU / Bay
Controller
Substation MPLS Router
ASR-903
WiMax
Secure
Public or Private WAN Solutions
CGS 2520
CGS 1000
CGR 2010
CGR 2010
CGS 2520
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
New IEC 61850 Substation LAN Product Family
Space constrained use cases
• Distributed generation
• Substation LAN Station and Process bus
• Substation Switchyard deployments
Resilient architectures
• Ring, Tree and Hierarchical topologies
• Standards based PRP and HSR for hitless failover
Utility grade platform
• IEC-61850-3 & IEEE 1613 tested
• IEEE 1588 PTP, C37.238-2011 time synchronization
Flexible connectivity options
• Mixture of copper and fiber
• Power over Ethernet
• Multiple port density configurations
Cisco CGS 1000
Compact switches
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
Introducing ASR 903 for low latency grid communications
• ASR 903: Utility SONET/SDH replacement
Compact, redundant, modular and hardened
High performance future proof scale to 300Gbps
WAN options: Ethernet, TDM/ATM, Serial Sync & Async
• ASR 903 Line card expansion
RS-232 Serial interface cards for ASR 903
Serial tunneling of SCADA over the WAN
Hardware ready for future protocols (e.g., RS-485, RS-422, X.21, V.35)
• Expanded Solution validation
New reference designs for multiservice MPLS/IP network
Addition of low latency use cases (e.g., tele-protection)
Test results available under NDA for customers & partners
Serial Interface Modules
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
Summary
1
Secure
A framework for protecting critical infrastructure and information based
on a layered security approach
2
3
Learn more
Join us at UTC Telecom 2013. Security tutorials, Customer seminar, Demos and more.
Visit www.cisco.com/go/smartgrid
Modernize
Designed for both mission critical and support communications,
delivering greater visibility, control and management of grid assets