#connweeksanta clara, ca may 22-24, 20121 openadr 2.0 signaling over tropos network architecture,...

#ConnWeek Santa Clara, CA May 22-24, 2012 1

OpenADR 2.0 Signaling over Tropos Network

Architecture, Communications and Security

May 24 2012Jim ComptonAGM/CTOBurbank Water and [email protected]


Agenda

• Overview• Architecture• Communications• Security• Q&A


Overview

• Burbank, California– Major C&I customers are Media and Entertainment

Industry with studios well known to the audience.• Why Demand Response (DR)?

– Mothballing two generators that ran fewer than eight (8) days per year

– DR to be used to fill the gap• Why OpenADR 2.0?

– Standard signaling protocol to all loads outside BWP’s cyber security perimeter

Jim Boch

I would define what a network and studio is,


Architecture


Communications

• Approximately 50,000 smart meters• Tropos wireless mesh network with fiber optic backhaul• Approximately 400 radios covering 98% of the City• Low latency/high bandwidth

– Average bandwidth availability: 5-10mbs per radio– Average round trip latency: 2.1ms

• BWP VTNs will be signaled from the Automated Dispatch System (ADS) over BWPs Enterprise Services Bus (ESB) using IEC 61968-9/100-based web services

• OpenADR 2.0a endpoints (VENs) will be signaled via Tropos wireless network

• Tropos 1410 radios will be integrated into the OpenADR 2.0a VENS


ADS – VTN Signaling

Source: IEC 61968-9, Application integration at electric utilities – System interfaces for distributionManagement, Edition 1, 2009-09, Figure 37, p. 60.


Security

• OpenADR 2.0a uses a flexible, state of the art security model based upon:– Authentication – You can verify that the sender is who he claims to be– Integrity – You can verify that the message has not been tampered with.– Non-repudiation – You can prove that the sender did in fact send the

message.– Confidentiality – You can ensure that only the intended recipient can read

your message (encryption).• Core security technologies leverage Secure Socket Layer (SSL)

transport, Public Key Infrastructure (PKI), and device level certificates.

• Security implementation methods consider customer preferences and their enterprise security infrastructure.


VeriSign CA

VeriSign DS

Issue Certificates

Publish Public InformationMaintain CRL and Public Certificates

DRAS

IADSParticipant

Facility

BWPPortal

X.509 Certificates

Certificates

Verify Certificates and Certificate Revocation List


Risk Analysis – VTN

Use Case 1: Malicious disruption of OADR2 messages leaving the server (VTN)

Actor 1, Utility (VTN) Risk Category

Message Type A I C N

Demand Response Events 3 3 1 1

Price Conveyance Public Data 1 1 1 1

Price Conveyance Private Data 2 2 2 2

Price Conveyance with PRD 3 3 2 2

Feedback (Meter telemetry or other) 2 2 2 2

Energy Transactions 3 3 3 3

[1] There are programs that tie load shed to prices[2] Not substation or state estimation devices, client devices only[3] Buying and selling, with calls to perform

Risk Categories1.Inconvenient but no detrimental effect to either customer or grid2.Disturbance to utility or customers, but not to grid3.Grid Instability


Risk Analysis – VEN

Use Case 2: Malicious disruption of OADR2 messages leaving the end node (VEN)

Actor 2, End Device (VEN) Risk Category

Message Type A I C N

Demand Response Events 1 1 1 1

Price Conveyance Public Data 1 1 1 1

Price Conveyance Private Data 1 1 1 1

Price Conveyance with PRD 1 1 1 1

Feedback (Meter telemetry or other) 2 2 2 2

Energy Transactions 3 3 3 3

[1] There are programs that tie load shed to prices[2] Not substation or state estimation devices, client devices only[3] Buying and selling, with calls to perform

Risk Categories1.Inconvenient but no detrimental effect to either customer or grid2.Disturbance to utility or customers, but not to grid3.Grid Instability

Jim Boch

need to change table to match VEN data

#connweeksanta clara, ca may 22-24, 20121 openadr 2.0 signaling over tropos network architecture,...

Documents