4. cisco da and ami v01
TRANSCRIPT
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 1/45
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1
Cisco Confidential 1© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential 1© 2011 Cisco and/or its affiliates. All rights reserved.
Paulo Pereira, [email protected]
Connected Energy Networks EMEAR
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 2/45
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
• FAN Overview
• Distribution Automation Use Cases
• FAN Technologies
• Network Services
• Products and Roadmap
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 4/45
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
AMI DA
RFMesh
PLCMesh
FLIRFSIR
FaultLocationIsolation
Restoration
Volt/VArRegulation
DERDistributed
EnergyResources
RemoteWorkforce Management
Remote Asset
Management
DistributedIntelligence
IEEE802.15.4g
IEEE 1901.2 IEC 61850, IEC 60870, DNP3, Modbus, etc
FAN Gateway Services(legacy devices)
Time Distribution Services
Security and Security Management
Communications Network Management
DIG 1.0 DIG Next release DIG Future
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 5/45
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
• FAN Overview
• Distribution Automation Use CasesRaw TCP Socket
Protocol TranslationIEC 61850 in Multi-Services FAN11kV Grid Reinforcement
• FAN Technologies
• Network Services
• Products and Roadmap
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 6/45
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
Proprietaryprotocols over
Serial
Standardprotocols over
Serial
Standardsprotocols over
TCP/IPIEC 61850
IEC 60870-5-101
Vendor’sdependent IEC 60870-5-104,
DNP3/IP, Modbus/TCP,etc
MMSDNP3, Modbus, etc
IP Interfaces
GOOSE/SV
GOOSE/SV over IP/UDPfuture IEC 61850-8-1 and61850-9-2 profiles (**)
Ethernet Layer-2switching (*)
Secure IP infrastructure (Data Integrity, Confidentiality and Privacy)
Traffic tunneledover IP
Raw TCP Socket
ProtocolTranslation
IEC 60870-5-101 toIEC 60870-5-104
SerialPPP/CHAP
L2 over IP WANi.e. L2TPv3 (*)
Ethernet
(*) future SW support on CGR 1000 (**) standards evolution)
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 7/45© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
• A mean to transport streams of characters from one serial
interface to another over the IP network for utility applicationRaw socket transport supports point to multi-points connection over async serial
line
TCP over IP transportation – Raw Socket Transport has built-in auto TCPconnection retry mechanism.
Packetization and sending data on a specific packet length, a specific characteror upon a timeout.
• Each serial interface can be configured as server, client, or thecombination of both
CGR 1000 – Total number of supported TCP session: 32 x 2 Serial Interface• Interoperable with competitor devices equipped with raw socket
transport feature, such as ruggedcom, SEL, and checkpoint.
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 8/45© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
CGR 2010 – Server! ! !
interface Serial1/1 no shutdown encapsulation raw-socket
!! ! !
line tty 1 raw-socket tcp server 5000 Master_IPv4_addressraw-socket packet-timer 3raw-socket tcp idle-timeout 5
! ! !
IP WANSCADA
CGR 2010(Server) CGR 1120
Client
RTU #1
RTU #2
CGR1120 Client! ! !
interface Serial1/1 no shutdown encapsulation raw-socket
!interface Serial1/2 no shutdown encapsulation raw-socket
line tty 1 raw-socket tcp client Master_IPv4_address 5000 10.0.0.2 9000raw-socket packet-length 32raw-socket tcp idle-timeout 5
line tty 2 raw-socket tcp client Master_IPv4_address 5000 10.0.0.2 9001raw-socket packet-length 32raw-socket tcp idle-timeout 5
Server – listening port, acceptingIncoming TCP connection
Client – requesting port, placing
Outgoing TCP connection
• Packet-length – the number of bytes receivedfrom serial interface to trigger transportation
• Packet-timer (aka idle timer) – the delay fromthe last received byte to trigger transportation
• Special character – the character use to triggertransportation, it will also be used as a delimiter
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 9/45© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
• Enabling the integration of IEC 60870-5-101 devices in multi-services FAN, through IEC60870-5-101 to 104 protocol translation performed on CGR 1000
Support T101 Balanced and Unbalanced Link Transmission Procedure
• CGR 1000 receives information and events from RTUs through T101 protocol over its Serialinterfaces, then send them to SCADA Control Center through T104 protocol
• Data/events are stored locally in SCADA information database, before sending. In case of link failure, up
to 100 events for each control center can be stored .
• CGR 1000 receives commands from SCADA Control Centers through T104 TCP protocol,then sends commands through T101 protocol to RTUs
• High availability – up to 2 active T104 control centers can gather information and controlRTUs through a CGR 1000 – Any event sent from RTU will get sent to both control centers.
• Time synchronization – RTUs get their clock information from CGR 1000 (NTPv4), whichsends system clock information into T101 clock sync frame to all connected RTUs
• IEC 60870-5-101 file transfer support• Scada master application downloading image or configuration file to RTU
• Scada master application retrieving event log file from RTU
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 10/45© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
IP WAN
ASR 1K orCGR 2010
CGR 1120
RTU #1
RTU #2
SCADAMaster 1
SCADAMaster 2
Active IEC60870-5-104Masters
104 Configuration
Channel (x 2)Router as 104 Slave
Map TCP port to match SCADA master
Session (x 2) Attach to Channel
Sector (x 2) Attach to Session
ASDU Address as on SCADA MasterMap 104 Sector to 101 Sector
101 Configuration
ChannelRouter as 101 Master
Bind to serial port
Session Attach to Channel
Link Address as on RTU Session
Sector Attach to Session
ASDU Address as on RTU Sector
T101
T101
T104
T104
T104
T104
SCADAdatabase
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 11/45© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
• IEC 61850 MMS devices can beconnected to Ethernet Layer-3 interfaceson CGR 1000, then traffic is routedbetween any interface
• IEC 61850 GOOSE/SV devices will benefitfrom future Ethernet Layer-2 switchingCGR 1000 feature set tor local traffic
IEEE 802.1Q VLANs, IEEE 802.1p CoS, ! • IEC 61850 GOOSE/SV traffic between
remote FAN locations and NOC requiresBridging between Ethernet Layer-2 andWAN interfaces
Ethernet – WiMAX bridging (Ethernet CS)
Ethernet – L2TPv3 tunnel
• IEC 61850 GOOSE/SV over WANrequires characterization of latencyvalidating proper application’s support
QOS and network design rules will help
Future releases
IP Infrastructure
SCADA SCADA
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 12/45© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
• Maximizing network capacity usage bymonitoring assets temperature andload, then using this to calculate real-time asset capacity
Technique 1 -Dynamic Asset Rating
• Changing the configuration of thenetwork to improve the flow of powervia re-routing of load through areas ofspare capacity to accommodate peaks
Technique 2 –
Automatic LoadTransfer
! "#$%&%'%() (+,-./0 1#2#1%,3 45#)+ 63&.(%,./%() #55+,5 ,+&2+/#,4/+ #(7 8.#79,:+( 45%() ,:%5 ,. calculate real-timeasset capacity
Technique 3 – MeshedNetworks
! ;5%() power stored in batteries on thenetwork, to alleviate the problem byreducing the Network peak loadrequirements
Technique 4 – EnergyStorage
Transformer Overhead LinesUnderground
Lines
Overhead Lines
UndergroundSimple & Complex
Topologies
Simple RingComplex Mesh
Feeder
SecondarySubstation (11kv
to 450v)
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 13/45© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
• Current Asset rating50% redundancy is built into many of todays electricity networks to ensurecontinued operation during a failure.Many/most Medium 11kV network as not monitoredSome assets are under utilised, some are over utilised
Today static ratings are used for certain periodsRenewable generation is demanding increased capacity
• Dynamic Asset RatingMonitor of voltage and current as well as environmental measurements is keyCorrectly rate assets based on measurements
Rate the assets and system based on current grid and environmentalconditionsControl renewable generation to maximise asset usage (dynamic Line rating)Control plant (transformer pre loading) to maximise asset life
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 14/45
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
• LocationsControl, CentrePrimary SubstationSecondary Substation (Line)
• Devices
DMS (Control Centre)RTUDynamic Asset RelayLine Power Sensors
• CommunicationRTU polled valuesThreshold AlertsReal time Ampacity readingsTransformer Control Signals (Cooling)
"
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 15/45
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
Transformer Environmentaland CT/VT
Sensors
DistributionManagement System
(DMS)
RTU(SCADA / 61850)
Ability to remotely monitor transmission line conditions (with line condition sensors that detect conductortemperature, line sag and wind speed / direction) to increase line capacity loading and control stability.
Control commands might disable / enable devices on given ratings
Type: PolledBandwidth: Low
Latency: non criticalResilience: medium
Jitter: non criticalSecurity: Low
Report Status
Type: EventBandwidth: Low
Latency: med criticalResilience: High
Jitter: non criticalSecurity: Low
Report Fault Event
Type: ControlBandwidth: Low
Latency: med criticalResilience: medium
Jitter: non criticalSecurity: Medium
Control Commands
Dynamic Asset Relay(SCADA / 61850)
Type: Real timeBandwidth: Medium
Latency: med criticalResilience: Low
Jitter: non criticalSecurity: Low
Real Time Ampacity
H a r d w i r e d H a r d w i r e d
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 16/45
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
Operational ControlCentre
RTU(FTP, SSH, SNTP)
Ability to remotely monitor transmission line conditions (with line condition sensors that detect conductortemperature, line sag and wind speed / direction) to increase line capacity loading and control stability.
Control commands might disable / enable devices on given ratings
Type: Ad HocBandwidth: Medium
Latency: non criticalResilience: Low
Jitter: non critical
Database Uploads
Type: Ad HocBandwidth: High
Latency: non criticalResilience: Medium
Jitter: non critical
Firmware downloads
Type: Ad HocBandwidth: Low
Latency: non criticalResilience: medium
Jitter: non critical
Device Configuration
Dynamic Asset Relay(FTP, SSH, SNTP)
Type: Polled
Bandwidth: LowLatency: med critical
Resilience: MediumJitter: med critical
Time Synchronisation
SNTP or IEEE 1588Clock Source
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 17/45
Cisco Confidential 17© 2011 Cisco and/or its affiliates. All rights reserved.
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 18/45
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
• FAN Overview • FAN Technologies
IEEE 802.15.4g/e RFIEEE P1901.2 NB-PLC
6LoWPANIPv6 BasicsRPLConnected Grid Mesh
• Distribution Automation in Multi-Services FAN• Network Services
• Products and Roadmap
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 19/45
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
IPv6/IPv4
UDP/TCP
IEEE 802.15.4e MAC enhancements
IPv6 RPL
Web Services, EXI, SOAP,RestFul,HTTPS/CoAP
• Open Standards – at all levels to ensure interoperability and reduce technology risk for utilities
• Future proofing – common application layer services over various wired and wireless communicationtechnologies
802.1x / EAP-TLS & IEEE 802.11i based Access Control
PhysicalLayer
IEEE 802.15.42.4GHz , 915, 868 MHz
DSSS , FSK, OFDM
IEEE P1901.2NB-PLCOFDM
IEEE 802.11Wi-Fi
2.4, 5 GHz, Sub-GHz
IEEE 802.3EthernetUTP, FO
2G, 3G, LTECellular
IEEE 802.16WiMAX
1.x, 3.xGHz
DataLink
Layer
IEEE 802.15.4including FHSS
IEEE P1901.2802.15.4 frame
format
IEEE 802.11Wi-Fi
IEEE 802.3Ethernet
2G, 3G, LTECellular
IEEE 802.16WiMAX
6LoWPAN (RFC 6282) IPv6 over Ethernet (RFC 2464) IPv6 over PPP(RFC 5072)
IP or EthernetConvergence SubL.
NetworkLayer
TransportLayer
ApplicationLayer
Addressing, Routing, Multicast,QoS, Security
Security (DTLS/TLS)
DNS, NTP, IPfix/Netflow, SSHRADIUS, AAA, LDAP, SNMP, ! (RFC 6272 IP in Smart Grid)
MeteringIEC 61968 CIM, ANSI C12.22,DLMS/COSEM, !
SCADAIEC 61850, 60870DNP3/IP, Modbus/TCP, !
LLC
MAC
Mgmt
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 20/45
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20
IEEE 802.11 WirelessLAN (WLAN)
IEEE 802.15Personal AreaNetwork (PAN)
IEEE 802.16 WirelessBroadband Access
IEEE 802.22 WirelessRegional Area
Networks
WiFi802.11a/b/g/n
802.11ah (sub-GHz)
802.15.1 Bluetooth
802.15.4 Low RateWPAN
(2003-2006- 2011 )
802.15.4e-2012MAC Enhancement
802.15.4f PHY for RFID
802.15.4g-2012amendment Smart
Utility Networks
802.15.4c Sub-GHzPHY for China
15.4m Study GroupTV White Space
amendment
802.15.6 Body AreaNetworking
802.15.7 Visible LightCommunications
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 21/45
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
USA Canada
Chile Colombo Mexico
Argentina Uruguay
Venezuela 902-928MHz
4 W *
Source: CEPT - DKE 731.09r1 JSC
860 870 880 890 900 910 920 930 940 950 MHz850
Singapore2 W **
Singapore0.5 W **
S.A. 4 W **
China
2 W **
Thailand
2 W *
Europe IndiaHong-Kong
Iran UAE 2 W **
Malaysia
2 W **
Israel
2 W *
* e.i.r.p.** e.r.p.
Brazil902-907.5,
915-928 MHz
4 W *
840
China 2 W **
Japan (2012)915-930MHz
4 W*
0.5 / 0.02 W *licensed/
unlicensed
E.U CEPT new frequency bandsdiscussion (870-876MHz and
915-921MHz)
• Allocated Frequency bands• Licensed/unlicensed (ISM)• Transmit power• Time transmitting
Korea917-923.5MHz
4 W *
Australia915-928MHz
Hong-Kong920-924 MHz
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 22/45
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22
• MAC layer: IEEE 802.15.4 compliant + 802.15.4eextensions
• 15.4g: frame size larger than 127 bytes• 15.4e: EB and EBR for network discovery• 15.4e: Enhanced ACK for security and information carrying• 15.4e: Information Elements (RSSI, Time synchronization)
• Novel channel hopping scheme• Per-node hopping sequence for maximum channel diversity
• Overlaid hopping sequence for multicasts
• PHY layer – IEEE 802.15.4g compliant• Operating Band: 902-928 MHz• Number of Channels: 64
•
Channel Spacing: 400 kHz• Modulation Method: Binary FSK• Baud Rate: 150 kbaud/sec• Bit Rate: 75 kbits/sec after overhead from Convolutional FEC• Output Power: 30 dBm• Regional filtering for countries only supporting a subset of 902-928MHz• Transmit power set-up for local regulations
Adaptation: 6lowpan (RFC 6282)
IPv6
UDP/TCP
PHY: IEEE 802.15.4gMR-FSK
MAC: IEEE 802.15.4eFHSS
Routing: RPL
Mgmt: CSMP
CoAP
802.1x / EAP-TLSbased Access Control Solution
Applications
Cisco Developer Network – IP Enabled Grid Devices : HW ref. model + SW SDK librarySmall footprint open standards IPv6-based communication stack
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 23/45
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23
In Home
NarrowBand(NB-PLC)
Backhaul(B-PLC)
HomePlug Alliance
IEEE P1901 OFDM orWavelet
2-30MHz >100Mb/s
ITU G.9960G.9961
OFDM 2-30MHz >100Mb/s
HPGreenPHY
P1901certificationprofile
OFDM 2-30MHz Up to 3.8Mb/s
IEC 61334Prime (Iberdrola)
G3 (ERDF)SITRED (ENEL)
LonWorks (Echelon)
IEEE P1901.2 10-490kHz
ITU G.9955G.9956
Includes power lines, phone lines andcoaxial cables
G.9903 Was G3-PLC annexes
G.9904 Was Prime annexes
SAEISO
J2931/315118
Electric vehicles leveraging PLCstandards
Proprietary
IEEE P1901 Profile to address the first-mile/last-mile connection (<1500 m to thepremise)
IEEE P1901.2 MV communications
StandardsProprietary
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 24/45
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24
• IEEE P1901.2 – Open standard for NarrowBand PLC! PHY & MAC layers definition – upper layers are open to IPv6-based standards
solution and evolution! Worldwide regions support – covers the full Low-frequency (below 500 KHz) PLC
communication spectrum! Use-cases extend beyond AMI - EV to charging station, street lighting, power
plugs, solar panels/inverters ! Enable MV/LV crossing – To be demonstrated! Aligned with IEEE 802.15.4g/e RF Mesh profile – 6LoWPAN (RFC 6282) as
adaptation layer and RPL (RFC 6550) for routing at Network layer – ease the mixof PHY/MAC technologies
• Chipsets vendors advertising IEEE P1901.2 PLC support on new generationchipsets, as PRIME and G3-PLC (different firmware), now available
• CGR 1000 NB-PLC interface
CGR 1120 – 3 phases, CGR 1240 – 1 phase
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 25/45
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
• Application Layer• Use case application from Vendor adopting the SDK• Management is part of the SDK libraries (CoAP/CSMP), including
firmware upgrade
• IPv6 protocol suite• DHCPv6 (RFC 3315) for Address auto-configuration
• RPL (RFC 6206, 6550, 6551, 6553, 6554, 6719) for IPv6 routing• IP QoS – 4 priority queues
• IEEE 802.1x and 802.11i based security
• 6LoWPAN Header Compression (RFC 6282)
• MAC layer: IEEE P1901.2 + IEEE 802.15.4e extensions• 15.4e: EB and EBR for network discovery• 15.4e: Enhanced ACK for security and information carrying• 15.4e: Information Elements (RSSI, Time synchronization)
• PHY layer – IEEE P1901.2 compliant• Phase 1 – CENELEC A band mandatory, B/C/D optional• Phase 2 – all World regions
Adaptation: 6lowpan (RFC 6282)
IPv6
TCP/UDP
PHY: IEEE P1901.2
MAC: P1901.2 + 802.15.4e extensions
Routing: RPL
Mgmt: CSMP
CoAP
Cisco Developer Network – IP Enabled Grid Devices : HW ref. model + SW SDK librarySmall footprint open standards IPv6-based communication stack
802.1x / EAP-TLSbased Access Control Solution
Applications
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 26/45
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26
IP Services IPv6 Benefits
Addressing 128 bits, multiple scopes (global, private,link-local, ! )
Large address space, public orprivate infrastructure
Address Auto-configuration
Stateless, DHCPv6, renumbering, DHCPv6Prefix Delegation
Zero-touch configuration
Data Link Adaptationlayers
Ethernet, WiFi, ATM, FR, PPP, Sonet/SDH,6LoWPAN (802.15.4g, 1901.2), !
Media Diversity
Routing RIP, OSPF, IS-IS, E-IGRP, MP-BGP, RPL Reachability
IP Network &transport layer
Security
IPsec, TLS/DTLS, Filtering (ACL, firewall) Security, Data Integrity
Multicast MLD/PIM/Multicast MP-BGP,Scope Identifier
Software upgrade,Demand/Response, Dynamic
pricingQoS IPv6 QoS Differentiated Service Multi-Services network, SLA
Time Distribution NTP version 4 Secured Time Synchronization
Management DNS, IPfix/PSAMP, SNMP, CoAP ! Push/Pull Mgmt model, scalableend-points mgmt
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 27/45
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27
• IETF 6LoWPAN WG – IPv6 over Low Power Personal Area NetworksInitially specified as an Adaptation layer for IPv6 over IEEE 802.15.4RFC 4919 – Overview, Assumptions, Problem Statement, and GoalsLeveraged by IEEE P1901.2 NB-PLC, Bluetooth Low Energy, etc
• RFC 4944 provisioned 3 functions inherent to an IEEE 802.15.4 subnet: IPv6Header Compression, L2 Fragmentation and L2 Mesh
• IPv6 Header Compression – defined in RFC 6282 (deprecating RFC 4944Header Compression scheme)
Does not rely on per-flow stateStateless compression (compact forms for redundant and commonly used values)Context compression (compact forms for IPv6 prefixes)
• Layer-2 Fragmentation as on IPv6, fragmentation is handled by source anddestination nodes or by Layer-2 adaptation layer.
• Layer-2 Mesh – just provisioning the function as the definition of Layer-2Mesh specifications is outside the scope of 6LoWPAN WG
• Neighbor Discovery Optimization for IPv6 over 6LoWPAN in RFC 6775
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 28/45
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28
• RPL is a new Distance Vector routing protocol standardized by the IETF,specifically designed for Low Power and Lossy Networks (LLNs)
IETF RoLL WG defined a collection of RFCs to cover all identified use cases Adapted to nodes running over LLNs with little CPU and memory resources, lowbandwidth network interface, potentially battery powered
• RPL runs over IPv6-only as “Route Over”, guaranteeing the use of a variety ofdata links and route re-distribution with other IPv6 routing protocols
New routing metrics: Energy, latency, link reliability, node state, link color,!
• Support of various traffic flows
Multi-Point to Point – ie: meters to Head-end servers – upstream routePoint-to-MultiPoint – ie: Head-end servers to meters – downstream routePoint-to-Point – ie: Sensor to Actuator Utility
Facilities
IP WANRPL
Domain
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 29/45
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29
1. Factory Configuration
2. Network DiscoveryBeaconing done every time the node boots, andcontinuously thereafter
3. CG-Mesh Access Controla) IEEE 802.1x Authentication (and RADIUS)b) IEEE 802.11 Key Deployment (CG-Mesh-
Security)Last 2 steps done at boot unless node alreadycached GTK (“warm start”)
Also done on migration to a new PAN, unless nodealready has cached GTK
4. Route DiscoveryRPL Default Route Selection (DIO)
5. IPv6 Address assignment – DHCPv6
6. Route RegistrationRPL Tree Formation (DAO)
7. CG-NMS Registration (CoAP/CSMP)
UtilityFacilities
IP WAN3 5 7
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 30/45
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30
• Executive Overview
• FAN Technologies
• Distribution Automation in Multi-Services FAN
• Network ServicesNetwork Management Services
Secure Zero Touch Router Deployment
Security Management Overview• Products and Roadmap
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 31/45
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31
IETF CoRE WG
CoAP Overview• A specialized web transfer protocol for use
with constrained nodes (microcontrollers,Limited RAM and ROM) and constrainednetworks (e.g. LLNs) with low data rate
HTTP-like GET/POST for resource objects overUDP4-byte binary protocol header, then options and data
• Request/Response
• Small Message Overhead
• Supports Multicast
• Supports Asynchronous Messaging
• May also work in proxy mode (HTTP-CoAP)Not supported on CG-NMS or CGR 1000
Client Server Client Server | | | | | CON tid=47 | | CON tid=53 | | GET /foo | | GET /baz | +---------------->| +---------------->| | | | | | ACK tid=47 | | ACK tid=53 | | 200 "<temp... | | 404 "Not... | |<----------------+ |<----------------+ | | | |
IP WAN
Cisco CG-NMSServer, DB
CG-NMS communicates with CGEusing CoAP over IPv6
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 32/45
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 32
CSMP Overview – a CoAP-based protocol and data model forremote management of embedded networking devices running inlarge-scale constrained networks
CG-NMS uses CSMP (CoAP Simple Management Protocol) overUDP port 61624 over IPv6 to directly communicate with CGEs
CG-NMS CSMP functions• Registration – CGEs contact CG-NMS after joining network
• Provisioning – CGEs retrieve configuration from CG-NMS after registration
• Metrics – CGEs periodically push network performance and routing informationto CG-NMS after configuration
•
Configuration – CG-NMS can push new configuration and group info to CGEs• Firmware Update – CG-NMS can push new communication module firmware to
CGEs
All CSMP Messages from CG-NMS to CGEs are Signed by CG-NMS andVerified by CGEs
AMI Operations
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 33/45
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 33
RF Mesh (or PLC)Neighborhood Area Network
Cisco ConnectedGrid Endpoints
Head-end Tunnel’saggregation routers
Public or PrivateWAN Backhaul
CGR 1240 CGR 1120
GISInternetservice
SCADA servers, Historian, etc
Head-End System, OutageReporting System, Meter Data
Management, etc.
AMI Operations
DA Operations
CG-NMSOracle Database
Web UI Module
CSMPprotocolModule
SOAP APIModule
North bound APIsand Syslogs
CGE DeviceModule
CGR1000protocolModule
CGR 1000Device Module
NetconfprotocolModule
ASR 1000Device Module
Inventory Properties Metrics Events Rules !
!
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 35/45
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35
Public or PrivateIP WAN
AAA Server CA Server
RA Server
Cisco CG-NMSServer, DBIPAM (DNS/DHCP)Directory Services
TunnelProvisioningService (TPS)
ASR 10002
2. CGR1000 enrolls certificates through SCEP. After a successful authentication, CGR 1000can communicate with the TPS
3. CGR1000 communicates with TPS using Callhome configuration over HTTPS. TPSterminates the connection and forwards the request to CG-NMS over another HTTPSconnection
2
3
3
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 37/45
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37
Public or PrivateIP WAN
AAA Server CA Server
RA Server
Cisco CG-NMSServer, DBIPAM (DNS/DHCP)Directory Services
TunnelProvisioningService (TPS)
ASR 1000
7
7. CGR1000 opens new HTTPS connection to registration service in CG-NMS, sendsdiscovery information over the IPsec tunnel
8. CG-NMS downloads CGR 1000 configuration and stop registration
8
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 38/45
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 38
Public or PrivateIP WAN
AAA Server Certificate
Authority Server
RegistrationAuthority Server
Cisco CG-NMSServer, DBIPAM (DNS/DHCP)Directory Services
TunnelProvisioningService (TPS)
ASR 1000
Securehandheld with
utility technician
• Mesh Access Controlusing 802.1x, EAP-TLS, certificates
• Link-Layer encryptionwith AES-128
• IPSec encryption over WANbackhaul with traffic segmented
• IP ACL
• IEC 62351-8 (RBAC)• HSM HW
• IEEE 802.1AR• X.509 Cert
FW and IPS
Vulnerability management – CERT, PSIRTCisco Secure Development Lifecycle (CSDL)
Devices protection (HW & SW)Electronic Security Perimeter network design
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 39/45
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 39
• FAN Overview
• FAN Technologies
• Distribution Automation in Multi-Services FAN
• Network Services
• Products and Roadmap
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 40/45
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 40
Resiliency• IEC 61850-3 & IEEE1613 compliant• Natural cooling convection
• Chassis-Integrated Heat sink• No moving parts• Automatic failover from DC to AC(indoor model), from AC to battery
(outdoor model)• Extended Temperature RangeSupport
Multi-Services Field Area Routers• Indoor (CGR 1120) & outdoor(CGR 1240) ruggedized modular chassis• Dual-stack (IPv4/IPv6) routers• RF & NB-PLC Mesh support – AMIand DA use cases• Ethernet & Serial support – SCADAUse cases• Choice of WAN backhaul: WiMAX,Ethernet/Fiber, Cellular (3G, CDMA)• 3 rd party radio hosting readiness
(CGR 1240 only)
Pervasive Security• HW integrity: IEEE 802.1AR• X.509 Certificate-based identity• IEEE 802.1x & 802.11i Access Control• RF & PLC Mesh Security• WAN encryption through IPsec
Multi-Services Feature Set• Segmentation and Prioritizationof traffic – QoS• SCADA traffic – encapsulation andProtocol translation• Zero-touch provisioning for easingScalable field deployment• Comprehensive remote managementSolution• 3 rd party application integration readiness
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 41/45
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 41
SCADA Use Cases• Raw TCP Socket – Serial SCADAProtocols encapsulation over IPv4
•
IEC 60870-5-101 to 60870-5-104protocol translation• PPP/CHAP – IPv4 over SerialInterfaces connectivity• IEC 60870-5-104, DNP3/IP,ModBus/TCP or IEC 61850 MMS overEthernet L3 interfaces• IEC 61850 GOOSE/SV over EthernetL2 and WAN (L2TPv3) in future releases
Multi-Services Field Area Routers• IPv4/IPv6 Unicast & Multicast forwarding• IPv4/IPv6 QoS – traffic prioritization• Routing – OSPFv2/OSPFv3, Static
Routes, Object Tracking, PIMv6,MP-BGP (future)• DHCPv6 relay• NTPv4• VRF-Lite (future)
AMI Use cases• 6LoWPAN-based RF Mesh andNB-PLC Mesh support• IPv6 RPL routing for Mesh networks• Power Outage Notification• RPDON• ANSI C12.22 Relay (Itron non-IP Mesh)
Network & Security Management• NetConf, XML, CG-DM, SNMP, EEM
•
Smart Call Home• SSH, HTTPS, RADIUS, TACACS+• IPsec Tunnels over WAN• Role-based Access Management• 802.1x Supplicant + mesh enhancements for 802.1x• Mesh Access Control using certificates andgroup mesh keys• Router-based Access Lists (L3-L4 ACLs)• Wi-Fi Security using 802.1x, WPA2
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 42/45
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 42
• Dimensions: 30.48 cm (H) x 22.86 cm (W) x 21.59 cm (D) = 12”
(H) x 9.0”
(W) x 8.5”
(D)
• Antennas shown above are optional; can be deployed with external antennas
Ethernet Switch2GE WAN (Cu or
SFP), 4FE LAN
4 Module Slots
Integrated Antennas for RF Mesh, WiMAX, 3G, Wifi
AC Power Supply
2 RS 232 / RS485 Serial ports
BatteryBackup
GPS Antenna
<%=4%7 >%):,?@ABCD E7#2,+/
F4))+7%'+79 @ABC G,:+/(+,?FHIJKD 1.((+1,./
8/12/2019 4. Cisco DA and AMI v01
http://slidepdf.com/reader/full/4-cisco-da-and-ami-v01 43/45
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 43
Functionality DescriptionForm Factor NEMA 4 / IP 67 Enclosure with pole mount brackets
Compliance IEEE 1613 and IEC 61850-3
Modular Architecture 4 communication module slots
On board Ethernet Interfaces 4 x 10/100 RJ-45 + 2 x 1G SFP ports
On board Serial ports 2 x DB-9 (RS232/RS422/RS485)
On Board WiFi 802.11b/g/n
On Board GPS Yes Self enclosed Unit Integrated Battery back up and Battery charging / management circuit
3rd party radio hosting Integrated mounting bracket, 12 VDC power output (12W)
Power Options 120-240 VAC, 12/24/48 VDC (future)
Digital Alarm (Input/Output) 2 Digital Inputs / 2 Digital Outputs
SD Flash Removable flash card for image, config storage
Real time clock Yes
USB ports Two type A USB host ports
Console/AUX port One RJ45 port
Temperature Range -40 ºC to +70 ºC (- 40 ºF to 158 ºF) with type test to 85C (16 hours)
IRIG-B timing output BNC connector