C-DAX is funded by the European Union's Seventh Framework Programme (FP7-ICT ) under grant agreement n° C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids C-DAX Consortium

C-DAX Project  EC FP7-ICT call project C-DAX: Cyber-secure Data And Control Cloud for power grids  Duration: –  Total budget: Euro  EU-funding: Euro  C-DAX middleware Enables smart grid applications to exchange information securely Implements information-centric networking (ICN) paradigm Supports publish/subscribe across different administrative domains  Targeted use cases Future retail energy market (REM) Real-time state estimation based on PMU measurements  Project coordination: Alcatel-Lucent  Project website:  Project partners 2C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids

Targeted use case with PMU-PDC real-time app 3C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids

Publish-Subscribe Basics  Basic idea Decouple data production and consumption in space, time, and synchronization Improve scalability (compared to traditional client-server)  Core components Publisher client: produces data Subscriber client: consumes data Broker: stores and forwards data Broker discovery service: tells publishers and subscribers what broker to use  Basic interactions Broker discovery Client join Data dissemination Publisher Subscriber Broker Pub/sub middleware Application Join message Data Broker discovery service Broker Subscriber 44 4C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids

Example: Integrating Different Applications (Within the Same or Different Administrative Domains) Using the Same Pub/Sub Middleware  Examples for topics SCADA data from RTUs PMU measurements  Benefit of decoupling publishers and subscribers Communication partners do not need to know each other Asynchronous communication possible Facilitating extensibility, management and configurability 5 Publ. A Pub/sub middleware Publ. BPubl. CSub. DSub. ESub. F Topic 1 Topic 2 Only interested in Topic 1 Only interested in Topic 2 Interested in Topic 1 and Topic 2 C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids

C-DAX Entities Explained EntityFunctionalityPlane Client Produce or consume topic data; provides access for SG applications to the C-DAX cloud (through an API) Control & Data Designated node (DN) Provide access for clients to the C-DAX cloud (first point of contact) DN for publisher (PubDN) and DN for subscriber (SubDN) Control & data Data broker (DB) Receive topic data from PubDNs and forward them to SubDNs Cache topic data Data Resolver (RS) Resolves topic names to DBsControl Security serverProvide security-related functionalities to the C-DAX cloud, including authentication, authorization, and key distribution Control Monitoring / management system Gather, aggregate, and forward monitored information in the C-DAX cloud Management of C-DAX network resources Management 6C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids

Data Plane C-DAX Architecture Control Plane Resolver (RS) Data Broker (DB) Security Server C-DAX Monitoring/ Management System Monitor Control C-DAX Communication Platform Join Client (Publisher) Client (Subscriber) SG application data to be published SG application data to be consumed Designated Node (DN) 7C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids Configure

Three Communication Modes  Streaming-based Publishers continuously send data to DB Subscribers continuously receive data from DB  Query-based Subscriber sends query to message broker DB returns data matching the query  Point-to-point Publishers send data directly to subscribers  Communication modes are set per topic to fit the requirements of the application, e.g., Low latency for PMUs Improved scalability for retail energy markets 8 Publisher DB Subscriber PublisherSubscriber DB Subscriber Query C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids

Resilience Concept  Topic data should be highly available Data is stored on two nodes  Resilience of the infrastructure Each system component is replicated physically Each critical communication path is divided into  A path during failure free operation  Alternative path(s) due to failures  Three resilience support levels: 9 C-DAX cloud SubscriberPublisherDN DBDN DB : Path during failure free operation : Alternative paths due to failures : Synchronization LevelData loss (during failover) Data delay (during failover) Complexity L1YNLow L2NYMiddle L3NNHigh C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids

Security Concept  General security requirements Confidentiality and integrity  End-to-end security, e.g., IEC Availability  Prevention of attacks, e.g., DoS attacks, replay attacks, spoofing  Security features of C-DAX End-to-end security between C-DAX clients Availability of C-DAX infrastructure Scalable key management mechanism  C-DAX security rationale Strong authentication of clients and nodes based on asymmetric cryptography Symmetric or asymmetric cryptography for topic data Minimal trust in underlying infrastructure  Nodes do not have to trust each other inside C-DAX cloud  Clients do not have to trust C-DAX cloud for guaranteed end-to-end security Flexible match of security parameters to requirements of use cases, e.g., data rates, latency, confidentiality, integrity 10 Publisher DNDB … Subscriber Encode Authenticate Decode SecServ Key distribution Data C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids

Domain B Domain A Inter-Domain Concept  Companies Define C-DAX domains Want to exchange information  Inter-domain concept necessary  C-DAX DN Provides access for external subscribers to C-DAX cloud Only point of contact for external subscribers Triggers authentication and authorization of external clients Manages external subscriptions Forwards data from internal nodes to external clients  External subscribers May re-publish received information in own domain  Inter-domain security DN hides domain’s network Access from external domains only allowed through DNs SecServ of each domain manages respective rights C-DAX cloud RSSecServDBDNExternal subscriber C-DAX cloud : Security signaling : Publish/subscribe signaling : Publish/subscribe data transfer 11C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids

Comparison with Existing Pub/Sub Architectures ArchitectureEnd-to-End Security ResilienceMessage Persistence Broker-based Communication Mode Direct Communication Mode C-DAXXXXXX OMG DDSOXX-X JMS-XXX- NSQ-O--X Data Turbine-XXX- ZeroMQOO-OX 12 XO-XO- : Supported : Partly supported : Not supported / unspecified C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids

Protocol Adaptation Layer  Problem Existing smart grid protocols rely on bidirectional one-to-one communication, e.g., IEEE C37.118, IEC C-DAX provides unidirectional many-to- many communication C-DAX provides a unified pub/sub interface for communication  Solution Protocol adaptation layer translates between smart grid protocols and C-DAX  Benefits for operators Hardware and software compliant to existing standards can be used with C-DAX with little configuration changes C-DAX can be transparent for legacy hardware and software  Implementation Protocol adaptation layer for IEEE C has been implemented and tested 13 PMU/Client/Adaptation LayerDN IP C TCP/UDP C-DAX C IP TCP/UDP C-DAX C C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids

Prototype  Purpose Validation of baseline communication functionalities and basic failure management of C-DAX Validation of security framework Validation of IEEE C protocol adaptation layer  Environment IEEE 34 Bus as power grid topology PMU measurement data provided by EPFL Virtual Wall network test bed provided by iMinds RTSE application by EPFL C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 14 RTSE LabView PMU-Bus3 PubClient PMU-Bus4 PubClient PMU-Bus7 PubClient PMU-Bus1 PubClient PDC Adapter SubClient Base Station Bus1Bus3Bus4Bus7 LAN Bus7NodeBus4NodeBus3Node Security Server Bus1Node Monitor BaseStation Resolver Virtual Wall

Laboratory validation 15 PMU PDC C-DAX cloud Real-time state estimation of the targeted electrical network C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids Real-time model of the electrical grid

Field Trial  Purpose Deploy C-DAX software in an existing distribution grid Evaluate applicability of C-DAX under realistic conditions Show-case several smart grid applications using a common pub/sub middleware  Environment Distribution grid provided by Alliander including a solid and fast IP network PMUs provided by National Instruments RTSE application by EPFL C-DAX software  Time plan Deployment of PMUs and C-DAX software: late 2014 Scheduled start of field trial: late 2014  Alliander’s MS Livelab  National Instruments’ PMU for MV level 16 Source: Alliander N.V. Source: National Instruments Sweden C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids

Benefits and Features of the C-DAX Architecture  General benefits of pub/sub communication  Flexibility and agility for integration of emerging smart grid applications  Transparent exchange of information  Scalability  Avoid repeated investment in ICT per application  Unique C-DAX benefits Support for inter-domain communications Support for established smart grid protocols, e.g., IEC 61850, IEC , IEEE C Combination of advanced features  Cyber-secure layer addressing authentication, privacy, and integrity in end-to-end fashion  Support for streaming, query and point-to-point communication  Resilience Flexible provisioning strategy 17C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids

Contact Thank you for your attention! Questions? PLEASE FILL IN CONTACT INFORMATION BEFORE PUBLIC DISSEMINATION. Thank you. 18C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids