Presentation is loading. Please wait.

Presentation is loading. Please wait.

C-DAX is funded by the European Union's Seventh Framework Programme (FP7-ICT-2011-8) under grant agreement n° 318708 C-DAX: A Cyber-Secure Data and Control.

Published byAmanda Bridges Modified over 9 years ago

Similar presentations

Presentation on theme: "C-DAX is funded by the European Union's Seventh Framework Programme (FP7-ICT-2011-8) under grant agreement n° 318708 C-DAX: A Cyber-Secure Data and Control."— Presentation transcript:

1 C-DAX is funded by the European Union's Seventh Framework Programme (FP7-ICT-2011-8) under grant agreement n° 318708 C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids C-DAX Consortium

2 C-DAX Project  EC FP7-ICT-2011-8 call project C-DAX: Cyber-secure Data And Control Cloud for power grids  Duration: 01.10.2012 – 30.09.2015  Total budget: 4.315.303 Euro  EU-funding: 2.931.000 Euro  C-DAX middleware Enables smart grid applications to exchange information securely Implements information-centric networking (ICN) paradigm Supports publish/subscribe across different administrative domains  Targeted use cases Future retail energy market (REM) Real-time state estimation based on PMU measurements  Project coordination: Alcatel-Lucent  Project website: http://www.cdax.euhttp://www.cdax.eu  Project partners 2C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids

3 Targeted use case with PMU-PDC real-time app 3C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids

4 Publish-Subscribe Basics  Basic idea Decouple data production and consumption in space, time, and synchronization Improve scalability (compared to traditional client-server)  Core components Publisher client: produces data Subscriber client: consumes data Broker: stores and forwards data Broker discovery service: tells publishers and subscribers what broker to use  Basic interactions Broker discovery Client join Data dissemination Publisher Subscriber Broker Pub/sub middleware Application Join message Data Broker discovery service Broker 1 1 2 2 3 4 Subscriber 44 4C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids

5 Example: Integrating Different Applications (Within the Same or Different Administrative Domains) Using the Same Pub/Sub Middleware  Examples for topics SCADA data from RTUs PMU measurements  Benefit of decoupling publishers and subscribers Communication partners do not need to know each other Asynchronous communication possible Facilitating extensibility, management and configurability 5 Publ. A Pub/sub middleware Publ. BPubl. CSub. DSub. ESub. F Topic 1 Topic 2 Only interested in Topic 1 Only interested in Topic 2 Interested in Topic 1 and Topic 2 C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids

6 C-DAX Entities Explained EntityFunctionalityPlane Client Produce or consume topic data; provides access for SG applications to the C-DAX cloud (through an API) Control & Data Designated node (DN) Provide access for clients to the C-DAX cloud (first point of contact) DN for publisher (PubDN) and DN for subscriber (SubDN) Control & data Data broker (DB) Receive topic data from PubDNs and forward them to SubDNs Cache topic data Data Resolver (RS) Resolves topic names to DBsControl Security serverProvide security-related functionalities to the C-DAX cloud, including authentication, authorization, and key distribution Control Monitoring / management system Gather, aggregate, and forward monitored information in the C-DAX cloud Management of C-DAX network resources Management 6C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids

7 Data Plane C-DAX Architecture Control Plane Resolver (RS) Data Broker (DB) Security Server C-DAX Monitoring/ Management System Monitor Control C-DAX Communication Platform Join Client (Publisher) Client (Subscriber) SG application data to be published SG application data to be consumed Designated Node (DN) 7C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids Configure

8 Three Communication Modes  Streaming-based Publishers continuously send data to DB Subscribers continuously receive data from DB  Query-based Subscriber sends query to message broker DB returns data matching the query  Point-to-point Publishers send data directly to subscribers  Communication modes are set per topic to fit the requirements of the application, e.g., Low latency for PMUs Improved scalability for retail energy markets 8 Publisher DB Subscriber PublisherSubscriber DB Subscriber Query C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids

9 Resilience Concept  Topic data should be highly available Data is stored on two nodes  Resilience of the infrastructure Each system component is replicated physically Each critical communication path is divided into  A path during failure free operation  Alternative path(s) due to failures  Three resilience support levels: 9 C-DAX cloud SubscriberPublisherDN DBDN DB : Path during failure free operation : Alternative paths due to failures : Synchronization LevelData loss (during failover) Data delay (during failover) Complexity L1YNLow L2NYMiddle L3NNHigh C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids

10 Security Concept  General security requirements Confidentiality and integrity  End-to-end security, e.g., IEC 62351 Availability  Prevention of attacks, e.g., DoS attacks, replay attacks, spoofing  Security features of C-DAX End-to-end security between C-DAX clients Availability of C-DAX infrastructure Scalable key management mechanism  C-DAX security rationale Strong authentication of clients and nodes based on asymmetric cryptography Symmetric or asymmetric cryptography for topic data Minimal trust in underlying infrastructure  Nodes do not have to trust each other inside C-DAX cloud  Clients do not have to trust C-DAX cloud for guaranteed end-to-end security Flexible match of security parameters to requirements of use cases, e.g., data rates, latency, confidentiality, integrity 10 Publisher DNDB … Subscriber Encode Authenticate Decode SecServ Key distribution Data C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids

11 Domain B Domain A Inter-Domain Concept  Companies Define C-DAX domains Want to exchange information  Inter-domain concept necessary  C-DAX DN Provides access for external subscribers to C-DAX cloud Only point of contact for external subscribers Triggers authentication and authorization of external clients Manages external subscriptions Forwards data from internal nodes to external clients  External subscribers May re-publish received information in own domain  Inter-domain security DN hides domain’s network Access from external domains only allowed through DNs SecServ of each domain manages respective rights C-DAX cloud RSSecServDBDNExternal subscriber C-DAX cloud : Security signaling : Publish/subscribe signaling : Publish/subscribe data transfer 11C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids

12 Comparison with Existing Pub/Sub Architectures ArchitectureEnd-to-End Security ResilienceMessage Persistence Broker-based Communication Mode Direct Communication Mode C-DAXXXXXX OMG DDSOXX-X JMS-XXX- NSQ-O--X Data Turbine-XXX- ZeroMQOO-OX 12 XO-XO- : Supported : Partly supported : Not supported / unspecified C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids

13 Protocol Adaptation Layer  Problem Existing smart grid protocols rely on bidirectional one-to-one communication, e.g., IEEE C37.118, IEC 61850 C-DAX provides unidirectional many-to- many communication C-DAX provides a unified pub/sub interface for communication  Solution Protocol adaptation layer translates between smart grid protocols and C-DAX  Benefits for operators Hardware and software compliant to existing standards can be used with C-DAX with little configuration changes C-DAX can be transparent for legacy hardware and software  Implementation Protocol adaptation layer for IEEE C37.118 has been implemented and tested 13 PMU/Client/Adaptation LayerDN IP C37.118 TCP/UDP C-DAX C37.118 IP TCP/UDP C-DAX C37.118 C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids

14 Prototype  Purpose Validation of baseline communication functionalities and basic failure management of C-DAX Validation of security framework Validation of IEEE C37.118 protocol adaptation layer  Environment IEEE 34 Bus as power grid topology PMU measurement data provided by EPFL Virtual Wall network test bed provided by iMinds RTSE application by EPFL C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 14 RTSE LabView PMU-Bus3 PubClient PMU-Bus4 PubClient PMU-Bus7 PubClient PMU-Bus1 PubClient PDC Adapter SubClient Base Station Bus1Bus3Bus4Bus7 LAN Bus7NodeBus4NodeBus3Node Security Server Bus1Node Monitor BaseStation Resolver Virtual Wall

15 Laboratory validation 15 PMU PDC C-DAX cloud Real-time state estimation of the targeted electrical network C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids Real-time model of the electrical grid

16 Field Trial  Purpose Deploy C-DAX software in an existing distribution grid Evaluate applicability of C-DAX under realistic conditions Show-case several smart grid applications using a common pub/sub middleware  Environment Distribution grid provided by Alliander including a solid and fast IP network PMUs provided by National Instruments RTSE application by EPFL C-DAX software  Time plan Deployment of PMUs and C-DAX software: late 2014 Scheduled start of field trial: late 2014  Alliander’s MS Livelab  National Instruments’ PMU for MV level 16 Source: Alliander N.V. Source: National Instruments Sweden C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids

17 Benefits and Features of the C-DAX Architecture  General benefits of pub/sub communication  Flexibility and agility for integration of emerging smart grid applications  Transparent exchange of information  Scalability  Avoid repeated investment in ICT per application www.cdax.eu  Unique C-DAX benefits Support for inter-domain communications Support for established smart grid protocols, e.g., IEC 61850, IEC 60870- 5-104, IEEE C37.118 Combination of advanced features  Cyber-secure layer addressing authentication, privacy, and integrity in end-to-end fashion  Support for streaming, query and point-to-point communication  Resilience Flexible provisioning strategy 17C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids

18 Contact www.cdax.eu Thank you for your attention! Questions? PLEASE FILL IN CONTACT INFORMATION BEFORE PUBLIC DISSEMINATION. Thank you. 18C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids

Download ppt "C-DAX is funded by the European Union's Seventh Framework Programme (FP7-ICT-2011-8) under grant agreement n° 318708 C-DAX: A Cyber-Secure Data and Control."

Similar presentations

THE CORE PROJECT Jose Jimenez (project manager). What is the Core platform?

THE CORE PROJECT Jose Jimenez (project manager). What is the Core platform?
Jose Jimenez Director. International Programmes Telefónica Digital.

Jose Jimenez Director. International Programmes Telefónica Digital.
The FI-WARE Project – Base Platform for Future Service Infrastructures FI-WARE MAY 2011 Presentation at proposers day.

The FI-WARE Project – Base Platform for Future Service Infrastructures FI-WARE MAY 2011 Presentation at proposers day.
OneM2M Technical Requirements - Driven by EU BUTLER and IEEE PAC - Group Name: WG1 (REQ) Source: Friedbert Berens, FBConsulting Sarl,

OneM2M Technical Requirements - Driven by EU BUTLER and IEEE PAC - Group Name: WG1 (REQ) Source: Friedbert Berens, FBConsulting Sarl,
Security that is... Ergonomic, Economical and Efficient! In every way! Stonesoft SSL VPN SSL VPN.

Security that is... Ergonomic, Economical and Efficient! In every way! Stonesoft SSL VPN SSL VPN.
A Java Architecture for the Internet of Things Noel Poore, Architect Pete St. Pierre, Product Manager Java Platform Group, Internet of Things September.

A Java Architecture for the Internet of Things Noel Poore, Architect Pete St. Pierre, Product Manager Java Platform Group, Internet of Things September.
Connect. Communicate. Collaborate Click to edit Master title style MODULE 1: perfSONAR TECHNICAL OVERVIEW.

Connect. Communicate. Collaborate Click to edit Master title style MODULE 1: perfSONAR TECHNICAL OVERVIEW.
8.

8.
1 6/13/2015 01:23 CS575ATM LAN Emulation1 Rivier College CS575: Advanced LANs ATM LAN Emulation ATM Network LAN.

1 6/13/ :23 CS575ATM LAN Emulation1 Rivier College CS575: Advanced LANs ATM LAN Emulation ATM Network LAN.
Grids and Grid Technologies for Wide-Area Distributed Computing Mark Baker, Rajkumar Buyya and Domenico Laforenza.

Grids and Grid Technologies for Wide-Area Distributed Computing Mark Baker, Rajkumar Buyya and Domenico Laforenza.
Architectural Design Principles. Outline  Architectural level of design The design of the system in terms of components and connectors and their arrangements.

Architectural Design Principles. Outline  Architectural level of design The design of the system in terms of components and connectors and their arrangements.
Future Internet Business Collaboration Networks in Agri-Food, Transport & Logistics Short introduction webinar, 24 July 2014 Sjaak Wolfert Project Coordinator.

Future Internet Business Collaboration Networks in Agri-Food, Transport & Logistics Short introduction webinar, 24 July 2014 Sjaak Wolfert Project Coordinator.
COPYRIGHT © 2012 ALCATEL-LUCENT. ALL RIGHTS RESERVED. Marcel Mampaey, C-DAX Project Coordinator November 8 th, 2012 Cyber-secure Data And Control Cloud.

COPYRIGHT © 2012 ALCATEL-LUCENT. ALL RIGHTS RESERVED. Marcel Mampaey, C-DAX Project Coordinator November 8 th, 2012 Cyber-secure Data And Control Cloud.
CERN IT Department CH-1211 Genève 23 Switzerland www.cern.ch/i t Messaging System for the Grid as a core component of the monitoring infrastructure for.

CERN IT Department CH-1211 Genève 23 Switzerland t Messaging System for the Grid as a core component of the monitoring infrastructure for.
Abstraction and Control of Transport Networks (ACTN) BoF

Abstraction and Control of Transport Networks (ACTN) BoF
Messaging Technologies Group: Yuzhou Xia Yi Tan Jianxiao Zhai.

Messaging Technologies Group: Yuzhou Xia Yi Tan Jianxiao Zhai.
QoS-enabled middleware by Saltanat Mashirova. Distributed applications Distributed applications have distinctly different characteristics than conventional.

QoS-enabled middleware by Saltanat Mashirova. Distributed applications Distributed applications have distinctly different characteristics than conventional.
JVM Tehnologic Company profile & core business Founded: February 1992; –Core business: design and implementation of large software applications mainly.

JVM Tehnologic Company profile & core business Founded: February 1992; –Core business: design and implementation of large software applications mainly.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved. 0-13-239227-5 DISTRIBUTED SYSTEMS.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
COnvergence of fixed and Mobile BrOadband access/aggregation networks Work programme topic: ICT-2011.1.1 Future Networks Type of project: Large scale integrating.

COnvergence of fixed and Mobile BrOadband access/aggregation networks Work programme topic: ICT Future Networks Type of project: Large scale integrating.

Similar presentations

Ads by Google