Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright © 2011 Grid Protection Alliance, Inc. 1 September 7, 2011 Russell Robertson openPG GPA User’s Forum 2011 – Atlanta, Georgia.

Published byBlanche Williams Modified over 7 years ago

Similar presentations

Presentation on theme: "Copyright © 2011 Grid Protection Alliance, Inc. 1 September 7, 2011 Russell Robertson openPG GPA User’s Forum 2011 – Atlanta, Georgia."— Presentation transcript:

1 Copyright © 2011 Grid Protection Alliance, Inc. 1 September 7, 2011 Russell Robertson openPG GPA User’s Forum 2011 – Atlanta, Georgia

2 Copyright © 2011 Grid Protection Alliance, Inc. 2 A Phasor Gateway Creates a hardened security buffer between critical internal systems and external ones Provides encryption to protect the confidentiality of reliability and market sensitive BES data Facilitates and reduces the cost of phasor data exchange -- both the phasor data itself and the configuration information for this data openPG development is funded by NERC in 2011 and 2012.

3 Copyright © 2011 Grid Protection Alliance, Inc. 3 PDC vs. Phasor Gateway Distinguishing Features PDC – optimized for time-alignment of many inputs –Accepts inputs from PMUs and other IEDs using the broadest range of formats and protocols –Provides time-alignment of data –Allows implementation of adapters that require rapid access to time-aligned data –Publishes multiple time-concentrated streams –Reports and alarms on quality of measurements (signals) and input device status Phasor Gateway – optimized for directed data transfer of granular information that facilitates a security-layered network design –Manages asynchronous communication of specific measurements (signals) with other gateways –Can effectively manage the joining of two semantic models –Reports and alarms on status of communication of data with other gateways

4 Copyright © 2011 Grid Protection Alliance, Inc. 4 openPG Use Cases – NISTIR* Context 39. Wide Area Measurement 37. Transmission SCADA & Advanced Apps 31. ISO/RTO Operators 29. Distribution SCADA & DMS 30. Energy Management Systems 30. Energy Management Systems *NISTIR 7628, August 2010 for security assessment

5 Copyright © 2011 Grid Protection Alliance, Inc. 5 openPG Business Case See: openPG.codeplex.com for a copy.openPG.codeplex.com An edge device for the security perimeter Lowers the cost of configuration management An edge device for the security perimeter Lowers the cost of configuration management

6 Copyright © 2011 Grid Protection Alliance, Inc. 6 openPG Value for NERCnet Lower cost – purchase only capacity needed –Subscription to points can be dynamic –Avoids having to exchange all points all the time Network use enforcement –openPG can enforce maximum subscription limits By gateway association In total. Fair billing with low administrative costs –openPG provides billing metrics

7 Copyright © 2011 Grid Protection Alliance, Inc. 7 The openPG is “Registry” Indifferent Recognition that each entity needs the option to operate within its own name space. openPG allows easy exchange of phasor meta data among entities without the need for a common naming schema Redundant measurements can be published and subscribed openPG can easily be integrated with enterprise or vendor modeling systems – or a regional naming service (the NASPInet vision)

8 Copyright © 2011 Grid Protection Alliance, Inc. 8 C37.118 Does Not Scale Well In theory, C37.118-2005 can scale to the 64K UDP packet limit. In practice, UDP has been found to frequently be throttled to 16K packet sizes – around 130 PMUs. 61850-90-5 is likely to hit this limit sooner Solution –Add configuration complexity through use of multiple output streams –Implement the openPG which has been designed for very-high volume phasor traffic

9 Copyright © 2011 Grid Protection Alliance, Inc. 9 Typical application of the openPG

10 Copyright © 2011 Grid Protection Alliance, Inc. 10 openPG - High Level Functionality Reliably exchange high-sample rate signal values and timestamps (measurements) with other gateways so that this information moves between each owner’s Phasor Data Concentrators with minimum time delay. Enable gateway administrators to easily select the measurement points which are to be made available to owners of other gateways. Enable gateway administrators to easily select the points that they chose to consume (i.e., the subset of the points made available to them) from other gateways.

11 Copyright © 2011 Grid Protection Alliance, Inc. 11 openPG - High Level Functionality Detect, log and alarm on communications issues. Be implementable as a high-availability solution that can meet NERC CIP compliance requirements. Support encrypted communication among gateways as well as minimize bandwidth requirements for gateway-to-gateway data exchange. Utilize standard communications, networking and server hardware. Be easily extensible to support the development of custom interfaces to the gateway owner’s internal infrastructure and/or new phasor data protocols.

12 Copyright © 2011 Grid Protection Alliance, Inc. 12 openPG Architecture

13 Copyright © 2011 Grid Protection Alliance, Inc. 13 openPG Data Exchange GPA’s Gateway Exchange Protocol Includes a TCP command channel and an UDP data channel. Command Channel –Authenticates other gateways –Exchanges metadata on points –Requests points for subscription Data Channel –Protocol is a 9-byte packet for phasor data Point ID, Time, Value, and Quality Flags Data exchange efficiency is among the most important design considerations for a phasor gateway.

14 Copyright © 2011 Grid Protection Alliance, Inc. 14 Subscription Process – Setup (OpenPG 1.0)

15 Copyright © 2011 Grid Protection Alliance, Inc. 15 Subscription Process – Step 0

16 Copyright © 2011 Grid Protection Alliance, Inc. 16 Subscription Process – Step 1

17 Copyright © 2011 Grid Protection Alliance, Inc. 17 Subscription Process – Step 2

18 Copyright © 2011 Grid Protection Alliance, Inc. 18 Subscription Process – Step 3 Phasor Data Stream Established. Phasor Data Stream Established.

19 Copyright © 2011 Grid Protection Alliance, Inc. 19 openPG Inputs All the inputs of the openPDC, including: Frame-based Protocols IEEE C37.118 up to 120 samples per second IEEE 1344 BPA Stream Macrodyne SEL Fast Message Point-based Protocols GPA’s Time-series Data Transport Protocol (TDTP) used for PDC to PDC communication GPA’s Gateway Exchange Protocol (GEP)

20 Copyright © 2011 Grid Protection Alliance, Inc. 20 openPG Outputs Point Based Data – Time-series Data Transport Protocol (TDTP) – Gateway Exchange Protocol (GEP) ADO adapter for MS SQLserver Mirrored C37.118 API for development of custom interfaces Typically a gateway is paired with a Phasor Data Concentrator that time-aligns gateway data with internal phasor data. Version 1.5 of the openPDC will be able to consume both TDTP and GEP.

21 Copyright © 2011 Grid Protection Alliance, Inc. 21 Mirrored C37.118 Output Administrator authorizes an input Device Group for subscription. Administrator authorizes an input Device Group for subscription. Outputs can be produced both in both point based protocols (or accessed via an API) or as a reconstituted C37.118 stream. Pros Allows the openPG to be quickly integrated with any phasor device at any level in the infrastructure Cons Can result in the transfer of more measurements than necessary More complex network/firewall configuration Pros Allows the openPG to be quickly integrated with any phasor device at any level in the infrastructure Cons Can result in the transfer of more measurements than necessary More complex network/firewall configuration

22 Copyright © 2011 Grid Protection Alliance, Inc. 22 The Output (Subscriber) API Problem – The need for an application to import phasor data directly from the openPG.

23 Copyright © 2011 Grid Protection Alliance, Inc. 23 The Output (Subscriber) API Attach to events Initialize Connect to openPG Get metadata Provide openPG list of desired points Subscribe (get data) Provide data to application Read configured list of desired points (provided by openPG Manager extension) Points are received by adapter on change Provide data to a service and port in custom format Solution 1 – Use the openPG API to allow the application to consume GEP data Solution 2 – Use the openPG adapter template to develop a custom output or action adapter

24 Copyright © 2011 Grid Protection Alliance, Inc. 24 openPG Security Profile Availability – HIGH Integrity – HIGH Confidentiality – MODERATE

25 Copyright © 2011 Grid Protection Alliance, Inc. 25 openPG Encryption (openPG Version 1.1) The openPG will be security tested by the University of Illinois Information Trust Institute in early 2012

26 Copyright © 2011 Grid Protection Alliance, Inc. 26 openPG Throughput Exercise

27 Copyright © 2011 Grid Protection Alliance, Inc. 27 The Demonstration Setup openPG API & Throughput Demo

28 Copyright © 2011 Grid Protection Alliance, Inc. 28 openPG as Publisher Song  Gateway Client Gateway Exchange Protocol Gateway Client 1 Song @44.1Khz with 2 channels = 88,200 values / sec, or ~ 150 PMUs @ 30 samples / sec

29 Copyright © 2011 Grid Protection Alliance, Inc. 29 Gateway Clients openPG as Subscriber Song  Gateway Exchange Protocol Gateway Clients Song  1 Song @44.1Khz with 2 channels = 88,200 values / sec, or ~ 150 PMUs @ 30 samples / sec

30 Copyright © 2011 Grid Protection Alliance, Inc. 30 Raw openPG Capability Publication Only Gateway Client Gateway Exchange Protocol Gateway Client CPU Bound to 3.5 million values / sec with 1 Input Song and 40 Clients, or ~ 5,800 PMUs @ 30 samples / sec Song  Test Hardware Intel i5 – 64bit OS, 2.6 GHz

31 Copyright © 2011 Grid Protection Alliance, Inc. 31 Song  Gateway Exchange Protocol Song  Raw openPG Capability Subscription Only CPU Bound to 2.6 million values / sec with 30 Input Songs and 5 Clients, or ~ 4,400 PMUs @ 30 samples / sec Gateway Clients Test Hardware Intel i5 – 64bit OS, 2.6 GHz

Download ppt "Copyright © 2011 Grid Protection Alliance, Inc. 1 September 7, 2011 Russell Robertson openPG GPA User’s Forum 2011 – Atlanta, Georgia."

Similar presentations

Ethernet Switch Features Important to EtherNet/IP

Ethernet Switch Features Important to EtherNet/IP
External User Security Model (EUSM) for SNMPv3 draft-kaushik-snmp-external-usm-00.txt November, 2004.

External User Security Model (EUSM) for SNMPv3 draft-kaushik-snmp-external-usm-00.txt November, 2004.
NAS vs. SAN 10/2010 Palestinian Land Authority IT Department By Nahreen Ameen 1.

NAS vs. SAN 10/2010 Palestinian Land Authority IT Department By Nahreen Ameen 1.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 8: Monitoring the Network Connecting Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 8: Monitoring the Network Connecting Networks.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
VIA and Its Extension To TCP/IP Network Yingping Lu Based on Paper “Queue Pair IP, …” by Philip Buonadonna.

VIA and Its Extension To TCP/IP Network Yingping Lu Based on Paper “Queue Pair IP, …” by Philip Buonadonna.
Socket Programming.

Socket Programming.
Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.

Barracuda Networks Confidential1 Barracuda Backup Service Integrated Local & Offsite Data Backup.
Brian Dwyer – CITA370. Introduction  Network Device Security  Identity Management AAA Process Model ○ Authentication ○ Authorization ○ Accounting (Sometimes.

Brian Dwyer – CITA370. Introduction  Network Device Security  Identity Management AAA Process Model ○ Authentication ○ Authorization ○ Accounting (Sometimes.
Internet Business Strategies A strategic view of the various options and connectivity levels available to business through the Internet. Copyright 2011.

Internet Business Strategies A strategic view of the various options and connectivity levels available to business through the Internet. Copyright 2011.
Vision/Benefits/Introduction Randy Armstrong (OPC Foundation)

Vision/Benefits/Introduction Randy Armstrong (OPC Foundation)
Christopher Bednarz Justin Jones Prof. Xiang ECE 4986 Fall 2011 Department of Electrical and Computer Engineering University.

Christopher Bednarz Justin Jones Prof. Xiang ECE 4986 Fall Department of Electrical and Computer Engineering University.
CIS679: RTP and RTCP r Review of Last Lecture r Streaming from Web Server r RTP and RTCP.

CIS679: RTP and RTCP r Review of Last Lecture r Streaming from Web Server r RTP and RTCP.
IP Ports and Protocols used by H.323 Devices Liane Tarouco.

IP Ports and Protocols used by H.323 Devices Liane Tarouco.
OPC Database.NET. OPC Systems.NET What is OPC Systems.NET? OPC Systems.NET is a suite of.NET and HTML5 products for SCADA, HMI, Data Historian, and live.

OPC Database.NET. OPC Systems.NET What is OPC Systems.NET? OPC Systems.NET is a suite of.NET and HTML5 products for SCADA, HMI, Data Historian, and live.
Enabling Embedded Systems to access Internet Resources.

Enabling Embedded Systems to access Internet Resources.
Www.infotech.monash.edu.au Presented by Xiaoyu Qin 21637881 Virtualized Access Control & Firewall Virtualization.

Presented by Xiaoyu Qin Virtualized Access Control & Firewall Virtualization.
Wireless Networks Breakout Session Summary September 21, 2012.

Wireless Networks Breakout Session Summary September 21, 2012.
1 The Internet and Networked Multimedia. 2 Layering  Internet protocols are designed to work in layers, with each layer building on the facilities provided.

1 The Internet and Networked Multimedia. 2 Layering  Internet protocols are designed to work in layers, with each layer building on the facilities provided.
Computer Emergency Notification System (CENS)

Computer Emergency Notification System (CENS)

Similar presentations

Ads by Google