Cisco DA and AMI v01

2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 2010 Cisco and/or its affiliates.
tes. All rights reserved. Cisco Confidential 1 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 Cisco Confidential 1 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 2011 Cisco and/or its affiliates. All rights reserved.
Paulo Pereira, pauloper@cisco.com
Connected Energy Networks EMEAR
2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2

FAN Overview
Distribution Automation Use Cases
FAN Technologies
Network Services
Products and Roadmap
AMI Metering /
HAN Gateway
Transformer
Monitoring
Distribution
Automation
EV Charging
Infrastructure
Direct Connect
AMI Meters
Gas / Water
Meters
Distributed
Generation
SCADA
Protection and
Control Network
RF Mesh or PLC
Neighborhood Area Network
Substation
Direct
Load
Control
N
A
N

T
i
e
r

W
A
N

T
i
e
r
Cisco Connected Grid
Endpoint SDK
Network
Management
Operations
DA Operations AMI Operations
Cisco 1000 series
Connected Grid
Routers
Work Force
Automation
Cisco ASR 1000 series
Public or Private
WAN Backhaul
(Cellular, WiMAX, Fiber/Ethernet
CGR 1240
CGR 1120
Protection and
Control
Networks
Outdoor
Lighting
AMI Data Center:
Destination of FAN AMI
Traffic, source of AMI
requests
Network Operation Center;
Used to manage and secure
The network components
Distribution Automation
Control Center;
Destination of critical
SCADA traffic
Cisco DA RF Mesh GW
(future)
AMI DA
RF
Mesh
PLC
Mesh
FLIR
FSIR

Fault
Location
Isolation
Restoration
Volt/VAr
Regulation
DER

Distributed
Energy
Resources
Remote
Workforce
Management
Remote
Asset
Management
Distributed
Intelligence
IEEE
802.15.4g
IEEE 1901.2 IEC 61850, IEC 60870, DNP3, Modbus, etc
FAN Gateway Services
(legacy devices)
Time Distribution Services
Security and Security Management
Communications Network Management
DIG 1.0
DIG Next release DIG Future

FAN Overview
Distribution Automation Use Cases
Raw TCP Socket
Protocol Translation
IEC 61850 in Multi-Services FAN
11kV Grid Reinforcement
FAN Technologies
Network Services

Proprietary
protocols over
Serial
Standard
protocols over
Serial
Standards
protocols over
TCP/IP
IEC 61850
IEC 60870-5-101
Vendors
dependent
IEC 60870-5-104,
DNP3/IP, Modbus/TCP,
etc
MMS
DNP3, Modbus, etc
IP Interfaces
GOOSE/SV
GOOSE/SV over IP/UDP
future IEC 61850-8-1 and
61850-9-2 profiles (**)
Ethernet Layer-2
switching (*)
Secure IP infrastructure (Data Integrity, Confidentiality and Privacy)
Traffic tunneled
over IP
Raw TCP Socket
Protocol
Translation
IEC 60870-5-101 to
IEC 60870-5-104
Serial
PPP/CHAP
L2 over IP WAN
i.e. L2TPv3 (*)
Ethernet
(*) future SW support on CGR 1000 (**) standards evolution)

A mean to transport streams of characters from one serial
interface to another over the IP network for utility application
Raw socket transport supports point to multi-points connection over async serial
line
TCP over IP transportation Raw Socket Transport has built-in auto TCP
connection retry mechanism.
Packetization and sending data on a specific packet length, a specific character
or upon a timeout.
Each serial interface can be configured as server, client, or the
combination of both
CGR 1000 Total number of supported TCP session: 32 x 2 Serial Interface
Interoperable with competitor devices equipped with raw socket
transport feature, such as ruggedcom, SEL, and checkpoint.
CGR 2010 Server
! ! !
interface Serial1/1
no shutdown
encapsulation raw-socket
!
! ! !
line tty 1
raw-socket tcp server 5000 Master_IPv4_address
raw-socket packet-timer 3
raw-socket tcp idle-timeout 5
! ! !
IP WAN SCADA
CGR 2010
(Server)
CGR 1120
Client
RTU #1
RTU #2
CGR1120 Client
! ! !
interface Serial1/1
no shutdown
!
interface Serial1/2
no shutdown
line tty 1
raw-socket tcp client Master_IPv4_address 5000 10.0.0.2 9000
raw-socket packet-length 32
line tty 2
raw-socket tcp client Master_IPv4_address 5000 10.0.0.2 9001
raw-socket packet-length 32
Server listening port, accepting
Incoming TCP connection
Client requesting port, placing
Outgoing TCP connection
Packet-length the number of bytes received
from serial interface to trigger transportation
Packet-timer (aka idle timer) the delay from
the last received byte to trigger transportation
Special character the character use to trigger
transportation, it will also be used as a delimiter
Enabling the integration of IEC 60870-5-101 devices in multi-services FAN, through IEC
60870-5-101 to 104 protocol translation performed on CGR 1000
Support T101 Balanced and Unbalanced Link Transmission Procedure
CGR 1000 receives information and events from RTUs through T101 protocol over its Serial
interfaces, then send them to SCADA Control Center through T104 protocol
Data/events are stored locally in SCADA information database, before sending. In case of link failure, up
to 100 events for each control center can be stored.
CGR 1000 receives commands from SCADA Control Centers through T104 TCP protocol,
then sends commands through T101 protocol to RTUs
High availability up to 2 active T104 control centers can gather information and control
RTUs through a CGR 1000 Any event sent from RTU will get sent to both control centers.
Time synchronization RTUs get their clock information from CGR 1000 (NTPv4), which
sends system clock information into T101 clock sync frame to all connected RTUs
IEC 60870-5-101 file transfer support
Scada master application downloading image or configuration file to RTU
Scada master application retrieving event log file from RTU
IP WAN
ASR 1K or
CGR 2010
CGR 1120
RTU #1
RTU #2
SCADA
Master 1
SCADA
Master 2
Active IEC
60870-5-104
Masters
104 Configuration
Channel (x 2)
Router as 104 Slave
Map TCP port to match SCADA master

Session (x 2)
Attach to Channel

Sector (x 2)
Attach to Session
ASDU Address as on SCADA Master
Map 104 Sector to 101 Sector
101 Configuration
Channel
Router as 101 Master
Bind to serial port
Session
Attach to Channel
Link Address as on RTU Session
Sector
Attach to Session
ASDU Address as on RTU Sector
T101
T101
T104
T104
T104
T104
SCADA
database
IEC 61850 MMS devices can be
connected to Ethernet Layer-3 interfaces
on CGR 1000, then traffic is routed
between any interface
IEC 61850 GOOSE/SV devices will benefit
from future Ethernet Layer-2 switching
CGR 1000 feature set tor local traffic
IEEE 802.1Q VLANs, IEEE 802.1p CoS,!
IEC 61850 GOOSE/SV traffic between
remote FAN locations and NOC requires
Bridging between Ethernet Layer-2 and
WAN interfaces
Ethernet WiMAX bridging (Ethernet CS)
Ethernet L2TPv3 tunnel
IEC 61850 GOOSE/SV over WAN
requires characterization of latency
validating proper applications support
QOS and network design rules will help
Future releases
IP Infrastructure
SCADA SCADA
Maximizing network capacity usage by
monitoring assets temperature and
load, then using this to calculate real-
time asset capacity
Technique 1 -
Dynamic Asset Rating
Changing the configuration of the
network to improve the flow of power
via re-routing of load through areas of
spare capacity to accommodate peaks
Technique 2
Automatic Load
Transfer
! "#$%&%'%() (+,-./0 1#2#1%,3 45#)+ 63
&.(%,./%() #55+,5 ,+&2+/#,4/+ #(7 8.#79
,:+( 45%() ,:%5 ,. calculate real-time
asset capacity
Technique 3 Meshed
Networks
! ;5%() power stored in batteries on the
network, to alleviate the problem by
reducing the Network peak load
requirements
Technique 4 Energy
Storage
Transformer
Overhead Lines
Underground
Lines
Overhead Lines
Underground
Simple & Complex
Topologies
Simple Ring
Complex Mesh
Feeder
Secondary
Substation (11kv
to 450v)
Current Asset rating
50% redundancy is built into many of todays electricity networks to ensure
continued operation during a failure.
Many/most Medium 11kV network as not monitored
Some assets are under utilised, some are over utilised
Today static ratings are used for certain periods
Renewable generation is demanding increased capacity
Dynamic Asset Rating
Monitor of voltage and current as well as environmental measurements is key
Correctly rate assets based on measurements
Rate the assets and system based on current grid and environmental
conditions
Control renewable generation to maximise asset usage (dynamic Line rating)
Control plant (transformer pre loading) to maximise asset life
Locations
Control, Centre
Primary Substation
Secondary Substation (Line)
Devices
DMS (Control Centre)
RTU
Dynamic Asset Relay
Line Power Sensors
Communication
RTU polled values
Threshold Alerts
Real time Ampacity readings
Transformer Control Signals (Cooling)

rlmary 1ransformers
Cverhead Llnes
underground Cables
u20
v1 C1
MeLrologlcal
Sensors
341
L
n
M
A
C

8eal"ume value
1/2 hourly averages
u20
v1 C1
MeLrologlcal
Sensors
341
L
n
M
A
C

8eal"ume value
1/2 hourly averages
uMS
lAnS
8uCPCLZ
1
8
l
A
L
S

u
M
S

1
8
l
A
L
S

u
M
S

1CLLC8AuL Mv uA1A8ASL
u20
v1 C1
MeLrologlcal
Sensors
341
L
n
M
A
C

8eal"ume value
1/2 hourly averages
1
8
l
A
L
S

u
M
S

1/2 hourly averages
1echnlque 1-uynamlc AsseL 8aung

LightHouse
MV Sensor
Features and Specifications
Page 1 of 2
LightHouse
Medium Voltage
Sensor (MV)
Tollgrade offers LightHouse
, the next generation

real-time distribution monitoring solution
providing utilities actionable intelligence and
visibility into their network.
Our flexible solution consists of highly accurate
and intelligent Medium Voltage (MV) sensors
deployed in the field, and powerful analytics
software distributed in the network. Tollgrades
Sensor Management System (SMS) analytics
software supports utilities in diagnosing network
events, and accurately tracks system condition
information.
LightHouse provides the visibility utilities
require for:
I Real-Time Fault Detection and Location
I Asset Management
I Vegetation Management
I Continuous Three-Phase Load Monitoring
and Balancing
I Power Quality
I Line Sag
LightHouse MV Sensor
The LightHouse Medium Voltage (MV) sensors
are easy to install and offer multiple advantages.
The sensors clamp directly onto the overhead
conductors, are inductively powered, store
energy without a battery, and maintain
communication in the event of an outage.
Our accurate MV sensors support multiple smart-
grid applications and are software defined, so
utilities do not need to invest in point products for
specific applications. LightHouse gives utilities
the future-safe, agnostic solution they require.
Li ghtHouse MV Features
Flexible Communications Backhaul
Our MV sensors support leading wireless
communications and automatically join the
backhaul network when activated. Our unique
agnostic approach allows us to integrate into the
existing utility infrastructure, or send information
directly back to our SMS software at the utility
head-end.
Low Current Operations
Our proprietary technology enables MV sensors
to operate at 6 amps, without the use of a battery.
Waveform Capture
LightHouse MV sensors capture waveforms
before, during and after events. Waveforms are
sent wirelessly in near real-time or stored for later
analysis.
Energy Storage without Battery
The LightHouse MV sensor is inductively
powered, and uses a super cap instead of a
maintenance prone battery to ensure cost
effective operations.
User Defined Thresholds and Parameters
Our solution is completely software-defined,
allowing users to customize their preferences by
setting their own thresholds and parameters for
events, rules, alarms and communications.
Key Measurements Include:
I Nominal Current
I Surge and Fault Current
I Electric Field Strength
I Wire Temperature
I Harmonics
Avai l abi l i ty and Orderi ng
I nformati on
For more information or for a pilot proposal, call
toll free at +1-800-878-3399 or email us at
lighthouse-sales@tollgrade.com
Tol l grade Communi cati ons, I nc.
3120 Unionville Road, Suite 400
Cranberry Township, PA 16066
724-720-1400 | 800-878-3399

! Flexible
Communications
Backhaul

! Low Current
Operations

! Waveform Capture

! Energy Storage
without Battery

! User-Defined
Thresholds and
Parameters

! Easily Installed
with Utility
Hot Stick
!"#$
Transformer
Environmental
and CT/VT
Sensors
Distribution
Management System
(DMS)
RTU
(SCADA / 61850)
Ability to remotely monitor transmission line conditions (with line condition sensors that detect conductor
temperature, line sag and wind speed / direction) to increase line capacity loading and control stability.
Control commands might disable / enable devices on given ratings

Type: Polled
Bandwidth: Low
Latency: non critical
Resilience: medium
Jitter: non critical
Security: Low
Report Status

Type: Event
Bandwidth: Low
Latency: med critical
Resilience: High
Security: Low
Report Fault Event

Type: Control
Bandwidth: Low
Resilience: medium
Security: Medium
Control Commands
Dynamic Asset Relay
(SCADA / 61850)

Type: Real time
Bandwidth: Medium
Resilience: Low
Security: Low
Real Time Ampacity
H
a
rd
w
ire
d

H
ardw
ired
Operational Control
Centre
RTU
(FTP, SSH, SNTP)
Ability to remotely monitor transmission line conditions (with line condition sensors that detect conductor
temperature, line sag and wind speed / direction) to increase line capacity loading and control stability.
Control commands might disable / enable devices on given ratings

Type: Ad Hoc
Bandwidth: Medium
Resilience: Low
Database Uploads

Type: Ad Hoc
Bandwidth: High
Resilience: Medium
Firmware downloads

Type: Ad Hoc
Bandwidth: Low
Resilience: medium
Device Configuration
Dynamic Asset Relay
(FTP, SSH, SNTP)

Type: Polled
Bandwidth: Low
Resilience: Medium
Jitter: med critical
Time Synchronisation
SNTP or IEEE 1588
Clock Source
Cisco Confidential 17 2011 Cisco and/or its affiliates. All rights reserved.

FAN Overview
FAN Technologies
IEEE 802.15.4g/e RF
IEEE P1901.2 NB-PLC
6LoWPAN
IPv6 Basics
RPL
Connected Grid Mesh
Distribution Automation in Multi-Services FAN
Network Services
IPv6/IPv4
UDP/TCP
IEEE 802.15.4e MAC enhancements
IPv6 RPL
Web Services, EXI, SOAP,
RestFul,HTTPS/CoAP
Open Standards at all levels to ensure interoperability and reduce technology risk for utilities
Future proofing common application layer services over various wired and wireless communication
technologies
802.1x / EAP-TLS & IEEE 802.11i based Access Control
Physical
Layer
IEEE 802.15.4
2.4GHz, 915, 868MHz
DSSS, FSK, OFDM
IEEE P1901.2
NB-PLC
OFDM
IEEE 802.11
Wi-Fi
2.4, 5 GHz, Sub-GHz
IEEE 802.3
Ethernet
UTP, FO
2G, 3G, LTE
Cellular
IEEE 802.16
WiMAX
1.x, 3.xGHz
Data
Link
Layer
IEEE 802.15.4
including FHSS
IEEE P1901.2
802.15.4 frame
format
IEEE 802.11
Wi-Fi
IEEE 802.3
Ethernet
2G, 3G, LTE
Cellular
IEEE 802.16
WiMAX
6LoWPAN (RFC 6282) IPv6 over Ethernet (RFC 2464)
IPv6 over PPP
(RFC 5072)
IP or Ethernet
Convergence SubL.
Network
Layer
Transport
Layer
Application
Layer
Addressing, Routing, Multicast,
QoS, Security
Security (DTLS/TLS)
DNS, NTP, IPfix/Netflow, SSH
RADIUS, AAA, LDAP, SNMP,!
(RFC 6272 IP in Smart Grid)
Metering
IEC 61968 CIM, ANSI C12.22,
DLMS/COSEM,!
SCADA
IEC 61850, 60870
DNP3/IP, Modbus/TCP,!
LLC
M
A
C
Mgmt
IEEE 802.11 Wireless
LAN (WLAN)
IEEE 802.15
Personal Area
Network (PAN)
Broadband Access
Regional Area
Networks
WiFi
802.11a/b/g/n
802.11ah (sub-GHz)
802.15.1 Bluetooth
802.15.4 Low Rate
WPAN
(2003-2006-2011)
802.15.4e-2012
MAC Enhancement
802.15.4f
PHY for RFID
802.15.4g-2012
amendment Smart
Utility Networks
802.15.4c Sub-GHz
PHY for China
15.4m Study Group
TV White Space
amendment
802.15.6 Body Area
Networking
802.15.7 Visible Light
Communications

USA
Canada
Chile
Colombo
Mexico
Argentina
Uruguay
Venezuela
902-928MHz
4 W *
Source: CEPT - DKE 731.09r1 JSC
860 870 880 890 900 910 920 930 940 950 MHz 850
Singapore
2 W **
Singapore
0.5 W **
S.A.
4 W **
China
2 W **

Thailand
2 W *

Europe
India
Hong-Kong
Iran
UAE

2 W **

Malaysia
2 W **
Israel
2 W *
* e.i.r.p.
** e.r.p.
Brazil
902-907.5,
915-928 MHz
4 W *
840
China
2 W **
Japan (2012)
915-930MHz

4 W*
0.5 / 0.02 W *
licensed/
unlicensed
E.U CEPT new frequency bands
discussion (870-876MHz and
915-921MHz)
Allocated Frequency bands
Licensed/unlicensed (ISM)
Transmit power
Time transmitting
Korea
917-923.5MHz
4 W *
Australia
915-928MHz
Hong-Kong
920-924 MHz
MAC layer: IEEE 802.15.4 compliant + 802.15.4e
extensions
15.4g: frame size larger than 127 bytes
15.4e: EB and EBR for network discovery
15.4e: Enhanced ACK for security and information carrying
15.4e: Information Elements (RSSI, Time synchronization)
Novel channel hopping scheme
Per-node hopping sequence for maximum channel diversity
Overlaid hopping sequence for multicasts
PHY layer IEEE 802.15.4g compliant
Operating Band: 902-928 MHz
Number of Channels: 64
Channel Spacing: 400 kHz
Modulation Method: Binary FSK
Baud Rate: 150 kbaud/sec
Bit Rate: 75 kbits/sec after overhead from Convolutional FEC
Output Power: 30 dBm
Regional filtering for countries only supporting a subset of 902-928MHz
Transmit power set-up for local regulations
Adaptation: 6lowpan (RFC 6282)
IPv6
UDP/TCP
PHY: IEEE 802.15.4g
MR-FSK
MAC: IEEE 802.15.4e
FHSS
Routing: RPL
Mgmt: CSMP
CoAP
802.1x / EAP-TLS
based Access Control Solution
Applications
Cisco Developer Network IP Enabled Grid Devices: HW ref. model + SW SDK library
Small footprint open standards IPv6-based communication stack
In Home
NarrowBand
(NB-PLC)
Backhaul
(B-PLC)
HomePlug Alliance
IEEE P1901 OFDM or
Wavelet
2-30MHz >100Mb/s
ITU G.9960
G.9961
OFDM 2-30MHz >100Mb/s
HP
Green
PHY
P1901
certification
profile
OFDM 2-30MHz Up to 3.8Mb/s
IEC 61334
Prime (Iberdrola)
G3 (ERDF)
SITRED (ENEL)
LonWorks (Echelon)
IEEE P1901.2 10-490kHz
ITU G.9955
G.9956
Includes power lines, phone lines and
coaxial cables
G.9903 Was G3-PLC annexes
G.9904 Was Prime annexes
SAE
ISO
J2931/3
15118
Electric vehicles leveraging PLC
standards
Proprietary
IEEE P1901 Profile to address the first-mile/last-
mile connection (<1500 m to the
premise)
IEEE P1901.2 MV communications
Standards Proprietary
IEEE P1901.2 Open standard for NarrowBand PLC
! PHY & MAC layers definition upper layers are open to IPv6-based standards
solution and evolution
! Worldwide regions support covers the full Low-frequency (below 500 KHz) PLC
communication spectrum
! Use-cases extend beyond AMI - EV to charging station, street lighting, power
plugs, solar panels/inverters
! Enable MV/LV crossing To be demonstrated
! Aligned with IEEE 802.15.4g/e RF Mesh profile 6LoWPAN (RFC 6282) as
adaptation layer and RPL (RFC 6550) for routing at Network layer ease the mix
of PHY/MAC technologies
Chipsets vendors advertising IEEE P1901.2 PLC support on new generation
chipsets, as PRIME and G3-PLC (different firmware), now available
CGR 1000 NB-PLC interface
CGR 1120 3 phases, CGR 1240 1 phase
Application Layer
Use case application from Vendor adopting the SDK
Management is part of the SDK libraries (CoAP/CSMP), including
firmware upgrade
IPv6 protocol suite
DHCPv6 (RFC 3315) for Address auto-configuration
RPL (RFC 6206, 6550, 6551, 6553, 6554, 6719) for IPv6 routing
IP QoS 4 priority queues
IEEE 802.1x and 802.11i based security
6LoWPAN Header Compression (RFC 6282)
MAC layer: IEEE P1901.2 + IEEE 802.15.4e extensions
15.4e: EB and EBR for network discovery
15.4e: Enhanced ACK for security and information carrying
15.4e: Information Elements (RSSI, Time synchronization)
PHY layer IEEE P1901.2 compliant
Phase 1 CENELEC A band mandatory, B/C/D optional
Phase 2 all World regions
Adaptation: 6lowpan (RFC 6282)
IPv6
TCP/UDP
PHY: IEEE P1901.2
MAC: P1901.2 + 802.15.4e extensions
Routing: RPL
Mgmt: CSMP
CoAP
Cisco Developer Network IP Enabled Grid Devices: HW ref. model + SW SDK library
Small footprint open standards IPv6-based communication stack
802.1x / EAP-TLS
based Access Control Solution
Applications
IP Services IPv6 Benefits
Addressing 128 bits, multiple scopes (global, private,
link-local,!)
Large address space, public or
private infrastructure
Address Auto-
configuration
Stateless, DHCPv6, renumbering, DHCPv6
Prefix Delegation
Zero-touch configuration
Data Link Adaptation
layers
Ethernet, WiFi, ATM, FR, PPP, Sonet/SDH,
6LoWPAN (802.15.4g, 1901.2),!
Media Diversity
Routing RIP, OSPF, IS-IS, E-IGRP, MP-BGP, RPL Reachability
IP Network &
transport layer
Security
IPsec, TLS/DTLS, Filtering (ACL, firewall) Security, Data Integrity
Multicast
MLD/PIM/Multicast MP-BGP,
Scope Identifier
Software upgrade,
Demand/Response, Dynamic
pricing
QoS IPv6 QoS Differentiated Service Multi-Services network, SLA
Time Distribution NTP version 4 Secured Time Synchronization
Management DNS, IPfix/PSAMP, SNMP, CoAP! Push/Pull Mgmt model, scalable
end-points mgmt
IETF 6LoWPAN WG IPv6 over Low Power Personal Area Networks
Initially specified as an Adaptation layer for IPv6 over IEEE 802.15.4
RFC 4919 Overview, Assumptions, Problem Statement, and Goals
Leveraged by IEEE P1901.2 NB-PLC, Bluetooth Low Energy, etc
RFC 4944 provisioned 3 functions inherent to an IEEE 802.15.4 subnet: IPv6
Header Compression, L2 Fragmentation and L2 Mesh
IPv6 Header Compression defined in RFC 6282 (deprecating RFC 4944
Header Compression scheme)
Does not rely on per-flow state
Stateless compression (compact forms for redundant and commonly used values)
Context compression (compact forms for IPv6 prefixes)
Layer-2 Fragmentation as on IPv6, fragmentation is handled by source and
destination nodes or by Layer-2 adaptation layer.
Layer-2 Mesh just provisioning the function as the definition of Layer-2
Mesh specifications is outside the scope of 6LoWPAN WG
Neighbor Discovery Optimization for IPv6 over 6LoWPAN in RFC 6775
RPL is a new Distance Vector routing protocol standardized by the IETF,
specifically designed for Low Power and Lossy Networks (LLNs)
IETF RoLL WG defined a collection of RFCs to cover all identified use cases
Adapted to nodes running over LLNs with little CPU and memory resources, low
bandwidth network interface, potentially battery powered
RPL runs over IPv6-only as Route Over, guaranteeing the use of a variety of
data links and route re-distribution with other IPv6 routing protocols
New routing metrics: Energy, latency, link reliability, node state, link color,!
Support of various traffic flows
Multi-Point to Point ie: meters to Head-end servers upstream route
Point-to-MultiPoint ie: Head-end servers to meters downstream route
Point-to-Point ie: Sensor to Actuator
Utility
Facilities
IP WAN
RPL
Domain
1. Factory Configuration
2. Network Discovery
Beaconing done every time the node boots, and
continuously thereafter
3. CG-Mesh Access Control
a) IEEE 802.1x Authentication (and RADIUS)
b) IEEE 802.11 Key Deployment (CG-Mesh-
Security)
Last 2 steps done at boot unless node already
cached GTK (warm start)
Also done on migration to a new PAN, unless node
already has cached GTK
4. Route Discovery
RPL Default Route Selection (DIO)
5. IPv6 Address assignment DHCPv6
6. Route Registration
RPL Tree Formation (DAO)
7. CG-NMS Registration (CoAP/CSMP)
Utility
Facilities
IP WAN
3 5 7

Executive Overview
FAN Technologies
Network Services
Network Management Services
Secure Zero Touch Router Deployment
Security Management Overview
IETF CoRE WG
CoAP Overview
A specialized web transfer protocol for use
with constrained nodes (microcontrollers,
Limited RAM and ROM) and constrained
networks (e.g. LLNs) with low data rate
HTTP-like GET/POST for resource objects over
UDP
4-byte binary protocol header, then options and data
Request/Response
Small Message Overhead
Supports Multicast
Supports Asynchronous Messaging
May also work in proxy mode (HTTP-CoAP)
Not supported on CG-NMS or CGR 1000

Client Server Client Server
| | | |
| CON tid=47 | | CON tid=53 |
| GET /foo | | GET /baz |
+---------------->| +---------------->|
| | | |
| ACK tid=47 | | ACK tid=53 |
| 200 "<temp... | | 404 "Not... |
|<----------------+ |<----------------+
| | | |

IP WAN
Cisco CG-NMS
Server, DB
CG-NMS communicates with CGE
using CoAP over IPv6
CSMP Overview a CoAP-based protocol and data model for
remote management of embedded networking devices running in
large-scale constrained networks
CG-NMS uses CSMP (CoAP Simple Management Protocol) over
UDP port 61624 over IPv6 to directly communicate with CGEs
CG-NMS CSMP functions
Registration CGEs contact CG-NMS after joining network
Provisioning CGEs retrieve configuration from CG-NMS after registration
Metrics CGEs periodically push network performance and routing information
to CG-NMS after configuration
Configuration CG-NMS can push new configuration and group info to CGEs
Firmware Update CG-NMS can push new communication module firmware to
CGEs
All CSMP Messages from CG-NMS to CGEs are Signed by CG-NMS and
Verified by CGEs

RF Mesh (or PLC)
Neighborhood Area Network
Cisco Connected
Grid Endpoints
Head-end Tunnels
aggregation routers
Public or Private
WAN Backhaul
CGR 1240 CGR 1120
GIS
Internet
service
SCADA servers, Historian, etc
Head-End System, Outage
Reporting System, Meter Data
Management, etc.
AMI Operations
DA Operations
CG-NMS
Oracle Database
Web UI Module
CSMP
protocol
Module
SOAP API
Module
North bound APIs
and Syslogs
CGE Device
Module
CGR1000
protocol
Module
CGR 1000
Device Module
Netconf
protocol
Module
ASR 1000
Device Module
Inventory Properties Metrics Events Rules !
!
Public or Private
IP WAN
AAA Server CA Server
RA Server
Cisco CG-NMS
Server, DB
IPAM (DNS/DHCP) Directory Services
Tunnel
Provisioning
Service (TPS)
ASR 1000
1
[Factory-default] Pre-configure CGR1000 router with immutable device X.509 certificate (aka.
IEEE 802.AR IDevID), uplink network credentials (Cellular, WiMAX, Ethernet, etc.), and address/
port of Tunnel Provisioning Service in CG-NMS
1. On power-on, CGR1000 joins uplink network(s)
Public or Private
IP WAN
RA Server
Cisco CG-NMS
Server, DB
Tunnel
Provisioning
Service (TPS)
ASR 1000
2
2. CGR1000 enrolls certificates through SCEP. After a successful authentication, CGR 1000
can communicate with the TPS
3. CGR1000 communicates with TPS using Callhome configuration over HTTPS. TPS
terminates the connection and forwards the request to CG-NMS over another HTTPS
connection
2
3
3
Public or Private
IP WAN
RA Server
Cisco CG-NMS
Server, DB
Tunnel
Provisioning
Service (TPS)
ASR 1000
4. CG-NMS contacts the DHCP server for IPv4/IPv6 addresses of the CGR 1000
5. CG-NMS connects through TPS to configure the CGR 1000 End of the tunnel
6. CG-NMS configures the ASR 1000 Tunnel Endpoint through NETCONF over SSH
connection CGR 1000 establishes an IPsec tunnel with ASR
5
5
6
4
Public or Private
IP WAN
RA Server
Cisco CG-NMS
Server, DB
Tunnel
Provisioning
Service (TPS)
ASR 1000
7
7. CGR1000 opens new HTTPS connection to registration service in CG-NMS, sends
discovery information over the IPsec tunnel
8. CG-NMS downloads CGR 1000 configuration and stop registration
8
Public or Private
IP WAN
AAA Server
Certificate
Authority Server
Registration
Authority Server
Cisco CG-NMS
Server, DB
Tunnel
Provisioning
Service (TPS)
ASR 1000
Secure
handheld with
utility technician
Mesh Access Control
using 802.1x, EAP-
TLS, certificates
Link-Layer encryption
with AES-128
IPSec encryption over WAN
backhaul with traffic segmented
IP ACL
IEC 62351-8 (RBAC)
HSM HW
IEEE 802.1AR
X.509 Cert
FW and IPS
Vulnerability management CERT, PSIRT
Cisco Secure Development Lifecycle (CSDL)
Devices protection (HW & SW)
Electronic Security Perimeter network design

FAN Overview
FAN Technologies
Network Services
Resiliency
IEC 61850-3 & IEEE1613 compliant
Natural cooling convection
Chassis-Integrated Heat sink
No moving parts
Automatic failover from DC to AC
(indoor model), from AC to battery
(outdoor model)
Extended Temperature Range
Support
Multi-Services Field Area Routers
Indoor (CGR 1120) & outdoor
(CGR 1240) ruggedized modular chassis
Dual-stack (IPv4/IPv6) routers
RF & NB-PLC Mesh support AMI
and DA use cases
Ethernet & Serial support SCADA
Use cases
Choice of WAN backhaul: WiMAX,
Ethernet/Fiber, Cellular (3G, CDMA)
3
rd
party radio hosting readiness
(CGR 1240 only)
Pervasive Security
HW integrity: IEEE 802.1AR
X.509 Certificate-based identity
IEEE 802.1x & 802.11i Access Control
RF & PLC Mesh Security
WAN encryption through IPsec
Multi-Services Feature Set
Segmentation and Prioritization
of traffic QoS
SCADA traffic encapsulation and
Protocol translation
Zero-touch provisioning for easing
Scalable field deployment
Comprehensive remote management
Solution
3
rd
party application integration readiness
SCADA Use Cases
Raw TCP Socket Serial SCADA
Protocols encapsulation over IPv4
IEC 60870-5-101 to 60870-5-104
protocol translation
PPP/CHAP IPv4 over Serial
Interfaces connectivity
IEC 60870-5-104, DNP3/IP,
ModBus/TCP or IEC 61850 MMS over
Ethernet L3 interfaces
IEC 61850 GOOSE/SV over Ethernet
L2 and WAN (L2TPv3) in future releases

Multi-Services Field Area Routers
IPv4/IPv6 Unicast & Multicast forwarding
IPv4/IPv6 QoS traffic prioritization
Routing OSPFv2/OSPFv3, Static
Routes, Object Tracking, PIMv6,
MP-BGP (future)
DHCPv6 relay
NTPv4
VRF-Lite (future)
AMI Use cases
6LoWPAN-based RF Mesh and
NB-PLC Mesh support
IPv6 RPL routing for Mesh networks
Power Outage Notification
RPDON
ANSI C12.22 Relay (Itron non-IP Mesh)
Network & Security Management
NetConf, XML, CG-DM, SNMP, EEM
Smart Call Home
SSH, HTTPS, RADIUS, TACACS+
IPsec Tunnels over WAN
Role-based Access Management
802.1x Supplicant + mesh enhancements for 802.1x
Mesh Access Control using certificates and
group mesh keys
Router-based Access Lists (L3-L4 ACLs)
Wi-Fi Security using 802.1x, WPA2
Dimensions: 30.48 cm (H) x 22.86 cm (W) x 21.59 cm (D) = 12 (H) x 9.0 (W) x 8.5 (D)
Antennas shown above are optional; can be deployed with external antennas
Ethernet Switch
2GE WAN (Cu or
SFP), 4FE LAN
4 Module Slots
Integrated Antennas for RF Mesh, WiMAX, 3G, Wifi
AC Power Supply
2 RS 232 / RS
485 Serial ports
Battery
Backup
GPS Antenna
<%=4%7 >%):,
?@ABCD E7#2,+/
F4))+7%'+79 @ABC G,:+/(+,
?FHIJKD 1.((+1,./
Functionality Description
Form Factor NEMA 4 / IP 67 Enclosure with pole mount brackets
Compliance IEEE 1613 and IEC 61850-3
Modular Architecture 4 communication module slots
On board Ethernet Interfaces 4 x 10/100 RJ-45 + 2 x 1G SFP ports
On board Serial ports 2 x DB-9 (RS232/RS422/RS485)
On Board WiFi 802.11b/g/n
On Board GPS Yes
Self enclosed Unit Integrated Battery back up and Battery charging / management circuit
3rd party radio hosting Integrated mounting bracket, 12 VDC power output (12W)
Power Options 120-240 VAC, 12/24/48 VDC (future)
Digital Alarm (Input/Output) 2 Digital Inputs / 2 Digital Outputs
SD Flash Removable flash card for image, config storage
Real time clock Yes
USB ports Two type A USB host ports
Console/AUX port One RJ45 port
Temperature Range -40 C to +70 C (- 40 F to 158 F) with type test to 85C (16 hours)
IRIG-B timing output BNC connector
3 Phase AC input DC input
Slot 1
Slot 2

Integrated AC
& DC PS
Ethernet Switch
2GE WAN, 6FE
Serial
RS-232,
RS-485
Fiber WAN
2 GE SFP
Module Slots
GPS Antenna
Wi-Fi Antenna
Console &
Alarm ports
Substation Hardened
! IEC61850-3 and IEEE1613 compliant
! Fixed Memory
! Din-rail mounted
Convection Cooled
! No fans and/or moving parts
! Increased Operating Temp
! Estimated Dimensions:
! 8.9 cm (H) x 22.9 cm (W) x 20 cm (D) =
3.5 (H) x 9.0 (W) x 7.8 (D)
Thank you.

Cisco DA and AMI v01

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Cisco DA and AMI v01

Uploaded by

Copyright:

Available Formats

2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 2010 Cisco and/or its affiliates.

, the next generation

You might also like