You may not have heard about BKK AS. They are actually the second largest power grid owner in Norway with over 180,000 customers. Like many power and energy companies, some of their equipment has been around a long time. It works, but it’s getting old and it’s time to move on to something more cost effective. That’s where Cisco comes in.
I remember starting out my career in IT years ago, when IBM was selling the ‘System370 range’ as it was called. You’ll remember that in those days “nobody ever got fired for buying IBM”. As a young sales person, I found the whole IT thing fascinating. I remember that in those days the customer communications were more measured. We had typing pools, we had face-to-face meetings, and the whole selling process took time. The business customers were upgrading their systems, and the newer kit had a great business case. Maintenance on the old installation was more, over several years, than the cost of new equipment. If you were to do nothing, your competitors would steal a march on you and you’d lose customers as your costs would begin to erode your business.
Well the same is true these days. In the Utility business there is a lot of older (though still reliable, in some cases) equipment. However, some of the older time-division multiplexing (TDM) networks are reaching the end of their useful lives. So it was with BKK AS. Maintenance was becoming onerous. But it’s not just about IT costs anymore. It’s about the missed opportunity of not doing anything. New grid applications are requiring any-to-any communications flows and also pushing for IT and operations technology (OT) convergence.
BKK, therefore, decided to build one reliable IP/Multiprotocol Label Switching (MPLS) network to ultimately securely connect all systems and grid devices. Like many commercial business customers, BKK operates a separate IP network that supports its commercial broadband services. Having had a positive experience using Cisco® technology for the commercial IP network, BKK chose Cisco for the new utility network as well. That’s IT/OT Convergence! Rick Geiger talks about it in his series of blogs stating with: Energy Networking Convergence Part 1 – The Journey From Serial to IP.
The new network needed to support a variety of grid applications, including very critical protection systems for the high-voltage grid. In addition, BKK is using teleprotection systems (both distance protection as well as current differential protection), which require the communications network to support extremely low latency (< 10 ms), deterministic behavior as well as very high availability. So the network needed to be deterministic -- a common need for process control networks.
“Cisco offered the hardware and software features, as well as the reliability, that we needed to put our packet-based utility network into production,” says Svein Kåre Grønås, managing director/CEO, BKK Fiber AS. “It’s also reassuring that Cisco understands where the utility industry is heading, and is committed to connected grid services.”
So what are the results? Well here’s something taken straight out of the newly published case study:
Moving to a next-generation, packet-based utility network will save BKK significant operational costs for the utility network due to the ability to use cost-effective, standardized IP networking gear and avoid maintaining two separate networks at substations.
“Building and operating a high–bandwidth, packet-based network has given us a lot more flexibility. In addition, we can leverage the same processes and skill sets that we use to operate our Cisco commercial broadband network,” says Grønås.
With the new IP-based utility network, BKK no longer needs to reserve bandwidth for TDM communications, and now has more bandwidth available because it can be dynamically allocated. As a result, BKK can now offer the same network resources at substations that are available at corporate office locations. Workers can securely access needed documentation and other network resources at substations and power plants, instead of printing documents beforehand or calling colleagues at the office to gather information as they did in the past.
“This represents a major improvement in workforce enablement, productivity, and maintenance efficiency,” says Grønås.
In addition, this sets up BKK for success for the future. The new IP backbone will alllow BKK to provide new IP-based services and new capabilities in managing the power grid, such as advanced metering infrastructure (AMI) and distribution automation. In the future, BKK can assign IP addresses to sensors and relays to develop smart grid technologies and provide greater visibility into its electrical
“The utility industry is changing fast as smart grids become reality and more devices become part of the Internet of Things,” says Grønås. “With our Cisco-based IP utility network, we’re ready to reap the benefits of this new paradigm.”
You can read the whole case study which outlines the Cisco products and services here: Norway Utility Modernizes Power Grid.
Whilst I’m now proud to work at Cisco, some things never change -- the emphasis on solving business issues of enabling business opportunities are key -- it’s not just about cost savings. With Cisco heading towards being the leading IT company in the world, I’m sure we’ll see even more of this kind of customer success in the future.
Tags: BKK, BKK AS, cisco case study, Energy, mpls, power, Smart Grid, utilities
This is the second of a four part series on the convergence of IT and OT (Operational Technologies) by Rick Geiger
Physical Security has evolved from serial communication to modern systems that are largely, if not completely, IP networked systems. The unique requirements of physical security have often lead to shadow IT departments within the physical security department with networks and servers procured and operated by the physical security department with little or no involvement from IT.
Intersections with IT and the corporate network began with the interconnection of physical security systems and the placement of physical security appliances on the corporate network to avoid the cost of wiring that would duplicate existing networks. At one time IT may have been persuaded that these “physical security appliances” didn’t need to be managed by IT. But that persuasion was shattered by malware infections that revealed far too many “physical security appliances” to be repackaged PCs with specialized interface cards.
IT departments scrambled to locate and remove these vulnerable devices and either outright banned them from the corporate network or insisted that they be managed by IT. A hard lesson was learned that just as the organization, including IT, required physical security, video surveillance and badge access control, the physical security department needed the cyber security expertise of IT to protect the communication and information integrity of networked physical security systems.
Convergence is sometimes regarded as the use of physical location as a criteria for network access. Restricting certain network access to a particular location and/or noting any discrepancies between the location source of a login attempt and the physical location reported by the badge access system. For example, the network won’t accept a login from Asia when that user badged into a building in Philadelphia.
The need and opportunity for Cyber and Physical security convergence is much broader than network access. Physical Security systems need Cyber Security protection just as Cyber Systems need Physical Security protection.
What are, at a very high level, the primary activities of Physical Security on a day to day basis?
- Protect the perimeter
- Detect breaches
- Situational awareness
- Standard operating procedures define for anticipated events
- Forensic to gather, preserve and analyze evidence & information
Physical security personnel often have a law enforcement or military background, and approach these activities from that point of view.
Over time, the technology of physical security has evolved from walls, guns and guards to sophisticated microprocessor based sensors, IP video cameras with analytics, and network storage of video & audio. Although there are many examples of close collaboration between IT and Physical Security, there may also be tension. Physical Security departments defend their turf from what they perceive as the encroachment of IT by claiming that they are fundamentally different.
A quick look at the Physical Security systems quickly reveals something that looks very familiar to IT. Networked devices, servers, identity management systems, etc. are all familiar to IT.
At a very high level, the primary activities of Cyber Security can be grouped into a set of activities that are very similar to Physical Security. The common process that both need to follow is a regular review of Risk Assessment:
- What are the possible threats
- What is the probability of occurrence of each threat
- What are the consequences of such occurrence
- What are cost effective mitigations — as well as mitigations required by compliance
The Risk Assessment process is an integral part of NERC-CIP V5, which requires a review at least every 15 months of “…cyber security policies that collectively address…” CIP-004 through CIP -011. Implementation is required to be done “..in a manner that identifies, assesses, and corrects deficiencies…”
Many of the activities Cyber and Physical Security overlap and need to align:
- The use of IT Technology in Physical Security systems
- Overlapping Identity Management
- Device Identity management
- Requirement for IT process maturity
- IT security required for Physical Security systems
- Physical Security required for IT Systems
- Consistent future strategy & direction
The bottom line is that the activities of Physical and Cyber security have many parallels with opportunities to learn from each other and collaborate in threat assessment and risk assessment strategies and coordinated implementation and operation. NERC-CIP V5 has mandatory requirements for both Physical and Cyber security. Modern security, both Physical and Cyber, need to move beyond reacting to events that have already occurred, to agility and anticipation.
What does this mean for Cisco?
Cisco has a portfolio of leading edge Cyber and Physical Security solutions. Cisco’s Advanced Services offerings help our customers develop and deploy a collaborative, unified approach to Physical and Cyber security. NERC-CIP V5 is a compelling event for the electric utility industry. The transition period is underway with completion required by April 2016. Are you up to date on Cisco’s solutions and capabilities? We are here to help!
Tags: convergence, cyber security, Energy, security, utilities
With its fast-growing economy, India faces significant challenges in meeting the energy needs of its population and industry. And given the growth of the renewable energy sector, the Indian Renewable Energy Development Agency (IREDA) was established in 1987 to promote, develop, and extend financial assistance for projects involving renewable energy generation, energy efficiency, and conservation. IREDA recognized the need to optimize use of its resources and leverage technology advances to better serve its constituents.
To improve the efficiency of its increasingly complex operations, IREDA sought to replace its aging heterogeneous campus network infrastructure with a scalable, unified solution. Key requirements included superior reliability and security as well as energy efficiency to foster the agency’s values while providing cost savings. There was an immediate benefit in lowering network energy consumption and the network would be the tool to both help ensure the security of confidential information and provide high performance for applications such as video.
How did this renewable energy agency approach deploying a network that would be scalable and power resilient while optimizing network efficiency? Click to read the full blog
Tags: Cisco, confidential, Energy, financial assistance, india, ireda, midsize, network, performance, project, reliability, renewable energy, security, switch, technology
Look out for Cisco at the upcoming presence at ENTELEC 2014. We’ll have both Exhibition space with demonstrations and a speaking slot.
ENTELEC is the Energy Telecommunications and Electrical Association focusing on communications and control technologies used in Oil & Gas and Electric Utility companies.
The ENTELEC 2014 Conference & Expo runs from May 20 -- to May 22, 2014, and this spring conference is being held in the George R Brown Convention Center in Houston Texas, one of the US major Oil and Gas centers.
Here’s advance warning of the Cisco presentation and booth.
Thursday, May 22, 2014, 2:30 p.m. – 3:30 p.m.:
Collaboration in O&G Operations: A Study into E&P Operational Behavior
- Cisco, Room 332B
And Exhibition details:
Cisco Systems, Inc. Stand 231
Collaboration in Oil and Gas Operations is far more than just people using video and communications tools to talk to each other. With the advent of the Internet of Everything (IoE) that involves People, Process, Data and Things, operations staff at all levels of the organization expect to be able to collaborate with experts, supervisors, field workers and third parties using real time data feeds from videos and sensors, and have visibility to M2M communications, as well as to advanced modelling and analytical tools, whilst collaborating! Cisco is already well known for its field virtual expert enabling collaboration technologies (more info here: Cisco Field Expert Collaboration for Oil and Gas At-A-Glance PDF -- 1.44 MB). With that you can get immediate, face-to-face access to experts with on-demand video and communications tools. Now we’re taking it one step further… Read More »
Tags: cisco collaborative operations, collaboration, collaboration in O&G Operations, collaborative operations, Energy, entelec, oil & gas, oil and gas, Smart Grid, ulilities
The 2014 IEEE PES Transmission & Distribution Conference & Exposition is in the Windy City, bringing a half-century of industry innovation to the biggest and most exciting conference yet!
Check out Cisco’s presence at the IEEE show: McCormick Place; West Hall; Level 3, 2301 S. Lake Shore Drive; Chicago, IL 60616, and learn more about what Cisco is showing!
Here’s a run down of the demos you can see:
Field Area Network showcases how you can address multiple use cases such as Advanced Metering Infrastructure (AMI), Distribution Automation (DA), and Remote Workforce Management all over a single, multi-service IP network platform. The latest additions to the Connected Grid product portfolio, include the IR 500 Series Distribution Automation Gateway, PLC NAN modules and WiMAX WAN modules for the Cisco 1000 Series Connected Grid Routers, and the Connected Grid Network Management System. The Connected Grid Network Management solution allows you to securely manage multi-vendor, multi-technology, multi-service utility communication networks that can scale to millions of endpoints.
IOx showcases the best in networking operating systems, Cisco Internetworking Operating System (IOS), and the best in open source Linux working together to enable Fog computing. IOx allows data collection to move closer to the source, sensors and systems of origin. It reduces the cost of data collection by eliminating a separate server to run the interface or application and supports demanding utility and industry environments requiring hardened devices.
Substation Automation showcases how you can address mission critical grid operational as well as infrastructure support use cases over a converged network infrastructure.
You will see IEC-61850 GOOSE transport over the Ethernet station bus, partner products integration for Visualization/Control (HMI), serial DNP3/Modbus SCADA and ANSI 87L Line Current Differential Teleprotection transport over an MPLS WAN, along with video surveillance and access control for substation physical security. The latest additions to the Connected Grid product portfolio, include the IE-2000U small form factor Industrial Ethernet Series Switches for the Process bus with PRP red-box and high precision 1588 Power Profile functionality, the ASR-903 MPLS substation router with Async/Sync Serial Interface Modules, and the Prime Carrier MPLS wide areas network management system.
Cyber Security Cisco’s Agile Security Process can significantly reduce the risk of Cyber Threats. Having visibility into your network by seeing all the network traffic, learning what should and should not be there and which attacks are relevant, the Cisco Security Suite can adapt to your environment and remediate based on real threats. This can not only save you time and money, but allow you to focus on the real world security issues by reducing the amount of false positives and false negatives.
Cisco Developer Network (CDN) program facilitates partners to work with Cisco to develop products and solutions for the utility industry. The CDN program enables development, integration with Cisco solutions and certification of IP enabled grid endpoints using Radio-frequency (RF) and Power-line communications (PLC) technologies, distributed intelligence applications and third party communication modules for IOX based field area routers, transmission and distribution technologies as well as grid security and management software.
So be there or be square! Meet up withy Cisco specialists, hear about the latest trends, and see how Cisco is even more relevant to the Utilities sector than ever before!
For those of you looking for a handy map of ‘Where-to-go’, here it is below: Read More »
Tags: chicago, Energy, FAN, field area networks, IEEE, substation automation, utilities