With just under two million customers, BC Hydro is deploying the first standards based multi-services in production FAN network with IPv6 802.15.4/RPL mesh to manage the Automated Metering Infrastructure(AMI), Distribution Automation(DA) and other advanced gird applications.
BC Hydro is fast moving to build an IPv6 network able of supporting 2 Million routable IPV6 addresses in a secure, resilient, and manageable way.
BC Hydro has 41 Dam sites, 30 Hydro facilities and 9 Thermal units and, from a transmission perspective, has 18,000 km of Transmission lines 260 substations, and 22,000 steel towers!
On top of that, BC Hydro has 56,000 km of Distribution lines Approx. 900K poles, over 300K of transformers that serve 17 Non-integrated areas.
The area covered by BC Hydro is equal to the area of California, Oregon and Washington state combined. Impressed/? You will be…
OK, enough of the numbers. So what about the business? Well, the idea is to do three things, according to Fiona Taylor, director of BC Hydro’s smart metering program, said in prepared remarks to a reporter at Smart Grid Today:
“Benefits of the IPv6 network include streamlined operations, improved system visibility and revenue recovery,”
By way of history, under a mandate from the British Columbia government to implement AMI, BC Hydro awarded Itron and Cisco a $270 million contract for smart meters and networking, Gary Murphy, chief project officer for smart metering at BC Hydro, told Smart Grid Today in 2011 (SGT, 2011-Aug-10).
That brings us to a key part of the customer solution. Itron. Itron is a partner of Cisco, and together we have developed some of the most innovative metering solutions for energy customers.
Also, Itron and Cisco are helping to break down silos in the Energy industry infrastructure. There is real added-value in adopting a standards-based approach to smart metering and smart grid. You can read about it in the white paper here.
A couple of the objectives of the partnership deliver direct value to our customers:
Deliver true multi-service, multi-application (applications from metering to grid to workforce) capabilities over a common network infrastructure with standardized and robust security that any utility can implement.
Optimize the total cost of ownership of these networks by spreading the cost over a greater number of grid applications and devices.
The way forward is clear. And foggy. That’s because Cisco is delivering its vision of Fog Computing to accelerate value from billions of connected devices -- meters included! More about that next time when I talk about how Cisco IOx enables applications to run directly at the network edge to overcome rising operational costs and spark new innovations in the Internet of Things.
This is the second of a four part series on the convergence of IT and OT (Operational Technologies) by Rick Geiger
Physical Security has evolved from serial communication to modern systems that are largely, if not completely, IP networked systems. The unique requirements of physical security have often lead to shadow IT departments within the physical security department with networks and servers procured and operated by the physical security department with little or no involvement from IT.
Intersections with IT and the corporate network began with the interconnection of physical security systems and the placement of physical security appliances on the corporate network to avoid the cost of wiring that would duplicate existing networks. At one time IT may have been persuaded that these “physical security appliances” didn’t need to be managed by IT. But that persuasion was shattered by malware infections that revealed far too many “physical security appliances” to be repackaged PCs with specialized interface cards.
IT departments scrambled to locate and remove these vulnerable devices and either outright banned them from the corporate network or insisted that they be managed by IT. A hard lesson was learned that just as the organization, including IT, required physical security, video surveillance and badge access control, the physical security department needed the cyber security expertise of IT to protect the communication and information integrity of networked physical security systems.
Convergence is sometimes regarded as the use of physical location as a criteria for network access. Restricting certain network access to a particular location and/or noting any discrepancies between the location source of a login attempt and the physical location reported by the badge access system. For example, the network won’t accept a login from Asia when that user badged into a building in Philadelphia.
The need and opportunity for Cyber and Physical security convergence is much broader than network access. Physical Security systems need Cyber Security protection just as Cyber Systems need Physical Security protection.
What are, at a very high level, the primary activities of Physical Security on a day to day basis?
Protect the perimeter
Standard operating procedures define for anticipated events
Forensic to gather, preserve and analyze evidence & information
Physical security personnel often have a law enforcement or military background, and approach these activities from that point of view.
Over time, the technology of physical security has evolved from walls, guns and guards to sophisticated microprocessor based sensors, IP video cameras with analytics, and network storage of video & audio. Although there are many examples of close collaboration between IT and Physical Security, there may also be tension. Physical Security departments defend their turf from what they perceive as the encroachment of IT by claiming that they are fundamentally different.
A quick look at the Physical Security systems quickly reveals something that looks very familiar to IT. Networked devices, servers, identity management systems, etc. are all familiar to IT.
At a very high level, the primary activities of Cyber Security can be grouped into a set of activities that are very similar to Physical Security. The common process that both need to follow is a regular review of Risk Assessment:
What are the possible threats
What is the probability of occurrence of each threat
What are the consequences of such occurrence
What are cost effective mitigations — as well as mitigations required by compliance
The Risk Assessment process is an integral part of NERC-CIP V5, which requires a review at least every 15 months of “…cyber security policies that collectively address…” CIP-004 through CIP -011. Implementation is required to be done “..in a manner that identifies, assesses, and corrects deficiencies…”
Many of the activities Cyber and Physical Security overlap and need to align:
The use of IT Technology in Physical Security systems
Overlapping Identity Management
Device Identity management
Requirement for IT process maturity
IT security required for Physical Security systems
Physical Security required for IT Systems
Consistent future strategy & direction
The bottom line is that the activities of Physical and Cyber security have many parallels with opportunities to learn from each other and collaborate in threat assessment and risk assessment strategies and coordinated implementation and operation. NERC-CIP V5 has mandatory requirements for both Physical and Cyber security. Modern security, both Physical and Cyber, need to move beyond reacting to events that have already occurred, to agility and anticipation.
What does this mean for Cisco?
Cisco has a portfolio of leading edge Cyber and Physical Security solutions. Cisco’s Advanced Services offerings help our customers develop and deploy a collaborative, unified approach to Physical and Cyber security. NERC-CIP V5 is a compelling event for the electric utility industry. The transition period is underway with completion required by April 2016. Are you up to date on Cisco’s solutions and capabilities? We are here to help!
Rick Geiger presented Session BSAIoT-2100 -- How to Successfully Converge IT and OT (Operational Technologies) at Cisco live in San Francisco this week, with strong interest from attendees.
Many of you know of Rick Geiger from this blog and other publications. Rick’s session at Cisco Live 2014 discussed the many aspects and challenges of merging OT and IT in organizations. Computing and networking for operations requires more IT-based support and a growing convergence of IT and OT skill sets to support intelligent devices and varied processes. Rick’s session discussed the convergence driven by the critical needs of the OT organization for the process maturity of IT and for managing and securing the growing complexity of OT systems.
In bringing IT processes & capabilities to OT, IT will need to recognize the needs of critical control systems and the equivalent process capabilities that OT provides for engineering and operations. Successful companies will find ways to establish common ground & combine the expertise & value of both. Bringing standalone devices or isolated networks into core operational systems will bring clear and tangible advantages and business benefits to those companies.
Rick’s session topic covered new ideas & concepts that are developing around IT/OT, providing major opportunities for those who understand how to leverage their IT know-how to Operations.
Missed it? Well you can download the slide deck here:
A few weeks ago I started to prepare my session for the great meeting of the minds at Cisco Live in San Francisco. I have to confess that at the beginning it felt a bit weird creating a presentation about Internet of Things (IoT), a market that is targeting Operational Technology (OT) decision-makers, for an event that for many years now has been a “mecca” for Information Technology (IT) professionals felt incongruous.
But the more I thought about it, the more excited I got about the opportunity. As the IoT market gets better defined and developed, and grows in size and relevance, it presents an unprecedented opportunity for IT professionals to engage in the conversation and bring in their experience, skills and perspective. The IoT solutions required by OT professionals are ripe for innovation, the type of innovation that IT professionals are great at.
Resilient, scalable and secure converged networks, simplified and automated management, new computing models (Fog) that deliver distributed intelligence, and system-wide application enablement are building blocks for more advanced and smarter solutions for IoT. In a previous blog I talked about some of the characteristics of these new environments, and how the extension of the traditional IT environments outside the “carpeted office” can deliver incredible gains in visibility, automation and control. Think about these examples in terms of business value enabled by Cisco’s IoT portfolio: Read More »
The 2014 IEEE PES Transmission & Distribution Conference & Exposition is in the Windy City, bringing a half-century of industry innovation to the biggest and most exciting conference yet!
Check out Cisco’s presence at the IEEE show: McCormick Place; West Hall; Level 3, 2301 S. Lake Shore Drive; Chicago, IL 60616, and learn more about what Cisco is showing!
Here’s a run down of the demos you can see:
Field Area Networkshowcases how you can address multiple use cases such as Advanced Metering Infrastructure (AMI), Distribution Automation (DA), and Remote Workforce Management all over a single, multi-service IP network platform. The latest additions to the Connected Grid product portfolio, include the IR 500 Series Distribution Automation Gateway, PLC NAN modules and WiMAX WAN modules for the Cisco 1000 Series Connected Grid Routers, and the Connected Grid Network Management System. The Connected Grid Network Management solution allows you to securely manage multi-vendor, multi-technology, multi-service utility communication networks that can scale to millions of endpoints.
IOx showcases the best in networking operating systems, Cisco Internetworking Operating System (IOS), and the best in open source Linux working together to enable Fog computing. IOx allows data collection to move closer to the source, sensors and systems of origin. It reduces the cost of data collection by eliminating a separate server to run the interface or application and supports demanding utility and industry environments requiring hardened devices.
Substation Automation showcases how you can address mission critical grid operational as well as infrastructure support use cases over a converged network infrastructure.
You will see IEC-61850 GOOSE transport over the Ethernet station bus, partner products integration for Visualization/Control (HMI), serial DNP3/Modbus SCADA and ANSI 87L Line Current Differential Teleprotection transport over an MPLS WAN, along with video surveillance and access control for substation physical security. The latest additions to the Connected Grid product portfolio, include the IE-2000U small form factor Industrial Ethernet Series Switches for the Process bus with PRP red-box and high precision 1588 Power Profile functionality, the ASR-903 MPLS substation router with Async/Sync Serial Interface Modules, and the Prime Carrier MPLS wide areas network management system.
Cyber Security Cisco’s Agile Security Process can significantly reduce the risk of Cyber Threats. Having visibility into your network by seeing all the network traffic, learning what should and should not be there and which attacks are relevant, the Cisco Security Suite can adapt to your environment and remediate based on real threats. This can not only save you time and money, but allow you to focus on the real world security issues by reducing the amount of false positives and false negatives.
Cisco Developer Network (CDN)program facilitates partners to work with Cisco to develop products and solutions for the utility industry. The CDN program enables development, integration with Cisco solutions and certification of IP enabled grid endpoints using Radio-frequency (RF) and Power-line communications (PLC) technologies, distributed intelligence applications and third party communication modules for IOX based field area routers, transmission and distribution technologies as well as grid security and management software.
So be there or be square! Meet up withy Cisco specialists, hear about the latest trends, and see how Cisco is even more relevant to the Utilities sector than ever before!
For those of you looking for a handy map of ‘Where-to-go’, here it is below: Read More »