Cisco industrial

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1

May 7, 2013

Cisco Connected Grid Securing and Modernizing the Grid Over An Intelligent, Secure Network


Modernize

Cisco Connected Grid Substation Solution Designed for both mission critical and support communications, delivering

greater visibility, control and management of grid assets

What Are We Announcing Solutions To Accelerate Grid Security and Modernization

Cisco Connected Grid Security Architecture A framework for protecting critical infrastructure and information based on a layered security approach

Secure


Cisco Connected Grid Global Customer Momentum

FGC UES

2013 Highlights

• New Customers

• New partnerships

• Industry awards


Use Cases

Substation Physical Security

Remote Workforce

Management

Remote Configuration

Substation Automation

Tele-Protection

System Integrity Schemes

supervisory control and data

acquisition (SCADA)

Wide Area Monitoring

Advanced Meter Reading

Dynamic Line Rating

Fault Isolation and System

Restoration (FISR )

Applications Reference Model Architectures

Cisco GridBlocksTM Architecture Systematic Approach To Grid Modernization

Integrating Security Throughout


Cisco Connected Grid Expanded Portfolio

Data Center & Control

Center

Grid Operations &

Inter-Utility Network

Transmission

& Substation Network

ARCHITECTURE + SECURITY + SERVICES

Field Area Network Neighborhood

Area Network

Customer Premise

Area


Address

• Safety

• Reliability

• Regulatory compliance, standards and guidelines

Plan

• Legacy integration

• Vulnerability identification and management

• User / device identity and access control

Deliver

• Customer privacy and data confidentiality

• Integrity across operations

• High resiliency

Utility Top Of Mind Issues


Grid Changes Driving Security And Risk Mitigation

Grid Increased

Automation

Interconnections

Across Grid

Components

Modernization

and Resiliency

Interoperability

Challenges Security and

Privacy

Legacy

System

Integration

Increased

Attack

Surface

Emerging Applications and Increased Grid Traffic Contribute to Risk


Connected Grid Security Architecture

Access Control

• User and Device Identity

• Authentication, Authorization & Accounting

Data Integrity, Confidentiality and Privacy

• Network Segmentation

• Security Connectivity and Encryption (VPN)

Threat Detection and Mitigation

• Security Zones with Firewall

• Intrusion Prevention with SCADA signatures

Device and Platform Integrity

• Device Hardening

• Configuration Assurance


Security Services and Ecosystem

• Advanced services dedicated to Energy industry to assist customers in security strategy and deployment

• Cisco security intelligence operations: threat and vulnerability analysis and notification services

• Broad partner ecosystem we leverage for our customers - to help them with their business issues


Customer Case Study: Network Design for Critical Transmission Application

Challenge Meets six nines of availability; 50 msec RTT latency

Securely Transports non-routable GOOSE Ethernet frames

Scalability for fast-growing network of telemetry devices

NERC-CIP, IEC 61850-3 and IEEE 1613 compliance

Solution

• Cisco Connected Grid router and switches in integrated network

• Centralized security and operational management

• NERC-CIP compliance and security

• Scalable availability and QoS models

Results

• Improved visibility into

substation operations and

logging of telemetry data

• Flexible platform to support

multiple transmission functions

• Address changing regulatory

requirements while taking a

comprehensive security

approach


Customer Case Study: Utility Backbone MPLS Network

Challenge

• Unify multiple legacy networks onto MPLS network

• Achieve reliability within secured network segments

• Reduce OPEX, time to provisioning

• Improve network convergence and availability

Solution

• Cisco Services design: highly available MPLS backbone

• Cisco Connected Grid Portfolio

• Comprehensive network management and security

• Operational management models for network and substation

• Comprehensive Security and NERC-CIP compliance

Results

• Cost reduction with standards-

based products and technologies

• Reliable consolidation of multiple

operational networks

• Reduced time to provision new

sites

• Greater operational efficiency

• Robust network foundation to

support evolving smart grid

applications: PMUs, field area

network backhaul, mobile

workforce solutions


Use Cases

Substation Physical Security

Remote Workforce

Management

Remote Configuration

Substation Automation

Tele-Protection

System Integrity Schemes

supervisory control and data

acquisition (SCADA)


Advanced Meter Reading

Dynamic Line Rating

Fault Isolation and System

Restoration (FISR )

Applications Reference Model Architectures

Grid Modernization: Cisco’s Systematic Approach

Integrating Security Throughout


Neighborhood Area Network

Wide Area Network

One Systematic Approach for All Places in The Network


CGS-2k

CGS-1k ASR 903

CGR 2010

ASR 9000

CRS

Nexus 1000V

Nexus 2000

Nexus 3000

Nexus 4000

Nexus 7000 Nexus 5000

UCS Blade Servers UCS Rack Servers

Fabric Interconnect & Extenders

Substation LAN

Data Center & Control Center

Substation WAN Core

Iron Man

Prime NGN

Network Management

Field Area Network

CGR 1240

CGR 1120

Connected Grid NMS Connected Grid

Design Suite Prime Infrastructure Prime Data Center


Control Center Router

ISR-G2

Contr

ol C

ente

r /

NO

C

Multi-service Bus

IP Telephony Physical

Security

Substa

tion

EMS /

SCADA

Prime, ISE

Network and Security Management Systems

Cisco Design,

Network and Security Management

applications


and Controls System Historian

CG-DS

Operations Edition Physical Security Operations

Manager

Control Center

Partner Applications

WA

N

Remote

Workforce

FAN Aggregation

Process Bus

Protection IED CG-DS

Substation Workbench Merging Unit PT/CT

Station Bus

IEDs / PMUs RTU / Bay

Controller

Substation MPLS Router

ASR-903

WiMax

Secure

Public or Private WAN Solutions

CGS 2520

CGS 1000

CGR 2010

CGR 2010

CGS 2520


New IEC 61850 Substation LAN Product Family

Space constrained use cases

• Distributed generation

• Substation LAN Station and Process bus

• Substation Switchyard deployments

Resilient architectures

• Ring, Tree and Hierarchical topologies

• Standards based PRP and HSR for hitless failover

Utility grade platform

• IEC-61850-3 & IEEE 1613 tested

• IEEE 1588 PTP, C37.238-2011 time synchronization

Flexible connectivity options

• Mixture of copper and fiber

• Power over Ethernet

• Multiple port density configurations

Cisco CGS 1000

Compact switches


Introducing ASR 903 for low latency grid communications

• ASR 903: Utility SONET/SDH replacement

Compact, redundant, modular and hardened

High performance future proof scale to 300Gbps

WAN options: Ethernet, TDM/ATM, Serial Sync & Async

• ASR 903 Line card expansion

RS-232 Serial interface cards for ASR 903

Serial tunneling of SCADA over the WAN

Hardware ready for future protocols (e.g., RS-485, RS-422, X.21, V.35)

• Expanded Solution validation

New reference designs for multiservice MPLS/IP network

Addition of low latency use cases (e.g., tele-protection)

Test results available under NDA for customers & partners

Serial Interface Modules


Q&A


Summary

1

Secure

A framework for protecting critical infrastructure and information based

on a layered security approach

2

3

Learn more

Join us at UTC Telecom 2013. Security tutorials, Customer seminar, Demos and more.

Visit www.cisco.com/go/smartgrid

Modernize

Designed for both mission critical and support communications,

delivering greater visibility, control and management of grid assets

http://www.cisco.com/go/smartgrid


Thank you.

Date post:	17-Dec-2014
Category:	Documents
Upload:	cristian-reyes
View:	304 times
Download:	2 times

Cisco industrial

Documents