|
|
发表于 2009-5-20 11:20:59
|
显示全部楼层
1# gwjhbs
6 I7 B- b8 N; O# T" Q5 d+ k/ n0 p! A% A- `
7 Q7 q* R. N h, h5 Y+ s6 {, h; tGap Analysis of Power System “Smart Grid” Information Standards 5 e. e0 N) O5 a g$ |2 V
- }3 p2 K2 z( ?- c: S
1. Overview of Information Standards Bodies
/ x' |% n. P+ ]9 o# z" I1.1 Standards: Meeting the Challenges of Interoperability
: ?) Q# l! f" E& V6 U2 `6 Q1.1.1 Purpose of Standards
& Y g2 e% Z5 @/ TThe purpose of cyber interoperability standards is to formalize the nouns, verbs, grammar, and societal rules for exchanging information, or as stated in cyber-speak, to formalize the object model semantics, the messaging syntax, the communication profiles, and the network/security management.
; u# t8 T: A# k8 L; n% Q1.1.2 Types of Standards
, _$ Y4 j0 }3 @ v3 M- iStandards come in many different flavors, with many different types of standards. Most standards focus on only specific levels (although there are not usually “clean” distinctions between levels). Broadly, there are four levels of cyber standards:# k$ _, u1 w" n) @
• Media-related standards specific to fiber optics, microwave, WiFi, CATV, wires, telephones and cellphones
$ `, L7 P* B* @• Transport-related standards such as Internet standards including Ethernet, IP, TCP, HTTP, OPC
1 p; `0 ?, ^ T1 o" p1 L• Application-related standards such as HTML, XML, IEC 61850, Common Information Model (CIM)
~1 [, D% m4 N U" k• Security-related standards such as AES 256, PKI, secret keys, and Certificates
' ~8 _7 h% B5 W+ WOften de facto standards are developed either by a dominant corporation (e.g. IBM’s ASCII and Microsoft’s OLE) or by a consortium of interested vendors (e.g. Zigbee Alliance). These de facto standards have not been “blessed” by a standards organization, but can nonetheless be widely used. In many cases, successful de facto standards eventually become formalized into real standards. In other cases, recommended practices can help narrow the choices.
- M. ]4 k, U! W3 rAnother aspect of standards is that they cannot be too rigid, but must still leave flexibility for systems to add new functionality or select certain options. Many standards come with both mandatory requirements and optional selections, as well as with “extension rules” for expanding the standards in a consistent manner for new functions. This is often viewed as the 80/20 rule, namely that standards should address about 80% of the interoperability needs, but typically at least 20% must remain for vendor-specific requirements or utility-specific requirements, as well as the flexibility to meet unforeseen requirements in the future.8 y3 U# U S8 k
Most standards are developed by vendors and consultants, with some, but very often not enough, utility involvement.
& ^7 O3 y% D0 S- }! C9 ]( N+ c' T* d v1.2 IEC TC57 Standards
: b0 v1 \, r0 d& D7 Q9 K" p9 [1 nThe interrelationship between IEC TC57 information modeling standards is illustrated in Figure 1.
9 Z/ Y2 v+ k5 kIEC 61850 is used for field communications. This illustration shows as horizontal layers the three components to an information exchange model for retrieving data from the field, namely, the abstract information models, the service models, and the communication protocol profiles that the abstract information models are mapped into. The different IEC 61850 information models are shown as vertical bars: & {5 h. X7 ]0 P/ |0 M6 U
• Substation automation (IEC 61850-7-4)
; e# c& a4 C2 B+ F• Large hydro plants (IEC 61850-7-410)! R4 J4 m$ d% g
• Distributed energy resources (DER) (IEC 61850-7-420)
5 r0 K( t- B' I• Distribution automation (under development)" N6 ^! [ u7 {* Q" B* c
• PHEV and additional DER (under development)1 \# W, ^* M9 Y) O; I' \/ G
IEC 61970 and IEC 61968, the Common Information Model (CIM), is used for enterprise-level communications. The CIM is an abstract model of utility-specific data. Service models such as the GID are defined, but no mapping between the CIM to these service models is specified. The different IEC Common Information Models (CIM) are shown horizontally:
1 ?- o# o6 w6 K+ l$ B" B6 @& {: s• Transmission CIM (IEC 61970)
2 P; k: W8 ^# x• Distribution CIM (IEC 61968)% ~- w& i1 T q0 k4 f) a
IEC 62351 security standards cut across the other IEC standards, and consist of:7 O6 `. l$ D/ C! [; Q
• Protocol-specific security standards for IEC 61850, IEC 60870-5, IEC 60870-6 (ICCP), and by extension, DNP3 (IEC 62351, Parts 3-6)
+ x p5 z* i. T• Network and System Management (NSM) (IEC 62351-7), [* [% e' Z; f4 m. `$ T8 H6 b. ]
• Role-Based Access Control (RBAC) (IEC 62351-8)! A: M5 o& t* N, X: Q3 Q n
; i. \/ _8 b8 b" @3 M: E; K 9 x+ }) m) X7 |4 D: ?* t: q
Figure 1: IEC TC57 Information Standards8 g9 |$ y! G, X0 w
p8 ~/ u2 d4 {* d( o6 n/ X
1.3 Institute of Electrical and Electronic Engineers (IEEE)
, ]4 b6 m0 g2 Q" \; S* u, ^ mThe IEEE has a similar methodology to that of the IEC for developing draft and, ultimately, final standards, only IEEE voting is performed by members of the working groups, not by National Committees. Membership in working groups is much more flexible, typically requiring only that members show up for the meetings and actively participate in the work.( V! h; p q7 K+ M! R. |& I" d& ]
In addition, the IEEE working groups develop many other types of documents, including Recommended Practices, Technical Reports, Conference Papers, and other non-standards-oriented documents.
. w7 t7 }7 e! l E- K' t6 p* jThe IEEE has developed many standards, but those of greatest interest for communications and interoperability are:
4 S2 W0 a7 _3 C$ T' |$ L• IEEE 802.3 (Ethernet)
0 k/ j7 U5 D( o4 {• IEEE 802.11 (WiFi)( ~1 H$ J$ z9 z
• IEEE 802.15.1 (Bluetooth)( Y- \" q) ?: f: H
• IEEE 802.15.4 (Zigbee)
+ e2 V% ?7 s9 Y, T1 E% k• IEEE 802.16 (WiMax)
' N8 A/ k" A2 y3 W C/ G/ f2 O5 @1.4 Internet Engineering Task Force (IETF) ' P q" {& ]& {
The IETF is responsible for Internet standards, many of which are now widely implemented in private Intranets as well. A Request for Comment (RFC) document is the mechanism used by the IETF to develop, send out for comment, and finalize standards. Usually, RFC specifications must be implemented by more than one vendor before they can be fully accepted as standards.
# ~1 x0 ?" ^& ?! V- O! | RSome of the key IETF RFCs are:
" M4 a p& h+ h' n• RFC 791: Internet Protocol (IP)( p. y, J3 k# d* D% c' l: K
• RFC 793: Transport Control Protocol (TCP)
4 G! ~8 x6 K) w" g2 \% M+ r" Z! q+ w• RFC 1945: HyperText Transfer Protocol (HTTP)
% `. l2 T5 t: S( y6 r: ~• RFC 2571: Simple Network Management Protocol (SNMP)
$ D$ o- f1 h7 C6 o+ r• RFC 3820: Internet X.509 Public Key Infrastructure (PKI) for security
" S- d# M1 F) Z. t& S- B( H4 }1.5 American National Standards Institute (ANSI)
' m+ C1 c8 P) O# C2 i4 qLike the other standards organizations, ANSI has working groups which work on specific standards, and update them as necessary. The most relevant ANSI standards for interoperability of AMI systems include:
8 B0 q3 w& `* Y• ANSI C12.19 (metering “tables” internal to the meter). This document is currently under revision
. |- }: t) y5 Q• ANSI C12.22 (communications for metering tables)1 e6 [2 c) `4 V" A
1.6 National Institute of Standards and Technology (NIST)# Y9 L1 {6 |& ^4 p
NIST has developed Special Publications in the 800 series which provide documents of general interest to the computer security community. These are more guidelines than standards, but are very important for moving toward secure interoperability. Two documents of particular interest for the Smart Grid are:1 v8 L& m7 u) t7 k ^5 r3 A u
• NIST SP-800-53: Recommended Security Controls for Federal Information Systems
& F4 h9 t) F- f' y+ y• NIST SP-800-82: Guide to Industrial Control Systems (ICS) Security g' c: e v# K1 t
1.7 North American Electric Reliability Corporation (NERC)
2 s- p" \: K* j' a H6 |NERC has recently issues security standards for the bulk power system. Although these security standards are explicitly for the bulk power system, it is clear that many of the requirements also apply to distribution and AMI systems, and may eventually become standards for these systems as well. The NERC CIP 002-009 Security Standards cover:
- A/ d: P/ H. ]: A" }• (2) Critical Cyber Asset Identification, (3) Security Management Controls, (4) Personnel and Training, (5) Electronic Security Perimeter(s), (6) Physical Security of Critical Cyber Assets, (7) Systems Security Management, (8) Incident Reporting and Response Planning, and (9) Recovery Plans for Critical Cyber Assets
5 A m1 C9 C. m' y1.8 World Wide Web Consortium (W3C)
1 J {& m9 _& G! `8 z7 SThe W3C develops interoperable technologies (specifications, guidelines, software, and tools) for the world wide web, including:
9 q2 N8 F8 |) p• HTML for web page design
4 m, O- G$ p# M• XML for structuring documents and other object models! {* S3 ]( f3 z* u: u" T& O2 V
• Web services for application-to-application communications, such as SOAP for transmitting data/ l* W, b$ ~( b( l2 U
1 `+ y6 L u- q; w2. Gaps in Infrastructure Information Standards
3 S/ K4 P0 t" K" H! r4 }7 L2.1 Distribution and DER Field Equipment Information Standards9 ~. [; m/ x% W7 V
Requirement for Standard Justification for Standard3 B& v6 z; ~- X9 ]3 u; V0 T9 l
1. Need to extend IEC 61850 to distribution automation. This is under development but does not have the impetus to move forward quickly. IEC 61850 is an information model, so it is widely seen as the best approach to communications with field equipment. Given that premise, the information model needs to be expanded into additional areas, including distribution automation.
C2 U4 r1 f& Q! B! DJustification for distribution automation includes increased reliability, increased efficiency, increased safety, decreased on-going costs (once it is implemented), and increased environmental benefits.
7 b2 t/ Y) I, g2. Need to extend IEC 61850 for more Distributed Energy Resource (DER) equipment. Currently IEC 61850-7-420 for DER covers wind (actually IEC 62400-25), photovoltaic systems, fuel cells, diesel generators, batteries, and combined heat and power (CHP). Needs extension to PHEV, additional storage devices, microturbines, gas turbines, etc. IEC 61850-7-420 for DER has just been standardized and is being implemented (primarily in Europe), but needs to be expanded to other DER so that the full suite of DER devices can be covered by one information model-based protocol.
. J6 ~' w" r- x2 a! O, m3. Need to develop an IEC 61850-lite, in which the information models can be mapped to a protocol with less overhead than the current MMS-based mapping. Distribution automation and DER devices may have only narrowband communications channels or limited data exchanges due to data costs if telecommunication providers are providing the communication channels. In addition, some inexpensive devices (e.g. sensors, collectors, or “software agents”) may not want or need to implement the full IEC 61850 capabilities, in order to minimize compute constraints or development costs.
# N/ X+ [' m9 S& \4. Need to ensure AMI communications systems use open standards capable of interfacing to DER and distribution automation equipment. ANSI C12.22 is being revised, Europe uses DLMS/COSEM, and AMI vendors are frantically developing their systems over a wide range of media, from PLC, to BPL, to Zigbee meshed radios, to UtiliNet radios, to GPRS, etc, etc. Since AMI systems are going to become widespread, they will inevitably want to be used for more than meter reading or other purely metering functions. They could be used for monitoring DER at the customer site, for DA monitoring and possibly control, for access by third parties to gateways into the customer HAN, etc. Right now, AMI vendors are using proprietary or semi-proprietary communication protocols “just to get the AMI systems implemented”. The AMI systems should be able to handle, at a minimum, the IEC 61850 object models mapped to an “appropriate” protocol (possibly IEC 61850-lite when it is developed).) r4 o! W. ?1 @
, j9 f/ e' S9 a" {! W7 _& F
2.2 Customer Site – AMI, Gateways, and HAN Information Standards
/ f1 K) d/ _" z3 m# ~% dRequirement for Standard Justification for Standard( Q" I/ v3 \, F* ?# w! E
1. Review possible constraints in the current finalizing of ANSI C12.22 for communications with the meter. ANSI C12.22 is being revised, but there are concerns that the results may not meet the requirement to base standards on broader information models – the results may be too metering-only focused (i.e. too focused on ANSI C12.19 metering). Since AMI systems are going to become widespread, they will inevitably want to be used for more than meter reading or other purely metering functions. (see above)6 `' H4 p# c1 H% R9 E4 A
2. Move toward AMI/HAN standards, based on the OpenHAN specification. The OpenHAN specification (not a standard) was recently developed, but currently there is no actual standard for this interface between the AMI system and the HAN The AMI systems have their own (often proprietary or based on ANSI C12.22) communication standards to the meter. Within the HAN, HomePlug and Zigbee have standards, but are now working together to develop Zigbee Smart Energy Profile
' u% N h- Q# u: R3 f' G3. Work with Zigbee Smart Energy Profile working group to ensure the information model is complete or can utilize the IEC 61850 information model and/or the CIM information model. Zigbee Smart Energy Profile for the HAN environment is being developed, but may not yet understand the breadth of requirements that it may ultimately have to handle. This means that the requirements across the AMI/HAN gateway need to be understood, described, and converted into information models.. E+ p9 P$ L1 y' M6 |% K
2.3 Transmission Field Equipment Information Standards. y) ~9 p7 D* V+ E; d
Requirement for Standard Justification for Standard5 [/ l+ j8 j- `9 J
1. Complete Wide-Area Phasor Measurement monitoring standards. Work is on-going in this area but is not complete. Wide area phasor measurements can provide early warning of potential problems as well as input to make rapid (~ 4 ms) control actions to mitigate emergency conditions.
& l; ]+ v$ k( M+ ~0 B: i+ z/ q2. Extend IEC 61850 between substations. Some protective relaying and certain other functions require communications between substations, for which 61850 should be used. IEC 61850 is designed to be used within substations. However, functions such as protective relaying need to communicate between substations. The same protocol should be used for this function.
. N2 O' M% h5 u/ y3. Extend IEC 61850 from the substation to the control center. Since the data in the substation uses the 61850 information model, this data should be reported to the control center using the same information model. IEC 61850 models all the equipment and functions in the substation. If those models could be brought back to the control center, then this same powerful information model would be used for SCADA and other applications, thus minimizing translations and expensive and data maintenance activities that sometimes lead to insecure and/or unsafe situations.% }; T* O7 l+ {
2.4 Utility Enterprise Information Standards/ q$ h. r) G& D8 y2 B( V
Requirement for Standard Justification for Standard
% f; F* y& d F4 E1. Develop Interoperability Standards for the IEC 61970 Common Information Model (CIM). The CIM for transmission (IEC 61970) does not specify formats or messaging methods for exchanging CIM information, thereby requiring each implementation to develop their own formats and messaging requirements. The IEC 61970 CIM for transmission is strictly an abstract model with no standardized mechanism for mapping the information model to communication formats and messages, thus making different implementation not interoperable. If CIM format and messaging standards were developed, then CIM implementations could be interoperable.
8 X+ k, ~& S( E* |. y: Y2. Revise and update parts of IEC 61968 Common Information Model (CIM) for distribution. CIM for distribution has recently developed some messaging schemes for exchanging CIM information interoperably. However, earlier parts of IEC 61968 do not yet have interoperable messaging schemes. The IEC 61968 CIM for distribution is currently not usable except for the very latest part (Part 9), since the messaging schemes and the CIM model were not well enough defined to allow vendors to implement them. However, if these older parts are revised, then interoperability of the messages may be achieved. These revisions are in the IEC TC57 WG14 roadmap, but will need significant effort to achieve.
2 g4 V3 Q- h* m4 _+ H3. Expand IEC 61968 CIM for DER and PHEV. Although IEC 61850-7-420 for DER has been completed (with more DER models still pending, including PHEV), no CIM models for any DER or PHEV have yet been developed. IEC 61850 is designed for field communications, while CIM is for enterprise communications. Therefore, CIM models need to carry the 61850 models of DER into the enterprise.
$ j$ N! G$ f: s6 F D4. Expand MultiSpeak. MultiSpeak, developed by NRECA and very successfully implemented for many smaller utilities, is being expanded as version 4, with more updates to come. MultiSpeak meets the requirements of the smaller utilities very effectively, but needs to be expanded to meet additional requirements for more functionality, more flexibility, more use of information modeling techniques, and more compatibility with IEC 61968.. G% ^) @1 W! p
$ |; c( n" X& b: ]
/ ^' y* x0 R9 F( A3 E0 k
3. Cross-Domain Standards% Y: C/ ~2 G: z! ]/ Z; H: O
3.1 Cyber Security Standards9 N2 I7 c1 {# \2 u: t7 X
Requirement for Standard Justification for Standard
( _2 d0 w$ Z2 z" n3 f4 [1. Extend NERC CIP 002-009 to Distribution and AMI. Although explicitly for transmission, and using an asset-based approach which may not always be applicable, the NERC CIP still has very powerful requirements. In particular, these requirements can be used by utilities to develop the security policies that are critical for true security.
r$ M z9 H: {2 T9 e2. Complete the IEC 62351-8 Role-Based Access Control (RBAC). RBAC is a general security concept for managing access to information and assets. The RBAC model for utilities is being standardized in the IEC. RBAC should be used for managing access to all information and assets, but needs both standards and guidelines for clarity and interoperability particularly across different security domains.
- \& {! S( _9 t$ g* W4 P5 F3. Complete the IEC 62351-7 Network and System Management (NSM). NSM monitors not only communication networks, but also systems, applications, and databases. The main purpose of NSM is to detect anomalies which could be intrusions, mistakes, or failures, but which could adversely affect the operation of the grid. In the August 2003 blackout, although the initial cause was equipment failure, the real cause was lack of information flowing to where it was supposed to flow due primarily to mistakes.
0 M, ^2 g6 x( Y* O% k% j6 N2 y4. Develop Key Management Strategies. Key management of the millions of devices and meters is becoming a critical issue, since truck rolls are too expensive for manual key entry, and some communication infrastructures may not be adequate for handling key updates. Cyber security is only as good as the secrecy of the cyber keys used not only for encryption but also just for authentication. Key management over narrowband communication channels to inexpensive end devices needs resolution and standardization.
/ s5 l, `# k3 U5. Develop more detailed security requirements for AMI systems. AMI-SEC has developed high level security requirements for AMI systems, but these are not detailed enough to provide explicit security requirements for different functions using the AMI systems. AMI systems are becoming an enormous communications infrastructure that reach into all customer sites. Ensuring that these AMI systems are truly secure enough for the different functions that can be performed across them, is critical. That assurance can only come from more detailed security requirements linked to the different functions.
! r3 X* D' p+ F$ ^1 G$ A) L) O; ~6 n: z9 {! Y9 ?" u
3.2 Standards Interoperability and Conformance Testing
5 U z9 I( l7 R% _+ sRequirement for Standard Justification for Standard
) }8 d, S, t8 v) `' b1. Perform interoperability testing for IEC 61968-9. Interoperability testing is planned for this part in late 2009. Interoperability testing, along with conformance testing, is the best method for confirming that a standard is performing correctly and actually doing what it is supposed to do. These tests can also feed back to the standards group on issues where the standards are unclear, missing, or incorrect.
( I7 Q" K6 @& n4 X2. Perform conformance and interoperability testing of IEC 62351 security standards. Testing is the most effective way to ensure that these security standards actually provide the level of security expected. Any issues, such as security holes or inconsistencies, can be fed back to the standards group.
! j5 @$ ~8 e" _; L4. Smart Grid Applications – Guidelines and Metrics+ o$ J# C& X; i& s
4.1 Smart Grid Definition+ V- u/ W) L/ Y
The Energy Independence and Security Act of December 2007 defines the Smart Grid as follows:
0 G3 [' v( a" Y* r) q5 K; F“It is the policy of the United States to support the modernization of the Nation's electricity transmission and distribution system to maintain a reliable and secure electricity infrastructure that can meet future demand growth and to achieve each of the following, which together characterize a Smart Grid: : B8 f6 q6 N. r. x
(1) Increased use of digital information and controls technology to improve reliability, security, and efficiency of the electric grid.
% Y% e6 t2 e/ R(2) Dynamic optimization of grid operations and resources, with full cyber-security. ' y( J" |# b0 A" k
(3) Deployment and integration of distributed resources and generation, including renewable resources.
( R- w1 O0 f/ l! T) D; z(4) Development and incorporation of demand response, demand-side resources, and energy-efficiency resources. 8 l" x) R+ [0 M M0 y0 V
(5) Deployment of `smart' technologies (real-time, automated, interactive technologies that optimize the physical operation of appliances and consumer devices) for metering, communications concerning grid operations and status, and distribution automation. 3 D7 T' `4 E- a t
(6) Integration of `smart' appliances and consumer devices. ; L' @7 b9 H0 @0 s s$ n
(7) Deployment and integration of advanced electricity storage and peak-shaving technologies, including plug-in electric and hybrid electric vehicles, and thermal-storage air conditioning.
& W0 s6 J. o- S5 B4 h; i4 a(8) Provision to consumers of timely information and control options. ( N/ R" W. _! a( v/ W2 o& D B% d
(9) Development of standards for communication and interoperability of appliances and equipment connected to the electric grid, including the infrastructure serving the grid.
1 @6 E. G A1 w: g7 b+ \" Y(10) Identification and lowering of unreasonable or unnecessary barriers to adoption of smart grid technologies, practices, and services.”
1 s( J6 D7 N7 ]) l/ W, i8 J' B1 d1 E
4.2 Smart Grid Applications: l; r# s6 \, w4 J# _( n% q5 h
Applications actually drive the requirements for the infrastructure information standards. However, they themselves should not be standardized, since standards should apply across interfaces, not within software applications. However, many guidelines could be developed on what functions will benefit the Smart Grid by:
3 B; X0 N. q0 w! }# ~+ K• Improving power system reliability& ` Y* p" ?0 f
• Improving power system efficiency
0 L3 p/ d9 A1 @, x6 ~• Improving cyber security and safety; n. ^% \$ W( R$ _
• Decreasing costs within a defined timeframe
6 i' Q [. k4 f• Minimizing the impact on the environment
% Y7 U2 k% {/ P0 BMetrics should be developed to determine the “smart gridedness” of different functions which claim to further these goals. |
|
赣公网安备36040302000210号 )|网站地图
狗仔卡
发表于 2009-5-20 11:05:16
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡