Smart Grid: Field Area Network Multi-Service Architecture and BC Hydro Case Study

Smart Grid: Field Area Network Multi-Service
Architecture and BC Hydro Case Study

BRKARC-2008
Presentation_ID © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 1
Cisco Connected Energy
Renewable
Smart Energy Energy
Markets Smart Grid
the
energy network
pla�orm
Industrial
U�lity
Opera�ons Smart Buildings
Smart Homes
Presentation_ID © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco GridBlocks™
Reference Model
§  Describes the power delivery chain
§  Architectures detail networking each
of the eleven tiers in this model
§  Results in a complete end-to-end
architecture for converged power
delivery chain communications
§  Framework for
‒  Integrating legacy devices
‒  Using existing products in new ways
‒  Integrating new ecosystem partners
‒  Developing new products and services
§  Provides a platform for innovation
Field Area Network Applications
Micro Genera�on
EV Charging Sta�on
Distribu�on / Feeder Automa�on

Recloser Controls, Cap Bank Controls, Voltage
Regulator, Sensors
Advanced
Transmission and Distribu�on Substa�ons C&I Services: Metering Metering
Demand Response Infrastructure
Generic
Connected Grid Router 2010 and Telemetry
Connected Grid Switches 2520 Business Area Network Applications
Industrial / Commercial customers
Substa�on Automa�on Field / Neighborhood Area Network (FAN / NAN)
Cisco Field Area Network Vision
Enable pervasive monitoring and control of energy distribution networks to enhance
energy delivery and build a low carbon society.
DG DA AMI
Business Business Business
Application
1 Application
2 ApplicationN
Software,
Business Business Business
Application Application Application
#1 #2 #N
Application Infrastructure
Services
Converged Network
Network Existing
Infrastructure
Existing
Infrastructure
Existing
Infrastructure
Devices
dedicated dedicated dedicated
devices devices devices
Converged network layer based on open

Existing proprietary vertical applications… standards and common data models
§  Leverage Cisco IP communications solutions to build a secure, scalable, and

multi-service FAN architecture
§  Drive open standards for interoperability to accelerate application innovation
and reduce technology risk
§  Provide a platform for distributed intelligence
§  Facilitate migration of current infrastructure to IP communications
Multi-Service Field Area Networks
MDMS Load Control DMS
DRMS SCADA
AMI
Cisco Connected Grid
Head-‐end CG-‐NMS Security and Network
Management
Substa�on 2G/3G/LTE
WAN Tier
Ethernet, Cisco Connected Grid
WiMAX Router 1000 Series

NAN Tier
Cisco Connected Grid
Endpoint
RF Mesh Protec�on and
Neighborhood Area Network Control Networks
Work Force
Automa�on
AMI Metering / Transformer Distribu�on EV Charging Direct Load Gas / Water Meters Distributed SCADA Protec�on and Direct Connect
HAN Gateway Monitoring Automa�on Infrastructure Control Genera�on Control Network AMI Meters
Open Standards Reference Model
Web Services/EXI SNMP, IPfix, IEC 61968 CIM

Layer
App.
IEEE
DNS, NTP, ANSI C12.19/C12.22 IEC 61850 IEC 60870 DNP MODBUS
HTTPS/CoAP 1888
SSH,… DLMS COSEM
TCP/UDP
Functionality Functionality
Comm. Network Layer
Network
Routing – RPL IPv6 / IPv4 Addressing, Multicast, QoS, Security
802.1x / EAP-TLS based Access Control Solution

6LoWPAN (RFC 6282) IETF RFC 2464 IETF RFC 5072 IETF RFC 5121
PHY / MAC
IEEE 802.15.4 IEEE 802.15.4e MAC enhancements

MAC IEEE 802.15.4e MAC IEEE P1901.2 MAC IEEE 802.3 IEEE 802.16
IEEE 802.11 2G / 3G / LTE
IEEE 802.15.4 IEEE 802.15.4g IEEE P1901.2 Wi-Fi Ethernet WiMax
Cellular
2.4GHz DSSS (FSK, DSSS, OFDM) PHY
O  Standardization at all levels to ensure interoperability and reduce technology risk for utilities
O  Enables common application layer services over various wired and wireless communication
technologies
902-928 MHz RF Mesh
IEEE 802.15.4g Smart Utility Network (SUN)
Vision: Drive industry to embrace open standards and interoperability.

‒  Reduce technology risk
‒  Facilitate connectivity for 3rd party devices and applications
§  Quality of Service (QoS) IPv6 RF Mesh
§  Enterprise Network Security

§  Scalable Network Management
§  Spatial re-use for more effective bandwidth
§  Maximum 5,000 meters per CGR1000
§  Average 200ms latency per hop
‒  Range between 20ms and 500ms
Cisco Connected Grid Endpoint
O  PHY layer – IEEE 802.15.4g Smart Utility Network (SUN)
IPv6 communica�on stack
O  Operating Band: 902-928 MHz
Open standards based
O  Number of Channels: 64
Small footprint O  Channel Spacing: 400 kHz
Portable O  Modulation Method: Binary FSK
O  Baud Rate: 150 kbaud/sec
O  Bit Rate: 75 kbits/sec after overhead from Convolutional FEC
CoAP
O  Output Power: 30 dBm
UDP O  MAC layer – IEEE 802.15.4e compliant

Mesh Rou�ng: RPL O  Enhanced Beacon and Beacon Request for network discovery
IPv6 O  Enhanced secure ACK
802.1x / EAP-‐TLS
O  Extensive use of Information Elements
based Access Control Solu�on O  Communicating channel hopping information
Adapta�on: 6lowpan (RFC 6282) O  RSSI information
MAC: IEEE 802.15.4e O  Global time synchronization
FHSS
PHY: IEEE 802.15.4g O  Novel channel hopping scheme
MR-‐FSK
O  Per-node hopping sequence for maximum channel diversity
O  Overlaid hopping sequence for multicasts
Worldwide RFID UHF Map*
Europe
865,6 – 867,6 MHz
North America
United States, Canada,
China
China Korea
Korea
Mexico, Puerto Rico 910– 914 MHz
902 – 928 MHz Turkey 840,5 – 844,5 MHz
865,6 – 867,6 MHz 920,5 – 925,5 MHz
Japan
Japan
Iran 952– 955 MHz
865 – 868 MHz
Taiwan
Taiwan
Thailand
Thailand 922– 928 MHz
Israel 920– 925 MHz
915– 917 MHz
Hong Kong
Hong Kong
United Arab
United Arab 865 – 868 MHz
920 – 925 MHz
Emirates
865,6 – 867,6 MHz
India
India
865 – 867 MHz
Malaysia
Malaysia Vietnam
Vietnam
South
South America
America 919 – 923 MHz
866 – 869 MHz
Argentina, Chile,
Argentina, Chile, 920 – 925 MHz
Costa Rica,
Costa Rica,
Dominican Republic,
Dominican Republic,
Singapore
Singapore New
New Zealand
Zealand
Peru, Uruguay
Peru, Uruguay 864 – 868 MHz
866 – 869 MHz
902 – 928 MHz
Brazil 920 – 925 MHz
902 – 907,5 MHz
915 – 928 MHz
Australia
Australia
920 – 926 MHz
South
South Africa
Africa
865,6 – 867,6 MHz
915,4 – 919 MHz
Copyright © 2011 AGILLOX GmbH
* Data based on GS1 EPCglobal dated 5 Jan 2009. Accuracy not guaranteed. Subject to change.
What is 6LoWPAN
§  IETF WG – IPv6 over Low power Wireless Personal Area Networks
‒  Adaptation layer for IPv6 over IEEE 802.15.4
‒  Also adopted by IEEE P1901.2 PLC, Bluetooth Low Energy, DECT Ultra Low
Energy (ULE)
§  Header Compression Format for IPv6 Datagrams in 6LoWPAN Networks
‒  Before 15.4g, 15.4 only supports 127 bytes frame size
‒  Even if 15.4g enables larger frame size, bandwidth optimization is still required
‒  RFC 6282 obsoletes RFC 4944
§  Fragmentation
‒  on IPv6, fragmentation is handled on end-nodes or by Layer 2
Low Power and Lossy Networks (LLNs)
§  Networks made up of many embedded devices with limited power,
memory, and processing resources.
‒  Such as smart meters, actuators, relays, sensors, etc
§  Can be interconnected by a variety of data links, such as
‒  IEEE 802.15.4, IEEE P1901.2 PLC, Bluetooth, IEEE 802.11ah, DECT LE, etc.
§  LLNs have at least 5 distinguishing characteristics requiring a specific IP
routing protocol to be designed
‒  LLNs operate with a hard, very small bound on state.
‒  In most cases, LLN optimize for saving energy – new routing metric needed
‒  Typical traffic patterns are not simply Unicast flows (e.g. in some cases most if not all
traffic can be point to multipoint).
‒  In most cases, LLNs will be employed over link layers with restricted frame-sizes, thus a
routing protocol for LLNs should be specifically adapted for such link layers
‒  LLN routing protocols have to be very careful when trading off efficiency for generality;
many LLN nodes do not have resources to waste.
IETF RoLL WG
§  IETF WG Formed in Jan 2008 and already re-chartered
‒ http://www.ietf.org/html.charters/roll-charter.html
‒ Co-chairs: JP Vasseur (Cisco), David Culler (UC Berkeley)
§  Mission: To define routing solutions for LLNs
§  First, documented the Use Cases and Applications requirements
‒  RFC 5548 – Urban (include Smart Metering)
‒  RFC 5673 – Industrial
‒  RFC 5826 – Home Automation
‒  RFC 5867 – Building Automation
§  Then, selected and specified the routing protocol for LLNs
‒  IPv6 Routing Protocol for LLNs (RPL) adopted as WG document from several
proposals
RPL Implementation
SCEP
O  Rou�ng protocol for Low CG-Mesh nodes:
implement RPL non-storing
Power and Lossy Networks mode
(LLNs) Public IP Infrastructure

A collec�on of RFCs to cover all CGR 1000: RPL
cases Root DAG (Direct
Acyclic Graph)
O  RPL is a Distance Vector
rou�ng protocol RPL Rank 1
New rou�ng metric: Energy,

RPL Rank 2
latency, link reliability, node
state, link color,…
O  As other IP rou�ng IEEE 802.15.4g
Neighborhood Area
protocols, RPL support a Network: RPL domain
variety of data links

IEEE 802.15.4, IEEE P1901.2,
Bluetooth LE, IEEE 802.11ah,…
IETF RoLL documents
Published RFCs:
§  RFC 6206: The Trickle Algorithm
§  RFC 6550: RPL – IPv6 Routing Protocol for Low-Power and Lossy Networks
§  RFC 6551: Routing Metrics Used for Path Calculation in LLNs
§  RFC 6552: Objective Function Zero for RPL
§  RFC 6553: RPL Option for Carrying RPL Information in Data-Plane Datagrams
§  RFC 6554: An IPv6 Routing Header for Source Routing with RPL
Additional Drafts:
§  draft-ietf-roll-trickle-mcast: Multicast Forwarding Using Trickle
§  draft-ietf-roll-minrank-hysteresis: The Minimum Rank with Hysteresis OF
§  draft-ietf-roll-p2p-rpl: Reactive Discovery of P2P Routes in LLNs
Multicasting in CG-Mesh
IPv6 Multicast over tunnel for

Each CGR 1000
CG End-points software
registers to Multicast
upgrade
group for its specific CG-
Mesh domain
O  IPv6 Mul�cast between the CG-‐NMS or CE and the CG-‐
Mesh Endpoints when performing
Public IP Infrastructure
O  so�ware upgrade of the Endpoints
O  Demand reset messages
O  Demand response messages (could be more than CGR 1000 software upgrade is
one group for this per meter) unicast from CG-NMS
O  Targeted pings (group of meters on a given feeder
for ex)
CG Endpoints software
O  Group of meters with same read �me/cycle upgrade over CG-Mesh is
O  Each PAN is a mul�cast group with the unicast-‐prefix-‐ initially sent through
based mul�cast address (RFC 3306) layer-2 broadcast
O  Each CGR 1000 run MLDv2 with Head-‐end router
O  Head-‐end router routes (PIMv6 SSM) all mul�cast traffic
to the unicast-‐prefix-‐based mul�cast address to the CGR
1000 (MLDv2)
O  CGR 1000 mul�cast agent receive the mul�cast packets
and Layer 2 broadcast into the mesh
CoAP (Constrained Application Protocol)

Client Server Client Server
§  IETF CoRE WG | | | |
| CON tid=47 | | CON tid=53 |
§  Device constraints | GET /foo | | GET /baz |
+---------------->| +---------------->|
‒ Microcontrollers | | | |
| ACK tid=47 | | ACK tid=53 |
‒ Limited RAM and ROM | 200 "<temp... | | 404 "Not... |
|<----------------+ |<----------------+
§  Network Constraints | | | |
‒ Low data rate

§  Request/Response
§  Small Message
Overhead
§  Supports Multicast
§  Supports Asynchronous
Messaging
Standards Timeline
Standard Term Source Description Status
CoAP (Constrained Application IETF CoRE WG Compact and efficient messaging in

Draft 0.9 Published March 2012
Protocol) (Draft) the spirit of REST over HTTP
RPL (Routing Protocol for Low- IETF ROLL WG Routing protocol under completion in Approved March 2011
Power and Lossy Networks) (Standard) IETF ROLL RFCs published
IETF 6LoWPAN WG Adaptation layer for IPv6 over IEEE Approved March 2011
6LoWPAN (RFC 6282)
(Standard) 802.15.4 links RFC Published Sep. 2011
IEEE Draft for NarrowBand Power Line

P1901.2 Letter ballot in April 2012
(Draft) Communications
Standard for 802.15.4 MAC

IEEE
802.15.4e extensions including low-energy Approved January 2012
(Standard)
operation
IEEE Standard for 802.15.4 PHY for Smart

802.15.4g Approved May 2012
(Standard) Utility Networks (SUN)
Cisco 1000 Series Connected Grid Routers
o  Meets IEC 61850-‐3 and IEEE1613 standards
o  Integrated security for NERC/CIP compliance
o  Modular chassis, 2-‐4 Slots, rugged modules
o  Gigabit fiber and/or copper Ethernet WAN
o  Integrated Serial ports
o  Connected Grid Intelligence
Based on Connected Grid Opera�ng System (CG-‐OS)
O  Flexible infrastructure to host lightweight 3rd party applica�ons
Pervasive Security Mul�-‐Service Resiliency End-‐to-‐End Manageability
Cer�ficate-‐based iden�ty Quality of Service No moving parts Remote diagnos�c tools
802.1x Access Control Segmenta�on & Priori�za�on of IEC 61850-‐3, IEEE 1613 Comprehensive Network &
Control & DA traffic Security Management
AMI/DA Mesh Security Industrial grade components
SCADA protocol transla�on Device Manager for field
IPSec VPN Automa�c failover from DC to AC PS
technicians
(indoor model)
Industry standard CLI
Automa�c failover from AC to
ba�ery (outdoor model)
Cisco 1240 Connected Grid Router
Outdoor Model (Pole Mounted)
GPS Antenna
Ba�ery
Backup
Ethernet Switch 2GE

WAN (Cu or SFP), 4FE
LAN
2 RS 232 / RS 485

Ruggedized, IP67 Ethernet (RJ-‐45)
Serial ports
connector
4 Module Slots
Integrated Antennas for: RF Mesh, Liquid Tight (IP67)

WiMAX, 2G/3G, WiFi Adapter
§  Estimated Dimensions: 30.5 cm (H) x 20.3 cm (W) x 19 cm (D) = 12” (H) x 8.0” (W) x 7.5” (D
§  Antennas shown above are optional; can be deployed with external antennas
Cisco 1120 Connected Grid Router
Indoor Model (Din-Rail Mounted)
Fiber WAN 2 Ethernet Switch 2GE Serial Console &
GE SFP WAN, 6FE RS-‐232, Alarm ports
RS-‐485
Integrated AC &

3 Phase AC input DC PS DC input
O  Substa�on Hardened
GPS Antenna Wi-‐Fi Antenna §  IEC61850-‐3 and IEEE1613 compliant
§  Fixed Memory
§  Din-‐rail mounted
O  Convec�on Cooled
§  No fans and/or moving parts
§  Increased Opera�ng Temp
§  Dimensions:
§  8.9 cm (H) x 22.9 cm (W) x 20 cm (D) =
Slot 1 Module Slots Slot 2 3.5” (H) x 9.0” (W) x 7.8” (D)
CGR 1000 Modules
WAN Modules

2G/3G Module: i) GSM, GPRS, EDGE, UMTS, HSPA+ ii) CDMA
WiMAX (802.16e): 1.8, 2.3, 3.65 GHz bands

NAN (Meter side) Modules

902-‐928 MHz RF (802.15.4g/e)
§  WAN and NAN will be interchangeable between outdoor and indoor
models of CGR 1000 Series platforms
Connected Grid Network Management
End-to-End Monitoring and Control
The Connected Grid NMS Solution
provides grid operators
O  Scalable, Utility Ops communication
management
O  Enterprise-class visibility for up to 10M
endpoints
O  Secure network commissioning,
monitoring and life cycle management
via well-defined interfaces
O  Integration with Utility Operations and
Enterprise Bus
The Cisco Connected Grid Device

Manager provides
O  Device level network monitoring and
troubleshooting
Cisco Connected Grid Device Manager
CGR1240 Deployed on
a pole top
Wi-Fi
Ethernet
Windows (Laptop) based Element Management Tool

Status Monitoring functionality
Troubleshooting functionality
System:
System: O  HW inventory (Serial No, Modules, Battery)
O  Firmware Upgrade O  SW information (SW config, SW image version)
O  Load new SW configuration O  Export detailed log information
O  Power cycle device
O  Ping / Trace route to head end / meters to verify connectivity Interface:
O  Interface State (IP address, up/down, L2 / L3 Connectivity)
O  Interface counters (Packets sent / received, errors)
Interface: O  3G WAN: 3G connection state / SP information
O  Reset interface
Security functionality
O  X.509 Certificate based Authentication / Authorization
O  Command set (user role), DAP-id, visit parameters digitally signed by Utility CA: Role Based Access Control
O  Logging of commands issued, user-id, time stamps, visit parameters (for audit records): Accounting
Connected Grid Network & Security Management
Enabling Connected Grid & Operational Transformation
Energy Mgmt Pricing Billing

Eco System Partner – Control & Operations Systems
Grid Control & Monitoring Customer Service Mgmt
API API API API
Asset Mgmt Outage Info Geographic Info
Eco System Partner – Applications
Distribution Mgmt Meter Data Mgmt SIEM
API API API API
Event Correlation Configuration AAA Performance Security

Cisco CG Network & Security Management
Fault Events Image Upgrades Compliance Access Control
Distribution Enterprise Residential

Power Transmission Substation
Generation Substation Customer Customer
Connected Grid Network Management System
GIS Visualization Framework
Connected Grid Network & Security Management
# Function CG NMS Capabilities (Release 1)
1 Secure Zero Touch Deployment Field Area Routers and Itron Meters/Comm module
2 Asset Visualization (on GIS) Grouping, Template based Configuration & Role based Access Control
Security Management – Secure access (https), Role Based Access Control,

3
Field / Outdoor device Command / Firmware image signature, HSM for Key storage
Mesh, WAN Backhaul (Cellular, WiMax, Ethernet)
4 Performance Monitoring (on GIS)
Exception reporting (based on threshold levels)
Fault and Outage events – Field Area Routers & Meters
5
Communication Network Meter Outage event de-duplication / filtering
Specific Device firmware updates to routers
6 Device Firmware Management
Mass scale firmware update to Meters
On-Demand device path trace, ping to any Meter & FAR
7 Diagnostics & Troubleshooting
On-Demand device status pull
AMI Head End (MDM, SIEM, OMS, )
8 North Bound API
Enterprise Bus, Manager-of-Managers, etc
9 High Avail & Scalability 10M AMI Meter AMI or up to 50K FAR Backhaul Network
FAN Topology: Wide Area Network (WAN)
OpenWay CE Cisco CG-‐NMS
SCADA
NTP source
AAA, DNS, Grid
DHCPv6 Services State
Directory
DB DB Services
Cer�ficate Historian
Authority OMS DMS
Provisioning Router: Configured as IOS

SCEP
Head End Routers: aggregate
Certificate Server in Registration Authority
mode; acts as a proxy to CA Server in the
WAN connections and terminate
backend for scalable automated certificate the VPN tunnels coming from
enrollment for meters and FARs Cisco ASR1000 various Field Area Routers
Broad WAN
Data Integrity and technologies: Cellular
Privacy: IPSec encryp�on Public IP Infrastructure
over WAN backhaul Private IP Infrastructure (GPRS/3G/LTE, CDMA),
Network owned and operated by service Network owned and operated by the Utility WiMax, Fiber/Ethernet
provider
Field Area Routers

Cisco CGR1240 Modular, ruggedized, mul�-‐ Cisco CGR1240
services, IPv4 & IPv6
Neighborhood
Neighborhood
Area Network
Neighborhood
Area Network … Area Network
N
1 2
FAN Topology: Network Operation Center (NOC)
CG-NMS: Network & security Management: supports browser based
clients, interface with CGR1000 & End Point/CM, and pushes configuration,
state information to DB repository - Configuration/Monitoring/Events/ SCADA
Firmware Grid
CG-NMS DB (Oracle) Stores all operational state, device configuration, State
network event alarm, performance metric, etc.
Cisco CG-‐NMS Historian
OMS DMS
DB
NTP Appliance: acts as AAA, DNS,
Stratum 1 timing source DHCPv6 Services IPAM, DHCPv6 and DNS: IPv4/IPv6
address allocation and naming: scale up to
Directory Cer�ficate 10M+ endpoints
Services Authority
Active Directory(AD) & Certificate AAA Server: scalable, high-performance
Authority (CA): for user & device policy system for authentication, user
identity management along with CA for access, and administrator access; ECC
certificate management Supports support for meters
Cryptography: ECC keys for certificate-
based authentication Public or Private IPv4/IPv6
LAN
IP Infrastructure IPv4/IPv6 Load Balancer: fronts
the Cisco CG-NMS and MDMS
Firewall + IPS Appliance: system - allows scaling across
primary firewall for securing the millions of meters
head-end infrastructure; optional
Locally connected
use of IPS module
Neighborhood DA devices (Ethernet / Serial*)
Secure handheld
with u�lity Area Network
technician RF Mesh
Connected Grid Security Principles
Access Control Threat Detec�on

and Mi�ga�on
Data Integrity, Privacy, Device and

and Confiden�ality Pla�orm Integrity
TRUST VISIBILITY RESILIENCE
Access Control
Purpose: Ensure that only authorized personnel are accessing the network and valid devices are
part of the grid network
Tools: Role-Based Access Control with i) username and passwords ii) X.509 certificate based
identities; RADIUS and TACACS+ protocols for Authentication, Authorization and Accounting (AAA)
for users and devices; Network Admission Control (NAC)
Used in FAN and AMI for:
§  Authenticating and authorizing field technicians or operations center staff before they can view or
configure devices, track changes made (RBAC)
§  Authenticating every device and application connected to the grid—routers, switches, servers,
workstations, IEDs, reclosers
§  Mutually authenticating meters, field area routers and head-end systems used for smart metering
—relying on strong certificate based identities
§  Posture-assessing laptops, workstations, servers to detect any viruses or worms before allowing
access to the network, forcing remediation such as installing software patches or updating anti-
virus database
Secure Device Iden�ty via Digital Cer�ficates
Access Control Strong User Iden��es with Role-‐Based Access

Mutual Authen�ca�on, Authoriza�on,
and Accoun�ng for Each User and Device
Control Center, SCADA Security Services AMI Head-‐End Data Center, Enterprise
Directory Services Apps
SCADA Intrusion SIEM
Cer�ficate Authority Preven�on
HES
OMS DMS MDM DB
Access Control NMS
System Control Tier

Public or
Private WAN
FAN Aggrega�on Layer Within Substation Tier

Substa�on Automa�on Network
Substa�on Automa�on
Router (SAR)
Fiber
or WiM
AX Distribution Tier—L1
NAN
Mobile Serial + Ethernet (RF or PLC Mesh) Wired or Wireless
Workforce
Distribution Tier—L2
Distribu�on Automa�on Devices Smart Meters
Network Admission Control
Access Control
Posture Assessment and Remedia�on
(Patch Management, AV Version)
An�-‐Virus and An�-‐Malware Protec�on
SCADA Iden�ty SIEM
Cer�ficate Authority Services
Engine HES
OMS DMS MDM DB
Access Control NMS
Public or
System Control Tier
Public
Private or
WAN
Private WAN

NAN
NAN
Mobile Serial + Ethernet (RF oor r PPLC
(RF LC M
Mesh)
esh) Wired or Wireless
Workforce
Data Confidentiality and Privacy
Purpose: Ensure data privacy and data integrity for customer data and data integrity and
confidentiality for technical data belonging to the utility
Tools: X.509 Certificate, IPSec with flexible VPN architectures, link-layer and application layer
encryption mechanisms, scalable crypto key management
Used in FAN and AMI for:
§  Secure generation and storage of encryption keys on all devices—meters, routers, application
servers such as AMI Head End, NMS
§  Encrypting all data traversing using IPSec over public networks between substations and control
center or between substations
§  Link-layer (mesh) encryption of data from meters to the field area routers and network layer
encryption from FAR to AMI Head End (IPSec)
§  (Optional) Application layer encryption of meter readings
Secure Storage for Encryp�on Keys
Data Confidentiality and Privacy Secure Encryp�on Keys (IPSec)

Links with Network-‐layer Encryp�on (IPSec)
SCADA SIEM
Intrusion
Cer�ficate Authority Preven�on HES
OMS DMS MDM DB
Access Control NMS
System Control Tier
Private WAN
FAN Aggrega�on Layer Within Public WAN Substation Tier

NAN
Serial + Ethernet (RF or PLC Mesh) Wired or Wireless

Secure Encryp�on Keys (Mesh)
Mesh With Link-‐layer Encryp�on Smart Meters
Secure Encryp�on Keys
Data Confidentiality and Privacy Applica�on Layer Encryp�on (C12.22, DLMS/COSEM)

Remote-‐Access with Encryp�on (TLS or SSL or IPSec )
SCADA SIEM
Intrusion
OMS DMS MDM DB
Access Control NMS
System Control Tier

Public or
Private WAN

NAN
Mobile
Workforce
Smart Meters
Threat Detection and Mitigation
Purpose: Protect critical assets against cyber attacks and insider threats
Tools: VRF and VLAN, access lists, Firewall and Intrusion Prevention (on routers and appliances),
device logs, SIEM
Used in FAN and SA for:
§  Logically segment and separate traffic—AMI vs. DA vs. mobile workforce
§  Use access-lists to filter traffic between segments/zones
§  Deploy firewalls to protect critical assets and create a layered network based on stricter
restrictions with increasing security levels
§  Detect network intrusions through use of IPS at critical points in the network. (Optional) customize
with SCADA IPS signatures
§  Collect logs across devices, meters, application and correlate with IPS events to identify security
incidents with SIEM, take mitigation steps
Network Segmenta�on
of Users and Devices
Threat Detection and Mitigation Data Separa�on Over Shared Links

Access Lists and Firewalls
SCADA SIEM
Intrusion
DMS OMS MDM DB
Access Control NMS
System Control Tier

Public or
Private WAN

NAN
Mobile Serial + Ethernet (RF or PLC Mesh) Wired or Wireless
Workforce
Time-‐Stamped Logs Across Devices
Threat Detection and Mitigation

IPS with SCADA Signatures
Security Incident Repor�ng Through
Log Correla�on and IPS Alerts
SCADA SIEM
Intrusion
DMS OMS MDM DB
Access Control NMS
System Control Tier

Public or
Private WAN

NAN
Device and Platform Integrity
Purpose: Ensure that devices and meters are cannot be compromised easily and are resistant to
cyber attacks
Tools: Tamper-resistant design, digitally signed firmware images, NIST-approved or equivalent

cryptographic algorithms, secure storage of cryptography credentials, secure code development
practices
Used in FAN and SA for:
§  Tamper-resistant design for meters and devices, trigger alerts on physical tampering, maintain
local audit trail for all sensitive events
§  Validate the authenticity and integrity of firmware upgraded on meters, routers and devices and
software patches on grid applications
§  Ensure the critical commands are not altered or corrupted
§  Use of rate-limiting and other throttling mechanisms against DoS attacks
§  Secure code development lifecycle including strong practices around publishing security
vulnerabilities, releasing workarounds
Digitally Signed Commands From
Head-‐End System (HES) to Meters
Device and Platform Integrity Authen�cated Data From Meter Registers

Digitally Signed Firmware Images
Apps
SCADA Directory Services Intrusion SIEM
Cer�ficate Authority Preven�on

HES
MDM DB
OMS DMS Access Control NMS
System Control Tier
Public or Substation Tier

FAN Aggrega�on Layer Within Private WAN
Mobile
Workforce NAN
(RF or PLC Mesh)
Serial + Ethernet Wired or Wireless
Smart Meters
Alliance built on strength
ITRON PROPRIETARY & CONFIDENTIAL

Summary
Cisco brings a comprehensive architecture and product
portfolio with pervasive network visibility and control
O  Security: Multi-layered, end-to-end security based on
NIST guidelines
O  Cost: Lower total cost of ownership by common IP
services over various communication technologies
O  Investment protection: Enable multiple applications on
common network
O  Operations: Simplified deployment, scalable network
management
O  Reliability: Self-healing capabilities for resilient
communications
BC Hydro Smart Meter Case Study
Agenda
§  Drivers for Smart Meters at BC Hydro

§  An architectural overview of BC Hydro’s Smart Meter network
§  Building the network for scalability and resilience
§  Securing the Smart Meter Infrastructure
§  Managing the Smart Meter Infrastructure
The BC Hydro System
§  Power Generation
‒  41 dam sites, 30 Hydro facilities,
9 thermal units
§  Transmission
‒  18,000 KM of transmission lines
(about 11,250 miles)
‒  260 substations, 22,000 steel towers
‒  One control center
‒  Interconnections to the US and Alberta
§  Distribution
‒  56,000 KM of distribution lines
(about 35,000 miles)
‒  About 900K poles and 300K transformers
Why the Need to Modernize?
Key Drivers
§  Demand on the power system has been steadily growing

‒  40% more power required in next 20 years
§  The current grid is based on mostly 20th century investments that
haven’t kept pace with current demands or technology
§  Smart Meters are essential to creating a more efficient electrical system
‒  Will lead to savings keeping rates among the lowest in North America.
§  “Conservation” is the new watchword in BC.
‒  Smart Meters will allow BC Hydro to manage the supply of power with a
smaller carbon footprint.
§  Smart Meters provide better control and monitoring of power use
throughout the grid.
Thomas Edison vs. Alexander Graham Bell
§  Would Graham Bell recognize what to do with an iPhone today?
§  Would Thomas Edison recognize the equipment used in a power grid?
Why the Need to Modernize?
Reduction of Power Theft
§  BC is well known for the proliferation of home marijuana grow-ops

‒  Often involves power theft.
§  An example of a neighborhood transformer that was being used by a
grow-op home.
“If there’s anything that will have a single dramatic
effect on public safety issues due to grow-ops in
the province of British Columbia, it will be the
installation of Smart Meters.”
Chief Len Garis
Surrey Fire Chief
Program Scope
BC Hydro
Customer Portal
Program Scope
What Makes BC Hydro so Unique?
Comparison of World-Wide Smart Meter Deployments
38,000,000 50,000,000
10,800,000
4,600,000
450,000
2011: 106 Million

2012: 140 Million
IPv6 Makes BC Hydro’s SMI Unique
A First of It’s Kind . . . Anywhere
§  Although many power utilities have deployed

Smart Meter Infrastructures, BC Hydro will be
the first to use an IP network to manage them.
§  2 Million meters isn’t a huge number compared
with some of the bigger utilities across the world
§  BC Hydro is the first utility in the world to use
Cisco’s Field Area Router (CGR) and Smart
Meter Field Area Network (FAN) architecture.
‒  BC Hydro was now faced with the challenge of
building an IPv6 network able of supporting 2M
routable addresses in a secure, resilient, and
manageable way. That’s something truly unique.
Agenda

§  The High Level Architecture
§  IP Routing Design of the Smart Meter Infrastructure
A Two Phase Deployment
O  Phase 1 – Deploy CGRs with IPv4 O  Phase 2 – SMI Network Becomes

‒  CGRs will be deployed using IPv4 on IPv6 Enabled
WAN only ‒  All smart meters will be software
‒  Smart Meters are non-IP devices in this upgraded to support an IPv6 stack (a
phase Cisco protocol stack)
‒  The CGR will act as an IPv4 proxy to the ‒  At this point the meters become
Itron Openway management system “Connected Grid Endpoints”
(C1222r is encapsulated in IP at the ‒  CGRs will become IPv6 routers
CGR.
‒  IPv6 will be tunneled through IPv4
tunnels
‒  CG-NMS will expand to managing both
the CGRs and the meter network
interfaces
Key Design Requirements
Basic SMI System Requirements
1.  Scalability:
‒  Need to support 2 million IPv6 Smart Meters
2.  Wireless Backhaul Flexibility:
‒  Field Area Routers will be mounted on pole tops
‒  Must support flexible wireless backhaul (3G, WiMax, and Satellite)
3.  Throughput Requirements:
‒  Meter reads only generate a few Kb of data traffic
‒  Periodic polling and software upgrades will require higher data capabilities
‒  Support for multi-service (meters plus other Distribution Automation devices)
Basic SMI System Requirements
4.  Security Requirements

Communications between the meters and the NOC must be be highly secure -
both authenticated and encrypted.
5.  Network Stability and Resiliency
‒  Meters reads only happen a few times a day, and the routers are capable of
caching communications between
‒  However, the Smart Meter Infrastructure (SMI) will also be used for other
devices attached to the grid.
Distribution / Feeder Automation Support
Recloser Control and Capacitor

Bank Automation
Feeder Meter
Smart Meters
Transformer Meter
The High Level
Architecture of Phase 1
The SMI Access Layer Design
O  CGR has uplink options (3G,
WiMax, or Satellite).
O  CGR has an IPSec encrypted GRE
tunnel to ASRs 1006 router in
Tunnel Aggregation layer
O  ASR is not restricted to any
particular backhaul – any of these
are acceptable (any CGR can
access any ASR).
O  Meters form a RPL WPAN Mesh
and register with the CGR.
Design target is 2,000 meters per
CGR mesh.

The SMI Tunnel Aggregation Layer Design
500 CGRs are homed to each ASR 1006
O  Each ASR 1006 is a hub router for
500 Field Area Routers (hub and
spoke design).
O  Notice that the CGRs are single-
homed back to an ASR 1006.
‒  The ASR 1006 is used because of
scalability for this solution, and it’s
inherent redundancy (dual RPs, ESP,
Power Supplies.
‒  The final design requires each CGR
to dual home with second a GRE/
IPSec tunnel to a remote DR site.
The SMI Distribution Layer Design
O  The Tunnel Aggregation routers use a

physical full mesh connection to the
distribution layer.
O  The SMI network is firewalled from the
core network with a pair of ASA firewalls.
O  Key Functional Requirements:
‒  Tunnel Provisioning Server (TPS)
‒  Registration Authority (ISR 3945)
Agenda

§  The High Level Design
Building the Network for Scalability and
Resiliency - Challenges
1.  Network Resiliency:
‒  Need to support 2 million IPv6 endpoints and 1,700 access routers
‒  Network is required to support Distribution/Feeder Automation
on the Smart Grid
‒  Support for physical network redundancy
2.  Choosing and Tweaking the Right Routing Protocols:
‒  Not all IGPs are suited to every network topology
‒  Must support the “flappy” nature of wireless backhaul networks
3.  Engineering the network for fast convergence and stability
‒  Addressing network failure detection
‒  Choosing the right IGP timers
Physical Redundancy Necessitates an
Dynamic Routing Protocol §  Future use of a DR site
ASR Tunnel required a dynamic routing
Aggregation Layer protocol to be used.
Routers
§  If no DR is used, then all
CGRs can utilize a default
static route through the
GRE/IPSec tunnels to the
SMI network.
§  Which protocol to choose?
§  OSPF?
§  EIGRP?
IPv6 Routing at the Access / Aggregation Layer
Each ASR 1K runs a separate OSPF process
ASR Tunnel Aggregation

Layer Routers

OSPF Totally
Stubby Areas OSPF Totally
Stubby Areas
CGRs with Dual

GRE Tunnels
Why OSPF?
§  Traditionally, OSPF is rarely used in hub and spoke environments:
‒  OSPF, like IS-IS, is a Link State IGP
‒  Uses the concept of Link State Advertisement (LSA) flooding to update
adjacent routers of a topology change.
‒  When an LSA is flooded, every router in the area receives a copy of the LSA,
and must recalculate it’s shortest path first (SPF) topology.
‒  This can be problematic in wireless backhaul networks that tend to flap and
lose a lot packets.
§  Other protocols are better suited to hub and spoke topologies, but also
have drawbacks:
‒  Protocols like EIGRP are not an open standard, and in this case was not an
option for BC Hydro.
‒  eBGP to each CGR would have worked, but is not supported in CGOS.
Some Questions about OSPF Needed to be
Answered . . .
§  How many spokes per hub could we support?
§  How many CGRs should be used per OSPF area?
§  Would OSPF be stable in a lossy, flapping wireless network?
§  How could we limit LSA flooding, and in turn SPF recalculations on
the ASRs, and the CGRs?
§  Scaling to these kinds of numbers has never been done before.
Testing Methodology
Testing conducted in Brussels TAC FAST Team Labs, February 2012
§  Simulated a hub-and-spoke

network with OSPF, 3 areas
§  ASR 1006 with RP2 used as
hub router
§  Simulated 1,000 spokes with
ISR 3945e routers running
125 VRFs each (one OSPF
process per VRF)
§  Average 3 routes per spoke
§  One CGR which was dual-
homed
Testing Results – ASR Performance
Test Results Showing ASR Performance once OSPF is First Enabled
§  CPU Spiked to 80% only

temporarily
§  Most of the time, CPU
was less than 50%
§  Approx 80% of routes Learned Routes
CPU
were learned in just over
1 minute
§  1000 CGRs were
completely functional
with IPSec in about 180
seconds.
Network Stability is achieved

Testing Results – CGR Performance
Similar Results to ASR
Learned Routes
CPU
Testing Results – Simulating a Network Flap
Test Results Showing ASR Performance during a network flap
§  Simulated a flap of 25% of

the routes (750 routes)
§  Within 60 seconds, route
have been relearned Learned Routes
§  CPU never spiked above
CPU
50%
Results Summary
§  ASR and CGR are powerful enough to support OSPF of handling this
hub and spoke topology in a wireless network.
§  Use 4 areas per ASR, 500 spokes per ASR
§  Tuning of OSPF LSA and SPF timers is required:
‒  Allows network to still converge while thousands of LSA are being flooded
timers throttle spf 200 1000 5000

timers throttle lsa 0 5000 5000
Two Useful Features to Promote Stability
§  Interface Dampening (facing toward core)
‒  A flapping interface can be very bad for routing protocols (causes needless
LSA flapping)
‒  Interface Dampening allows IOS to assign an increasing “penalty” to an
interface as it continues to flap (similar to BGP dampening)
§  Carrier Delay
‒  Deafult is 2 seconds – this is a delay in letting the routing process know the
interface has gone down, reducing the convergence time.
interface GigabitEthernet a/b/c
dampening
description <description>
carrier-delay 0
negotiation auto
ip address <address> <mask>
Routing at the Distribution Layer
Static Routes:
ASA Firewalls O  Default route northbound
O  Summarized routes SMI southbound
iBGP Between the Distribution Routers:

O  Use Private AS Assignment
ASR Distribution
eBGP Between the Distribution and

Aggregation Layers:
O  Use private AS assignment
O  Redistribute each OSPF process from
tunnel aggregation routers into eBGP
O  Use BGP MED for traffic engineering
O  All ASRs at agg layer use same AS,
giving a natural filtering mechanism.
Agenda

Zero Touch Deployment (ZTD) Components
1.  ASR Router at head end: Network infrastructure to terminate CGR IPSec
tunnel and provide a routing path to Utility DC where application are hosted.
2.  Backhaul network: access network used to transport IPSec traffic between
the CGR and the Head-end.
3.  CG-NMS:
‒  Provision most of the CGR configuration once the CGR is connected to the network
‒  Manage the CGR once fully registered
4.  Provisioning Server: acts as a proxy on-behalf of the CG-NMS during CGR
tunnel provisioning process. Allows CG-NMS to remain hidden in the DC.
5.  DHCP Server: provide IP addresses to CG-NMS when building CGR
configuration

Phase 1: Factory Config
§  Phase 1 Happens in Itron facility where all the CGR's arrive once
manufactured by Cisco
§  Minimum configuration is done so the CGR can trigger its registration
process once deployed in the field:
‒  WAN interface configuration
‒  Utility CA Truspoint (Trustpoint for BC Hydro’s CA Server)
‒  Copy / paste of BC Hydro’s Utility certificate
‒  NTP / Clock / Timezone configuration
‒  Call-home configuration so the CGR can contact the PS automatically
Phase 2: Tunnel provisioning
1.  Once deployed on the pole, CGR will activate its WAN interface.
2.  Once it received an IP address from the backhaul SP it will
trigger the SCEP enrollment to get its LDevID certificate
3.  After receiving its certificate (called LDevID), it will contact the
Provisioning Server via HTTPS to get its tunnel configuration.
4.  PS will proxy the request to CG-NMS which will generate the
tunnel configuration.
5.  The new configuration is pushed back to the CGR via the PS.
6.  CG-NMS will also generate and pushe the tunnel configuration
for the ASR1k which will terminate the CGR IPSec tunnel.
Zero Touch Deployment – Simple Certificate
Enrollment Process (SCEP)
Data Center 1
DMZ
Certificate Registration
Authority 4 Authority ASR
Headend
Router WAN
Backhaul
CGR1000
2 5
<meter-list>
1. CGR Communicates with RA to ask for a new certificate

Blah
Blah
Blah
…
</meter-list>
2. RA Requests a new certificate on behalf of the CGR
AAA 3. MS CA authenticates this CGR against AAA
3
LDAP 4. AAA server refers to the LDAP to confirm this CGR’s ID
5. The new “LDevID” certificate is generated and passed back
to the CGR via the RA
Phase 3: Final registration
1.  CGR now is able to establish the IPSec tunnel with the ASR 1K
2.  Once the tunnel UP, CGR contacts CG-NMS directly and will
register itself
3.  CGR is fully registered and monitored by CG-NMS
4.  Meters can now reach the Itron Collection Engine
SCEP Enrollment Process
Example of Tunnel Template Generated by CGNMS
Template-Driven Router Configuration
Agenda

Summary of Data Center Components
Application Type Element Purpose
Each Meter exists in LDAP as an entity, and
Directory Services LDAP
will need to authenticate to the network
Provides IPv6 address to all meters, and to
DHCP Infoblox
network tunnel endpoints (ASRs and CGRs)
Certificate Authority MS CA Issues certificates to the meters and CGRs
Meter Authentication AAA Server Authenticates the meters against LDAP

Device
Cisco ACS AAA services for network devices
Authentication
Manages all CGRs and Meter NICs
Network Manager CG-NMS
(Connected Grid Endpoints)
Itron Performs periodic meter reads and software
Meter Management
OpenWay management
Network Management Solution Overview
Oracle DB Server
§  CG-NMS resides in the
data center, and is typically CG-NMS
fronted by a load balancer
Load Balancer
(ACE 4710 or module) NB-API
ASR
§  CG-NMS has a web and
application front end, and
uses an Oracle DB on the Net Admin
backend.
§  CG-NMS manages both the
Provisioning
CGRs and the meters Server
themselves CGR
CGR
CG-NMS Monitoring
Managing the CGRs via the GPS Location Function
Monitoring the Mesh Endpoints
Using CG-NMS for Firmware Upgrades
§  Admin organizes devices into “firmware groups” which share

the same firmware image
§  Admin uploads a new firmware image file into CGNMS
§  Admin selects a firmware group and assigns the new firmware
image to the group
§  CG-NMS pushes out that firmware image to all the group
members in the background, and tracks to ensure completion
§  Mesh devices are updated via multicast groups that
correspond to firmware groups
Summary
§  BC Hydro’s SMI deployment is a foundation for all Cisco SMI

deployments moving forward.
§  This network is built for multi-service (meters and DA applications)
§  The solution is innovative on many fronts:
‒  1st IPv6 SMI network in the world
‒  1st large-scale use of RPL
‒  Huge scale of routing protocols
§  This works, and is now a proven technology
Complete Your Online
Session Evaluation
§  Give us your feedback and you
could win fabulous prizes.
Winners announced daily.
§  Receive 20 Passport points for each
session evaluation you complete.
§  Complete your session evaluation
online now (open a browser through
our wireless network to access our Don’t forget to activate your
portal) or visit one of the Internet Cisco Live Virtual account for access to
all session material, communities, and
stations throughout the Convention
on-demand and live activities throughout
Center. the year. Activate your account at the
Cisco booth in the World of Solutions or visit
www.ciscolive.com.

Smart Grid: Field Area Network Multi-Service Architecture and BC Hydro Case Study

Uploaded by

Copyright:

Available Formats

Smart Grid: Field Area Network Multi-Service Architecture and BC Hydro Case Study

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Smart Grid: Field Area Network Multi-Service Architecture and BC Hydro Case Study

Uploaded by

Copyright:

Available Formats

Smart Grid: Field Area Network Multi-Service

Architecture and BC Hydro Case Study

§ Provides a platform for innovation

Distribu�on / Feeder Automa�on

Substa�on Automa�on Field / Neighborhood Area Network (FAN / NAN)

Converged network layer based on open

§ Leverage Cisco IP communications solutions to build a secure, scalable, and

Web Services/EXI SNMP, IPfix, IEC 61968 CIM

Routing – RPL IPv6 / IPv4 Addressing, Multicast, QoS, Security

802.1x / EAP-TLS based Access Control Solution

IEEE 802.15.4 IEEE 802.15.4e MAC enhancements

Vision: Drive industry to embrace open standards and interoperability.

§ Quality of Service (QoS) IPv6 RF Mesh

§ Enterprise Network Security

UDP O MAC layer – IEEE 802.15.4e compliant

Copyright © 2011 AGILLOX GmbH

(LLNs) Public IP Infrastructure

New rou�ng metric: Energy,

variety of data links

IPv6 Multicast over tunnel for

‒ Low data rate

CoAP (Constrained Application IETF CoRE WG Compact and efficient messaging in

IEEE Draft for NarrowBand Power Line

Standard for 802.15.4 MAC

IEEE Standard for 802.15.4 PHY for Smart

Pervasive Security Mul�-­‐Service Resiliency End-­‐to-­‐End Manageability

Ethernet Switch 2GE

2 RS 232 / RS 485

Integrated Antennas for: RF Mesh, Liquid Tight (IP67)

Integrated AC &

The Cisco Connected Grid Device

Windows (Laptop) based Element Management Tool

Energy Mgmt Pricing Billing

API API API API

Event Correlation Configuration AAA Performance Security

Distribution Enterprise Residential

Security Management – Secure access (https), Role Based Access Control,

Provisioning Router: Configured as IOS

Field Area Routers

Access Control Threat Detec�on

Data Integrity, Privacy, Device and

TRUST VISIBILITY RESILIENCE

Used in FAN and AMI for:

Access Control Strong User Iden��es with Role-­‐Based Access

System Control Tier

FAN Aggrega�on Layer Within Substation Tier

Distribu�on Automa�on Devices Smart Meters

FAN Aggrega�on Layer Within Substation Tier

Distribu�on Automa�on Devices Smart Meters

Used in FAN and AMI for:

§ (Optional) Application layer encryption of meter readings

Data Confidentiality and Privacy Secure Encryp�on Keys (IPSec)

System Control Tier

FAN Aggrega�on Layer Within Public WAN Substation Tier

Secure Storage for Encryp�on Keys

Data Confidentiality and Privacy Applica�on Layer Encryp�on (C12.22, DLMS/COSEM)

System Control Tier

FAN Aggrega�on Layer Within Substation Tier

Used in FAN and SA for:

§  Provides a platform for innovation

§  Leverage Cisco IP communications solutions to build a secure, scalable, and

§  Quality of Service (QoS) IPv6 RF Mesh

§  Enterprise Network Security

UDP O  MAC layer – IEEE 802.15.4e compliant

‒ Low data rate

Pervasive Security Mul�-‐Service Resiliency End-‐to-‐End Manageability

Access Control Strong User Iden��es with Role-‐Based Access

§  (Optional) Application layer encryption of meter readings

§  Use access-lists to filter traffic between segments/zones

§  Ensure the critical commands are not altered or corrupted

§  Drivers for Smart Meters at BC Hydro

§  Demand on the power system has been steadily growing

§  BC is well known for the proliferation of home marijuana grow-ops

§  Although many power utilities have deployed

§  Drivers for Smart Meters at BC Hydro

O  Phase 1 – Deploy CGRs with IPv4 O  Phase 2 – SMI Network Becomes

4.  Security Requirements

O  The Tunnel Aggregation routers use a

§  Drivers for Smart Meters at BC Hydro

§  Simulated a hub-and-spoke

§  CPU Spiked to 80% only

§  Simulated a flap of 25% of

§  CPU never spiked above

§  Drivers for Smart Meters at BC Hydro

§  Drivers for Smart Meters at BC Hydro

§  Admin organizes devices into “firmware groups” which share

§  BC Hydro’s SMI deployment is a foundation for all Cisco SMI