Smart-LX® Automated Asset Monitoring Platform, a component of the "Security as a Service" suite offered by Agile Fractal Grid will be presenting at the 2018 Milsoft Users Conference, June 12th - 14th.
Download as PPTX, PDF0 likes71 views
The document discusses communications services as part of security as a service for the Milsoft conference. It summarizes an approach using decentralized secure message nodes for high availability and discusses transitioning to more edge computing with pods and poles. It also discusses hosted cloud and private cloud options and the security fabric dimensions including identity management, authentication, authorization, auditing, confidentiality, integrity and availability.
Smart-LX® Automated Asset Monitoring Platform, a component of the "Security as a Service" suite offered by Agile Fractal Grid will be presenting at the 2018 Milsoft Users Conference, June 12th - 14th.
- 1. Milsoft – Amelia Island June 12-14, 2018 Communications Services a part of Security as a Service
- 2. There is a growing realization of the coalescence of the power industry with the communications industry. The advancing features of the OT control system is a case in point.
- 3. The lesson from biology (and the Internet): Decentralize controls to the edges as much as possible. Laminar Control Nodes: Each fractal node balances the nodes below it somewhat selfishly – but accepts guidance recommendations from “the flock.” This implies transitioning to using more edge computing mechanisms like pods and poles.
- 4. Hosted Cloud Secure Virtual Environment Secure Message Node Some of you will want to participate in the new Milsoft approach to Security as a Service in your unified communications. Utility Operations Center Microgrid Substation Building AFG SIEMSMN D D Secure Message Node Private Cloud • Microservices • Edge collectors • Storage • Communications S S Private Facilities Situational Awareness Response Center 4 Secure Data Bus: • DDS Publish and Subscribe • AMQP asynchronous messaging • Uses decentralized Secure Message Nodes for high availability Security Fabric Dimensions: • Identity Management • Authentication • Authorization • Auditing • Confidentiality • Integrity • Availability Dvice D D D Milsoft Core Application Servers Partner Subsystems Secure Virtual Environment Secure Message Node Partner Core Application Servers S The Security Fabric skeleton brings simplicity to end-to-end Cybersecurity. Identity Nodes Firewalls Switches Clients APs The Secure Message Node provides for separate subnetworks for multitenant security. Optimizers BMS Savings as a Service SCADA Open API
- 5. Central Management Center Utility Operations Center Substation The OT instrumentation points are these: Local Event Collector Secure Message Node Optical Switch Substation Controller (e.g., Subnet) Switch BRT ILMD Terminal Server (e.g., SEL, Digi) IED (e.g., breaker) Firewall Secure Message Node Optical Switch Firewall Collaborators Secure Message Node Optical Switch Firewall Catcher Forwarding SCADA Outage Management System Central Event Collector Forwarding SIEMMod Sim CI2P Instrumentation in the OT communications network need to be of two types. Behaviour Sensor Behaviour Sensors Ingress egress
- 6. Smart Meter Capacitor Bank Line Sensor Battery Inverter DMS Head Ends SCADA Higher Tier Node Central Office (Utility Datacenter) Common Semantic Model Legacy Protocol Translation Legend Middle Tier Nodes (e.g. substation) Lower Tiers Nodes (e.g. grid) End Points Devices Legacy Protocol Adapter Common Data Model Field Message Bus (FMB) Client/Server Polling Pub/Sub Messaging The Open Field Message Bus (openFMB) framework implemented by Duke Energy is now the standard for the SGIP. Virtual Firewall MDM M - + Open API FMB protocol Legacy Protocol Adapter Common Data Model Open API FMB protocol Legacy Protocol Adapter Common Data Model Open API FMB protocol Breaker Relay Solar PV Inverter Modbus Open FMB IoT Protocol Legacy Protocol Adapter Common Data Model Open API FMB protocol OMSGIS
- 7. The Secure Message Bus contains services for both messaging and real-time publishing and subscribe. 7 We will start with COTS components like iSPEED.
- 8. The bigger picture addresses your entire infrastructure. ManagementS ervices Utility Node (local) Substation Small Cell • HetNet Gateway • Content Cache • Memory Cache • Protection Logic • S&F Uplink • Community Datacenter • Performance Data Capture • Configuration Synchronizer • Reference Data Replica • Time Sync Regional Data Hub • Configuration Synchronizer • Reference Data Replica • Analytical Data Marts • Time Sync10GB Dynamicbandwidth Allocation(Nx100GB) ParallelTransmission R • Small Cell Node • NAN Gateway • Sensor Gateway Peering Point Carrier Core Switching Centers Redundant Management Centers The community micro datacenter is at the utility where the electric power resides.
- 9. Let’s discuss the AFG OT communications services.
- 10. Let’s discuss the AFG OT communications services. Is anyone here planning to offer ancillary communications services to your members and customers?
- 11. The Typical Value Proposition If you have access to electricity then you should have access to modern communications services! • Cellular service from a choice of carriers • 5G Gigabit Internet – via fixed wireless • Television access from multiple providers – over the top of your broadband connection • Expanded Public Safety communications As a utility, you have infrastructure that can now be leveraged to support your members and customers that will be most appreciated.
- 12. Substation Server Mobile LTE Home Gateway and 5G Gigabit Wireless to the Home! Vehicle Infrastructure Google and Verizon have learned that Fiber to the Home is now passe. The new game in town is “Fiber to the Curb”… Evolving Core Bring Your Own Coverage w/ FirstNet Interconnect In 3GPP parlance, this is known as “Multiple Operators, Shared RAN” LTE 5G LTE LTELTE Fiber path through the neighborhood
- 13. Planned AFG Services Portfolio • Communications Access Services • 5G Broadband Services via Small Cell Distribution • Cellular Wireless Access Extended Coverage in your Area • Expansion of Streaming TV Services On Demand in your Area • Precision Agriculture Communications • Public Service Communications • Public Safety Backhaul • Education Networks • Medical Networks • Incident Management • Physical Safety Services • AFG Portal • An Amazon-like place for new services • Tech-You-Topia Education Center • Electric Power Services • Perfect Power for lower cost power for buildings through conditioning • Microgrid as a Service for the Community • Transactive Energy for selling excess power to others.
- 14. Lots of wireless carriers and cable companies • Power Grid Controls • Fixed Wireless DIA • Virtual Network Operators • Public Safety • V2X • Sensors We cooperate with macrocells. We will be supporting carriers’ coverage in your rural locales. BYOC This new coverage meshes well with any existing carrier LTE cell sites in your area.
- 15. Your cellular wireless infrastructure wants to work with you on this. Some want to save 30% on their electric bills through the use of Perfect Power operating at each cell tower. Some would like to be known as the first “Green Communications Carrier” in the United States. Some want Security as a Service
- 16. Some folks want to wire their buildings so they get the most out of both electric power optimization and 5G communications. Communications Point of Presence with local computation and storage service for IIoT microservices Combined Heat and Power Building Building Building Building Utilidor ~ 50 Buildings On Campus • Resilient standby Power per building • “Perfect Power” in each building • Gigabit wireless service inside each building and outdoors, too • Cellular amplification • Local computation racks for local businesses Building UPS storage 92% electric efficiency Gigabit Everywhere 5G Commercial real estate holdings can benefit from the economies of Perfect Power, and also a unified approach to indoor communications. CBRS
- 17. Sharing your infrastructure is also good for your local providers to expand their offerings. There is something in this for everyone, But it is a cooperative effort. Talk to us if you want to facilitate advanced communications throughout your customer base.
- 18. Discussion
- 19. There are three core items on our “fiber ready” checklist. • Provide information about existing infrastructure: We’re asking your group to provide accurate information about local infrastructure like utility poles, conduit and existing water, gas and electricity lines so we’d know where to efficiently place every foot of fiber. • Help ensure access to existing infrastructure: We’re asking you to help ensure that we, and other providers, can access existing infrastructure. It would be wasteful and disruptive to put up duplicate poles or to dig up streets unnecessarily, when we could use existing poles or conduit. • Help make construction speedy and predictable: We’re asking you to make sure you have efficient and predictable permit and construction processes appropriate for a project as large as the Agile Fractal Grid network build. This is just like Google Fiber, except it is optimized for the rural areas.
- 20. Thank You
Editor's Notes
- #2: Thank you all for joining us for this session about the AFG communication protfolio. I am Chuck Speicher Chairman of AFG and chief strategy officer. Some years back I was attending a charter meeting of SGIP in Chicago when the idea of a CoP was indeed the right approach for what we were about to begin. A CoP can evolve naturally because of the members' common interest in a particular domain or area, or it can be created deliberately with the goal of gaining knowledge related to a specific field. It is through the process of sharing information and experiences with the group that members learn from each other, and have an opportunity to develop personally and professionally and solve complex problems together.
- #3: So lets begin by sharing some interesting development that we have learned from our collaboration with the practitioners that are in posession of knowledge that is real applied knowledge that will shape influence and transform our future.
- #4: In fact one could speculate based on these factoids that cloud computing and edge computing will have to cooperate end to end in order to manage intelligent machines during state machine workflows for that matter all workflow structures to their completion as intelligent machines mature through their own capability maturity as in an autonomic control mode with human in the loop computing.
- #5: Our CoP produced this picture so lets share how this works in your own environments . The picture describes how we integrate end to end security from the Milsoft hosted cloud out to the edge of the network along with the components that secure the data and comms end to end with the zero trust model of Blackridge Technology along with a situationtional awareness response center that will deploy real action to recover during an attack or stop and attack before it starts. The deployment of re-engineered firmware in the killchain to seize control of admin SCADA devices and lock out command & control which was a tactic that was used in the Ukraine attack. Our partner Run Safe software has designed a solution to prevent that from happening. Lets discuss this picture in greater detail through your questions and inquiries , Questions?
- #6: Here we address the need to deploy two types of instruments form the sub station to the utlitiy OP CTR and then to the centrl management CTR as shown
- #7: This framework is a recent standard certified by NASBE. The work was iniitiated by Duke called the Colalition of the Willing headed by Stuart LavAlle and about 25 companies the Security fabric alliance contributed to the team’s work.
- #8: ISpeed has been commercially deployed throughout Europe for several years . We expect to use this for the secure data bus.
- #9: This picture came out of the collaboration of the security fabric alliance members that address the the convergence of data and comms for the advancemnett of the industrial internet, advanced controls of the electirc grid, high speed broadband and a myriad of services that will be realized for expanding the shared infrastrcture model and creating new sources of revenue for coops and the communities they serve.
- #12: The shared infrastructure model can be utilized within your service areas for driving unique value propositions for the community at large
- #13: Wireless technologies have advanced considerably in reducing cost,time to market and with a greater penetration rate which now supports an attractive new TCO for providers lowering the price bar to consumers.
- #14: The protfoilio is deep and far reaching in benefits across the community for economic development and sustainability.
- #15: AFG partnerships with wireless infrstrucutre providers like parrallel wireless American tower and others can facilitate a myriad of services supported by high speed wireless technology in broadband fixed wireless to advance new services like virtual network opearotrs public safety sensors and other new innovations that need comm infrastructure to support intelligent machines and the indsutrial internet.
- #16: This picture is just a snap shot of what the future holds for wireless advances.
- #17: Extending to commercial buildings in both urban and rural areas. Campus wide energy efficiency program will revolutionize how energy is consumed , stored and traded in a transactive world.