Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement.

PID#

CLOUD-ENABLED SMART INFRASTRUCTURE

GovSec WESTPhoenix, Arizona

Ernie Hayden CISSP CEHManaging Principal – Energy SecurityNovember 2011

Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 2

Agenda

• What Do We Mean by “Smart Infrastructure?”• Convergence – The New Theme• Reminder: What is Cloud Computing?• Why a Cloud-Enabled Smart Infrastructure?• Current Examples and Issues• Conclusion• Q&A

Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 3

Smart Infrastructure

• Smart Grid• Smart Oilfield (aka Digital Oilfield)• Intelligent Water and Gas Systems• Etc…

Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 4

Convergence In Progress

Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 5

What is Cloud Computing?

• Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction– 5 Essential Characteristics– 3 Service Models– 4 Deployment Models

Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 6

NIST Cloud Model

Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 7

Cloud Computing Characteristics

• Agility• Application Program Interface (API)

Provisioning• Cost/Economics• Method of Outsourcing• Device and Location Independence• Reliability• Scalability• Performance• Security• Maintenance

• Multi-Tenancy…allows:– Centralization– Peak-load capability– Utilization and efficiency

Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 8

Cloud Layers

Application(Software as a Service)

SaaS

Platform(Platform as a Service)

PaaS

Infrastructure(Infrastructure as a Service)

IaaS

Complete ApplicationsCustomizable w/in

Limits

No Need to DirectlyManage OS, Databases,Etc. APIs for Building

High-level Apps

No Need to PurchaseOr Manage Physical

Data Center Equipment

Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 9

Cloud Provisioning

Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 10

Cloud Deployments

Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 11

Why a Cloud-Enabled Smart Infrastructure?

Customer•

DistributedAnd Renewable

Energy

PhysicalSystemDesign

Sensors and

Grid Control

Open andUbiquitousCommunication

Worker of the Future

Regulatory Policyand Rule-making

New Devices

and Systems

Data, Analytics, and Information

Smart Grid Opportunity

Smart Meters and Communications

Open StandardsBased Integration

Demand Response

Enterprise Integration

Custom Applications

Consumer Portal

MobileDiagnostics

TrendingDatabases

UsageAnalytics Analytics

& MobileDelivery

More Granular Data Holds Promise of EnablingFaster and More Informed Decision Making

• Operational Improvements

• Improved Economics

Reference: “Smart Grid Cloud Computing & Protocols,” A. Roychowdhury, Connectivity Week, 2010

Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 12

Smart Grid -- Types of Data

• Smart Meters, SynchroPhasors– Interval Data– Time-series in Nature – 15 Minutes for Meters; Every Second for

SynchroPhasors– Basically In-memory Technologies

• Offline Data– Buffered Data Stored Off Line– Used for:

• Static Analysis• Mining• Tracing and Backtesting

Preferences:

Avoid ReprocessingExisting Data

Avoid Latency Impacts

Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 13

Digital Oilfield -- Data Generation/Use

• Instrumentation on Well Head, Pipelines– Flows, Pressures, Temperatures– Production Surveillance

• Instrumentation on Facilities– Oil/Water Flows– Gas Flow, Gas Composition– Storage Tank Conditions– Separator Levels– Valve Positions/Conditions– Goal: Remote Real-Time Monitoring & Control

• Automation System Alerts, Alarms, Setpoints• Communications Systems

– WAN, Radio, Cellular• Applications for Above

– E.g, Visualization and Modeling– Automation

• Data Analysis – Trending - Forensics

Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 14

Uses for Smart Meter Data

• Billing for Standard Rates• Billing for Dynamic or Other Time-

Based Rates• Presentation to the Customer

(Portal)• Used in Outage Management• Analyzed to Determine Customer

Consumption Patterns• Load Profiling• Analysis for “Unique Uses” and

“Unique Patterns”

• Used for Evaluation of Energy Efficiency Programs

• Analyzed to Support Capital Planning for T&D Infrastructure

• Determine Power Quality• Analyzed to Determine Customer

Payment Behavior• Understand Customer Response to

Utility Programs

Source: IDC Energy Insights,

Business Strategy: Utility CIOs – Living in a Smart Grid World

(Document # EI225592, December 2010)

Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 15

Massive Amounts of Data

• SMART GRID– Example #1: United Kingdom

• 44M Homes 88M data entries per year• Under a new, 2-way, Smart Grid, new meters would create

32B data entries per year. (363 times more data per year!)– Example #2: Pacific Gas & Electric

• 170 MB of Data per Smart Meter per Year• 100,000 Meters 17 Terabytes per Year• Prediction for U.S. by 2019 100M Meters 100 Petabytes

generated during the next 10 years– Example #3: Gigaom Article

• “Utilities going to have to manage 9 times the data they do today”

• DIGITAL OILFIELD– Typical Well Generates 15 to 20 Data Streams

• Readings Every 1 to 15 Seconds• Assume Each Data Point is 100bytes• Calculates ~ 17 Mb/day per Well

– Seismic Interpretation Data Sets• 30 Attributes in One Example• 8 TB Data for Analysis

http://obiblog.files.wordpress.com/2008/08/data- pic.jpg

1 Petabyte is 1,000,000

Megabytes!

Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 16

Why the Cloud?

• Scalability• Flexibility• Cost Benefits• Cloud Computing Capabilities of IT

and Telecom Players• Improved Demand Response

Management• Active Consumer Participation• Enables New Products, Services and

Markets for UtilitiesThe cloud allows utilities to

focus on developing new business opportunities

while the carrier handles the infrastructure

Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 17

What Else to Consider?

• Performance/Latency– Data Volume and Processing Inefficiencies– Take Advantage of Elasticity and Scalability

• Privacy – Especially for Consumer Meters– Per IDC Energy Insights*

• “Privacy has emerged as the number one concern related to data security…”– State of California PUC Ruling on Smart Meter Privacy

• Compliance– EU Data Protection Directive/Canadian Data Privacy Rules/California PUC

• Cloud Vendor Management – Contract Management– Need for Increased IT Contract Negotiation Skills– SLA Enforcement– What About Moving from One Cloud Provider to Another?

• Security…

* IDC Energy, “Business Strategy: Utility CIOs – Living in a Smart Grid World, December 2010

Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 18

Cloud Security Issues

https://cloudsecurityalliance. org/csaguide.pdf

Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 19

Other Cloud Security Issues

• Sensitive Data Access• Data Segregation• Account Control• Bug Exploitation• Recovery• Accountability• Malicious Insiders• Management Console Security• Multi-tenancy Issues• Data DestructionAnd…• The Internet as a Weak Link

Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 20

Summary

• Collision of…– Smart Infrastructure– Data Analytics– Cloud Computing

• Tons of Data Being Generated• Need for Improved Data Services at Reduced

Latency• Service Provisioning Varies During the Day,

Week, Month, and Year• Need for Scalability, Resiliency, Flexibility and

Economic Cost• Hardest: New Means of Vendor Management• Security is Critical for Success

Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 21

Ernie Hayden CISSP CEH Managing Principal – Energy Security Verizon Global Energy & Utility Practice email: ernie.hayden@verizon.com Phone: 206-458-8761