Communication and Cyber Security - indiasmartgrid.orgindiasmartgrid.org/event2017/10-03-2017/4. Roundtable on... · •New applications / new devices will be need to integrated during

Wi-SUN AllianceOpen-Standards based Secure, Interoperable

Communications for Smart Utility and Smart City Networks

Phil Beecher, Chair, Wi-SUN AllianceMarch 2017

Presentation Contents

• Introduction

• Standards and Interoperability

• What is Wi-SUN Alliance

• Wi-SUN Field Area Network Profile

• Collaboration

• Wi-SUN Membership

• 2 videos included

2Wi-SUN™ Alliance © 2017

Introduction

3Copyright © 2017 Wi-SUN™ Alliance

IoT Network Needs

• IoT networks need to function well in a variety of environments

• What works well inside, Home Area Network (HAN), will not necessarily work well outside, Field Area Network (FAN).

• Although network layer protocols are often the same, the communications needs are different


IoT Field Area Network Requirements

• Attributes for Field Area Networks include:– Highly Secure

– Easy to install and maintain (mesh, self organizing, self healing)

– Ability to scale easily to thousands of nodes

– Reliable and resilient (mesh, multiple channels, demonstrated interference tolerance)

– Energy Efficient (long battery life)

– Low Cost (open standard)

– Interoperability


FAN Requirements

• Added FAN Challenges over “in building” Networks:

– Longer Distances

– Terrain issues

– Weather

– Structures

– Foliage

– Need for Higher Data Rates• (latency and channel capacity)


Additional FAN Considerations

• Smart Utility and Smart City applications are often built independently, a piece at a time, and used for a long time

• New applications / new devices will be need to integrated during the lifetime of the network

• Many applications require sensors and actuators

• To meet these needs, Open Standards are essential, and…

• Certification programs are needed to ensure Multi-Vendor Interoperability


Standards and Interoperability


• In 2008 there were no wireless communications standards for Peer to Peer Field Area Networks

• Utilities were deploying large scale AMI networks

• There were a number of proprietary Field Area Network solutions; many were based on a common technology

A standard was needed - IEEE802.15.4g

Standards DevelopmentThe Need for IEEE 802.15.4g


• Initial Focus was on Smart Utility Network Communication

• Standard was optimised for Large Scale outdoor Wireless Mesh Networks – i.e. Field Area Networks

• Goal was to take proven technology and create a standard to meet FAN needs and allow interoperable products globally

• First published in March 2012 and revised in 2015

Standards DevelopmentIEEE 802.15.4g - Scope


• Features and Outcomes– Takes advantage of proven technology

– Backward compatibility with installed base of 10’s of millions of meters

– Great flexibility• Multiple data rates

• Robust error detection

• Optional forward error correction

• Support for ipv6 networks

– Support for Global and Regional frequency bands• 902-928 MHz in US and many other regions

• 920MHz Japan

• 868.3 MHz Europe

• 865 – 867 MHz - India – added in 2016, now published

IEEE 802.15.4g feature summary


Wireless Mesh Networks


• Specifying the full communications functionality for each “Smart” Application

– Options make interoperability more difficult to achieve

– 802.15.4g only specifies the PHY layer

• A testing and certification process

– IEEE802 writes standards, it does not describe testing

• An Industry Alliance provides the forum

– to select and document required options and features

– to define testing and certification

• The Wi-SUN Alliance addresses these challenges

What was still needed?


• Security Concerns– Loss of confidentiality: the unauthorized disclosure of information;

– Loss of integrity: the unauthorized modification or destruction of information

– Loss of availability: the disruption of access to the network or the data from the network.

• Challenges– IoT devices are often constrained, e.g. limited resources, limited

energy

– Many IoT devices have a limited user Interface

– IoT devices may be easily physically accessible

– Wireless Networks are difficult to physically protect:• They are easily overheard

• They can be interfered with

Cyber Security: Concerns and Challenges


• Message injection: an adversary injects bogus control information into the data stream.

Cyber Security: Attack Models (1)

• Eavesdropping: an attacker intercepts packets transmitted over the air for further cryptanalysis or traffic analysis.

• Traffic analysis: allows an attacker to determine that there is activity in the network, the location of the nodes, and the type of protocols being used.


• Message modification: a previously captured message is modified before being retransmitted

Cyber Security: Attack Models (2)

• Denial-of-Service (DoS) attacks: can be grouped into two categories

– Service degradation (e.g. collision attack), and

– Service disablement (e.g. jamming)

(Source: IN3-UOC 2014 seminar by Prof. A.A. Economides)

• Node capture: An embedded device is considered to be compromised when an attacker, through various means, gains control of the node itself. This could include physical tampering


• Determine risks posed by security breaches

• Choose security appropriate for application and implementation considerations, e.g.– How secure does it need to be?

– Are there regulations determining minimum security (e.g. Data protection laws)?

– Can application and implementation bear the complexity or energy consumption of the security method chosen for it?

– Can you afford NOT to implement appropriate level of security?

• Example is NISTIR 7628 – Produced by SGIP Security Working group

– defines “Guidelines for Smart Grid Cybersecurity”

– A comprehensive analysis including, use cases and threats, algorithms, key management for all communications networks in a Smart Grid.

Cyber Security Analysis


http://nvlpubs.nist.gov/nistpubs/ir/2014/NIST.IR.7628r1.pdf

Interoperability

• What is “Interoperability”?

- Ability of a system or a product to work with other systems or products

without special effort on the part of the customer. Interoperability is made

possible by the implementation of standards.

Source: IEEE Standards glossary

- In a world of converging yet diverse technologies, complex ICT systems must communicate and interwork on all levels – this is interoperability.

Source: ETSI

• What are the benefits of Interoperability?- Greater choice for users

- Confidence in product availability

- Manufacturers can benefit from the economies of scale that a wider market brings


What is the Wi-SUN Alliance?


• Established in April 2012

• Incorporated as Not for Profit Organization (501c) in Delaware, US

• Regional representation in Europe, India, Japan, Singapore

• 120 member companies including Product Vendors, Silicon Vendors, Software Companies Utilities, Government Institutions, Universities

• Specification of wireless communications networks based on IEEE 802.15.4g RF (and derivatives) and ipv6 / 6lowpan

• Defines testing and certification program for multi-vendor interoperable solutions

Wi-SUN Alliance Background

20

Wi-SUN Alliance Wi-SUNRF + MAC + Network +

securityWi-SUN AllianceTM

Wi-SUN CertifiedTM

Copyright © 2017 Wi-SUN™ Alliance

• Analog Devices

• CISCO Systems

• Itron

• Murata

• NICT

• Omron

• Renesas

• ROHM

• Silver Spring Networks

• Toshiba

Promoter Companies


80 Contributor Members

• A2UICT• Access• Adsol Nissin• ALPS• Altiux• Anritsu• Atmel• CM Engineering• Cyan Connode• Duke Energy• EDIC Systems• eFlow• Elster• Enverv• EPRI• Exegin Technologies• Freestyle• Fuji Electric• Fujitsu• Gridbee• Hitachi• IO Data• ISB corporation• Itron• Jemmic• Jet• Kalkitech• Kamstrup• Keysight technology• Kyoto University• Landis & Gyr• Lapis

• MCTalk• Megachips• Mitsubishi• Nagano Radio Systems• Nissin Systems• NEC• NTT• OKI• Oi Electric• Osaka Gas• Osaki Meters• OTSL• Panasonic• PG&E• Procubed• Purdue University• Rohde and Schwartz• Satori• Silicon Labs• Skyley Networks• Sumitomo• Taiyo Yuden• Tateyama• Tessera Technology• Texas Instruments• Tokyo Gas• Toshiba Toko Meter

Systems• UCC Tech• Ubiquitous• Worldpicom• YRP-IOT


• Observers

– JEMIC

– PowerTech Labs

– TELEC

– TUV

– UL

TELEC, TUV Rheinland are

Wi-SUN Approved Test Labs

5 Test Lab Members


• Communications Profile Definitions based on Open Standards for Field Area, IoT wireless networks.

• Interoperability Testing + Certification Authority for Peer to Peer Wireless Mesh networks based on IEEE 802.15.4g and IPv6.

• Current focus is on enabling multi-vendor FANs and communications for Smart City and Smart Utility Networks.

• Marketing support and training programs to promote understanding and adoption.

What Wi-SUN Alliance does not do…

• It is not a Standards Organization (serves a different role from IEEE, IETF)

• It does not specify Application Layer profiles

Wi-SUN Alliance Scope


Wi-SUN Alliance Organization

Board of Directors

Exec Committee

Marketing

Committee

Test &

Certification

Committee

Technical Steering

Committee

PHY WG

MAC WG

Interface WG

EN

ET

Pro

file

WG

FA

N P

rofile

WG

Domain Working

Groups

Focus on ensuring

consistency of

PHY/MAC/Transport

layers between profiles

Profile Working

Groups

Focus on specific

applications areas, and

develop profile

specifications RLM

M P

rofile

WG

JU

TA

Pro

file

WG

Oth

er

Pro

file

WG


Wi-SUN Profiles

• Develops technical specifications of Physical Layer (PHY) and Medium Access Control (MAC)layers, with Network layer as required

• Develop Interoperability test programs to ensure implementations are interoperable

• Physical layer specification is based on IEEE802.15.4g/4u/4v

• MAC layer may use different options depending on the application

• Profile specifications are categorized based on application types

Physical Radio (PHY)

Medium Access Control (MAC)

Application

IEEE 802.15.4g/4u/4v based PHY

MAC1 MAC2

PHY1 PHY2

Wi-SUN PHY layer

Wi-SUN MAC layer

Wi-SUN Network/Transport layer

Profile A Profile B

Network1Network / Transport

Wit

hin

th

e s

co

pe o

f

test

an

d c

ert

ific

ati

on


Profile Working Groups

• Focus on describing Communications layer functionality for specific applications:

– Home Area Network (HAN) Profile Working Group

– Field Area Network (FAN) Profile Working Group

– Resource-Limited Monitoring and Management (RLMM) Profile Working Group

– Japan Utility Telemetering Association (JUTA) Profile Working Group


28

Active Working Groups for Smart Utility Applications

SmartMeter

Data aggregation

WAN

Field Area Network (FAN), Communication between smart meters and distribution automation

Wi-SUN

Wi-SUN

FAN Working GroupHAN/HEMS

Working Group

SmartMeter

HEMS/HGW

Wi-SUN

Wi-SUN

“TEPCO B-route” : Communication between smart meter and HEMS

Home Area Network

FAN Working Group

• Co Chair: Cisco and Silver Spring Networks

• Feature complete specification is approved

• Supports IEEE802.15.4g/4e PHY/MAC, 6LowPAN, and IPv6

• Supports multi-hopping operation and frequency hopping

• Supports encryption (AES) and authentication (802.1x)

• Specification is standardized as ANSI 4957

HAN Working Group

• Chair: NICT, Technical Editor: Toshiba

• Specification is approved (Wi-SUN profile for ECHONET Lite)

• Support IEEE802.15.4g/4e PHY/MAC, 6LowPAN, and IPv6

• Support encryption (AES) and authentication(PANA)

• Specification is standardized as TTC JJ300.10


Wi-SUN Alliance Field Area Network Specification


Wi-SUN FAN Overview


Wi-SUN FAN Stack Overview

Application Layer

(Out of Scope)

IPv6 / ICMPv6 / RPL /

6LoWPAN

Physical Layer

OSI Layer

PHY

Network

UDP / TCPTransport

Session

Presentation

Application

Wi-SUN FAN

Data Link

MAC Sub-Layer

L2 MESH

LLC Sub-Layer

802.1X,

802.11i,

EAP-TLS

Security

ETSI-

TS-102-

887-2

FAN

Device

IPv6 protocol suite

• TCP/UDP

• 6LoWPAN Adaptation + Header Compression

• DHCPv6 for IP address management.

• Routing using RPL.

• ICMPv6.

• Unicast and Multicast forwarding.

MAC based on IEEE 802.15.4e + IE extensions

• Frequency hopping

• Discovery and Join

• Protocol Dispatch (IEEE 802.15.9)

• Several Frame Exchange patterns

• Optional Mesh Under routing (ANSI 4957.210).

PHY based on 802.15.4g

• Various data rates and regions

Security

• 802.1X/EAP-TLS/PKI Authentication.

• 802.11i Group Key Management

• Optional ETSI-TS-102-887-2 Node 2 Node Key Management

Supports a variety of IP based app protocols : DLMS/COSEM, ANSI C12.22, DNP3, IEC 60870-5-104, ModBus TCP, CoAP based management protocols.


Wi-SUN FAN Security

• 802.1X – based on Extensible Authentication Protocol (EAP), IETF RFC 2284

– Wi-SUN FAN uses EAP-TLS (RFC5216), provides mutual authentication

(authentication of server to client, in addition to client to server)

Source: http://what-when-how.com


Wi-SUN FAN Summary

• Open standards (IEEE and IETF)

• Simple infrastructure

• Low cost, low complexity

• Strong security (802.1x, 802.15.9)

• Proven technology

• Long range (Sub GHz)

• Reliable and resilient (Mesh network, Sub GHz, Channel Hopping)

• Energy friendly

• Robust certification program

• Multi-vendor interoperability

• Support for Global frequency bands


Collaboration


• No single organisation can support all possible IoT applications

• No single standard or set of standards can address all IoT application areas

• New applications research and “enabling technologies” is essential

• Standards organisations, Industry alliances and academic institutions will specialise in their own area(s) of expertise

• Collaboration between these stakeholders ensures– Understanding of appropriate technology for any particular application

– Understanding of technology gaps and advances to meet growing needs

– Interoperability of final products across protocol layers and applications

– Access to a broad base of skills and expertise for new, cross domain applications

Need for Collaboration


Collaboration with other organizations

• Wi-SUN Alliance focuses on the definition and testing of communications layers

• Collaborates with other Industry Alliances where appropriate to support Application Layer and heterogeneous network interoperability.

Wi-SUN

IEEE

TIA

Homeplug

Forum

ISGF

ECHONET

Open-ADR

JUTA

IETF


Wi-SUN Alliance Membership


• Promoter Membership– Direct the activities of the organisation– A seat on the Board of Directors– Final approval of specifications

• Contributor Membership– Monitor and contribute to technical profile specifications and test specifications– Input requirements to the certification program to ensure alignment with both currently

deployed systems and future needs– Attend member meetings and interoperability events– Develop and certify interoperable products based on open standards– Contribute to an eco-system of interoperable products

• Adopter Membership– Access to final, approved Wi-SUN profile specifications– Attend member meetings– Admission to targeted Wi-SUN Alliance interoperability events– Participation in alliance workshops and developers' conferences– Approved use of Wi-SUN Alliance logo on promotional materials– Access to Wi-SUN Alliance marketing collateral and e-newsletter– Access to a world-class ecosystem of members

Wi-SUN Membership Benefits


Thank you for your kind attentionAny questions?

http://www.wi-sun.org

Phil [email protected]


http://www.wi-sun.org/

Documents

Communication and Cyber Security - indiasmartgrid.orgindiasmartgrid.org/event2017/10-03-2017/4. Roundtable on... · •New applications / new devices will be need to integrated during