View
219
Download
1
Category
Preview:
Citation preview
Alain Fiocco
Sr. Director CTO Office
afiocco@cisco.com
© 2014 Cisco and/or its affiliates. All rights reserved.
afiocco IOT Dec
2014 Cisco Public
7.2 6.8 7.6
The Internet of Things Is Already Here
Rapid Adoption Rate of Digital Infrastructure: 5X Faster Than Electricity and Telephony
50 Billion
“Smart Objects”
50
2010 2015 2020
0
40
30
20
10
BIL
LIO
NS
OF
DE
VIC
ES
25
12.5
Inflection Point
TIMELINE
Source: Cisco IBSG, 2011
World Population
Cisco Confidential 3 © 2011 Cisco and/or its affiliates. All rights reserved.
PROCESS MANUFACTURING ENERGY
TRANSPORTATION CITIES RETAIL
© 2014 Cisco and/or its affiliates. All rights reserved.
afiocco IOT Dec
2014 Cisco Public
IoT Device Characteristics
© 2014 Cisco and/or its affiliates. All rights reserved.
afiocco IOT Dec
2014 Cisco Public
Assumptions & Constraints for Protocols
© 2014 Cisco and/or its affiliates. All rights reserved.
afiocco IOT Dec
2014 Cisco Public
Field Area Network (FAN)
Neighborhood Area Network
Wide Area Network
Field Area Network Router
6
© 2014 Cisco and/or its affiliates. All rights reserved.
afiocco IOT Dec
2014 Cisco Public
From To
IoT Architectural Philosophy
Standardized Networks (IP Based/ISO Stack)
Distributed Intelligence (e.g. Fog Computing)
Standardized Interfaces (Wireless/Wired)
Closed Systems
(Little external interaction)
Proprietary Networks (Usually layer 2 based)
Protocol Gateways (Inherently complex,
inefficient and fragmented
networks)
Various Protocols
(Modbus, SCADA, BACnet,
LON, HART)
© 2014 Cisco and/or its affiliates. All rights reserved.
afiocco IOT Dec
2014 Cisco Public
Convergence of Applications
Existing Proprietary Vertical
Applications and Networks
Business Application #1
Device #1
Business Application #2
Device #2
Business Application #3
Device #3
Network #1
Network #2
Network #3
Converged Network Based on Open
Standards and Common Data Models
Business Application #1
Device #1
Business Application #2
Device #2
Business Application #3
Device #3
Converged IP-Based Network
Converged Application Infrastructure
© 2014 Cisco and/or its affiliates. All rights reserved.
afiocco IOT Dec
2014 Cisco Public
Why Distribute Computing?
Traditional Computing Model (Terminal/Mainframe, Client-Server, Web)
Assumes Infinite, Bandwidth, 0 Delay
IoT Computing Model
Data Center/ Cloud
Endpoint
Assumes Limited Bandwidth, Variable Delay, and Intermittent Connectivity
Data Center/ Cloud
Device
Fog
Assumes Limited Bandwidth, Variable Delay, and Intermittent Connectivity
Speed of Light Latency-Critical
Responsiveness Required
Resiliency
Security
Data Grows Faster Than Bandwidth
IOx
© 2014 Cisco and/or its affiliates. All rights reserved.
afiocco IOT Dec
2014 Cisco Public
Well Established Eco-Systems Fog computing use cases
Build Your Own Interface
Application Layer Gateway
Protocol Translation
Application Layer Security
Application Data Processing
Distributed Control
IoT Protocol Stack : Smartgrid example
© 2014 Cisco and/or its affiliates. All rights reserved.
afiocco IOT Dec
2014 Cisco Public
Open Standards IP-based Reference Model
IPv6
UDP/TCP
IEEE 802.15.4e MAC enhancements
IPv6 RPL
Web Services, EXI, SOAP,
RestFul,HTTPS/CoAP
• Open Standards – at all levels to ensure interoperability and reduce technology risk for utilities
• 15-20 years lifetime and future proofing – Internet has 25 years lifetime and is continuously evolving
802.1x / EAP-TLS & IEEE 802.11i based Access Control
Physical
Layer
IEEE 802.15.4g
2.4GHz, 915, 868MHz
DSSS, FSK, OFDM
IEEE 1901.2
NB-PLC
OFDM
IEEE 802.11
Wi-Fi
2.4, 5 GHz, Sub-GHz
IEEE 802.3
Ethernet
UTP, FO
2G, 3G, LTE
Cellular
IEEE 802.16
WiMAX
1.x, 3.xGHz
Data
Link
Layer
IEEE 802.15.4
including FHSS
IEEE 1901.2
802.15.4 frame
format
IEEE 802.11
Wi-Fi
IEEE 802.3
Ethernet
2G, 3G, LTE
Cellular
IEEE 802.16
WiMAX
6LoWPAN (RFC 6282) IPv6 over Ethernet (RFC 2464) IPv6 over PPP
(RFC 5072)
IP or Ethernet
Convergence SubL.
Network
Layer
Transport
Layer
Application
Layer
Addressing, Routing, Multicast,
QoS, Security
Security (DTLS/TLS)
DNS, NTP, IPfix/Netflow, SSH
RADIUS, AAA, LDAP, SNMP,…
(RFC 6272 IP in Smart Grid)
Metering
IEC 61968 CIM, ANSI C12.22,
DLMS/COSEM,…
SCADA
IEC 61850, 60870
DNP3/IP, Modbus/TCP,…
LLC
M
A
C
Mgmt
© 2014 Cisco and/or its affiliates. All rights reserved.
afiocco IOT Dec
2014 Cisco Public
Field Area Network Architecture
MDMS
DMS
Data Center, Enterprise Apps
MDM
DB
MDMCIS
AMI Head-End
SCADA
ORS
DMS
Billing & Pre-Payment
Mgmt
DMS
Intrusion Prevention
HER
Certificate Authority
Access Control
Directory Services
NMSCG-NMS
SIEM
SIEM
Public or Private
IP Infrastructure
Network & Security Services
Data Integrity & privacy: IPSec
Traffic prioritization: IP QoS
Scalable & reliable IP VPN
Zero Touch Provisioning
Users and devices Authentication
Devices management
Open standards Neighborhood Area Network (NAN): IEEE 802.15.4g/e RF or/and IEEE 1901.2 PLC Mesh
IPv6 based communications – 6LoWPAN, RPL,…
Fully Secured – AES 128 encryption, IEEE 802.1x authentication, IEEE 802.11i key management
Network Management – CoAP based, Zero Touch Provisioning, Over-the-Air firmware upgrade
© 2014 Cisco and/or its affiliates. All rights reserved.
afiocco IOT Dec
2014 Cisco Public
FAN Aggregation Layer
within Substation
Automation Network
Neighborhood Area Network
(RF Mesh)
Smart Meters
AMI Head-End
NMS HES
AAA Server
Certificate
Authority
Intrusion
Prevention
Directory
Services
SIEM
Security Services
Secure storage for encryption keys
Secure encryption keys
Network-layer encryption (IPSec)
Link-layer encryption (AES-128)
• Certificate-based identities, user names & passwords
• Role based Access Control
• 802.1x-based access control for meters, routers, grid devices
• Link-layer encryption in RF Mesh
• Group-based key generation and management (mesh)
• Network-layer encryption for WAN Backhaul (IPSec)
Field Area
Router (FAR)
CGR 1000
Series
Secure Device Identity via Digital Certificates
Strong user identities with Role-Based Access
Time-stamped logs, correlation at SIEM
Separation of AMI vs. non-AMI traffic, segmentation
Mobile Workforce
Public or Private
WAN
Security Architecture
15
Cisco Confidential 16 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
Sub-1GHz Regulations around the World USA
Canada
Chile
Colombo
Mexico
Argentina
Uruguay
Venezuela
902-928MHz
4 W *
Source: CEPT - DKE 731.09r1 JSC
860 870 880 890 900 910 920 930 940 950 MHz 850
Singapore
2 W **
Singapore
0.5 W **
S.A.
4 W **
China
2 W **
Thailand
2 W *
Europe
India
Hong-Kong
Iran
UAE
2 W **
Malaysia
2 W **
Israel
2 W *
* e.i.r.p. ** e.r.p.
Brazil
902-907.5,
915-928 MHz
4 W *
840
China
2 W **
Japan (2012)
915-930MHz
4 W*
0.5 / 0.02 W *
Licensed/unlicensed
E.U CEPT new frequency bands discussion (870-876MHz 500mW and 915-921MHz 25mW)
• Allocated Frequency bands
• Licensed/unlicensed (ISM)
• Transmit power
• Time transmitting
Korea
917-923.5MHz
4 W *
Australia
915-928MHz
Hong-Kong
920-924 MHz
Ultra
NarrowBand
© 2014 Cisco and/or its affiliates. All rights reserved.
afiocco IOT Dec
2014 Cisco Public
Wi-SUN Alliance
Vision: Drive industry to embrace open standards and interoperability.
• Definition of Wi-SUN profile based on IEEE 802.15.4g/e
• Reduce technology risk
• Testing
• Certification
• www.wi-sun.org
17
© 2014 Cisco and/or its affiliates. All rights reserved.
afiocco IOT Dec
2014 Cisco Public
• Certification for products built on the IEEE 1901.2 Low-Frequency, Narrow-Band Powerline Communications standard
• Leverages HomePlug’s long established programs & expertise in testing & certifying powerline networking products.
• HomePlug will promote the adoption of Netricity products to foster an ecosystem served by multiple technology vendors.
The Netricity™ program is supported by
HomePlug Alliance member companies:
twitter: @alainfiocco
email: afiocco@cisco.com
© 2014 Cisco and/or its affiliates. All rights reserved.
afiocco IOT Dec
2014 Cisco Public
Connected Grid Network Management
The Connected Grid NMS Solution provides grid operators
• Scalable, Utility Ops communication management
• Enterprise-class visibility for up to 10M endpoints
• Secure network commissioning, monitoring and life cycle management via well-defined interfaces
• Integration with Utility Operations and Enterprise Bus
The Cisco Connected Grid Device Manager provides
• Device level network monitoring and troubleshooting
23
© 2014 Cisco and/or its affiliates. All rights reserved.
afiocco IOT Dec
2014 Cisco Public
CG-NMS Visualization
© 2014 Cisco and/or its affiliates. All rights reserved.
afiocco IOT Dec
2014 Cisco Public
Cisco 1240 Connected Grid Router
Ethernet Switch 2GE WAN (Cu or SFP), 4FE LAN
Integrated Antennas for: RF Mesh, WiMAX, 2G/3G, WiFi
2 RS 232/RS 485 Serial Ports
Battery
Backup
GPS Antenna
Liquid Tight
(IP67) Adapter
Ruggedized, IP67
Ethernet (RJ-45)
Connector
Outdoor Model (Pole Mounted)
Estimated dimensions: 30.5 cm (H) x 20.3 (W) x 19 cm (D) = 12“(H) x 8.0” (W) x 7.5” (D)
Antennas shown above are optional; can be deployed with external antennas
Four Module Slots
© 2014 Cisco and/or its affiliates. All rights reserved.
afiocco IOT Dec
2014 Cisco Public
Cisco 1120 Connected Grid Router
• Substation hardened
– IEC61850-3 and IEEE1613-compliant
– Fixed memory
– Din-rail mounted
• Convection cooled
– No fans and/or moving parts
– Increased operating temp
• Dimensions
– 8.9 cm (H) x 22.9 cm (W) x 20 cm (D) = 3.5" (H) x 9.0" (W) x 7.8" (D)
Indoor Model (Din-Rail Mounted)
DC Input Integrated AC
and DC PS
Ethernet Switch
2GE WAN, 6FE Serial RS-232,
RS-485
Fiber WAN
2 GE SFP
Console and
Alarm Ports
Slot 1 Module Slots
GPS Antenna Wi-Fi Antenna
Slot 2
Three Phase
AC Input
© 2014 Cisco and/or its affiliates. All rights reserved.
afiocco IOT Dec
2014 Cisco Public
Industrial Router 500 915 MHz RF Mesh DA Gateway
Form Factor Specifications
• Compact form factor: 4.5” x 5.5” x 1.25”
• Fixed configurations- Panel / DIN rail mount
• IP-30 rating
• IEC 61850-3 / IEEE 1613
• Extended Temperature range (-40C to +70C)
Reset Switch
One 10/100 Ethernet Port
Mounting Feet (can be
moved to front and back) USB Port 915 MHz RF Connector
9-60 VDC PWR/Alarm
Two Serial Ports
LEDs viewable from
top and front
• Transport Distribution Automation and SCADA over IPv6 RF Mesh
• Ruggedized for harsh industrial environments
• Compact size and low power
• Authentication and encryption
• IP quality of service
• RF mesh aggregated by CGR1000 Series
• Managed by Connected Grid NMS and Device Manager
Recommended