03_Monitoring of Ethernet Messages

8/14/2019 03_Monitoring of Ethernet Messages

1/36

OMICRON

Page: 1K02 03 20060309

K02 03 20060309

Monitoring of EthernetMonitoring of Ethernet

MessagesMessages

Dr. Alexander Apostolov


2/36

OMICRON Page: 2K02 03 20060309

ScopeScope

Discuss Ethernet architectures supporting

IEC 61850 projects Not defined in the standard but essential for areal project !

Background on Ethernet principles andtechnologies

Practical examples


3/36


SIMPLEXTransmission in one direction only

HALF DUPLEX

Two way means of transmission but data can onlytravel in one direction at a time

FULL DUPLEX

Transmission in both directions simultaneously

Transmission DefinitionsTransmission Definitions


4/36


PROTOCOLRules and procedures that communications networks

use to communicate on the communications medium

CONNECTION

Communications are Connection Oriented or

Connectionless



5/36


6/36


Shared Access


IEC 61850

IED

Legacy

IED

IEC 61850

IED

Proxy

Server

Substation

HMI

RS485Ethernet

Ethernet

Switch

Substation

HMI IEDIEDIEDEthernet


7/36 OMICRON Page: 7K02 03 20060309

NETWORK ACCESS

CARRIER SENSE METHODS

CSMA (Carrier Sense Multiple Access)/CD

(Collision Detection)

Medium Access Control (MAC)

TOKEN ACCESS METHOD

The device that has the Token has access to

transmit

RESERVATION METHOD

Each device has a predefined time slot to transmit



8/36 OMICRON Page: 8K02 03 20060309

Medium - Ethernet devices attach to a common medium that

provides a path along which the electronic signals will travel:

- historically, this medium has been coaxial copper cable- more commonly a twisted pair

-fiber optic cabling.

Segment - a single shared medium as an Ethernet segment.

Nodes - devices that attach to that segment are stations or

nodes.

Frame - The nodes communicate in short messages called

frames, which are variably sized chunks of information.



9/36


10/36 OMICRON Page: 10K02 03 20060309

Noise corruption of data

Parity bit check Two coordinate parity check

Checksums

Cyclic redundancy check

Unauthorized access

Password protection Modem dial back

Firewalls

Data SecurityData Security


11/36 OMICRON Page: 11K02 03 20060309

Presentation

Session

Transport

Network

Data Link

Physical

Application Selects appropriate service for application

Provides code conversion, data reformatting

Coordinates interaction between end

application process

Provides for end to end data integrity andquality of service

Switches and routes information

Transfers unit of information to other end

of physical link

Transmits bit stream to medium

Open Systems InterconnectionOpen Systems Interconnection

(OSI) Model(OSI) Model


12/36


13/36 OMICRON Page: 13K02 03 20060309

Communications ProcessCommunications Process

Upper Layer

Lower Layer

Entity with

services to offer

SAP

SAP

Upper Layer

Lower Layer

Entity with

services to offer

SAP

SAP

Peer-to-peer dialog


14/36


15/36 OMICRON Page: 15K02 03 20060309

Ethernet FrameEthernet Frame

Pre SF D SA LengthType

MAC Data + Pad FCS

7 1 6 6 2 46-1500bytes 4

Length Type: Number of MAC-client data bytes that are containedin the data field of the frame

MAC Client Data: A sequence of n bytes (46=< n =


16/36

OMICRON Page: 16K02 03 20060309

Media Access Control (MAC) Address -This is the physical address of any device,

such as the NIC in a computer, on thenetwork.

The MAC address has two parts, each 3

bytes long. The first 3 bytes identify the company that

made the NIC.

The second 3 bytes are the serial numberof the NIC itself.

EthernetEthernet


17/36


18/36

OMICRON Page: 18K02 03 20060309

Network An interconnected group of nodes or

stations linked by communication channels

Node The interface point where one or more

functional units are connected

LAN Local area network (


19/36


20/36


21/36

S i h U i


22/36

OMICRON Page: 22K02 03 20060309

Switches:Switches: UnicastUnicast

1

2

S i h M l iS it h M lti t


23/36

OMICRON Page: 23K02 03 20060309

Switches: MulticastSwitches: Multicast

1

2 2

S it h B d tS it h B d t


24/36

OMICRON Page: 24K02 03 20060309

Switches: BroadcastSwitches: Broadcast

1

2 22 2


25/36


26/36

S it h th f t d iS itches other feat res sed in


27/36

OMICRON Page: 27K02 03 20060309

Switches: other features used inSwitches: other features used in

Substation AutomationSubstation Automation

Management Capability to detect a switch failure: SNMP or watch-

dog

Redundancy management No standard today for hard real time redundancy Redundancy between switches (not applications)

See further slides

B hit tBase architectures


28/36

OMICRON Page: 28K02 03 20060309

Base architecturesBase architecturesDOUBLE STAR

The most secured

scheme since multiplefailures are toleratedexcept the two centralswitchessimultaneously

RING

The most common scheme since

good performance/cost ratio(save 2 central switches vs. startconfiguration)

Failure of a single fiber or devicedoes affect the system once

reconfiguration is completed

STAR

Basic scheme since

failure of the centralswitch leads to thetotal communicationfailure


29/36


30/36

Example (ring)Example (ring)


31/36

OMICRON Page: 31K02 03 20060309

SWITCH

SHMSelf healing ring

manager

opto

Ethern et Por ts 10/100 Bas e TX

opto

Optical Ring

Primary Fiber

Secondary Fiber

EEPROM

Port MII

N

100Mbs Full duplex

Failsafeout ut rela s

Example (ring)Example (ring) Repeaters

(IEE 802.3 Ethernet switch)+ Self Healing Manager (SHM)



32/36

OMICRON Page: 32K02 03 20060309


EP

RS

RP

ES

Primary fibre

Secondary fibre

A B C DE

1 2 3 5 6 7 9 10 1184

switch switch switch switchswitch

During nominal situation, Ethernet packet goes in

primary fibre always in the same direction, and

only a checking frame (4 bytes) is sent every 5ms

in secondary fibre in the opposite direction.



33/36

OMICRON Page: 33K02 03 20060309

EP

RS

RP

ES

Primary fibre

Secondary fibre

A B C D E

1 2 3 5 6 79 10 1184

switch switch switch switchswitch

Example (ring)Example (ring)If the connection between 2 switches is broken

The Ethernet network wil l continue to run correctly.

Both SHM start immediately the network self-healing.

At one side, the messages received are no more emitted to

the primary fibre but to the secondary fibre.

On the other side of the cut off, the messages received to secondary

are emitted to primary and the new topological loop is closed.

Other communication elementsOther communication elements


34/36

OMICRON Page: 34K02 03 20060309

Other communication elementsOther communication elements

Need to design the communication infrastructure

according to the system constraints and requirements

OSI Model

Physical

Data Link

Network

Transport

Session

Presentation

Application

Hardware

Software

Technology Protocol

802.3

802.3

IP

TCP

MMS/SNTP

Com.

Element

Bridge/Switch

/Proxy

Router

Gateway/

Proxy

IEC Com.

Services

GOOSE

Report , Control ,

File

Proxy useProxy use


35/36

OMICRON Page: 35K02 03 20060309

Proxy useProxy use

Use proxy to keep sufficient performances in large systems

or/and enable a progressive commissioning

Server Server Server

Client Client

IP Routable

Fast Peer-to-Peer

ClientT104,

http, etc.

GUI

Proxy

BayBay

BayBay

BayBay

Gateway

Proxy

Server (resp.subscriber, cl ients)performance isdependant on thenumber of clients(resp. pubslisher,

servers)

A proxy can repl icatethe real time status &measurement of aseries of servers andbe possiblyredundant

IEC 62351IEC 62351


36/36

OMICRON Page: 36K02 03 20060309

IEC 62351IEC 62351

Data and Communication Security series of standard Currently at CD stage (votes till August 2005)

IEC 62351-6: Security for IEC 61850 profiles

Relies on IEC 62351-4: Profi les including MMS

Relies on IEC 62351-3: Profi les including TCP

OSI Model

Physical

Data Link

Network

Transport

Session

Presentation

Appl ication

Hardware

Software

Technology Protocol

802.3

802.3

IP

TCP

MMS/SNTP

IEC Com.

Services

GOOSE

Report , Control,

File

Security

Services

Authent if ication,

Replay

Authent if ication,

Encryption, Replay

Authent if ication,

Replay

Documents

03_Monitoring of Ethernet Messages