26/10/2011 1
Communication Concept for Smart Metering,
Smart Grid and Home Automation
Thomas Kessler ([email protected]), Deutsche Telekom AGThomas Kessler ([email protected]), Deutsche Telekom AGThomas Kessler ([email protected]), Deutsche Telekom AGThomas Kessler ([email protected]), Deutsche Telekom AG
ETSI M2M Workshop, 26 ETSI M2M Workshop, 26 ETSI M2M Workshop, 26 ETSI M2M Workshop, 26 ---- 27 October 2011, Sophia Antipolis,27 October 2011, Sophia Antipolis,27 October 2011, Sophia Antipolis,27 October 2011, Sophia Antipolis, France France France France
Outline.
� Status Home Energy Management
� Requirements of Federal Office for Information Security
� Communication Concept Proposal
� Contributions to Standardization Work
Conclusion
26/10/2011 2
� Conclusion
Status Home Energy Management.
Home Gateway Initiative (HGI).
� HGI has published a document “Use Cases and Architecture for a Home EnergyManagement Service” (HGI-GD017-R3) after several workshops with other industry
consortia and standardization groups.
� The generic architecture suggests the collocation of Home Gateway and Energy
Gateway, categorizes different HN areas and defines logical interfaces.
26/10/2011 3
� Several interfaces being considered such as Zigbee, Z-wave, DECT, Homeplug, G.hn,
Wi-Fi, and others.
� HGI is introducing applications (home energy management, also health, security,
automation) in the home that interact with IP and non-IP devices.
� HGI has defined an execution environment incl. a first set of standardized APIs
(“HG Requirements for Software Execution Environment” HGI-RD008-R3).
� Home Energy Management logic (and other application logic) can run (and interact) on
the Home Gateway in combination with cloud based functions.
Status Home Energy Management.
HGI Architecture.
HANx(Home Area
Network)
HANy
Home Domain
IF3IF6
IF5
GW/EM
Smart
Appliance
Smart
Appliance
Appliance
Smart
Plug
Appliance
Smart
Plug
Local
Display
26/10/2011 4
SI
HN(Home
Network)
Energy Gateway
Home GatewayIFx IFwIF4
IF2
IF3IF6
IF1
SmartMeter
SmartInfo
User
InterfaceUser
Interface
Smart
Appliance
Source: HGI-GD017-R3 “Use Cases and Architecture for a Home Energy Management Service”, August 2011
Requirements by Federal Office of Information Security (BSI).
Protection Profile Smart Meter Gateway.
� Introduction of Protection Profiles for the components of a Smart Metering Systemrequired in the EU Member States.
� German Federal Ministry of Economics and Technology mandated German Federal Office for Information Security (BSI) to develop a Protection Profile for theSmart Meter Gateway.
26/10/2011 5
� Protection Profile for the Target of Evaluation
� describes threats concerning security and privacy,
� defines requirements for countermeasures.
� Products will be certified based on the Protection Profile.
� German Regulatory Agency (BNetzA), Federal Metrology Institute (PTB), andprofessional organizations were involved in the development of the Protection Profile.
� Final draft “Protection Profile for the Gateway of a Smart Metering System” v01.01.01recently issued.
Requirements by Federal Office for Information Security (BSI).
Protection Profile Smart Meter Gateway (continued).
� “The Gateway shall offer a userinterface to the HAN that allowsCLS or consumers to connectto the Gateway in order toread relevant information.”
LMN
WAN
Authorized
ext. entity
26/10/2011 6
� HAN = Home Area Network
� LMN = Local Metrological Network
� CLS = Controllable Local Systeme.g. white goods, air con,solar plant
Gateway
Security Module
LMN
HAN
Meter
Meter
Meter
CLS
CLSConsumer
Requirements by Federal Office for Information Security (BSI).
Functional Requirements.
� Technical Guideline TR-03109 for the operation of a Smart Metering systemunder development.
� Requirements for the interoperability of a Smart Metering system comprising the elements that are certified by the Protection Profile.
� First draft presented on 14th October, next meeting in December.
26/10/2011 7
� First draft presented on 14th October, next meeting in December.
� Document expected to be issued by April 2012.
� Differentiation between Critical Infrastructure Energy Domain and Customer Domain
because of different security profiles.
� No direct physical connection between those two domains.
� Customer access via web services over Internet.
� Local unidirectional wireless meter readout possible, SRD band (Short Range Devices).
� If appliances in the resident’s premises are connected to a managed service (e.g. time
shifted power connection of white goods), there shall be no possible interference from
Communication Concept Proposal. (1/4)
26/10/2011 8
shifted power connection of white goods), there shall be no possible interference from
that appliance to the service in general.
� Both domains follow different roll-out speed and logic.
� Market communication of the utility business is another independent domain.
Communication Concept Proposal. (2/4)
Textbox Headline
Web portal…
Third party..
Web portal2
Third party2
LAN 1..nLAN 1..n
Customer Domain
Transfer time ≤ 10 s for command and alarm signalsTransfer time ≤ 5 min for energy measuring, supply management
Third PartyServices
Set Top Box
HomeGateway
IHD
IHD
IHD
LAN 1..n
IHD
HA Gateway
Electrical appliances /loads, e.g. white goods, displays, sensors, actors, …
Web Portals
IPTV
VOIP
Internet
Connected Home
IP Service Provider Platforms
Third Parties
Non-IP Communication
Value added services,
e.g. safety, heating
control, …
Secure B2C
Public…
KNX
ZigBee
26/10/2011 9
Critical Infrastructure Energy Domain
Utility Business Market Communication
CLS: Controllable Local SystemEDM: Energy Data Management SystemIHD: In Home DeviceµCHP: Micro combined heat and power plantPV: Photovoltaic generationHA: Home AutomationTransfer time ≤ 2 s for
command control, load shedding and peak shaving
Head endGate-way 2
Gate-way 1
Security Module
Meter 1Security Module
Meter 2
Actor 1
Sensor 2
Actor 2
Sensor 1
Gate-way 3
CLS
Security Module
Sensor 3
Meter 3
Electrical appliances/loadse.g. PV, µCHP
Security Module
PrivatelyManagedNetwork
Uni
dire
ct. W
irele
ss M
eter
R
eado
ut
(SR
D B
and) Actor 3
Secure B2B
Secure B2B
Web portal…
Third party..
Web portal2
Third party2
LAN 1..nLAN 1..n
Customer Domain
Regular Utility BusinessMarket Communication
CLS: Controllable Local SystemEDM: Energy Data Management SystemERP: Enterprise Resource PlanningDSO: Distribution System OperatorMSO: Metering System OperatorIHD: In Home DeviceµCHP: Micro combined heat and power plantPV: Photovoltaic generation
Third PartyServices
Set Top Box
HomeGateway
IHD
IHD
IHD
LAN 1..n
IHD
HA Gateway
Web Portals
Non-IP Communication
Supplier …(EDM)
Supplier 1(EDM)
ERPBilling
ERPBilling
MSO 1(MDM)Secure B2B
Public
…
KNX
ZigBee
Communication Concept Proposal. (3/4)
26/10/2011 10
Critical Infrastructure Energy Domain
Head End
Gate-way 2
Gate-way 1
Security Module
Meter 1Security Module
Meter 2
Actor 1
Sensor 2
Actor 2
Sensor 1
Security Module
(EDM) Billing
ERPBilling
DSO 2(EDM)
DSO 1(EDM)
DSO …(EDM)
MSO 2(MDM)
(MDM)
MSO …(MDM)
Supplier 2(EDM)
ERPBilling
PublicGate-way 3
CLS
Security Module
Actor 3
Sensor 3
Meter 3
Privately ManagedNetwork
Secure B2B
Public
Secure B2B
Communication Concept Proposal. (4/4)
Propositions on Connectivity.
Customer has final control and responsibility Responsibility for successful delivery, fixed SLAs,
possible contractual penalties
Guarantee on the delivery of the service dependent
on SLA, if managed
Guarantee on undisturbed operation without danger
of tampering, intrusion or service blocking
Service dependant variable reliability level
Service dependant variable security level
High to very high reliability level
Customer Domain Critical Infrastructure Energy Domain
26/10/2011 11
Service dependant variable security level
Direct customer access to infrastructure possible Secure actor contact to start and stop decentralized
generation
Signature or authentication or encryption optional Signature & authentication & encryption mandatory
Transfer time ≤ 10 s for command & alarm signals,
≤ 5 min for energy measuring, supply management
Transfer time ≤ 2 s for command control, load
shedding, peak shaving
Connection/disconnection of single loads typically
≤ 3 kW (max. consumption household appliance)
Connection/disconnection of single loads typically
100 kW (consumption of devices with net impact)
� Separation of Critical Infrastructure Energy Domain and Customer Domain.
� HAN access only via dedicated interfaces.
� HAN may have access to the Internet.
� Requirements regarding local unidirectional wireless meter readout between Smart Meterin Critical Infrastructure Energy Domain and HA Gateway in Customer Domain not yetdefined by BSI.
Conformance of Proposal with BSI Requirements.
26/10/2011 12
� Incorporated into draft ETSI 102 935 “Applicability of M2M architecture to Smart Grid Networks – Impact of Smart Grids on M2M platform” as Smart Grid / Smart Metering Customer Domain Use Case, Deployment Scenarios.
� Mandate 490 Reference Architecture Working Group.
� National German SDOs.
� Input to requirements document of Home Gateway Initiative (HGI).
Contributions to Standardization Work.
Home Domain
Appliance
26/10/2011 13
Home Gateway Initiative (HGI).
SI
HANx(Home Area
Network)
HANy
HN(Home
Network)
Energy Gateway
Home GatewayIFx IFwIF4
IF2
IF3IF6
IF1
IF5
SmartMeter
SmartInfo
GW/EM
Smart
Appliance
Smart
Appliance
Smart
Plug
Appliance
Smart
Plug
Local
Display
User
InterfaceUser
Interface
Smart
Appliance
Source: HGI
� Differentiation between Critical Infrastructure Energy Domain and Customer Domain because of different security profiles.
� Both domains follow different roll-out speed and logic and belong to different “control regimes” although they are one Home Domain for the inhabitant.
� Local unidirectional wireless meter readout possible.
� Concept Proposal has been contributed to Standardization.
Conclusion.
26/10/2011 14
Thank you for your attention.
26/10/2011 15