290 likes | 415 Views
The Emerging Role of Standards in Utility Metering Practice. Daniel E. Nordell, PE Sr. Consultant Northern States Power Company d.nordell@ieee.org. Reasons for standards. Safety - Standards specify minimum behavior of systems. Accuracy - Standards can specify system accuracy.
E N D
The Emerging Role of Standards in Utility Metering Practice Daniel E. Nordell, PE Sr. Consultant Northern States Power Company d.nordell@ieee.org
Reasons for standards • Safety - Standards specify minimum behavior of systems. • Accuracy - Standards can specify system accuracy. • Reliability - Standards can specify system reliability. • Security - Standards can help to ensure information and system security. • Openness - Standards give users options. Standards also give vendors the ability to specialize rather than build the entire system.
Reasons not to do standards • Every clever engineer loves to invent. It is easier to invent than to discover what already exists. • Vendors may not want to be constrained to externally-imposed specifications. They limit creativity. • It is in the proprietary interest of the vendor to keep his customers captive. • It is difficult to document technology (create a standard) and to read and understand standards.
MeterInc . Model 12b 2 Phase, 120VAC, TM U U C C 200A A A We’ve had metering standards with us for a long time • Standard meter base • Standard electrical ratings • Standards for meter accuracy
New challenges for Meter Standards • Opening marketplace requires more customer information • Electronic meters can provide lots of information • Creative engineers can deliver that information in proprietary ways • New standards needed for meter communication
Meter Standards include the following areas: • Physical • Electrical • Performance • Communications • Data models • Application protocols
Who Makes Standards, Anyway? International Standards ( ISO, IEC ) National Standards ( ANSI, NIST, IEEE ) Industry Standards - formalized practice Industry Practice - informal practice Proprietary Systems - vendor specific
Standards Groups • ANSI C.12 • Traditional Electricity Metering standards group in North America • Owns the “meter base” standards • Developed “Utility Industry End Device Data Tables” (ANSI C12.19-1997 / IEEE 1377-1998) with IEEE SCC31 and Industry Canada • Developed handheld meter reader communication standards • Now working on modem and network communication interfaces
Standards Groups (continued) • IEEE SCC31 • Roots in the AMR community • Represents Water, Gas, and Electric communities • Standards for system topology, telephone access, and security • Collaborated with ANSI C.12 on End Device Data Tables
Standards Groups (continued) • IEEE SCC36 • EPRI-developed “Utility Communication Architecture” specifies standards for electric, water, and gas communication infrastructure. • Points to existing standards from the computer industry. • Adds end device behavior and information definitions.
Standards Groups (continued) • IEC TC13 • Equipment for Electrical Energy Measurement and Load Control • One of the first Technical Committees of IEC • Original charter has been expanded from measuring equipment to include load control and electronic meters • Coordinates with TC57
Standards Groups (continued) • Object Management Group • OMG / CORBA is based on “best industry practice” • CORBA provides a consistent Application Program Interface which is not addressed by data communication standards • CORBA provides object interfaces
Why do communication standards? • Imagine Personal computing without standards….. • Imagine hard disk drives without standards….. • Imagine an Internet without standards. …Lower cost, more flexibility, more opportunity.
An analogy: Disk Drive Interfaces • Originally required proprietary controllers • “Standard” interfaces developed, manual setup • Self-describing drives • Smart “plug-and-play” operating systems
Data Communications Standards • Required for communication of information from meters to other systems. • Required to support mixed meter vendor environment. • Issue: Information security
Modern communication standards: • Traditional SCADA protocols combine datalink, network, and application layer functionality into a single package. Typically cannot be routed. • Modern communication protocols divide the responsibility so that the “payload” can change physical media and can route through a network.
What standards are required to achieve Interoperability Application Protocols Data/Object Models Application Presentation Session Transport Network Data Link Physical Electromechanical Extended layer ISO standard layers
Security Issues (SCC31) • Authorization Violation • Eavesdropping • Information Leakage • Intercept/Alter • Masquerade (“Spoofing”) • Replay
Security Principles • Security by obscurity is no security. • Obscurity may protect for a while but will eventually be broken by clever intruders or revealed by an insider. • Good security systems incorporate well-known (and secure) principles of operation along with protected keys. • Avoid clever proprietary schemes. Most can be easily broken by cryptographers. • Two types of systems: • Symmetrical (single) key - harder to protect • Public / Private (two) key - more complex
Security Key Concepts Single Key: One key both encrypts and decrypts. Dual Key: Either key encrypts. The other one decrypts.
Security Architecture must provide: • Authentication • Encryption • Access Control
Qualities of a good security system: • Publicly Available • Keys Can Be Changed Faster Than Broken • Cracking Time > Useful Life Of Message • Assure Message Is Unaltered (Integrity) • Verifies Originator (Authenticates) • Permits Broadcast/Multicast
Security for Electric Meters • Must meet security criteria. • Must fit on small computing platform. • Must fit in protocol suite. • Security is part of UCA protocol suite. • SCC31 Security Subcommittee is developing recommendations for meters and contributing to ANSI C.12 protocol work.
Several Candidate Security Algorithms considered: • DES • Diffie-Hellman • RSA (PGP) • IDEA • CAST • Skipjack • Blowfish • SAFER • RC5 • ODS • Rabin • ElGamal No Single Of Algorithm Met All Criteria, So A Suite Was Needed
SCC31 Recommendation: Use a Three Algorithm Suite for Flexible Encryption • RSA Public Key • Slow, used for session key exchange • DES / Triple DES Symmetric Key • Fast, used for session encryption • Diffie-Hellman • Slow, used only for changing RSA key
Conclusion • Standards are being developed not only for the measurement element but also for the meter register and for communications. • These standards will play an increasingly important role in the emerging open marketplace. • Security must be given serious consideration.
Security Contributions • UCA Security Specifications (SCC31) • Recommended Suite of Security Algorithms (Bill Rush / SCC31) • Security Transformations Application Service Element for MMS (STASE-MMS) • Based on ANSI T1.259-1997 • Draft report of the IEC TC57 AHWG06 on Security • Integrating the best US and international security practices for use by IEC committees