C-DAX:

A Cyber-Secure Data and Control

Cloud for Power Grids

C-DAX Consortium
C-DAX is funded by the European Union's Seventh
Framework Programme (FP7-ICT-2011-8) under grant
agreement n 318708
C-DAX Project
EC FP7-ICT-2011-8 call project
C-DAX: Cyber-secure Data And Control
Cloud for power grids
DuraQon: 01.10.2012 30.09.2015
Total budget: 4.315.303 Euro Project coordinaQon: iMinds
EU-funding: 2.931.000 Euro Project website: h]p://www.cdax.eu

C-DAX middleware Project partners

Enables smart grid applicaQons to
exchange informaQon securely
Implements informaQon-centric
networking (ICN) paradigm
Supports publish/subscribe across
dierent administraQve domains
Targeted use cases
Future retail energy market (REM)
Real-Qme state esQmaQon based on
PMU measurements

C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 2

Publish-Subscribe Basics
Publisher
Basic idea
1
Decouple data producQon and
consumpQon in space, Qme, and
synchronizaQon 2 3

Improve scalability (compared to

tradiQonal client-server) Broker
Broker
discovery
service
Core components
Publisher client: produces data
Subscriber client: consumes data 4 4 4 2
1
Broker: stores and forwards data
Broker discovery service: tells publishers
and subscribers what broker to use
Subscriber Subscriber Subscriber

Basic interacQons
Join message Data
Broker discovery
Client join Broker Pub/sub middleware Application
Data disseminaQon
C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 3
Example: Integrating Different Applications (Within the Same or Different
Administrative Domains) Using the Same Pub/Sub Middleware

Publ. A Sub. D

Pub/sub middleware

Topic 1 Only interested in Topic 1

Publ. B

Topic 2

Sub. E

Publ. C

Examples for topics Only interested in Topic 2

SCADA data from RTUs
PMU measurements
Benet of decoupling publishers and subscribers
Sub. F
CommunicaQon partners do not need to know each other
Asynchronous communicaQon possible
FacilitaQng extensibility, management and congurability Interested in Topic 1 and Topic 2

C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 4

C-DAX Entities Explained
En#ty Func#onality Plane

Client Produce or consume topic data; provides access for SG Control & Data
applicaQons to the C-DAX cloud (through an API)

Designated Provide access for clients to the C-DAX cloud (rst Control & data
node (DN) point of contact)
DN for publisher (PubDN) and DN for subscriber
(SubDN)
Data broker Receive topic data from PubDNs and forward them to Data
(DB) SubDNs
Cache topic data
Resolver (RS) Resolves topic names to DBs Control

Security server Provide security-related funcQonaliQes to the C-DAX Control

cloud, including authenQcaQon, authorizaQon, and key
distribuQon
Monitoring / Gather, aggregate, and forward monitored Management
management informaQon in the C-DAX cloud
system Management of C-DAX network resources

C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 5

C-DAX Architecture
C-DAX Monitoring/
Monitor
Management System

C-DAX Communication
Platform
Control

Security Control Plane Resolver

Server (RS)
Client Client
Join
(Publisher) Join (Subscriber)
Configure

SG application Data Broker Designated SG application

data to be Designated data to be
Node (DN) (DB) Node (DN)
published consumed
Data Plane

C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 6

Three Communication Modes
Streaming-based
Publishers conQnuously send data to DB DB
Subscribers conQnuously receive data
from DB Publisher Subscriber

Query-based
Subscriber sends query to message broker Query
DB
DB returns data matching the query
Subscriber

Point-to-point
Publishers send data directly to
subscribers

Publisher Subscriber

CommunicaQon modes are set per topic to t the requirements of the applicaQon, e.g.,
Low latency for PMUs
Improved scalability for retail energy markets

C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 7

 : Path during failure free operation
: Alternative paths due to failures
Resilience Concept : Synchronization

Topic data should be highly available Three resilience support levels:

Data is stored on two nodes
Level Data loss Data delay Complexity
Resilience of the infrastructure (during (during
Each system component is replicated failover) failover)
physically L1 Y N Low
Each criQcal communicaQon path is
L2 N Y Middle
divided into
A path during failure free operaQon L3 N N High
AlternaQve path(s) due to failures

C-DAX cloud

DN DB DN

Subscriber
Publisher

DN DB DN

C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 8

Security Concept
General security requirements C-DAX security raQonale
Conden#ality and integrity Strong authenQcaQon of clients and nodes
End-to-end security, e.g., IEC 62351 based on asymmetric cryptography
Availability Symmetric or asymmetric cryptography for topic
data
PrevenQon of a]acks, e.g., DoS a]acks,
replay a]acks, spoong Minimal trust in underlying infrastructure
Nodes do not have to trust each other
Security features of C-DAX inside C-DAX cloud
Clients do not have to trust C-DAX cloud
End-to-end security between C-DAX clients
for guaranteed end-to-end security
Availability of C-DAX infrastructure
Flexible match of security parameters to
Scalable key management mechanism requirements of use cases, e.g., data rates,
latency, condenQality, integrity
SecServ
Key distribuQon Key distribuQon

Publisher DN DB Subscriber

Data Data Data Data

Encode AuthenQcate AuthenQcate Decode

C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 9

 Domain A Domain B

Inter-Domain Concept C-DAX cloud

RS

Companies
Dene C-DAX domains
Want to exchange informaQon
SecServ
Inter-domain concept necessary
C-DAX DN
Provides access for external subscribers to
C-DAX cloud DB DN External
Only point of contact for external subscriber

subscribers C-DAX cloud

Triggers authenQcaQon and authorizaQon
of external clients : Security signaling
: Publish/subscribe signaling
Manages external subscripQons : Publish/subscribe data transfer
Forwards data from internal nodes to Inter-domain security
external clients
DN hides domains network
External subscribers
Access from external domains only
May re-publish received informaQon in allowed through DNs
own domain
SecServ of each domain manages
respecQve rights
C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 10
Comparison with Existing Pub/Sub Architectures
Architecture End-to-End Resilience Message Broker-based Direct Inter-Domain
Security Persistence Communica#on Communica#on Communica#on
Mode* Mode**
C-DAX X X X X X X

SeDAX X X X X - -

OMG DDS O X X - X -

JMS - X X X - -

NSQ - O - - X -

Data Turbine - X X X - -

ZeroMQ O O - O X -

* Broker-based communicaQon is good for scalability

** Direct communicaQon may be benecial for interacQve real-Qme applicaQons with hard latency requirements

X : Supported
O : Partly supported
- : Not supported / unspecied

C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 11

Protocol Adaptation Layer
Problem
ExisQng smart grid protocols rely on PMU/Client/AdaptaQon Layer DN
bidirecQonal one-to-one communicaQon,
e.g., IEEE C37.118, IEC 61850
C-DAX provides unidirecQonal many-to-
many communicaQon
C-DAX provides a unied pub/sub
interface for communicaQon C37.118 C37.118
C37.118
C-DAX C-DAX
SoluQon TCP/UDP TCP/UDP
Protocol adaptaQon layer translates
IP IP
between smart grid protocols and C-DAX

Benets for operators

ImplementaQon
Hardware and sorware compliant to
Protocol adaptaQon layer for IEEE C37.118
exisQng standards can be used with C-DAX
has been implemented and tested
with li]le conguraQon changes
C-DAX can be transparent for legacy
hardware and sorware
C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 12
Prototype Virtual Wall
Purpose BaseStation
Monitor Security Resolver
ValidaQon of baseline Server
Base
Station

communicaQon funcQonaliQes
and basic failure management Monitor

of C-DAX
ValidaQon of security LAN
Bus3Node Bus4Node Bus7Node
framework Bus1Node

ValidaQon of IEEE C37.118

protocol adaptaQon layer
PDC PMU-Bus1 PMU-Bus3 PMU-Bus4 PMU-Bus7
Environment Adapter
SubClient
PubClient PubClient PubClient PubClient

IEEE 34 Bus as power grid Bus1 Bus3 Bus4 Bus7

topology
PMU measurement data
provided by EPFL
Virtual Wall network test bed
provided by iMinds 13

RTSE applicaQon by EPFL RTSE LabView

C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids

 Real-Qme state esQmaQon
Laboratory validation of the targeted
electrical network

PDC PDC

C-DAX cloud

PMU PMU PMU PMU

Real-Qme model
of the electrical grid

C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 14

Field Trial
Purpose Allianders MS Livelab
Deploy C-DAX sorware in an exisQng
distribuQon grid
Evaluate applicability of C-DAX under
realisQc condiQons
Show-case several smart grid applicaQons
using a common pub/sub middleware
Environment
Distribu#on grid provided by Alliander
including a solid and fast IP network
PMUs provided by NaQonal Instruments
Source: Alliander N.V.
RTSE applicaQon by EPFL
NaQonal Instruments PMU for MV level
C-DAX sorware
Time plan
Deployment of PMUs and C-DAX sorware:
late 2014
Scheduled start of eld trial: late 2014
Source: NaQonal Instruments Sweden

C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 15

Benefits and Features of the C-DAX Architecture
General benets of pub/sub Unique C-DAX benets
communicaQon Support for inter-domain
Flexibility and agility for integraQon of communicaQons
emerging smart grid applicaQons Support for established smart grid
Transparent exchange of informaQon protocols, e.g., IEC 61850, IEC
Scalability 60870-5-104, IEEE C37.118
Avoid repeated investment in ICT per CombinaQon of advanced features
applicaQon Cyber-secure layer addressing
authenQcaQon, privacy, and
integrity in end-to-end fashion
Support for streaming, query
and point-to-point
communicaQon
Resilience
Flexible provisioning strategy

www.cdax.eu
C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 16
Contact








www.cdax.eu

MaPhias Strobbe (iMinds)
Thank you for your aPen#on!
maPhias.strobbe@intec.ugent.be
Ques#ons?

C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids 17