COMMUNICATION IN SMART GRIDS USING LTE

The world today is focusing on the enhancement of efficient use of energy and it has compelled the energy industry to research and seek for measures for increasing energy efficiency. Out of various fields related to energy, Smart Grid has emerged itself as one of the effective contributor to fulfill the approach of efficient use of energy. The term smart grid has been evolved from power grid where the energy is generated, distributed and finally consumed by a consumer. The smart form of this power grid is actually smart grid which facilitates smart way of communication of smart devices between grids, so that the effective mode of controlling and monitoring can be achieved. In order to achieve this, the devices should be smart enough so that they can be interoperable and remotely accessed. For the smart devices to communicate in real time so that controlling and remote access becomes possible, it demands an advanced communicating medium. LTE is one of the most challenging, famous and widely adopted communication technology that meets the requirement imposed by broadband wireless mobile communications. Early tests, evaluations and their pre-commercial deployments have proved that they fulfil all the requirements like high-data-rate, low latency and optimized system that advanced communication demands. Thus, this paper focuses on the evaluation of integration of LTE in Smart Grids so that automation in Smart Grids can be achieved.fi=Opinnäytetyö kokotekstinä PDF-muodossa.|en=Thesis fulltext in PDF format.|sv=Lärdomsprov tillgängligt som fulltext i PDF-format

Real-Time Monitoring System for a Utility-Scale Photovoltaic Power Plant

There is, at present, considerable interest in the storage and dispatchability of photovoltaic (PV) energy, together with the need to manage power flows in real-time. This paper presents a new system, PV-on time, which has been developed to supervise the operating mode of a Grid-Connected Utility-Scale PV Power Plant in order to ensure the reliability and continuity of its supply. This system presents an architecture of acquisition devices, including wireless sensors distributed around the plant, which measure the required information. It is also equipped with a high-precision protocol for synchronizing all data acquisition equipment, something that is necessary for correctly establishing relationships among events in the plant. Moreover, a system for monitoring and supervising all of the distributed devices, as well as for the real-time treatment of all the registered information, is presented. Performances were analyzed in a 400 kW transformation center belonging to a 6.1 MW Utility-Scale PV Power Plant. In addition to monitoring the performance of all of the PV plant’s components and detecting any failures or deviations in production, this system enables users to control the power quality of the signal injected and the influence of the installation on the distribution grid

Redundant IEC 61850 communication protocols in substation automation

The standard IEC 61850 has been adopted with open arms by the power system automation market. The first version of the standard published in 2005 did not however pay any attention to redundant communication aspects of the substation automation network. The recent extensions to the standard however corrected this defect and bring redundancy into view, adopting two high availability redundancy protocols from the existing standard IEC 62439-3: Parallel Redundancy Protocol (PRP) and High-availability Seamless Redundancy (HSR). These two protocols provide seamless (0 s.) network recovery times and fulfill even the most demanding requirements for substation automation network. In this thesis, these two redundancy protocols, their usage and possibilities in substation automation are investigated. At first, the IEC 61850 features, substation communication network topologies, and also the redundancy protocols and methods used today are presented. After this, the protocols PRP and HSR are discussed more deeply. The theoretical part is followed by a test of a system with PRP and ABB devices to give general notes and clarify possible problems when building such a system, and to investigate if the ABB PRP implementation is accordant with the standard IEC 62439-3. The objective of this thesis was to bring information and early experience about the two high-availability redundancy protocols, as they will be gradually introduced in the projects of the target company. The test confirmed that the current PRP version is ready to be used with the few ABB substation automation products that support it at the moment. However, a new version of PRP has been introduced and it will gradually replace the present version, bringing compatibility with HSR networks. HSR is not yet found on the market, but is expected to come to use in the very near future.fi=Opinnäytetyö kokotekstinä PDF-muodossa.|en=Thesis fulltext in PDF format.|sv=Lärdomsprov tillgängligt som fulltext i PDF-format

Empirical Use of Network Time Protocol in Internet of Things Devices: Vulnerabilities and Security Measures

RÉSUMÉ : Network Time Protocol (NTP) est un protocole responsable de la synchronisation du temps dans les environnements de réseautique. Il est utilisé depuis plus de trente ans afin d’aider les appareils connectés à acquérir l’heure correcte depuis le réseau. Ce protocole sert entre autre à garantir les informations d’horodatage et la cryptographie des fichiers journaux. Il a également fait l’objet de nombreuses études visant à rendre ce pilier des réseaux et télécommunications plus sûr et plus robuste. Ceci dit, la synchronisation du temps est l’un des composants essentiels au bon fonctionnement des réseaux d’objets connectés (IoT) aussi. Il est primordial pour la planification des tâches, la tenue des journaux, la surveillance des différents comportements et la mise à jour du temps lors de l’utilisation de protocoles de chiffrement ou de mise en file d’attente dans ces réseaux. L’importance de ces facteurs clés peut être ressentie lorsqu’ils sont rendu non valides à cause de la composante temps, par exemple si l’heure est décalée ou est incorrecte lors de l’utilisation de dispositifs précis dépendant du temps. Cela entraîne un retard ou une négligence totale de la tâche, ce qui peut être dangereux si ces appareils sont utilisés dans une chaîne d’action au service de la vie humaine (soins de santé ou circulation de véhicules).----------ABSTRACT : Network Time Protocol (NTP) is a protocol responsible for time synchronization in networking environments. It has been used for over three decades in order to help connected devices acquire the correct time over the network.It is implemented to ensure log file time stamp information and cryptography. It has also been the topic of many studies aiming at making this pillar of networking and telecommunications more secure and robust. Time synchronization is one of the essential ingredients needed for Internet of Things (IoT) networks to function correctly. It is important for scheduling tasks, keeping logs, monitoring different behaviors and for keeping the time concept up to date when using encryption or queuing protocols in these networks. These key factors can be noticed when they are tampered with such as if the time is incorrectly shifted during the use of accurate time dependent devices. This leads to the task being delayed or overlooked completely which can be dangerous if these devices are used in life-dependent chains of action (healthcare or traffic for example)

Ethernet-based timing system for accelerator facilities: The IFMIF-DONES case

This article presents the design of a timing system for accelerator facilities, which relies on a general networking approach based on standard Ethernet protocols that keeps all the devices synchronized to a common time reference. The case of the IFMIF-DONES infrastructure is studied in detail, providing a framework for the implementation of the timing system. The network time protocol (NTP) with software timestamping and the precision time protocol (PTP) with hardware timestamping are used to synchronize devices with sub-millisecond and sub-microsecond accuracy requirements, respectively. The design also considers the utilization of IEEE 1588 high accuracy default PTP profile (PTP-HA) to provide sub-nanosecond accuracy for the most demanding components. Three different solutions for the design of the timing system are discussed in detail. The first solution considers the deployment of one time-dedicated network for each synchronization protocol, while the second one proposes the integration of the synchronization data of NTP and PTP into the networks of the facility. The third solution relies on the single distribution of PTP-HA to all the systems. The final design aims to be fully based on standard technologies and to be cost-efficient, seeking for interoperability and scalability, and minimizing the impact on other systems in the facility. An experimental setup has been implemented to evaluate and discuss the suitability of the solutions for the timing system by studying the synchronization accuracy obtained with NTP, PTP and PTP-HA under different network conditions. It includes a timing evaluation platform that tries to resemble the network architecture foreseen in the facility. The measured results revealed that PTP is the most limiting protocol for the second solution. Using the default PTP configuration, it tolerates less than 20% of maximum bandwidth utilization for symmetric bidirectional flows, and around 30% in the case of unidirectional flows (server to client or client to server), with the current setup and using switches without enabled timing support. This case study provides a better understanding of the trade-off between bandwidth utilization, synchronization accuracy and cost in these kinds of facilities

Arquitecturas system-on-chip para cyber physical system gateway en smart grid

178 p.La forma en que funciona la red eléctrica no ha cambiado mucho desde su creación en la década de 1930, los métodos y medios de transmisión de los datos siguen siendo similares. Aunque la infraestructura general permanece inalterada, algunas tecnologías han cambiado desde entonces, y el ritmo de cambio ha aumentado significativamente en la última década. Por ejemplo, la introducción de las Tecnologías de la Información y las Comunicaciones (TICs) en la operación de las redes eléctricas ha dado como resultado una red compleja denominada Smart Grid. En términos generales, el sistema eléctrico actual consiste en una compleja red en la que están interconectadas las centrales eléctricas, la infraestructura de transporte de electricidad, la infraestructura de distribución, y la carga.Desde un punto de vista tecnológico, la Smart Grid puede ser vista como una superposición de una red de comunicación sobre la red eléctrica. La red de comunicaciones de la Smart Grid es un tipo de red capaz de proporcionar servicios avanzados, como el envío de datos de sensores en tiempo real, la redundancia y la ciber-seguridad. Se implementa utilizando una variedad de tecnologías de redes y medios de comunicación, incluyendo el mismo cableado eléctrico, redes inalámbricas y otras infraestructuras de comunicaciones existente, como las redes Ethernet basadas en cables de cobre o fibra óptica. Existen ventajas y desventajas asociadas a cada opción y es probable que los tres enfoques puedan utilizarse para las comunicaciones en la Smart Grid. Como resultado, las redes mencionadas se integran finalmente en el sistema, lo que obliga a que los equipos utilizados para gestionar las comunicaciones sean completamente heterogéneos. Por ello, desde una perspectiva global que favorezca la interoperabilidad, es imprescindible disponer de dispositivos de comunicaciones que combinen requisitos de procesamiento en tiempo real, sincronización avanzada, alta disponibilidad en las comunicaciones, reconfigurabilidad y ciber-seguridad. Estos dispositivos se conocen comúnmente como Cyber Physical System (CPS).A modo de resumen, un CPS típico se compone de varios dispositivos conectados a través de redes cableadas e inalámbricas. Estos dispositivos abarcan desde plataformas embebidas, sistemas en tiempo real, sensores y actuadores, hasta dispositivos en red. Por lo tanto, los CPS se benefician de los continuos desarrollos de nuevas plataformas de computación y sensórica de bajo coste, las comunicaciones inalámbricas, las redes de comunicación de gran ancho de banda y sistemas que permiten realizar una gestión más eficiente de la energía de los dispositivos.La propuesta de investigación presentada en esta tesis busca realizar contribuciones en el campo de los sistemas embebidos, planteando una arquitectura común de nodos que sirva como referencia de arquitectura CPS para la Smart Grid. Esta arquitectura deberá dar solución a la integración directa de los nodos en la red, permitiendo a su vez procesamiento en tiempo real, necesario en ciertas secciones y operaciones de la Smart Grid.En primer lugar, se presentará una visión general de la red eléctrica actual (Smart Grid). En particular, se describirá los elementos fundamentales de una subestación, y se presentará los estándares de comunicación utilizados para garantizar y satisfacer los requisitos de interoperatividad que deben cumplir las redes de transmisión y distribución modernas. A continuación, se describirán los requisitos y las características de funcionamiento que debe cumplir un dispositivo CPS Gateway para poder ser utilizado en la red eléctrica inteligente. Por otra parte, se definirá un CPS y se describirán sus partes, características y campos de aplicación. A continuación, se realizará un estudio detallado de varias arquitecturas existentes que representan ventajas significativas para su utilización en la Smart Grid. En segundo lugar, se propondrán arquitecturas CPS Gateway sobre plataformas reconfigurables System-on-Chip que garantice procesamiento en tiempo real, necesario en ciertas secciones y operaciones de la Smart Grid. También, deberá incorporar mecanismos avanzados de sincronización, comunicaciones de alta disponibilidad mediante comunicaciones redundantes, compatibilidad con la infraestructura de automatización de subestaciones actualmente en fase de despliegue (IEC 61850) y ciber-seguridad para las tramas SV y GOOSE.Para finalizar, el dispositivo Zynq de Xilinx será utilizado como plataforma de validación de las arquitecturas propuestas. La última parte de la tesis, describirá el hardware utilizado para realizar los experimentos. A continuación, se describirán los experimentos realizados para validar las arquitecturas. En este sentido, se implementarán tres arquitecturas para verificar el funcionamiento del CPS Gateway. La primera arquitectura, tendrá como finalidad validar los requisitos de sincronización, interoperabilidad y alta disponibilidad. En la segunda arquitectura se implementará un protocolo y un módulo de comunicaciones que permita la configuración remota del CPS Gateway. Finalmente en la tercera arquitectura se propondrá el uso de cifrado simétrico como mecanismo de ciber-seguridad para las tramas SV y GOOSE

Spoofed Networks: Exploitation of GNSS Security Vulnerability in 4G and 5G Mobile Networks

Includes supplementary materialFifth Generation New Radio (5G NR) represents a shift in mobile telephony whereby the network architecture runs containerized software on commodity hardware. In preparation for this transition, numerous 4G Long Term Evolution software stacks have been developed to test the containerization of core network functions and the interfaces with radio access network protocols. In this thesis, one such stack, developed by the OpenAirInterface Software Alliance, was used to create a low-cost, simplified mobile network compatible with the Naval Operational Architecture. Commercial off-the-shelf user equipment was then connected to the network to demonstrate how a buffer overflow vulnerability found in Qualcomm Global Navigation Satellite System chipsets and identified as CVE-2019-2254 can be leveraged to enable a spoofed network attack. The research also yielded an extension of the attack method to 5G NR networks.http://archive.org/details/aplaceholderreco1094567451Lieutenant, United States NavyApproved for public release. Distribution is unlimited

IEC 61850 -standardin soveltaminen sulautetulla Linux-järjestelmällä

IEC 61850 -standardi määrittelee nykypäivän tietoliikenneyhteyskäytännön, jota sovelletaan monesssa ympäristössä sähkötekniikan alueella. Standardin viimeisimmät versiot kattavat myös hajautetut energialähteet, kuten aurinko- ja tuulivoimajärjestelmät. Tämän diplomityön tarkoituksena on perehtyä IEC 61850 -standardiin ja koota sen sisällöstä kattava tietopaketti sisältäen muun muassa esimerkin standardin soveltamisesta tietoliikenteen toteuttamiseen sulautetulla Linux-järjestelmällä. Tänä päivänä sulautetut pienikokoiset Linux-tietokoneet ovat yhä halvempia ja useamman saatavilla, joka osaltaan mahdollistaa esimerkiksi IEC 61850 -standardin helpomman toteuttamisen yhä useammassa kohteessa. Työn sovelluksessa yhdistyy sekä avoin Linux-käyttöjärjestelmä että avoin IEC 61850 -tietoliikennestandardi, joita hyödyntävä sovellus ajetaan sulautetun laitteen ARM-prosessorilla. Olennaisena osana diplomityössä tarkastellaan standardin tietoliikenneprotokollia, niiden mallinnusta, kuvauksia ja protokollatoteutuksen sovellusta sulautetulle Linux-järjestelmälle. Diplomityön tarkoituksena on kerätä kaikki tarpeellinen tieto käyttökelpoisen IEC 61850 -yhteensopivan järjestelmän toteuttamiseksi. Toteutuksen avulla voitaisiin tarkastella IEC 61850 -väyliin kytkettävien laitteiden kuten suojareleiden tietoliikennettä, välittää ohjauksia ja lukea arvoja esimerkiksi MMS-protokollan avulla joiltakin väylän laitteilta. Kehitetyn toteutuksen pohjalta olisi mahdollista suunnitella kaupallinen sovellus IEC 61850 -standardille. Työn tulokset osoittavat, että edullisilla pienikokoisilla sulautetuilla Linux-järjestelmillä voi tehdä IEC 61850 -yhteensopivia tietoliikennetoteutuksia, jopa kotioloissa. Tämä osoittaa, että standardilla on edelleen hyvät edellytykset laajentua keskeiseksi kaikenlaisten energiajärjestelmien tietoliikennestandardiksi. Standardin perustana onkin saada eri valmistajien ja tahojen laitteet kommunikoimaan keskenään, joka mahdollistaa muun muassa käytännöllisemmän älykkäiden sähköverkkojen toteuttamisen lähempänä pienkuluttajia ja mahdollisesti edullisemmilla kustannuksilla kuin ennen.fi=Opinnäytetyö kokotekstinä PDF-muodossa.|en=Thesis fulltext in PDF format.|sv=Lärdomsprov tillgängligt som fulltext i PDF-format

Network and System Management using IEC 62351-7 in IEC 61850 Substations: Design and Implementation

Substations are a prime target for threat agents aiming to disrupt the power grid’s operation. With the advent of the smart grid, the power infrastructure is increasingly being coupled with an Information and Communication Technologies (ICT) infrastructure needed to manage it, exposing it to potential cyberattacks. In order to secure the smart grid, the IEC 62351 specifies how to provide cybersecurity to such an environment. Among its specifications, IEC 62351-7 states to use Network and System Management (NSM) to monitor and manage the operation of power systems. In this research, we aim to design, implement, and study NSM in a digital substation as per the specifications of IEC 62351-7. The substation is one that conforms to the IEC 61850 standard, which defines how to design a substation leveraging ICT. Our contributions are as follows. We contribute to the design and implementation of NSM in a smart grid security co-simulation testbed. We design a methodology to elaborate cyberattacks targeting IEC 61850 substations specifically. We elaborate detection algorithms that leverage the NSM Data Objects (NSM DOs) of IEC 62351- 7 to detect the attacks designed using our method. We validate these experimentally using our testbed. From this work, we can provide an initial assessment of NSM within the context of digital substations

Cyber-Security Solutions for Ensuring Smart Grid Distribution Automation Functions

The future generation of the electrical network is known as the smart grid. The distribution domain of the smart grid intelligently supplies electricity to the end-users with the aid of the decentralized Distribution Automation (DA) in which intelligent control functions are distributed and accomplished via real-time communication between the DA components. Internet-based communication via the open protocols is the latest trend for decentralized DA communication. Internet communication has many benefits, but it exposes the critical infrastructure’s data to cyber-security threats. Security attacks may not only make DA services unreachable but may also result in undesirable physical consequences and serious damage to the distribution network environment. Therefore, it is compulsory to protect DA communication against such attacks. There is no single model for securing DA communication. In fact, the security level depends on several factors such as application requirements, communication media, and, of course, the cost.There are several smart grid security frameworks and standards, which are under development by different organizations. However, smart grid cyber-security field has not yet reached full maturity and, it is still in the early phase of its progress. Security protocols in IT and computer networks can be utilized to secure DA communication because industrial ICT standards have been designed in accordance with Open Systems Interconnection model. Furthermore, state-of-the-art DA concepts such as Active distribution network tend to integrate processing data into IT systems.This dissertation addresses cyber-security issues in the following DA functions: substation automation, feeder automation, Logic Selectivity, customer automation and Smart Metering. Real-time simulation of the distribution network along with actual automation and data networking devices are used to create hardware-in-the-loop simulation, and experiment the mentioned DA functions with the Internet communication. This communication is secured by proposing the following cyber-security solutions.This dissertation proposes security solutions for substation automation by developing IEC61850-TLS proxy and adding OPen Connectivity Unified Architecture (OPC UA) Wrapper to Station Gateway. Secured messages by Transport Layer Security (TLS) and OPC UA security are created for protecting substation local and remote communications. Data availability is main concern that is solved by designing redundant networks.The dissertation also proposes cyber-security solutions for feeder automation and Logic Selectivity. In feeder automation, Centralized Protection System (CPS) is proposed as the place for making Decentralized feeder automation decisions. In addition, applying IP security (IPsec) in Tunnel mode is proposed to establish a secure communication path for feeder automation messages. In Logic Selectivity, Generic Object Oriented Substation Events (GOOSE) are exchanged between the substations. First, Logic Selectivity functional characteristics are analyzed. Then, Layer 2 Tunneling over IPsec in Transport mode is proposed to create a secure communication path for exchanging GOOSE over the Internet. Next, communication impact on Logic Selectivity performance is investigated by measuring the jitter and latency in the GOOSE communication. Lastly, reliability improvement by Logic Selectivity is evaluated by calculating reliability indices.Customer automation is the additional extension to the smart grid DA. This dissertation proposes an integration solution for the heterogeneous communication parties (TCP/IP and Controller Area Network) in Home Area Network. The developed solution applies Secure Socket Layer in order to create secured messages.The dissertation also proposes Secondary Substation Automation Unit (SSAU) for realtime communication of low voltage data to metering database. Point-to-Point Tunneling Protocol is proposed to create a secure communication path for Smart Metering data.The security analysis shows that the proposed security solutions provide the security requirements (Confidentiality, Integrity and Availability) for DA communication. Thus, communication is protected against security attacks and DA functions are ensured. In addition, CPS and SSAU are proposed to distribute intelligence over the substations level