entelec spring 2013 slide 1 leaving legacy, moving to next generation communications presented by:...
TRANSCRIPT
Entelec Spring 2013 Slide1
Leaving Legacy, Moving to Next Generation Communications
Presented by:Motty AnaviVP Business Development
Entelec ConferenceSpring 2013
Entelec Spring 2013 Slide2
Agenda
• Utility Network Migration Process• Factors and Influencers on Migration• Migration Options
– Process– Technology– Looking at the New Technology– Reliability– Services
• Still Outstanding• Summary
Entelec Spring 2013 Slide3
The Legacy Utility Network
• Only TDM based • Strict and well known and tested protocols• Cyber Security in not a major concern• Delay is not an issue• Ubiquitously supported by carriers and service providers
ADM
ADM
Tele-ProtectionC37.94
RTURS-232
Sub-Station
T1/E1PBXMultiplexerT1/E1
ADM
RTURS-232
Sub-Station
4WPhone
Control Console
Power Line
Control Center
Multiplexer
Server
NMS
PBX
Entelec Spring 2013 Slide4
Migrating to Packet Networks
• Obsolescence of equipment• Lack of support for 4W service• Improving and streamlining of Telecom network• New standards for Sub Station Services
– IEC61850– M2M communications
• New challenges with Packet Networks– Cyber Security– New Characteristics of transport (More Delay, Compatibility)
Entelec Spring 2013 Slide5
The Evolving Telecom Network
ADM
ADM
Tele-ProtectionC37.94
RTURS-232
Sub-Station
T1/E1PBXMultiplexerT1/E1
ADM
Tele-ProtectionC37.94
RTURS-232
Sub-Station
T1/E1PBXMultiplexer
Switch
Control Console
Power Line
Control Center
PBX
Server
NMS
RTURS-232
PMU/ Small SS
RF-3080
Multiplexer
Packet Network
Entelec Spring 2013 Slide6
Challenges: Next Generation Migration Uncertainty
Challenges in switching to All Packet• Not all critical application capable of migration• Maintain smooth operation of current networks, despite
discontinued vendor products• Avoid over-burdening network operations and
management due to TDM/PSN transport co-existence• Reconcile required investment in SDH/SONET equipment
with decommissioning plans• Avoid CapEx hikes related to increase in number of
network devices:– Continue using legacy installed-base while introducing
IP/Ethernet devices– Ensure service quality for mission critical apps (e.g.,
Teleprotection)
Entelec Spring 2013 Slide7
Challenges: Next Generation Migration Technology Aspect
Smart Communications over Packet• Service assurance for mission critical apps in PSN
environment:– Low end-to-end delay – High Availability– SDH/SONET-level Resiliency
• Differentiated quality of service for SCADA, video surveillance, voice, Teleprotection, radio and data traffic
• Remote operations, administration and maintenance (OAM) for fault management and lower OpEx
• Efficient connectivity for IEC 61850 intelligent electronic devices (IEDs)
Entelec Spring 2013 Slide8
The Migrated Telecom Network
Tele-ProtectionC37.94
RTURS-232
Sub-Station
T1/E1PBX
ADM
Tele-ProtectionC37.94
RTURS-232
Sub-Station
T1/E1PBXNext Gen MS
Control Console
Power Line
Control Center
PBX
Server
NMS
PS Network
Next Gen MS
Firewall
Firewall
RTURS-232
PMU/ Small SS
Firewall
MS Gateway
Entelec Spring 2013 Slide9
The Challenges
• Selecting the “winning” packet network• Not all applications can be transported over packet
– Application issues– Security concerns
• Upgrading ancillary equipment to be “Packet Compatible”– Or making adjustment to the network
• Training or retraining of workforce• Massive capital expense with a complete upgrade• Complexity of maintaining two or more networks• Buying more equipment with a short usability timeframe
Entelec Spring 2013 Slide10
Addressing the Challenges: The Options
•High operating costs
•Low scalability•Not flexible
Keep my legacy forever!•Utilize existing assets•Deterministic performance
•No learning curve
•High equipment costs•Non-deterministic•Steep learning curve
Move everything to packet!•Flexible & scalable•Low OpEx•Future support
•Asset lifespan•Gradual migration•Guaranteed performance
•Moderate learning curve
•Future ready design
Evolution instead of Revolution…
Entelec Spring 2013 Slide11
The Core Replacement Choices
• IP/MPLS– Added deterministic paths to IP– Used as a core Technology– No Built-in Security Mechanism– Still untried as access technology
• CoE (aka Carrier Ethernet)– Mature Technology– Enhanced and updated– Established Security Protocol support– Connection Oriented Ethernet
Entelec Spring 2013 Slide12
IP/MPLS Highlights
• Mature Technology• Widely used• Deterministic routing• No Built-in Security• All paths for packets setup on connection establishment• Well established resiliency mechanisms• No built-in security (very susceptible for cyber attacks)• Different in architecture than existing SONET/TDM• Fairly unaffordable
Entelec Spring 2013 Slide13
CoEthernet Highlights
• Mature Technology• Newly enhanced Connection Oriented Ethernet technology• Built in Security including Source authentication• Similar to SONET/SDH in terms of architecture and
Terminology• CoE developed mechanisms for:
– Deterministic network performance– Detection of Network failure– Measurement of network performance– Very fast restoration of service (Sub 10ms)
• Very affordable
Entelec Spring 2013 Slide14
An IP/MPLS Based Network
• Architecture is very different than SONET/SDH (Similar to IP)– New set of addressable values– Each device now requires new management connection
• Training is a challenge• Susceptible to cyber attacks with no source authentication• Network performance is predictable• In network delay is manageable and could be designed to
be low• Extremely high equipment costs• Built in fast resiliency
Entelec Spring 2013 Slide15
A CoE Based Network
• Architecture similar SONET/SDH– Connection based virtual circuits– Similar OAM terms (AIS/RDI etc….)
• Training simple• More resilient to cyber attacks with source authentication• Network performance guaranteed by CoE OAM
measurements• In network delay can be designed to be low• Relatively low equipment cost – regardless of network size
or number of nodes• Built in fast resiliency
Entelec Spring 2013 Slide16
Comparing The Technologies
• Connection Setup– SONET : Hard coded paths mapped through ADMs– CoE: Hard coded EVCs mapped through Switches with pre-
determined priorities– MPLS: Dynamic path setup based on IP addressing and
exchanging routing tables• Vulnerability of connections
– SONET: All connections are initiated by NMS– COE: All connections are initiated by NMS– MPLS: Connections made dynamically and are vulnerable to
errored/malicious routing information
Entelec Spring 2013 Slide17
Comparing The Technologies
• Troubleshooting– SONET : Comprehensive troubleshooting built in with OAM
bits propagating faults– CoE: Comprehensive troubleshooting built in with OAM
packets propagating faults– MPLS: No built-in OAM mechanism for localizing faults relies
on other overlays to initiate backup paths• Resiliency
– SONET: Ring resiliency to a predetermined path– COE: Ring and path resiliency to a pre-determined path
within 10ms– MPLS: Ring or Mesh resiliency depending on topology
Entelec Spring 2013 Slide18
Comparing Security
• Source Authentication:– MPLS – No source authentication, once entering an CE/PE –
local id is erased.– Ethernet – Universal address is maintained (MAC address),
Standard for source authentication 802.1X• Snooping / Scouting:
– MPLS – LSPs used as transparent pipes from one location to another.
– Ethernet - Individual frames screened at global level (MAC) for validity
• Control Plane:– MPLS - BGP and other routing protocols very susceptible for
attacks that can crash entire network– Ethernet - Control plane isolated and access controlled by
corporate access control
Entelec Spring 2013 Slide19
The Future: IEC 61850
• Standard design for Sub Station Communications• Establishes standard:
– Architecture (Process/Station Bus)– Protocols and formats (e.g. Goose)– Open interconnection points– Equipment requirements– Common communications: Ethernet
Entelec Spring 2013 Slide20
Comparing the Contenders
• CoE has the advantage over the other packet technologies when it comes to similarity to SONET/SDH which make this technology the technological and business winner
IP/MPLS CoE SONET
Simplicity Training
Resiliency Cost
Security Longevity
Entelec Spring 2013 Slide21
Ethernet OAM
Entelec Spring 2013 Slide22
Drivers for Ethernet OAM
• OAM benchmarks– Set by TDM and existing WAN technologies
• Operational Efficiency– Reduce OPEX, avoid truck-rolls– Downtime cost
• Management Complexity– Large Span Networks– Multiple constituent networks belong to disparate
organizations/companies
Entelec Spring 2013 Slide23
Fault ManagementFault DetectionFault Verification Fault IsolationFault RecoveryFault Notification
Configuration ManagementPerformance Management
Frame Loss Measurement Delay Measurement Delay Variation Measurement Availability Measurement
EthernetOAM
Ethernet OAM Capabilities
Entelec Spring 2013 Slide24
Ethernet OAM
• IEEE 802.1ag– Connectivity Fault Management (CFM)– Also referred as Service OAM
• IEEE 802.3ah (clause 57)– Ethernet Link OAM– Also referred as 802.3 OAM, Link OAM or Ethernet in the First
Mile (EFM) OAM• ITU-T Y.1731
– OAM functions and mechanisms for Ethernet-based networks
Entelec Spring 2013 Slide25
Standards: Ethernet OAM
A summary of available Ethernet OAM mechanisms
End-End/Last Segment
Performance Monitoring Type Fault Propagation ETX Implementation
IEEE 802.3-2005 (formerly 802.3ah) Single Segment No Link No Standard
IEEE 802.1ag End-to-End No Connectivity No Standard
ITU-T Y.1731 End-to-End Yes Service Yes Standard
Entelec Spring 2013 Slide26
Ethernet SLA Tools ExampleConnectivity Verification
•IEEE 802.3ah heartbeat•IEEE 802.1ag CC•IEEE 802.1ag LB, MAC Ping
Fault Detection & Isolation•IEEE 802.1ag LT, MAC Trace-route•IEEE 802.1ag LB, MAC Ping•L3 Ping and Trace-route
Fault Propagation•Subscriber port shutdown•ITU-T Y.1731 RDI•IEEE 802.3ah Dying Gasp, SNMP Trap
Diagnostic Loopbacks• L1 loopback• IEEE 802.3ah loopback• L2/L3 loopback, MAC Swap, per EVC/VLAN/Src. Add.
Performance Management •ITU-T Y.1731/RFC2544: Packet Loss, PD, PDV, •Per EVC.cos Statistics
Entelec Spring 2013 Slide27
Pseudowires
Entelec Spring 2013 Slide28
What is Pseudowire (PW)?
• Pseudo = Simulated, Seemingly• Emulation of a native service over a Packet Switched
Network (PSN). • The native services can be ATM, TDM, Frame Relay or ETH,
while the PSN can be ETH, IP or MPLS.• Supports voice, data and video• Provides a transparent tunnel through the PSN• Provides clock distribution and synchronization over PSN
Entelec Spring 2013 Slide29
What is Pseudowire (PW)?
SCADA
Analog
TDM
PW-GW PW-GW
PSN NetworkSCADA
Analog
TDM
Entelec Spring 2013 Slide30
Timing
Entelec Spring 2013 Slide31
IEEE 1588
Defines a Precision Time Protocol (PTP) designed to synchronize real-time clocks in a hierarchical distributed system
Intended for LAN using multicast communications
Targeted accuracy of microseconds or sub-microsecond (v1)
v1 approved in September 2002 and published November 2002
v2 approved in June 2007
IEEE-1588 is a standard for a Precision Clock Synchronization Protocol for Networked Measurement and Control Systems
Entelec Spring 2013 Slide32
What is IEEE1588v2?
• IEEE1588v2 is designed to distribute frequency and time to a higher accuracy and precision, to the scale of nanoseconds and fractional nanoseconds.
• The protocol operates over packet switched networks. The standard is currently defined to run over IEEE 802.3, UDP/IPv4, UDP/IPv6, DeviceNet, ControlNet and PROFINET.
• Designed to operate automatically to establish master slave hierarchy for time distribution. (not for Telecomm industry)
• Introduces “Transparent Clocks” to overcome the network’s delay variation.
• C37.238 Power Profile based on IEEE-1588v2 required for Syncrophasor accuracy
Entelec Spring 2013 Slide33
Protection Over Ethernet - G.8031
Entelec Spring 2013 Slide34
G.8031 Protection
• Protection as per ITU-T G.8031
– 1:1 Mode
– Unidirectional Only
– Using APS messages
• Triggers
– Port Signal loss
– CCM LOC , ETH-AIS
• Protection time
– 10ms protection for one pair of EVC
– As low as 40ms protection 4 pairs of EVCs
• Topologies
– EVC protection with one fiber (both EVC’s running on the same Fiber)
– EVC protection with 2 fiber each path on different fiber (dual link)
– EVC protection with dual fiber working with MC-LACP to dual PE
– EVC protection with Dual NTU (Future development)
Entelec Spring 2013 Slide35
G.8031 Applications – End to End path protection• Redundancy on S-Tags in the network• APS is running over one standby EVC only• Revertive and Non revertive modes• End to end service shell be maintained
– TLS , Accesses to L3 VPN • CCM or ETH-AIS is used to trigger protection event
Slide 35
Metro /VPLS
L2PE
L2PE
L2PE
End to End path protectionOnline EVC Redundant EVC
NID CPE
Customer PremisesX
NID
Ethernet
Customer Premises
CPE
Entelec Spring 2013 Slide37
Teleprotection
• Deliver Teleprotection signals with mission-critical accuracy over dedicated fiber, TDM or IP• C37.94-compliant Teleprotection communication channels allow reliable transmission by minimizing data errors due to EM and RF interference, or ground potential rise (GPR)•Ultra-low end-to-end propagation delay supports immediate delivery of Transfer Trip commands from protective relay/contact transfer to remote-end substations•Maintain performance levels when migrating to packet networks with hard QoS, as well as robust latency and jitter protection
Entelec Spring 2013 Slide38
Teleprotection Requirements
• Very strict delay – 80ms total– 40ms for network
• Differential Teleprotection– Constant delay– During failover – Delay could change
• Packet solutions do not factor differential delays on redundancy
Entelec Spring 2013 Slide39
The Ideal Migration Strategy
• Select a new technology– Reliability– Longevity– Affordability
• Selectively migrate application– Check availability of solutions– Migrate only when application validate– Minimize cyber security threat
• Complete migration within timeframe
Entelec Spring 2013 Slide40
Migration Steps
AccessAccess Aggregation
Required Services
Infrastructure
Legacy to SDH/SONETSDH/SONET
Aggregation NetworkNMSVoIP
DataETH to PSNPSN
ETH to SDH/SONT
Legacy to PSN
Entelec Spring 2013 Slide41
Summary
• The energy industry is being forced to migrate to packet technologies
• Caution should be used when selecting a new technology• Established Standards such as IEC61850, C37.238 (IEEE-
1588v2) use Ethernet as their transport of choice• An evolutionary approach to migration can ease the pain• Some applications may not be suitable today for migration
to NGN• Migrating to NGN is unavoidable and should be designed
today to optimize available funds and reduce future issues
Entelec Spring 2013 Slide42
Questions ?
Entelec Spring 2013 Slide43
www.rad.com
Thank You For Your Attention
For More Information:Motty AnaviVP of Business [email protected](201) 378-0213