Duke Energy Emerging Technology Office

Standards for Autonomous and Secure Microgrids

Stuart Laval

3/18/2015 Copyright 2015 Duke Energy All rights reserved. page 3

 About Duke Energy
One of the Largest Electric Holding
Companies in the United States

Electric Utility operations in North and

South Carolina, Indiana, Ohio, Kentucky
and Florida serving 7.2 million customers

57,500 MW of regulated generation

Renewable generation of 1500 MW of

wind and 200 MW of solar located
throughout the United States

Copyright 2015 Duke Energy Corporation All rights reserved. page 4

 History of Duke Energy Smart Grid Developments
(~2007) Initially, we focused on the problem of
connecting to multiple devices to backhaul data.
Node-based solution (high volume) with multiple radios to
connect to MV sensors, AMI, DA, and others.

(~2012) But use cases evolved and new technologies

(battery storage, microgrids, etc.) drove need to get
access to data cheaper/better/faster at the edge of
the network.
Drove need for node platform hosting 1 or more standards-
based message busses and common semantic models.
Copyright 2015 Duke Energy Corporation All rights reserved.
 Duke Energy Test Areas: Integrated Grid Ecosystems Pilot (2012)
Sherrills Ford, Rankin,
McAlpine Substations

Solar PV
Substation

Energy Storage
Dist. Mgmt System
PMU (6)
Weather stations (7)

Line Sensors (200+)

Solar PV
6 McAlpine
Distribution

circuits

CES, HES Energy Storage

Circuit

Comm. Nodes (3,000)

Intelligent Switches
DERMS/DMS
AMI metering (14,000)
~60 homes served by

McAlpine circuits

Solar PV
Home Energy Manager
Customer
Premise

PEV
Charging Stations
Smart Appliances
Demand Response
In-home load monitoring

3/18/2015 Copyright 2015 Duke Energy All rights reserved. page 6

 Lessons Learned from 2012 Smart Grid Pilot

Key Observations: Key Observations:

1. Single-Purpose Functions 1. Multi-Purpose Functions
2. Proprietary & Siloed systems 2. Modular & Scalable HW&SW
3. Latent , Error-prone Data 3. End-to-End Situational Awareness
4. OT/IT/Telecom Disconnected 4. OT/IT/Telecom Convergence
5. No Field Interoperability! 5. True Field Interoperability!
Copyright 2015 Duke Energy Corporation. All rights reserved.
 Internet of Things Platform for the Utility
Open Field Message Bus
DEMAND

Technology Approach
Smart
Assets (OpenFMB) 1. Internet Protocol
2. Translation
Smart Meter 3. Contextualization
Open Standards 4. Security
Transformer Node
5. Analytics
Other Nodes
Internet
Radio
ELECTRIC GRID

Line
Sensor Connectivity
Distributed
Energy UTILITY
Resources
DATA CENTER
Distributed
Capacitor Bank
CPU Intelligence
Head
End A

Data Center Message Bus

Intelligent Switch

Street Light X
Network Head
Router End B
Smart Generation
IP
SUPPLY

Continuous
Emission
Monitoring
Network Head
Weather Sensor End N

3/18/2015 Copyright 2015 Duke Energy All rights reserved. page 8

 Internet of Things Platform for the Utility
Open Field Message Bus
DEMAND

Technology Approach
Smart
Assets (OpenFMB) 1. Internet Protocol
2. Translation
Smart Meter 3. Contextualization
Open Standards 4. Security
Transformer Node
5. Analytics
Other Nodes

Core OS Internet
ELECTRIC GRID

Line
Sensor Connectivity
Distributed
Energy UTILITY
Resources
DATA CENTER
Capacitor Bank Distributed
Virtual OS Intelligence
Head
End A

Data Center Message Bus

Intelligent Switch

Street Light X
Network Head
Router End B
Smart Generation
IP
SUPPLY

Continuous
Emission
Monitoring
Network Head
Weather Sensor End N

3/18/2015 Copyright 2015 Duke Energy All rights reserved. page 9

 Internet of Things Platform for the Utility
DEMAND

Smart
Assets

Smart Meter Legend

Open Standards
Required
Transformer Node
Optional
4G LTE, Wi-Fi, GPS
Other Nodes IP Router
Ethernet, Serial Capabilities
ELECTRIC GRID

Line
Sensor PLC, RF ISM, Bluetooth Optional
Distributed I/O, Metrology, Fiber Connectivity
Energy UTILITY
Resources
Processor(s) + Memory DATA CENTER
Linux-based OS
Capacitor Bank Open API Messaging Distributed Head
3rd Party Apps Computing End A

Data Center Message Bus

Intelligent Switch Security / Network Mgr

Street Light X
Network Head
Router End B
Smart Generation
IP
SUPPLY

Continuous
Emission
Monitoring
Network Head
Weather Sensor End N

3/18/2015 Copyright 2015 Duke Energy All rights reserved. page 10

 Flexible Hardware & Software Platform
Integrated in
End Device
(as Software)

Substation
Rackmount Server(s)

Retrofit
Inside
Cabinet
Pole Mounted
Enclosure

Padmount
Enclosure

Copyright 2015 Duke Energy All rights reserved. 11

 IoT Reference Architecture: Hybrid Multi-level Hierarchy
Firewall
End Points Lower Tier Middle Tier Higher Tier
Devices Nodes Nodes Central Office
(e.g. grid) (e.g. substation) (Utility Datacenter)
Local Area
AMI Network Wide Area
Head
Smart (LAN) IP Router Network MDM
end
Meters (WAN)
Virtual
Software SCADA

DMS

IP Router
Corporate
Virtual Private
Software Network

Tier 5
DIP Node

Field Area
Network
Legend
Protection (FAN)
& Control Local Area Core OS
Network IP Router Application OS
Distributed (LAN) Physical Transport
Energy Virtual
Resources Software Virtual Telemetry
Virtual Firewall

Copyright 2015 Duke Energy Corporation All rights reserved.

 Convergence of OT and IT
Analytics Use-Case App(s)

Subscribe

Publish
IT Messaging
DDS, MQTT, OPEN API

Subscribe

Subscribe

Subscribe
Subscribe
AMQP MESSAGE BUS
Publish

Publish
Publish

Publish
Security

Compression

Translation Head-End DNP Modbus Other

OT OT System
or Device

DMS Sandbox Pi FCI line Intelligent Cap Smart Battery/PV

Transformer Telco
Sensor Switch Bank Meter Inverters Router
Copyright 2015 Duke Energy All rights reserved.
 Enabling Distributed Energy Resources
with Intelligence at the Edge
Current State Centralized Decision-Making Future State Distributed Decision-Making
Solar PV Solar PV

Meter Rapid Swing in Sensor Meter Transformer Rapid Swing in Line Sensor
Transformer
Production Battery Production Battery
Storage Storage
Node
Pass-Thru Field Message Bus
Response
Decision

Cellular Network Cellular Network

Line Sensor
Head End
Response Line Sensor
Decision + Head End
Update Update
Model Model
Utility Office Utility Office

>1 Min < 0.25 sec

Copyright 2015 Duke Energy All rights reserved. 14

 Field Test: Community Energy Storage

Shifting & Smoothing

Node w/ Field Msg Bus

In-rush Smoothing

Copyright 2015 Duke Energy All rights reserved.

 Why use an Open Field Message Bus (OpenFMB)?

Pub-Sub Advantages vs. Polling

Standard Interfaces & Dictionary
Flexibility & Resiliency
Unlocks Modularity
Scalable Infrastructure
Organizational Efficiencies

Copyright 2015 Duke Energy All rights reserved. page 16

 Benefits of the OpenFMB Framework

Customer Benefits

Cost Savings

Risk Mitigation

Copyright 2015 Duke Energy All rights reserved.

 Strategies to Gain Adoption of OpenFMB
Developed and Published Duke Energy Reference Architecture
http://www.duke-energy.com/pdfs/DEDistributedIntelligencePlatformVol01.pdf

Standards strategy (2015)

SGIP
NAESB
UCAIug

Getting utilities on board (2014-today)

Getting vendors on board (2013-today)

Duke Energy Coalition of the Willing (part 1) Distributech 2014 demo
(6 vendors)
Duke Energy Coalition of the Willing (part 2) Distributech 2016 demo
(25+ vendors)
Copyright 2015 Duke Energy All rights reserved.
Duke Energy Test Microgrid Lab: Mount Holly, NC

PV Installations

Islanding Switch,
Transformer, and Battery

Behind the meter and low voltage power

electronic equipment
Grid Equipment

Copyright 2015 Duke Energy All rights reserved.

 Why is the OpenFMB Important for Duke Energy?

Provides accurate control and alleviates

intermittency of distributed energy resources
Provides the ability to scale independently, as
needed, without needing a system wide rollout
Takes cost out of the business by reducing
integration time and effort
Allows Duke to be at the forefront of developing
new regulations and policies

Copyright 2015 Duke Energy All rights reserved. page 20

 Thank You!

For more information contact:

Stuart Laval, Duke Energy

Stuart.Laval@duke-energy.com

Copyright 2015 Duke Energy All rights reserved. page 21

 Your systems. Working as one.

DDS: Connectivity Framework for

Autonomous and Secure Microgrids
David Barnett
March 19, 2015
DDS: Designed for Critical Control Systems
Real-time
Event-driven (push)
Low latency: sub-second, as low as s
Often require determinism

Always on
No unplanned downtime
No single point of failure or failover
Live upgrades

Autonomous
Deployed at edge, in field (OT)
No run-time administration
Self-healing

Extremely large scale

Up to millions of data and I/O points
Highly meshed
Millions or more updates/second

3/19/15 2015 RTI 23

DDS: Designed for Critical Control Systems
Real-time
Event-driven (push)
Low latency: sub-second, as low as s
Often require determinism

Always on
No unplanned downtime
No single point of failure or failover
Live upgrades Decentralized
Autonomous
Intelligence at the edge
Deployed at edge, in field (OT)
No run-time administration
Self-healing

Extremely large scale

Up to millions of data and I/O points
Highly meshed
Millions or more updates/second

3/19/15 2015 RTI 24

DDS Provides a Software Data Bus

Streaming
IT, Cloud & SoS
Analytics & HMI
Connectivity
Control

Data Distribution Service

Sensors Actuators

3/19/15 2015 RTI 25

 DDS is Decentralized, Brokerless
Components Communicate Peer-to-Peer

Embedded library for Adapter for existing

new and updated apps apps and devices

Non-DDS Non-DDS
App Device
E.g.: DNP3, 61850
DDS DDS App DDS Device Adapter Adapter
API DDS Routing DDS Routing
DDS Library DDS Library
Service Service
OS & Transport OS & Transport OS & Transport OS & Transport

Physical
Network DDS Interoperability Protocol

3/19/15 2015 RTI 26

DDS Uses
Native interface
Fast, scalable, resilient and secure integration bus
Uniform API to devices with disparate native interfaces

Non-DDS Non-DDS
App Device
E.g.: DNP3, 61850
DDS App DDS Device Adapter Adapter
DDS Routing DDS Routing
DDS Library DDS Library
Service Service
OS & Transport OS & Transport OS & Transport OS & Transport

Canonical Data Model

3/19/15 2015 RTI 27

Integrated Capabilities
Application or Adapter
DDS API

Request/Reply

Real-Time Quality of Service

Data-Centric Publish-Subscribe

Security
Real-Time Data
Discovery
Management

Type System - Evolvable

Reliable Messaging
DDS-RTPS Wire Protocol
Transport-Layer Protocol
Operating System

3/19/15 2015 RTI 28

Integrated Capabilities
Application or Adapter

Request/Reply

Real-Time Quality of Service

Provides reliability at
Data-Centric Publish-Subscribe messaging and app layers
No requirement for reliable

Security
Real-Time Data transport or IP
Discovery
Management Supports unicast and multicast
Typical:
Type System - Evolvable LAN: UDP ucast & mcast
WAN: TCP/TLS
Reliable Messaging Also supports shared memory,
radio, satellite
Transport-Layer Protocol(s) Supports multiple concurrent
transports
Operating System

3/19/15 2015 RTI 29

Integrated Capabilities
Application or Adapter
High-level API abstracts apps
Request/Reply from messaging details

Real-Time Quality of Service

Apps read() and write() data
Data-Centric Publish-Subscribe objects
Akin to using a database

Security
Real-Time Data Can poll for latest value or get
Discovery async notification of change
Management
Subscriptions based on
Type System - Evolvable content and time
DDS handles data distribution,
Reliable Messaging synchronization and filtering
Also flexible request/reply
Transport-Layer Protocol(s)
Operating System

3/19/15 2015 RTI 30

Integrated Capabilities
Application or Adapter

Request/Reply

Real-Time Quality of Service

Data-Centric Publish-Subscribe
DDS automatically discovers

Security
Real-Time Data and connects matching
Discovery publishers and subscribers
Management
Little or no configuration is
Type System - Evolvable required
Systems are self-forming and
Reliable Messaging self-healing

Transport-Layer Protocol(s)
Operating System

3/19/15 2015 RTI 31

Integrated Capabilities
Application or Adapter

Request/Reply

Real-Time Quality of Service

Data-Centric Publish-Subscribe Rich built-in type system
Automatically serializes and

Security
Real-Time Data deserializes data
Discovery Uses compact, binary wire
Management
representation
Type System - Evolvable Most type metadata only
exchanged at discovery time
Reliable Messaging Types can evolve without
breaking backward
compatibility
Transport-Layer Protocol(s)
Operating System

3/19/15 2015 RTI 32

Integrated Capabilities
Application or Adapter
Control over:
Request/Reply Timing

Real-Time Quality of Service

Latency/throughput
tradeoffs
Data-Centric Publish-Subscribe
Level of reliability, from

Security
best effort to durable
Real-Time Data
Discovery storage with app-ack
Management
Failover
Resource utilization
Type System - Evolvable
History cache, including
for late joiners
Reliable Messaging
Ordering
Missed deadline notifications
Transport-Layer Protocol(s)
Operating System

3/19/15 2015 RTI 33

DDS Security
Configured at the DDS layer
Transparent to apps and adapters App / Adapter

Runs over any transport Authentication

Including low bandwidth, unreliable Access Control
Multicast for scalability, low latency Secure DDS
Encryption
Does not require TCP, (D)TLS or IP library
Plugin architecture Data Tagging

Built-in defaults Logging

Customizable via standard API Any Transport
Completely decentralized (e.g., TCP, UDP, multicast,
shared memory, )
High performance and scalability
No single point of failure

3/19/15 2015 RTI 34

 Standard Capabilities
Authentication X.509 Public Key Infrastructure (PKI) with a pre-configured
shared Certificate Authority (CA)
Digital Signature Algorithm (DSA) with Diffie-Hellman and
RSA for authentication and key exchange
Access Control Specified via permissions file signed by shared CA
Control over ability to join systems, read or write data topics

Cryptography Protected key distribution

AES128 and AES256 for encryption
HMAC-SHA1 and HMAC-SHA256 for message authentication
and integrity
Data Tagging Tags specify security metadata, such as classification level
Can be used to determine access privileges (via plugin)
Logging Log security events to a file or distribute securely over
Connext DDS

3/19/15 2015 RTI 35

Control over Encryption

Scope
Discovery data
Metadata
Data
For each:
Encrypt
Sign
Optimizes performance by only encrypting
data that must be private
3/19/15 2015 RTI 36
Overcomes Limitations of
Transport Layer Security
No inherent access control
Usually implemented centrally
No multicast support
Inefficient for broad data distribution
Usually runs over TCP
Poor latency and jitter
Requires a network robust enough to support IP and TCP
All data treated as reliable
Even fast changing data that could be best effort
Always encrypts all data, metadata & protocol headers
Even if some data does not have to be private

3/19/15 2015 RTI 37

DDS Security Status

Specification adopted
March 2014
Considered Beta for
~1 year
RTI chairing Finalization
Task Force
Early Access Release
available now from RTI

3/19/15 2015 RTI 38

Managed by Object Management Group

~300 member organizations

Also manage UML, others
Standards are freely available
http://www.omg.org/spec/index.htm#
DDS
Open and formal process
Anyone can join, contribute and vote

3/19/15 2015 RTI 39

Broad Adoption and Support

Used by at least 2,000 projects

~14 implementations
9 have demonstrated interoperability

3/19/15 2015 RTI 40

DDS Summary
High performance and scalability
Decentralized architecture: no brokers as bottlenecks
Peer-to-peer communication over multicast for low latency
Wire and CPU efficient
Reliable and autonomous
No single point of failure
Support for redundant networks
Automatic failover between redundant publishers
Dynamic upgrades and data type evolution
Self-healing
Security without compromising operational requirements

3/19/15 2015 RTI 41

About RTI
Communications middleware market leader
Largest embedded middleware vendor
Over 70% commercial DDS market share
Standards leader
Active in 15 standards efforts
DDS authors
OMG Board of Directors
Industrial Internet Consortium
Maturity leader
800+ commercial designs
400+ research projects
*Embedded Market Forecasters
and Venture Development Corp (VDC)

3/19/15 2015 RTI 42

Next Steps Learn More

Contact RTI
Demo, Q&A
Download software
www.rti.com/downloads
Free trial with comprehensive
tutorial
RTI Shapes Demo
Watch videos & webinars, read whitepapers
www.rti.com/resources
www.youtube.com/realtimeinnovations

3/19/15 2015 RTI 43

 Audience Q & A

Stuart Laval,
Manager of Technology Development,
Duke Energy

David Barnett,
Vice President of Products and
Markets,
RTI
 Thanks for joining us

Event archive available at:

http://ecast.opensystemsmedia.com/

E-mail us at: jgilmore@opensystemsmedia.com