The three pillars of modernising communications

The necessity to migrate to modern communications infrastructures such as IP/MPLS is increasingly obvious - with expert insight, we assess the key considerations for utilities.
Published: Fri 14 Sep 2018

Meeting the communication needs of future grids has become mission critical for utilities.

In their efforts to modernise communications to meet evolving needs, however, significant roadblocks have led to difficulties when migrating traffic of legacy systems such as SCADA.

One network technology well-positioned to address this is IP/multi-protocol label switching (MPLS), a global standard-based technology which is backed by communications experts at Nokia.

IP/MPLS has been deployed by many utilities around the world, including Oncor Electric Delivery, which operates the sixth largest transmission and distribution systems in the US.

With a background in network engineering, Hansen Chan, Senior Marketing Manager at Nokia gave insight into the three key pillars to address when modernising communications, drawing from experience gained when working with utilities globally throughout their transition to IP/MPLS. These pillars are cybersecurity, efficiency and future-proofing networks.

Cybersecurity for communications networks

With cybersecurity increasingly becoming an area of concern for utilities due to a rise in Industrial Control Systems (ICS) under attack and political tension putting critical infrastructures at risk, it is crucial for utilities to consider cybersecurity as a fundamental requirement for any new communications infrastructures.

Chan explains that Nokia had extensive conversations with utilities to make sure all of the lines of defense possible within their network infrastructure were properly leveraged.

IP network is inherently vulnerable to cyberattacks due to its connectionless and open nature, therefore the move to more IP-based technologies can lead to significant concerns for utilities. Chan says: “One big concern as they move to new generation of ICS and SCADA systems, they’re moving from previously proprietary, closed communication protocol-based technology to a more open, standard IP-based one.”

Furthermore, Chan says: “All of the new ways of working - remote access anywhere, anytime, bring your own device - have also really expanded the attack surface.”

To combat these attack vectors and protect grid operation integrity, the first pillar for modernising communications should be ensuring a network infrastructure with built-in cybersecurity capabilities - a robust and strong line of defence.

A network should be part of the security solution, not security risk, Chan says, and having a network which can be that first line of defense is vital, and is a core functionality of IP/MPLS: “Intrinsically, IP/MPLS is secure in the sense that being a connection-oriented technology, it builds communication tunnels among network edge routers. Hence, it’s difficult for an attacker to inject traffic into these tunnels, versus an open IP network.”

Moreover, IP/MPLS can also provide network segmentation for cybersecurity. Each application gets its own IP/MPLS VPN. Chan says: “Say there’s an IT device that’s compromised, it'll be living in a different VPN than other industrial systems. This makes lateral movement by an attacker extremely difficult.”

Finally, Chan explains that advanced encryption mechanisms such as Network Group Encryption (NGE) can be employed in the MPLS layer to provide optimal security against attacks. He says: “An attacker cannot access any end point even if they manage to break in the tunnel and VPN, because they don’t know the encryption details, and they also can’t listen into communications to understand or map out your grid systems.”

Having a network which can holistically provide connectivity and security in conjunction is crucial as utilities migrate from legacy TDM-based systems to newer packet-based networks. Furthermore, some new grid applications are not IP-based, for instance generic object oriented substation event (GOOSE) messaging, therefore, prevalent security solutions such as IPSEC simply can't protect such communications.

Improving network efficiency

Moving forwards, another primary concern is to improve network efficiency. The prevalent network paradigm in the past is to build it as required by new projects. Chan says: "This model saddles utilities with a number of discrete, disjointed networks based on different network technologies. The cost to operate and maintain them has become significantly high".

Obviously, this paradigm cannot continue at a time when more grid monitoring and automation are on the cards. It becomes imperative to have a paradigm shift.

Chan says: "Migrating to a modern technology like IP/MPLS can usher in a new paradigm where the new network can converge all connectivity requirements into one network. IP/MPLS VPN service capabilities are so uniquely versatile that it can natively support TDM circuit emulation, layer two Ethernet and layer three IP to satisfy communications needs of all grid applications in a segregated manner. The circuit emulation is a particularly interesting one for utilities, as there are many legacy systems still in use today."

This service convergence functionality could prove to be pivotal to successful smart grid implementation.

Supporting future technology developments

Utilities should by now recognise that new, disruptive energy technology currently entering the grid is only the beginning. Future technology developments will continue to add pressure to the grid, shift consumer expectations and create unique and unprecedented challenges, but also new opportunities.

Chan says that this is important for the network development, and it should be a priority that the new network infrastructure can evolve with them into the future without having to build another network and do another round of transformation.

With this in mind, he says: “It’s really important to have a network solution that can evolve and unlock new network capabilities as necessary.”

For instance, renewables are already integrating into the grid at a rapid pace in the medium and low-voltage regions of the distribution grid, and this is only expected to increase alongside regulatory pressure to decarbonise.

This increase will demand new grid capabilities such as distribution automation, especially for the part of the electric grid that relies on wireless technologies in the last mile of the grid.

Chan says: “Technologies such as LTE are ideal to provide connectivity, but that requires a backhaul transport infrastructure to bring back the traffic from the distribution grid. The IP/MPLS networks are well suited to this not only because they can do backhaul, but also because IP/MPLS services can extend all the way over LTE in what is commonly called FAN, or field area network, to reach multitude of devices where there is no fibre. The routers support not only fibre-based interfaces, but have evolved to integrate wireless interfaces too.”

Renewables are but one of many disruptive grid technologies that will change how utilities view, monitor and operate their grids, but Chan says the key thing to bear in mind is that the new communication infrastructure should be capable of evolution as the grid becomes more dynamic, intelligent and responsive.

Join the webinar

Hansen Chan, alongside John Alberti, Senior Network Architect at Oncor Electric Delivery, will present key findings and technical insights in our upcoming webinar, “Modernising communications without compromising critical legacy systems”.