Addressing the Data Distribution Challenge in
              SCADA and Utilities Systems
priority, its availability, and its presentation.              integrate DDS implementations with databases.
• The DEADLINE QoS policy allows applications to
  define the maximum inter-arrival time for data.
  DDS can be configured...
The combination of these architectural features and
QoS ensure that DDS applications have full control
over the characteri...
Upcoming SlideShare
Loading in...5

Addressing the Data Distribution Challenge in SCADA and Utilities Systems


Published on

This paper describes how the Data Distribution Service for Real-Time Systems addresses the challenges of SCADA and Utilities Automation systems, such as power grid control, water and wastewater management, industrial automations, railway control systems, industrial automation, and high throughput telemetry systems.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Addressing the Data Distribution Challenge in SCADA and Utilities Systems

  1. 1. Addressing the Data Distribution Challenge in SCADA and Utilities Systems A. Corsaro, Ph.D. Chief Technology Officer PrismTech 4 rue Angiboust, 91460 Marcoussis - France {} SCADA and Utilities Automation systems, such as Systems [1, 2, 3] is a standard data-centric, topic- power grid control, water and wastewater based publish/subscribe middleware that has been management, industrial automations, railway control designed for addressing the data distribution systems, industrial automation, and leading edge challenges of those mission- and business-critical high throughput telemetry systems, must systems where the right answer delivered too late increasingly meet the need to (1) deal with more becomes the wrong answer. data in a timely and predictable manner, often over a widening geographical scale, (2) provide secure Over the past few years, DDS has extensively and communication, (3) provide filtering capabilities that successfully proven its ability to address the most help optimize data distribution and sense-making, challenging requirements of a wide class of real-time and (4) reduce time-to-market. Conventional and hard-real-time systems, ranging from highly infrastructure software technologies fall short in distributed real-time business- and mission-critical addressing most, if not all, of these requirements applications, such as air traffic control and due to their lack of flexibility and configurability, management, combat management systems, large limited support for dealing with large volumes of scale SCADA, and financial services; to multi- data, lack of security, data filtering, and limited processor and multi-board systems, such as, radar expressiveness and productivity. processing, medical imaging, and tactical network equipment. The steadily growing adoption of mainstream COTS (Consumer-Off-The-Shelf) technologies for the communication layer, such as, Ethernet, and Industrial Ethernet, and the computation layer, such as, PPC- or x86-microprocessors, is enabling the use of software technologies that provide extended functionalities along with improved productivity. The Data Distribution Service (DDS) for Real-Time Systems [1,2,3], a standard-based publish/subscribe middleware defined by the OMG, is a COTS technology that is experiencing a constantly growing adoption in SCADA and Utility applications. This Figure 1 –The Data Distribution Service success is mainly due to its ability to address the challenges outlined above by providing (1) a very powerful data distribution and event processing model, (2) extremely high performance, (3) hard- real-time determinism, and (4) a rich set of non- As shown in Figure 1, DDS is a publish-subscribe functional properties fully tunable by means of technology based around the simple yet very Quality of Service (QoS) policies, used to control powerful concept of a fully distributed global data properties, such as, deadline, data prioritization, space in which publishers and subscribers data availability, as well as resource (network, CPU, asynchronously produce and consume data. The and memory) usage and reservation. In addition, global data space can be further divided into leading implementations of this standard [4] also partitions in order to segregate information as well provide information assurance thus securing data as traffic flows. When compared with other publish/ communication, enforcing access control, and subscribe technologies, DDS crisply stands out information flows. because of (1) its powerful support for data modeling, event filtering and processing, and (2) its The Data Distribution Service for Real-Time support for a very rich set of QoS which allow to Systems configure the most important properties of data distribution, such as its temporal properties, its The Data Distribution Service (DDS) for Real-Time Page 1/4
  2. 2. priority, its availability, and its presentation. integrate DDS implementations with databases. Moreover, the combination of data filtering—by Data  Modeling.   means of content-based subscriptions—and event processing—by means of filter-objects—allows the DDS perfectly blends and extends the most useful execution of arbitrary complex event filtering and features found in real-time messaging middleware correlation in the middleware, thus providing the and relational databases. From real-time messaging application with only the events it is really interested middleware, DDS draws the efficiency in distributing in. data, the low-latency, the real-time determinism, and the throughput. From relational databases, it draws The DDS Data Modeling features enable scalable the ability to define relational data models and modular application designs that effectively separate operate on them via SQL92 expressions to specify the data acquisition processing and communication content-based subscriptions, join, projection, filters, modeling from the business or engineering and queries (see processing that transforms acquired data into strategic control information. For example, large- Figure 2). DDS allows the application programmer scale SCADA systems are often combined with to create object views from a relational information Energy Management Systems (EMS) that transform model. This ensures that the applications logic can sensor data into control strategies for efficient and completely focus on the business problem, while safe control of generation and transmission delegating to the middleware the mechanics of data resources. Separation of data acquisition and distribution. Another typical use of the object- transport concerns from complex data oriented view is to reconstruct and manage transformations are combined with the powerful relationships out of the messaging data, perform relational information modeling capability of DDS to complex filtering, and correlation. As shown in enable highly advanced application frameworks for evolving SCADA/EMS applications. Figure 2, DDS can perform data filtering and correlation by relying on either SQL92 expressions, QoS-­‐Enabled  Data  Distribu6on or on user provided filter-objects. Application domains like SCADA/EMS can rely upon DDS as a sure foundation for robust and reliable All these capabilities are provided via a fully data acquisition and transport functions. DDS distributed architecture that ensures performance, provides a rich set of QoS policies for finely tuning predictability, availability, and scalability, and are and controlling the data temporal properties, e.g., controlled and finely-tunable by a rich set of QoS deadline, latency budget, etc., its priority, reliability, policies that allow traffic prioritization, traffic shaping, persistence, and resource usage. This set of QoS hardware and software filtering, and persistence. policies provide the control knobs that allow an architect to specify how the system should behave, thus making it possible to easily express the constraints derived from schedulability analysis and alike. Two key sets of DDS QoS policies relevant to SCADA and Utilities applications are those controlling data timeliness and data availability. DDS provides a rich set of QoS policies that control the timeliness properties of distributed data, the trade-off between latency and throughput, and the data prioritization: • The LATENCY_BUDGET QoS policy provides a means for applications to inform DDS of the urgency associated with transmitted data. The latency budget specifies the time period within which DDS must distribute the information. This time period starts from the moment the data is written by a publisher until it is available in the Figure 2 – DDS Relational and Object-Oriented subscriber’s data-cache ready for use by reader Data Modeling (s). • The TRANSPORT_PRIORITY QoS policy allows applications to control the importance associated with a topic or with a topic instance, thus allowing The native support for relational information a DDS implementation to prioritize more important modeling makes it very efficient to seamlessly data relative to less important data. Page 2/4
  3. 3. • The DEADLINE QoS policy allows applications to define the maximum inter-arrival time for data. DDS can be configured to automatically notify These DDS QoS policies allow highly decoupled and applications when deadlines are missed. focused data transformation applications to be designed and deployed in a truly distributed These QoS policies make it possible to ensure that architecture that leverages available computing and (1) the system is tuned to operate in the right communication hardware technology with data latency/throughput trade-off point, and (2) that transport agnosticism. An example of this is the important data is always able to preempt less SCADA/EMS application domain where it is important data, thus ensuring that even in overload essential that intensive compute and data hungry condition the temporal properties of critical data are optimization algorithms or electrical system preserved. As an example, the combination of the contingency analysis solutions be decoupled L AT E N C Y _ B U D G E T, D E A D L I N E a n d architecturally from relatively simple but time critical resource allocation control operations. TRANPORT_PRIORITY can be used to set the properties needed to enforce the schedulability of QoS-­‐Driven  Traffic  Engineering data traffic as derived from a Rate Monotonic Analysis (RMA). In addition to the DDS QoS policies that control the temporal properties of data, it is worth investigating how these QoS are leveraged by some of the most advanced DDS implementations [4] to enforce DDS provides the following QoS policies that control specific network traffic properties. the availability of data to subscribers: • The DURABILITY QoS policy controls the lifetime of the data written to the global data space. Supported durability levels include (1) volatile, which specifies that once data is published it is not maintained by DDS for delivery to late joining applications, (2) transient local, which specifies that publishers store data locally so that late joining subscribers get the last published item if a publisher is still alive, (3) transient, which ensures that the global data space maintains the Figure 4 – DDS Networking Technology and Traffic information outside the local scope of any Engineering publishers for use by late joining subscribers, and (4) persistent, which ensures that the global data space stores the information persistently so it is Latency/Throughput Tradeoff. Advanced DDS available to late joiners even after the shutdown implementations, rely on the LATENCY_BUDGET and restart of the system. QoS to bundle data across topics and applications to • The LIFESPAN QoS policy controls the interval of ensure optimal throughput and reduce CPU time during which a data sample is valid. The utilization. default value is infinite, with alternative values Data Prioritization. The TRANSPORT_PRIORITY being the time-span for which the data can be QoS is used in combination with network channels to considered valid. enforce messages priority even on non-priority- • The HISTORY QoS policy controls the number of preserving transports, such as the TCP/IP or UDP/ data samples (i.e., subsequent writes of the same IP. topic) that must be stored for readers or writers. Possible values are the last sample, the last n Traffic Shaping. For every channel it is possible to samples, or all samples. define the traffic profile to ensure that the network utilization never exceeds a user-specified value. Traffic Partitioning. DDS partitions are mapped to These QoS policies control the degree of time IP multicast addresses to segregate different traffic decoupling between publishing and subscribing flows and rely on hardware filtering capabilities applications, as well as the historical data that the provided by modern routers, switches and network middleware should keep on behalf of the application. cards. Several other QoS policies exist that control (1) the replication of publishers, greatly simplifying the implementation of Hot-Swap and Hot-Hot replication styles, and (2) the use of computational resources, such as main memory, buffer sizes. Page 3/4
  4. 4. The combination of these architectural features and QoS ensure that DDS applications have full control over the characteristics of generated traffic. As a Security and reliability of critical infrastructure is of result, the system can be properly tuned and paramount importance today. Recent developments configured to operate at the right performance point, of infrastructure security and protection standards while retaining stability and determinism during require Utilities compliance. It is no longer just good overload conditions. business but critical to national security to protect infrastructure resources. DDS Information Assurance Informa6on  Assurance is a large step toward securing SCADA/EMS and advanced protection systems that provide the Leading DDS implementations [4] provide security backbone of the Utility infrastructure. SCADA/EMS solution ensuring Information Assurance (IA) for all applications design can rely upon application DDS-based cooperation and information exchange authentication and transport encryption provided between the DDS nodes over untrusted with DDS IA. The separation of concern between communication infrastructures. The security solution DDS and application data transformation allows allows the reliable separation of applications with SCADA/EMS application developers to focus on different clearances deployed on different nodes in a secure control strategies with the knowledge that way that ensures transparency to the applications, underlying data transport is secure. thus supporting full portability. This solution provides QoS-enabled IA offering end-to-end security Concluding  Remarks between all applications (distributed or co-located), including mandatory access control for all data The Data Distribution Service (DDS) for Real-Time flowing between applications and detailed security Systems is a standard data-centric, topic-based audit of application interactions. publish/subscribe middleware that has been designed for addressing the data distribution The security solution extend the real-time challenges of real-time distributed systems. Due to communication with configurable cryptographic its high performance, powerful support for data protection implementing the following security modeling, event filtering and processing, and its properties: finely tunable control over key properties of data distribution, such as deadline, priority, latency, • Information exchanged over unsecure availability, and security, DDS is the perfect networks cannot be eavesdropped or technology for addressing the data distribution modified without detection while in transit needs of the most challenging SCADA and Utility (data integrity & confidentiality). applications. Companies that should seriously consider deploying DDS are (1) companies • Complete, reliable, and readily evaluable developing utility automation such as power-grid separation between the area in which the control, looking for more scalable and high information is processed in unencrypted performance data distribution middleware, (2) form (RED, on the node) and the area to companies struggling with keeping up with high which critical (classified) information is not volume telemetry systems, who are looking for a permitted to flow in unencrypted form standard-based solution that can cope with massive (BLACK, network). volumes of data in real-time to either replace home- grown solutions, or underperforming proprietary • Information of different classification is solutions, (3) Industrial control companies that want cryptographically separated while in transit to fully leverage their move to Ethernet or Industrial between different nodes, resulting in Ethernet, and are looking for more productive data stronger separation than only labeling and distribution middleware that can be easily integrated performing no infiltration or ex-filtration with enterprise systems. between different classifications while in transit. • Information received via the network can References only be retrieved in its unencrypted (RED) form on nodes that 1 OMG, “Data Distribution Service for Real-Time Systems Specification,” o are accredited for the security level formal/04-12-02.pdf of this information, and 2 OMG DDS SIG Portal, o host applications that have a need- 3 OMG DDS Forum, to-know for the information. 4 OpenSplice DDS, • Authenticity of all information exchanged dds. between nodes. Page 4/4