IETF Logo Mail Archive

[smartpower-interest] Smart Grid Architecture Committee meeting 17 February

Fred Baker <fred@cisco.com> Wed, 17 February 2010 14:09 UTC

Return-Path: <fred@cisco.com>
X-Original-To: smartpower-interest@core3.amsl.com
Delivered-To: smartpower-interest@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CB07A3A7D01 for <smartpower-interest@core3.amsl.com>; Wed, 17 Feb 2010 06:09:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level:
X-Spam-Status: No, score=x tagged_above=-999 required=5 tests=[]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rsRLX1HLjXup for <smartpower-interest@core3.amsl.com>; Wed, 17 Feb 2010 06:09:42 -0800 (PST)
Received: from rtp-iport-1.cisco.com (rtp-iport-1.cisco.com [64.102.122.148]) by core3.amsl.com (Postfix) with ESMTP id 71AC73A72EC for <smartpower-interest@ietf.org>; Wed, 17 Feb 2010 06:09:34 -0800 (PST)
Authentication-Results: rtp-iport-1.cisco.com; dkim=neutral (message not signed) header.i=none
X-Files: NIST_PAP_01-IP_in_Smart_Grid_v.1.0-Oct_30th_2009.doc : 715264
X-IronPort-AV: E=Sophos; i="4.49,491,1262563200"; d="doc'32?scan'32,208,32"; a="86736605"
Received: from rtp-core-1.cisco.com ([64.102.124.12]) by rtp-iport-1.cisco.com with ESMTP; 17 Feb 2010 14:11:11 +0000
Received: from [129.6.252.251] (rtp-vpn5-236.cisco.com [10.82.232.236]) by rtp-core-1.cisco.com (8.13.8/8.14.3) with ESMTP id o1HEBB7n018904 for <smartpower-interest@ietf.org>; Wed, 17 Feb 2010 14:11:11 GMT
Message-Id: <55FA0F33-F37F-4429-92D0-9E99162BA496@cisco.com>
From: Fred Baker <fred@cisco.com>
To: smartpower-interest@ietf.org
Content-Type: multipart/mixed; boundary=Apple-Mail-271-345862477
Mime-Version: 1.0 (Apple Message framework v936)
Date: Wed, 17 Feb 2010 09:11:11 -0500
X-Mailer: Apple Mail (2.936)
Subject: [smartpower-interest] Smart Grid Architecture Committee meeting 17 February
X-BeenThere: smartpower-interest@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Smart Power Interest <smartpower-interest.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/smartpower-interest>, <mailto:smartpower-interest-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/smartpower-interest>
List-Post: <mailto:smartpower-interest@ietf.org>
List-Help: <mailto:smartpower-interest-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/smartpower-interest>, <mailto:smartpower-interest-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Feb 2010 14:09:43 -0000

I am forwarding in case you folks have not seen this. It is the  
proposed IP architecture from NERC, which is a US regulatory body.

One important statement it makes is:

> A final note is that this document will not make the distinction  
> between IP version 4 or version 6 for the purpose of analysis or  
> standardization.  The point is simply to support IP with the version  
> number left to be an implementation detail determined by the utility  
> or service provider that would install the AMI network.  That being  
> said, any competent network planner can easily do the math - many  
> investor-owned utilities have literally millions of electric meters  
> installed (a distinct challenge in a version 4 environment), with  
> this "volume problem" being compounded by the presence of other  
> devices including some quantity of electric vehicles as potential  
> roaming users in the future.  That means the utility would either  
> have to use IPv4 very judiciously and replicate private IP space  
> over and over again, or move to IPv6 and address a greater number of  
> devices uniquely.


This is not as strong a statement re IPv6 as the IETF and ARIN have  
proposed, but is at least a sensible one in the near term.

The architecture doesn't say a lot about security, but does say this:

> The C12.22 protocol also includes AES-128 security mechanisms.  
> Additional IP transport security protocols may be provided to  
> enhance and preserve the upper layer security provisions but not as  
> a substitute of such.

Personally, I think that's an inadequate statement. The key issues are  
in identification, authentication, authorization, and confidentiality  
where appropriate. It would be really nice if http://tools.ietf.org/html/draft-mcgrew-fundamental-ecc-01 
  were approved as "suite b", and the architecture could specify the  
use of "suite b cryptographic standards". For those that don't know  
what that means, it refers to the use of elliptic curve public key  
cryptography without the IPR considerations that have crippled the  
industry's ability to use it. AES, while a very worthwhile technology,  
is symmetric key, which means in the AMI that the key is not in fact  
secret - it is known by and communicated among at least two parties.  
The lack of a key management infrastructure is a problem, which I  
would entertain useful proposals for.


The architecture focuses, surprisingly, not on the use of TCP/UDP and  
IP (v4 or v6), but on the place of the ANSI C12 series management  
applications. Given that those are in the most recent filing moved  
from "mandatory" to "should be considered", that is interesting. One  
thing that would help, perhaps, is a description of how NetConf could  
be used instead, and an openly-defined XML-based schema (from OASYS  
perhaps?) that could be exchanged using it. I'm not going to write  
that, but would entertain submissions.



http://www.ipinc.net/IPv4.GIF

v2.8.7 | Report a Bug | By Email