[smartpowerdir] Fwd: Summary of Smart Power matters July 2010
Fred Baker <fred@cisco.com> Mon, 26 July 2010 04:06 UTC
Return-Path: <fred@cisco.com>
X-Original-To: smartpowerdir@core3.amsl.com
Delivered-To: smartpowerdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 553603A699C; Sun, 25 Jul 2010 21:06:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.599
X-Spam-Level:
X-Spam-Status: No, score=-110.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Xctl+KWXbW2S; Sun, 25 Jul 2010 21:06:22 -0700 (PDT)
Received: from rtp-iport-1.cisco.com (rtp-iport-1.cisco.com [64.102.122.148]) by core3.amsl.com (Postfix) with ESMTP id 945593A69B7; Sun, 25 Jul 2010 21:06:21 -0700 (PDT)
Authentication-Results: rtp-iport-1.cisco.com; dkim=neutral (message not signed) header.i=none
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AvsEADunTEytJV2Z/2dsb2JhbACfYHGldZlghTYEiGQ
X-IronPort-AV: E=Sophos;i="4.55,259,1278288000"; d="scan'208";a="139020363"
Received: from rcdn-core-2.cisco.com ([173.37.93.153]) by rtp-iport-1.cisco.com with ESMTP; 26 Jul 2010 04:06:28 +0000
Received: from Freds-Computer.local (sjc-vpn4-1492.cisco.com [10.21.85.211]) by rcdn-core-2.cisco.com (8.14.3/8.14.3) with ESMTP id o6Q46JZ1031066; Mon, 26 Jul 2010 04:06:21 GMT
Received: from [127.0.0.1] by Freds-Computer.local (PGP Universal service); Mon, 26 Jul 2010 06:06:27 +0200
X-PGP-Universal: processed; by Freds-Computer.local on Mon, 26 Jul 2010 06:06:27 +0200
From: Fred Baker <fred@cisco.com>
Date: Mon, 26 Jul 2010 06:06:12 +0200
References: <1280097293.1621.18.camel@d430>
To: IETF SmartPower Directorate <smartpowerdir@ietf.org>, smartpower-interest@ietf.org, IAB <iab@iab.org>
Message-Id: <CEBAD84B-3D9B-43F8-BC19-D87A372DC223@cisco.com>
Mime-Version: 1.0 (Apple Message framework v1081)
X-Mailer: Apple Mail (2.1081)
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: quoted-printable
Subject: [smartpowerdir] Fwd: Summary of Smart Power matters July 2010
X-BeenThere: smartpowerdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Members of the Smart Power Directorate <smartpowerdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/smartpowerdir>, <mailto:smartpowerdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/smartpowerdir>
List-Post: <mailto:smartpowerdir@ietf.org>
List-Help: <mailto:smartpowerdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/smartpowerdir>, <mailto:smartpowerdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Jul 2010 04:06:25 -0000
FYI - I had run my note yesterday past the 6lowpan chairs before sending it, but they had not seen it to reply. I got this from Geoff this morning; it is only fair to let him correct the record in these respects. Note that JP had in fact replied, and I had adjusted the comments on ROLL with respect to his comments. Begin forwarded message: > From: Geoff Mulligan <geoff@proto6.com> > Date: July 26, 2010 12:34:53 AM GMT+02:00 > To: Fred Baker <fred@cisco.com> > Subject: Re: Fwd: Summary of Smart Power matters July 2010 > > Fred, > I think that this is basically ok. I do take a few exceptions: > > 1. Zigbee didn't demonstrate RESTful http over 6lowpan and 15.4 - I did > it. Now zigbee is planning on using it. > > 2. paragraph a) - The HC and ND drafts are not being delayed by the > 6lowpan chairs. There have been fruitful and continuing discussions on > both drafts. I think that HC is now done and we will say so in the > meeting on Monday. The ND draft needs one for revision and will call it > complete. So again these are not waiting on the chairs. > > 3. paragraph b) - JP and David Culler had started and promised a 6lowpan > "arch" doc. I volunteered to help, but nothing has come of it. I do > agree that it would be good and nice if there were some document the > described IP over 15.4, but including how to pick a pan and channel and > join a network is quite a bit of work. I think that we are chartered to > do this, but so far no one has stepped up (in 6lowpan) so zigbee is > defining how to do it for zigbee. > > 4. paragraph d) - I did not hold the bar bof to do anything in the time > frame for zigbee or the smart grid, but to work on something that > 6lowpan was supposed to do from the start - RFC4919 describes a network > that is mesh under. > > 5. paragrpah f) - The other demo I built - showing tcp/http running over > a multi-hop network included 30+ nodes. > > So basically right, but something thing just slightly askew. If you > talk to folks about this after the IAB meeting I hope that you can > properly reflect these 5 points. > > geoff > > > On Sun, 2010-07-25 at 06:00 +0200, Fred Baker wrote: >> What I actually sent. >> >> Begin forwarded message: >> >>> From: Fred Baker <fred@cisco.com> >>> >>> Date: July 25, 2010 5:54:07 AM GMT+02:00 >>> >>> To: IAB <iab@iab.org> >>> >>> Cc: IETF SmartPower Directorate <smartpowerdir@ietf.org> >>> >>> Subject: Summary of Smart Power matters July 2010 >>> >>> Reply-To: IETF SmartPower Directorate <smartpowerdir@ietf.org> >>> >>> >>> Your chair has asked me to brief you on what's happening in the >>> Smart Grid. I'm going to do so verbally at dinner this evening, but >>> here is a note summarizing matters in case I miss a point or it >>> doesn't make it across. >>> >>> >>> The electrical grid today is composed of a lot more than generators, >>> transmission and distribution systems, and meters at homes. It also >>> includes market entities, network operations similar to the >>> operational issues of computer networks, and front end "electrical >>> utilities" that primarily manage billing relationships with >>> consumers. Like the Internet, these are often separate companies >>> that work together through a system of established trust, and which >>> depend on machine-to-machine communications to accomplish their >>> daily tasks. Over the past two decades, SCADA systems have been >>> developed that facilitate the management of various things, and >>> standards have been developed (primarily through ANSI-acredited >>> bodies and the IEC) for their interoperation. The grid is also being >>> extended. Where in the past the grid has delivered electricity to >>> consumers and any networks in it have been primarily for the purpose >>> of managing that one-way flow, increasingly consumers are also >>> producers of energy and share their production, via the grid, with >>> their neighbors, which can be a good thing but also has dangers and >>> operational problems. Home automation results in fundamental changes >>> to the concept of an electrical switch and other common elements - >>> where the switch used to make or break a contact, it now often sends >>> a message to a computer that controls such things. And the >>> electrical utilities have discovered that by appropriate planning >>> they can achieve measurable (on the order of 30%) economies, >>> especially if consumers will cooperate with them in supplying >>> information and accepting temporary shutdowns or rate changes to >>> manage load. >>> >>> >>> The problem with the grid is not that it lacks intelligence; it is >>> that it is a cacophony of voices, speaking every possible language, >>> often proprietary ones. I have spoken with utilities that use DECNET >>> IV to run their SCADA systems. There are vendors that use ANSI >>> C12.19 (a "MIB" by any other name) and C12.21/22 (an ACSE/ROSE-based >>> communication protocol intended to facilitate secure communications >>> between managers and managed systems) and either love it or hate it; >>> many use just enough of C12.19 to be able to say they support it and >>> place their attributes in the "proprietary extensions" tree, and I >>> know of at most one or two full implementations. Some parts of the >>> grid use application-on-Ethernet or other "interesting" >>> architectures. >>> >>> >>> NIST's objective is to reduce the babble to a dull roar, and provide >>> a way forward that facilitates communication. In the words of >>> the NIST Roadmap, Version 1.0, September 2009, “…the Network should >>> enable an application in a particular domain to communicate with an >>> application in any other domain in the information network, with >>> proper management control over who and where applications can be >>> interconnected.” In my opinion, that is eminently doable using IPv4 >>> or IPv6, and IPv6 should be chosen due to address space limitations. >>> Many of the security issues ("how do you certifiably prevent script >>> kiddies from attacking critical infrastructure in both the back >>> office and the technical plant?") is readily handled by routing: >>> "don't advertise the prefixes of critical infrastructure to folks >>> that have no need to access it." For issues for which that is not >>> adequate, strong mutual authentication/authorization and encryption >>> is required. >>> >>> >>> My initial project in this was, in response to a request from NIST, >>> to write a document that describes the Internet Architecture and its >>> core protocols. This internet draft is Internet Protocols for the >>> Smart Grid, by Monday morning in its -06 version, and probably due >>> one or two more iterations. What I originally intended to describe >>> included IPv4, IPv6, ICMP and ICMPv6, a handful of transports, and >>> the use of IPsec and TLS for security purposes; in response to >>> specific requests, it has grown to reference ~150 internet drafts >>> and RFCs, and will likely add a few more surrounding network >>> management. It has had review from the security directorate, which >>> in essence said they didn't like it but have not responded with >>> suggestions for how to improve it beyond "reference CMS" (of the 27 >>> RFCs under that rubric, which, and saying what? Presumably at least >>> 5275 and 5652...); the easy part of a review is to say something is >>> wrong, but what I need is for someone to suggest text that is right. >>> It has also had review from one of the Applications Area Directors, >>> who didn't like the proposed model of the architecture; her >>> suggestion for a way to improve it was "recommend RESTful HTTP". >>> Neither has been, in my opinion, very helpful. The Smart Grid >>> community has stated, however, that this document is useful to them >>> and largely serves the purpose for which it was requested - but they >>> hope for other documents that drill a level deeper into specific >>> areas, such as making security recommendations. I hope to conclude >>> the development of this draft in the near future and send it off for >>> consideration as an Informational RFC. >>> >>> >>> My sense, as I embarked on the project a year ago, was that >>> given 6LowPAN and Roll, the IETF had little to do beyond this; the >>> bits and pieces needed are in place and in use. In general, I >>> continue to be of that opinion: much of the Smart Grid is very >>> similar to any industry's back office. It uses the same equipment >>> and software, and the real time automation used in the grid is well >>> served by the tools at hand. >>> >>> >>> That said, the designers of IEEE 802.15.4 have not done the industry >>> any favors. As a result there has been concern regarding the use of >>> any protocol that uses half of the 128 byte MAC frame to encode the >>> network protocols and the remainder for a paltry payload, and the >>> reliability of delivery has been a problem as well. This has >>> resulted in part in spinning up the CORE working group, whose >>> primary effort has been CoAP, and demonstration efforts within >>> Zigbee showing the technology operating perfectly well using >>> standard SOAP or RESTful HTTP on TCP. >>> >>> >>> At this point, the folks working on the "Home Area Network" or HAN >>> (which is to say people from the Zigbee Alliance) have identified >>> several usability issues, which they are bringing back to the IETF >>> through the usual ad hoc channels. They tell me that these revolve >>> around: >>> >>> >>> a) getting 6LowPAN to publish some drafts that appear to be finished >>> but await working group chair movement. 6lowpan-nd and -hc need to >>> be completed. >>> >>> >>> b) 6lowpan WG has not produced a comprehensive "IP over 802.15.4" >>> document that addresses all the 802.25.4-specific details about how >>> to use the radios, how to pick a PAN, how to join a network, etc. >>> Ideally, Zigbee should be able to say "use these RFCs", and can't. >>> >>> >>> c) Getting Roll to deliver a stable and functional protocol. This is >>> political and controversial between the participants in the >>> discussion. RPL provides two modes: one in which a router is >>> expected to store a route table, and one in which it stores at most >>> a few routes. The latter mode, until the recent reposting of the >>> draft, only supported routing from a sensor to a router at the edge, >>> not from the router back to the sensor. In this edition, WGLC to >>> complete 29 July, RPL's low memory mode depends on source routing >>> (which in turn depends on two drafts submitted to 6man that it has >>> not yet accepted) from the edge router, which may have IPR issues - >>> which has led Zigbee to assert that it is only interested in >>> networks small enough to use the "stored route table" model. Zigbee >>> gave Roll a hard deadline for a stable protocol, 29 July; at the >>> moment, the alternative on the table is DYMO, and there are in my >>> mind issues with that as well. >>> >>> >>> d) Meanwhile, Geoof Mulligan organized a Bar BOF at the Anaheim >>> meeting and is proposing one in this meeting, toward designing a >>> mesh-under routing protocol. Requirements development for such a >>> protocol is within the 6lowpan charter. I have made some suggestions >>> along the furrows plowed by Paul Tsuchiya's Landmark Routing >>> algorithm; there are also other possible approaches. Given the "we >>> need something now" mentality, I suspect the question is coming up >>> too late. >>> >>> >>> e) For service location purposes, Zigbee proposes to use Multicast >>> DNS, which has been taking too long and which only returns >>> link-local addresses (if I am at the utility and need to talk with >>> the Energy Management System [EMS] in a home, I want to be able to >>> get a global address in response to a DNS translation). One could >>> argue for Dynamic DNS with the DNS server in the Energy Management >>> System (which may be part of or sitting next to the meter), or for a >>> more static solution. I'm not sure where the service location >>> protocol might fit in this; its security issues may make it >>> useless. CoAP offers a "resource discovery" feature that may obviate >>> the need for M-DNS and service discovery. >>> >>> >>> f) Regarding CORE/CoAP: it would be good if the Zigbee Alliance >>> could get some numbers to support or disprove the statement >>> "HTTP/TLS/TCP will meet our performance requirements for SEP 2.0 in >>> networks of fewer than 30 nodes". There's a concern that CoAP will >>> result in a walled garden of SEP 2.0 nodes, where any CoAP/HTTP >>> gateway will stifle application development. There is also good >>> reason to be concerned about making Secure Energy Profile 2.0 >>> dependent on Yet Another RFC from a WG that is just now getting >>> started. Note that CoAP is seen as the backup in case HTTP/TLS/TCP >>> turns out for naught, not a primary requirement. And CoAP is >>> experiencing mission creep... >>> >>> >>> g) Open standards for cryptography can and should be used. Current >>> work suggests that standard mechanisms like TLS and PKIX are >>> suitable for use in SG's constrained environments, given some modest >>> profiling that fits into Internet standards rather than changing >>> those standards (AES-CCM, Cert Compression). Cryptographic >>> algorithms can and should use open specifications that predate >>> specialized methods (Fundamental ECC). >>> >>> >>> h) PANA relay >>> >>> >>> i) As you may be aware (I was not), security in the HAN is at the >>> moment being derived from 802.1X using EAP-TLS (RFC 5216) at the >>> link layer. In short, devices that enter the HAN should be those >>> that are authorized access. A comment I got from a NIST security >>> architect (Justin Searles) said that was the best security available >>> today. It gives me some concern, however, as the fact that one is >>> authorized to use a network doesn't mean one is authorized to do >>> anything in particular in the network - the fact that I can attach >>> my laptop doesn't mean I can reconfigure the routers, for example. >>> I'd be interested in other views... >>> >>> >>> j) NIST is asking questions about secure network management. I have >>> suggested Netconf, and there is review happening both by the >>> relevant chairs and by a NIST consultant along those lines. >>> Depending on the analysis, Netconf may have some things to address - >>> at this point TBD. >> >> http://www.ipinc.net/IPv4.GIF >> > > http://www.ipinc.net/IPv4.GIF
- [smartpowerdir] Summary of Smart Power matters Ju… Fred Baker
- Re: [smartpowerdir] Summary of Smart Power matter… Zach Shelby
- Re: [smartpowerdir] Summary of Smart Power matter… Sam Hartman
- Re: [smartpowerdir] Summary of Smart Power matter… Jari Arkko
- [smartpowerdir] Fwd: Summary of Smart Power matte… Fred Baker
- Re: [smartpowerdir] Summary of Smart Power matter… Henning Schulzrinne
- Re: [smartpowerdir] Summary of Smart Power matter… Zach Shelby