Document details

A faut - and intrusion - tolerant architecture for EDP Distribuição scada system

Author(s): Medeiros, Nuno André Carnido

Date: 2011

Persistent ID:

Origin: Repositório da Universidade de Lisboa

Subject(s): Dependability; SCADA; Security; Fault Tolerance; Electricity Distribution; Intrusion Tolerance; GENESys


Over recent decades there has been a great investment in creating an infrastructure for energy distribution that offers a higher quality of service and also a greater coverage over the Portuguese national territory. However, the expansion of facilities and the power grid do not guarantee by themselves the required quality of service, despite the increased robustness and reliability of the more recent technologies. It is very important to monitor the entire infrastructure at all times in order to respond as fast as possible to incidents and failures that occur in the power grid. The main objective is to reduce the downtime of the service provided to electricity consumers and to increase the quality of service. The role of performing a quick and effective oversight of the entire infrastructure of power distribution is delegated to the utility providing the distribution grid. Its main objective is to optimize the flow of energy by managing and operating the power grid, ensuring quality of technical service. In addition to being alert to any incident, the network operators are also responsible to initiate all the necessary measures to solve them, according to the analysis made at the time. Nowadays, these functions of great responsibility are facilitated by management tools, usually supervisory control and data acquisition (SCADA) systems that allow remote monitoring and control of the EDP Distribuição power grid. However, the monitoring of the power grid has not always been supported by sophisticated technologies. Before the appearance of information systems, the oversight of the facilities was carried out locally by grid operators who worked in shifts covering high voltage substations twenty four hours a day, seven days a week, ensuring control and incident management at all times. With the development of information technologies and communications, the SCADA systems emerged. These systems are the most valuable tools on providing supervision and operation of the electric power system in near real‐time [1]. The SCADA system have a very complex architecture composed by information systems and database applications which receive realtime information and execute commands over different electrical components on the several telemetry electrical sites, based on sensors, actuators and controllers thereby present. The SCADA systems implementation results in better manageability of the power grid, the reduction of operation costs, and allowing the automation of procedures and the standardization of processes at national level. In EDP Distribuição, the SCADA system only represents one of the core systems of Generation Network Information System(GENESys), a system that incorporates the features and functionalities of SCADA but also the management of the distribution of energy, provided by a Distribution Management System (DMS).The GENESys platform represents the core of the EDP Distribuição power grid management and its robustness, reliability and availability is critical, considering the functionalities it provides. The current architecture of the EDP system as some weaknesses and lacks on the ability of tolerating faults within its structure. We propose a fault‐ and intrusion‐tolerant architecture for GENESys, aiming on a more dependable and secure system. The architecture is mainly composed by three different layers which we address with three dedicated solutions with the view of better global results. For the lower layers of the system, the Telemetry Sites and the Frontend Sites, we propose faulttolerant mechanisms based on redundancy with applicational management. For the backend systems layer we propose the implementation of an intrusion‐tolerant replication protocol since both SCADA and DMS services are crucial for a dependable and secure management of the EDP Distribuição power grid. The MinBFT protocol will provide an extra layer of security to the backend systems since the state machine replication algorithm will guarantee that if an attacker compromises one of the system replicas he will not be able to control and jeopardize the power grid operation. Furthermore, we perform two different analyses over the proposed architecture, always dividing it by the three covered layers. The first analysis objective is to understand which are the fault tolerance capabilities introduced to the different layers of GENESys by our solutions. In the second, we perform a cost‐benefit analysis to infer about the viability of our proposals by acknowledging both their costs and the technical and operational benefits.

Document Type Master thesis
Language English
Advisor(s) Bessani, Alysson Neves
Contributor(s) Medeiros, Nuno André Carnido
facebook logo  linkedin logo  twitter logo 
mendeley logo

Related documents