Best practices: using telecom wireless for AMI

Smart Grid is a framework to modernize the power generation, transmission and distribution systems via the use of latest information technologies. The Department of Energy defines a Smart Grid as the transformation from a centralized, producer-controlled network to one that is less centralized and more consumer-interactive efficiency, reliability, flexibility, remote monitoring, and grid visibility are some of the key attributes used to define a Smart Grid.

Fundamental enabling technologies for Smart Grid are sensing and measurement technologies with data from the sensing and measurement devices integrated with the utility's integrated system communications. These technologies provide real-time information and control to support faster and more accurate response such as remote monitoring, time-of-use pricing and demand-side management.

Within the Smart Grid framework, technologies like Advanced Metering Infrastructure (AMI) leverages 'smart' devices deployed at homes and other end-points to not only measure and analyze usage but also offer pricing based on time of use and device types. This is achieved via the use of two-way data transmission with the smart meter. 

Wireless enabled devices like smart meters, fault detectors, other monitoring and sensing devices are being adopted in AMI solutions utilizing the AT&T wireless data network. A comprehensive approach in the planning, design and deployment of wireless AMI solutions can help avoid some of the common pitfalls. A robust wireless AMI solution must account for factors like wireless coverage variability and end-point manageability.

AMI security

AMI solution security must be viewed within the larger context of Smart Grid security. Smart Grid security is sub-divided in three security domains: generation systems, transmission systems and distribution systems. Each domain poses unique security challenges.  System availability, data integrity and confidentiality are all important to the smooth operation of any AMI solution.

AMI solutions of today leverage a variety of connectivity options for normal operation. A single smart meter can have multiple wired and wireless connections like Zigbee, EDGE/UMTS etc. Each link or connection point should employ security features and access should be restricted by the utility to authorized users.

Some AMI vendors leverage SMS for management tasks. As discussed earlier, this is a potential security risk and utility customers should minimize the risk by either disabling the SMS command functionality or by turning-off SMS via SIM provisioning. Similarly, voice call functionality should be disabled.  Any management connections and ports should employ access control mechanisms established by the utility customer. Utility customers should also encrypt their transmitted and stored data to help protect consumer privacy and minimize device tampering.

AT&T Mobility Commercial connectivity services

AT&T Mobility Commercial Connectivity Services (CCS) enables a customer to extend its private network into AT&T Mobility's cellular network CCS enables cellular connected devices to appear 'on the customer network' using the customer's IP addressing scheme and security policies. 

There are three parts to the CCS design architecture:  (a) cellular end-point configuration, (b) network connectivity and (c) customer network configuration.   Each one has associated best practices that can stand alone, but following best practices on all three component parts can result in a more comprehensive solution.

Cellular end-point configuration

In both point-to-point and mesh architectures, each cellular end-point (or CR) should have a static IP address. A static IP address can better facilitate a correlation between IP address, phone number and wireless device serial number.  Once entered into customer's databases and management systems, the IP address will be constant for the life of the device.

Dynamic IP addressing should be used only if the device has the ability to update the customer-owned server each time the IP addresses changes on the device.  The customer must have a backend server that will log the current IP address of each device (dynamic DNS) and provide the ability for management systems to acquire the updated IP address when needed.

Each IP address should also be in the private IP address range. Utility customers may find it useful to refer to RFC 1918 - Address Allocation for Private Internets for private IP addressing standards. Unlike IP addresses in the public IP address range, these private IP addresses are not globally assigned and are not routable on the public Internet.

In addition to IP address considerations, wireless device functionality should be analyzed before deploying a wireless AMI solution.  Specifically, some cellular devices have SMS capability. SMS can be used for device wake up or device management functions. For device wake up, after receiving an SMS message, the device issues a packet data protocol (PDP) connection request message to the wireless network.  This limited connection request is relatively benign from a security perspective. For device management, the device is able to accept commands from users, execute the command and generate a reply to the SMS message. It is possible for unauthorized users to exploit the SMS device management functionality to gain access to the device information and control device behavior by issuing commands.  Accordingly, it is a good idea to disable the SMS command functionality or turn off SMS altogether via SIM provisioning. It is also recommended to disable voice call capability via SIM provisioning.

AT&T network connectivity

CCS provides multiple options for network-to-network connectivity. These options include Frame Relay, Network VPN and IP-enabled PVC. The Network VPN option can be used as the back up option for Frame Relay or IP-enabled PVC. CCS offers a number of customizations tailored to the customer needs.

To help ensure the highest level of CCS service availability, CCS is deployed with Geo-Diversity features as a standard practice. Redundant connections are deployed between the CCS customers' private Enterprise Network and 2 different Geo-Diverse AT&T Data Centers to help ensure that CCS service is not impacted in the event of a single CCS Network-to-Network connection outage.

AT&T has multiple Geo-Diverse Data Centers in the U.S.  In the unlikely event of a catastrophic failure of a data center, the redundant data center can provide backup connectivity. Within data centers, each system has built-in redundancy and utilizes carrier grade appliances.  Carrier grade systems are tested and engineered to high availability standards, and provide fast fault recovery.

Summary

The use of wireless technologies in AMI solutions may be a new trend but the technologies themselves are not. Wireless packet data networks have been in operation for almost a decade. Many of the best practices gleaned from AT&T's experience with wirelessly enabling a variety of applications directly apply to AMI solutions. AT&T believes that AMI deployments can greatly benefit from these best practices.

Specifically, a comprehensive plan that leverages best practices around the solution design, deployment methods, management tools and security measures can result in a successful and smooth AMI deployment.