Transcript MV90 IP Data Transport

MV90 IP Data Transport
ERCOT Recommendation
John Fisher & Jeff Maddox
Option 1 – ERCOT WAN
IP Meter
IP Meter
• MP IP meters are located on MP’s private network
IP Meter
MP Network
• MP NAT translates the IP Meters to an ERCOT WAN IP Address
• ERCOT polls meters over the ERCOT WAN
ERCOT MP WAN
ERCOT Network
ERCOT MV90 Communication
Server
2
Option 2 - Internet
IP Meter
IP Meter
IP Meter
• MP IP meters connect to MP network
MP Network
• MP presents IP meters to ERCOT through an
Internet routable IP address
• ERCOT polls meters over the secure encrypted
IPSEC tunnel
Internet
Secure IPSEC Tunnel
ERCOT Network
ERCOT MV90 Communication
Server
3
Notes
• Permitting IP meters access to the Internet increases risk
– Man-in-the-middle attacks
– IP spoofing
– Exposing meters to SCADA based attacks (vulnerabilities are an
unknown at present)
• Private networks are more secure and more reliable
– Private networks are isolated by the Service Provider from
unauthorized users
4