go to top scroll for more


Projects: Projects for Investigator
Reference Number NIA2_NGET0014
Title Secure Edge Platform
Status Completed
Energy Categories Other Cross-Cutting Technologies or Research(Other Supporting Data) 100%;
Research Types Applied Research and Development 100%
Science and Technology Fields PHYSICAL SCIENCES AND MATHEMATICS (Computer Science and Informatics) 100%
UKERC Cross Cutting Characterisation Not Cross-cutting 60%;
Other (Energy technology information dissemination) 40%;
Principal Investigator Project Contact
No email address given
National Grid Electricity Transmission
Award Type Network Innovation Allowance
Funding Source Ofgem
Start Date 02 May 2022
End Date 31 August 2023
Duration ENA months
Total Grant Value £295,000
Industrial Sectors Power
Region London
Programme Network Innovation Allowance
Investigators Principal Investigator Project Contact , National Grid Electricity Transmission (100.000%)
  Industrial Collaborator Project Contact , National Grid Electricity Transmission (0.000%)
Web Site https://smarter.energynetworks.org/projects/NIA2_NGET0014
Objectives To address the above problem this project will carry out research into hardware and software architectures and technologies that will enable secure reporting of SCADA data, system monitoring data and asset health data from IoT sensors using a common gateway. The project will aim to virtualise the required functions and provide an edge platform that can offer secure reporting as well as edge processing. The project will develop a laboratory-based test platform for research and development concerning the required software solutions that will be hosted on a virtualisation platform and interact with SCADA, IoT sensors, system monitoring and business systems hosted in the cloud.A number of use cases for IoT based data reporting, remote configuration, and Machine Learning based edge computing applications will be developed and demonstrated in the supplier laboratory as part of the first phase of the project. During the second phase the test facility will be migrated onto an open NGET virtualisation platform in a substation environment which is part of NGETs cyber security research environment. Remote management of the functions, reporting and edge-computing based use cases will be demonstrated and their security and viability will be evaluated as an end to end process.Data Quality Statement (DQS):The project will be delivered under the NIA framework in line with OFGEM, ENA and NGET internal policy. Data produced as part of this project will be subject to quality assurance to ensure that the information produced with each deliverable is accurate to the best of our knowledge and sources of information are appropriately documented. All deliverables and project outputs will be stored on our internal Sharepoint platform ensuring access control, backup and version management. Relevant project documentation and reports will also be made available on the ENA Smarter Networks Portal and dissemination material will be shared with the relevant stakeholders.Measurement Quality Statement (MQS):The methodology used in this project will be subject to our suppliers own quality assurance regime which is ISO 9001 certified. Quality assurance processes and the source of data, measurement processes and equipment as well as data processing will be clearly documented and verifiable. The measurements, designs and economic assessments will also be clearly documented in the relevant deliverables and final project report and will be made available for review. In line with the ENAs ENIP document, the risk rating is scored 5 = low.TRL Steps = 1 (2 TRL steps)Cost = 1 (<£500k)Suppliers = 1 (1 supplier)Data Assumption = 2 (assumptions known but will be defined within the project) The scope of the project covers 2 phases. The first phase consists of research and development activities and the design, engineering and development activities carried out in the suppliers laboratory. The work has been structured as 7 work packages that will be delivered by a dedicated team as a “sprint”, each addressing a given set of use cases.Work package 1 will research and develop a proof of concept for a remotely deployable data consuming virtualised application that can be delivered to an existing industrial edge gateway. The application will provide an open interface to data sources including system monitoring, SCADA and IoT sensors that may be using a range of different protocols. The data will be stored locally and made available securely as read-only information to cloud based business applications (see WP3). The design and design choices will be documented and test results will be recorded confirming the extent to which the required performance in terms of security and capability could be demonstrated.Work package 2 consists of an application that will provide data enrichment. Events recorded by any of the data sources will be correlated to other data sources providing it with additional meta information not contained within the original event record. The application will also enable remote deployment of standardised data models based on the CIM standards (IEC61970).Work package 3 consists of the development of a cloud publisher application that can securely deliver the locally stored, enriched or otherwise processed data to the relevant business applications in the cloud. Penetration testing will be carried out as part of the work to evaluate the level of security of edge to cloud data communication where the identity of the edge device can be managed from the cloud. Information will be encrypted and the application will be remotely configurable.Work package 4 will investigate the concept of a remotely deployable rules engine that analysis incoming data and triggers predefined actions depending on the information provided by the data sources. Secure remote configuration, visual programming of rules and analysis functions as well as the interface with the cloud publisher (WP3) will be the main focus of the WP. This application provides an opportunity for easy deployment of rule-based automation and protection schemes as well as enhanced asset management.Work package 5 aims at proving the concept of remotely deployable machine learning algorithms for detailed analysis of asset health, risks, diagnostics and root cause analysis. Remote deployment to the edge platform will enable large raw datasets to be analysed at each substation site and feed into reporting, monitoring, planning and automation schemes.Work package 6 investigates a proof of concept for secure and reliable edge to edge messaging. This will facilitate the remote deployment of applications that require data from multiple substations. These applications include rule based or ML based algorithms as investigated in WP 4 and 5.Design and engineering information for all of these work packages will be produced as well as test schedules and results. Work package 7 will also provide a detailed assessment of the overall architecture in terms of performance and cyber security as well as the second phase of the project which includes an end to end demonstration of the developments carried out in WP1 to 6 in an operational environment at our cyber security research environment based in one of our substations.There are multiple applications and value levers in terms of optimised asset management, operational and system data reporting. This work has also got the potential to enable remote deployment of new and enhanced automation schemes. The virtualisation of reporting and diagnostic functions will also reduce the number of hardware platforms required when rolling out SCADA systems and enable remote management of some of the configurations. The reduced hardware requirements will provide a saving of £320k over the life of the assets (10 years in this case) and reduced cost for change management due to remote configurability will save approximately £370k. Maintenance costs will also be reduced by £7.5k and overall the net benefit in terms of Net Present Value (NPV) is estimated as £371k based on £295k project spend. This is based on a 10 year assessment following a 2 year development period, required for the development of a solution that can be rolled out. The technology is expected to deliver significantly greater benefits from optimised asset management of primary and secondary assets which are however currently not quantified at this stage. Follow up projects for digital twin applications, system awareness and analysis tools as well as enhanced system integrity protection and remedial action schemes are among those applications that this technology plays a key role in and their benefits will be quantified in future projects.  The objective of this project is to investigate and validate a global architecture and solution for the reporting of system, asset and operational data from substations to cloud based business applications and potentially operational systems that avoids the current fragmented architecture and delivers enhanced capabilities and opportunities for asset monitoring and management, operational data reporting and system management. The project aims to demonstrate a secure virtualised substation edge computing platform that can deliver:Secure reporting of SCADA, monitoring and IoT sensor dataData enrichment and standardisation in line with CIM (IEC61970 etc.)A secure communication channel from substation to cloud applicationsEdge computing capabilities for rule-based and ML based edge applicationsSecure edge to edge communications for wide area applicationsDetailed cyber security assessment and an end to end demonstration in an operational environment
Abstract The energy network transition will require more agile, flexible and interconnected networks. Digitalisation of assets and processes will play a key part in the preparation of a net-zero capable network. Whilst the IEC61850 suite of standards has been widely adopted for SCADA systems, enhanced system and asset awareness will be required and will be based on IoT technology in many cases. Correlating both data sets and interfacing to common business applications will be a key enabler and value lever for the energy transition. Remote data collection from SCADA and IoT sensors will also require appropriate security solutions that can guarantee the integrity of each of the separate security zones. This project will investigate new solutions for operational data collection and reporting, edge computing and security.
Publications (none)
Final Report (none)
Added to Database 14/10/22