summaryrefslogtreecommitdiff
path: root/doc/rfc/rfc6272.txt
diff options
context:
space:
mode:
Diffstat (limited to 'doc/rfc/rfc6272.txt')
-rw-r--r--doc/rfc/rfc6272.txt3699
1 files changed, 3699 insertions, 0 deletions
diff --git a/doc/rfc/rfc6272.txt b/doc/rfc/rfc6272.txt
new file mode 100644
index 0000000..c04aa8e
--- /dev/null
+++ b/doc/rfc/rfc6272.txt
@@ -0,0 +1,3699 @@
+
+
+
+
+
+
+Internet Engineering Task Force (IETF) F. Baker
+Request for Comments: 6272 D. Meyer
+Category: Informational Cisco Systems
+ISSN: 2070-1721 June 2011
+
+
+ Internet Protocols for the Smart Grid
+
+Abstract
+
+ This note identifies the key infrastructure protocols of the Internet
+ Protocol Suite for use in the Smart Grid. The target audience is
+ those people seeking guidance on how to construct an appropriate
+ Internet Protocol Suite profile for the Smart Grid. In practice,
+ such a profile would consist of selecting what is needed for Smart
+ Grid deployment from the picture presented here.
+
+Status of This Memo
+
+ This document is not an Internet Standards Track specification; it is
+ published for informational purposes.
+
+ This document is a product of the Internet Engineering Task Force
+ (IETF). It represents the consensus of the IETF community. It has
+ received public review and has been approved for publication by the
+ Internet Engineering Steering Group (IESG). Not all documents
+ approved by the IESG are a candidate for any level of Internet
+ Standard; see Section 2 of RFC 5741.
+
+ Information about the current status of this document, any errata,
+ and how to provide feedback on it may be obtained at
+ http://www.rfc-editor.org/info/rfc6272.
+
+Copyright Notice
+
+ Copyright (c) 2011 IETF Trust and the persons identified as the
+ document authors. All rights reserved.
+
+ This document is subject to BCP 78 and the IETF Trust's Legal
+ Provisions Relating to IETF Documents
+ (http://trustee.ietf.org/license-info) in effect on the date of
+ publication of this document. Please review these documents
+ carefully, as they describe your rights and restrictions with respect
+ to this document. Code Components extracted from this document must
+ include Simplified BSD License text as described in Section 4.e of
+ the Trust Legal Provisions and are provided without warranty as
+ described in the Simplified BSD License.
+
+
+
+
+Baker & Meyer Informational [Page 1]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+Table of Contents
+
+ 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4
+ 2. The Internet Protocol Suite . . . . . . . . . . . . . . . . . 6
+ 2.1. Internet Protocol Layers . . . . . . . . . . . . . . . . . 6
+ 2.1.1. Application . . . . . . . . . . . . . . . . . . . . . 7
+ 2.1.2. Transport . . . . . . . . . . . . . . . . . . . . . . 8
+ 2.1.3. Network . . . . . . . . . . . . . . . . . . . . . . . 8
+ 2.1.3.1. Internet Protocol . . . . . . . . . . . . . . . . 9
+ 2.1.3.2. Lower-Layer Networks . . . . . . . . . . . . . . . 9
+ 2.1.4. Media Layers: Physical and Link . . . . . . . . . . . 9
+ 2.2. Security Issues . . . . . . . . . . . . . . . . . . . . . 9
+ 2.2.1. Physical and Data Link Layer Security . . . . . . . . 10
+ 2.2.2. Network, Transport, and Application Layer Security . . 11
+ 2.3. Network Infrastructure . . . . . . . . . . . . . . . . . . 13
+ 2.3.1. Domain Name System (DNS) . . . . . . . . . . . . . . . 13
+ 2.3.2. Network Management . . . . . . . . . . . . . . . . . . 13
+ 3. Specific Protocols . . . . . . . . . . . . . . . . . . . . . . 14
+ 3.1. Security Toolbox . . . . . . . . . . . . . . . . . . . . . 14
+ 3.1.1. Authentication, Authorization, and Accounting (AAA) . 14
+ 3.1.2. Network Layer Security . . . . . . . . . . . . . . . . 15
+ 3.1.3. Transport Layer Security . . . . . . . . . . . . . . . 16
+ 3.1.4. Application Layer Security . . . . . . . . . . . . . . 17
+ 3.1.5. Secure Shell . . . . . . . . . . . . . . . . . . . . . 18
+ 3.1.6. Key Management Infrastructures . . . . . . . . . . . . 18
+ 3.1.6.1. PKIX . . . . . . . . . . . . . . . . . . . . . . . 18
+ 3.1.6.2. Kerberos . . . . . . . . . . . . . . . . . . . . . 19
+ 3.2. Network Layer . . . . . . . . . . . . . . . . . . . . . . 19
+ 3.2.1. IPv4/IPv6 Coexistence Advice . . . . . . . . . . . . . 19
+ 3.2.1.1. Dual Stack Coexistence . . . . . . . . . . . . . . 19
+ 3.2.1.2. Tunneling Mechanism . . . . . . . . . . . . . . . 20
+ 3.2.1.3. Translation between IPv4 and IPv6 Networks . . . . 20
+ 3.2.2. Internet Protocol Version 4 . . . . . . . . . . . . . 21
+ 3.2.2.1. IPv4 Address Allocation and Assignment . . . . . . 22
+ 3.2.2.2. IPv4 Unicast Routing . . . . . . . . . . . . . . . 22
+ 3.2.2.3. IPv4 Multicast Forwarding and Routing . . . . . . 22
+ 3.2.3. Internet Protocol Version 6 . . . . . . . . . . . . . 23
+ 3.2.3.1. IPv6 Address Allocation and Assignment . . . . . . 23
+ 3.2.3.2. IPv6 Routing . . . . . . . . . . . . . . . . . . . 24
+ 3.2.4. Routing for IPv4 and IPv6 . . . . . . . . . . . . . . 24
+ 3.2.4.1. Routing Information Protocol . . . . . . . . . . . 24
+ 3.2.4.2. Open Shortest Path First . . . . . . . . . . . . . 24
+ 3.2.4.3. ISO Intermediate System to Intermediate System . . 25
+ 3.2.4.4. Border Gateway Protocol . . . . . . . . . . . . . 25
+ 3.2.4.5. Dynamic MANET On-Demand (DYMO) Routing . . . . . . 25
+ 3.2.4.6. Optimized Link State Routing Protocol . . . . . . 26
+ 3.2.4.7. Routing for Low-Power and Lossy Networks . . . . . 26
+
+
+
+
+Baker & Meyer Informational [Page 2]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ 3.2.5. IPv6 Multicast Forwarding and Routing . . . . . . . . 27
+ 3.2.5.1. Protocol-Independent Multicast Routing . . . . . . 27
+ 3.2.6. Adaptation to Lower-Layer Networks and Link Layer
+ Protocols . . . . . . . . . . . . . . . . . . . . . . 28
+ 3.3. Transport Layer . . . . . . . . . . . . . . . . . . . . . 28
+ 3.3.1. User Datagram Protocol (UDP) . . . . . . . . . . . . . 28
+ 3.3.2. Transmission Control Protocol (TCP) . . . . . . . . . 29
+ 3.3.3. Stream Control Transmission Protocol (SCTP) . . . . . 29
+ 3.3.4. Datagram Congestion Control Protocol (DCCP) . . . . . 30
+ 3.4. Infrastructure . . . . . . . . . . . . . . . . . . . . . . 30
+ 3.4.1. Domain Name System . . . . . . . . . . . . . . . . . . 30
+ 3.4.2. Dynamic Host Configuration . . . . . . . . . . . . . . 31
+ 3.4.3. Network Time . . . . . . . . . . . . . . . . . . . . . 31
+ 3.5. Network Management . . . . . . . . . . . . . . . . . . . . 31
+ 3.5.1. Simple Network Management Protocol (SNMP) . . . . . . 31
+ 3.5.2. Network Configuration (NETCONF) Protocol . . . . . . . 32
+ 3.6. Service and Resource Discovery . . . . . . . . . . . . . . 33
+ 3.6.1. Service Discovery . . . . . . . . . . . . . . . . . . 33
+ 3.6.2. Resource Discovery . . . . . . . . . . . . . . . . . . 33
+ 3.7. Other Applications . . . . . . . . . . . . . . . . . . . . 34
+ 3.7.1. Session Initiation Protocol . . . . . . . . . . . . . 34
+ 3.7.2. Extensible Messaging and Presence Protocol . . . . . . 35
+ 3.7.3. Calendaring . . . . . . . . . . . . . . . . . . . . . 35
+ 4. A Simplified View of the Business Architecture . . . . . . . . 35
+ 5. Security Considerations . . . . . . . . . . . . . . . . . . . 40
+ 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 40
+ 7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 40
+ 7.1. Normative References . . . . . . . . . . . . . . . . . . . 40
+ 7.2. Informative References . . . . . . . . . . . . . . . . . . 41
+ Appendix A. Example: Advanced Metering Infrastructure . . . . . . 58
+ A.1. How to Structure a Network . . . . . . . . . . . . . . . . 59
+ A.1.1. HAN Routing . . . . . . . . . . . . . . . . . . . . . 62
+ A.1.2. HAN Security . . . . . . . . . . . . . . . . . . . . . 62
+ A.2. Model 1: AMI with Separated Domains . . . . . . . . . . . 64
+ A.3. Model 2: AMI with Neighborhood Access to the Home . . . . 65
+ A.4. Model 3: Collector Is an IP Router . . . . . . . . . . . . 66
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Baker & Meyer Informational [Page 3]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+1. Introduction
+
+ This document provides Smart Grid designers with advice on how to
+ best "profile" the Internet Protocol Suite (IPS) for use in Smart
+ Grids. It provides an overview of the IPS and the key infrastructure
+ protocols that are critical in integrating Smart Grid devices into an
+ IP-based infrastructure.
+
+ In the words of Wikipedia [SmartGrid]:
+
+ A Smart Grid is a form of electricity network utilizing digital
+ technology. A Smart Grid delivers electricity from suppliers to
+ consumers using two-way digital communications to control
+ appliances at consumers' homes; this saves energy, reduces costs
+ and increases reliability and transparency. It overlays the
+ ordinary electrical Grid with an information and net metering
+ system, that includes smart meters. Smart Grids are being
+ promoted by many governments as a way of addressing energy
+ independence, global warming and emergency resilience issues.
+
+ A Smart Grid is made possible by applying sensing, measurement and
+ control devices with two-way communications to electricity
+ production, transmission, distribution and consumption parts of
+ the power Grid that communicate information about Grid condition
+ to system users, operators and automated devices, making it
+ possible to dynamically respond to changes in Grid condition.
+
+ A Smart Grid includes an intelligent monitoring system that keeps
+ track of all electricity flowing in the system. It also has the
+ capability of integrating renewable electricity such as solar and
+ wind. When power is least expensive the user can allow the smart
+ Grid to turn on selected home appliances such as washing machines
+ or factory processes that can run at arbitrary hours. At peak
+ times it could turn off selected appliances to reduce demand.
+
+ Other names for a Smart Grid (or for similar proposals) include
+ smart electric or power Grid, intelligent Grid (or intelliGrid),
+ futureGrid, and the more modern interGrid and intraGrid.
+
+ That description focuses on the implications of Smart Grid technology
+ in the home of a consumer. In fact, data communications technologies
+ of various kinds are used throughout the Grid, to monitor and
+ maintain power generation, transmission, and distribution, as well as
+ the operations and management of the Grid. One can view the Smart
+ Grid as a collection of interconnected computer networks that
+ connects and serves the needs of public and private electrical
+ utilities and their customers.
+
+
+
+
+Baker & Meyer Informational [Page 4]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ At the time of this writing, there is no single document that can be
+ described as comprising an internationally agreed standard for the
+ Smart Grid; that is in part the issue being addressed in its
+ development. The nearest approximations are probably the Smart Grid
+ Interoperability Panel's Conceptual Model [Model] and documents
+ comprising [IEC61850].
+
+ The Internet Protocol Suite (IPS) provides options for numerous
+ architectural components. For example, the IPS provides several
+ choices for the traditional transport function between two systems:
+ the Transmission Control Protocol (TCP) [RFC0793], the Stream Control
+ Transmission Protocol (SCTP) [RFC4960], and the Datagram Congestion
+ Control Protocol (DCCP) [RFC4340]. Another option is to select an
+ encapsulation such as the User Datagram Protocol (UDP) [RFC0768],
+ which essentially allows an application to implement its own
+ transport service. In practice, a designer will pick a transport
+ protocol that is appropriate to the problem being solved.
+
+ The IPS is standardized by the Internet Engineering Task Force
+ (IETF). IETF protocols are documented in the Request for Comments
+ (RFC) series. Several RFCs have been written describing how the IPS
+ should be implemented. These include:
+
+ o Requirements for Internet Hosts - Communication Layers [RFC1122],
+
+ o Requirements for Internet Hosts - Application and Support
+ [RFC1123],
+
+ o Requirements for IP Version 4 Routers [RFC1812], and
+
+ o IPv6 Node Requirements [RFC4294].
+
+ At the time of this writing, RFC 4294 is in the process of being
+ updated, in [IPv6-NODE-REQ].
+
+ This document is intended to provide Smart Grid architects and
+ designers with a compendium of relevant RFCs (and to some extent,
+ Internet Drafts), and is organized as an annotated list of RFCs. To
+ that end, the remainder of this document is organized as follows:
+
+ o Section 2 describes the Internet Architecture and its protocol
+ suite.
+
+ o Section 3 outlines a set of protocols that may be useful in Smart
+ Grid deployment. It is not exhaustive.
+
+ o Finally, Section 4 provides an overview of the business
+ architecture embodied in the design and deployment of the IPS.
+
+
+
+Baker & Meyer Informational [Page 5]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+2. The Internet Protocol Suite
+
+ Before enumerating the list of Internet protocols relevant to Smart
+ Grid, we discuss the layered architecture of the IPS, the functions
+ of the various layers, and their associated protocols.
+
+2.1. Internet Protocol Layers
+
+ While Internet architecture uses the definitions and language similar
+ to language used by the ISO Open System Interconnect (ISO-OSI)
+ reference model (Figure 1), it actually predates that model. As a
+ result, there is some skew in terminology. For example, the ISO-OSI
+ model uses "end system" while the Internet architecture uses "host".
+ Similarly, an "intermediate system" in the ISO-OSI model is called an
+ "internet gateway" or "router" in Internet parlance. Notwithstanding
+ these differences, the fundamental concepts are largely the same.
+
+ +--------------------+
+ | Application Layer |
+ +--------------------+
+ | Presentation Layer |
+ +--------------------+
+ | Session Layer |
+ +--------------------+
+ | Transport Layer |
+ +--------------------+
+ | Network Layer |
+ +--------------------+
+ | Data Link Layer |
+ +--------------------+
+ | Physical Layer |
+ +--------------------+
+
+ Figure 1: The ISO OSI Reference Model
+
+ The structure of the Internet reference model is shown in Figure 2.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Baker & Meyer Informational [Page 6]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ +---------------------------------+
+ |Application |
+ | +---------------------------+ |
+ | | Application Protocol | |
+ | +----------+----------------+ |
+ | | Encoding | Session Control| |
+ | +----------+----------------+ |
+ +---------------------------------+
+ |Transport |
+ | +---------------------------+ |
+ | | Transport Layer | |
+ | +---------------------------+ |
+ +---------------------------------+
+ |Network |
+ | +---------------------------+ |
+ | | Internet Protocol | |
+ | +---------------------------+ |
+ | | Lower Network Layers | |
+ | +---------------------------+ |
+ +---------------------------------+
+ |Media Layers |
+ | +---------------------------+ |
+ | | Data Link Layer | |
+ | +---------------------------+ |
+ | | Physical Layer | |
+ | +---------------------------+ |
+ +---------------------------------+
+
+ Figure 2: The Internet Reference Model
+
+2.1.1. Application
+
+ In the Internet model, the Application, Presentation, and Session
+ layers are compressed into a single entity called "the application".
+ For example, the Simple Network Management Protocol (SNMP) [RFC3411]
+ describes an application that encodes its data in an ASN.1 profile
+ and engages in a session to manage a network element. The point here
+ is that in the Internet, the distinction between these layers exists
+ but is not highlighted. Further, note that in Figure 2, these
+ functions are not necessarily cleanly layered: the fact that an
+ application protocol encodes its data in some way and that it manages
+ sessions in some way doesn't imply a hierarchy between those
+ processes. Rather, the application views encoding, session
+ management, and a variety of other services as a tool set that it
+ uses while doing its work.
+
+
+
+
+
+
+Baker & Meyer Informational [Page 7]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+2.1.2. Transport
+
+ The term "transport" is perhaps among the most confusing concepts in
+ the communication architecture, to a large extent because people with
+ various backgrounds use it to refer to "the layer below that which I
+ am interested in, which gets my data to my peer". For example,
+ optical network engineers refer to optical fiber and associated
+ electronics as "the transport", while web designers refer to the
+ Hypertext Transfer Protocol (HTTP) [RFC2616] (an application layer
+ protocol) as "the transport".
+
+ In the Internet protocol stack, the "transport" is the lowest
+ protocol layer that travels end-to-end unmodified, and it is
+ responsible for end-to-end data delivery services. In the Internet,
+ the transport layer is the layer above the network layer. Transport
+ layer protocols have a single minimum requirement: the ability to
+ multiplex several applications on one IP address. UDP [RFC0768], TCP
+ [RFC0793], DCCP [RFC4340], SCTP [RFC4960], and NORM [RFC5740] each
+ accomplish this using a pair of port numbers, one for the sender and
+ one for the receiver. A port number identifies an application
+ instance, which might be a general "listener" that peers or clients
+ may open sessions with, or a specific correspondent with such a
+ "listener". The session identification in an IP datagram is often
+ called the "five-tuple", and consists of the source and destination
+ IP addresses, the source and destination ports, and an identifier for
+ the transport protocol in use.
+
+ In addition, the responsibilities of a specific transport layer
+ protocol typically include the delivery of data (either as a stream
+ of messages or a stream of bytes) in a stated sequence with stated
+ expectations regarding delivery rate and loss. For example, TCP will
+ reduce its rate in response to loss, as a congestion control trigger,
+ while DCCP accepts some level of loss if necessary to maintain
+ timeliness.
+
+2.1.3. Network
+
+ The main function of the network layer is to identify a remote
+ destination and deliver data to it. In connection-oriented networks
+ such as Multi-protocol Label Switching (MPLS) [RFC3031] or
+ Asynchronous Transfer Mode (ATM), a path is set up once, and data is
+ delivered through it. In connectionless networks such as Ethernet
+ and IP, data is delivered as datagrams. Each datagram contains both
+ the source and destination network layer addresses, and the network
+ is responsible for delivering it. In the Internet Protocol Suite,
+ the Internet Protocol is the network that runs end to end. It may be
+ encapsulated over other LAN and WAN technologies, including both IP
+ networks and networks of other types.
+
+
+
+Baker & Meyer Informational [Page 8]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+2.1.3.1. Internet Protocol
+
+ IPv4 and IPv6, each of which is called the Internet Protocol, are
+ connectionless ("datagram") architectures. They are designed as
+ common elements that interconnect network elements across a network
+ of lower-layer networks. In addition to the basic service of
+ identifying a datagram's source and destination, they offer services
+ to fragment and reassemble datagrams when necessary, assist in
+ diagnosis of network failures, and carry additional information
+ necessary in special cases.
+
+ The Internet layer provides a uniform network abstraction network
+ that hides the differences between various network technologies.
+ This is the layer that allows diverse networks such as Ethernet,
+ 802.15.4, etc. to be combined into a uniform IP network. New network
+ technologies can be introduced into the IP Protocol Suite by defining
+ how IP is carried over those technologies, leaving the other layers
+ of the IPS and applications that use those protocol unchanged.
+
+2.1.3.2. Lower-Layer Networks
+
+ The network layer can be recursively subdivided as needed. This may
+ be accomplished by tunneling, in which an IP datagram is encapsulated
+ in another IP header for delivery to a decapsulator. IP is
+ frequently carried in Virtual Private Networks (VPNs) across the
+ public Internet using tunneling technologies such as the Tunnel mode
+ of IPsec, IP-in-IP, and Generic Route Encapsulation (GRE) [RFC2784].
+ In addition, IP is also frequently carried in circuit networks such
+ as MPLS [RFC4364], GMPLS, and ATM. Finally, IP is also carried over
+ wireless networks (IEEE 802.11, 802.15.4, or 802.16) and switched
+ Ethernet (IEEE 802.3) networks.
+
+2.1.4. Media Layers: Physical and Link
+
+ At the lowest layer of the IP architecture, data is encoded in
+ messages and transmitted over the physical media. While the IETF
+ specifies algorithms for carrying IPv4 and IPv6 various media types,
+ it rarely actually defines the media -- it happily uses
+ specifications from IEEE, ITU, and other sources.
+
+2.2. Security Issues
+
+ While complaining about the security of the Internet is popular, it
+ is important to distinguish between attacks on protocols and attacks
+ on users (e.g., phishing). Attacks on users are largely independent
+ of protocol details, reflecting interface design issues or user
+ education problems, and are out of scope for this document. Security
+ problems with Internet protocols are in scope, of course, and can
+
+
+
+Baker & Meyer Informational [Page 9]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ often be mitigated using existing security features already specified
+ for the protocol, or by leveraging the security services offered by
+ other IETF protocols. See the Security Assessment of the
+ Transmission Control Protocol (TCP) [TCP-SEC] and the Security
+ Assessment of the Internet Protocol version 4 [IP-SEC] for more
+ information on TCP and IPv4 issues, respectively.
+
+ These solutions do, however, need to get deployed as well. The road
+ to widespread deployment can sometimes be painful since often
+ multiple stakeholders need to take actions. Experience has shown
+ that this takes some time, and very often only happens when the
+ incentives are high enough in relation to the costs.
+
+ Furthermore, it is important to stress that available standards are
+ important, but the range of security problems is larger than a
+ missing standard; many security problems are the result of
+ implementation bugs and the result of certain deployment choices.
+ While these are outside the realm of standards development, they play
+ an important role in the security of the overall system. Security
+ has to be integrated into the entire process.
+
+ The IETF takes security seriously in the design of their protocols
+ and architectures; every IETF specification has to have a Security
+ Considerations section to document the offered security threats and
+ countermeasures. RFC 3552 [RFC3552] provides recommendations on
+ writing such a Security Considerations section. It also describes
+ the classical Internet security threat model and lists common
+ security goals.
+
+ In a nutshell, security has to be integrated into every protocol,
+ protocol extension, and consequently, every layer of the protocol
+ stack to be useful. We illustrate this also throughout this document
+ with references to further security discussions. Our experience has
+ shown that dealing with security as an afterthought does not lead to
+ the desired outcome.
+
+ The discussion of security threats and available security mechanisms
+ aims to illustrate some of the design aspects that commonly appear.
+
+2.2.1. Physical and Data Link Layer Security
+
+ At the physical and data link layers, threats generally center on
+ physical attacks on the network -- the effects of backhoes,
+ deterioration of physical media, and various kinds of environmental
+ noise. Radio-based networks are subject to signal fade due to
+ distance, interference, and environmental factors; it is widely noted
+ that IEEE 802.15.4 networks frequently place a metal ground plate
+ between the meter and the device that manages it. Fiber was at one
+
+
+
+Baker & Meyer Informational [Page 10]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ time deployed because it was believed to be untappable; we have since
+ learned to tap it by bending the fiber and collecting incidental
+ light, and we have learned about backhoes. As a result, some
+ installations encase fiber optic cable in a pressurized sheath, both
+ to quickly identify the location of a cut and to make it more
+ difficult to tap.
+
+ While there are protocol behaviors that can detect certain classes of
+ physical faults, such as keep-alive exchanges, physical security is
+ generally not considered to be a protocol problem.
+
+ For wireless transmission technologies, eavesdropping on the
+ transmitted frames is also typically a concern. Additionally, those
+ operating networks may want to ensure that access to their
+ infrastructure is restricted to those who are authenticated and
+ authorized (typically called 'network access authentication'). This
+ procedure is often offered by security primitives at the data link
+ layer.
+
+2.2.2. Network, Transport, and Application Layer Security
+
+ At the network, transport, and application layers, it is common to
+ demand a few basic security requirements, commonly referred to as CIA
+ (Confidentiality, Integrity, and Availability):
+
+ 1. Confidentiality: Protect the transmitted data from unauthorized
+ disclosure (i.e., keep eavesdroppers from learning what was
+ transmitted). For example, for trust in e-commerce applications,
+ credit card transactions are exchanged encrypted between the Web
+ browser and a Web server.
+
+ 2. Integrity: Protect against unauthorized changes to exchanges,
+ including both intentional change or destruction and accidental
+ change or loss, by ensuring that changes to exchanges are
+ detectable. It has two parts: one for the data and one for the
+ peers.
+
+ * Peers need to verify that information that appears to be from
+ a trusted peer is really from that peer. This is typically
+ called 'data origin authentication'.
+
+ * Peers need to validate that the content of the data exchanged
+ is unmodified. The term typically used for this property is
+ 'data integrity'.
+
+ 3. Availability: Ensure that the resource is accessible by
+ mitigating of denial-of-service attacks.
+
+
+
+
+Baker & Meyer Informational [Page 11]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ To this we add authenticity, which requires that the communicating
+ peers prove that they are in fact who they say they are to each other
+ (i.e., mutual authentication). This generally means knowing "who"
+ the peer is, and that they demonstrate the possession of a "secret"
+ as part of the security protocol interaction.
+
+ The following three examples aim to illustrate these security
+ requirements.
+
+ One common attack against a TCP session is to bombard the session
+ with reset messages. Other attacks against TCP include the "SYN
+ flooding" attack, in which an attacker attempts to exhaust the memory
+ of the target by creating TCP state. In particular, the attacker
+ attempts to exhaust the target's memory by opening a large number of
+ unique TCP connections, each of which is represented by a
+ Transmission Control Block (TCB). The attack is successful if the
+ attacker can cause the target to fill its memory with TCBs.
+
+ A number of mechanisms have been developed to deal with these types
+ of denial-of-service attacks. One, "SYN Cookies", delays state
+ establishment on the server side to a later phase in the protocol
+ exchange. Another mechanism, specifically targeting the reset attack
+ cited above, provides authentication services in TCP itself to ensure
+ that fake resets are rejected.
+
+ Another approach would be to offer security protection already at a
+ lower layer, such as IPsec (see Section 3.1.2) or TLS (see
+ Section 3.1.3), so that a host can identify legitimate messages and
+ discard the others, thus mitigating any damage that may have been
+ caused by the attack.
+
+ Another common attack involves unauthorized access to resources. For
+ example, an unauthorized party might try to attach to a network. To
+ protect against such an attack, an Internet Service Provider (ISP)
+ typically requires network access authentication of new hosts
+ demanding access to the network and to the Internet prior to offering
+ access. This exchange typically requires authentication of that
+ entity and a check in the ISPs back-end database to determine whether
+ corresponding subscriber records exist and are still valid (e.g.,
+ active subscription and sufficient credits).
+
+ From the discussion above, establishing a secure communication
+ channel is clearly an important concept frequently used to mitigate a
+ range of attacks. Unfortunately, focusing only on channel security
+ may not be enough for a given task. Threat models have evolved and
+ even some of the communication endpoints cannot be considered fully
+ trustworthy, i.e., even trusted peers may act maliciously.
+
+
+
+
+Baker & Meyer Informational [Page 12]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ Furthermore, many protocols are more sophisticated in their protocol
+ interaction and involve more than two parties in the protocol
+ exchange. Many of the application layer protocols, such as email,
+ instant messaging, voice over IP, and presence-based applications,
+ fall into this category. With this class of protocols, secure data,
+ such as DNS records, and secure communications with middleware,
+ intermediate servers, and supporting applications need to be
+ considered as well as the security of the direct communication. A
+ detailed treatment of the security threats and requirements of these
+ multi-party protocols is beyond this specification but the interested
+ reader is referred to the above-mentioned examples for an
+ illustration of what technical mechanisms have been investigated and
+ proposed in the past.
+
+2.3. Network Infrastructure
+
+ While the following protocols are not critical to the design of a
+ specific system, they are important to running a network, and as such
+ are surveyed here.
+
+2.3.1. Domain Name System (DNS)
+
+ The DNS' main function is translating names to numeric IP addresses.
+ While this is not critical to running a network, certain functions
+ are made a lot easier if numeric addresses can be replaced with
+ mnemonic names. This facilitates renumbering of networks and
+ generally improves the manageability and serviceability of the
+ network. DNS has a set of security extensions called DNSSEC, which
+ can be used to provide strong cryptographic authentication to the
+ DNS. DNS and DNSSEC are discussed further in Section 3.4.1.
+
+2.3.2. Network Management
+
+ Network management has proven to be a difficult problem. As such,
+ various solutions have been proposed, implemented, and deployed.
+ Each solution has its proponents, all of whom have solid arguments
+ for their viewpoints. The IETF has two major network management
+ solutions for device operation: SNMP, which is ASN.1-encoded and is
+ primarily used for monitoring of system variables, and NETCONF
+ [RFC4741], which is XML-encoded and primarily used for device
+ configuration.
+
+ Another aspect of network management is the initial provisioning and
+ configuration of hosts, which is discussed in Section 3.4.2. Note
+ that Smart Grid deployments may require identity authentication and
+ authorization (as well as other provisioning and configuration) that
+ may not be within the scope of either DHCP or Neighbor Discovery.
+ While the IP Protocol Suite has limited support for secure
+
+
+
+Baker & Meyer Informational [Page 13]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ provisioning and configuration, these problems have been solved using
+ IP protocols in specifications such as DOCSIS 3.0 [SP-MULPIv3.0].
+
+3. Specific Protocols
+
+ In this section, having briefly laid out the IP architecture and some
+ of the problems that the architecture tries to address, we introduce
+ specific protocols that might be appropriate to various Smart Grid
+ use cases. Use cases should be analyzed along with privacy,
+ Authentication, Authorization, and Accounting (AAA), transport, and
+ network solution dimensions. The following sections provide guidance
+ for such analysis.
+
+3.1. Security Toolbox
+
+ As noted, a key consideration in security solutions is a good threat
+ analysis coupled with appropriate mitigation strategies at each
+ layer. The IETF has over time developed a number of building blocks
+ for security based on the observation that protocols often demand
+ similar security services. The following sub-sections outline a few
+ of those commonly used security building blocks. Reusing them offers
+ several advantages, such as availability of open source code,
+ experience with existing systems, a number of extensions that have
+ been developed, and the confidence that the listed technologies have
+ been reviewed and analyzed by a number of security experts.
+
+ It is important to highlight that in addition to the mentioned
+ security tools, every protocol often comes with additional, often
+ unique security considerations that are specific to the domain in
+ which the protocol operates. Many protocols include features
+ specifically designed to mitigate these protocol-specific risks. In
+ other cases, the security considerations will identify security-
+ relevant services that are required from other network layers to
+ achieve appropriate levels of security.
+
+3.1.1. Authentication, Authorization, and Accounting (AAA)
+
+ While the term AAA sounds generic and applicable to all sorts of
+ security protocols, it has been, in the IETF, used in relation to
+ network access authentication and is associated with the RADIUS
+ ([RFC2865]) and the Diameter protocol ([RFC3588], [DIME-BASE]) in
+ particular.
+
+ The authentication procedure for network access aims to deal with the
+ task of verifying that a peer is authenticated and authorized prior
+ to accessing a particular resource (often connectivity to the
+ Internet). Typically, the authentication architecture for network
+ access consists of the following building blocks: the Extensible
+
+
+
+Baker & Meyer Informational [Page 14]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ Authentication Protocol (EAP [RFC4017]) as a container to encapsulate
+ EAP methods, an EAP Method (as a specific way to perform
+ cryptographic authentication and key exchange, such as described in
+ RFC 5216 [RFC5216] and RFC 5433 [RFC5433]), a protocol that carries
+ EAP payloads between the end host and a server-side entity (such as a
+ network access server), and a way to carry EAP payloads to back-end
+ server infrastructure (potentially in a cross-domain scenario) to
+ provide authorization and accounting functionality. The latter part
+ is provided by RADIUS and Diameter. To carry EAP payloads between
+ the end host and a network access server, different mechanisms have
+ been standardized, such as the Protocol for Carrying Authentication
+ for Network Access (PANA) [RFC5191] and IEEE 802.1X [IEEE802.1X].
+ For access to remote networks, such as enterprise networks, the
+ ability to utilize EAP within IKEv2 [RFC5996] has also been
+ developed.
+
+ More recently, the same architecture with EAP and RADIUS/Diameter is
+ being reused for application layer protocols. More details about
+ this architectural variant can be found in [ABFAB-ARCH].
+
+3.1.2. Network Layer Security
+
+ IP security, as described in [RFC4301], addresses security at the IP
+ layer, provided through the use of a combination of cryptographic and
+ protocol security mechanisms. It offers a set of security services
+ for traffic at the IP layer, in both the IPv4 and IPv6 environment.
+ The set of security services offered includes access control,
+ connectionless integrity, data origin authentication, detection and
+ rejection of replays (a form of partial sequence integrity),
+ confidentiality (via encryption), and limited traffic-flow
+ confidentiality. These services are provided at the IP layer,
+ offering protection in a standard fashion for all protocols that may
+ be carried over IP (including IP itself).
+
+ The architecture foresees a split between the rather time-consuming
+ (a) authentication and key exchange protocol step that also
+ establishes a security association (a data structure with keying
+ material and security parameters) and (b) the actual data traffic
+ protection.
+
+ For the former step, the Internet Key Exchange protocol version 2
+ (IKEv2 [RFC5996]) is the most recent edition of the standardized
+ protocol. IKE negotiates each of the cryptographic algorithms that
+ will be used to protect the data independently, somewhat like
+ selecting items a la carte.
+
+ For the actual data protection, two types of protocols have
+ historically been used, namely the IP Authentication Header (AH)
+
+
+
+Baker & Meyer Informational [Page 15]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ [RFC4302] and the Encapsulating Security Payload (ESP) [RFC4303].
+ The two differ in the security services they offer; the most
+ important distinction is that ESP offers confidentiality protection
+ while AH does not. Since ESP can also provide authentication
+ services, most recent protocol developments making use of IPsec only
+ specify use of ESP and do not use AH.
+
+ In addition to these base line protocol mechanisms a number of
+ extensions have been developed for IKEv2 (e.g., an extension to
+ perform EAP-only authentication [RFC5998]) and since the architecture
+ supports flexible treatment of cryptographic algorithms a number of
+ them have been specified (e.g., [RFC4307] for IKEv2, and [RFC4835]
+ for AH and ESP).
+
+3.1.3. Transport Layer Security
+
+ Transport Layer Security v1.2 [RFC5246] are security services that
+ protect data above the transport layer. The protocol allows client/
+ server applications to communicate in a way that is designed to
+ prevent eavesdropping, tampering, or message forgery. TLS is
+ application protocol independent.
+
+ TLS is composed of two layers: the TLS Record protocol and the TLS
+ Handshake protocol. The TLS Record protocol provides connection
+ security that has two basic properties: (a) confidentiality
+ protection and (b) integrity protection.
+
+ The TLS Handshake protocol allows the server and client to
+ authenticate each other and to negotiate an encryption algorithm and
+ cryptographic keys before the application protocol transmits or
+ receives its first byte of data. The negotiated parameters and the
+ derived keying material is then used by the TLS Record protocol to
+ perform its job.
+
+ Unlike IKEv2/IPsec, TLS negotiates these cryptographic parameters in
+ suites, so-called 'cipher suites'. Examples of cipher suites that
+ can be negotiated with TLS include Elliptic Curve Cryptography (ECC)
+ [RFC4492] [RFC5289] [AES-CCM-ECC], Camellia [RFC5932], and the Suite
+ B Profile [RFC5430]. [IEC62351-3] outlines the use of different TLS
+ cipher suites for use in the Smart Grid. The basic cryptographic
+ mechanisms for ECC have been documented in [RFC6090].
+
+ TLS must run over a reliable transport channel -- typically TCP. In
+ order to offer the same security services for unreliable datagram
+ traffic, such as UDP, the Datagram Transport Layer Security (DTLS
+ [RFC4347] [DTLS]) was developed.
+
+
+
+
+
+Baker & Meyer Informational [Page 16]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+3.1.4. Application Layer Security
+
+ In certain cases, the application layer independent security
+ mechanisms described in the previous sub-sections are not sufficient
+ to deal with all the identified threats. For this purpose, a number
+ of security primitives are additionally available at the application
+ layer where the semantic of the application can be considered.
+
+ We will focus our description on a few mechanisms that are commonly
+ used throughout the Internet.
+
+ Cryptographic Message Syntax (CMS [RFC5652]) is an encapsulation
+ syntax to sign, digest, authenticate, or encrypt arbitrary message
+ content. It also allows arbitrary attributes, such as signing time,
+ to be signed along with the message content, and it provides for
+ other attributes such as countersignatures to be associated with a
+ signature. The CMS can support a variety of architectures for
+ certificate-based key management, such as the one defined by the PKIX
+ (Public Key Infrastructure using X.509) working group [RFC5280]. The
+ CMS has been leveraged to supply security services in a variety of
+ protocols, including secure email [RFC5751], key management [RFC5958]
+ [RFC6031], and firmware updates [RFC4108].
+
+ Related work includes the use of digital signatures on XML-encoded
+ documents, which has been jointly standardized by W3C and the IETF
+ [RFC3275]. Digitally signed XML is a good choice where applications
+ natively support XML-encoded data, such as the Extensible Messaging
+ and Presence Protocol (XMPP).
+
+ More recently, the work on delegated authentication and authorization
+ often demanded by Web applications have been developed with the Open
+ Web Authentication (OAuth) protocol [RFC5849] [OAUTHv2]. OAuth is
+ used by third-party applications to gain access to protected
+ resources (such as energy consumption information about a specific
+ household) without having the resource owner share its long-term
+ credentials with that third-party. In OAuth, the third-party
+ application requests access to resources controlled by the resource
+ owner and hosted by the resource server, and is issued a different
+ set of credentials than those of the resource owner. More
+ specifically, the third-party applications obtain an access token
+ during the OAuth protocol exchange. This token denotes a specific
+ scope, duration, and other access attributes. As a result, it
+ securely gains access to the protected resource with the consent of
+ the resource owner.
+
+
+
+
+
+
+
+Baker & Meyer Informational [Page 17]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+3.1.5. Secure Shell
+
+ The Secure Shell (SSH) protocol [RFC4253] has been widely used by
+ administrators and others for secure remote login, but is also usable
+ for secure tunneling. More recently, protocols have chosen to layer
+ on top of SSH for transport security services; for example, the
+ NETCONF network management protocol (see Section 3.5.2) uses SSH as
+ its main communications security protocol.
+
+3.1.6. Key Management Infrastructures
+
+ All of the security protocols discussed above depend on cryptography
+ for security, and hence require some form of key management. Most
+ IETF protocols at least nominally require some scalable form of key
+ management to be defined as mandatory to implement; indeed the lack
+ of such key management features has in the past been a reason to
+ delay approval of protocols. There are two generic key management
+ schemes that are widely used by other Internet protocols, PKIX and
+ Kerberos, each of which is briefly described below.
+
+3.1.6.1. PKIX
+
+ Public Key Infrastructure (PKI) refers to the kind of key management
+ that is based on certification authorities (CAs) issuing public key
+ certificates for other key holders. By chaining from a trust anchor
+ (a locally trusted copy of a CA public key) down to the public key of
+ some protocol peer, PKI allows for secure binding between keys and
+ protocol-specific names, such as email addresses, and hence enables
+ security services such as data and peer authentication, data
+ integrity, and confidentiality (encryption).
+
+ The main Internet standard for PKI is [RFC5280], which is a profile
+ of the X.509 public key certificate format. There are a range of
+ private and commercial CAs operating today providing the ability to
+ manage and securely distribute keys for all protocols that use public
+ key certificates, e.g., TLS and S/MIME. In addition to the profile
+ standard, the PKIX working group has defined a number of management
+ protocols (e.g., [RFC5272] and [RFC4210]) as well as protocols for
+ handling revocation of public key certificates such as the Online
+ Certificate Status Protocol (OCSP) [RFC2560].
+
+ PKI is generally perceived to better handle use-cases spanning
+ multiple independent domains when compared to Kerberos.
+
+
+
+
+
+
+
+
+Baker & Meyer Informational [Page 18]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+3.1.6.2. Kerberos
+
+ The Kerberos Network Authentication System [RFC4120] is commonly used
+ within organizations to centralize authentication, authorization, and
+ policy in one place. Kerberos natively supports usernames and
+ passwords as the basis of authentication. With Public Key
+ Cryptography for Initial Authentication in Kerberos (PKINIT)
+ [RFC4556], Kerberos supports certificate or public-key-based
+ authentication. This may provide an advantage by concentrating
+ policy about certificate validation and mapping of certificates to
+ user accounts in one place. Through the GSS-API [RFC1964] [RFC2743]
+ [RFC4121], Kerberos can be used to manage authentication for most
+ applications. While Kerberos works best within organizations and
+ enterprises, it does have facilities that permit authentication to be
+ shared between administrative domains.
+
+3.2. Network Layer
+
+ The IPS specifies two network layer protocols: IPv4 and IPv6. The
+ following sections describe the IETF's coexistence and transition
+ mechanisms for IPv4 and IPv6.
+
+ Note that on 3 February 2011, the IANA's IPv4 free pool (the pool of
+ available, unallocated IPv4 addresses) was exhausted, and the
+ Regional Internet Registrars' (RIRs') free pools are expected to be
+ exhausted during the coming year, if not sooner. The IETF, the IANA,
+ and the RIRs recommend that new deployments use IPv6, and that IPv4
+ infrastructures be supported via the mechanisms described in
+ Section 3.2.1.
+
+3.2.1. IPv4/IPv6 Coexistence Advice
+
+ The IETF has specified a variety of mechanisms designed to facilitate
+ IPv4/IPv6 coexistence. The IETF actually recommends relatively few
+ of them: the current advice to network operators is found in
+ Guidelines for Using IPv6 Transition Mechanisms [RFC6180]. The
+ thoughts in that document are replicated here.
+
+3.2.1.1. Dual Stack Coexistence
+
+ The simplest coexistence approach is to
+
+ o provide a network that routes both IPv4 and IPv6,
+
+ o ensure that servers and their applications similarly support both
+ protocols, and
+
+
+
+
+
+Baker & Meyer Informational [Page 19]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ o require that all new systems and applications purchased or
+ upgraded support both protocols.
+
+ The net result is that over time all systems become protocol
+ agnostic, and that eventually maintenance of IPv4 support becomes a
+ business decision. This approach is described in the Basic
+ Transition Mechanisms for IPv6 Hosts and Routers [RFC4213].
+
+3.2.1.2. Tunneling Mechanism
+
+ In those places in the network that support only IPv4, the simplest
+ and most reliable approach to coexistence is to provide virtual
+ connectivity using tunnels or encapsulations. Early in IPv6
+ deployment, this was often done using static tunnels. A more dynamic
+ approach is documented in IPv6 Rapid Deployment on IPv4
+ Infrastructures (6rd) [RFC5569].
+
+3.2.1.3. Translation between IPv4 and IPv6 Networks
+
+ In those cases where an IPv4-only host would like to communicate with
+ an IPv6-only host (or vice versa), a need for protocol translation
+ may be indicated. At first blush, protocol translation may appear
+ trivial; on deeper inspection, it turns out that protocol translation
+ can be complicated.
+
+ The most reliable approach to protocol translation is to provide
+ application layer proxies or gateways, which natively enable
+ application-to-application connections using both protocols and can
+ use whichever is appropriate. For example, a web proxy might use
+ both protocols and as a result enable an IPv4-only system to run HTTP
+ across an IPv6-only network or to a web server that implements only
+ IPv6. Since this approach is a service of a protocol-agnostic
+ server, it is not the subject of standardization by the IETF.
+
+ For those applications in which network layer translation is
+ indicated, the IETF has designed a translation mechanism, which is
+ described in the following documents:
+
+ o Framework for IPv4/IPv6 Translation [RFC6144]
+
+ o IPv6 Addressing of IPv4/IPv6 Translators [RFC6052]
+
+ o DNS extensions [RFC6147]
+
+ o IP/ICMP Translation Algorithm [RFC6145]
+
+ o Translation from IPv6 Clients to IPv4 Servers [RFC6146]
+
+
+
+
+Baker & Meyer Informational [Page 20]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ As with IPv4/IPv4 Network Address Translation, translation between
+ IPv4 and IPv6 has limited real world applicability for an application
+ protocol that carries IP addresses in its payload and expects those
+ addresses to be meaningful to both client and server. However, for
+ those protocols that do not, protocol translation can provide a
+ useful network extension.
+
+ Network-based translation provides for two types of services:
+ stateless (and therefore scalable and load-sharable) translation
+ between IPv4 and IPv6 addresses that embed an IPv4 address in them,
+ and stateful translation similar to IPv4/IPv4 translation between
+ IPv4 addresses. The stateless mode is straightforward to implement,
+ but due to the embedding, requires IPv4 addresses to be allocated to
+ an otherwise IPv6-only network, and is primarily useful for IPv4-
+ accessible servers implemented in the IPv6 network. The stateful
+ mode allows clients in the IPv6 network to access servers in the IPv4
+ network, but does not provide such service for IPv4 clients accessing
+ IPv6 peers or servers with general addresses; it has the advantage
+ that it does not require that a unique IPv4 address be embedded in
+ the IPv6 address of hosts using this mechanism.
+
+ Finally, note that some site networks are IPv6 only while some
+ transit networks are IPv4 only. In these cases, it may be necessary
+ to tunnel IPv6 over IPv4 or translate between IPv6 and IPv4.
+
+3.2.2. Internet Protocol Version 4
+
+ IPv4 [RFC0791] and the Internet Control Message Protocol (ICMP)
+ [RFC0792] comprise the IPv4 network layer. IPv4 provides unreliable
+ delivery of datagrams.
+
+ IPv4 also provides for fragmentation and reassembly of long datagrams
+ for transmission through networks with small Maximum Transmission
+ Units (MTU). The MTU is the largest packet size that can be
+ delivered across the network. In addition, the IPS provides ICMP
+ [RFC0792], which is a separate protocol that enables the network to
+ report errors and other issues to hosts that originate problematic
+ datagrams.
+
+ IPv4 originally supported an experimental type of service field that
+ identified eight levels of operational precedence styled after the
+ requirements of military telephony, plus three and later four bit
+ flags that OSI IS-IS for IPv4 (IS-IS) [RFC1195] and OSPF Version 2
+ [RFC2328] interpreted as control traffic; this control traffic is
+ assured of not being dropped when queued or upon receipt, even if
+ other traffic is being dropped. These control bits turned out to be
+ less useful than the designers had hoped. They were replaced by the
+ Differentiated Services Architecture [RFC2474] [RFC2475], which
+
+
+
+Baker & Meyer Informational [Page 21]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ contains a six-bit code point used to select an algorithm (a "per-hop
+ behavior") to be applied to the datagram. The IETF has also produced
+ a set of Configuration Guidelines for DiffServ Service Classes
+ [RFC4594], which describes a set of service classes that may be
+ useful to a network operator.
+
+3.2.2.1. IPv4 Address Allocation and Assignment
+
+ IPv4 addresses are administratively assigned, usually using automated
+ methods, using the Dynamic Host Configuration Protocol (DHCP)
+ [RFC2131]. On most interface types, neighboring systems identify
+ each others' addresses using the Address Resolution Protocol (ARP)
+ [RFC0826].
+
+3.2.2.2. IPv4 Unicast Routing
+
+ Routing for the IPv4 Internet is accomplished by routing applications
+ that exchange connectivity information and build semi-static
+ destination routing databases. If a datagram is directed to a given
+ destination address, the address is looked up in the routing
+ database, and the most specific ("longest") prefix found that
+ contains it is used to identify the next-hop router or the end system
+ to which it will be delivered. This is not generally implemented on
+ hosts, although it can be; a host normally sends datagrams to a
+ router on its local network, and the router carries out the intent.
+
+ IETF specified routing protocols include RIP Version 2 [RFC2453], OSI
+ IS-IS for IPv4 [RFC1195], OSPF Version 2 [RFC2328], and BGP-4
+ [RFC4271]. Active research exists in mobile ad hoc routing and other
+ routing paradigms; these result in new protocols and modified
+ forwarding paradigms.
+
+3.2.2.3. IPv4 Multicast Forwarding and Routing
+
+ IPv4 was originally specified as a unicast (point to point) protocol,
+ and was extended to support multicast in [RFC1112]. This uses the
+ Internet Group Management Protocol [RFC3376] [RFC4604] to enable
+ applications to join multicast groups, and for most applications uses
+ Source-Specific Multicast [RFC4607] for routing and delivery of
+ multicast messages.
+
+ An experiment carried out in IPv4 that is not part of the core
+ Internet architecture but may be of interest in the Smart Grid is the
+ development of so-called "Reliable Multicast". This is "so-called"
+ because it is not "reliable" in the strict sense of the word -- it is
+ perhaps better described as "enhanced reliability". A best effort
+ network by definition can lose traffic, duplicate it, or reorder it,
+ something as true for multicast as for unicast. Research in
+
+
+
+Baker & Meyer Informational [Page 22]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ "Reliable Multicast" technology intends to improve the probability of
+ delivery of multicast traffic.
+
+ In that research, the IETF imposed guidelines [RFC2357] on the
+ research community regarding what was desirable. Important results
+ from that research include a number of papers and several proprietary
+ protocols including some that have been used in support of business
+ operations. RFCs in the area include The Use of Forward Error
+ Correction (FEC) in Reliable Multicast [RFC3453], the Negative-
+ acknowledgment (NACK)-Oriented Reliable Multicast (NORM) Protocol
+ [RFC5740], and the Selectively Reliable Multicast Protocol (SRMP)
+ [RFC4410].
+
+3.2.3. Internet Protocol Version 6
+
+ IPv6 [RFC2460], with the Internet Control Message Protocol "v6"
+ [RFC4443], constitutes the next generation protocol for the Internet.
+ IPv6 provides for transmission of datagrams from source to
+ destination hosts, which are identified by fixed-length addresses.
+
+ IPv6 also provides for fragmentation and reassembly of long datagrams
+ by the originating host, if necessary, for transmission through
+ "small packet" networks. ICMPv6, which is a separate protocol
+ implemented along with IPv6, enables the network to report errors and
+ other issues to hosts that originate problematic datagrams.
+
+ IPv6 adopted the Differentiated Services Architecture [RFC2474]
+ [RFC2475], which contains a six-bit code point used to select an
+ algorithm (a "per-hop behavior") to be applied to the datagram.
+
+ The IPv6 over Low-Power Wireless Personal Area Networks RFC [RFC4919]
+ and the Compression Format for IPv6 Datagrams in 6LoWPAN Networks
+ document [6LOWPAN-HC] addresses IPv6 header compression and subnet
+ architecture in at least some sensor networks, and may be appropriate
+ to the Smart Grid Advanced Metering Infrastructure or other sensor
+ domains.
+
+3.2.3.1. IPv6 Address Allocation and Assignment
+
+ An IPv6 Address [RFC4291] may be administratively assigned using
+ DHCPv6 [RFC3315] in a manner similar to the way IPv4 addresses are.
+ In addition, IPv6 addresses may also be autoconfigured.
+ Autoconfiguration enables various models of network management that
+ may be advantageous in different use cases. Autoconfiguration
+ procedures are defined in [RFC4862] and [RFC4941]. IPv6 neighbors
+ identify each others' addresses using Neighbor Discovery (ND)
+ [RFC4861]. SEcure Neighbor Discovery (SEND) [RFC3971] may be used to
+ secure these operations.
+
+
+
+Baker & Meyer Informational [Page 23]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+3.2.3.2. IPv6 Routing
+
+ Routing for the IPv6 Internet is accomplished by routing applications
+ that exchange connectivity information and build semi-static
+ destination routing databases. If a datagram is directed to a given
+ destination address, the address is looked up in the routing
+ database, and the most specific ("longest") prefix found that
+ contains it is used to identify the next-hop router or the end system
+ to which it will be delivered. Routing is not generally implemented
+ on hosts (although it can be); generally, a host sends datagrams to a
+ router on its local network, and the router carries out the intent.
+
+ IETF-specified routing protocols include RIP for IPv6 [RFC2080],
+ IS-IS for IPv6 [RFC5308], OSPF for IPv6 [RFC5340], and BGP-4 for IPv6
+ [RFC2545]. Active research exists in mobile ad hoc routing, routing
+ in low-power networks (sensors and Smart Grids), and other routing
+ paradigms; these result in new protocols and modified forwarding
+ paradigms.
+
+3.2.4. Routing for IPv4 and IPv6
+
+3.2.4.1. Routing Information Protocol
+
+ The prototypical routing protocol used in the Internet has probably
+ been the Routing Information Protocol [RFC1058]. People that use it
+ today tend to deploy RIPng for IPv6 [RFC2080] and RIP Version 2
+ [RFC2453]. Briefly, RIP is a distance vector routing protocol that
+ is based on a distributed variant of the widely known Bellman-Ford
+ algorithm. In distance vector routing protocols, each router
+ announces the contents of its route table to neighboring routers,
+ which integrate the results with their route tables and re-announce
+ them to others. It has been characterized as "routing by rumor", and
+ suffers many of the ills we find in human gossip -- propagating stale
+ or incorrect information in certain failure scenarios, and being in
+ cases unresponsive to changes in topology. [RFC1058] provides
+ guidance to algorithm designers to mitigate these issues.
+
+3.2.4.2. Open Shortest Path First
+
+ The Open Shortest Path First (OSPF) routing protocol is one of the
+ more widely used protocols in the Internet. OSPF is based on
+ Dijkstra's well known Shortest Path First (SPF) algorithm. It is
+ implemented as OSPF Version 2 [RFC2328] for IPv4, OSPF for IPv6
+ [RFC5340] for IPv6, and the Support of Address Families in OSPFv3
+ [RFC5838] to enable [RFC5340] routing both IPv4 and IPv6.
+
+ The advantage of any SPF-based protocol (i.e., OSPF and IS-IS) is
+ primarily that every router in the network constructs its view of the
+
+
+
+Baker & Meyer Informational [Page 24]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ network from first-hand knowledge rather than the "gossip" that
+ distance vector protocols propagate. As such, the topology is
+ quickly and easily changed by simply announcing the change. The
+ disadvantage of SPF-based protocols is that each router must store a
+ first-person statement of the connectivity of each router in the
+ domain.
+
+3.2.4.3. ISO Intermediate System to Intermediate System
+
+ The Intermediate System to Intermediate System (IS-IS) routing
+ protocol is one of the more widely used protocols in the Internet.
+ IS-IS is also based on Dijkstra's SPF algorithm. It was originally
+ specified as ISO DP 10589 for the routing of Connectionless Network
+ Service (CLNS), and extended for routing in TCP/IP and dual
+ environments [RFC1195], and more recently for routing of IPv6
+ [RFC5308].
+
+ As with OSPF, the positives of any SPF-based protocol and
+ specifically IS-IS are primarily that the network is described as a
+ lattice of routers with connectivity to subnets and isolated hosts.
+ It's topology is quickly and easily changed by simply announcing the
+ change, without the issues of "routing by rumor", since every host
+ within the routing domain has a first-person statement of the
+ connectivity of each router in the domain. The negatives are a
+ corollary: each router must store a first-person statement of the
+ connectivity of each router in the domain.
+
+3.2.4.4. Border Gateway Protocol
+
+ The Border Gateway Protocol (BGP) [RFC4271] is widely used in the
+ IPv4 Internet to exchange routes between administrative entities --
+ service providers, their peers, their upstream networks, and their
+ customers -- while applying specific policy. Multiprotocol
+ Extensions [RFC4760] to BGP allow BGP to carry IPv6 Inter-Domain
+ Routing [RFC2545], multicast reachability information, and VPN
+ information, among others.
+
+ Considerations that apply with BGP deal with the flexibility and
+ complexity of the policies that must be defined. Flexibility is a
+ good thing; in a network that is not run by professionals, the
+ complexity is burdensome.
+
+3.2.4.5. Dynamic MANET On-Demand (DYMO) Routing
+
+ The Mobile Ad Hoc working group of the IETF developed, among other
+ protocols, Ad hoc On-Demand Distance Vector (AODV) Routing [RFC3561].
+ This protocol captured the minds of some in the embedded devices
+ industry, but experienced issues in wireless networks such as
+
+
+
+Baker & Meyer Informational [Page 25]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ 802.15.4 and 802.11's Ad Hoc mode. As a result, it is in the process
+ of being updated in the Dynamic MANET On-demand (DYMO) Routing
+ protocol [DYMO].
+
+ AODV and DYMO are essentially reactive routing protocols designed for
+ mobile ad hoc networks, and usable in other forms of ad hoc networks.
+ They provide connectivity between a device within a distributed
+ subnet and a few devices (including perhaps a gateway or router to
+ another subnet) without tracking connectivity to other devices. In
+ essence, routing is calculated and discovered upon need, and a host
+ or router need only maintain the routes that currently work and are
+ needed.
+
+3.2.4.6. Optimized Link State Routing Protocol
+
+ The Optimized Link State Routing Protocol (OLSR) [RFC3626] is a
+ proactive routing protocol designed for mobile ad hoc networks, and
+ can be used in other forms of ad hoc networks. It provides arbitrary
+ connectivity between systems within a distributed subnet. As with
+ protocols designed for wired networks, routing is calculated whenever
+ changes are detected, and maintained in each router's tables. The
+ set of nodes that operate as routers within the subnet, however, are
+ fairly fluid, and dependent on this instantaneous topology of the
+ subnet.
+
+3.2.4.7. Routing for Low-Power and Lossy Networks
+
+ The IPv6 Routing Protocol for Low power and Lossy Networks (RPL)
+ [RPL] is a reactive routing protocol designed for use in resource
+ constrained networks. Requirements for resource constrained networks
+ are defined in [RFC5548], [RFC5673], [RFC5826], and [RFC5867].
+
+ Briefly, a constrained network is comprised of nodes that:
+
+ o Are built with limited processing power and memory, and sometimes
+ energy when operating on batteries.
+
+ o Are interconnected through a low-data-rate network interface and
+ are potentially vulnerable to communication instability and low
+ packet delivery rates.
+
+ o Potentially have a mix of roles such as being able to act as a
+ host (i.e., generating traffic) and/or a router (i.e., both
+ forwarding and generating RPL traffic).
+
+
+
+
+
+
+
+Baker & Meyer Informational [Page 26]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+3.2.5. IPv6 Multicast Forwarding and Routing
+
+ IPv6 specifies both unicast and multicast datagram exchange. This
+ uses the Multicast Listener Discovery Protocol (MLDv2) [RFC2710]
+ [RFC3590] [RFC3810] [RFC4604] to enable applications to join
+ multicast groups, and for most applications uses Source-Specific
+ Multicast [RFC4607] for routing and delivery of multicast messages.
+
+ The mechanisms experimentally developed for reliable multicast in
+ IPv4, discussed in Section 3.2.2.3, can be used in IPv6 as well.
+
+3.2.5.1. Protocol-Independent Multicast Routing
+
+ A multicast routing protocol has two basic functions: building the
+ multicast distribution tree and forwarding multicast traffic.
+ Multicast routing protocols generally contain a control plane for
+ building distribution trees, and a forwarding plane that uses the
+ distribution tree when forwarding multicast traffic.
+
+ The multicast model works as follows: hosts express their interest in
+ receiving multicast traffic from a source by sending a Join message
+ to their first-hop router. That router in turn sends a Join message
+ upstream towards the root of the tree, grafting the router (leaf
+ node) onto the distribution tree for the group. Data is delivered
+ down the tree toward the leaf nodes, which forward it onto the local
+ network for delivery.
+
+ The initial multicast model deployed in the Internet was known as
+ Any-Source Multicast (ASM). In the ASM model, any host could send to
+ the group and inter-domain multicast was difficult. Protocols such
+ as Protocol Independent Multicast - Dense Mode (PIM-DM): Protocol
+ Specification (Revised) [RFC3973] and Protocol Independent Multicast
+ - Sparse Mode (PIM-SM): Protocol Specification (Revised) [RFC4601]
+ were designed for the ASM model.
+
+ Many modern multicast deployments use Source-Specific Multicast (PIM-
+ SSM) [RFC3569][RFC4608]. In the SSM model, a host expresses interest
+ in a "channel", which is comprised of a source (S) and a group (G).
+ Distribution trees are rooted to the sending host (called an "(S,G)
+ tree"). Since only the source S can send on to the group, SSM has
+ inherent anti-jamming capability. In addition, inter-domain
+ multicast is simplified since finding the (S,G) channel they are
+ interested in receiving is the responsibility of the receivers
+ (rather than the networks). This implies that SSM requires some form
+ of directory service so that receivers can find the (S,G) channels.
+
+
+
+
+
+
+Baker & Meyer Informational [Page 27]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+3.2.6. Adaptation to Lower-Layer Networks and Link Layer Protocols
+
+ In general, the layered architecture of the Internet enables the IPS
+ to run over any appropriate layer two architecture. The ability to
+ change the link or physical layer without having to rethink the
+ network layer, transports, or applications has been a great benefit
+ in the Internet.
+
+ Examples of link layer adaptation technology include:
+
+ Ethernet/IEEE 802.3: IPv4 has run on each link layer environment
+ that uses the Ethernet header (which is to say 10 and 100 MBPS
+ wired Ethernet, 1 and 10 GBPS wired Ethernet, and the various
+ versions of IEEE 802.11) using [RFC0894]. IPv6 does the same
+ using [RFC2464].
+
+ PPP: The IETF has defined a serial line protocol, the Point-to-Point
+ Protocol (PPP) [RFC1661], that uses High-Level Data Link Control
+ (bit-synchronous or byte synchronous) framing. The IPv4
+ adaptation specification is [RFC1332], and the IPv6 adaptation
+ specification is [RFC5072]. Current use of this protocol is in
+ traditional serial lines, authentication exchanges in DSL networks
+ using PPP Over Ethernet (PPPoE) [RFC2516], and the Digital
+ Signaling Hierarchy (generally referred to as Packet-on-SONET/SDH)
+ using PPP over SONET/SDH [RFC2615].
+
+ IEEE 802.15.4: The adaptation specification for IPv6 transmission
+ over IEEE 802.15.4 Networks is [RFC4944].
+
+ Numerous other adaptation specifications exist, including ATM, Frame
+ Relay, X.25, other standardized and proprietary LAN technologies, and
+ others.
+
+3.3. Transport Layer
+
+ This section outlines the functionality of UDP, TCP, SCTP, and DCCP.
+ UDP and TCP are best known and most widely used in the Internet
+ today, while SCTP and DCCP are newer protocols that were built for
+ specific purposes. Other transport protocols can be built when
+ required.
+
+3.3.1. User Datagram Protocol (UDP)
+
+ The User Datagram Protocol [RFC0768] and the Lightweight User
+ Datagram Protocol [RFC3828] are properly not "transport" protocols in
+ the sense of "a set of rules governing the exchange or transmission
+ of data electronically between devices". They are labels that
+
+
+
+
+Baker & Meyer Informational [Page 28]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ provide for multiplexing of applications directly on the IP layer,
+ with transport functionality embedded in the application.
+
+ Many exchange designs have been built using UDP, and many of them
+ have not worked out. As a result, the use of UDP really should be
+ treated as designing a new transport. Advice on the use of UDP in
+ new applications can be found in Unicast UDP Usage Guidelines for
+ Application Designers [RFC5405].
+
+ Datagram Transport Layer Security [RFC5238] can be used to prevent
+ eavesdropping, tampering, or message forgery for applications that
+ run over UDP. Alternatively, UDP can run over IPsec.
+
+3.3.2. Transmission Control Protocol (TCP)
+
+ TCP [RFC0793] is the predominant transport protocol used in the
+ Internet. It is "reliable", as the term is used in protocol design:
+ it delivers data to its peer and provides acknowledgement to the
+ sender, or it dies trying. It has extensions for Congestion Control
+ [RFC5681] and Explicit Congestion Notification [RFC3168].
+
+ The user interface for TCP is a byte stream interface -- an
+ application using TCP might "write" to it several times only to have
+ the data compacted into a common segment and delivered as such to its
+ peer. For message-stream interfaces, ACSE/ROSE uses the ISO
+ Transport Service on TCP [RFC1006][RFC2126] in the application.
+
+ Transport Layer Security [RFC5246] can be used to prevent
+ eavesdropping, tampering, or message forgery. Alternatively, TCP can
+ run over IPsec. Additionally, [RFC4987] discusses mechanisms similar
+ to SCTP's and DCCP's "cookie" approach that may be used to secure TCP
+ sessions against flooding attacks.
+
+ Finally, note that TCP has been the subject of ongoing research and
+ development since it was written. The Roadmap for TCP Specification
+ Documents [RFC4614] captures this history, and is intended to be a
+ guide to current and future developers in the area.
+
+3.3.3. Stream Control Transmission Protocol (SCTP)
+
+ SCTP [RFC4960] is a more recent reliable transport protocol that can
+ be imagined as a TCP-like context containing multiple separate and
+ independent message streams (unlike TCP's byte streams). The design
+ of SCTP includes appropriate congestion avoidance behavior and
+ resistance to flooding and masquerade attacks. As it uses a message
+ stream interface, it may also be more appropriate for the ISO
+ Transport Service than using RFC 1006/2126 to turn TCP's octet
+ streams into a message interface.
+
+
+
+Baker & Meyer Informational [Page 29]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ SCTP offers several delivery options. The basic service is
+ sequential non-duplicated delivery of messages within a stream, for
+ each stream in use. Since streams are independent, one stream may
+ pause due to head-of-line blocking while another stream in the same
+ session continues to deliver data. In addition, SCTP provides a
+ mechanism for bypassing the sequenced delivery service. User
+ messages sent using this mechanism are delivered to the SCTP user as
+ soon as they are received.
+
+ SCTP implements a simple "cookie" mechanism intended to limit the
+ effectiveness of flooding attacks by mutual authentication. This
+ demonstrates that the application is connected to the same peer, but
+ does not identify the peer. Mechanisms also exist for Dynamic
+ Address Reconfiguration [RFC5061], enabling peers to change addresses
+ during the session and yet retain connectivity. Transport Layer
+ Security [RFC3436] can be used to prevent eavesdropping, tampering,
+ or message forgery. Alternatively, SCTP can run over IPsec.
+
+3.3.4. Datagram Congestion Control Protocol (DCCP)
+
+ DCCP [RFC4340] is an "unreliable" transport protocol (e.g., one that
+ does not guarantee message delivery) that provides bidirectional
+ unicast connections of congestion-controlled unreliable datagrams.
+ DCCP is suitable for applications that transfer fairly large amounts
+ of data and that can benefit from control over the tradeoff between
+ timeliness and reliability.
+
+ DCCP implements a simple "cookie" mechanism intended to limit the
+ effectiveness of flooding attacks by mutual authentication. This
+ demonstrates that the application is connected to the same peer, but
+ does not identify the peer. Datagram Transport Layer Security
+ [RFC5238] can be used to prevent eavesdropping, tampering, or message
+ forgery. Alternatively, DCCP can run over IPsec.
+
+3.4. Infrastructure
+
+3.4.1. Domain Name System
+
+ In order to facilitate network management and operations, the
+ Internet community has defined the Domain Name System (DNS) [RFC1034]
+ [RFC1035]. Names are hierarchical: a name like example.com is found
+ registered with a .com registrar, and within the associated network
+ other names like baldur.cincinatti.example.com can be defined, with
+ obvious hierarchy. Security extensions, which allow a registry to
+ sign the records it contains and in so doing demonstrate their
+ authenticity, are defined by the DNS Security Extensions [RFC4033]
+ [RFC4034] [RFC4035].
+
+
+
+
+Baker & Meyer Informational [Page 30]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ Devices can also optionally update their own DNS record. For
+ example, a sensor that is using Stateless Address Autoconfiguration
+ [RFC4862] to create an address might want to associate it with a name
+ using DNS Dynamic Update [RFC2136] or DNS Secure Dynamic Update
+ [RFC3007].
+
+3.4.2. Dynamic Host Configuration
+
+ As discussed in Section 3.2.2, IPv4 address assignment is generally
+ performed using DHCP [RFC2131]. By contrast, Section 3.2.3 points
+ out that IPv6 address assignment can be accomplished using either
+ autoconfiguration [RFC4862] [RFC4941] or DHCPv6 [RFC3315]. The best
+ argument for the use of autoconfiguration is a large number of
+ systems that require little more than a random number as an address;
+ the argument for DHCP is administrative control.
+
+ There are other parameters that may need to be allocated to hosts
+ requiring administrative configuration; examples include the
+ addresses of DNS servers, keys for Secure DNS, and Network Time
+ servers.
+
+3.4.3. Network Time
+
+ The Network Time Protocol was originally designed by Dave Mills of
+ the University of Delaware and CSNET, implementing a temporal metric
+ in the Fuzzball Routing Protocol and generally coordinating time
+ experiments. The current versions of the time protocol are the
+ Network Time Protocol [RFC5905].
+
+3.5. Network Management
+
+ The IETF has developed two protocols for network management: SNMP and
+ NETCONF. SNMP is discussed in Section 3.5.1, and NETCONF is
+ discussed in Section 3.5.2.
+
+3.5.1. Simple Network Management Protocol (SNMP)
+
+ The Simple Network Management Protocol, originally specified in the
+ late 1980's and having passed through several revisions, is specified
+ in several documents:
+
+ o An Architecture for Describing Simple Network Management Protocol
+ (SNMP) Management Frameworks [RFC3411]
+
+ o Message Processing and Dispatching [RFC3412]
+
+ o SNMP Applications [RFC3413]
+
+
+
+
+Baker & Meyer Informational [Page 31]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ o User-based Security Model (USM) for SNMP version 3 [RFC3414]
+
+ o View-based Access Control Model (VACM) [RFC3415]
+
+ o Version 2 of the SNMP Protocol Operations [RFC3416]
+
+ o Transport Mappings [RFC3417]
+
+ o Management Information Base (MIB) [RFC3418]
+
+ It provides capabilities for polled and event-driven activities, and
+ for both monitoring and configuration of systems in the field.
+ Historically, it has been used primarily for monitoring nodes in a
+ network. Messages and their constituent data are encoded using a
+ profile of ASN.1.
+
+3.5.2. Network Configuration (NETCONF) Protocol
+
+ The NETCONF Configuration Protocol is specified in one basic
+ document, with supporting documents for carrying it over the IPS.
+ These documents include:
+
+ o NETCONF Configuration Protocol [RFC4741]
+
+ o Using the NETCONF Configuration Protocol over Secure SHell (SSH)
+ [RFC4742]
+
+ o Using NETCONF over the Simple Object Access Protocol (SOAP)
+ [RFC4743]
+
+ o Using the NETCONF Protocol over the Blocks Extensible Exchange
+ Protocol (BEEP) [RFC4744]
+
+ o NETCONF Event Notifications [RFC5277]
+
+ o NETCONF over Transport Layer Security (TLS) [RFC5539]
+
+ o Partial Lock Remote Procedure Call (RPC) for NETCONF [RFC5717]
+
+ NETCONF was developed in response to operator requests for a common
+ configuration protocol based on ASCII text, unlike ASN.1. In
+ essence, it carries XML-encoded remote procedure call (RPC) data. In
+ response to Smart Grid requirements, there is consideration of a
+ variant of the protocol that could be used for polled and event-
+ driven management activities, and for both monitoring and
+ configuration of systems in the field.
+
+
+
+
+
+Baker & Meyer Informational [Page 32]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+3.6. Service and Resource Discovery
+
+ Service and resource discovery are among the most important protocols
+ for constrained resource self-organizing networks. These include
+ various sensor networks as well as the Home Area Networks (HANs),
+ Building Area Networks (BANs), and Field Area Networks (FANs)
+ envisioned by Smart Grid architects.
+
+3.6.1. Service Discovery
+
+ Service discovery protocols are designed for the automatic
+ configuration and detection of devices, and the services offered by
+ the discovered devices. In many cases service discovery is performed
+ by so-called "constrained resource" devices (i.e., those with limited
+ processing power, memory, and power resources).
+
+ In general, service discovery is concerned with the resolution and
+ distribution of host names via multicast DNS [MULTICAST-DNS] and the
+ automatic location of network services via DHCP (Section 3.4.2), the
+ DNS Service Discovery (DNS-SD) [DNS-SD] (part of Apple's Bonjour
+ technology), and the Service Location Protocol (SLP) [RFC2608].
+
+3.6.2. Resource Discovery
+
+ Resource Discovery is concerned with the discovery of resources
+ offered by end-points and is extremely important in machine-to-
+ machine closed-loop applications (i.e., those with no humans in the
+ loop). The goals of resource discovery protocols include:
+
+ o Simplicity of creation and maintenance of resources
+
+ o Commonly understood semantics
+
+ o Conformance to existing and emerging standards
+
+ o International scope and applicability
+
+ o Extensibility
+
+ o Interoperability among collections and indexing systems
+
+ The Constrained Application Protocol (CoAP) [COAP] is being developed
+ in IETF with these goals in mind. In particular, CoAP is designed
+ for use in constrained resource networks and for machine-to-machine
+ applications such as smart energy and building automation. It
+ provides a RESTful transfer protocol [RESTFUL], a built-in resource
+ discovery protocol, and includes web concepts such as URIs and
+ content-types. CoAP provides both unicast and multicast resource
+
+
+
+Baker & Meyer Informational [Page 33]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ discovery and includes the ability to filter on attributes of
+ resource descriptions. Finally, CoAP resource discovery can also be
+ used to discover HTTP resources.
+
+ For simplicity, CoAP makes the assumption that all CoAP servers
+ listen on the default CoAP port or otherwise have been configured or
+ discovered using some general service discovery mechanism such as DNS
+ Service Discovery (DNS-SD) [DNS-SD].
+
+ Resource discovery in CoAP is accomplished through the use of well-
+ known resources that describe the links offered by a CoAP server.
+ CoAP defines a well-known URI for discovery: "/.well-known/r"
+ [RFC5785]. For example, the query [GET /.well-known/r] returns a
+ list of links (representing resources) available from the queried
+ CoAP server. A query such as [GET /.well-known/r?n=Voltage] returns
+ the resources with the name Voltage.
+
+3.7. Other Applications
+
+ There are many applications that rely on the IP infrastructure, but
+ are not properly thought of as part of the IP infrastructure itself.
+ These applications may be useful in the context of the Smart Grid.
+ The choices made when constructing a profile of the Internet Profile
+ Suite may impact how such applications could be used. Some of them,
+ not by any means an exhaustive list, are discussed here.
+
+3.7.1. Session Initiation Protocol
+
+ The Session Initiation Protocol [RFC3261] [RFC3265] [RFC3853]
+ [RFC4320] [RFC4916] [RFC5393] [RFC5621] is an application layer
+ control (signaling) protocol for creating, modifying, and terminating
+ multimedia sessions on the Internet, and is meant to be more scalable
+ than H.323. Multimedia sessions can be voice, video, instant
+ messaging, shared data, and/or subscriptions of events. SIP can run
+ on top of TCP, UDP, SCTP, or TLS over TCP. SIP is independent of the
+ transport layer, and independent of the underlying IPv4/v6 version.
+ In fact, the transport protocol used can change as the SIP message
+ traverses SIP entities from source to destination.
+
+ SIP itself does not choose whether a session is voice or video, nor
+ does it identify the actual endpoints' IP addresses. The Session
+ Description Protocol (SDP) [RFC4566] is intended for those purposes.
+ Within the SDP, which is transported by SIP, codecs are offered and
+ accepted (or not), and the port number and IP address at which each
+ endpoint wants to receive their Real-time Transport Protocol (RTP)
+ [RFC3550] packets are determined. The introduction of Network
+ Address Translation (NAT) technology into the profile, whether IPv4/
+
+
+
+
+Baker & Meyer Informational [Page 34]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ IPv4, IPv4/IPv6 as described in Section 3.2.1.3, or IPv6/IPv6,
+ increases the complexity of SIP/SDP deployment. This is further
+ discussed in [RFC2993] and [RFC5626].
+
+3.7.2. Extensible Messaging and Presence Protocol
+
+ The Extensible Messaging and Presence Protocol (XMPP) [RFC6120] is a
+ protocol for streaming Extensible Markup Language (XML) elements in
+ order to exchange structured information in close to real time
+ between any two network endpoints. Since XMPP provides a
+ generalized, extensible framework for exchanging XML data, it has
+ been proposed as an application structure for interchange between
+ embedded devices and sensors. It is currently used for Instant
+ Messaging and Presence [RFC6121] and a wide variety of real-time
+ communication modes. These include multi-user chat, publish-
+ subscribe, alerts and notifications, service discovery, multimedia
+ session management, device configuration, and remote procedure calls.
+ XMPP supports channel encryption using TLS [RFC5246] and strong
+ authentication (including PKIX certificate authentication) using SASL
+ [RFC4422]. It also makes use of Unicode-compliant addresses and
+ UTF-8 [RFC3629] data exchange for internationalization.
+
+ XMPP allows for End-to-End Signing and Object Encryption [RFC3923],
+ access to objects named using Uniform Resource Names (URN) [RFC4854],
+ use of Internationalized Resource Identifiers (IRIs) and Uniform
+ Resource Identifiers (URIs) [RFC5122], and the presentation of
+ Notifications [RFC5437].
+
+3.7.3. Calendaring
+
+ Internet calendaring, as implemented in Apple iCal, Microsoft Outlook
+ and Entourage, and Google Calendar, is specified in Internet
+ Calendaring and Scheduling Core Object Specification (iCalendar)
+ [RFC5545] and is in the process of being updated to an XML schema in
+ iCalendar XML Representation [xCAL]. Several protocols exist to
+ carry calendar events, including the iCalendar Transport-Independent
+ Interoperability Protocol (iTIP) [RFC5546], the iCalendar Message-
+ Based Interoperability Protocol (iMIP) [RFC6047], and open source
+ work on the Atom Publishing Protocol [RFC5023].
+
+4. A Simplified View of the Business Architecture
+
+ The Internet is a network of networks in which networks are
+ interconnected in specific ways and are independently operated. It
+ is important to note that the underlying Internet architecture puts
+ no restrictions on the ways that networks are interconnected;
+ interconnection is a business decision. As such, the Internet
+
+
+
+
+Baker & Meyer Informational [Page 35]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ interconnection architecture can be thought of as a "business
+ structure" for the Internet.
+
+ Central to the Internet business structure are the networks that
+ provide connectivity to other networks, called "transit networks".
+ These networks sell bulk bandwidth and routing services to each other
+ and to other networks as customers. Around the periphery of the
+ transit network are companies, schools, and other networks that
+ provide services directly to individuals. These might generally be
+ divided into "enterprise networks" and "access networks"; enterprise
+ networks provide "free" connectivity to their own employees or
+ members, and also provide them a set of services including electronic
+ mail, web services, and so on. Access networks sell broadband
+ connectivity (DSL, Cable Modem, 802.11 wireless, or 3GPP wireless) or
+ "dial" services (including PSTN dial-up and ISDN) to subscribers.
+ The subscribers are typically either residential or small office/home
+ office (SOHO) customers. Residential customers are generally
+ entirely dependent on their access provider for all services, while a
+ SOHO buys some services from the access provider and may provide
+ others for itself. Networks that sell transit services to nobody
+ else -- SOHO, residential, and enterprise networks -- are generally
+ refereed to as "edge networks"; transit networks are considered to be
+ part of the "core" of the Internet, and access networks are between
+ the two. This general structure is depicted in Figure 3.
+
+ ------ ------
+ / \ / \
+ /--\ / \ / \
+ |SOHO|---+ Access | |Enterprise|
+ \--/ | Service | | Network |
+ /--\ | Provider| | |
+ |Home|---+ | ------ | |
+ \--/ \ +---+ +---+ /
+ \ / / \ \ /
+ ------ | Transit | ------
+ | Service |
+ | Provider |
+ | |
+ \ /
+ \ /
+ ------
+
+ Figure 3: Conceptual Model of Internet Businesses
+
+
+
+
+
+
+
+
+Baker & Meyer Informational [Page 36]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ A specific example is shown in a traceroute from a home to a nearby
+ school. Internet connectivity in Figure 4 passes through
+
+ o the home network,
+
+ o Cox Communications, an access network using Cable Modem
+ technology,
+
+ o TransitRail, a commodity peering service for research and
+ education (R&E) networks,
+
+ o Corporation for Education Network Initiatives in California
+ (CENIC), a transit provider for educational networks, and
+
+ o the University of California at Santa Barbara, which in this
+ context might be viewed as an access network for its students and
+ faculty or as an enterprise network.
+
+ <stealth-10-32-244-218:> fred% traceroute www.ucsb.edu
+ traceroute to web.ucsb.edu (128.111.24.41),
+ 64 hops max, 40 byte packets
+ 1 fred-vpn (10.32.244.217) 1.560 ms 1.108 ms 1.133 ms
+ 2 wsip-98-173-193-1.sb.sd.cox.net (98.173.193.1) 12.540 ms ...
+ 3 68.6.13.101 ...
+ 4 68.6.13.129 ...
+ 5 langbbr01-as0.r2.la.cox.net ...
+ 6 calren46-cust.lsanca01.transitrail.net ...
+ 7 dc-lax-core1--lax-peer1-ge.cenic.net ...
+ 8 dc-lax-agg1--lax-core1-ge.cenic.net ...
+ 9 dc-ucsb--dc-lax-dc2.cenic.net ...
+ 10 r2--r1--1.commserv.ucsb.edu ...
+ 11 574-c--r2--2.commserv.ucsb.edu ...
+ 12 * * *
+
+ Figure 4: Traceroute from Residential Customer to Educational
+ Institution
+
+ Another specific example could be shown in a traceroute from the home
+ through a Virtual Private Network (VPN tunnel) from the home,
+ crossing Cox Cable (an access network) and Pacific Bell (a transit
+ network), and terminating in Cisco Systems (an enterprise network); a
+ traceroute of the path doesn't show that as it is invisible within
+ the VPN and the contents of the VPN are invisible, due to encryption,
+ to the networks on the path. Instead, the traceroute in Figure 5 is
+ entirely within Cisco's internal network.
+
+
+
+
+
+
+Baker & Meyer Informational [Page 37]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ <stealth-10-32-244-218:~> fred% traceroute irp-view13
+ traceroute to irp-view13.cisco.com (171.70.120.60),
+ 64 hops max, 40 byte packets
+ 1 fred-vpn (10.32.244.217) 2.560 ms 1.100 ms 1.198 ms
+ <tunneled path through Cox and Pacific Bell>
+ 2 ****
+ 3 sjc24-00a-gw2-ge2-2 (10.34.251.137) 26.298 ms...
+ 4 sjc23-a5-gw2-g2-1 (10.34.250.78) 25.214 ms ...
+ 5 sjc20-a5-gw1 (10.32.136.21) 23.205 ms ...
+ 6 sjc12-abb4-gw1-t2-7 (10.32.0.189) 46.028 ms ...
+ 7 sjc5-sbb4-gw1-ten8-2 (171.*.*.*) 26.700 ms ...
+ 8 sjc12-dc5-gw2-ten3-1 ...
+ 9 sjc5-dc4-gw1-ten8-1 ...
+ 10 irp-view13 ...
+
+ Figure 5: Traceroute across VPN
+
+ Note that in both cases, the home network uses private address space
+ [RFC1918] while other networks generally use public address space,
+ and that three middleware technologies are in use here. These are
+ the uses of a firewall, a Network Address Translator (NAT), and a
+ Virtual Private Network (VPN).
+
+ Firewalls are generally sold as and considered by many to be a
+ security technology. This is based on the fact that a firewall
+ imposes a border between two administrative domains. Typically, a
+ firewall will be deployed between a residential, SOHO, or enterprise
+ network and its access or transit provider. In its essence, a
+ firewall is a data diode, imposing a policy on what sessions may pass
+ between a protected domain and the rest of the Internet. Simple
+ policies generally permit sessions to be originated from the
+ protected network but not from the outside; more complex policies may
+ permit additional sessions from the outside, such as electronic mail
+ to a mail server or a web session to a web server, and may prevent
+ certain applications from global access even though they are
+ originated from the inside.
+
+ Note that the effectiveness of firewalls remains controversial.
+ While network managers often insist on deploying firewalls as they
+ impose a boundary, others point out that their value as a security
+ solution is debatable. This is because most attacks come from behind
+ the firewall. In addition, firewalls do not protect against
+ application layer attacks such as viruses carried in email. Thus, as
+ a security solution, firewalls are justified as a layer in defense in
+ depth. That is, while an end system must in the end be responsible
+ for its own security, a firewall can inhibit or prevent certain kinds
+ of attacks, for example the consumption of CPU time on a critical
+ server.
+
+
+
+Baker & Meyer Informational [Page 38]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ Key documents describing firewall technology and the issues it poses
+ include:
+
+ o IP Multicast and Firewalls [RFC2588]
+
+ o Benchmarking Terminology for Firewall Performance [RFC2647]
+
+ o Behavior of and Requirements for Internet Firewalls [RFC2979]
+
+ o Benchmarking Methodology for Firewall Performance [RFC3511]
+
+ o Mobile IPv6 and Firewalls: Problem Statement [RFC4487]
+
+ o NAT and Firewall Traversal Issues of Host Identity Protocol
+ Communication [RFC5207]
+
+ Network Address Translation is a technology that was developed in
+ response to ISP behaviors in the mid-1990's; when [RFC1918] was
+ published, many ISPs started handing out single or small numbers of
+ addresses, and edge networks were forced to translate. In time, this
+ became considered a good thing, or at least not a bad thing; it
+ amplified the public address space, and it was sold as if it were a
+ firewall. It of course is not; while traditional dynamic NATs only
+ translate between internal and external session address/port tuples
+ during the detected duration of the session, that session state may
+ exist in the network much longer than it exists on the end system,
+ and as a result constitutes an attack vector. The design, value, and
+ limitations of network address translation are described in:
+
+ o IP Network Address Translator Terminology and Considerations
+ [RFC2663]
+
+ o Traditional IP Network Address Translator [RFC3022]
+
+ o Protocol Complications with the IP Network Address Translator
+ [RFC3027]
+
+ o Network Address Translator Friendly Application Design Guidelines
+ [RFC3235]
+
+ o IAB Considerations for Network Address Translation [RFC3424]
+
+ o IPsec-Network Address Translation Compatibility Requirements
+ [RFC3715]
+
+ o Network Address Translation Behavioral Requirements for Unicast
+ UDP [RFC4787]
+
+
+
+
+Baker & Meyer Informational [Page 39]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ o State of Peer-to-Peer Communication across Network Address
+ Translators [RFC5128]
+
+ o IP Multicast Requirements for a Network Address Translator and a
+ Network Address Port Translator [RFC5135]
+
+ Virtual Private Networks come in many forms; what they have in common
+ is that they are generally tunneled over the Internet backbone, so
+ that as in Figure 5, connectivity appears to be entirely within the
+ edge network although it is in fact across a service provider's
+ network. Examples include IPsec tunnel-mode encrypted tunnels, IP-
+ in-IP or GRE tunnels, and MPLS LSPs [RFC3031][RFC3032].
+
+5. Security Considerations
+
+ Security is addressed in some detail in Section 2.2 and Section 3.1.
+
+6. Acknowledgements
+
+ Review comments were made by Adrian Farrel, Andrew Yourtchenko, Ashok
+ Narayanan, Bernie Volz, Chris Lonvick, Dan Romascanu, Dave McGrew,
+ Dave Oran, David Harrington, David Su, Don Sturek, Francis Cleveland,
+ Hemant Singh, James Polk, Jari Arkko, John Meylor, Joseph Salowey,
+ Julien Abeille, Kerry Lynn, Lars Eggert, Magnus Westerlund, Murtaza
+ Chiba, Paul Duffy, Paul Hoffman, Peter Saint-Andre, Ralph Droms,
+ Robert Sparks, Russ White, Sean Turner, Sheila Frankel, Stephen
+ Farrell, Tim Polk, Toerless Eckert, Tom Herbst, Vint Cerf, and
+ Yoshihiro Ohba. Several of the individuals suggested text, which was
+ very useful, as the authors don't claim to know half as much as their
+ reviewers collectively do.
+
+7. References
+
+7.1. Normative References
+
+ [RFC1122] Braden, R., "Requirements for Internet Hosts -
+ Communication Layers", STD 3, RFC 1122,
+ October 1989.
+
+ [RFC1123] Braden, R., "Requirements for Internet Hosts -
+ Application and Support", STD 3, RFC 1123,
+ October 1989.
+
+ [RFC1812] Baker, F., "Requirements for IP Version 4 Routers",
+ RFC 1812, June 1995.
+
+ [RFC4294] Loughney, J., "IPv6 Node Requirements", RFC 4294,
+ April 2006.
+
+
+
+Baker & Meyer Informational [Page 40]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+7.2. Informative References
+
+ [6LOWPAN-HC] Hui, J. and P. Thubert, "Compression Format for IPv6
+ Datagrams in Low Power and Lossy Networks
+ (6LoWPAN)", Work in Progress, February 2011.
+
+ [ABFAB-ARCH] Howlett, J., Hartman, S., Tschofenig, H., and E.
+ Lear, "Application Bridging for Federated Access
+ Beyond Web (ABFAB) Architecture", Work in Progress,
+ March 2011.
+
+ [AES-CCM-ECC] McGrew, D., Bailey, D., Campagna, M., and R. Dugal,
+ "AES-CCM ECC Cipher Suites for TLS", Work
+ in Progress, January 2011.
+
+ [COAP] Shelby, Z., Hartke, K., Bormann, C., and B. Frank,
+ "Constrained Application Protocol (CoAP)", Work
+ in Progress, March 2011.
+
+ [DIME-BASE] Fajardo, V., Ed., Arkko, J., Loughney, J., and G.
+ Zorn, "Diameter Base Protocol", Work in Progress,
+ January 2011.
+
+ [DNS-SD] Cheshire, S. and M. Krochmal, "DNS-Based Service
+ Discovery", Work in Progress, February 2011.
+
+ [DTLS] Rescorla, E. and N. Modadugu, "Datagram Transport
+ Layer Security version 1.2", Work in Progress,
+ March 2011.
+
+ [DYMO] Chakeres, I. and C. Perkins, "Dynamic MANET On-
+ demand (DYMO) Routing", Work in Progress, July 2010.
+
+ [IEC61850] Wikipedia, "Wikipedia Article: IEC 61850",
+ June 2011, <http://en.wikipedia.org/w/
+ index.php?title=IEC_61850&oldid=433437827>.
+
+ [IEC62351-3] International Electrotechnical Commission Technical
+ Committee 57, "POWER SYSTEMS MANAGEMENT AND
+ ASSOCIATED INFORMATION EXCHANGE. DATA AND
+ COMMUNICATIONS SECURITY -- Part 3: Communication
+ network and system security Profiles including
+ TCP/IP", May 2007.
+
+ [IEEE802.1X] Institute of Electrical and Electronics Engineers,
+ "IEEE Standard for Local and Metropolitan Area
+ Networks - Port based Network Access Control",
+ IEEE Standard 802.1X-2010, February 2010.
+
+
+
+Baker & Meyer Informational [Page 41]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ [IP-SEC] Gont, F., "Security Assessment of the Internet
+ Protocol Version 4", Work in Progress, April 2011.
+
+ [IPv6-NODE-REQ] Jankiewicz, E., Loughney, J., and T. Narten, "IPv6
+ Node Requirements", Work in Progress, May 2011.
+
+ [MULTICAST-DNS] Cheshire, S. and M. Krochmal, "Multicast DNS", Work
+ in Progress, February 2011.
+
+ [Model] SGIP, "Smart Grid Architecture Committee: Conceptual
+ Model White Paper http://collaborate.nist.gov/
+ twiki-sggrid/pub/SmartGrid/
+ SGIPConceptualModelDevelopmentSGAC/
+ Smart_Grid_Conceptual_Model_20100420.doc".
+
+ [OAUTHv2] Hammer-Lahav, E., Recordon, D., and D. Hardt, "The
+ OAuth 2.0 Authorization Protocol", Work in Progress,
+ May 2011.
+
+ [RESTFUL] Fielding, "Architectural Styles and the Design of
+ Network-based Software Architectures", 2000.
+
+ [RFC0768] Postel, J., "User Datagram Protocol", STD 6,
+ RFC 768, August 1980.
+
+ [RFC0791] Postel, J., "Internet Protocol", STD 5, RFC 791,
+ September 1981.
+
+ [RFC0792] Postel, J., "Internet Control Message Protocol",
+ STD 5, RFC 792, September 1981.
+
+ [RFC0793] Postel, J., "Transmission Control Protocol", STD 7,
+ RFC 793, September 1981.
+
+ [RFC0826] Plummer, D., "Ethernet Address Resolution Protocol:
+ Or converting network protocol addresses to 48.bit
+ Ethernet address for transmission on Ethernet
+ hardware", STD 37, RFC 826, November 1982.
+
+ [RFC0894] Hornig, C., "Standard for the transmission of IP
+ datagrams over Ethernet networks", STD 41, RFC 894,
+ April 1984.
+
+ [RFC1006] Rose, M. and D. Cass, "ISO transport services on top
+ of the TCP: Version 3", STD 35, RFC 1006, May 1987.
+
+ [RFC1034] Mockapetris, P., "Domain names - concepts and
+ facilities", STD 13, RFC 1034, November 1987.
+
+
+
+Baker & Meyer Informational [Page 42]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ [RFC1035] Mockapetris, P., "Domain names - implementation and
+ specification", STD 13, RFC 1035, November 1987.
+
+ [RFC1058] Hedrick, C., "Routing Information Protocol",
+ RFC 1058, June 1988.
+
+ [RFC1112] Deering, S., "Host extensions for IP multicasting",
+ STD 5, RFC 1112, August 1989.
+
+ [RFC1195] Callon, R., "Use of OSI IS-IS for routing in TCP/IP
+ and dual environments", RFC 1195, December 1990.
+
+ [RFC1332] McGregor, G., "The PPP Internet Protocol Control
+ Protocol (IPCP)", RFC 1332, May 1992.
+
+ [RFC1661] Simpson, W., "The Point-to-Point Protocol (PPP)",
+ STD 51, RFC 1661, July 1994.
+
+ [RFC1918] Rekhter, Y., Moskowitz, R., Karrenberg, D., Groot,
+ G., and E. Lear, "Address Allocation for Private
+ Internets", BCP 5, RFC 1918, February 1996.
+
+ [RFC1964] Linn, J., "The Kerberos Version 5 GSS-API
+ Mechanism", RFC 1964, June 1996.
+
+ [RFC2080] Malkin, G. and R. Minnear, "RIPng for IPv6",
+ RFC 2080, January 1997.
+
+ [RFC2126] Pouffary, Y. and A. Young, "ISO Transport Service on
+ top of TCP (ITOT)", RFC 2126, March 1997.
+
+ [RFC2131] Droms, R., "Dynamic Host Configuration Protocol",
+ RFC 2131, March 1997.
+
+ [RFC2136] Vixie, P., Thomson, S., Rekhter, Y., and J. Bound,
+ "Dynamic Updates in the Domain Name System (DNS
+ UPDATE)", RFC 2136, April 1997.
+
+ [RFC2328] Moy, J., "OSPF Version 2", STD 54, RFC 2328,
+ April 1998.
+
+ [RFC2357] Mankin, A., Romanov, A., Bradner, S., and V. Paxson,
+ "IETF Criteria for Evaluating Reliable Multicast
+ Transport and Application Protocols", RFC 2357,
+ June 1998.
+
+ [RFC2453] Malkin, G., "RIP Version 2", STD 56, RFC 2453,
+ November 1998.
+
+
+
+Baker & Meyer Informational [Page 43]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ [RFC2460] Deering, S. and R. Hinden, "Internet Protocol,
+ Version 6 (IPv6) Specification", RFC 2460,
+ December 1998.
+
+ [RFC2464] Crawford, M., "Transmission of IPv6 Packets over
+ Ethernet Networks", RFC 2464, December 1998.
+
+ [RFC2474] Nichols, K., Blake, S., Baker, F., and D. Black,
+ "Definition of the Differentiated Services Field (DS
+ Field) in the IPv4 and IPv6 Headers", RFC 2474,
+ December 1998.
+
+ [RFC2475] Blake, S., Black, D., Carlson, M., Davies, E., Wang,
+ Z., and W. Weiss, "An Architecture for
+ Differentiated Services", RFC 2475, December 1998.
+
+ [RFC2516] Mamakos, L., Lidl, K., Evarts, J., Carrel, D.,
+ Simone, D., and R. Wheeler, "A Method for
+ Transmitting PPP Over Ethernet (PPPoE)", RFC 2516,
+ February 1999.
+
+ [RFC2545] Marques, P. and F. Dupont, "Use of BGP-4
+ Multiprotocol Extensions for IPv6 Inter-Domain
+ Routing", RFC 2545, March 1999.
+
+ [RFC2560] Myers, M., Ankney, R., Malpani, A., Galperin, S.,
+ and C. Adams, "X.509 Internet Public Key
+ Infrastructure Online Certificate Status Protocol -
+ OCSP", RFC 2560, June 1999.
+
+ [RFC2588] Finlayson, R., "IP Multicast and Firewalls",
+ RFC 2588, May 1999.
+
+ [RFC2608] Guttman, E., Perkins, C., Veizades, J., and M. Day,
+ "Service Location Protocol, Version 2", RFC 2608,
+ June 1999.
+
+ [RFC2615] Malis, A. and W. Simpson, "PPP over SONET/SDH",
+ RFC 2615, June 1999.
+
+ [RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
+ Masinter, L., Leach, P., and T. Berners-Lee,
+ "Hypertext Transfer Protocol -- HTTP/1.1", RFC 2616,
+ June 1999.
+
+ [RFC2647] Newman, D., "Benchmarking Terminology for Firewall
+ Performance", RFC 2647, August 1999.
+
+
+
+
+Baker & Meyer Informational [Page 44]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ [RFC2663] Srisuresh, P. and M. Holdrege, "IP Network Address
+ Translator (NAT) Terminology and Considerations",
+ RFC 2663, August 1999.
+
+ [RFC2710] Deering, S., Fenner, W., and B. Haberman, "Multicast
+ Listener Discovery (MLD) for IPv6", RFC 2710,
+ October 1999.
+
+ [RFC2743] Linn, J., "Generic Security Service Application
+ Program Interface Version 2, Update 1", RFC 2743,
+ January 2000.
+
+ [RFC2784] Farinacci, D., Li, T., Hanks, S., Meyer, D., and P.
+ Traina, "Generic Routing Encapsulation (GRE)",
+ RFC 2784, March 2000.
+
+ [RFC2865] Rigney, C., Willens, S., Rubens, A., and W. Simpson,
+ "Remote Authentication Dial In User Service
+ (RADIUS)", RFC 2865, June 2000.
+
+ [RFC2979] Freed, N., "Behavior of and Requirements for
+ Internet Firewalls", RFC 2979, October 2000.
+
+ [RFC2993] Hain, T., "Architectural Implications of NAT",
+ RFC 2993, November 2000.
+
+ [RFC3007] Wellington, B., "Secure Domain Name System (DNS)
+ Dynamic Update", RFC 3007, November 2000.
+
+ [RFC3022] Srisuresh, P. and K. Egevang, "Traditional IP
+ Network Address Translator (Traditional NAT)",
+ RFC 3022, January 2001.
+
+ [RFC3027] Holdrege, M. and P. Srisuresh, "Protocol
+ Complications with the IP Network Address
+ Translator", RFC 3027, January 2001.
+
+ [RFC3031] Rosen, E., Viswanathan, A., and R. Callon,
+ "Multiprotocol Label Switching Architecture",
+ RFC 3031, January 2001.
+
+ [RFC3032] Rosen, E., Tappan, D., Fedorkow, G., Rekhter, Y.,
+ Farinacci, D., Li, T., and A. Conta, "MPLS Label
+ Stack Encoding", RFC 3032, January 2001.
+
+ [RFC3168] Ramakrishnan, K., Floyd, S., and D. Black, "The
+ Addition of Explicit Congestion Notification (ECN)
+ to IP", RFC 3168, September 2001.
+
+
+
+Baker & Meyer Informational [Page 45]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ [RFC3235] Senie, D., "Network Address Translator (NAT)-
+ Friendly Application Design Guidelines", RFC 3235,
+ January 2002.
+
+ [RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G.,
+ Johnston, A., Peterson, J., Sparks, R., Handley, M.,
+ and E. Schooler, "SIP: Session Initiation Protocol",
+ RFC 3261, June 2002.
+
+ [RFC3265] Roach, A., "Session Initiation Protocol (SIP)-
+ Specific Event Notification", RFC 3265, June 2002.
+
+ [RFC3275] Eastlake, D., Reagle, J., and D. Solo, "(Extensible
+ Markup Language) XML-Signature Syntax and
+ Processing", RFC 3275, March 2002.
+
+ [RFC3315] Droms, R., Bound, J., Volz, B., Lemon, T., Perkins,
+ C., and M. Carney, "Dynamic Host Configuration
+ Protocol for IPv6 (DHCPv6)", RFC 3315, July 2003.
+
+ [RFC3376] Cain, B., Deering, S., Kouvelas, I., Fenner, B., and
+ A. Thyagarajan, "Internet Group Management Protocol,
+ Version 3", RFC 3376, October 2002.
+
+ [RFC3411] Harrington, D., Presuhn, R., and B. Wijnen, "An
+ Architecture for Describing Simple Network
+ Management Protocol (SNMP) Management Frameworks",
+ STD 62, RFC 3411, December 2002.
+
+ [RFC3412] Case, J., Harrington, D., Presuhn, R., and B.
+ Wijnen, "Message Processing and Dispatching for the
+ Simple Network Management Protocol (SNMP)", STD 62,
+ RFC 3412, December 2002.
+
+ [RFC3413] Levi, D., Meyer, P., and B. Stewart, "Simple Network
+ Management Protocol (SNMP) Applications", STD 62,
+ RFC 3413, December 2002.
+
+ [RFC3414] Blumenthal, U. and B. Wijnen, "User-based Security
+ Model (USM) for version 3 of the Simple Network
+ Management Protocol (SNMPv3)", STD 62, RFC 3414,
+ December 2002.
+
+ [RFC3415] Wijnen, B., Presuhn, R., and K. McCloghrie, "View-
+ based Access Control Model (VACM) for the Simple
+ Network Management Protocol (SNMP)", STD 62,
+ RFC 3415, December 2002.
+
+
+
+
+Baker & Meyer Informational [Page 46]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ [RFC3416] Presuhn, R., "Version 2 of the Protocol Operations
+ for the Simple Network Management Protocol (SNMP)",
+ STD 62, RFC 3416, December 2002.
+
+ [RFC3417] Presuhn, R., "Transport Mappings for the Simple
+ Network Management Protocol (SNMP)", STD 62,
+ RFC 3417, December 2002.
+
+ [RFC3418] Presuhn, R., "Management Information Base (MIB) for
+ the Simple Network Management Protocol (SNMP)",
+ STD 62, RFC 3418, December 2002.
+
+ [RFC3424] Daigle, L. and IAB, "IAB Considerations for
+ UNilateral Self-Address Fixing (UNSAF) Across
+ Network Address Translation", RFC 3424,
+ November 2002.
+
+ [RFC3436] Jungmaier, A., Rescorla, E., and M. Tuexen,
+ "Transport Layer Security over Stream Control
+ Transmission Protocol", RFC 3436, December 2002.
+
+ [RFC3453] Luby, M., Vicisano, L., Gemmell, J., Rizzo, L.,
+ Handley, M., and J. Crowcroft, "The Use of Forward
+ Error Correction (FEC) in Reliable Multicast",
+ RFC 3453, December 2002.
+
+ [RFC3511] Hickman, B., Newman, D., Tadjudin, S., and T.
+ Martin, "Benchmarking Methodology for Firewall
+ Performance", RFC 3511, April 2003.
+
+ [RFC3550] Schulzrinne, H., Casner, S., Frederick, R., and V.
+ Jacobson, "RTP: A Transport Protocol for Real-Time
+ Applications", STD 64, RFC 3550, July 2003.
+
+ [RFC3552] Rescorla, E. and B. Korver, "Guidelines for Writing
+ RFC Text on Security Considerations", BCP 72,
+ RFC 3552, July 2003.
+
+ [RFC3561] Perkins, C., Belding-Royer, E., and S. Das, "Ad hoc
+ On-Demand Distance Vector (AODV) Routing", RFC 3561,
+ July 2003.
+
+ [RFC3569] Bhattacharyya, S., "An Overview of Source-Specific
+ Multicast (SSM)", RFC 3569, July 2003.
+
+ [RFC3588] Calhoun, P., Loughney, J., Guttman, E., Zorn, G.,
+ and J. Arkko, "Diameter Base Protocol", RFC 3588,
+ September 2003.
+
+
+
+Baker & Meyer Informational [Page 47]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ [RFC3590] Haberman, B., "Source Address Selection for the
+ Multicast Listener Discovery (MLD) Protocol",
+ RFC 3590, September 2003.
+
+ [RFC3626] Clausen, T. and P. Jacquet, "Optimized Link State
+ Routing Protocol (OLSR)", RFC 3626, October 2003.
+
+ [RFC3629] Yergeau, F., "UTF-8, a transformation format of ISO
+ 10646", STD 63, RFC 3629, November 2003.
+
+ [RFC3715] Aboba, B. and W. Dixon, "IPsec-Network Address
+ Translation (NAT) Compatibility Requirements",
+ RFC 3715, March 2004.
+
+ [RFC3810] Vida, R. and L. Costa, "Multicast Listener Discovery
+ Version 2 (MLDv2) for IPv6", RFC 3810, June 2004.
+
+ [RFC3828] Larzon, L-A., Degermark, M., Pink, S., Jonsson,
+ L-E., and G. Fairhurst, "The Lightweight User
+ Datagram Protocol (UDP-Lite)", RFC 3828, July 2004.
+
+ [RFC3853] Peterson, J., "S/MIME Advanced Encryption Standard
+ (AES) Requirement for the Session Initiation
+ Protocol (SIP)", RFC 3853, July 2004.
+
+ [RFC3923] Saint-Andre, P., "End-to-End Signing and Object
+ Encryption for the Extensible Messaging and Presence
+ Protocol (XMPP)", RFC 3923, October 2004.
+
+ [RFC3971] Arkko, J., Kempf, J., Zill, B., and P. Nikander,
+ "SEcure Neighbor Discovery (SEND)", RFC 3971,
+ March 2005.
+
+ [RFC3973] Adams, A., Nicholas, J., and W. Siadak, "Protocol
+ Independent Multicast - Dense Mode (PIM-DM):
+ Protocol Specification (Revised)", RFC 3973,
+ January 2005.
+
+ [RFC4017] Stanley, D., Walker, J., and B. Aboba, "Extensible
+ Authentication Protocol (EAP) Method Requirements
+ for Wireless LANs", RFC 4017, March 2005.
+
+ [RFC4033] Arends, R., Austein, R., Larson, M., Massey, D., and
+ S. Rose, "DNS Security Introduction and
+ Requirements", RFC 4033, March 2005.
+
+
+
+
+
+
+Baker & Meyer Informational [Page 48]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ [RFC4034] Arends, R., Austein, R., Larson, M., Massey, D., and
+ S. Rose, "Resource Records for the DNS Security
+ Extensions", RFC 4034, March 2005.
+
+ [RFC4035] Arends, R., Austein, R., Larson, M., Massey, D., and
+ S. Rose, "Protocol Modifications for the DNS
+ Security Extensions", RFC 4035, March 2005.
+
+ [RFC4108] Housley, R., "Using Cryptographic Message Syntax
+ (CMS) to Protect Firmware Packages", RFC 4108,
+ August 2005.
+
+ [RFC4120] Neuman, C., Yu, T., Hartman, S., and K. Raeburn,
+ "The Kerberos Network Authentication Service (V5)",
+ RFC 4120, July 2005.
+
+ [RFC4121] Zhu, L., Jaganathan, K., and S. Hartman, "The
+ Kerberos Version 5 Generic Security Service
+ Application Program Interface (GSS-API) Mechanism:
+ Version 2", RFC 4121, July 2005.
+
+ [RFC4210] Adams, C., Farrell, S., Kause, T., and T. Mononen,
+ "Internet X.509 Public Key Infrastructure
+ Certificate Management Protocol (CMP)", RFC 4210,
+ September 2005.
+
+ [RFC4213] Nordmark, E. and R. Gilligan, "Basic Transition
+ Mechanisms for IPv6 Hosts and Routers", RFC 4213,
+ October 2005.
+
+ [RFC4253] Ylonen, T. and C. Lonvick, "The Secure Shell (SSH)
+ Transport Layer Protocol", RFC 4253, January 2006.
+
+ [RFC4271] Rekhter, Y., Li, T., and S. Hares, "A Border Gateway
+ Protocol 4 (BGP-4)", RFC 4271, January 2006.
+
+ [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing
+ Architecture", RFC 4291, February 2006.
+
+ [RFC4301] Kent, S. and K. Seo, "Security Architecture for the
+ Internet Protocol", RFC 4301, December 2005.
+
+ [RFC4302] Kent, S., "IP Authentication Header", RFC 4302,
+ December 2005.
+
+ [RFC4303] Kent, S., "IP Encapsulating Security Payload (ESP)",
+ RFC 4303, December 2005.
+
+
+
+
+Baker & Meyer Informational [Page 49]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ [RFC4307] Schiller, J., "Cryptographic Algorithms for Use in
+ the Internet Key Exchange Version 2 (IKEv2)",
+ RFC 4307, December 2005.
+
+ [RFC4320] Sparks, R., "Actions Addressing Identified Issues
+ with the Session Initiation Protocol's (SIP) Non-
+ INVITE Transaction", RFC 4320, January 2006.
+
+ [RFC4340] Kohler, E., Handley, M., and S. Floyd, "Datagram
+ Congestion Control Protocol (DCCP)", RFC 4340,
+ March 2006.
+
+ [RFC4347] Rescorla, E. and N. Modadugu, "Datagram Transport
+ Layer Security", RFC 4347, April 2006.
+
+ [RFC4364] Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual
+ Private Networks (VPNs)", RFC 4364, February 2006.
+
+ [RFC4410] Pullen, M., Zhao, F., and D. Cohen, "Selectively
+ Reliable Multicast Protocol (SRMP)", RFC 4410,
+ February 2006.
+
+ [RFC4422] Melnikov, A. and K. Zeilenga, "Simple Authentication
+ and Security Layer (SASL)", RFC 4422, June 2006.
+
+ [RFC4443] Conta, A., Deering, S., and M. Gupta, "Internet
+ Control Message Protocol (ICMPv6) for the Internet
+ Protocol Version 6 (IPv6) Specification", RFC 4443,
+ March 2006.
+
+ [RFC4487] Le, F., Faccin, S., Patil, B., and H. Tschofenig,
+ "Mobile IPv6 and Firewalls: Problem Statement",
+ RFC 4487, May 2006.
+
+ [RFC4492] Blake-Wilson, S., Bolyard, N., Gupta, V., Hawk, C.,
+ and B. Moeller, "Elliptic Curve Cryptography (ECC)
+ Cipher Suites for Transport Layer Security (TLS)",
+ RFC 4492, May 2006.
+
+ [RFC4556] Zhu, L. and B. Tung, "Public Key Cryptography for
+ Initial Authentication in Kerberos (PKINIT)",
+ RFC 4556, June 2006.
+
+ [RFC4566] Handley, M., Jacobson, V., and C. Perkins, "SDP:
+ Session Description Protocol", RFC 4566, July 2006.
+
+
+
+
+
+
+Baker & Meyer Informational [Page 50]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ [RFC4594] Babiarz, J., Chan, K., and F. Baker, "Configuration
+ Guidelines for DiffServ Service Classes", RFC 4594,
+ August 2006.
+
+ [RFC4601] Fenner, B., Handley, M., Holbrook, H., and I.
+ Kouvelas, "Protocol Independent Multicast - Sparse
+ Mode (PIM-SM): Protocol Specification (Revised)",
+ RFC 4601, August 2006.
+
+ [RFC4604] Holbrook, H., Cain, B., and B. Haberman, "Using
+ Internet Group Management Protocol Version 3
+ (IGMPv3) and Multicast Listener Discovery Protocol
+ Version 2 (MLDv2) for Source-Specific Multicast",
+ RFC 4604, August 2006.
+
+ [RFC4607] Holbrook, H. and B. Cain, "Source-Specific Multicast
+ for IP", RFC 4607, August 2006.
+
+ [RFC4608] Meyer, D., Rockell, R., and G. Shepherd, "Source-
+ Specific Protocol Independent Multicast in 232/8",
+ BCP 120, RFC 4608, August 2006.
+
+ [RFC4614] Duke, M., Braden, R., Eddy, W., and E. Blanton, "A
+ Roadmap for Transmission Control Protocol (TCP)
+ Specification Documents", RFC 4614, September 2006.
+
+ [RFC4741] Enns, R., "NETCONF Configuration Protocol",
+ RFC 4741, December 2006.
+
+ [RFC4742] Wasserman, M. and T. Goddard, "Using the NETCONF
+ Configuration Protocol over Secure SHell (SSH)",
+ RFC 4742, December 2006.
+
+ [RFC4743] Goddard, T., "Using NETCONF over the Simple Object
+ Access Protocol (SOAP)", RFC 4743, December 2006.
+
+ [RFC4744] Lear, E. and K. Crozier, "Using the NETCONF Protocol
+ over the Blocks Extensible Exchange Protocol
+ (BEEP)", RFC 4744, December 2006.
+
+ [RFC4760] Bates, T., Chandra, R., Katz, D., and Y. Rekhter,
+ "Multiprotocol Extensions for BGP-4", RFC 4760,
+ January 2007.
+
+ [RFC4787] Audet, F. and C. Jennings, "Network Address
+ Translation (NAT) Behavioral Requirements for
+ Unicast UDP", BCP 127, RFC 4787, January 2007.
+
+
+
+
+Baker & Meyer Informational [Page 51]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ [RFC4835] Manral, V., "Cryptographic Algorithm Implementation
+ Requirements for Encapsulating Security Payload
+ (ESP) and Authentication Header (AH)", RFC 4835,
+ April 2007.
+
+ [RFC4854] Saint-Andre, P., "A Uniform Resource Name (URN)
+ Namespace for Extensions to the Extensible Messaging
+ and Presence Protocol (XMPP)", RFC 4854,
+ April 2007.
+
+ [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H.
+ Soliman, "Neighbor Discovery for IP version 6
+ (IPv6)", RFC 4861, September 2007.
+
+ [RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6
+ Stateless Address Autoconfiguration", RFC 4862,
+ September 2007.
+
+ [RFC4916] Elwell, J., "Connected Identity in the Session
+ Initiation Protocol (SIP)", RFC 4916, June 2007.
+
+ [RFC4919] Kushalnagar, N., Montenegro, G., and C. Schumacher,
+ "IPv6 over Low-Power Wireless Personal Area Networks
+ (6LoWPANs): Overview, Assumptions, Problem
+ Statement, and Goals", RFC 4919, August 2007.
+
+ [RFC4941] Narten, T., Draves, R., and S. Krishnan, "Privacy
+ Extensions for Stateless Address Autoconfiguration
+ in IPv6", RFC 4941, September 2007.
+
+ [RFC4944] Montenegro, G., Kushalnagar, N., Hui, J., and D.
+ Culler, "Transmission of IPv6 Packets over IEEE
+ 802.15.4 Networks", RFC 4944, September 2007.
+
+ [RFC4960] Stewart, R., "Stream Control Transmission Protocol",
+ RFC 4960, September 2007.
+
+ [RFC4987] Eddy, W., "TCP SYN Flooding Attacks and Common
+ Mitigations", RFC 4987, August 2007.
+
+ [RFC5023] Gregorio, J. and B. de hOra, "The Atom Publishing
+ Protocol", RFC 5023, October 2007.
+
+ [RFC5061] Stewart, R., Xie, Q., Tuexen, M., Maruyama, S., and
+ M. Kozuka, "Stream Control Transmission Protocol
+ (SCTP) Dynamic Address Reconfiguration", RFC 5061,
+ September 2007.
+
+
+
+
+Baker & Meyer Informational [Page 52]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ [RFC5072] Varada, S., Ed., Haskins, D., and E. Allen, "IP
+ Version 6 over PPP", RFC 5072, September 2007.
+
+ [RFC5122] Saint-Andre, P., "Internationalized Resource
+ Identifiers (IRIs) and Uniform Resource Identifiers
+ (URIs) for the Extensible Messaging and Presence
+ Protocol (XMPP)", RFC 5122, February 2008.
+
+ [RFC5128] Srisuresh, P., Ford, B., and D. Kegel, "State of
+ Peer-to-Peer (P2P) Communication across Network
+ Address Translators (NATs)", RFC 5128, March 2008.
+
+ [RFC5135] Wing, D. and T. Eckert, "IP Multicast Requirements
+ for a Network Address Translator (NAT) and a Network
+ Address Port Translator (NAPT)", BCP 135, RFC 5135,
+ February 2008.
+
+ [RFC5191] Forsberg, D., Ohba, Y., Patil, B., Tschofenig, H.,
+ and A. Yegin, "Protocol for Carrying Authentication
+ for Network Access (PANA)", RFC 5191, May 2008.
+
+ [RFC5207] Stiemerling, M., Quittek, J., and L. Eggert, "NAT
+ and Firewall Traversal Issues of Host Identity
+ Protocol (HIP) Communication", RFC 5207, April 2008.
+
+ [RFC5216] Simon, D., Aboba, B., and R. Hurst, "The EAP-TLS
+ Authentication Protocol", RFC 5216, March 2008.
+
+ [RFC5238] Phelan, T., "Datagram Transport Layer Security
+ (DTLS) over the Datagram Congestion Control Protocol
+ (DCCP)", RFC 5238, May 2008.
+
+ [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer
+ Security (TLS) Protocol Version 1.2", RFC 5246,
+ August 2008.
+
+ [RFC5272] Schaad, J. and M. Myers, "Certificate Management
+ over CMS (CMC)", RFC 5272, June 2008.
+
+ [RFC5277] Chisholm, S. and H. Trevino, "NETCONF Event
+ Notifications", RFC 5277, July 2008.
+
+ [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S.,
+ Housley, R., and W. Polk, "Internet X.509 Public Key
+ Infrastructure Certificate and Certificate
+ Revocation List (CRL) Profile", RFC 5280, May 2008.
+
+
+
+
+
+Baker & Meyer Informational [Page 53]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ [RFC5289] Rescorla, E., "TLS Elliptic Curve Cipher Suites with
+ SHA-256/384 and AES Galois Counter Mode (GCM)",
+ RFC 5289, August 2008.
+
+ [RFC5308] Hopps, C., "Routing IPv6 with IS-IS", RFC 5308,
+ October 2008.
+
+ [RFC5340] Coltun, R., Ferguson, D., Moy, J., and A. Lindem,
+ "OSPF for IPv6", RFC 5340, July 2008.
+
+ [RFC5393] Sparks, R., Lawrence, S., Hawrylyshen, A., and B.
+ Campen, "Addressing an Amplification Vulnerability
+ in Session Initiation Protocol (SIP) Forking
+ Proxies", RFC 5393, December 2008.
+
+ [RFC5405] Eggert, L. and G. Fairhurst, "Unicast UDP Usage
+ Guidelines for Application Designers", BCP 145,
+ RFC 5405, November 2008.
+
+ [RFC5430] Salter, M., Rescorla, E., and R. Housley, "Suite B
+ Profile for Transport Layer Security (TLS)",
+ RFC 5430, March 2009.
+
+ [RFC5433] Clancy, T. and H. Tschofenig, "Extensible
+ Authentication Protocol - Generalized Pre-Shared Key
+ (EAP-GPSK) Method", RFC 5433, February 2009.
+
+ [RFC5437] Saint-Andre, P. and A. Melnikov, "Sieve Notification
+ Mechanism: Extensible Messaging and Presence
+ Protocol (XMPP)", RFC 5437, January 2009.
+
+ [RFC5539] Badra, M., "NETCONF over Transport Layer Security
+ (TLS)", RFC 5539, May 2009.
+
+ [RFC5545] Desruisseaux, B., "Internet Calendaring and
+ Scheduling Core Object Specification (iCalendar)",
+ RFC 5545, September 2009.
+
+ [RFC5546] Daboo, C., "iCalendar Transport-Independent
+ Interoperability Protocol (iTIP)", RFC 5546,
+ December 2009.
+
+ [RFC5548] Dohler, M., Watteyne, T., Winter, T., and D.
+ Barthel, "Routing Requirements for Urban Low-Power
+ and Lossy Networks", RFC 5548, May 2009.
+
+ [RFC5569] Despres, R., "IPv6 Rapid Deployment on IPv4
+ Infrastructures (6rd)", RFC 5569, January 2010.
+
+
+
+Baker & Meyer Informational [Page 54]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ [RFC5621] Camarillo, G., "Message Body Handling in the Session
+ Initiation Protocol (SIP)", RFC 5621,
+ September 2009.
+
+ [RFC5626] Jennings, C., Mahy, R., and F. Audet, "Managing
+ Client-Initiated Connections in the Session
+ Initiation Protocol (SIP)", RFC 5626, October 2009.
+
+ [RFC5652] Housley, R., "Cryptographic Message Syntax (CMS)",
+ STD 70, RFC 5652, September 2009.
+
+ [RFC5673] Pister, K., Thubert, P., Dwars, S., and T. Phinney,
+ "Industrial Routing Requirements in Low-Power and
+ Lossy Networks", RFC 5673, October 2009.
+
+ [RFC5681] Allman, M., Paxson, V., and E. Blanton, "TCP
+ Congestion Control", RFC 5681, September 2009.
+
+ [RFC5717] Lengyel, B. and M. Bjorklund, "Partial Lock Remote
+ Procedure Call (RPC) for NETCONF", RFC 5717,
+ December 2009.
+
+ [RFC5740] Adamson, B., Bormann, C., Handley, M., and J.
+ Macker, "NACK-Oriented Reliable Multicast (NORM)
+ Transport Protocol", RFC 5740, November 2009.
+
+ [RFC5751] Ramsdell, B. and S. Turner, "Secure/Multipurpose
+ Internet Mail Extensions (S/MIME) Version 3.2
+ Message Specification", RFC 5751, January 2010.
+
+ [RFC5785] Nottingham, M. and E. Hammer-Lahav, "Defining Well-
+ Known Uniform Resource Identifiers (URIs)",
+ RFC 5785, April 2010.
+
+ [RFC5826] Brandt, A., Buron, J., and G. Porcu, "Home
+ Automation Routing Requirements in Low-Power and
+ Lossy Networks", RFC 5826, April 2010.
+
+ [RFC5838] Lindem, A., Mirtorabi, S., Roy, A., Barnes, M., and
+ R. Aggarwal, "Support of Address Families in
+ OSPFv3", RFC 5838, April 2010.
+
+ [RFC5849] Hammer-Lahav, E., "The OAuth 1.0 Protocol",
+ RFC 5849, April 2010.
+
+
+
+
+
+
+
+Baker & Meyer Informational [Page 55]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ [RFC5867] Martocci, J., De Mil, P., Riou, N., and W.
+ Vermeylen, "Building Automation Routing Requirements
+ in Low-Power and Lossy Networks", RFC 5867,
+ June 2010.
+
+ [RFC5905] Mills, D., Martin, J., Burbank, J., and W. Kasch,
+ "Network Time Protocol Version 4: Protocol and
+ Algorithms Specification", RFC 5905, June 2010.
+
+ [RFC5932] Kato, A., Kanda, M., and S. Kanno, "Camellia Cipher
+ Suites for TLS", RFC 5932, June 2010.
+
+ [RFC5958] Turner, S., "Asymmetric Key Packages", RFC 5958,
+ August 2010.
+
+ [RFC5996] Kaufman, C., Hoffman, P., Nir, Y., and P. Eronen,
+ "Internet Key Exchange Protocol Version 2 (IKEv2)",
+ RFC 5996, September 2010.
+
+ [RFC5998] Eronen, P., Tschofenig, H., and Y. Sheffer, "An
+ Extension for EAP-Only Authentication in IKEv2",
+ RFC 5998, September 2010.
+
+ [RFC6031] Turner, S. and R. Housley, "Cryptographic Message
+ Syntax (CMS) Symmetric Key Package Content Type",
+ RFC 6031, December 2010.
+
+ [RFC6047] Melnikov, A., "iCalendar Message-Based
+ Interoperability Protocol (iMIP)", RFC 6047,
+ December 2010.
+
+ [RFC6052] Bao, C., Huitema, C., Bagnulo, M., Boucadair, M.,
+ and X. Li, "IPv6 Addressing of IPv4/IPv6
+ Translators", RFC 6052, October 2010.
+
+ [RFC6090] McGrew, D., Igoe, K., and M. Salter, "Fundamental
+ Elliptic Curve Cryptography Algorithms", RFC 6090,
+ February 2011.
+
+ [RFC6120] Saint-Andre, P., "Extensible Messaging and Presence
+ Protocol (XMPP): Core", RFC 6120, March 2011.
+
+ [RFC6121] Saint-Andre, P., "Extensible Messaging and Presence
+ Protocol (XMPP): Instant Messaging and Presence",
+ RFC 6121, March 2011.
+
+ [RFC6144] Baker, F., Li, X., Bao, C., and K. Yin, "Framework
+ for IPv4/IPv6 Translation", RFC RFC6144, April 2011.
+
+
+
+Baker & Meyer Informational [Page 56]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ [RFC6145] Li, X., Bao, C., and F. Baker, "IP/ICMP Translation
+ Algorithm", RFC 6145, April 2011.
+
+ [RFC6146] Bagnulo, M., Matthews, P., and I. Beijnum, "Stateful
+ NAT64: Network Address and Protocol Translation from
+ IPv6 Clients to IPv4 Servers", RFC 6146, April 2011.
+
+ [RFC6147] Bagnulo, M., Sullivan, A., Matthews, P., and I.
+ Beijnum, "DNS64: DNS Extensions for Network Address
+ Translation from IPv6 Clients to IPv4 Servers",
+ RFC 6147, April 2011.
+
+ [RFC6180] Arkko, J. and F. Baker, "Guidelines for Using IPv6
+ Transition Mechanisms during IPv6 Deployment",
+ RFC 6180, May 2011.
+
+
+ [RPL] Winter, T., Thubert, P., Brandt, A., Clausen, T.,
+ Hui, J., Kelsey, R., Levis, P., Pister, K., Struik,
+ R., and J. Vasseur, "RPL: IPv6 Routing Protocol for
+ Low power and Lossy Networks", Work in Progress,
+ March 2011.
+
+ [SP-MULPIv3.0] CableLabs, "DOCSIS 3.0 MAC and Upper Layer Protocols
+ Interface Specification, CM-SP-MULPIv3.0-I10-
+ 090529", May 2009.
+
+ [SmartGrid] Wikipedia, "Wikipedia Article: Smart Grid",
+ February 2011, <http://en.wikipedia.org/w/
+ index.php?title=Smart_grid&oldid=415838933>.
+
+ [TCP-SEC] Gont, F., "Security Assessment of the Transmission
+ Control Protocol (TCP)", Work in Progress,
+ January 2011.
+
+ [r1822] Bolt Beranek and Newman Inc., "Interface Message
+ Processor -- Specifications for the interconnection
+ of a host and a IMP, Report No. 1822", January 1976.
+
+ [xCAL] Daboo, C., Douglass, M., and S. Lees, "xCal: The XML
+ format for iCalendar", Work in Progress, April 2011.
+
+
+
+
+
+
+
+
+
+
+Baker & Meyer Informational [Page 57]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+Appendix A. Example: Advanced Metering Infrastructure
+
+ This appendix provides a worked example of the use of the Internet
+ Protocol Suite in a network such as the Smart Grid's Advanced
+ Metering Infrastructure (AMI). There are several possible models.
+
+ Figure 6 shows the structure of the AMI as it reaches out towards a
+ set of residences. In this structure, we have the home itself and
+ its Home Area Network (HAN), the Neighborhood Area Network (NAN) that
+ the utility uses to access the meter at the home, and the utility
+ access network that connects a set of NANs to the utility itself.
+ For the purposes of this discussion, assume that the NAN contains a
+ distributed application in a set collectors, which is of course only
+ one way the application could be implemented.
+
+ ---
+ A thermostats, appliances, etc
+ | ------+-----------------------------------
+ | |
+ |"HAN" | <--- Energy Services Interface (ESI)
+ | +---+---+
+ | | Meter | Meter is generally an ALG between the AMI and the HAN
+ | +---+---+
+ V \
+ --- \
+ A \ | /
+ | \ | /
+ | "NAN" +--+-+-+---+ Likely a router but could
+ | |Collector | be a front-end application
+ V +----+-----+ gateway for utility
+ --- \
+ A \ | /
+ | \ | /
+ |"AMI" +--+-+-+--+
+ | | AMI |
+ | | Headend |
+ V +---------+
+ ---
+
+ Figure 6: The HAN, NAN, and Utility in the Advanced Metering
+ Infrastructure
+
+ There are several questions that have to be answered in describing
+ this picture, which given possible answers yield different possible
+ models. They include at least:
+
+ o How does Demand Response work? Either:
+
+
+
+
+Baker & Meyer Informational [Page 58]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ * The utility presents pricing signals to the home,
+
+ * The utility presents pricing signals to individual devices
+ (e.g., a Pluggable Electric Vehicle),
+
+ * The utility adjusts settings on individual appliances within
+ the home.
+
+ o How does the utility access meters at the home?
+
+ * The AMI Headend manages the interfaces with the meters,
+ collecting metering data and passing it on to the appropriate
+ applications over the Enterprise Bus, or
+
+ * Distributed application support ("collectors") might access and
+ summarize the information; this device might be managed by the
+ utility or by a service between the utility and its customers.
+
+ In implementation, these models are idealized; reality may include
+ some aspects of each model in specified cases.
+
+ The examples include:
+
+ 1. Appendix A.2 presumes that the HAN, the NAN, and the utility's
+ network are separate administrative domains and speak application
+ to application across those domains.
+
+ 2. Appendix A.3 repeats the first example, but presuming that the
+ utility directly accesses appliances within the HAN from the
+ collector.
+
+ 3. Appendix A.4 repeats the first example, but presuming that the
+ collector directly forwards traffic as a router in addition to
+ distributed application chores. Note that this case implies
+ numerous privacy and security concerns and as such is considered
+ a less likely deployment model.
+
+A.1. How to Structure a Network
+
+ A key consideration in the Internet has been the development of new
+ link layer technologies over time. The ARPANET originally used a BBN
+ proprietary link layer called BBN 1822 [r1822]. In the late 1970's,
+ the ARPANET switched to X.25 as an interface to the 1822 network.
+ With the deployment of the IEEE 802 series technologies in the early
+ 1980's, IP was deployed on Ethernet (IEEE 802.3), Token Ring (IEEE
+ 802.5) and WiFi (IEEE 802.11), as well as Arcnet, serial lines of
+ various kinds, Frame Relay, and ATM. A key issue in this evolution
+ was that the applications developed to run on the Internet use APIs
+
+
+
+Baker & Meyer Informational [Page 59]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ related to the IPS, and as a result require little or no change to
+ continue operating in a new link layer architecture or a mixture of
+ them.
+
+ The Smart Grid is likely to see a similar evolution over time.
+ Consider the Home Area Network (HAN) as a readily understandable
+ small network. At this juncture, technologies proposed for
+ residential networks include IEEE P1901, various versions of IEEE
+ 802.15.4, and IEEE 802.11. It is reasonable to expect other
+ technologies to be developed in the future. As the Zigbee Alliance
+ has learned (and as a resulted incorporated the IPS in Smart Energy
+ Profile 2.0), there is significant value in providing a virtual
+ address that is mapped to interfaces or nodes attached to each of
+ those technologies.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Baker & Meyer Informational [Page 60]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ Utility NAN
+ /
+ /
+ +----+-----+ +--+ +--+ +--+
+ | Meter | |D1| |D2| |D3|
+ +-----+----+ ++-+ ++-+ ++-+
+ | | | |
+ ----+-+-------+----+----+---- IEEE 802.15.4
+ |
+ +--+---+
+ |Router+------/------ Residential Broadband
+ +--+---+
+ |
+ ----+---------+----+----+---- IEEE P1901
+ | | |
+ ++-+ ++-+ ++-+
+ |D4| |D5| |D6|
+ +--+ +--+ +--+
+ A thermostats, appliances, etc
+ | ------+----------------+------------------
+ |"HAN" | |
+ | +---+---+ +---+---+
+ | |Router | | Meter |
+ | |or EMS | | |
+ V +---+---+ +---+---+
+ --- | --- \
+ | ^ \ | /
+ | |"NAN" \ | /
+ ---+--- | +--+-+-+---+
+ / \ | |"Pole Top"|
+ | Internet| v +----+-----+
+ \ / ---
+ -------
+
+ Figure 7: Two Views of a Home Area Network
+
+ There are two possible communication models within the HAN, both of
+ which are likely to be useful. Devices may communicate directly with
+ each other, or they may be managed by some central controller. An
+ example of direct communications might be a light switch that
+ directly commands a lamp to turn on or off. An example of indirect
+ communications might be a control application in a Customer or
+ Building that accepts telemetry from a thermostat, applies some form
+ of policy, and controls the heating and air conditioning systems. In
+ addition, there are high-end appliances in the market today that use
+ residential broadband to communicate with their manufacturers, and
+ obviously the meter needs to communicate with the utility.
+
+
+
+
+Baker & Meyer Informational [Page 61]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ Figure 7 shows two simple networks, one of which uses IEEE 802.15.4
+ and IEEE 1901 domains, and one of which uses an arbitrary LAN within
+ the home, which could be IEEE 802.3/Ethernet, IEEE 802.15.4, IEEE
+ 1901, IEEE 802.11, or anything else that made sense in context. Both
+ show the connectivity between them as a router separate from the
+ energy management system (EMS). This is for clarity; the two could
+ of course be incorporated into a single system, and one could imagine
+ appliances that want to communicate with their manufacturers
+ supporting both a HAN interface and a WiFi interface rather than
+ depending on the router. These are all manufacturer design
+ decisions.
+
+A.1.1. HAN Routing
+
+ The HAN can be seen as communicating with two kinds of non-HAN
+ networks. One is the home LAN, which may in turn be attached to the
+ Internet, and will generally either derive its prefix from the
+ upstream ISP or use a self-generated Unique Local Addressing (ULA).
+ Another is the utility's NAN, which through an ESI provides utility
+ connectivity to the HAN; in this case the HAN will be addressed by a
+ self-generated ULA (note, however, that in some cases ESI may also
+ provide a prefix via DHCP [RFC3315]). In addition, the HAN will have
+ link-local addresses that can be used between neighboring nodes. In
+ general, an HAN will be comprised of both 802.15.4, 802.11, and
+ possibly other networks.
+
+ The ESI is a node on the user's residential network, and will not
+ typically provide stateful packet forwarding or firewall services
+ between the HAN and the utility network(s). In general, the ESI is a
+ node on the home network; in some cases, the meter may act as the
+ ESI. However, the ESI must be capable of understanding that most
+ home networks are not 802.15.4 enabled (rather, they are typically
+ 802.11 networks), and that it must be capable of setting up ad hoc
+ networks between various sensors in the home (e.g., between the meter
+ and say, a thermostat) in the event there aren't other networks
+ available.
+
+A.1.2. HAN Security
+
+ In any network, we have a variety of threats and a variety of
+ possible mitigations. These include, at minimum:
+
+ Link Layer: Why is your machine able to talk in my network? The
+ WiFi SSIDs often use some form of authenticated access control,
+ which may be a simple encrypted password mechanism or may use a
+ combination of encryption and IEEE 802.1X+EAP-TLS Authentication/
+
+
+
+
+
+Baker & Meyer Informational [Page 62]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ Authorization to ensure that only authorized communicants can use
+ it. If a LAN has a router attached, the router may also implement
+ a firewall to filter remote accesses.
+
+ Network Layer: Given that your machine is authorized access to my
+ network, why is your machine talking with my machine? IPsec is a
+ way of ensuring that computers that can use a network are allowed
+ to talk with each other, may also enforce confidentiality, and may
+ provide VPN services to make a device or network appear to be part
+ of a remote network.
+
+ Application: Given that your machine is authorized access to my
+ network and my machine, why is your application talking with my
+ application? The fact that your machine and mine are allowed to
+ talk for some applications doesn't mean they are allowed to for
+ all applications. (D)TLS, https, and other such mechanisms enable
+ an application to impose application-to-application controls
+ similar to the network layer controls provided by IPsec.
+
+ Remote Application: How do I know that the data I received is the
+ data you sent? Especially in applications like electronic mail,
+ where data passes through a number of intermediaries that one may
+ or may not really want munging it (how many times have you seen a
+ URL broken by a mail server?), we have tools (DKIM, S/MIME, and
+ W3C XML Signatures to name a few) to provide non-repudiability and
+ integrity verification. This may also have legal ramifications:
+ if a record of a meter reading is to be used in billing, and the
+ bill is disputed in court, one could imagine the court wanting
+ proof that the record in fact came from that meter at that time
+ and contained that data.
+
+ Application-specific security: In addition, applications often
+ provide security services of their own. The fact that I can
+ access a file system, for example, doesn't mean that I am
+ authorized to access everything in it; the file system may well
+ prevent my access to some of its contents. Routing protocols like
+ BGP are obsessed with the question "what statements that my peer
+ made am I willing to believe", and monitoring protocols like SNMP
+ may not be willing to answer every question they are asked,
+ depending on access configuration.
+
+ Devices in the HAN want controlled access to the LAN in question for
+ obvious reasons. In addition, there should be some form of mutual
+ authentication between devices -- the lamp controller will want to
+ know that the light switch telling it to change state is the right
+ light switch, for example. The EMS may well want strong
+ authentication of accesses -- the parents may not want the children
+
+
+
+
+Baker & Meyer Informational [Page 63]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ changing the settings, and while the utility and the customer are
+ routinely granted access, other parties (especially parties with
+ criminal intent) need to be excluded.
+
+A.2. Model 1: AMI with Separated Domains
+
+ With the background given in Appendix A.1, we can now discuss the use
+ of IP (IPv4 or IPv6) in the AMI.
+
+ In this first model, consider the three domains in Figure 6 to
+ literally be separate administrative domains, potentially operated by
+ different entities. For example, the NAN could be a WiMAX network
+ operated by a traditional telecom operator, the utility's network
+ (including the collector) is its own, and the residential network is
+ operated by the resident. In this model, while communications
+ between the collector and the Meter are normal, the utility has no
+ other access to appliances in the home, and the collector doesn't
+ directly forward messages from the NAN upstream.
+
+ In this case, as shown in Figure 7, it would make the most sense to
+ design the collector, the Meter, and the EMS as hosts on the NAN --
+ design them as systems whose applications can originate and terminate
+ exchanges or sessions in the NAN, but not forward traffic from or to
+ other devices.
+
+ In such a configuration, Demand Response has to be performed by
+ having the EMS accept messages such as price signals from the "pole
+ top", apply some form of policy, and then orchestrate actions within
+ the home. Another possibility is to have the EMS communicate with
+ the ESI located in the meter. If the thermostat has high demand and
+ low demand (day/night or morning/day/evening/night) settings, Demand
+ Response might result in it moving to a lower demand setting, and the
+ EMS might also turn off specified circuits in the home to diminish
+ lighting.
+
+ In this scenario, Quality of Service (QoS) issues reportedly arise
+ when high precedence messages must be sent through the collector to
+ the home; if the collector is occupied polling the meters or doing
+ some other task, the application may not yield control of the
+ processor to the application that services the message. Clearly,
+ this is either an application or an Operating System problem;
+ applications need to be designed in a manner that doesn't block high
+ precedence messages. The collector also needs to use appropriate NAN
+ services, if they exist, to provide the NAN QoS it needs. For
+ example, if WiMax is in use, it might use a routine-level service for
+ normal exchanges but a higher precedence service for these messages.
+
+
+
+
+
+Baker & Meyer Informational [Page 64]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+A.3. Model 2: AMI with Neighborhood Access to the Home
+
+ In this second model, let's imagine that the utility directly
+ accesses appliances within the HAN. Rather than expect an EMS to
+ respond to price signals in Demand Response, it directly commands
+ devices like air conditioners to change state, or throws relays on
+ circuits to or within the home.
+
+ +----------+ +--+ +--+ +--+
+ | Meter | |D1| |D2| |D3|
+ +-----+----+ ++-+ ++-+ ++-+
+ | | | |
+ ----+-+-------+----+----+---- IEEE 802.15.4
+ |
+ +--+---+
+ | +------/------ NAN
+ |Router|
+ | +------/------ Residential Broadband
+ +--+---+
+ |
+ ----+--+------+----+----+---- IEEE P1901
+ | | | |
+ +-+-+ ++-+ ++-+ ++-+
+ |EMS| |D4| |D5| |D6|
+ +---+ +--+ +--+ +--+
+
+
+ Figure 8: Home Area Network
+
+ In this case, as shown in Figure 8, the Meter and EMS act as hosts on
+ the HAN, and there is a router between the HAN and the NAN.
+
+ As one might imagine, there are serious security considerations in
+ this model. Traffic between the NAN and the residential broadband
+ network should be filtered, and the issues raised in Appendix A.1.2
+ take on a new level of meaning. One of the biggest threats may be a
+ legal or at least a public relations issue; if the utility
+ intentionally disables a circuit in a manner or at a time that
+ threatens life (the resident's kidney dialysis machine is on it, or a
+ respirator, for example), the matter might make the papers.
+ Unauthorized access could be part of juvenile pranks or other things
+ as well. So one really wants the appliances to only obey commands
+ under strict authentication/authorization controls.
+
+ In addition to the QoS issues raised in Appendix A.2, there is the
+ possibility of queuing issues in the router. In such a case, the IP
+ datagrams should probably use the Low-Latency Data Service Class
+
+
+
+
+Baker & Meyer Informational [Page 65]
+
+RFC 6272 Internet Protocols for the Smart Grid June 2011
+
+
+ described in [RFC4594], and let other traffic use the Standard
+ Service Class or other service classes.
+
+A.4. Model 3: Collector Is an IP Router
+
+ In this third model, the relationship between the NAN and the HAN is
+ either as in Appendix A.2 or Appendix A.3; what is different is that
+ the collector may be an IP router. In addition to whatever
+ autonomous activities it is doing, it forwards traffic as an IP
+ router in some cases.
+
+ Analogous to Appendix A.3, there are serious security considerations
+ in this model. Traffic being forwarded should be filtered, and the
+ issues raised in Appendix A.1.2 take on a new level of meaning -- but
+ this time at the utility mainframe. Unauthorized access is likely
+ similar to other financially-motivated attacks that happen in the
+ Internet, but presumably would be coming from devices in the HAN that
+ have been co-opted in some way. One really wants the appliances to
+ only obey commands under strict authentication/authorization
+ controls.
+
+ In addition to the QoS issues raised in Appendix A.2, there is the
+ possibility of queuing issues in the collector. In such a case, the
+ IP datagrams should probably use the Low-Latency Data Service Class
+ described in [RFC4594], and let other traffic use the Standard
+ Service Class or other service classes.
+
+Authors' Addresses
+
+ Fred Baker
+ Cisco Systems
+ Santa Barbara, California 93117
+ USA
+
+ EMail: fred@cisco.com
+
+
+ David Meyer
+ Cisco Systems
+ Eugene, Oregon 97403
+ USA
+
+ EMail: dmm@cisco.com
+
+
+
+
+
+
+
+
+Baker & Meyer Informational [Page 66]
+