OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

energyinterop message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: RE: [energyinterop] RE: Initial Port of OpenADR to EnergyInterop


As firewall refers to a host of commercial product, rarely with specific common definitions, you can assume that “firewalled” refers to my youth growing up in the low chaparral fire-ready back country, rather than recommendations of specific products.

 

 

tc


"A man should never be ashamed to own that he has been in the wrong, which is but saying ... that he is wiser today than yesterday." -- Jonathan Swift


Toby Considine

Chair, OASIS oBIX TC
Facilities Technology Office
University of North Carolina
Chapel Hill, NC

  

Email: Toby.Considine@ unc.edu
Phone: (919)962-9073

http://www.oasis-open.org

blog: www.NewDaedalus.com

 

 

From: Michel Kohanim [mailto:michel@universal-devices.com]
Sent: Tuesday, July 21, 2009 5:43 PM
To: energyinterop@lists.oasis-open.org
Subject: RE: [energyinterop] RE: Initial Port of OpenADR to EnergyInterop

 

Hi Toby, from a security perspective, I totally agree with you. But, then again, words like “firewall off” have specific connotations relating to IP firewalls. The main questions are: are we getting that deep in the protocol stack? Are you simply suggesting that each building should have a firewall? If so, then we will have also address DMZ, Green Zone, and LAN. i.e. not all firewall solutions comprise one [logical] box or one boundary.

 

Personally, if ESI is essentially a firewall, then it should be called a firewall or even a Security Zone where only specific access is granted to specific interfaces based on specific actors.

 

With kind regards,

 

********************************

Michel Kohanim, C.E.O

Universal Devices, Inc.

 

(p) 818.631.0333

(f) 818.708.0755

http://www.universal-devices.com

********************************

 

From: Considine, Toby (Campus Services IT) [mailto:Toby.Considine@unc.edu]
Sent: Tuesday, July 21, 2009 2:09 PM
To: 'michel@universal-devices.com'; 'energyinterop@lists.oasis-open.org'
Subject: RE: [energyinterop] RE: Initial Port of OpenADR to EnergyInterop

 

I’m not sure I lump then onto one box. They are a penetration of the firewall around building systems. They can be used to induce changes in energy using systems or corporate purchasing behavior, so they all have a specific set of security requirements. These requirements all apply to energyinterop.

 

Now whether the ESI is for an entire neighborhood as in some HAN implementations or for one per floor of a commercial building is something else. My personal preference is that we firewall off the home/office/industry from direct access/control by third parties in general, utilities in specific

-          Utilities do not know enough about building systems

-          I do not assume that the equipment manufacturers will be make the [refrigerator] secure enough to be placed on the grid

-          There should always be the opportunity for the enterprise (or home) in the middle.

-          Even the Home-based PEV should be able to check the little league schedule before responding to DR…

 

Especially when most things will be legacy for some time, I have to assume that the EMS will be unsecured, preferably kept on a private network, and instructed by the ESI…

 

Now if in some future new-installation world, it makes sense to bolt an ESI on the outside of the EMS, that also is fine.

 

tc


"A man should never be ashamed to own that he has been in the wrong, which is but saying ... that he is wiser today than yesterday." -- Jonathan Swift


Toby Considine

Chair, OASIS oBIX TC
Facilities Technology Office
University of North Carolina
Chapel Hill, NC

  

Email: Toby.Considine@ unc.edu
Phone: (919)962-9073

http://www.oasis-open.org

blog: www.NewDaedalus.com

 

 

From: Michel Kohanim [mailto:michel@universal-devices.com]
Sent: Tuesday, July 21, 2009 12:29 PM
To: energyinterop@lists.oasis-open.org
Subject: RE: [energyinterop] RE: Initial Port of OpenADR to EnergyInterop

 

Toby, this is excellent information.

 

Now, my question is: why should we lump the “interfaces” that the facility uses to interact with the outside world all into a BOX called ESI? If they are interfaces, they should be treated as such with appropriate actors … i.e. Market Operations Interface, actors: Market Operations Service, Facility EMS/Manager, etc.

 

Thank you.

 

********************************

Michel Kohanim, C.E.O

Universal Devices, Inc.

 

(p) 818.631.0333

(f) 818.708.0755

http://www.universal-devices.com

********************************

 

From: Considine, Toby (Campus Services IT) [mailto:Toby.Considine@unc.edu]
Sent: Tuesday, July 21, 2009 8:22 AM
To: 'Holmberg, David'; 'Dinges, Sharon'; 'Edward Koch'; 'energyinterop@lists.oasis-open.org'
Subject: RE: [energyinterop] RE: Initial Port of OpenADR to EnergyInterop

 

I must say that ESI and what is the ESI is a matter in a lot of conflict on the smart grid team. I think we get to define it.

 

As I see it, ESI is the abstraction for all communications, occluding internal technologies, enforcing security policy, etc. There are three external interfaces that I know:

 

1)      Market Operations

2)      Curtailment

3)      Verification

4)      Proxy for Direct Control

 

I think energy interoperation is concerned with (1) and (2).  (4) is something else. (3) is one of the great questions on the draft. What does it mean going forward. I expect we may spend as much time on determining what if any of (3) is involved. I highlighted it in the draft for that reason///

 

 

As to using BACnet-ws in energyinterop—I just can’t see it. BACnet-WS was never designed to be in the wild.

 

tc

 


"A man should never be ashamed to own that he has been in the wrong, which is but saying ... that he is wiser today than yesterday." -- Jonathan Swift


Toby Considine

Chair, OASIS oBIX TC
Facilities Technology Office
University of North Carolina
Chapel Hill, NC

  

Email: Toby.Considine@ unc.edu
Phone: (919)962-9073

http://www.oasis-open.org

blog: www.NewDaedalus.com

 

 

From: Holmberg, David [mailto:david.holmberg@nist.gov]
Sent: Tuesday, July 21, 2009 10:45 AM
To: Dinges, Sharon; Considine, Toby (Campus Services IT); Edward Koch; energyinterop@lists.oasis-open.org
Subject: RE: [energyinterop] RE: Initial Port of OpenADR to EnergyInterop

 

Toby, Sharon,

 

I believe Ed’s reference to BACnet was to the use of BACnet web services in the OpenADR spec as one of the options between DRAS and DRAS Client. Thus BACnet WS is in scope, but otherwise I agree. So, what is the ESI? In my mind it is an external gateway for access to the facility network, often owned by the IT dept (if there is one), with the purpose of firewalling and routing to appropriate box on the inside (like the EMS).

 

David

 

From: Dinges, Sharon [mailto:sdinges@trane.com]
Sent: Tuesday, July 21, 2009 9:14 AM
To: Considine, Toby (Campus Services IT); Edward Koch; energyinterop@lists.oasis-open.org
Subject: RE: [energyinterop] RE: Initial Port of OpenADR to EnergyInterop

 

Toby,

 

I believe this is a fair assessment.  The interactions between the EMS and the external ESI are more appropriately communicated using XML and web services. 

 

Then, at the EMS level, the systems would communicate using BACnet, LonWorks, OPC, HAN, DALI, etc.

 

Regards,

Sharon

 


From: Considine, Toby (Campus Services IT) [mailto:Toby.Considine@unc.edu]
Sent: Monday, July 20, 2009 20:40
To: 'Edward Koch'; 'energyinterop@lists.oasis-open.org'
Subject: [energyinterop] RE: Initial Port of OpenADR to EnergyInterop

In terms of the smart grid diagrams,  outside communications should be with Energy Services Interface (ESI), which is something different than the Energy Management System (EMS). Makers of BACnet, LON, HAN, DALI, et al will each figure out what the middle layer is.  Oft times, the enterprise will be in between the ESI and any EMS. It certainly will be in any industrial environment…

 

BACNET, LON and friends are out of scope…

 

 

 


"A man should never be ashamed to own that he has been in the wrong, which is but saying ... that he is wiser today than yesterday." -- Jonathan Swift


Toby Considine

Chair, OASIS oBIX TC
Facilities Technology Office
University of North Carolina
Chapel Hill, NC

  

Email: Toby.Considine@ unc.edu
Phone: (919)962-9073

http://www.oasis-open.org

blog: www.NewDaedalus.com

 

 

From: Edward Koch [mailto:ed@akuacom.com]
Sent: Monday, July 20, 2009 8:41 PM
To: Considine, Toby (Campus Services IT); 'energyinterop@lists.oasis-open.org'
Subject: RE: Initial Port of OpenADR to EnergyInterop

 

Enclosed is a pass on the document that Toby sent out.  I mostly tried to answer some of his questions and added some comments of my own. 

 

Here are some general comments:

 

It looked like there is some material missing at the end. 

 

Clearly there needs to be some verbiage added concerning security requirements. 

 

There needs to be some meat added for the interaction and data models.  Perhaps adding in some of the diagrams from the spec will fulfill this requirement.

 

We need to give some thought to what we are going to do with the various interfaces, i.e. BACnet versus REST versus SOAP, etc.

 

 

-ed koch

 

 

The information contained in this message is privileged and intended only for the recipients named. If the reader is not a representative of the intended recipient, any review, dissemination or copying of this message or the information it contains is prohibited. If you have received this message in error, please immediately notify the sender, and delete the original message and attachment..



[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]