Internet DRAFT - draft-bas-usecase-detnet

draft-bas-usecase-detnet







Deterministic Networking                                       Y. Kaneko
Internet-Draft                                                   Toshiba
Intended status: Informational                                    S. Das
Expires: April 18, 2016                   Applied Communication Sciences
                                                        October 16, 2015


    Building Automation Use Cases and Requirements for Deterministic
                               Networking
                      draft-bas-usecase-detnet-00

Abstract

   This document describes Building Automation System (BAS) use cases
   and its requirements for deterministic networking.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on April 18, 2016.

Copyright Notice

   Copyright (c) 2015 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.




Kaneko & Das             Expires April 18, 2016                 [Page 1]

Internet-Draft             bas-usecase-detnet               October 2015


Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  Requirements Language . . . . . . . . . . . . . . . . . . . .   3
   3.  Building Automation Systems . . . . . . . . . . . . . . . . .   3
     3.1.  BAS Functionality . . . . . . . . . . . . . . . . . . . .   3
     3.2.  BAS Architecture  . . . . . . . . . . . . . . . . . . . .   4
     3.3.  Deployment Model  . . . . . . . . . . . . . . . . . . . .   5
     3.4.  Use cases and Field Network Requirements  . . . . . . . .   7
       3.4.1.  Environmental Monitoring  . . . . . . . . . . . . . .   7
       3.4.2.  Fire Detection  . . . . . . . . . . . . . . . . . . .   8
       3.4.3.  Feedback Control  . . . . . . . . . . . . . . . . . .   9
   4.  Security Considerations . . . . . . . . . . . . . . . . . . .  10
   5.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .  10
   6.  References  . . . . . . . . . . . . . . . . . . . . . . . . .  10
     6.1.  Normative References  . . . . . . . . . . . . . . . . . .  10
     6.2.  Informative References  . . . . . . . . . . . . . . . . .  10
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  11

1.  Introduction

   Building Automation System (BAS) is a system that manages various
   equipment and sensors in buildings (e.g., heating, cooling and
   ventilating) for improving residents' comfort, reduction of energy
   consumption and automatic responses in case of failure and emergency.
   For example, BAS measures temperature of a room by using various
   sensors and then controls the HVAC (Heating, Ventilating, and air
   Conditioning) system automatically to maintain the temperature level
   and minimize the energy consumption.

   There are typically two layers of network in a BAS.  Upper one is
   called management network and the lower one is called field network.
   In management networks, an IP-based communication protocol is used
   while in field network, non-IP based communication protocols (a.k.a.,
   field protocol) are mainly used.

   There are many field protocols used in today's deployment in which
   some medium access control and physical layers protocols are
   standards-based and others are proprietary based.  Therefore the BAS
   needs to have multiple MAC/PHY modules and interfaces to make use of
   multiple field protocols based devices.  This situation not only
   makes BAS more expensive with large development cycle of multiple
   devices but also creates the issue of vendor lock-in with multiple
   types of management applications.

   The other issue with some of the existing field networks and
   protocols are security.  When these protocols and network were
   developed, it was assumed that the field networks are isolated



Kaneko & Das             Expires April 18, 2016                 [Page 2]

Internet-Draft             bas-usecase-detnet               October 2015


   physically from external networks and therefore the network and
   protocol security was not a concern.  However, in today's world many
   BASes are managed remotely and is connected to shared IP networks and
   it is also not uncommon that same IT infrastructure is used be it
   office, home or in enterprise networks.  Adding network and protocol
   security to existing system is a non-trivial task.

   This document first describes the BAS functionalities, its
   architecture and current deployment models.  Then we discuss the use
   cases and field network requirements that need to be satisfied by
   deterministic networking.

2.  Requirements Language

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in BCP 14, RFC 2119
   [RFC2119].

3.  Building Automation Systems

3.1.  BAS Functionality

   Building Automation System (BAS) is a system that manages various
   devices in buildings automatically.  BAS primarily performs the
   following functions:

   o  Measures states of devices in a regular interval.  For example,
      temperature or humidity or illuminance of rooms, on/off state of
      room lights, open/close state of doors, FAN speed, valve, running
      mode of HVAC, and its power consumption.

   o  Stores the measured data into a database (Note: The database keeps
      the data for several years).

   o  Provides the measured data for BAS operators for visualization.

   o  Generates alarms for abnormal state of devices (e.g., calling
      operator's cellular phone, sending an e-mail to operators and so
      on).

   o  Controls devices on demand.

   o  Controls devices with a pre-defined operation schedule (e.g., turn
      off room lights at 10:00 PM).






Kaneko & Das             Expires April 18, 2016                 [Page 3]

Internet-Draft             bas-usecase-detnet               October 2015


3.2.  BAS Architecture

   A typical BAS architecture is described below in Figure 1.  There are
   several elements in a BAS.

                     +----------------------------+
                     |                            |
                     |       BMS        HMI       |
                     |        |          |        |
                     |  +----------------------+  |
                     |  |  Management Network  |  |
                     |  +----------------------+  |
                     |        |          |        |
                     |        LC         LC       |
                     |        |          |        |
                     |  +----------------------+  |
                     |  |     Field Network    |  |
                     |  +----------------------+  |
                     |     |     |     |     |    |
                     |    Dev   Dev   Dev   Dev   |
                     |                            |
                     +----------------------------+

                     BMS := Building Management Server
                     HMI := Human Machine Interface
                     LC  := Local Controller

                        Figure 1: BAS architecture

   Human Machine Interface (HMI): It is commonly a computing platform
   (e.g., desktop PC) used by operators.  Operators perform the
   following operations through HMI.

   o  Monitoring devices: HMI displays measured device states.  For
      example, latest device states, a history chart of states, a popup
      window with an alert message.  Typically, the measured device
      states are stored in BMS (Building Management Server).

   o  Controlling devices: HMI provides ability to control the devices.
      For example, turn on a room light, set a target temperature to
      HVAC.  Several parameters (a target device, a control value,
      etc.), can be set by the operators which then HMI sends to a LC
      (Local Controller) via the management network.

   o  Configuring an operational schedule: HMI provides scheduling
      capability through which operational schedule is defined.  For
      example, schedule includes 1) a time to control, 2) a target
      device to control, and 3) a control value.  A specific operational



Kaneko & Das             Expires April 18, 2016                 [Page 4]

Internet-Draft             bas-usecase-detnet               October 2015


      example could be turn off all room lights in the building at 10:00
      PM.  This schedule is typically stored in BMS.

   Building Management Server (BMS) collects device states from LCs
   (Local Controllers) and stores it into a database.  According to its
   configuration, BMS executes the following operation automatically.

   o  BMS collects device states from LCs in a regular interval and then
      stores the information into a database.

   o  BMS sends control values to LCs according to a pre-configured
      schedule.

   o  BMS sends an alarm signal to operators if it detects abnormal
      devices states.  For example, turning on a red lamp, calling
      operators' cellular phone, sending an e-mail to operators.

   BMS and HMI communicate with Local Controllers (LCs) via IP-based
   communication protocol standardized by BACnet/IP [bacnetip], KNX/IP
   [knx].  These protocols are commonly called as management protocols.
   LCs measure device states and provide the information to BMS or HMI.
   These devices may include HVAC, FAN, doors, valves, lights, sensors
   (e.g., temperature, humidity, and illuminance).  LC can also set
   control values to the devices.  LC sometimes has additional
   functions, for example, sending a device state to BMS or HMI if the
   device state exceeds a certain threshold value, feedback control to a
   device to keep the device state at a certain state.  Typical example
   of LC is a PLC (Programmable Logic Controller).

   Each LC is connected with a different field network and communicates
   with several tens or hundreds of devices via the field network.
   Today there are many field protocols used in the field network.
   Based on the type of field protocol used, LC interfaces and its
   hardware/software could be different.  Field protocols are currently
   non-IP based in which some of them are standards-based (e.g., LonTalk
   [lontalk], Modbus [modbus], Profibus [profibus], FL-net [flnet],) and
   others are proprietary.

3.3.  Deployment Model

   An example BAS system deployment model for medium and large buildings
   is depicted in Figure 2 below.  In this case the physical layout of
   the entire system spans across multiple floors in which there is
   normally a monitoring room where the BAS management entities are
   located.  Each floor will have one or more LCs depending upon the
   number of devices connected to the field network.





Kaneko & Das             Expires April 18, 2016                 [Page 5]

Internet-Draft             bas-usecase-detnet               October 2015


           +--------------------------------------------------+
           |                                          Floor 3 |
           |     +----LC~~~~+~~~~~+~~~~~+                     |
           |     |          |     |     |                     |
           |     |         Dev   Dev   Dev                    |
           |     |                                            |
           |---  |  ------------------------------------------|
           |     |                                    Floor 2 |
           |     +----LC~~~~+~~~~~+~~~~~+  Field Network      |
           |     |          |     |     |                     |
           |     |         Dev   Dev   Dev                    |
           |     |                                            |
           |---  |  ------------------------------------------|
           |     |                                    Floor 1 |
           |     +----LC~~~~+~~~~~+~~~~~+   +-----------------|
           |     |          |     |     |   | Monitoring Room |
           |     |         Dev   Dev   Dev  |                 |
           |     |                          |    BMS   HMI    |
           |     |   Management Network     |     |     |     |
           |     +--------------------------------+-----+     |
           |                                |                 |
           +--------------------------------------------------+

           Figure 2: Deployment model for Medium/Large Buildings

   Each LC is then connected to the monitoring room via the management
   network.  In this scenario, the management functions are performed
   locally and reside within the building.  In most cases, fast Ethernet
   (e.g. 100BASE-TX) is used for the management network.  In the field
   network, variety of physical interfaces such as RS232C, and RS485 are
   used.  Since management network is non-real time, Ethernet without
   quality of service is sufficient for today's deployment.  However,
   the requirements are different for field networks when they are
   replaced by either Ethernet or any wireless technologies supporting
   real time requirements (Section 3.4).

   Figure 3 depicts a deployment model in which the management can be
   hosted remotely.  This deployment is becoming popular for small
   office and residential buildings whereby having a standalone
   monitoring system is not a cost effective solution.  In such
   scenario, multiple buildings are managed by a remote management
   monitoring system.









Kaneko & Das             Expires April 18, 2016                 [Page 6]

Internet-Draft             bas-usecase-detnet               October 2015


                                                 +---------------+
                                                 | Remote Center |
                                                 |               |
                                                 |  BMS     HMI  |
        +------------------------------------+   |   |       |   |
        |                            Floor 2 |   |   +---+---+   |
        |    +----LC~~~~+~~~~~+ Field Network|   |       |       |
        |    |          |     |              |   |     Router    |
        |    |         Dev   Dev             |   +-------|-------+
        |    |                               |           |
        |--- | ------------------------------|           |
        |    |                       Floor 1 |           |
        |    +----LC~~~~+~~~~~+              |           |
        |    |          |     |              |           |
        |    |         Dev   Dev             |           |
        |    |                               |           |
        |    |   Management Network          |     WAN   |
        |    +------------------------Router-------------+
        |                                    |
        +------------------------------------+

              Figure 3: Deployment model for Small Buildings

   In either case, interoperability today is only limited to the
   management network and its protocols.  In existing deployment, there
   are limited interoperability opportunity in the field network due to
   its nature of non-IP-based design and requirements.

3.4.  Use cases and Field Network Requirements

   In this section, we describe several use cases and corresponding
   network requirements.

3.4.1.  Environmental Monitoring

   In this use case, LCs measure environmental data (e.g. temperatures,
   humidity, illuminance, CO2, etc.) from several sensor devices at each
   measurement interval.  LCs keep latest value of each sensor.  BMS
   sends data requests to LCs to collect the latest values, then stores
   the collected values into a database.  Operators check the latest
   environmental data that are displayed by the HMI.  BMS also checks
   the collected data automatically to notify the operators if a room
   condition was going to bad (e.g., too hot or cold).  The following
   table lists the field network requirements in which the number of
   devices in a typical building will be ~100s per LC.






Kaneko & Das             Expires April 18, 2016                 [Page 7]

Internet-Draft             bas-usecase-detnet               October 2015


                  +----------------------+-------------+
                  | Metric               | Requirement |
                  +----------------------+-------------+
                  | Measurement interval | 100 msec    |
                  |                      |             |
                  | Availability         | 99.999 %    |
                  +----------------------+-------------+

     Table 1: Field Network Requirements for Environmental Monitoring

   There is a case that BMS sends data requests at each 1 second in
   order to draw a historical chart of 1 second granularity.  Therefore
   100 msec measurement interval is sufficient for this use case,
   because typically 10 times granularity (compared with the interval of
   data requests) is considered enough accuracy in this use case.  A LC
   needs to measure values of all sensors connected with itself at each
   measurement interval.  Each communication delay in this scenario is
   not so critical.  The important requirement is completing
   measurements of all sensor values in the specified measurement
   interval.  The availability in this use case is very high (Three 9s).

3.4.2.  Fire Detection

   In the case of fire detection, HMI needs to show a popup window with
   an alert message within a few seconds after an abnormal state is
   detected.  BMS needs to do some operations if it detects fire.  For
   example, stopping a HVAC, closing fire shutters, and turning on fire
   sprinklers.  The following table describes requirements in which the
   number of devices in a typical building will be ~10s per LC.

                 +----------------------+---------------+
                 | Metric               | Requirement   |
                 +----------------------+---------------+
                 | Measurement interval | 10s of msec   |
                 |                      |               |
                 | Communication delay  | < 10s of msec |
                 |                      |               |
                 | Availability         | 99.9999 %     |
                 +----------------------+---------------+

          Table 2: Field Network Requirements for Fire Detection

   In order to perform the above operation within a few seconds (1 or 2
   seconds) after detecting fire, LCs should measure sensor values at a
   regular interval of less than 10s of msec.  If a LC detects an
   abnormal sensor value, it sends an alarm information to BMS and HMI
   immediately.  BMS then controls HVAC or fire shutters or fire
   sprinklers.  HMI then displays a pop up window and generates the



Kaneko & Das             Expires April 18, 2016                 [Page 8]

Internet-Draft             bas-usecase-detnet               October 2015


   alert message.  Since the management network does not operate in real
   time, and software run on BMS or HMI requires 100s of ms, the
   communication delay should be less than ~10s of msec.  The
   availability in this use case is very high (Four 9s).

3.4.3.  Feedback Control

   Feedback control is used to keep a device state at a certain value.
   For example, keeping a room temperature at 27 degree Celsius, keeping
   a water flow rate at 100 L/m and so on.  The target device state is
   normally pre-defined in LCs or provided from BMS or from HMI.

   In feedback control procedure, a LC repeats the following actions at
   a regular interval (feedback interval).

   1.  The LC measures device states of the target device.

   2.  The LC calculates a control value by considering the measured
       device state.

   3.  The LC sends the control value to the target device.

   The feedback interval highly depends on the characteristics of the
   device and a target quality of control value.  While several tens of
   milliseconds feedback interval is sufficient to control a valve that
   regulates a water flow, controlling DC motors requires several
   milliseconds interval.  The following table describes the field
   network requirements in which the number of devices in a typical
   building will be ~10s per LC.

                 +----------------------+---------------+
                 | Metric               | Requirement   |
                 +----------------------+---------------+
                 | Feedback interval    | ~10ms - 100ms |
                 |                      |               |
                 | Communication delay  | < 10s of msec |
                 |                      |               |
                 | Communication jitter | < 1 msec      |
                 |                      |               |
                 | Availability         | 99.9999 %     |
                 +----------------------+---------------+

         Table 3: Field Network Requirements for Feedback Control

   Small communication delay and jitter are required in this use case in
   order to provide high quality of feedback control.  This is currently
   offered in production environment with hgh availability (Four 9s).




Kaneko & Das             Expires April 18, 2016                 [Page 9]

Internet-Draft             bas-usecase-detnet               October 2015


4.  Security Considerations

   Both network and physical security of BAS are important.  While
   physical security is present in today's deployment, adequate network
   security and access control are either not implemented or configured
   properly.  This was sufficient in networks while they are isolated
   and not connected to the IT or other infrastructure networks but when
   IT and OT (Operational Technology) are connected in the same
   infrastructure network, network security is essential.  The
   management network being an IP-based network does have the protocols
   and knobs to enable the network security but in many cases BAS for
   example, does not use device authentication or encryption for data in
   transit.  On the contrary, many of today's field networks do not
   provide any security at all.  Following are the high level security
   requirements that the network should provide:

   o  Authentication between management and field devices (both local
      and remote)

   o  Integrity and data origin authentication of communication data
      between field and management devices

   o  Confidentiality of data when communicated to a remote device

   o  Availability of network data for normal and disaster scenario

5.  IANA Considerations

   This memo includes no request to IANA.

6.  References

6.1.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <http://www.rfc-editor.org/info/rfc2119>.

6.2.  Informative References

   [bacnetip]
              ASHRAE, "Annex J to ANSI/ASHRAE 135-1995 - BACnet/IP",
              January 1999.

   [knx]      KNX Association, "ISO/IEC 14543-3 - KNX", November 2006.





Kaneko & Das             Expires April 18, 2016                [Page 10]

Internet-Draft             bas-usecase-detnet               October 2015


   [lontalk]  ECHELON, "LonTalk(R) Protocol Specification Version 3.0",
              1994.

   [modbus]   Modbus Organization, "MODBUS APPLICATION PROTOCOL
              SPECIFICATION V1.1b", December 2006.

   [profibus]
              IEC, "IEC 61158 Type 3 - Profibus DP", January 2001.

   [flnet]    Japan Electrical Manufacturers' Association, "JEMA 1479 -
              English Edition", September 2012.

Authors' Addresses

   Yu Kaneko
   Toshiba
   1 Komukai-Toshiba-cho, Saiwai-ku, Kasasaki-shi
   Kanagawa, Japan

   EMail: yu1.kaneko@toshiba.co.jp


   Subir Das
   Applied Communication Sciences
   150 Mount Airy Road, Basking Ridge
   New Jersey, 07920, USA

   EMail: sdas at appcomsci dot com























Kaneko & Das             Expires April 18, 2016                [Page 11]