Power utility edge operations technology (OT) traditionally used fixed-function devices, but moving to software-defined infrastructure has benefits like flexibility, cost savings, and improved analysis. VMware Edge Compute Stack (ECS) enables utilities to securely host critical grid infrastructure applications. The latest version of ESXi provides consistent performance, while Tanzu Kubernetes Grid allows for future application additions.
These OT applications have predominantly been executed as fixed-function devices delivered as pre-packaged hardware + software solutions. Evolving to a software-defined infrastructure hosted by ESXi, and converging present information technology (IT) and OT groups, has many benefits. These include:
Making grid operations more flexible and thereby facilitating sustainability goals
Decreasing labor costs
Simplifying asset management and life cycle
Collection of more data and improved analysis techniques
Increased network resiliency with more robust cybersecurity
Improved standardization and interoperability
Safer edge working environments
Reductions in the total number of physical devices to own and maintain
VMware Edge Compute Stack (ECS) provides essential components enabling utilities to securely host applications that are directly controlling critical grid infrastructure. As previously described, the latest version of ESXi provides bare-metal speeds coupled with a long-term, consistent performance which is essential for a power provider to be able to “keep the lights on”. And, included within ECS, Tanzu Kubernetes Grid offers a simple way for modern applications to be added in the future.
Utilities Use Cases
Some of the common applications that utilities must apply include:
System Protection Relaying (real-time requirement); the ‘P’ in virtual Protection, Automation, and Control (vPAC) offering detection of undesirable grid conditions and facilitating isolation via a high speed (within milliseconds) operation of high voltage equipment.
SCADA (Supervisory Control And Data Acquisition); the ‘AC’ in vPAC providing centralized systems and manual operators with specific, curated information used to control and maintain a power service provider’s services and assets.
Asset Control, Management, and Monitoring; specialized monitoring and information collection for both high voltage grid equipment as well as low voltage edge devices. These systems may also include Active Network Management (ANM) or Adaptive Protection Management, which in their edge forms help to facilitate data to central systems or may operate in a clustered/islanded mode with other local sites if/when the centralized systems become unavailable.
Specialty Metering; reporting/recording of metering data such as revenue, power quality, load profiling, harmonics, transient events, centralized reporting, and synchronized phasor measurements.
Event Recording, Fault Detection, Location, and Analysis; highly accurate and long-term storage of system events, as well as fault detection and analysis to provide operations with information for incident response. This may also include artificial intelligence and/or machine learning to evaluate large volumes of data.
Microgrid Integration; control performing state analysis to optimize operations both technically and financially, forecasting future conditions/scenarios, and safely interacting with a large utility grid connection.
Distributed Energy Resource (DER) Integration; smaller-scale version of vPAC working alongside disaggregated power inverters.
Distributed Control Systems; smaller versions of a utility operations center, typically found within a remote generation facility and requiring many or all of the aforementioned application capabilities within one location.
Physical Security; including video surveillance, intrusion detection, multi-factor authenticated entry, etc.
Cyber Security; monitoring, threat detection, isolation, response, and advanced network analysis.
The applications described here are also elaborated upon within the ‘Background for Utility Use Cases’ section of the Appendix.
Utilities Reference Architecture
Looking at the reference architecture for a two-node, stretched cluster:
Presently, virtual switching cannot provide long-term, guaranteed low latency as required by vPAC, and therefore these specific Virtual machines are implemented using PCI-passthrough from specialty Parallel Redundancy Protocol (PRP) and Precision Time Protocol (PTP) NICs. PRP prevents any single points of failure throughout the physical network and into the attached appliances while carrying critical process bus traffic. Non-redundant station bus traffic includes VM and device access management, as well as SCADA data.
Hardware is implemented redundantly to achieve active-active configurations for protection relaying and would therefore not need to participate in High Availability. However, the remaining applications can leverage this functionality (implemented as active-passive), along with the many other workload-beneficial mechanisms that vSphere offers. Within ESXi, PTP is ingested by a dedicated NIC port and then distributed from a time-synching VM to any vSwitch-connected applications.
Merging units are the digital interfacing devices that provide signal conversion and consolidation to and from the high-voltage grid apparatus. They participate in the process of bus communications, as well as requiring a management interface, which is ideally separate.