The energy industry generates petabytes of data every day, but much of it goes unused. In recent years, utilities and companies have been harnessing these resources, leading to improved grid efficiency, enhanced energy management, better integration of renewable sources, and the stimulation of innovation in energy services and customer experiences. Simultaneously, the dynamic development of cloud solutions, related applications, and artificial intelligence provides all the necessary tools to fully exploit this information. However, to make use of it, the data must first be uploaded to a local server or the cloud. The following article discusses these aspects and describes, based on the example of the Apis device and the Google Cloud Platform (GCP), how to establish a secure connection and transfer information from the energy infrastructure to the cloud.

JPEmbedded become an official partner of Google Cloud Platform

On March 23, 2023, JPEmbedded became an official partner of the Google Cloud Platform (GCP). It all started with our meeting with representatives of Google Cloud in the autumn of 2022 when it turned out that our offers complement each other, and by combining our competencies, we can provide customers with comprehensive solutions.

How can customers benefit from the JPEmbedded and Google partnership?

JPEmbedded possesses extensive expertise in utilizing communication protocols (like IEC 61850, DNP3, IEC 60870-5, Profinet, Ethernet/IP…) in the energy and industrial sectors. Additionally, the company also supplies protocol converters and data collection devices. Thanks to these products and the support of JPEmbedded engineers, customers can seamlessly implement solutions for gathering and delivering specific process details to the Google Cloud.

It’s important to emphasize that information doesn’t need to reside within a single point of access. Instead, it can be dispersed across diverse locations and accessed through several types of devices, each necessitating the utilization of different communication protocols (such as DNP3, IEC 61850, Modbus, or MQTT).

When data originating from energy or industrial systems is being fetched to platforms such as BigQuery, analysis and business intelligence tools play a crucial role in supporting customers in organizing and extracting insights from their data collections. Examples of these can include ‘Connected Sheet’ or ‘Looker’, which are part of the Google Cloud platform.

Considering the experience of both sides, the cooperation between JPEmbedded and Google opens almost unlimited possibilities for collecting distributed data and analyzing them using advanced analytical applications in the cloud.

Connecting the OT systems in smart energy grids with Google Cloud Platform

One of the main ideas of our cooperation with Google is to provide customers with a solution that connects Operational Technology (OT) systems in smart energy grids with the Google Cloud Platform. OT systems include industrial control systems (ICS), such as supervisory control and data acquisition (SCADA) systems, distributed energy resources (DER), remote terminal units (RTU), and programmable logic controllers (PLC), as well as dedicated networks and organization units. The Internet of Things (IoT) and Embedded Systems used widely in energy applications are also included in the sphere of operational technology (e.g., smart instrumentation), along with a large subset of scientific data acquisition, control, and computational equipment.

All the devices mentioned above generate large amounts of information that can be successfully processed after being sent to GCP. One of the simplest and seamless solutions that allows to connect OT systems in the power industry with the Google Cloud is to use the Apis Box electronic module, the operation of which will be outlined in the following paragraphs.

Apis Box – gateway to the Google Cloud Platform

Any device (e.g., an energy meter or a merging unit) utilizing protocols like DNP3 and IEC 61850, can be seamlessly communicated with the Google Cloud Platform through Apis Box – an independent gateway that supports the most popular communication protocols used in smart energy and other areas. It is based on the STM32F7 processor from ST, meets industrial-grade requirements, and can be easily integrated into existing power industry installations. Depending on the configuration, Apis Box can collect data from one or more sources. The device uses JPEmbedded’s Smart Grid protocol implementations, and it can work as either a master or client in communication with other Intelligent Electronic Devices (IEDs) operating within the power grid. The device can collect information from them and send it to GCP. Apis Box communicates with the platform through the Pub/Sub Rest API.

Please note, that the Apis Box acts as a bridge, ensuring compatibility between the diverse protocols and enabling a hassle-free connection between the hardware and the cloud environment.

One of the key functionalities supported by Apis Box is the conversion of energy protocols (such as DNP3, IEC 61850, IEC 60870-5, MQTT, Modbus) into the Pub/Sub format supported by the Google Cloud Platform. The gateway features specialized software that implements individual protocols and performs data conversions between them based on the provided mapping file. To define mappings and configure the device, a dedicated Drosera application is used. This desktop tool offers an intuitive user interface for configuration and mappings, as well as for setup of access tokens required by OAuth 2.0 protocol.

It also allows to upload of a configuration file to the Apis Box.

Smart Grid to Google Cloud Platform – possible integration scenarios

Apis Box can operate in various scenarios. The main one includes one-to-one conversion, for example, when a user wants to connect DNP3 server device to the GCP. For some protocols the gateway can also operate as ‘many to the cloud’. In such setup it aggregates data from several sources and sends them to GCP. Picture below depicts possible configurations.

Authentication and streaming steps

How to setup the Apis Box device and its communication with the cloud? Let’s follow the example procedure for a device that performs measurements and collects data, analog values (e.g., voltage, current, temperature), binary inputs etc. and communicates using the DNP3 protocol.

1. The user configures Pub/Sub and BigQuery services on Google Cloud Platform.
2. In the Drosera application, the user, defines connection with Outstation and mapping of the relevant data between DNP3 and Pub/Sub.
3. The user uploads the configuration file to Apis Box.
4. The user connects Apis Box to the network and to the DNP3 Outstation.
5. Apis Box establishes a connection with the cloud, authenticates itself using the OAuth 2.0 protocol, and obtains an access token.
6. When communication is established, Apis Box continuously reads data from the device and sends it via Pub/Sub to the cloud.

The information is stored in one of the databases (e.g., BigQuery) in the GCP. The diagram below illustrates the entire process for any protocol.

What about the cybersecurity?

Cybersecurity is crucial for communication in smart energy grids. They are highly interconnected and reliant on digital communication technologies to manage and optimize electricity generation, distribution, and consumption. The integration of various smart devices, sensors, and communication networks increases the attack surface for potential cyber threats.

In the case of sending energy data to the cloud, its privacy and confidentiality is critical. Smart energy grids collect and exchange large amounts of sensitive information, including consumption patterns, user behaviour, and energy flow details. Robust cybersecurity measures are necessary to protect these sources from unauthorized access and potential privacy breaches.

The challenges mentioned above have been addressed within the Apis Box software as well. To establish a secure connection to the cloud, the OAuth 2.0 protocol, which is recommended by GCP, is utilized. OAuth, an abbreviation for ‘Open Authorization,’ is an open-standard framework designed for secure and delegated access to resources on behalf of a user.

Thanks to this protocol, Apis Box is authenticated and authorized, and receives a dedicated token for accessing Pub/Sub services. This token defines a set of granted access scopes, which, when sent to the cloud API, allows access to specific resources. Important fact is that with OAuth, applications can access specific resources without needing knowledge of the user’s login credentials, thereby enhancing both security and user privacy.

Pub/Sub encrypts messages with Google-managed keys by default. There is no setup or additional configuration required. Thus, the use of Apis Box to collect data from processes in the energy industry is safe and compliant with the solutions recommended by the Google Cloud Platform.

Summary

As we have presented in this article, there are opportunities and tools available to streamline the transfer of information from industrial devices to the cloud. Furthermore, thanks to the utilization of encryption protocols, this process can be carried out in a completely secure manner.

What’s next? As Hilary Mason, a founder of Fast Forward Labs, once said: ‘The core advantage of data is that it tells you something about the world that you didn’t know before.’ So, let’s embark on a journey to explore the world of energy with cloud-based data and utilize it to make electricity greener, more efficient, cost-effective, and our infrastructure more reliable.

If you have any ideas for the cooperation or would like to learn more about our ‘energy to cloud’ gateway or other JPEmbedded solutions related to GCP, please contact us at: mgasienica@jpembedded.eu.