back to Carina home  
Delivering the next generation of automation...Carina Technology

Carina Technology
   
Overview
Hardware Technology
Software Technology
Technical Specifications
Communications
Carina GateNet
Contact Us


Carina Technology

Communications Technology (Cellular)

Carina Intelligent Wireless RTU Communication
Over the Cellular Network

All Carina Technology, Inc. (CTI) Intelligent Wireless Remote Terminal Units (RTU) contain a cellular radio that communicates using digital messages on the North America AMPS control channel. The control channel provides the most ubiquitous coverage in North America, with 98% coverage in populated geographies.

click to view larger
Click to view larger image

The RTU’s radio exchanges these digitized messages with the cell tower over the forward and reverse control channels.

Each CTI radio has a unique “Electronic Serial Number” (ESN) assigned by the radio manufacturer, and a unique “Mobile Identification Number” (MIN) used by CTI and the cellular system to route messages to the device. CTI (via our Aggregation Partner) owns a unique block of MINs that are non-dialable – which means that no person on the public phone network can dial a CTI unit. Each unit uses both a primary MIN and one or more secondary MINs to receive commands from the system.

The RTU communicates to the local cell tower site(s) via the control channel. Each cell tower communicates to the cellular carrier’s switching center via secure private network, (typically fixed land line connections). Thus, the wireless portion of the communication is generally confined to the local cell tower environment. Carina’s aggregation partner, has contracts with all major carriers, providing the broadest coverage available in North America. Communication between the various cellular carriers’switching centers and our aggregation partner is achieved over the telephone companies’ secure, redundant SS7 network.

Reliability features of this control channel communication system include:

  • Each message sent to the CTI radio is sent five times, and the radio receiver applies a three-out-of-five voting scheme as well as BCH validation to ensure the correct command has been received.
  • Each individual AMPS control channel message contains error detection and correction code.
  • Each CTI unit will attempt the above process up to five times to ensure the communication is successful.

Security features of this control channel communication system include:

  • The CTI RTU’s radio complies with EIA-553 and IS-41 standards governing secure cellular communications.
  • Since CTI's blocks of MINs are non-dialable, no person can dial these MINs from the public phone network.
  • The use of multiple MINs to communicate forward control channel messages greatly complicates any possible intrusion attempts to control the end device. (The forward channel is used to send control commands to the RTU).
  • The aggregation partner's network switch authenticates valid RTU messages against both the ESN and MIN of the unit. CTI then authenticates valid RTU messages against the MIN of the unit.
  • The wireless portion of the network is a ‘tree’ topology, which inherently increases security.

Since each wireless RTU communicates only to the cell tower(s) in its vicinity, a typical utility deployment would involve units communicating with many different cell towers. Any intrusion attempts over the wireless portion of the network would need to be initiated at the local tower, where the intruder could only attempt access to the units local to that particular tower. This contrasts to ‘bus’ architecture systems where all wireless units communicate on the same radio frequency ‘bus’, and thus if an intruder gains access to one portion of the ‘bus’, he has access to all units on that bus.

  • CTI uses an encrypted proprietary non-published protocol over multiple MINs to transmit data and commands to/from the wireless RTU. The use of an encrypted unpublished protocol combined with the fact that the communications are end-device specific make intrusion extremely difficult.

Note relative to DNP protocol: If the RTU is communicating DNP3 commands to/from an intelligent electronic device, then the DNP protocol is encoded in the control channel commands using a proprietary, non-published protocol. Furthermore, the messages in this case would be specific to the DNP integration for the particular Intelligent Electronic Device (IED) being controlled, (e.g., Cooper 5C recloser control). Thus, in this instance any intrusion would require decoding the protocol relative to physical observations of equipment actions, a very difficult task at best.

Aggregate Network Switching Center top of page

CTI's aggregation partner provides ubiquitous control channel coverage throughout 98% of the populated areas of North America. Our aggregation partner maintains contracts and direct network connections to all of the largest carriers (over 50) in North America, (Verizon, Sprint, AT&T, TMobile, etc). The aggregation partner maintains connections to the cellular carriers through the telecommunications industry’s SS7 network. The SS7 network is a secure, highly redundant and fault tolerant network that interconnects the telecommunications industry.

Communication to/from the RTUs is routed from the applicable cellular carriers switch over the SS7 network to the aggregation's partner network switching center. Each unit is authenticated against valid MIN and ESN information, and every communication is acknowledged. The aggregation partner switch routes all Carina communications across a secure, dedicated frame relay circuit to the Carina Network Operations Center (NOC).

Security features at the Aggregation Partner Switching Center include:

  • Partner maintains secure connections to each carrier directly over the SS7 network using redundant SS7 switches.
  • Partner authenticates valid messages against both the ESN and MIN of the Carina RTU. Only authorized units are allowed to transmit data.
  • The aggregation partner switch would block any messages attempted to the Carina RTU that do not originate from the Carina network operations center.
  • Partner maintains a firewall on the SS7 side of the network switching center.

Summary of Carina System Security top of page

All elements of CTI's wireless communication and control solution are designed to provide for a reliable, secure application. CTI has built these systems based upon years of experience delivering secure communication systems for many large utility customers. These systems provide a solid base to deliver a system that meets the needs of the customer’s application. Several customers have completed intrusion and risk assessments, and concluded that the elements of this system provide strong security relative to distribution automation and control functions. CTI sales representatives and application engineers are available to discuss these details directly with our customers.

Although this provides a general security overview, CTI can discuss any customer-specific security requirements needed for a particular application. For large deployments, CTI's Engineering Services can provide customized security solutions to meet the needs of the customer’s application. Contact your CTI sales representative to discuss these needs.

 

Also see more about Carina's technology:
Hardware Technology
Software Technology
Technical Specifications
Communications Technology
Carina GateNet Technology
Technology Overview
 

top of page top of page

Related Info...
Utility Applications
Automated Metering
System Integration
What's New
Support

 
 

About Us  :  What's New  :  FAQ  :  Why Carina?  :  Technology  :  Products/Solutions  :  Investors  :  Sales Reps  :  Support  :  Contact Us  :  Sitemap  :  Home

Contact Carina: 256.704.0422
Copyright 2006. All Rights Reserved.