GGSN front end processor (GFEP) system for SCADA inter-domain communications

US 8,527,653 B2
Filed: 11/08/2010
Issued: 09/03/2013
Est. Priority Date: 11/08/2010
Status: Active Grant

First Claim

Patent Images

1. A front end processor system, comprising:

an input/output interface configured to receive data directly from a supervisory control and data acquisition device, the received data being for at least one of monitoring and controlling an advanced metering infrastructure device;

a processor being configured to;

perform a protocol conversion to facilitate transfer of the received data from the supervisory control and data acquisition device to a general packet radio service gateway support node of a wireless communications network; and

provide the received data to the general packet radio service gateway support node for delivery via the wireless communications network to the advanced metering infrastructure device;

a provisioning manager being configured to provision at least one connection between the supervisory control and data acquisition device and the front end processor system with configuration parameters comprising at least one of a connection type, a protocol used, a source address, a destination address, and a transmission restriction;

a security catalog database configured to store a security profile for the at least one connection, each security profile comprising at least one of a connection type, a supervisory control and data acquisition device characteristic, an allowed protocol, an allowed address, a data transmitted amount, and a data received amount; and

a security manager being configured to;

receive, in response to a particular connection of the at least one connection between the supervisory control and data acquisition device and the front end processor system being initiated, a request for security information from the provisioning manager;

fetch, in response to the request for security information, the security profile associated with the supervisory control and data acquisition device from the security catalog database; and

forward the security profile associated with the supervisory control and data acquisition device to the provisioning manager,wherein the provisioning manager is further configured to use the security profile to provision the particular connection.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A general packet radio service (GPRS) gateway support node (GGSN) front end processor (GFEP) system includes an input/output (I/O) interface configured to receive data directly from at least one supervisory control and data acquisition (SCADA) device. The received data is associated with at least one of monitoring and controlling an advanced metering infrastructure (AMI) device. The GFEP system also includes a GFEP processor operatively coupled to the I/O interface, the GFEP processor is configured to perform a protocol conversion to facilitate transfer of the received data from the SCADA device to a GGSN of a wireless communications network, and provide the received data to the GGSN for delivery via the wireless communications network to the AMI device.

22 Citations

View as Search Results

17 Claims

1. A front end processor system, comprising:
- an input/output interface configured to receive data directly from a supervisory control and data acquisition device, the received data being for at least one of monitoring and controlling an advanced metering infrastructure device;
  
  a processor being configured to;
  
  perform a protocol conversion to facilitate transfer of the received data from the supervisory control and data acquisition device to a general packet radio service gateway support node of a wireless communications network; and
  
  provide the received data to the general packet radio service gateway support node for delivery via the wireless communications network to the advanced metering infrastructure device;
  
  a provisioning manager being configured to provision at least one connection between the supervisory control and data acquisition device and the front end processor system with configuration parameters comprising at least one of a connection type, a protocol used, a source address, a destination address, and a transmission restriction;
  
  a security catalog database configured to store a security profile for the at least one connection, each security profile comprising at least one of a connection type, a supervisory control and data acquisition device characteristic, an allowed protocol, an allowed address, a data transmitted amount, and a data received amount; and
  
  a security manager being configured to;
  
  receive, in response to a particular connection of the at least one connection between the supervisory control and data acquisition device and the front end processor system being initiated, a request for security information from the provisioning manager;
  
  fetch, in response to the request for security information, the security profile associated with the supervisory control and data acquisition device from the security catalog database; and
  
  forward the security profile associated with the supervisory control and data acquisition device to the provisioning manager,wherein the provisioning manager is further configured to use the security profile to provision the particular connection.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The front end processor system of claim 1, wherein in being configured to perform a protocol conversion, the processor is configured to perform a data link layer protocol conversion.
  - 3. The front end processor system of claim 2, wherein in being configured to perform the data link layer protocol conversion, the processor is configured to convert the received data from a first protocol used by the supervisory control and data acquisition device and selected from a group of first protocols consisting of Distributed Network Protocol, Modbus, Modbus X, and Multispeak to a second protocol used by the general packet radio service gateway support node, the second protocol being a data link layer protocol of the Internet Protocol Suite.
  - 4. The front end processor system of claim 1, wherein the processor is part of the general packet radio service gateway support node.
  - 5. The front end processor system of claim 1, wherein the supervisory control and data acquisition device is associated with at least one of electricity generation, electricity transmission, electricity distribution, a manufacturing process, a production process, a fabrication process, a refining process, water treatment, water distribution, wastewater collection, wastewater treatment, natural gas distribution, natural gas collection, oil distribution, oil collection, a defense system monitoring process, a security system monitoring process, a heating, ventilation, and air conditioning process, and energy consumption.
  - 6. The front end processor system of claim 1, wherein the automated metering infrastructure device is a smart grid device.

7. A network architecture for facilitating inter-domain communications between a supervisory control and data acquisition domain and a wireless service provider domain, the network architecture comprising:
- a general packet radio service gateway support node;
  
  a front end processor system, the front end processor system being configured to;
  
  perform a protocol conversion to facilitate transfer of data received from the supervisory control and data acquisition domain to the wireless service provider domain;
  
  provide the data to the general packet radio service gateway support node for delivery via a wireless communications network of the wireless service provider domain to an automated metering infrastructure device;
  
  provision at least one connection of the front end processor system to a supervisory control and data acquisition device of the supervisory control and data acquisition domain with configuration parameters comprising at least one of a connection type, a protocol used, a source address, a destination address, and a transmission restriction;
  
  receive, in response to a particular connection of the at least one connection between the supervisory control and data acquisition device and the front end processor system being initiated, a request for security information;
  
  fetch, in response to the request for security information, the security profile associated with the supervisory control and data acquisition device from a security catalog database storing a security profile for the at least one connection, each security profile comprising at least one of a connection type, a supervisory control and data acquisition device characteristic, an allowed protocol, an allowed address, a data transmitted amount, and a data received amount, wherein the security profile associated with the supervisory control and data acquisition device is used to provision the particular connection.
- View Dependent Claims (8, 9, 10, 11, 12, 13, 14)
- - 8. The network architecture of claim 7, wherein the supervisory control and data acquisition device is associated with at least one of electricity generation, electricity transmission, electricity distribution, a manufacturing process, a production process, a fabrication process, a refining process, water treatment, water distribution, wastewater collection, wastewater treatment, natural gas distribution, natural gas collection, oil distribution, oil collection, a defense system monitoring process, a security system monitoring process, a heating, ventilation, and air conditioning process, and energy consumption.
  - 9. The network architecture of claim 7, wherein in being configured to perform a protocol conversion, the front end processor system is configured to perform a data link layer protocol conversion.
  - 10. The network architecture of claim 9, wherein in being configured to perform the data link layer protocol conversion, the front end processor system is configured to convert the data from a first protocol used by the supervisory control and data acquisition device and selected from a group of first protocols consisting of Distributed Network Protocol, Modbus, Modbus X, and Multispeak to a second protocol used by the general packet radio service gateway support node, the second protocol being a data link layer protocol of the Internet Protocol Suite.
  - 11. The network architecture of claim 7, wherein the supervisory control and data acquisition device is associated with at least one of electricity generation, electricity transmission, electricity distribution, a manufacturing process, a production process, a fabrication process, a refining process, water treatment, water distribution, wastewater collection, wastewater treatment, natural gas distribution, natural gas collection, oil distribution, oil collection, a defense system monitoring process, a security system monitoring process, a heating, ventilation, and air conditioning process, and energy consumption.
  - 12. The network architecture of claim 7, wherein the automated metering infrastructure device is a smart grid device.
  - 13. The network architecture of claim 7, wherein the front end processor system is in communication with the general packet radio service gateway support node.
  - 14. The network architecture of claim 7, wherein the front end processor system is integrated within the general packet radio service gateway support node.

15. A method for facilitating inter-domain communications between a supervisory control and data acquisition domain and a wireless service provider domain, the method comprising:
- performing, by a processor of a front end processor system, a protocol conversion to facilitate transfer of data received from a supervisory control and data acquisition device of the supervisory control and data acquisition domain to a general packet radio service gateway support node of the wireless service provider domain;
  
  providing the data to the general packet radio service gateway support node for delivery via a wireless communications network of the wireless service provider domain to an automated metering infrastructure device;
  
  provisioning, by a provisioning manager, at least one connection of the front end processor system to the supervisory control and data acquisition device with configuration parameters comprising at least one of a connection type, a protocol used, a source address, a destination address, and a transmission restriction;
  
  receiving, by a security manager, in response to a particular connection of the at least one connection between the supervisory control and data acquisition device and the front end processor system being initiated, a request for security information from the provisioning manager;
  
  fetching, in response to the request for security information, the security profile associated with the supervisory control and data acquisition device from a security catalog database storing a security profile for the at least one connection, each security profile comprising at least one of a connection type, a supervisory control and data acquisition device characteristic, an allowed protocol, an allowed address, a data transmitted amount, and a data received amount; and
  
  forwarding, by the security manager, the security profile associated with the supervisory control and data acquisition device to the provisioning manager,wherein the provisioning manager uses the security profile to provision the particular connection.
- View Dependent Claims (16, 17)
- - 16. The method of claim 15, wherein performing the protocol conversion comprises converting the data received according to a first protocol used by the supervisory control and data acquisition device and selected from a group of first protocols consisting of Distributed Network Protocol Modbus, Modbus X, and Multispeak to a second protocol used by the general packet radio service gateway support node, the second protocol being a data link layer protocol of the Internet Protocol Suite.
  - 17. The method of claim 15, wherein the automated metering infrastructure device is a smart grid device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AT&T Mobility II LLC (AT&T, Inc.)
Original Assignee
AT&T Mobility II LLC (AT&T, Inc.)
Inventors
Maria, Arturo
Primary Examiner(s)
Etienne, Ario
Assistant Examiner(s)
Lai, Michael C

Application Number

US12/941,250
Publication Number

US 20120117266A1
Time in Patent Office

1,030 Days
Field of Search

709/232, 370/466, 370/467, 370/328, 370/329, 700/291, 700/295
US Class Current

709/232
CPC Class Codes

H04W 24/00   Supervisory, monitoring or ...

H04W 24/10   Scheduling measurement repo...

H04W 88/16   Gateway arrangements

H04W 88/18   Service support devices; Ne...

GGSN front end processor (GFEP) system for SCADA inter-domain communications

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

22 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

GGSN front end processor (GFEP) system for SCADA inter-domain communications

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

22 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links