S T R A T E G I C W H I T E P A P E R

Evolution of Next-Generation Wireless Communications

for Energy Plants and Facilities

Two-way wireless communications for mobile personnel is becoming a key requirement

for streamlined operations within an energy plant. It enables the dispatch of personnel,
provides them with the necessary documentation and drawings to perform their
function, and allows them to collaborate, through multiple media, with other technicians
and experts real-time, without diverting, interrupting, or delaying key activities.

This paper will discuss the role of next-generation wireless networks (Wi-Fi, WiMAX, and
3G Cellular) in enabling two-way, IP-based, multi-media communications, and delivering
the required performance, reliability, and security. It is intended for plant operations and
IT managers who are considering an evolution of their existing, more traditional wireless
solutions.

The following implementation considerations will be addressed: licensed and unlicensed

spectrum use and availability; air interface techniques to minimize interference; power
management approaches for wireless infrastructure equipment; use of wireless location
services for asset tracking and personnel safety; wireless LAN security management,
encryption, and channelization; quality of service and reliability; and regulatory
considerations. These areas will be discussed and illustrated via specific case studies
where key energy facilities are evolving to these new wireless technology solutions.
ii Alcatel-Lucent | Evolution of Next-Generation Wireless Communications for Energy Plants and Facilities
Table of Contents

1 Introduction

1 Application Requirements

2 Design Considerations

2 Licensed Versus Unlicensed Spectrum

2 Air Interface Techniques

3 Power Management

3 Location Services and Personnel Safety

3 “Thin” Access Points

3 Link Encryption

4 Channelization

4 Firewalling and Virtual Private Networks (VPNs)

4 QoS Awareness/Support

5 Mesh Architectures

5 Roaming Solutions

5 Regulatory Considerations

6 Solution Design Process

6 Case Studies

7 3G DAS Solution

7 In-Plant Wi-Fi Evolution

8 Wi-Fi in the Substation

9 Conclusion

10 About the Authors

Alcatel-Lucent | Evolution of Next-Generation Wireless Communications for Energy Plants and Facilities iii
iv Alcatel-Lucent | Evolution of Next-Generation Wireless Communications for Energy Plants and Facilities
Introduction

Energy plants and facilities require a variety of wireless communications to enable efficient
operations. Plant workers and technicians must be able perform their tasks (e.g., nuclear plant
refueling) at the required point of delivery, without having to extricate themselves from the
work in progress to collect or provide supporting information. This requires two-way flow of
voice, data, and images to and from appropriate mobile endpoint devices. It also requires
wireless communications solutions that can provide indoor and campus coverage in a
challenging walled, shielded, and hazardous plant environment, while meeting the safety,
reliability, and security requirements that are inherent in such an environment.

A number of next-generation wireless technologies are currently being examined and adopted
to support these requirements. These include Wi-Fi, WiMAX, and 3G Cellular. In contrast to
the traditional Land Mobile Radio (LMR) solutions, these technologies provide the high
bandwidth, multi-media communications necessary to support the emerging needs and
applications. In applying these technologies, however, it is important to understand their
limitations relative to the critical communications requirements addressed by traditional LMR
solutions and to roadmap the solution architecture and design accordingly.

The remainder of this white paper will discuss the role of next-gen wireless technologies, and
the key requirements and design considerations in their implementation, supporting energy
facility communications. These will be illustrated in specific implementation case studies at
the conclusion of this document.

Application Requirements

Following are some key requirements that must be addressed in a next-gen wireless solution
for an energy plant:
• Coverage – The wireless solution must be capable of providing ubiquitous coverage for all
areas within the plant where mobile workers are likely to be deployed.
• Safety – The in-plant wireless access points, switching infrastructure, and endpoints must
all meet the appropriate certification requirements for hazardous environments.
• Virtualization – Traffic associated with operations, corporate applications traffic, and traffic
destined for public networks must all be strictly partitioned. Further separation of traffic
types by application may likewise be desirable.
• Non-Interference – In-Plant wireless communications must be resistant to both malicious
and inadvertent interference.
• Communications Security – Sensitive communications must be protected from intercept or
modification, from the endpoint through to its destination.
• Authentication – Communicating parties/endpoints must be reliably authenticated prior to
gaining access to the wireless network.
• Reliability – Continuity of wireless communications must be assured in the face of potential
losses along the communications path.
• Performance – The solution must support the end-to-end latency, loss, and jitter thresholds
necessary to support the required traffic types.
• Manageability – The security, performance, and reliability of the solution must be easy to
administer and maintain.
• Regulatory Compliance – Key regulations (e.g., NERC CIP) must be met by the
technology relative to its use in providing networking for critical applications.

Alcatel-Lucent | Evolution of Next-Generation Wireless Communications for Energy Plants and Facilities 1
Design Considerations

These requirements may be met through next-gen technology by applying appropriate

considerations in the solution design. Following are some key design considerations for a
next-gen, in-plant wireless deployment.

Licensed Versus Unlicensed Spectrum

In order to meet the requirements above for critical communications, and, in particular, non-
interference, a licensed spectrum solution is likely to be required. A Wi-Fi solution, therefore,
may be restricted in its application to non-critical plant communications, due to the fact that
the standard confines it strictly to unlicensed spectrum. While spread spectrum techniques
may be used to partially mitigate this limitation, unlicensed spectrum is inherently vulnerable
to interference. As such, Wi-Fi may be viewed as a component or stepping stone in the
evolution of a comprehensive in-plant wireless solution, but may be fundamentally limited in
providing full support for the end-game solution. Customers may choose to deploy Wi-Fi, or
pre-WiMAX unlicensed solutions for non-critical plant communications today, and then
upgrade them to licensed solutions to incorporate critical communications in the future.
There are products on the market that support such an evolution path through access point
solutions that allow co-resident licensed and unlicensed modules. An evolution path may be
planned to leverage these capabilities.

On the licensed spectrum side, WiMAX and Cellular Distributed Antenna System (DAS)
solutions may be used within the building to assure additional security and resistance to
interference. Selection of appropriate spectrum is dependent on the communications
characteristics required for the target applications, and on spectrum availability from
owners/providers in the area. The availability of licensed spectrum, the equipment that
supports it, and the equipment’s ability to support the necessary performance, security,
reliability and safety requirements are a key input to the chosen solution design.

Air Interface Techniques

Regardless of the operating spectrum selected, spread spectrum techniques, as supported by

next-gen radio equipment providers, offer additional protection against both malicious and
inadvertent interference. The characteristics of such mechanisms supported by candidate
equipment should be analyzed for their benefits in assuring quality of communications.

Over long distances, WiMAX 802.16e uses OFDMA in the 2.5 GHz (primary in North
America) and 3.5 GHz (primary in Western Europe). WIMAX nominally requires 20 to 30
MHz of licensed spectrum. WiMAX Forum specify, for example, 5 and 10 MHz channel
profiles at 2.5 GHz in the US. Multiple such channels may be operated per base station,
requiring 20-30 MHz per operator. Other spectrum options and profiles are emerging (e.g., at
700 MHz, 1.5 MHz), with current visibility to the standards and regulations a key to a
successful solution

2 Alcatel-Lucent | Evolution of Next-Generation Wireless Communications for Energy Plants and Facilities
For larger bandwidth at medium distance,Wi-Fi 802.11g (unlicensed 2.4GHz) and Wi-Fi
802.11a (unlicensed 5GHz) operate in OFDM mode and exploits 20MHz wideband channels.
For Wi-Fi 802.11a, FCC has divided the total available 300 MHz band into three distinct 100
MHz domains, each with a different legal maximum power output. The “low” band operates
from 5.15 – 5.25 GHz, and has a maximum of 50 mW. The “middle” band is located from
5.25 – 5.35 GHz, with a maximum of 250 mW. The “high” band utilizes 5.725 – 5.825 GHz,
with a maximum of 1 W.

For lower bandwidth at short distance equipment control / command systems sometime use
unlicensed frequency 868 / 870 MHz in wideband channel configuration, with 250 kHz
spectrum at limited power up to 500mW.

Power Management

The goal of power management is to enhance the battery life of advanced portable wireless
devices in the large facility environment. This service adjusts the WLAN operation to
coincide with the sleep-cycle of a particular device, enabling the device to power down at
regular intervals without missing a data transmission from the network.

Location Services and Personnel Safety

These services are intended to identify the location of a piece of equipment or a person
within a building or campus complex. Organizations such as Energy Plants could use this
service to keep track of key equipment as it moves throughout the facilities. A wireless service
that locates people could be used to support the E911 requirement that when someone calls
911, both the calling number and the location of the caller, must be available to the 911
operator. This can be implemented with Wireless terminals including SoS button, man down
and no-motion sensors or ID- badge holders including Wireless radios.

“Thin” Access Points

Another consideration in the chosen solution is the support for “thin” versus “fat” access
points. For optimum coverage, the next-gen solution should certainly support the ability to
distribute access point antennas throughout the facility for optimum coverage, but
distributing other access functionality, such as mobility, policy, encryption, and
authentication, may create a complex environment for ongoing management. As such, plant
managers should consider solutions that allow centralized application and administration,
while supporting the necessary antenna distribution required for coverage. Such solutions
must be carefully designed and engineered to assure coverage continuity and efficiency of
management.

Link Encryption

Link encryption is a necessary mechanism to authenticate endpoints, and to protect the

confidentiality and integrity of traffic over the wireless connection. If software-configurable
keys are used (e.g., per Wi-Fi WEP, WPA solutions), a secure procedure must be established
for their distribution. More appropriately, selected endpoints should use Extensible
Authentication Protocol- (EAP-) based solutions, per WPA-2, WiMAX, and 3G cellular
standards, and include integrated hardware capabilities (e.g., Subscriber Identity Module
(SIM) cards) that may be used for both authentication and key management.

Alcatel-Lucent | Evolution of Next-Generation Wireless Communications for Energy Plants and Facilities 3
 Channelization

The ability of the in-plant solution to support multiple simultaneous channels to separate
different communications types is a critical tool to partition critical and non-critical
communications. Available spectrum must be budgeted properly to support the throughput
required by the different application types, while maintaining their over-the-air separation.
Proper design and engineering is essential to assure the necessary performance and
partitioning.

Firewalling and Virtual Private Networks (VPNs)

Channelization, as discussed above, provides the partitioning and virtualization of traffic over
the air, but on the wireline side of the access points, like separation must be provided and
enforced. Firewall and Virtual Private Network (VPN) devices may be used to extend, and
even further partition, the separation enforced over wireless access back through the wired
portion of the Local Area Network (LAN) and into the Wide Area Network (WAN).
Separate VPNs may be established to ensure the mutual security and performance of:
• operational vs. corporate,
• critical vs. non-critical, and
• video vs. voice vs. data.

Firewalling at shared facilities ensures that the interfaces between these separate virtual
networks are properly controlled.

Sophisticated location or function specific services can be created using multiple Virtual
Service Communities ( VSC). Traffic from each VSC can be segmented and directed to
separate network operations centers. Bandwidth can be allocated per VSC and per user using
the service’s wide array of bandwidth management features. All traffic can be mapped to a
specific VLAN, limiting access to specific network resources. At the same time, QoS policies
eliminate competition for limited WLAN bandwidth between the guest and internal services
that are sharing the network.

QoS Awareness/Support

Similar to preserving traffic separation and security from wireless to wireline, the prioritization
of traffic, and allocation of preferred bandwidth to assure performance must be preserved
throughout the solution. The ability of the access points to mark incoming traffic for priority
treatment in the network, and the downstream capability of the LAN and WAN
infrastructure to apply the necessary priority and reserve associated capacity is essential to
achieve the necessary Quality of Service (QoS) for critical applications, voice and video. The
end-to-end communications must be designed and engineered to meet the performance
requirements necessary to assure critical communications, and to support real-time
applications, such as voice and video.

4 Alcatel-Lucent | Evolution of Next-Generation Wireless Communications for Energy Plants and Facilities
Mesh Architectures

The ability of the chosen next-gen technology to support a mesh architecture is a key
consideration, to ensure both coverage and reliability, particularly in campus environments.
In such an architecture, individual nodes may act as both access points for their coverage
area, and as backhaul nodes for more remote access points. Multiple alternative backhaul
points may be engineered for a given access node to provide greater reliability in the event of
individual node or link failures. Such solutions are available today via pre-WiMAX
technology, with evolution to standard WiMAX imminent.

Roaming Solutions

Critical communications cannot be interrupted as the endpoint homes to a new access point.
3G cellular DAS solutions handles these hand-offs as a matter of course. With the
deployment of 802.16g equipment, the necessary roaming and hand-offs are addressed in
WiMAX as part of the standard.

For Wi-Fi, or cross-technology roaming, however, proprietary solutions abound, and must be
evaluated relative to their ability to support truly seamless mobility and hand-offs. Support of
the solution for emerging standards such as Unlicensed Mobile Access (UMA) and the IP
Multimedia Subsystem (IMS) should be considered in choosing across such solutions, as these
are the standards that are likely to be supported by the carrier market, thus driving future cost
and availability of supporting equipment and endpoints.

Regulatory Considerations

Radio solutions must be operated in compliance with FCC regulations. Such compliance must
be assured to avoid fines, even for unlicensed radio use.

Solutions must be chosen and engineered that implement the necessary requirements for
operations in a hazardous environment. Deficiencies in equipment may need to be offset
through physical enclosures or solution designs that provide the necessary safety
characteristics.

Likewise, the selection of the equipment and its ultimate installation may be impacted by the
North America Energy Reliability Corporation’s (NERC’s) Critical Infrastructure Protection
(CIP) standards. If the deployed infrastructure comprises the utility’s Electronic Security
Perimeter, or represents a Critical Cyber Asset, its physical security must be carefully
engineered (e.g., per the requirements of CIP-006), and may be subject to specific security
analysis, access controls, and management (per CIP-005, CIP-007, etc.). Likewise, personnel
with access to the equipment may be subject to specific screening and training (per CIP-004).

Alcatel-Lucent | Evolution of Next-Generation Wireless Communications for Energy Plants and Facilities 5
Solution Design Process

Expert engineering resources are essential to assist with the application of these
considerations into a solution addressing the required communication types and coverage
area. Such resources can provide full lifecycle planning, engineering, deployment, and
operations support, from business case analysis through network operations, administration,
and maintenance. Figure 1 below shows the lifecycle for an in-plant wireless deployment, and
the associated key activities.

Detailed
Data Network Design
Collection & Planning & and Installation
Site Survey Engineering Economic
Analysis

• Determine bandwidth • Integrate requirements with • Specify access in detail • Arrange for material
requirements available bandwidth • Network design delivery
• Power, grounding, cabling • Understand • Quantify costs • Assemble equipment
• Determine site infrastructure interference/choose spectrum and cabling
• Placement of all devices/cables
requirements antennas, access • Capacity planning • Test the installation
points, electrical and grounding • Finalize Bill of Materials
• Security assessment
requirements, cabling and bill • Develop testing procedures
of materials • Detailed specification of
hardware • Prepare project schedules
• Determine demarcation points
• Develop hardware
• Determine equipment layout configurations and drawings
• Identify potential problems • Design cabling and power runs
• Design equipment mounting
arrangements

Documentation Technology Detailed Site

Approach System Design operationally
ready
Figure 1 – In-Plant Wireless Deployment Key Activities

Case Studies

Alcatel-Lucent has applied this process for a variety of customers using a range of next-gen
technologies. This section will describe some example solutions, and the benefits achieved
through deployment of the selected next-gen technologies.

6 Alcatel-Lucent | Evolution of Next-Generation Wireless Communications for Energy Plants and Facilities
3G DAS Solution

BUSINESS CHALLENGES

An energy industry customer had three nuclear power plants. Each plant represented a
campus environment of over one million square feet. During refueling operations, performed
every 18 months, each day of outage for these plants represented an estimated cost of $1M.
Ineffective communications were requiring refueling workers to leave the controlled
radiological area where the fuel rods are handled to consult with external sources.

SOLUTION APPROACH

A DAS solution was provided to extend cellular coverage from a partner service provider
within the power block and containment building, to enable intra-plant wireless
communications. Thus, communication during refueling no longer required that the
workforce leave the controlled areas. Instead, they could request and receive necessary source
information without interrupting their refueling activities.

SERVICES DELIVERED

In realizing this solution, Alcatel-Lucent managed the project, performing site surveys, doing
the associated RF planning and design, and testing, activating and optimizing the installed
solution.

BENEFITS

In the first refueling using the new network for communications, the customer was able to
reduce work time by 8 hours, saving an estimated $333,000. By replicating this solution over
their three plants, the customer saved an estimated $1M every 18 months, and no longer had
to leave the hazardous radiological area unattended during refueling.

In-Plant Wi-Fi Evolution

BUSINESS CHALLENGES

A second customer with embedded non-nuclear power plants was looking for an efficient
means to establish common infrastructure for:
• automated data collection of around boilers and other critical infrastructure,
• barcode-based warehouse operations,
• video monitoring for safety/security and data collection,
• ability to call up reference manuals and drawings during maintenance activities,
• RFID for employee safety assurance, and
• Voice services for non-critical, in-plant communications.

Alcatel-Lucent | Evolution of Next-Generation Wireless Communications for Energy Plants and Facilities 7
 SOLUTION APPROACH

A campus Wi-Fi solution was deployed to provide broadband wireless access across these
applications. “Thin” access points were distributed to provide optimal coverage at minimum
expense, while management and administration functions, including intrusion detection for
unauthorized access, were designed to reside in a smaller set of centralized servers. EAP-based
encryption, and CCX protocol for roaming were key considerations in the identification of
end-point devices (sensors, bar code readers, RFID tags, etc.) to support the target
applications, as well as support for 802.11g to maximize bandwidth availability at access
points.

SERVICES DELIVERED

Once again, Alcatel-Lucent performed the site surveys, RF planning and design, and test,
activation and optimization. In addition, however, Alcatel-Lucent also performed deployment
and installation, and ongoing maintenance and operations of the solution on behalf of the
customer.

BENEFITS

The customer is able to more effectively track and monitor resources within the plant, and to
improve efficiency of technician operations through more timely access to information. Plant
safety is improved by enhanced video monitoring and RFID tracking. Finally, the cost of
adding and managing individual corporate voice lines within the plant has been reduced
significantly, and worker mobility has been enhanced.

Wi-Fi in the Substation

BUSINESS CHALLENGES

As part of a transformation of their infrastructure to IP to enhance electricity delivery

reliability and control, an overseas customer was looking to establish IP communications
infrastructure within their zone substations. The required wireless infrastructure would
supplement existing wired infrastructure used for SCADA, and would provide support for all
other internal communications, including operational voice.

SOLUTION APPROACH

For this Power Utility, information security was paramount. Adopting a Wi-Fi solution that
was independently certified for the FIPS (Federal Information Processing Standard) 140-2
level 2 standards was a key assurance of security for mission-critical operational services.
Manageability and security is further enhanced with a solution based on a centralised
controller and thin Access Point architecture.

The Wi-Fi network allowed the workforce to roam around the vicinity of the substation
without losing their connection or impacting application performance.

8 Alcatel-Lucent | Evolution of Next-Generation Wireless Communications for Energy Plants and Facilities
 Use of built-in Automatic Radio Management (ARM) smarts ensured Over-the-air reliability
by automatically calibrating access points for optimal coverage and channel usage, detects and
corrects and coverage holes or RF interference, performs multi-band RF scanning and load-
balances traffic.

Support of mission-critical operational voice required use of built-in voice classification and
QoS mechanisms as well as other voice services such as call admission control (CAC) and
load balancing.

SERVICES DELIVERED

Alcatel-Lucent provided consultation for the planning, design, and engineering of the
wireless LAN and the inter-substation IP/MPLS backbone.

BENEFITS
• reliable, secure voice, data and video communications to all operational staff attending
substations,
• access to full on-line resources (drawings, fault histories, configurations, standards) from
anywhere with the substation,
• reliable operational voice communications with central operations and support teams,
• video for more remote analysis of on-site situations,
• independence from public carriers (both in terms of communications reliability and
avoidance of service denial during emergencies),
• support of non-critical enterprise communications at lower QOS.

Conclusion

Next-gen wireless technology provides many benefits to an in-plant communications

environment, if engineered effectively, and can provide demonstrated savings for key
operations. Current designs must be executed carefully to ensure that key application
requirements are met today, while providing an evolution path to the requirements of
tomorrow’s applications. Thus, today’s solutions must be designed using not only the solution
elements that provide best-in-class capabilities in the current environment, but to evolve
with the emergence of:
• WiMAX standards,
• Licensed spectrum availability,
• Power management solutions,
• Security standards (encryption, authentication, VPN, management),
• Mobility management for roaming (802.16e/g) and dual mode service (UMA, IMS),
• QoS and reliability architectures, and
• Regulatory actions.

Expert resources, versed in both today’s technologies and these emerging directions, are key to
supporting the planning, design, deployment, operations, administration, and maintenance of
next-gen in-plant wireless solutions.

Alcatel-Lucent | Evolution of Next-Generation Wireless Communications for Energy Plants and Facilities 9
About the Authors

Jonathan D. Weiss
Alcatel-Lucent

Jonathan has been working in reliable, secure, mission-critical networking for over 25 years.
Early in his career, he led the development of secure systems for Federal Government
applications, including the first multi-level secure version of the UNIX® system evaluated by
the National Computer Security Center, and associated networking and Intrusion Detection
System capabilities. He also led the development of security engineering and software
reliability requirements for command and control networks for the Strategic Defense
Initiative (SDI) program that were subsequently adopted as standards within the Department
of Defense. He has led consulting practices in security, and reliable software engineering, and
has designed network and IT application solutions for service provider, enterprise and
government customers. Previously, he led the development of security, reliability and quality
of service requirements for select Alcatel-Lucent products, services, and solutions. Most
recently, been responsible for defining and marketing solutions for reliable networks for the
energy industry.

Tim Mew
Alcatel-Lucent

Tim Mew currently works in Alcatel-Lucent’s Enterprise and Government Services division,
with specific responsibilities for managing and evangelizing Services-based solutions for the
global Oil & Gas and Power Utilities markets.

Prior to this, Tim was the head of the Solution Design and Innovation team in Australasia,
specializing in Railways, Highways, Oil & Gas and Security solutions. Tim’s generalist
background is well-suited for the end-to-end integrated solution requirements of Enterprise
and Government customers. It has included architecture, technology planning and service
development disciplines in the technology areas of Next Generation Networks, VoIP,
Intelligent Networks, PSTN, CTI, Internet and IP, CCTV, e-commerce, and wireless
communications.

Before joining Alcatel, Tim had had diverse roles in Australasia, ranging from Architecture
Manager, Senior Engineer, Brand Manager and CTO roles in a number of industries including
two challenger carriers (AAPT and CLEAR Communications), an ISP (IHUG), and an
ecommerce incubator (eVentures NZ), respectively.

10 Alcatel-Lucent | Evolution of Next-Generation Wireless Communications for Energy Plants and Facilities
Peter Johnson
Alcatel-Lucent

Peter’s career has taken him into a wide variety of experiences in the communications market
working variously for vendors, managed services providers and a UTelco. After a period with

Nortel (equipment vendor) and then Racal Data Networks (managed services operator). In
1993, Peter joined National Grid’s UTelco operation: Energis. Here, he was initially
responsible for the definition and deployment of the services infrastructure and subsequently
for regulatory affairs and interconnect services. In 1997, Peter moved to Alcatel and
contributed directly to the successful development of the network applications business and
then the outsourcing and managed services business, with several significant wins under his
belt.

Peter’s current role is as Vice President for Utilities within Alcatel-Lucent’s Services Business
Group, leading the company’s approach to this market segment.

Alcatel-Lucent | Evolution of Next-Generation Wireless Communications for Energy Plants and Facilities 11
www.alcatel-lucent.com
Alcatel, Lucent, Alcatel-Lucent and Alcatel-Lucent logo are trademarks of Alcatel-Lucent. All other
trademarks are the property of their respective owners. The information presented is subject to change
without notice. Alcatel-Lucent assumes no responsibility for inaccuracies contained herein.
© 2007 Alcatel-Lucent. All rights reserved.