In order to bring you the best possible user experience, this site uses Javascript. If you are seeing this message, it is likely that the Javascript option in your browser is disabled. For optimal viewing of this site, please ensure that Javascript is enabled for your browser.
Home Resources Success Stories Application Briefs

Cyber-Secure Smart Grids for Power Utilities

RAD’s 100% Fail Safe SCADA-Aware Solution Provides Superior Data Security

Typical Application

  • Transport critical data over packet switched networks

Typical Users

  • Power utilities
  • Carriers providing communications networks to power utility customers

When a power utility upgrades its infrastructure to Smart Grid, one of the first items on its agenda is to confirm that all IP communications within the network, and all points of contact with outside networks, whether accessible by landline or only be cellular, are 100% fail-safe.

Any Smart Grid solution has to comply with local governmental regulations for network security. These often require a complete separation between sub-networks serving different operational functions – automated meter reading (AMR), remote terminal units (RTUs) and facility lighting. In cases in which laying a landline connection between different network nodes is either impossible or not cost-effective due to distances and geographic isolation, IP switches have to be connected to cellular networks. In addition, should a land-line failure occur, the network needs to be able to switch instantly and securely to a cellular backup. Since some segments of the network will inevitably utilize both cellular and land-based connections, network switches have to be capable of integrating both and transition backhaul traffic between them. Nonetheless, given that network optimization is always a key requirement, all network elements must guarantee quality of service (QoS), be it over wireline or cellular connections.

RAD’s Award-Winning Cyber Security Solution

RAD’s award-winning SecFlow Ethernet switches/routers provide resilient, managed cyber security controls specifically designed to address the needs and vulnerabilities of power utilities. SCADA-aware data attack detection and prevention mechanisms ensure service validation, while support for the IEC-104 protocol enables the examination of each data packet entering each switch’s port to match it to the rules defined by the user. SecFlow utilizes Dynamic Multipoint Virtual Private Network (DMVPN) with DMVPN encryption and Virtual Routing and Forwarding (VRF) to create an airtight segmented connection between different nodes serving various operational needs.

NERC-CIP compliant and IEC 61850-certified, SecFlow’s communications and critical-asset protection guarantees security even in remote substations. All this combines to provide fail-safe distributed security, basically rendering the network impregnable to external threats.

A variety of communication interfaces enable SecFlow to provide end-to-end Ethernet connectivity over copper, fiber, power over Ethernet (PoE), wireless, or cellular links –2G, 3G and LTE – using a dual-SIM modem, which, in essence, functions as two separate modems working in parallel. In this way, SecFlow is able to feature redundancy with instant automatic failover, guaranteeing service assured communications. SecFlow also supports dynamic quality of service (QoS) for both fiber and cellular networks to address high network load or partial network failure situations.

Ruggedized to Tolerate Extreme Environments

The ruggedized SecFlow devices offer the highest available tolerance levels to electromagnetic radiation, as well as vibration, extreme temperature variation (both high and low), and very high humidity. SecFlow can be installed and swapped on any Din rail-compatible equipment rack. Compact in size, it can easily be fitted in a pole-mounted utility cabinet.



Per-port SCADA-aware data attack detection

Provides distributed security and service validation for any SCADA protocol

Supports DMVPN, encryption and VRF

Airtight segmented connection between different nodes serving various operational needs

Dual-SIM modem

System redundancy and instant automatic failover in the case of physical damage to the fiber cable

Dynamic QoS

Prioritizes communications and protocols in the event of high network load or partial network failure

Ruggedized enclosure

Highest available tolerance to electromagnetic radiation, vibration, extreme temperature variation, and humidity

Compact size

Fits small pole-mounted utility cabinet


Required information
Contact an Application Engineer 
Critical data over a PSN