Erop1 Leaflet
Erop1 Leaflet
Erop1 Leaflet
FOX615 / FOX612 is ABB’s multiservice platform made for harsh EROP1 key features
utility environment. Its hybrid approach allows a smooth transition • 12 x FE / GbE optical / electrical SFP-based
from traditional TDM to Packet Switched Networks. Mission critical • front interfaces
services with strict timing constraints must be transmitted in a • 10 GbE / GbE backplane connectivity
highly secure and reliable way along with IP-based applications. • (CESM3 resp. CESM1 / 2)
• Up to 4 virtual routing functions / instances (VRF)
EROP1 and its EROP1-F version for fanless FOX-operation • Wire speed forwarding
complement packet switched applications and their transport
• IPv4 unicast routing (IPv6 ready)
across the backbone with IP / routing features paired with
• OSPF v2 (RFC 2328) / static routing
strong cyber security functions. Multiple routing instances
• OSPF authentication (Simple / MD5)
for strict service segregation and support of VRRP for
• VRRPv3 (RFC 5798)
high availability are just few of the many
EROP1 highlights. • 1:1 NAT
• Basic firewalling (ACL rules / DoS protection)
The term EROP1 shall include also EROP1-F • Layer 3 QoS (DSCP)
unless stated otherwise. • 1:1 hardware protection (intra-chassis EQP)
• Maintenance features (Ping / trace route)
Routing across robust transport services
Combining performance and simplicity
GOOSE / SV
Legacy / C37.94
I/O
Concept of Virtual Routers, Routing Instances and By using different VLAN IDs for the virtual router interfaces
mapping to MPLS-TP or alternative transport services connected to the iPort, several VPWS or VPLS services can be
A FOX615 chassis can be equipped with one or several accessed to transport the data across the MPLS-TP backbone.
EROP1 interfaces. The front-side (typically called ‘access /
customer’-side) offers 12 SFP-based GbE-interfaces (see Alternatively, EROP1 iPort traffic can be processed and
simplified scheme in Fig. 03). They are logically connected sent across the backbone as L2-service either via CESM
via up to 256 Virtual Router Interfaces to the 4 virtual router or any other FOX Ethernet interface card (e.g. ETOP).
functions (vrf-n). This allows a high level of traffic
segregation, excellent service control and In an SDH-based backbone the EROP1 iPort traffic can be
enhanced cyber security. mapped on SAMOx – interface cards and based on GFP /
EoS standards into (concatenated) VC-n SDH-containers.
Tagged or untagged traffic can be switched or routed between front
ports or via the iPort (Internal Ethernet Interface) in a redundant way Such flexibility paves the way for a smooth migration from traditional
to the 10 GbE resp. GbE double-star on the FOX615 backplane. TDM networks to MPLS-TP without the need of adding / changing
any hardware or re-wiring.
As typical use-case such traffic is forwarded via the
CESM (Central processing cards of FOX).
03 TEPI / OPIC / TEGO are integrated protection interfaces for distance and differential
protection applications across TDM and PSN including IEC 61850 / GOOSE
FOX615
Router in Access spanning multiple VPRN across network. Access Control Lists (ACL) in addition enable selective
the backbone using NAT and Access Control access to designated end applications and devices. Multiple
EROP1 allows designing distributed, scalable routed networks. VPRN (Virtual Private Routed Networks) per EROP1 with individual
Making use of the integrated NAT functionality helps solving IP topologies like trees or meshed structures may be spanned across
address conflicts when interconnecting different locations and the network, depending on the requirements of the applications.
provides at the same time a first level of security to the routed
04
MPLS-TP / SDH Network
ACL ACL
ACL ACL
Router in Aggregation including Quality At the same time the traffic may as well be policed to keep
of Service and Traffic Policing bandwidth under control throughout the network, end-to-end.
No matter whether the networks span within an MPLS-TP domain
or are extended to a switched Layer 2 domain, EROP1 together Within the MPLS-TP domain, multiple access locations may be
with the FOX615 chassis switch features allow to collect and attached via VPLS (or VPWS). Where Layer 2 switched access is
aggregate data in a controlled manner. Quality of Service (QoS) implemented, the data is collected via VLAN interfaces through
is enforced at the edge of the network by means of chassis the chassis switch. The user / customer QoS information
switch features (PCP, DSCP or Interface-based classification). is tunneled transparently through the routed network.
05
MPLS Switched L2 /
MPLS Core
Aggregation MPLS Access
06
RTU
EQP
VRRP
Virtual
Router RTU
SCADA
Server
RTU
EQP
EROP1 security features • ACL as stateless packet filter function with the capability
EROP1 offers a comprehensive set of security features addressing of applying multiple filter rules individually to router interfaces
management- and data-plane. Selected examples are: up to layer 4 (e.g. TCP / UDP source / destination, protocol filter,
• Individual rate limiters are applicable for: DSCP, ICMP type, IP source / destination)
- Physical ports controlling NATed traffic • Stateful, configurable Firewall acting based on packet inspection
at protocol layer
- For traffic to host CPU controlling the management plane (e.g.
handling of ARP and OSPF requests and protecting the
management against DoS attacks) To address typical utility applications like SCADA or hierarchical
- Individual services video-surveillance systems, the EROP1 facilitates easy
implementation of logical tree structures used e.g. by RTUs (as
“leaf” of tree) reporting to front-ends or control-centers (“root”)
while communication between leaves shall be prevented. Therefore
the user can define “Protected” or “Public” interfaces where
“Protected” ones cannot exchange data with each other.
07
Protected
Public
Router C
Server
10 GbE star
Number of virtual router interfaces 256 assignable to any virtual router instance
Numbered
Addressing mode
Unnumbered
Aging time for automatically learned addresses Configurable per unit, 100 s … 1’800 s
1500 bytes
IP MTU frame size (routing)
Hardware ready for MTU size up to 9000 bytes
12 on front ports
Maximum number of enabled rate limiters
256 on virtual router ports
Ethernet counters
Capacity status
ARP table
Status functions
Routing table
OSPF status
OSPF statistics
Mechanical Parameters
Power dissipation on unit Basic consumption (ports off) 13 W Basic consumption (ports off) 13 W
VBAT = nominal voltage Maximum consumption 30 W Maximum consumption 30 W
Reliability
Calculated MTBF at 35°C (MIL-HDBK-217F) >60 years (SFPs are not considered) >42 years (SFPs are not considered)
Environmental
WEEE Waste of Electrical and Electronic Equipment (acc. Directive 2002 / 96 / EC)
Hitachi Energy We reserve the right to make technical We reserve all rights in this document and in
marketing-update@hitachienergy.com changes or modify the contents of this the subject matter and illustrations contained
© 2022 Hitachi Energy. All rights reserved. document without prior notice. With regard therein. Any reproduction, disclosure to
to purchase orders, the agreed particulars third parties or utilization of its contents – in
shall prevail. Hitachi Energy Ltd. does not whole or in parts – is forbidden without prior
accept any responsibility whatsoever for written consent of Hitachi Energy Ltd.
potential errors or possible lack of information
www.hitachienergy.com in this document. 4CAE000553