Presentation is loading. Please wait.

Presentation is loading. Please wait.

Geneva, Switzerland, 15-16 September 2014 Security by Design in Smart Grids A Need to Rethink ICT in Power System Controls Carsten Strunge, Senior Development.

Published byQuinn Wickson Modified over 9 years ago

Similar presentations

Presentation on theme: "Geneva, Switzerland, 15-16 September 2014 Security by Design in Smart Grids A Need to Rethink ICT in Power System Controls Carsten Strunge, Senior Development."— Presentation transcript:

1 Geneva, Switzerland, 15-16 September 2014 Security by Design in Smart Grids A Need to Rethink ICT in Power System Controls Carsten Strunge, Senior Development Engineer, Energinet.dk cas@energinet.dk ITU Workshop on “ICT Security Standardization for Developing Countries” (Geneva, Switzerland, 15-16 September 2014)

2 Geneva, Switzerland, 15-16 September 2014 2 The Challenge of Balancing Wind Power and Electricity Consumption 2012 2035 Approx. 30 pct. of classic demand Approx. 75 pct. of classic demandApprox. 140 pct. of classic demand 2050 (scale 1:1)

3 The Challenge to Utilization Renewabel Power Geneva, Switzerland, 15-16 September 2014 3 50,0 Hz 49,5 Hz 50,5 Hz Power production Consumption New paradigm:  More load must follow production. Not just locally, but cross boarder * Local balancing should only be for congestion management.

4 The Challenge of the Changing Power System Geneva, Switzerland, 15-16 September 2014 4 SC HVDC NO/SE HVDC NL HVAC DE HVAC SE 400 kV 10 kV 0,4 kV SVC 150 kV 60 kV

5 The Generalized Stakeholder and Domain Model (from NIST) Geneva, Switzerland, 15-16 September 2014 5

6 What is the problem? Internet is chosen as carrier of data (economy) Internet does no longer offer secure communication But it can be secured by: Ensuring authenticitet (”user identification”) Securing data in motion (by encription) Securing data at rest (on devices level) Building security into control processes And it is necessary to continuously monitor the entire system (both Electric Power and ICT) Geneva, Switzerland, 15-16 September 20146

7 What is Security by Design in Smart Grid? Security and robustness in data exchange X.509, PKI RBAC, IEC61850 and SecureMMS, CIM and “SecureCIM” Secure and robust data storage Access to data at the source Roll Based Access Controls (RBAC) at source Secure and robust data processing Semi-offline controls though exchange of schedules Distributed controls with clear client-server relations Secure and robust fall-back schemes Detection of abnormal behavior Segmentation and isolation of “infected” processes and ICT-networks Fall-back concepts Geneva, Switzerland, 15-16 September 20147 To have information security thought into the power system control concepts.

8 Basic Elements in the Smart Grid Control Loop and Client-Server Relation Geneva, Switzerland, 15-16 September 2014 8 Control1 (Client agent) Communication Control2 (Other clients) Control box w. RBAC (Agent or Gateway) Sensor Actuator (Server) Power System Status for availibility Control and information data

9 Elements in the Smart Grid Control Loop - Prosumer Relation Geneva, Switzerland, 15-16 September 2014 9 DSO Voltage and Emergency controls (SCADA) Communication (Fiber, PLC, GPRS, ?) Communication (Internet) Market Aktor Commercial Operation (Aggregator) Control box w. RBAC (Agent or Gateway) Sensor Meter Actuator DER, CHP HP, EV etc. Power System Status for availibility Control and information Energy og online power E.g. via AMR/AMI data

10 Local Technical VPP and Commercial VPP in Smart Grid Geneva, Switzerland, 15-16 September 2014 10 Control TekniskVPP (Agent) Market actor A ComVPP Market actor B ComVPP 10/0,4 kV Communication (Internet) AMI/AMR Tech + ComA + ComBTech + ComATech + ComA + ComB Tech + ComA

11 Proof of Concept Demonstration Geneva, Switzerland, 15-16 September 2014 11 CHPCOM project Combined Heat and Power Communication CHPCOM Secure IEC 61850 based Information Exchange in a Danish Context

12 CHPCOM– is testing standards to make assets Smart Grid Ready 12 DSO/DNO Balance responsible Flexibility Market Aggregator Technical control Generator CHP plant Control Power sale Power buy  ~   Internet Accumulator Electric Boiler Power Market TSO Data Measurement International data exchange standard IEC 61850 Secured according to IEC 62351 Supply of services Local resources to balance the local grid Market control Measurement Data Measurement New District heat Solar heat See: www.chpcom.dk (not yet available in English)www.chpcom.dk

13 CHPCOM – Role Based Access Control Geneva, Switzerland, 15-16 September 2014 13 CHPCOM RBAC unit incl. IP-Firewall Internet IEC62351-4 SecureMMS from SISCO IEC62351-8 RBAC from EURISCO

14 RBAC structure in IEC 62351-8 - Whitelisting, Roles and Rights Geneva, Switzerland, 15-16 September 2014 14 Subject Person/system whitelisted and identified by X.509 based certificate, whishes access to a resource Example Roles Rights Operations Objects Roles define basic user rights Rights defines access to specific functions Functions can conduct specific actions at resource Resource read or write data DCIP1.EngCtl.ctlVal Start engine #1 Write Egon Olsen BRP Operator IEC TS 62351-8 IEC 62351-8 also applies to IEC TC57 CIM-standards

15 The CHPCOM data flow Geneva, Switzerland, 15-16 September 2014 15 RBAC s/MMS 61850 GW 6185 0 DB SCAD A DB RTU MMS SCADA s/MMS SecureMMS Gateway SCADA SCADA fronten d MMS INTERNET Firewall PKI Components

16 CHPCOM Information Security Activities Implementation of PKI-elements X.509 certificates with encoded roles Automated certificate handling SecureMMS IEC 62351-8 RBAC gateway Security Analysis PKI policies. Clients and Servers policies for installation and secure management. Standardisation Feedback to basic X.509 standard (ITU-T SG17) with specific Smart Grid requirements; Feedback to IEC 62351 (TC57 WG15) on SecureMMS and RBAC implementation Identify legislative needs Identify the legislative requirements in Denmark. Dialog with key stakeholders. Geneva, Switzerland, 15-16 September 201416

17 Conclusions and Recommendations What we found Smart Grid needs from ITU-T Automated machine2machine solutions e.g. for certificate renewal Local certificate whitelists Strong processes for initial certificate “bootstraping” Multiple associated parallel PKI E.g. Smart Grid-PKI, Smart Meter-PKI, EV-PKI, etc. And not least a good cooperation between ITU-T and IEC TC57. Geneva, Switzerland, 15-16 September 2014 17

Download ppt "Geneva, Switzerland, 15-16 September 2014 Security by Design in Smart Grids A Need to Rethink ICT in Power System Controls Carsten Strunge, Senior Development."

Similar presentations

World Class Standards Smart Grids ETSI Strategic Topic Philippe Lucas © ETSI 2010. All rights reserved ETSI Smart Grid workshop, June 14th 2010.

World Class Standards Smart Grids ETSI Strategic Topic Philippe Lucas © ETSI All rights reserved ETSI Smart Grid workshop, June 14th 2010.
INTEGRAL1ADDRESS Workshop, Paris 09 June 2010 INTEGRAL: Integrated ICT Platform for Distributed Control in Electricity Grids Hans Akkermans INTEGRAL Project.

INTEGRAL1ADDRESS Workshop, Paris 09 June 2010 INTEGRAL: Integrated ICT Platform for Distributed Control in Electricity Grids Hans Akkermans INTEGRAL Project.
Deliverables; Overview, Terminology and Use Cases

Deliverables; Overview, Terminology and Use Cases
Join Us Now at: Enabling Interoperability for the Utility Enterprise And TESTING.

Join Us Now at: Enabling Interoperability for the Utility Enterprise And TESTING.
Smart Grid Status in Finland I.Country/Economy Smart Grid Status 1.High priority technical needs for smart grid development and/or deployment Research.

Smart Grid Status in Finland I.Country/Economy Smart Grid Status 1.High priority technical needs for smart grid development and/or deployment Research.
Frankfurt (Germany), 6-9 June 2011 André Postma – Netherlands – RT.1b SM components Smart Grid Components

Frankfurt (Germany), 6-9 June 2011 André Postma – Netherlands – RT.1b SM components "Smart Grid Components"
Planning, optimization and regulatory issues

Planning, optimization and regulatory issues
Development and Operation of Active Distribution Networks: Results of CIGRE C6.11 Working Group (Paper 0311) Dr Samuel Jupe (Parsons Brinckerhoff) UK Member.

Development and Operation of Active Distribution Networks: Results of CIGRE C6.11 Working Group (Paper 0311) Dr Samuel Jupe (Parsons Brinckerhoff) UK Member.
Smart Energy Profile Distributed Energy Resources Tom Herbst.

Smart Energy Profile Distributed Energy Resources Tom Herbst.
Jörg Heuer | Siemens AG | München | 15.04.2015 Renewable Model Region Harz: Climate Protection and Energy Efficiency by Modern ICT and Innovative Operation.

Jörg Heuer | Siemens AG | München | Renewable Model Region Harz: Climate Protection and Energy Efficiency by Modern ICT and Innovative Operation.
CHPCOM project Combined Heat and Power Communication CHPCOM IEC 61850 baseret datakommunikation i dansk kontekst Securing Critical Infrastructure Communication.

CHPCOM project Combined Heat and Power Communication CHPCOM IEC baseret datakommunikation i dansk kontekst Securing Critical Infrastructure Communication.
EStorage First Annual Workshop Arnhem, NL 30, Oct. 2013 Olivier Teller.

EStorage First Annual Workshop Arnhem, NL 30, Oct Olivier Teller.
Ee392n - Spring 2011 Stanford University Intelligent Energy Systems 1 Lecture 3 Intelligent Energy Systems: Control and Monitoring Basics Dimitry Gorinevsky.

Ee392n - Spring 2011 Stanford University Intelligent Energy Systems 1 Lecture 3 Intelligent Energy Systems: Control and Monitoring Basics Dimitry Gorinevsky.
1 Smart control of multiple energy commodities on district scale Frans Koene Sustainable places, Nice, 1-3 Oct 2014.

1 Smart control of multiple energy commodities on district scale Frans Koene Sustainable places, Nice, 1-3 Oct 2014.
ICT FOR OPTIMIZING SYNERGIES AMONG ENERGY GRIDS IN SMART CITIES S. Caneva & I. Weiss, WIP – Renewable Energies Sustainable Places, Nice, France, 1 st October.

ICT FOR OPTIMIZING SYNERGIES AMONG ENERGY GRIDS IN SMART CITIES S. Caneva & I. Weiss, WIP – Renewable Energies Sustainable Places, Nice, France, 1 st October.
© ABB 2009-04-16 SG_Presentation_rev9b.ppt | 1 © ABB 2009-04-16 SG_Presentation_rev9b.ppt | 1 Smart Grid – The evolution of the future grid Karl Elfstadius,

© ABB SG_Presentation_rev9b.ppt | 1 © ABB SG_Presentation_rev9b.ppt | 1 Smart Grid – The evolution of the future grid Karl Elfstadius,
Jeju, 13 – 16 May 2013Standards for Shared ICT HIS – Smart Grid Karen Bartleson, President, IEEE Standards Association Document No: GSC17-PLEN-72 Source:

Jeju, 13 – 16 May 2013Standards for Shared ICT HIS – Smart Grid Karen Bartleson, President, IEEE Standards Association Document No: GSC17-PLEN-72 Source:
EU Commission Task Force for Smart Grids Expert Group 3: Roles and Responsibilities of Actors involved in the Smart Grids Deployment Samia Benrachi-Maassam.

EU Commission Task Force for Smart Grids Expert Group 3: Roles and Responsibilities of Actors involved in the Smart Grids Deployment Samia Benrachi-Maassam.
FUTURE IN ENERGY. The biggest co-generation high efficiency power plant in Romania, built in Suceava Investment value: over EUR 90 mil Used fuels: natural.

FUTURE IN ENERGY. The biggest co-generation high efficiency power plant in Romania, built in Suceava Investment value: over EUR 90 mil Used fuels: natural.
Join Us Now at: Enabling Interoperability for the Utility Enterprise And TESTING.

Join Us Now at: Enabling Interoperability for the Utility Enterprise And TESTING.

Similar presentations

Ads by Google