Presentation is loading. Please wait.

Presentation is loading. Please wait.

Geneva, Switzerland, 15-16 September 2014 Security by Design in Smart Grids A Need to Rethink ICT in Power System Controls Carsten Strunge, Senior Development.

Published byCamron Murphy Modified over 8 years ago

Similar presentations

Presentation on theme: "Geneva, Switzerland, 15-16 September 2014 Security by Design in Smart Grids A Need to Rethink ICT in Power System Controls Carsten Strunge, Senior Development."— Presentation transcript:

1 Geneva, Switzerland, 15-16 September 2014 Security by Design in Smart Grids A Need to Rethink ICT in Power System Controls Carsten Strunge, Senior Development Engineer, Energinet.dk cas@energinet.dk ITU Workshop on “ICT Security Standardization for Developing Countries” (Geneva, Switzerland, 15-16 September 2014)

2 Geneva, Switzerland, 15-16 September 2014 2 The Challenge of Balancing Wind Power and Electricity Consumption 2012 2035 Approx. 30 pct. of classic demand Approx. 75 pct. of classic demandApprox. 140 pct. of classic demand 2050 (scale 1:1)

3 The Challenge of the Changing Power System Geneva, Switzerland, 15-16 September 2014 3 SC HVDC NO/SE HVDC NL HVAC DE HVAC SE 400 kV 10 kV 0,4 kV SVC 150 kV 60 kV

4 The Challenge to Utilization Renewabel Power Geneva, Switzerland, 15-16 September 2014 4 50,0 Hz 49,5 Hz 50,5 Hz Power production Consumption New paradigm:  More load must follow production. Not just locally, but cross boarder * Local balancing should only be for congestion management.

5 What is Security by Design in Smart Grid? Security and robustness in data exchange PKI RBAC, IEC61850 and SecureMMS, CIM and SecureCIM Secure and robust data storage Access to data at the source Roll Based Access Controls (RBAC) at source Secure and robust data processing Semi-offline controls though exchange of schedules Distributed controls Secure and robust fall-back schemes Detection of abnormal behavior Segmentation of processes and ICT-networks Possible isolation of “infected” parts Fall-back concepts Geneva, Switzerland, 15-16 September 20145 To have information security thought into the power system control concepts.

6 The Generalized Stakeholder and Domain Model (from NIST) Geneva, Switzerland, 15-16 September 2014 6

7 Basic Elements in the Smart Grid Control Loop Geneva, Switzerland, 15-16 September 2014 7 Control1 (Agent) Communication Control2 Other actors Control box w. RBAC (Agent or Gateway) Sensor Actuator Power System Status for availibility Control and information data

8 Elements in the Smart Grid Control Loop - Prosumer Relation Geneva, Switzerland, 15-16 September 2014 8 DSO Voltage and Emergency controls (Agent) Communication (Fiber, PLC, GPRS, ?) Communication (Internet) Market Aktor Commercial Operation (Aggregator) Control box w. RBAC (Agent or Gateway) Sensor Meter Actuator DER HP, EV etc. Power System Status for availibility Control and information Energy og online power E.g. via AMR/AMI data

9 Local Technical VPP and Commercial VPP in Smart Grid Geneva, Switzerland, 15-16 September 2014 9 Control TekniskVPP (Agent) Market actor A ComVPP Market actor B ComVPP 10/0,4 kV Communication (Internet) AMI/AMR Tech + ComA + ComBTech + ComATech + ComA + ComB Tech + ComA

10 Utilizing resources for Voltage Control Challenges in Local Distribution Grids Geneva, Switzerland, 15-16 September 2014 10 10 kV 0,4 kV 10 kV 0,4 kV 10 kV 0,4 kV 10 kV 0,4 kV Local technical agents in the grid, control voltages by utilizing resources online or already active in the power markets.

11 Activating resources through Technical VPP connected to the transmission grid level Geneva, Switzerland, 15-16 September 2014 11

12 Market Based Controls on Distributed Load and Production (As-Is) Geneva, Switzerland, 15-16 September 2014 12       Virtual Power Plant (VPP) Aggregator >10 MW 5 MW3 MW 2 MW 600 kW700 kW 400 kW 300 kW Boilers 200 kW Hydrogen 800 kW Day ahead Balance Responsible and Aggregator Balance Responsible and Aggregator NOIS Several markets already in place Day Ahead Spot Market Intraday Market Regulation Power Market Reserve Capacity Market Frequency Reserve Market

13 Smart Grid Coupling of Power Grid Control and Power Markets Geneva, Switzerland, 15-16 September 2014 13 Cell Controller Commercial demand e.g. industry Distributed Generation e.g. CHP Wind Power Existing and testedNew or in R&D Balance Responsible Party DSO Technical VPP Aggregator Commercial VPP Resources Power System Grid Power Markets

14 CHPCOM– is testing standards to make assets Smart Grid Ready 14 DSO/DNO Balance responsible Flexibility Market Aggregator Technical control Generator CHP plant Control Power sale Power buy  ~   Internet Accumulator Electric Boiler Power Market TSO Data Measurement International data exchange standard IEC 61850 Secured according to IEC 62351 Supply of services Local resources to balance the local grid Market control Measurement Data Measurement New District heat Solar heat See: www.chpcom.dk (not yet available in English)www.chpcom.dk

15 CHPCOM – Role Based Access Control Geneva, Switzerland, 15-16 September 2014 15 CHPCOM RBAC unit incl. IP-Firewall Internet IEC61351-4 SecureMMS from Sisco IEC61351-8 RBAC from EURISCO

16 RBAC structure in IEC 62351-8 - Whitelisting, Roles and Rights Geneva, Switzerland, 15-16 September 2014 16 Subject Person/system whitelisted and identified by X.509 based certificate, whishes access to a resource Example Roles Rights Operations Objects Roles define basic user rights Rights defines access to specific functions Functions can conduct specific actions at resource Resource read or write data DCIP1.EngCtl.ctlVal Start engine #1 Write Egon Olsen BRP Operator IEC TS 62351-8 IEC 62351-8 also applies to IEC TC57 CIM-standards

17 The CHPCOM data flow Geneva, Switzerland, 15-16 September 2014 17 RBAC s/MMS 61850 GW 6185 0 DB SCAD A DB RTU MMS SCADA s/MMS SecureMMS Gateway SCADA SCADA fronten d MMS INTERNET Firewall PKI Components

18 CHPCOM PKI Overview Geneva, Switzerland, 15-16 September 2014 18 Firewall RBAC s/MMS (IEC 61850 / IEC 62351) s/MMS (IEC 61850 / IEC 62351) PKI Components X.500 Directory CA SecureMMS Gateway RA SCADA Environment MMS (IEC 61850) MMS (IEC 61850) s/MMS (IEC 61850 / IEC 62351) LDAP OCSP + REST Phone / Email LDAP

19 CHPCOM Information Security Activities Implementation of PKI-elements X.509 certificates with encoded role information Automated certificate handling SecureMMS IEC 61351-8 RBAC gateway units Security Analysis PKI policies for the operational framework to issue and revoke certificates Clients and Servers (including RBAC-units) with private keys – policies for installation and key management. Standardisation Feedback to basic X.509 standard (ITU-T SG17) with specific Smart Grid requirements; Feedback to X.509 standardisation for needed automated procedures to establish and manage PKI for Smart Grid. Feedback to IEC 62351 (TC57 WG15) on RBAC implementation Feedback to IEC 62351 on SecureMMS Identify legislative needs Identify the legislative requirements to be able to realise Smart Grid Information Security in Denmark. Dialog with key stakeholders. Geneva, Switzerland, 15-16 September 201419

20 Conclusions and Recommendations What we found Smart Grid from ITU-T Automated machine2machine solutions e.g. for certificate renewal Local certificate whitelists Strong processes for initial certificate “bootstraping” Multiple associated parallel PKI E.g. Smart Grid-PKI, Smart Meter-PKI, EV- PKI, etc. And not least a good cooperation between ITU-T and IEC TC57. Geneva, Switzerland, 15-16 September 2014 20

Download ppt "Geneva, Switzerland, 15-16 September 2014 Security by Design in Smart Grids A Need to Rethink ICT in Power System Controls Carsten Strunge, Senior Development."

Similar presentations

Smart Grid: an Ontario Perspective Brian Hewson, Senior Manager Regulatory Policy Hamilton May 8, 2013.

Smart Grid: an Ontario Perspective Brian Hewson, Senior Manager Regulatory Policy Hamilton May 8, 2013.
World Class Standards Smart Grids ETSI Strategic Topic Philippe Lucas © ETSI 2010. All rights reserved ETSI Smart Grid workshop, June 14th 2010.

World Class Standards Smart Grids ETSI Strategic Topic Philippe Lucas © ETSI All rights reserved ETSI Smart Grid workshop, June 14th 2010.
INTEGRAL1ADDRESS Workshop, Paris 09 June 2010 INTEGRAL: Integrated ICT Platform for Distributed Control in Electricity Grids Hans Akkermans INTEGRAL Project.

INTEGRAL1ADDRESS Workshop, Paris 09 June 2010 INTEGRAL: Integrated ICT Platform for Distributed Control in Electricity Grids Hans Akkermans INTEGRAL Project.
Smart Grid Status in Finland I.Country/Economy Smart Grid Status 1.High priority technical needs for smart grid development and/or deployment Research.

Smart Grid Status in Finland I.Country/Economy Smart Grid Status 1.High priority technical needs for smart grid development and/or deployment Research.
Frankfurt (Germany), 6-9 June 2011 André Postma – Netherlands – RT.1b SM components Smart Grid Components

Frankfurt (Germany), 6-9 June 2011 André Postma – Netherlands – RT.1b SM components "Smart Grid Components"
Distributed Generation (DG)

Distributed Generation (DG)
Planning, optimization and regulatory issues

Planning, optimization and regulatory issues
The future Role of VPPs in Europe Pan European Balancing Market: EU-FP7-Project eBadge Workshop on DSM Potentials, Implementations and Experiences 20 th.

The future Role of VPPs in Europe Pan European Balancing Market: EU-FP7-Project eBadge Workshop on DSM Potentials, Implementations and Experiences 20 th.
Development and Operation of Active Distribution Networks: Results of CIGRE C6.11 Working Group (Paper 0311) Dr Samuel Jupe (Parsons Brinckerhoff) UK Member.

Development and Operation of Active Distribution Networks: Results of CIGRE C6.11 Working Group (Paper 0311) Dr Samuel Jupe (Parsons Brinckerhoff) UK Member.
Geneva, Switzerland, 15-16 September 2014 Security by Design in Smart Grids A Need to Rethink ICT in Power System Controls Carsten Strunge, Senior Development.

Geneva, Switzerland, September 2014 Security by Design in Smart Grids A Need to Rethink ICT in Power System Controls Carsten Strunge, Senior Development.
Jörg Heuer | Siemens AG | München | 15.04.2015 Renewable Model Region Harz: Climate Protection and Energy Efficiency by Modern ICT and Innovative Operation.

Jörg Heuer | Siemens AG | München | Renewable Model Region Harz: Climate Protection and Energy Efficiency by Modern ICT and Innovative Operation.
The research leading to these results has received funding from the European Community's Seventh Framework Programme (FP7/2007-2013) under grant agreement.

The research leading to these results has received funding from the European Community's Seventh Framework Programme (FP7/ ) under grant agreement.
Olje- og energidepartementetwww.oed.dep.no The energy sector and policy challanges in Europe. Viewpoints from Norway Johan Vetlesen Deputy Director General.

Olje- og energidepartementetwww.oed.dep.no The energy sector and policy challanges in Europe. Viewpoints from Norway Johan Vetlesen Deputy Director General.
Integrating Multiple Microgrids into an Active Network Management System Presented By:Colin Gault, Smarter Grid Solutions Co-Authors:Joe Schatz, Southern.

Integrating Multiple Microgrids into an Active Network Management System Presented By:Colin Gault, Smarter Grid Solutions Co-Authors:Joe Schatz, Southern.
CHPCOM project Combined Heat and Power Communication CHPCOM IEC 61850 baseret datakommunikation i dansk kontekst Securing Critical Infrastructure Communication.

CHPCOM project Combined Heat and Power Communication CHPCOM IEC baseret datakommunikation i dansk kontekst Securing Critical Infrastructure Communication.
EStorage First Annual Workshop Arnhem, NL 30, Oct. 2013 Olivier Teller.

EStorage First Annual Workshop Arnhem, NL 30, Oct Olivier Teller.
1 LNI & JMJ, SmartGrid 2nd General Assembly Danish TSO Research and Demonstration Activities towards a Future Smart grid EcoGrid Energinet.dk, PMFU section.

1 LNI & JMJ, SmartGrid 2nd General Assembly Danish TSO Research and Demonstration Activities towards a Future Smart grid EcoGrid Energinet.dk, PMFU section.
1 Smart control of multiple energy commodities on district scale Frans Koene Sustainable places, Nice, 1-3 Oct 2014.

1 Smart control of multiple energy commodities on district scale Frans Koene Sustainable places, Nice, 1-3 Oct 2014.
ICT FOR OPTIMIZING SYNERGIES AMONG ENERGY GRIDS IN SMART CITIES S. Caneva & I. Weiss, WIP – Renewable Energies Sustainable Places, Nice, France, 1 st October.

ICT FOR OPTIMIZING SYNERGIES AMONG ENERGY GRIDS IN SMART CITIES S. Caneva & I. Weiss, WIP – Renewable Energies Sustainable Places, Nice, France, 1 st October.
1 Smart Distribution Systems: Sustainability Issues S. S. (Mani) Venkata Alstom Grid and University of Washington (UW)

1 Smart Distribution Systems: Sustainability Issues S. S. (Mani) Venkata Alstom Grid and University of Washington (UW)

Similar presentations

Ads by Google