Presentation is loading. Please wait.

Presentation is loading. Please wait.

CIP 2015 Smart Grid Vulnerability Assessment Using National Testbed Networks IHAB DARWISHOBINNA IGBETAREQ SAADAWI.

Published byMuriel Booth Modified over 8 years ago

Similar presentations

Presentation on theme: "CIP 2015 Smart Grid Vulnerability Assessment Using National Testbed Networks IHAB DARWISHOBINNA IGBETAREQ SAADAWI."— Presentation transcript:

1 CIP 2015 Smart Grid Vulnerability Assessment Using National Testbed Networks IHAB DARWISHOBINNA IGBETAREQ SAADAWI

2 CIP 2015 Objectives  Critical infrastructure – Energy Sector  Smart Grids  Security Policies and Strategies  Smart Grid Vulnerabilities, Threats and Risk Management  National Testbed Environment  Attack Demo using DETER Network

3 CIP 2015 Critical Infrastructure - Sectors  Critical infrastructure is a collection of systems and assets tangible and non-tangible that provides critical services to the nation.

4 CIP 2015 Critical Infrastructure – Energy Sector  According to the Department of Homeland Security (DHS), more than 80% of the US energy infrastructure is owned and operated by private sectors.  Energy sector is providing different kinds of energy sources including electricity, petroleum and natural gas to households and businesses.  More than 6400 power plants, 30,000 substations and 200,000 miles of transmission lines in the nation.

5 CIP 2015 Critical Infrastructure – Smart Grids  Initiated by National Institute of Standards and Technology (NIST) according to the American Recovery and Reinvestment Act (ARRA) in 2009.  To establish intelligence and interoperability that incorporate smart technologies with various electricity distribution facilities to improve reliability of the grids. Reliability  Reliability is about 100% Availability

6 CIP 2015 Smart Grid as Micro-Grids  Smart grid is a collection of micro-grids interconnected and linked to the SCADA operating at the control center.  Several measurement areas can be performed in each micro- grids including power conditioning, time synchronization, validation, metering and others.

7 CIP 2015 Smart Grid - Protocols

8 CIP 2015 Popular Smart Grid Protocols  Modbus  Industrial protocol used in SCADA  Serial and TCP versions  Master and Slave operation  DNP3  Open standard – IEEE  Most used protocol in the US  Supports Secured Authentication  IEC 61850  Most recent Industry Electronic Commissions protocol  Substation Automation  Comprehensive set of protocols using layer-link multicasting protocol (GOOSE)  ICCP  Inter- Control Center Communication Protocol – IEC60870-6  Used primarily to interconnect masters from different micro-grids.

9 CIP 2015 Security Policies and Strategies - Penetration  Penetration starts with the weak security perimeter as a back door to all possibilities in an attempt to reach the most critical part of the organization with high security.  Weaknesses – Systems, Policies and Procedures

10 CIP 2015 Security Policies and Strategies - Critical Infrastructure Organizations  Security policies in critical infrastructure provide the strategy and the governing rules for guidance in protecting critical infrastructure components and valuable assets.  NIST Security Policies

11 CIP 2015 Security Policies and Strategies - Implementations  Policies should be applicable  Polices should enforced  Empowering users for policy adoption  Policy auditing

12 CIP 2015 Critical Infrastructure Strategy  Adhere to all legal and legislative requirements and satisfy the government mandatory information management and security principles.  Develop, document, implement, and review information security controls.  Ensure that smart-grids infrastructure and information systems operate with a high degree of assurance and integrity.  Protect assets and data both physically and logically.

13 CIP 2015 Defense of Depth Security Model  An enhanced practical strategy for achieving system reliability and information accuracy.

14 CIP 2015 Defense of Depth Security Model LayerDefense MechanismIssues First Layer “Policies and Procedures” Second Layer “Physical Security” Third Layer “Security Perimeter”  Firewalls, VPN encryption  Network-based Anti-virus  Vulnerable to attackers Fourth Layer “Network”  Network based intrusion detection systems (IDS)  Vulnerability management systems  Network access control and User Authentication  Could cause false alarms  Unauthenticated Access & Exploitation Fifth Layer “Host”  Host IDS  Host Anti-Virus  Host based control, but limited to each device.  New attacks are not detected Sixth Layer “Applications”  Public Key Interface (PKI) and RSA  Access Control and Authentication  Overhead and slow performance Seventh Layer “Data”  Encryption  Good security but subject to security policies

15 CIP 2015 Smart Grid Vulnerabilities, Threats and Risk Management – Energy Sector Year Number of Incidents % of Incidents in Energy Sector Number of Vulnerabilities Threat Activities Vector or Examples 201424532%159  Unauthenticated Access & Exploitation  Buffer overflow  Spear Phishing  Network Scanning and probing  SQL Injection  Unknown Access Vector (almost 50% of the cases) 201325659%187 201219841%171 201114035%138

16 CIP 2015 Attack and Penetration Strategy  Reconnaissance or data gathering stage  Scanning for potential target(s) and possible vulnerabilities  Exploiting the vulnerability discovered.  Accessing the compromised host through logical connection

17 CIP 2015 Critical Infrastructure Security Concerns  Critical cybersecurity concerns that need to be addressed in critical infrastructure are so many.

18 CIP 2015 Risk Management “Once we know our weaknesses they cease to do us any harm” Georg C. LichtenbergGeorg C. Lichtenberg, (1742-1799) German Scientist

19 CIP 2015 Risk Management Strategy Attack Vector Comparison Attack Vector Comparison Establish Attack Behavior Establish Attack Behavior Establish Impact Theory Establish Impact Theory Develop Mitigation Strategies Develop Mitigation Strategies Implement Specific Strategy Implement Specific Strategy Risk Analysis Environmental Variables Countermeasure Analysis Continuous Improvements & Change Management Vulnerability Assessment Threat Analysis Impact Analysis Research and Incident Analysis Detection and Mitigation Planning Risk = Threat x Vulnerability x Impact

20 CIP 2015 Security Policies and Strategies Balance Tools Policies

21 CIP 2015 National Testbed Environments  With increased smart-grid complexity, experimental studies of large-scale grids are usually not economically feasible, even for small micro- grid environment with limited number of distributed energy sources and intelligent loads National Scada Test Bed (NSTB) Smart Grid System Testbed Facility DeterLab Testbed Environment

22 CIP 2015 Security Penetration Example DEMO

23 CIP 2015 Conclusion  Critical infrastructure – Energy Sector  Smart Grids  Security Policies and Strategies  Smart Grid Vulnerabilities, Threats and Risk Management  National Testbed Environment  Attack Demo using DETER Network

24 CIP 2015 Thank You

25 CIP 2015 References  Georg C. Lichtenberg. (n.d.). BrainyQuote.com. Retrieved October 10, 2015, from BrainyQuote.com Web site: http://www.brainyquote.com/quotes/quotes/g/georgclic403861.html

Download ppt "CIP 2015 Smart Grid Vulnerability Assessment Using National Testbed Networks IHAB DARWISHOBINNA IGBETAREQ SAADAWI."

Similar presentations

Steps towards E-Government in Syria

Steps towards E-Government in Syria
Homeland Security at the FCC July 10, 2003. FCCs Homeland Security Focus Interagency Partnerships Industry Partnerships Infrastructure Protection Communications.

Homeland Security at the FCC July 10, FCCs Homeland Security Focus Interagency Partnerships Industry Partnerships Infrastructure Protection Communications.
Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.

Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.
Protection of Information Assets I. Joko Dewanto 1.

Protection of Information Assets I. Joko Dewanto 1.
Gcpud1 CRITICAL INFRASTRUCTURE PROTECTION NERC 1200 CIP 002 - 009 CRITICAL INFRASTRUCTURE PROTECTION NERC 1200 CIP 002 - 009.

Gcpud1 CRITICAL INFRASTRUCTURE PROTECTION NERC 1200 CIP CRITICAL INFRASTRUCTURE PROTECTION NERC 1200 CIP
David A. Brown Chief Information Security Officer State of Ohio

David A. Brown Chief Information Security Officer State of Ohio
Cyber Security and the Smart Grid George W. Arnold, Eng.Sc.D. National Institute of Standards and Technology (NIST) U.S. Department of Commerce

Cyber Security and the Smart Grid George W. Arnold, Eng.Sc.D. National Institute of Standards and Technology (NIST) U.S. Department of Commerce
E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.

E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.
Cyber Security in Implementing Modern Grid Automation Systems Vijayan SR CIGRE SC D2 Tutorials & Colloquium on SMART GRID Mysore, 13 – 15 November 2013.

Cyber Security in Implementing Modern Grid Automation Systems Vijayan SR CIGRE SC D2 Tutorials & Colloquium on SMART GRID Mysore, 13 – 15 November 2013.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
1 Telstra in Confidence Managing Security for our Mobile Technology.

1 Telstra in Confidence Managing Security for our Mobile Technology.
The State of Security Management By Jim Reavis January 2003.

The State of Security Management By Jim Reavis January 2003.
© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart1 of 222 C HAPTER 7 Information Systems Controls for Systems.

© 2008 Prentice Hall Business Publishing Accounting Information Systems, 11/e Romney/Steinbart1 of 222 C HAPTER 7 Information Systems Controls for Systems.
Trusted Internet Connections. Background Pervasive and sustained cyber attacks against the United States continue to pose a potentially devastating impact.

Trusted Internet Connections. Background Pervasive and sustained cyber attacks against the United States continue to pose a potentially devastating impact.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.

Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.

Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.
ISO 17799: Standard for Security Ellie Myler & George Broadbent, The Information Management Journal, Nov/Dec ‘06 Presented by Bhavana Reshaboina.

ISO 17799: Standard for Security Ellie Myler & George Broadbent, The Information Management Journal, Nov/Dec ‘06 Presented by Bhavana Reshaboina.
Stephen S. Yau CSE 465-591, Fall 2006 1 Security Strategies.

Stephen S. Yau CSE , Fall Security Strategies.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Similar presentations

Ads by Google