Cyber Threats/Security and System Security of Power Sector Workshop on Crisis & Disaster Management of Power Sector P.K.Agarwal, AGM Power System Operation.

Slides:

Advertisements

Similar presentations

VSE Corporation Proprietary Information

Advertisements

Vendor Briefing May 26, 2006 AMI Overview & Communications TCM.

1 © 2012 Lockheed Martin Corporation, All Rights Reserved Intelligent Microgrid Solutions Efficient, Reliable and Secure Solutions for Today’s Energy Challenges.

Xanthus Consulting International Smart Grid Cyber Security: Support from Power System SCADA and EMS Frances Cleveland

Cyber Security and the Smart Grid George W. Arnold, Eng.Sc.D. National Institute of Standards and Technology (NIST) U.S. Department of Commerce

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart The Grid Plenary Panel: Smart Grid Interim Roadmap Draft and Processes Joe Hughes, EPRI Erich Gunther, Enernex Frances Cleveland, Xanthus Consulting.

Security Controls – What Works

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

IntelliGrid: Enabling The Power Delivery System of the Future Don Von Dollen EPRI IntelliGrid Program 9th International Symposium on Power- Line Communications.

1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.

Smart Grid Cyber Security Framework

By Lauren Felton. The electric grid delivers electricity from points of generation to consumers, and the electricity delivery network functions via two.

Lecture 11 Reliability and Security in IT infrastructure.

AMA FiT4HANA Designed for Big Data

©Ian Sommerville 2006Critical Systems Slide 1 Critical Systems Engineering l Processes and techniques for developing critical systems.

Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.

Jeju, 13 – 16 May 2013Standards for Shared ICT HIS – Smart Grid Karen Bartleson, President, IEEE Standards Association Document No: GSC17-PLEN-72 Source:

K E M A, I N C. Current Status of Cyber Security Issues 2004 Keynote Address Joe Weiss January 20, 2004.

A project under the 7th Framework Programme CPS Workshop Stockholm 12/04/2010 Gunnar Björkman Project Coordinator A Security Project for the Protection.

Software Dependability CIS 376 Bruce R. Maxim UM-Dearborn.

GridWise ® Architecture Council Cyber-Physical System Requirements for Transactive Energy Systems Shawn A. Chandler Maseeh College of Electrical and Computer.

E.ON on the Romanian Energy Market ZF Power Summit Bucharest, February 27, 2013 Frank Hajdinjak CEO E.ON România.

IOT5_ GISFI # 05, June 20 – 22, 2011, Hyderabad, India 1 Privacy Requirements of User Data in Smart Grids Jaydip Sen Tata Consultancy Services Ltd.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Cyber Security of Smart Grid Systems

SEC835 Database and Web application security Information Security Architecture.

Storage Security and Management: Security Framework

Evolving IT Framework Standards (Compliance and IT)

Lessons Learned in Smart Grid Cyber Security

Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

Applying the Distribution System in Grid Restoration/NERC CIP-014 Risk Assessment Srijib Mukherjee, Ph.D., P.E. UC Synergetic.

FirstEnergy / Jersey Central Power & Light Integrated Distributed Energy Resources (IDER) Joseph Waligorski FirstEnergy Grid-InterOp 2009 Denver, CO November.

Infrastructure & Cities Sector – Smart Grid Division © Siemens AG All rights reserved. October 2012Page 1 The Smart Grid by Siemens Constant energy.

The Smart Grid Enabling Energy Efficiency and Demand Response Clark W

Frankfurt (Germany), 6-9 June 2011 IT COMPLIANCE IN SMART GRIDS Martin Schaefer – Sweden – Session 6 – 0210.

הקריה למחקר גרעיני - נגב Nuclear Research Center – Negev (NRCN) Society of Electrical and Electronics Engineers in Israel (SEEEI) 2012 Eran Salfati, Amir.

1 Critical Mission Support Through Energy Security Susan Van Scoyoc Concurrent Technologies Corporation 16 August 2012 Energy Huntsville Meeting Huntsville,

ISO17799 Maturity. Confidentiality Confidentiality relates to the protection of sensitive data from unauthorized use and distribution. Examples include:

1 Smart Grid Cyber Security Annabelle Lee Senior Cyber Security Strategist Computer Security Division National Institute of Standards and Technology June.

Project co-funded by the European Commission within the 7th Framework Program (Grant Agreement No ) Business Convergence WS#2 Smart Grid Technologies.

. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.

Enterprise Systems Business Planning & Logistics Site Manufacturing Operations and Control Area Supervisory Control Basic Control Safety- Instrumented.

Frankfurt (Germany), 6-9 June 2011 Iiro Rinta-Jouppi – Sweden – RT 3c – Paper 0210 COMMUNICATION & DATA SECURITY.

Information Technology Needs and Trends in the Electric Power Business Mladen Kezunovic Texas A&M University PS ERC Industrial Advisory Board Meeting December.

Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.

CIP 2015 Smart Grid Vulnerability Assessment Using National Testbed Networks IHAB DARWISHOBINNA IGBETAREQ SAADAWI.

June 17, 2009 Michael W. Howard, Ph.D. Sr. Vice President The Interoperable Smart Grid Evolving.

© 2014 IBM Corporation Does your Cloud have a Silver Lining ? The adoption of Cloud in Grid Operations of Electric Distribution Utilities Kieran McLoughlin.

Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.

Slide 1 Security Engineering. Slide 2 Objectives l To introduce issues that must be considered in the specification and design of secure software l To.

Smart Grid Schneider Electric Javier Orellana

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Transforming the Distribution Grid

Smart Grid Vision: Vision for a Holistic Power Supply and Delivery Chain Stephen Lee Senior Technical Executive Power Delivery & Utilization November 2008.

Metering Americas April 24, 2006 Advanced Metering.

IS3220 Information Technology Infrastructure Security

Security and Resilience Pat Looney Brookhaven National Laboratory April 2016.

Myongji University HMCL

Lecturer: Eng. Mohamed Adam Isak PH.D Researcher in CS M.Sc. and B.Sc. of Information Technology Engineering, Lecturer in University of Somalia and Mogadishu.

Principles Identified - UK DfT -

Agenda Control systems defined

Information Technology Sector

Karen Bartleson, President, IEEE Standards Association

Albeado - Enabling Smart Energy

IT Management Services Infrastructure Services

Presentation transcript:

Cyber Threats/Security and System Security of Power Sector Workshop on Crisis & Disaster Management of Power Sector P.K.Agarwal, AGM Power System Operation Corporation

SECURITY 2 Cyber Threats/Security and System Security April 17, 2013

Security Acronyms Threat – Cyber Space Cyber Threat Security Vulnerability Risk Risk Management Vulnerabilities Security vs Cyber Security Information Security vs System Security Defense-in-depth April 17, Cyber Threats/Security and System Security

What is Security Confidentiality Integrity Availability Authentication Unauthorised access to Infomation Unauthorised Modification or Theft of Infomation Denial of Service or Prevention of Authorised Access Cyber Threats/Security and System Security Non-Repudiation Accountability: Denial of Action That took place, or claim of Action that did not take place CIA Triad E-Commerce The individual is who he claims to be.

SECURITY CONCERNS FOR POWER SECTOR 5 Cyber Threats/Security and System Security April 17, 2013

Concerns Current power grid depends on complex network of computers, software and communication technologies. If compromised, have the potential to cause great damages. A cyber attack has the unique in nature that it can be launched through public network from a remote location Form any where in the world. Coordinated to attack many locations Cyber Threats/Security and System Security 6 April 17, 2013

More Concerns The legacy communication method used for grid operations also provide potential cyber attack paths. Many cyber vulnerabilities in Supervisory Control and Data Acquisition (SCADA) System have been surfaced. Level of automation in substations is increasing, which can lead more cyber security issues. Recent study have shown that the deployed components have significant cyber vulnerabilities. Cyber Threats/Security and System Security 7 April 17, 2013

Still More Concerns Increasing use of standard and open system – “Security by Obscurity” is no more valid. Efforts of energy sector to uncover system vulnerabilities develop effective countermeasures have prevented serious damages to electric supply chain. Some of these vulnerabilities are in the process of being mitigated. However, attack on energy control systems have been successful in many cases. Cyber Threats/Security and System Security 8 April 17, 2013

What is Security? Some Key Concepts 1.For power systems, keeping the lights on is the primary focus. Therefore the key security requirements are Availability and Integrity, not Confidentiality (AIC, not CIA) 2.Encryption, by itself, does not provide security. 3.Security threats can be deliberate attacks OR inadvertent mistakes, failures, and natural disasters. 4.The most dangerous “attacker” is a disgruntled employee who knows exactly where the weaknesses are the easiest to breach and could cause the worst damage. 5.Security solutions must be end-to-end to avoid “man-in-the-middle” attacks or failed equipment from causing denial of service 6.Security solutions must be layered, so that if one layer is breached, the next will be there. Security is only as strong as its weakest link. 7.Security will ALWAYS be breached at some time – there is no perfect security solution. Security must always be planned around that eventuality. 8.Security measures must balance the cost of security against the potential impact of a security breach April 17, Cyber Threats/Security and System Security

CYBER SECURITY IN POWER SYSTEM 10 Cyber Threats/Security and System Security April 17, 2013

11 To maintain power system reliability, need to manage both the Power System Infrastructure and its supporting Information Infrastructure Central Generating Station Step-Up Transformer Distribution Substation Receiving Station Distribution Substation Distribution Substation Commercial Industrial Commercial Gas Turbine Diesel Engine Cogeneration Turbine Fuel cell Micro- turbine Wind Power Residential Storage Photovoltaic systems Control Center Operators, Planners & Engineers 2. Communications and Information Infrastructure 1.Power System Infrastructure Cyber Threats/Security and System Security

Traditional Security Measures Cannot Meet All Power System Security Requirements Two key security issues for utilities are power system reliability and legacy equipment: Power systems must continue to operate as reliably as possible even during a security attack. It is financially and logistically impractical to replace older power system equipment just to add security measures. Layered security is critical not only to prevent security attacks, but also to detect actual security breaches, to survive during a security attack, and to log all events associated with the attack. Most traditional “IT” security measures, although able to prevent and/or detect security attacks, cannot directly help power systems to continue operating. For legacy systems and for non-critical, compute-constrained equipment, compensating methods may need to be used in place of these traditional “IT” security measures. April 17, Cyber Threats/Security and System Security

Use of Power System SCADA and Energy Management Systems for Certain Security Solutions One method for addressing these problems is to use existing power system management technologies as a valid and very powerful method of security management, particularly for detecting, coping with, and logging security events. Add sensors, intelligent controllers, and intrusion-detection devices on “critical” equipment Utilize and expand existing SCADA systems to monitor these additional security-related devices Expand the SCADA system to monitor judiciously selected power system information from AMI systems. Expand Power Flow analysis functions to assess anomalous power system behaviors such as unexpected shifts of load and generation patterns, and abnormal power flow contingency analysis results to identify unexpected situations. April 17, Cyber Threats/Security and System Security

CHALLENGES AND STRATEGIES. Cyber Threats/Security and System Security 14 April 17, 2013

Challenges Increasing Number Of Systems and Size of Code Base Control Systems Not Designed with Security in Mind Increasing Use of COTS Hardware and Software New Customer Touch Points into Utilities New 2-Way Systems (e.g. AMI, DSM) Increasing Interconnection and Integration Increased Attack Surface Increased Risk to Operations Cyber Threats/Security and System Security 15 April 17, 2013

Barriers Cyber threats are unpredictable and evolve faster than the sector’s ability to develop and deploy countermeasures Security upgrades to legacy systems are limited by inherent limitations of the equipment and architectures Threat, vulnerability, incident, and mitigation information sharing is insufficient among government and industry Weak business case for cyber security investment by industry Regulatory uncertainty in energy sector cyber security Cyber Threats/Security and System Security 16 April 17, 2013

Strategies Build a culture of security. Access and Monitor Risks. Develop and Implement New Protective Measures to reduce Risks. Manage Incidence. Sustain Security Improvements. Use of emerging new security technologies like data- diode. Cyber Threats/Security and System Security 17 April 17, 2013

Adoption of Security Standards and Framework ISO/IEC Information Security Management System. NERC-CIP Standards-Critical Infrastructure Protection Standard. NIST IR 7628 – Guidelines for Smart Grid Cyber Security. IEC Series Security Standards Standards Cyber Security Require ments of Indian Power Grid, 27th May 2012, Mumbai 18

Road Map for Cyber Security of Grid Information Security Management System have been adopted by every regional load dispatch center. Each RLDC has been certified by International Certifying Body (BSI) for ISO 27001:2005. SCADA system up gradation is being done with:- Adoption of Secure ICCP. Secure connection between SCADA network and Enterprise network for cyber security. Use of air-gap technology like data-diode at interfacing point between secure and non-secure network. Cyber Threats/Security and System Security 19 April 17, 2013

Points to Ponder There is nothing like absolute security Every requirement is unique and every solution is unique. Security comes at a cost – need optimization. Secure real-time information is a key factor to reliable delivery of power to the end-users. Commoditization of electricity means increased players – increased exchange of power – increased requirement of security solution. Emerging technology like data-diode is an exciting technology for ensuring cyber security of critical infrastructure. Cyber Threats/Security and System Security 20 April 17, 2013

Cyber Threats/Security and System Security 21 April 17, 2013