View
404
Download
1
Embed Size (px)
DESCRIPTION
Security challenges to power grid and smart grid infrastructures.
Citation preview
Security Challenges toPower Grid and SmartGrid InfrastructuresP.K.AgarwalAGM, Power System Opera7onCorpora7on
Prof. M.A. PaiProf in ECE ,Emeritus, Universityof Illinois at Urbana-‐Champaign
S.K.Soonee,CEO, Power System Opera7onCorpora7on
Outline
• Why security of power grid and smart gridinfrastructure is important
• Security in the context of power grid and smartgrid.
• Opera9onal Security• Physical Security• Cyber Security• Challenges & Way forward
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
2
Some Facts• US Blackouts
• During the past two decades, blackouts haveincreased 124 percent -‐-‐ up from 41between 1991 and 1995, to 92 between2001 and 2005, according to research at theUniversity of Minnesota
• In the most recently analyzed data available,u9li9es reported 36 such outages in 2006alone
Source -‐
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
3
Increasing Cyber Security Incidences
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
4
In Indian context……….
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
5
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
6
PowerGrid
• Electrical grid is a man made miracle.• Largest machine ever made.• Managed by mutual co opera7on.• Fulfills diverse requirements of
• System Opera7on• Market Opera7on
• A Cri7cal infrastructure of a Na7on.
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
7
Vast Size –Widely Spread
• Genera9ng Sta9ons -‐ More than 450
• Generators -‐ More than 1400
• Substa9ons -‐ More than 2000
• Circuit Kms of line -‐ More than 270,000
• MW capacity -‐ More than 220 GW
• Transforma9on Capacity -‐ More than 480,000
• Nos of stakeholders -‐ More than 160
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
8
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
9
VeryLargeGrid
WidelySpread
230GWCapacity
LongHaulageof Power
Interna7onal
Connec7onMore
then 35controlcenters
VeryHigh
Voltagelevel
ManyVoltageLevels
HighlyConnect
ed
IndianPowerGrid
Smart grid
• Most significant upgrade to power grid in the last 100years.
• Most flexible and transparent by the use of ICT.• Has additonal new func7onali7es
• Self-‐healing.• Mo7vates and includes consumers(Demand-‐0response).• Accomodates all genera7on and storage op7ons.• Enables Electricity Markets.• Op7mize asset alloca7on and opera7onal efficiently
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
10
High Penetration
• DISCOMs – 43
• U9li9es – 163
• Traders – 44
• power exchanges – 2
• OA applica9ons -‐ 32000 per year
• OA consumers -‐ More than 2100
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
11
Indian Smart Grid Pilot Projects
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
12
MoP has approved 14 smartgrid pilots for execu9on
Func9onali9es being opted:
• AMI for Residen9al,Commercial and Industrial
• Peak Load Management• Outage Management• Power Quality• Renewable Integra9on• Micro Grids• Distributed Genera9on
Source – Desi Smart Grid
Smart Grid Pilot by POWERGRID
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
13
Source – Power Grid Corpora9on
Smart Grid Functions Implemented• Advanced Metering Infrastructure (AMI)• Virtual Demand Response (DR)• Street Light Automa9on• Outage Management System (OMS)• Net-‐Metering by Renewable Integra9on• Power Quality Management• Smart Home• Micro Grid Controller• Electric Vehicle
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
14
Security of PowerGrid and Smart Grid
• Tradi9onally security to power system means – towithstand unexpected disturbances
• Such as short circuit• Loss of a power system component such asTransmission line
• In today’s world secuirty focus has expanded toinclude• disturbances due to overloading or unexpected causes
• Physical adacks or• Cyber adacks
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
15
Security….
GRID
Network
Data
Hardware
Premise
Soeware
Communica9onAv
ailability
Confiden9ali
ty
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
16
Different Perspective…….
Business
Confiden9alityIntegrityAvailability
AvailabilityIntegrity
Confiden9ality
Power Grid
IntegrityConfiden9alityAvailability
Smart Grid
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
17
Security of Power Grid/Smart Grid
• Opera9onal Security• Physical Security• Cyber Security
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
18
Operational Security
• THE DEGREE OF RISKPOWER SYSTEM’S ABILITY TO SURVIVE DISTURBANCES
(CONTINGENCIES) WITHOUT INTERRUPTION.
• Robustness of the system to disturbances.
• Depends on the system opera9ng condi9on• Depends on the con9ngent probability of disturbances.
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
19
Ensuring Operational Security• Real 9me monitoring of transmission line flows -‐ they arenot overloaded.
• Con9ngency analysis – a “What if analysis” of gridsitua9ons – ensuring that system is secure .
• Correc9ve preventa9ve ac9on -‐ so that if con9ngenciesoccur -‐ do not create a system breakdown.
• The con9ngency analysis is repeated periodically.• Load and genera9on balance -‐ frequency stability – keepit between permissible band (49.7 – 50.2 Hz)
• Inter regional transfers monitoring.• Monitoring status of all -‐ any mal-‐func9on the operatoris alerted through alarms.
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
20
Synchrophasor technology…• use monitoring devices called phasor measurement units(PMUs) using GPS
• measures the instantaneous voltage, current, and frequencyat specific loca9ons in an electric power transmission system(or grid)
• Has high sampling rate 20 or more 9mes per electrical cyclewhich is 1200 or more 9mes per second.
• converts the measured parameters into phasor values,typically 25 or more values per second.
• adds a precise 9me stamp using GPS to these phasor valuesturning them into synchrophasors.
• The resul9ng high speed data• Enables transmission grid operators to have a high resolu9on “picure”of condi9ons throught the grid.( Situa9onal Awareness)
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
21
WideAreaMonitoring -‐ Synchrophasors
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
22
Enhanced Situa9onal Awareness to Monitor Health of the Grid
Grid Stress Phase Angular Separa9on
Grid Robustness Damping Status and Trend(s)
Oscilla9ons Sustained Low Frequency oscilla9on
Frequency Instability Frequency Varia9on Across
Interconnec9on
Voltage Stability Low Voltage Zones / Voltage Sensi9vi9es
Angular Stability Power-‐angle Sensi9vi9es, stability
Margin (s) “How far from the threshold value?”
National LevelWAMSProject
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
23
Locations of PMUs as on date
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
24
By the end of 2013:-‐Total PMUs -‐ 56 Nos.
Data from all PMUs willbe available at NLDCPDC.
NR -‐ 13 NosWR -‐ 13 NosER -‐ 12 NosSR -‐ 10 NosNER – 08 Nos
In addi9on to above 5PMUs will be availablefrom demo project
PMUs for Grid Security…
• The benefit of visualisa9on through PMU duringthe recent storm was amazing .
• The PMU at Talcher in Orissa was giving clear signals ofevery auto restart of Talcher Kolar HVDC , in themidnight of 12 /13 Oct 13 as the storm was passingthrough the Ganjam district of Orissa.
• Even every AC line tripping was visible at NLDC .• All India load had fallen by nearly15000 MW , Orissa loadhad come down to almost negligible level of a fewhundred MW.
• Integrity of the Orissa Grid with rest of the Grid wasmaintained -‐ Situa9onal awareness maintained by PMU.
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
25
New tools – increased visibility
• The PMU in power grid and advance meteringinfrastructure in smart grid -‐ provide “MRI”capability compared to the “x-‐ray” qualityavailable from SCADA technology.
• Significantly increased situa9onal awareness -‐fine-‐grained command and control.
• Digital informa9on technology allows closeinterac9on of the transmission and distribu9ongrid.
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
26
GridOperator’s Security VisulizationTools……
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
27
The Biggest Myth!!
● “We are secure because we are isolated from the Internet and other networks”.
● After Stuxnet in Iran .... ● Myth gone haywire….
● Its only a matter of time!! – Social Engineering => Sneakernet
– Cyber breach will not effect us as we are not controlling from remote.
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
28
• TODAY’S ELECTRIC UTILITY…..• relies increasingly on digital electronic devices andcommunica9ons for• to op9mize system opera9on• and increase reliability,
• More automa9on and two way communica9on means –• Increased cyber adack vector• Inccreased adck surface
• Cybersecurity remains a constant challenge.
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
29
Cyber Security a constant challenge…
What is at Risk? [Excluding Damages due to Physical Access]
● Thumb Rule: Any thing / process to which data can be written to either through Software or Manually by User / Administrator.
● Possible Targets: – Relay Configurations – Control System Settings – Changing of control parameters,
limiting values – Erasing complete data from SCADA servers. – Freezing values of critical line loadings. – Denial of Service (communication to control room)
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
30
• Eletrical grid is fundamentally designed with security byobscurity and isola9on.
• Protocols – without in built security.• Physical Security was the paramount concern.• Integra9on of electric and informa9on infrastructure -‐
• Increased adack vector and adack surface• More automa9on – more vulnerabili9es.
• Vulnerability weaponiza9on -‐ The vulnerability armsrace —total disclosures in 2012 increased 19 percentfrom 2011
• Mobile vulnerabili9es• Web applica9ons remain vulnerable
• Mature technologies, con9nued risk
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
31
Many challenges….
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
32
Understanding Security Exposures…
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
33
GAP…
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
34
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
35
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
36
Physical Security…
• Power grid and Smart grid are cri9cal infrastructure of theNa9on.
• Infrastructure is wide spread.• Almost impossible to guard each and every point.• Synchronised coordinated opera9on
• Damage to one part may cause cascade damage.
• Control centers are strategic loca9ons.• Any risk to them may enganger thewhole infrastrucuture.• Any uninten9onal mal-‐opera9on may render infrastructure in astate of grave danger.
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
37
Physical Security Risks…..
• Risk impact is very high.
• Capturing of premise.• Capturing control of control room.• Damages to cri9cal equipment.
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
38
Mitigation…..
• Backup control centers.• Defense in depth strategy.• Security Guard/CCTV/Access Control.• Zoning of premises• Secuirty Mock Drills.• Close cordina9on with local security authori9es.• Vigilant Staff.• Security audit and cer9ficaion.
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
39
Cyber-‐Physical Approach to SmartGrid Security• Physical systems operated are monitored, coordinated,controlled by a compu9ng and communica9on core.
• Compu9ng and communica9on capabili9es will soon beembedded in all types of objects and structures in the physicalenvironment.
• Smart grid will have more and more such embedded objects.• Protec9ng cri9cal infrastructure is vital to the health of aneconomy;
• one such infrastructure, the electric power transmission grid,forms one of the largest complex nterconnected networksever built.
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
40
• Tight coupling between ICT and physical system introducesnew security concerns and requires a rethinking to commonsecurity approach.
• The smart grid will reach every house and building, givingpoten9al adackers easy access to some of the gridcomponents.
• A coordinated assessment of cyber and physical risks keepingthe whole grid security goals in mind is needed.
• Bringing together cyber security and system theory is neededto address the security requirements.• Cyber adacks can cause disrup9ons that transcend the cyberrealm and affect the physical world –Stuxnet.
• Physical adacks can affect the cyber system -‐ integrity of a metercan be compromised by using a shunt to bypass it
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
41
Security of Cyber-‐Physical System
Challenges to Power/Smart gridsecurity• Con9nuous availability demand.• Time-‐cri9cality.• Constrained computa9onal resources on edgedevices
• Large physical base.• Wide interface between digital and analogsignals.
• Social acceptance including cost effec9veness.• User reluctance to change.• Legacy issues
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
43
Facts
• Smart Grid security is not a revolu3onary concept, it isevolu3onary.
• Should not pursue it as if it is a target to achieve but,rather, as a journey.
• Industry, government and academia coming together onpolicy innova3on and standards development.
• Universi3es and R&D organiza3ons collabora3on forinven3ng technologies.
• Power grid and Smart grid is an corodinated effort. Anydeficiency may give access to hackers..
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
44
Facts
• Security is complex• Security is a process and not a single product• Security Solu9ons should be open to third partyvendors
• Compliance approach should be the preferedmethod and star9ng point
• Security needs experienced security exper9se
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
45
References…..• Cyber–Physical Security of a Smart Grid Infrastructure -‐ By Yilin Mo, Tiffany
Hyun-‐Jin Kim, Kenneth Brancik, Dona Dickinson, Heejo Lee, Adrian Perrig, and BrunoSinopoli.
• Smart Grid Security Issue – IEEE ecurity and Privacy, Januaer/Ferbuary 2010.
• Introduc7on SCADA Security for Managers and Operators -‐ September 28, 29,2006 – Idaho Na3onal Laboratory.
• Why is the Smart Grid is Target -‐ 3o June 2012 -‐ Symantec
• Risk Management Framework for the Power Grid Cyber-‐Physical Security -‐Riadh W. Y. Habash1*, Voicu Groza1 and Kevin Burr, -‐ School of Electrical Engineeringand Computer Science, University of O_awa, O_awa, Ontario, Canada. Kylowave Inc.,O_awa, Ontario, Canada.
• A Taxonomy of Cyber Abacks on SCADA Systems -‐ Bonnie Zhu, Anthony Joseph,Shankar Sastry, Department of Electrical Engineering and Computer Sciences, Universityof California at Berkeley, CA
• Desi Smart Grid Portal www.desismartgrid.com• Website www.powergridindia.com of Power Grid Corpora9on of India• hdps://apps.powergridindia.com/smartgrid/smartgrid video.aspx
8thNov
2013
SecurityCh
allenges
toPo
wer
Gridand
SmartG
ridInfrastructure
46