Upload
jazeelkt
View
3.142
Download
1
Embed Size (px)
DESCRIPTION
Discusses the security vulnerabilities associated with Smart Power Grid
Citation preview
Free Powerpoint TemplatesPage 1
Free Powerpoint Templates
CYBER SECURITY OF SMART GRID
JAZEEL K T7821
E7
Free Powerpoint TemplatesPage 2
CONTENTS
• Introduction• What is a smart grid?• Power grid automation• Classification of cyber attacks• Consequences of cyber attacks• Security requirements of a Smart Grid• Integrated Security Framework• Conclusion
Free Powerpoint TemplatesPage 3
Introduction
Nations across the world face the challenge of increasing power production while reducing the carbon footprint.They need to minimize power loss and downtime, harness alternative power sources, and so on.
The numerous challenges facing them have one solution – smart grids.
While smart grids bring improvements in cost and performance, the security of the power grids becomes more complex and risky, calling for a comprehensive and integrated solution
Free Powerpoint TemplatesPage 4
Current electric grid
TransmissionGeneration CustomersDistribution
Free Powerpoint TemplatesPage 5
What is a smart grid?
A digital upgrade to the existing electric grid technology that has been quite the same for over 100 years.
Integration of electrical infrastructure with information infrastructure.
Identified as a bigger opportunity than the internet itself.
Various points of power generation communicate with each other and use the shared information to make intelligent decisions.
Free Powerpoint TemplatesPage 6
Smart Grid: An overview
Enterprise Systems
Web ApplicationsControl Systems
Protection Systems
Information Infrastructure Electrical Infrastructure
AMIDSMOMSGIS
Smart Grid Technology
Cyber Secure
Free Powerpoint TemplatesPage 7
Smart Grid: An overview
Free Powerpoint TemplatesPage 8
Communication Switch / Communication ProcessorCommunication Switch / Communication Processor
Transmission/Distribution ApplicationsTransmission/Distribution Applications Operator training simulatorOperator training simulator
Information Model ManagerInformation Model ManagerCommunication front endCommunication front end ICCP ServerICCP Server
User interfaceUser interface HistoricalHistorical HMIHMIDashboardDashboard
MetersMeters Wired I/OsWired I/OsProtective Relays
Protective Relays Wired I/OsWired I/Os IEDsIEDs
RTU/PLC/Protocol GatewayRTU/PLC/Protocol Gateway HMIHMILog ServerLog ServerI/OsI/Os
SCADA/EMS CONTROL CENTRE
Field Devices
Other control centers
Other control centers
Other control centers
Other control centers
Other substations
Other substations
PlanningPlanning AccountingAccountingAsset management
Asset management EngineeringEngineering
CORPORATE
SUBSTATION
Power Grid Automation
POWER GRID AUTOMATION SYSTEM
Free Powerpoint TemplatesPage 9
Cyber Security of Smart Grid
Traditionally, power grid automation systems have been physically isolated from the corporate network.
This has been changing, perhaps due to the cost effectiveness of utilizing public networks.
Using public networks considerably increases the vulnerability of power grids to cyber attacks by increasing the exposure surface of these networks.
Free Powerpoint TemplatesPage 10
Classification of cyber attacks
Free Powerpoint TemplatesPage 11
Component-wise attack
Send e-mail with malware
InternetInternet
Admin
Acct
Slave Database
Operator
Operator
MasterDB
RTU
Opens Email with Malware
Admin
1. Hacker sends an e-mail with malware
2. E-mail recipient opens the e-mail and the malware gets installed quietly
3. Using the information that malware gets, hacker is able to take control of the e-mail recipient’s PC!
4. Hacker performs an ARP (Address Resolution Protocol) Scan
5. Once the Slave Database is found, hacker sends an SQL EXEC command
6. Performs another ARP Scan
7. Takes control of RTU
PerformARP Scan
SQLEXEC
PerformARP Scan
Takes C
ontrol o
f RTU
Free Powerpoint TemplatesPage 12
Consequences of cyber attacks
Free Powerpoint TemplatesPage 13
Consequences of cyber attacks
Free Powerpoint TemplatesPage 14
Consequences of cyber attacks
Free Powerpoint TemplatesPage 15
Security Requirements
Many cyber security solutions exist to protect IT networks and to reduce their vulnerability to attacks.
These IT-based cyber security solutions come short of providing the same level of security at the control and automation levels.
Power automation systems and applications were not originally designed for the general IT environment.
Free Powerpoint TemplatesPage 16
IT Networks and Smart Grid
A comparison of security requirements
Free Powerpoint TemplatesPage 17
Security Objective
IT Networks• Main security objective is
data, in terms of;– Data integrity– Data confidentiality– Data availability
Smart Grid• First priority is always
human safety• Second priority is to
ensure that the system runs under normal operating conditions.
• Third priority is the protection of equipment and power lines.
Free Powerpoint TemplatesPage 18
Security Architecture
IT Networks• Data server resides at the
centre and access points, used by the end users, at the edge.
• Data server requires more protection than the edge nodes
Smart Grid• EMS/SCADA at the centre,
RTU/PLCs at the edge.• Usually only devices
controlled by RTU/PLCs can do direct damage to humans, equipments and power lines.
• Edge nodes need the same level of protection as the central devices.
Free Powerpoint TemplatesPage 19
Technology Base
IT Networks• Use common OS
(Windows, Linux, Unix) and common networks (Ethernet).
• Communication protocols common, IP-based.
• Common security solutions can be designed based on these common architectures.
Smart Grid• Different system vendors
use proprietary OS and network protocols.
• Communication protocols different.
• Difficult to develop common host-based or network-based security solutions.
Free Powerpoint TemplatesPage 20
Quality of Service Requirements
IT Networks• Tolerances for delay of
data exchange, and occasional failures are not as strict as power grid automation network.
• Simply rebooting a computer or application is a common solution in the case of failures.
Smart Grid
• Rebooting is not acceptable in many control applications in power grid systems.
Free Powerpoint TemplatesPage 21
Integrated Security Framework
A novel framework of security solution for smart grid
Free Powerpoint TemplatesPage 22
Design Principles
Three layers: Power Automation & Control Security
Provides clear demarcation of control and security functionalities.
Scalability: security performance remain unabated with increase in load and system volume.
Extendibility: able to handle any future state of power grid. Can be integrated into the existing, legacy systems in a
non-intrusive fashion.
Free Powerpoint TemplatesPage 23
Components
SECURITY AGENTS Bring security to the edges of the system. Firmware or software Less intelligent at lower levels, more at higher levels Functions:
• To translate between different protocols.• To acquire and run the latest vulnerability patches from its security
manager.• To collect data traffic pattern, system log data and report to the
security manager.• To analyze traffic and access patterns with varying complexity
depending on the hierarchical layer.
Free Powerpoint TemplatesPage 24
Components
• To run host-based intrusion detection.• To detect and send alarm messages to the security manager and
designated devices, such as HMI.• To acquire access control policies from the security manager and
enforce them.• To encrypt and decrypt exchanged data
MANAGED SECURITY SWITCH To protect bandwidth and prioritize data. Work as network devices and connect controllers, RTUs,
HMIs, and servers in the substation and control center.
Free Powerpoint TemplatesPage 25
Components
Functions of Managed Security Switch• To separate external and internal networks, hide the internal
networks.• To run as a DHCP (Dynamic Host Configuration Protocol) server.• To acquire bandwidth allocation pattern and data prioritization
pattern from the security manager.• To separate data according to prioritization pattern, such as
operation data, log data, trace data and engineering data.• To provide QoS for important data flow, such as operation data,
guaranteeing its bandwidth, delay.• To manage multiple VLANs (Virtual Local Area Network).• To run simple network-based intrusion detection
Free Powerpoint TemplatesPage 26
Components
SECURITY MANAGER Connect directly or indirectly to managed security
switches. Functions:
• To collect security agent information.• To acquire vulnerability patches from a vendor’s server and
download them to the corresponding agents.• To manage keys for VPN.• To work as an AAA (Authentication, Authorization and Accounting)
server, validating user identifications and passwords, authorizing user access right (monitor, modify data), and recoding what a user has done to controllers.
Free Powerpoint TemplatesPage 27
Components
• To collect data traffic pattern and performance matrix from agents and switches.
• To collect and manage alarms/events from agents, switches.• To generate access control policies based on collected data and
download to agents.• To run complex intrusion detection algorithms at automation
network levels.• To generate bandwidth allocation pattern and data prioritization
pattern and download them to managed switches.
Security manager sits in the center of the power grid automation network, managing what and how security functions are performed by security agents and QoS functions performed by the managed security switch.
Free Powerpoint TemplatesPage 28
Intrusion Detection System
Anomaly based Intrusion Detection System (IDS) is used. Sound alarms when observed behavior is outside baseline
parameters. Performed at three levels:
• Security agent performs intrusion detection based on the CPU and memory utilization of the protected device (such as RTU/PLC), scan time, protocol pattern, communication partners, etc.
• Managed security switch performs intrusion detection function based on the delay of data packet, the allocated bandwidth profile, protocol pattern, etc.
• Security manager performs intrusion detection at the highest level, by monitoring power grid system and its automation system state.
Free Powerpoint TemplatesPage 29
Conclusion
It is misleading to suggest that IT people take the full responsibility for power grid network security including automation and control networks.
Compared with regular IT systems, power automation systems have definite different goals, objectives and assumptions concerning what needs to be protected.
It is necessary to embrace and use existing IT security solutions where they fit, such as communication within a control center, and develop unique solutions to fill the gaps where IT solutions do not work or apply.
Free Powerpoint TemplatesPage 30
References
Dong Wei; Yan Lu; Jafari, M.; Skare, P.; Rohde, K.; , "An integrated security system of protecting Smart Grid against cyber attacks," Innovative Smart Grid Technologies (ISGT), 2010 , vol., no., pp.1-7, 19-21 Jan. 2010.
Ericsson, G.N., "On requirements specifications for a power system communications system," Power Delivery, IEEE Transactions on,vol.20, no.2, pp. 1357-1362, April 2005.
Anthony R. Metke and Randy L. Ekl, “Security Technology for Smart Grid Networks”, Smart Grid, IEEE Transactions on, vol. 1, no. 1, June 2010
Amin, M., "Energy Infrastructure Defense Systems," Proceedings of the IEEE, vol.93, no.5, pp.861-875, May 2005.
http://www.net-security.org/secworld.php?id=8830
Free Powerpoint TemplatesPage 31
Free Powerpoint Templates
THANK YOU
Free Powerpoint TemplatesPage 32
Questions