Cyber Physical System Security
|
|
- Scott Johnson
- 6 years ago
- Views:
Transcription
1 S2ERC Industry Outreach Workshop Cyber Physical System Security Manimaran Govindarasu Dept. of Electrical and Computer Engineering Iowa State University
2 Outline Background CPS Security Research CPS Security Testbed Conclusion 2
3 Smart Grid: A Cyber-Physical System Source: NIST Framework and Roadmap for Smart Grid Interoperability Standards, Release 2.0, February
4 SCADA Control Network 4
5 Cyber Threats Critical Infrastructures Cyber-Based Attacks Protocol Attacks Network Infr. Attacks Intrusions Malware Denial of Service (DoS) Insider Threats [General Accounting Office, CIP Reports, 2004 to 2010]; [NSA Perfect Citizen, 2010]: Recognizes that critical infrastructures are vulnerable to cyber attacks from numerous sources, including hostile governments, terrorist groups, disgruntled employees, and other malicious intruders. 5
6 Stuxnet malware (July 2010) Possible Attack Path Initial Delivery (via USB) Corporate LAN infected Reporting to attack control server Connect to substations Deliver attack payload to PLC Affect Uranium enrichment Target Industrial control systems Modifies code on PLCs in Uranium enrichment facilities Alters the speed of centrifuges used for Uranium enrichment Lessons Learned Took 1 year to discover > 100,000 machines infected Professionally written code Infected PLCs appear to function normally Future Requirements Active network monitoring Behavior and reputation based access control lists Anomaly detection Insider threat mitigation 6
7 Cyber Vulnerabilities (trend) In fiscal year 2012, 198 cyber incidents reported. Energy sector attacks 41% of the total incidents. Source: 7
8 Attacks-Cyber-Control-Physical 8
9 Smart Grid Security = Info + Infra + Appln. Security Information Security Infrastructure Security Applications Security N E E D S Information Protection Confidentiality Integrity Availability Authentication Non-repudiation Infrastructure protection Routers DNS servers Links Internet protocols Service availability Generation Control Transmission Control Distribution Automation Sys. Monitoring & Protection Real-Time Energy Markets Energy Management System M E A N S Encryption/Decryption Digital signature Message Auth.Codes Public Key Infrastructure Firewalls IDS/IPS Authentication Protocols Secure Protocols Secure Servers IPSEC, DNSSEC Attack-Resilient WAMPAC Model-based Algorithms - Anomaly detection - Intrusion Tolerance Risk modeling and mitigation Secure EMS and automations Transform: Fault-Resilient Grid of today TO Attack-Resilient of Grid of future 9
10 Risk modeling and mitigation Mitigation of Coordinated Attacks Offline: Risk Modeling and Mitigation Online: Alert Correlation and Mitigation Approach 1: Risk Modeling and Mitigation Cyber System Definition (Topology, Security) Attack Template Power System Definition (Control, Protection) Cyber System Modeling (Petri Nets) Power System Modeling (DIgSILENT, PSSE) Attack Probability risk Impact if risk > threshold E.g. - Modify settings, Add security Offline Mitigation E.g. - Increase transmission capacity 10
11 Risk = Threat x Vulnerability x Impacts Attacker can control: Space: where to attack? Time: when to attack? Evaluating g Impact Estimation Coordinated Attack Groups- Gen + Gen Gen + Trans Trans + Trans Optimal power flow simulation g = load shedding for OPF solution Results g = 363 MW g = 163 MW g = 110 MW NSF Project: M. Govindarasu (ISU) & C.C. Liu (WSU) 11
12 WAMPAC A high level view Power system Plant PMU Sensors Relays Protection elements Actuators VAR control elements (SVC,FACTS) Wide Area Network Cyber attack points Delay WAMPAC Control Center EMS applications (SE, AGC), Protection Schemes, Alarms Controller 12
13 Cyber-Physical Control in Power Grid S. Sridhar, A. Hahn, and M. Govindarasu, CPS Security for Power Grid, Proc. IEEE, Jan
14 Control Systems Attack Model Generic Control System Model Types of Attacks Control Center Data integrity Analyses & Computation Replay Denial of service Remote/Local Control u i (t) y i (t) Data Acquisition De-synchronization and timing-based Actuators Machine/ Device Sensors Physical System Yu-Hu. Huang, Alvaro A. Cardenas, S. Amin, S-Z. Lin, H-Y. Tsai, and S. Sastry, Understanding the Physical and Economic Consequences of Attacks on Control Systems, International Journal of Critical Infrastructure Protection, 2(3):72-83, October
15 Automatic Generation Control (AGC) AGC Features Maintains frequency at 60 Hz Supply = Demand Maintain power exchange at scheduled value Ensures economic generation Figure from NERC Technical Document: Balancing and Frequency Control, Jan
16 Balancing Authorities in the U.S. Source: NERC 16
17 Why need CPS Security Testbed Vulnerability Research Impact Analysis Mitigation Research Cyber-Physical Metrics Data and Model Development Security Validation Interoperability Cyber Forensics Operator Training 17
18 PowerCyber CPS SecurityTestbed EMS, SAS, RTUs, IEDs Routing infrastructure, Network protocols, Routers, Firewalls Defenses Information/Control Layer Communication Layer Cyber attacks Power System Simulators (RTDS, Power factory) Physical Layer Aditya Ashok, Adam Hahn, and Manimaran Govindarasu, A cyber-physical security testbed for smart grid: system architecture and studies, Proceedings of the Cyber Security and Information Intelligence Research (CSIIRW '11). 18
19 ISU PowerCyber Testbed - Configuration 19
20 ISU PowerCyber Testbed: Panoramic view 20
21 Vulnerability Assessment results 21
22 CPS Testbed Federation Architecture USC/ISI DETER Testbed ISU PowerCyber Testbed Visualization 22
23 Cyber Attack-Defense Visualization 23
24 Research Challenges/Opportunities Security and Resiliency Fundamental paradigm to transform fault-resilient grid of today into an attack-resilient grid of the future taking into account both natural and man-made extreme events. Pragmatic risk modeling and mitigation framework accounting evolving, uncertain nature of threats (APTs and HILFs), cyber-physical interdependencies, and cascading failures. Security architectures and algorithms to achieve security, privacy, and resiliency in wide-area monitoring, protection, and control of the power grid. Federated CPS Infrastructures & Testbeds Development of a national-scale high-fidelity, federated CPS testbed with remote and open access to accelerate the pace of innovation, R&D, education, and workforce development CPS Cloud architecture, algorithms, and services for resource allocation and control of federated resources to support large-scale, high-fidelity CPS experimentations A open and shared experimental infrastructure for cross cutting CPS sectors (e.g., power system, oil and natural gas, transportation) 24
25 CONCLUSIONS Cyber security of critical infrastructures is important for national security and economic well-being CPS Security = Info Sec + Infra Sec + Application Security Defense against HILF events (e.g., stealth coordinated cyber attack) Risk Assessment and Mitigation should be a continuous process Attack-Resiliency needs to be built into CPS systems Tesbed-baseds are important for security R&D&E Transform: Fault-Resilient CPS systems Attack-Resilient CPS systems Industry-University Collaboration & International Collaboration needed 25
26 THANK YOU Acknowledgements Funding: U.S. National Science Foundation (NSF) U.S. NSF IU/CRC Power Engr. Research Center (PSERC) Iowa State Univ., Electric Power Research Center (EPRC) Researchers: Collaborators: Prof. Chen-Ching Liu, Washington State University (WSU) Prof. Doug Jacobson & Venkat Ajjarapu, Iowa State University (ISU) Terry Benzel, USC/ISI Dr. Adam Hahn, MITRE; Dr. C. W. Ten, Michigan Tech. Students: S. Sridhar, Aditya Ashok (ISU) Junho Hong (WSU), Alexandru Ștefanov (UC Dublin) Professional: IEEE PES - PSACE CAMS Cyber Security Task Force 26
Cyber Security of Power Grids
Cyber Security of Power Grids Chen-Ching Liu Boeing Distinguished Professor Director, Energy Systems Innovation Center Washington State University In Collaboration with M. Govindarasu, Iowa State University
More informationThe Path to a Secure and Resilient Power Grid Infrastructure
The Path to a Secure and Resilient Power Grid Infrastructure Bill Sanders University of Illinois at Urbana-Champaign www.tcipg.org whs@illinois.edu 1 Power Grid Trust Dynamics Span Two Interdependent Infrastructures
More informationCyber Security of Industrial Control Systems (ICSs)
Cyber Security of Industrial Control Systems (ICSs) February 23, 2016 Joe Weiss PE, CISM, CRISC, ISA Fellow Managing Partner Applied Control Solutions, LLC (408) 253-7934 joe.weiss@realtimeacs.com Applied
More informationCybersecurity Test and Evaluation Facilities at Texas A&M
Cybersecurity Test and Evaluation Facilities at Texas A&M Dr. Karen L. Butler-Purry, Bo Chen Department of Electrical and Computer Engineering Nishant Pattanaik Department of Computer Science Dr. Ana Goulart
More informationSecuring the Smart Grid. Understanding the BIG Picture 11/1/2011. Proprietary Information of Corporate Risk Solutions, Inc. 1.
Securing the Smart Grid Understanding the BIG Picture The Power Grid The electric power system is the most capital-intensive infrastructure in North America. The system is undergoing tremendous change
More informationCYBERBIT P r o t e c t i n g a n e w D i m e n s i o n
CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n CYBETBIT in a Nutshell A leader in the development and integration of Cyber Security Solutions A main provider of Cyber Security solutions for the
More informationCyber-Physical System Security of the Power Grid Chen-Ching Liu American Electric Power Professor Director, Power and Energy Center Virginia Tech
Cyber-Physical System Security of the Power Grid Chen-Ching Liu American Electric Power Professor Director, Power and Energy Center Virginia Tech Sponsored by U.S. National Science Foundation and Science
More informationSmart Grid Security Illinois
Smart Grid Security Efforts @ Illinois TCIPG: Trustworthy Cyber Infrastructure for the Power Grid Drive the design of an resilient cyber infrastructure electric power which operates through attacks $18.8
More informationEPRI Research Overview IT/Security Focus. Power Delivery & Energy Utilization Sector From Generator Bus Bar to End Use
EPRI Research Overview IT/Security Focus November 29, 2012 Mark McGranaghan VP, Power Delivery and Utilization Power Delivery & Energy Utilization Sector From Generator Bus Bar to End Use Transmission
More informationCIP-014. JEA Compliance Approach. FRCC Fall Compliance Workshop Presenter Daniel Mishra
CIP-014 JEA Compliance Approach FRCC Fall Compliance Workshop Presenter Daniel Mishra Acronyms & Terminologies DHS Department of Homeland Security JEA It s not an acronym JSO Jacksonville Sheriff's Office
More informationSecuring Industrial Control Systems
L OCKHEED MARTIN Whitepaper Securing Industrial Control Systems The Basics Abstract Critical infrastructure industries such as electrical power, oil and gas, chemical, and transportation face a daunting
More informationIndustrial Security - Protecting productivity. Industrial Security in Pharmaanlagen
- Protecting productivity Industrial Security in Pharmaanlagen siemens.com/industrialsecurity Security Trends Globally we are seeing more network connections than ever before Trends Impacting Security
More informationIowa State University
Iowa State University Cyber Security Smart Grid Testbed Senior Design, Final Report Dec 13-11 Derek Reiser Jared Pixley Rick Sutton Faculty Advisor: Professor Manimaran Govindarasu 1 Table of Contents
More informationFailure Diagnosis and Cyber Intrusion Detection in Transmission Protection System Assets Using Synchrophasor Data
Failure Diagnosis and Cyber Intrusion Detection in Transmission Protection System Assets Using Synchrophasor Data Anurag Srivastava, Bo Cui, P. Banerjee Washington State University NASPI March 2017 Outline
More informationChapter X Security Performance Metrics
Chapter X Security Performance Metrics Page 1 of 10 Chapter X Security Performance Metrics Background For many years now, NERC and the electricity industry have taken actions to address cyber and physical
More informationPowerCyber: CPS Security Testbed for Power Grid
Learn invent impact PowerCyber: CPS Security Testbed for Power Grid REMOTE ACCESS INTERFACE USER GUIDE Version 1.0 Funded jointly by: NSF Award #CNS 1446831 Compiled by: Sujatha K Swamy, Graduate Research
More informationDmitry Ishchenko/Reynaldo Nuqui/Steve Kunsman, September 21, 2016 Collaborative Defense of Transmission and Distribution Protection & Control Devices
Dmitry Ishchenko/Reynaldo Nuqui/Steve Kunsman, September 21, 2016 Collaborative Defense of Transmission and Distribution Protection & Control Devices Against Cyber Attacks (CODEF) Cyber Security of the
More informationTABLE OF CONTENTS. Section Description Page
GPA Cybersecurity TABLE OF CONTENTS Section Description Page 1. Cybersecurity... 1 2. Standards... 1 3. Guides... 2 4. Minimum Hardware/Software Requirements For Secure Network Services... 3 4.1. High-Level
More informationAUTOMATED SECURITY ASSESSMENT AND MANAGEMENT OF THE ELECTRIC POWER GRID
AUTOMATED SECURITY ASSESSMENT AND MANAGEMENT OF THE ELECTRIC POWER GRID Sherif Abdelwahed Department of Electrical and Computer Engineering Mississippi State University Autonomic Security Management Modern
More informationIntroducing Cyber Resiliency Concerns Into Engineering Education
Introducing Cyber Resiliency Concerns Into Engineering Education Mr. Tom McDermott Georgia Tech Research Institute Mr. Barry Horowitz University of Virginia NDIA 20 th Annual Systems Engineering Conference
More informationResilient Smart Grids
Resilient Smart Grids André Teixeira Kaveh Paridari, Henrik Sandberg KTH Royal Institute of Technology, Sweden SPARKS 2nd Stakeholder Workshop Cork, Ireland March 25th, 2015 Legacy Distribution Grids Main
More informationThe NIST Cybersecurity Framework
The NIST Cybersecurity Framework U.S. German Standards Panel 2018 April 10, 2018 Adam.Sedgewick@nist.gov National Institute of Standards and Technology About NIST Agency of U.S. Department of Commerce
More informationSEGRID storyline. Workshop SEGRID November 14 th, 2016, Barcelona, Spain
Workshop SEGRID November 14 th, 2016, Barcelona, Spain SEGRID storyline This project has received funding from the European Union s Seventh Framework Programme for research, technological development and
More informationA Virtual Environment for Industrial Control Systems: A Nonlinear Use-Case in Attack Detection, Identification, and Response
ACSAC ICSS 2018 A Virtual Environment for Industrial Control Systems: A Nonlinear Use-Case in Attack Detection, Identification, and Response Andrés F. Murillo Joint work with Luis F. Cómbita, Andrea Calderón,
More informationChapter X Security Performance Metrics
Chapter X Security Performance Metrics Page 1 of 9 Chapter X Security Performance Metrics Background For the past two years, the State of Reliability report has included a chapter for security performance
More informationSummary of Cyber Security Issues in the Electric Power Sector
Summary of Cyber Security Issues in the Electric Power Sector Jeff Dagle, PE Chief Electrical Engineer Energy Technology Development Group Pacific Northwest National Laboratory (509) 375-3629 jeff.dagle@pnl.gov
More informationPROTECTING MANUFACTURING and UTILITIES Industrial Control Systems
PROTECTING MANUFACTURING and UTILITIES Industrial Control Systems Mati Epstein Global Sales Lead, Critical Infrastructure and ICS [Internal Use] for Check Point employees 1 Industrial Control Systems (ICS)/SCADA
More informationCyber Security for Renewable Energy Systems
Cyber Security for Renewable Energy Systems Asia Pacific Clean Energy Summit August 31, 2010 Juan J. Torres Manager, Energy Systems Analysis Sandia National Laboratories jjtorre@sandia.gov Sandia is a
More informationWhy you should adopt the NIST Cybersecurity Framework
Why you should adopt the NIST Cybersecurity Framework It s important to note that the Framework casts the discussion of cybersecurity in the vocabulary of risk management Stating it in terms Executive
More informationCyber Security and Privacy Issues in Smart Grids
Cyber Security and Privacy Issues in Smart Grids Acknowledgement: Slides by Hongwei Li from Univ. of Waterloo References Main Reference Liu, J. and Xiao, Y. and Li, S. and Liang, W. and Chen, C. Cyber
More informationCyber-Physical System Security of the Power Grid
Cyber-Physical System Security of the Power Grid Chen-Ching Liu American Electric Power Professor Director, Center for Power and Energy Virginia Tech Sponsored by U.S. National Science Foundation and Science
More informationOpenWay by Itron Security Overview
Itron White Paper OpenWay by Itron OpenWay by Itron Security Overview Kip Gering / R. Eric Robinson Itron Marketing / Itron Engineering 2009, Itron Inc. All rights reserved. 1 Executive Summary 3 Intent
More informationChallenges and Opportunities in Cyber Physical System Research
Homeland Security Advanced Research Projects Agency Challenges and Opportunities in Cyber Physical System Research Dec 11, 2013 ACSAC Panel Dr. Dan Massey Program Manager Cyber Security Program Areas Trustworthy
More informationA Hybrid Communication Architecture for Internet of Things (IOT) Application in Smart Grid
A Hybrid Communication Architecture for Internet of Things (IOT) Application in Smart Grid Yijia Cao Hunan University, China 2014-10 10-21 OUTLINE 1 IOT Application in Smart Grid 2 3 Requirements for Communication
More informationAMI: Communications and Integration Options
AMI: Communications and Integration Options Vinod Namboodiri Wichita State University Additional Team Members: Ward Jewell, Visvakumar Aravinthan Wichita State University PSERC Future Grid Initiative Webinar
More informationOverview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013
Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 PPD-21: CI Security and Resilience On February 12, 2013, President Obama signed Presidential Policy Directive
More informationEvaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure
Evaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure March 2015 Pamela Curtis Dr. Nader Mehravari Katie Stewart Cyber Risk and Resilience Management Team CERT
More informationImproving SCADA System Security
Improving SCADA System Security NPCC 2004 General Meeting Robert W. Hoffman Manager, Cyber Security Research Department Infrastructure Assurance and Defense Systems National Security Division, INEEL September
More informationThe Virtual Power System Testbed (VPST) and Inter- Testbed Integration
The Virtual Power System Testbed (VPST) and Inter- Testbed Integration August 10, 2009 David Bergman Dong Jin Prof. David Nicol Tim Yardley (Presenter) University of Illinois at Urbana-Champaign www.iti.illinois.ed
More informationAn Overview of ISA-99 & Cyber Security for the Water or Wastewater Specialist
An Overview of ISA-99 & Cyber Security for the Water or Wastewater Specialist Standards Certification Education & Training Publishing Conferences & Exhibits Speakers: Bryan L. Singer, CISM, CISSP, CAP
More informationCPS security testbed federation: architectural design, implementation and evaluation
Graduate Theses and Dissertations Iowa State University Capstones, Theses and Dissertations 2015 CPS security testbed federation: architectural design, implementation and evaluation Anirudh Pullela Iowa
More informationStatement for the Record
Statement for the Record of Seán P. McGurk Director, Control Systems Security Program National Cyber Security Division National Protection and Programs Directorate Department of Homeland Security Before
More informationChapter X Security Performance Metrics
DRAFT February 19, 15 BES Security s Working Group Page 1 of 7 Chapter X Security Performance s 1 3 3 3 3 0 Background The State of Reliability 1 report noted that the NERC PAS was collaborating with the
More informationCourse overview. CompTIA Security+ Certification (Exam SY0-501) Study Guide (G635eng v107)
Overview This course is intended for those wishing to qualify with CompTIA Security+. CompTIA's Security+ Certification is a foundation-level certificate designed for IT administrators with 2 years' experience
More informationCisco Smart Grid. Powering End-to-End Communications. Annette Winston Sr. Mgr., Product Operations Customer Value Chain Management
Cisco Smart Grid Powering End-to-End Communications Annette Winston Sr. Mgr., Product Operations Customer Value Chain Management 21 October 2010 What is the Smart Grid? A digital superstructure which uses
More informationCyber Security Update. Bennett L. Gaines Senior Vice President, Corporate Services, CIO, FirstEnergy 2012 Summer Seminar August 5-7, 2012
Cyber Security Update Bennett L. Gaines Senior Vice President, Corporate Services, CIO, FirstEnergy 2012 Summer Seminar August 5-7, 2012 Agenda Timeline Regulatory / Compliance Environment Smart Grid Threats
More informationPanelists. Moderator: Dr. John H. Saunders, MITRE Corporation
SCADA/IOT Panel This panel will focus on innovative & emerging solutions and remaining challenges in the cybersecurity of industrial control systems ICS/SCADA. Representatives from government and infrastructure
More informationSecurity+ SY0-501 Study Guide Table of Contents
Security+ SY0-501 Study Guide Table of Contents Course Introduction Table of Contents About This Course About CompTIA Certifications Module 1 / Threats, Attacks, and Vulnerabilities Module 1 / Unit 1 Indicators
More informationExternal Supplier Control Obligations. Cyber Security
External Supplier Control Obligations Cyber Security Control Title Control Description Why this is important 1. Cyber Security Governance The Supplier must have cyber risk governance processes in place
More informationSmart Grid Standards and Certification
Smart Grid Standards and Certification June 27, 2012 Annabelle Lee Technical Executive Cyber Security alee@epri.com Current Environment 2 Current Grid Environment Legacy SCADA systems Limited cyber security
More informationSemantic Security Analysis of SCADA Networks to Detect Malicious Control Commands in Power Grids
Semantic Security Analysis of SCADA Networks to Detect Malicious Control Commands in Power Grids Hui Lin, Adam Slagell, Zbigniew Kalbarczyk, Peter W. Sauer, and Ravishankar K. Iyer Department of Electrical
More informationLESSONS LEARNED IN SMART GRID CYBER SECURITY
LESSONS LEARNED IN SMART GRID CYBER SECURITY Lynda McGhie CISSP, CISM, CGEIT Quanta Technology Executive Advisor Smart Grid Cyber Security and Critical Infrastructure Protection lmcghie@quanta-technology.com
More informationBird of a Feather Automated Responses
Bird of a Feather Automated Responses Energy-Sec Summit 2017 13 Th Security and Compliance www.inl.gov August 2017 INL s Position Nationally A network of 17 DOE national labs DOE s lead lab for nuclear
More informationSecurity Standards for Electric Market Participants
Security Standards for Electric Market Participants PURPOSE Wholesale electric grid operations are highly interdependent, and a failure of one part of the generation, transmission or grid management system
More informationSECURE SYSTEMS, NETWORKS AND DEVICES SAFEGUARDING CRITICAL INFRASTRUCTURE OPERATIONS
SECURE SYSTEMS, NETWORKS AND DEVICES SAFEGUARDING CRITICAL INFRASTRUCTURE OPERATIONS PROTECT YOUR DAILY OPERATIONS FROM BEING COMPROMISED In today s data-driven society, connectivity comes with a cost.
More informationThe GenCyber Program. By Chris Ralph
The GenCyber Program By Chris Ralph The Mission of GenCyber Provide a cybersecurity camp experience for students and teachers at the K-12 level. The primary goal of the program is to increase interest
More informationSmart Grid vs. The NERC CIP
Smart Grid vs. The NERC CIP Tobias Whitney, MBA GE Smart Grid Center of Excellence 1 First The Bottom Line Security & Privacy are paramount Smart Grid concerns of regulators and the public Currently every
More informationEvolution of Control for the Power Grid
Evolution of Control for the Power Grid Anjan Bose Washington State University Pullman, WA, USA PaiFest In Honor of Prof. M. A. Pai Urbana-Champaign, IL October 15, 2015 The Past (before 1960s) Hard
More informationSecuring the North American Electric Grid
SESSION ID: TECH-R02 Securing the North American Electric Grid Marcus H. Sachs, P.E. SVP and CSO North American Electric Reliability Corporation @MarcusSachs Critical Infrastructure s Common Denominator
More informationAn Intrusion Detection System for Critical Information Infrastructures Using Wireless Sensor Network Technologies
An Intrusion Detection System for Critical Information Infrastructures Using Wireless Sensor Network Technologies The Fifth international CRIS conference on Critical Infrastructures Beijing China, 20 September
More informationEnhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services
Enhancing infrastructure cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services European Union Agency for Network and Information Security Securing Europe s Information society 2
More informationComprehensive Cyber Security Features in SIPROTEC & SICAM. SIPROTEC Dag 11. Mei 2017
Comprehensive Cyber Security Features in SIPROTEC & SICAM SIPROTEC Dag 11. Mei 2017 siemens.tld/keyword Changes to Substation Automation and Protection over Time Evolving Threat Landscape (tomorrow today...)
More informationPREEMPTIVE PREventivE Methodology and Tools to protect utilities
PREEMPTIVE PREventivE Methodology and Tools to protect utilities 2014 2017 1 With the financial support of FP7 Seventh Framework Programme Grant agreement no: 607093 Preemptive goal The main goal of PREEMPTIVE
More informationEnergy Theft Identification in Smart Grid
Energy Theft Identification in Smart Grid K. Govinda, Rishav Shav and Surya Prakash Abstract Smart grid is a new generation of electrical grid communication with high management of power flow control,
More informationBridging The Gap Between Industry And Academia
Bridging The Gap Between Industry And Academia 14 th Annual Security & Compliance Summit Anaheim, CA Dilhan N Rodrigo Managing Director-Smart Grid Information Trust Institute/CREDC University of Illinois
More informationYou knew the job was dangerous when you took it! Defending against CS malware
You knew the job was dangerous when you took it! Defending against CS malware Presented By: Doug Cavit Microsoft Where PI geeks meet 9/23/2010 NERC HILF 6/10 Adequately addressing vulnerabilities will
More informationOUR VISION To be a global leader of computing research in identified areas that will bring positive impact to the lives of citizens and society.
Join the Innovation Qatar Computing Research Institute (QCRI) is a national research institute established in 2010 by Qatar Foundation for Education, Science and Community Development. As a primary constituent
More informationElectric Sector Security & Privacy Plans for 2011
Electric Sector Security & Privacy Plans for 2011 Galen Rasche Technical Executive Erfan Ibrahim Technical Executive Ad-Hoc Smart Grid Executive Committee 2011-Feb-10 Contents PDU Cyber Security R&D Portfolio
More informationSIEM: Five Requirements that Solve the Bigger Business Issues
SIEM: Five Requirements that Solve the Bigger Business Issues After more than a decade functioning in production environments, security information and event management (SIEM) solutions are now considered
More informationNIST Cybersecurity Testbed for Transportation Systems. CheeYee Tang Electronics Engineer National Institute of Standards and Technology
NIST Cybersecurity Testbed for Transportation Systems CheeYee Tang Electronics Engineer National Institute of Standards and Technology National Institute of Standards and Technology (NIST) About NIST NIST
More informationCybersecurity for the Electric Grid
Cybersecurity for the Electric Grid Electric System Regulation, CIP and the Evolution of Transition to a Secure State A presentation for the National Association of Regulatory Utility Commissioners March
More informationi-pcgrid WORKSHOP 2016 INTERACTIVE REMOTE ACCESS
i-pcgrid WORKSHOP 2016 INTERACTIVE REMOTE ACCESS siemens.com/ruggedcom INTERACTIVE REMOTE ACCESS INTELLIGENT ELECTRONIC DEVICES Intelligent Electronic Devices (IEDs) Devices that can provide real-time
More informationDesigning and Building a Cybersecurity Program
Designing and Building a Cybersecurity Program Based on the NIST Cybersecurity Framework (CSF) Larry Wilson lwilson@umassp.edu ISACA Breakfast Meeting January, 2016 Designing & Building a Cybersecurity
More informationB O N N E V I L L E A D M I N I S T R A T I O N B O N N E V I L L E P O W E R A D M I N I S T R A T I O N
B O N N E V I L L E A D M I N I S T R A T I O N B O N N E V I L L E P O W E R A D M I N I S T R A T I O N NERC Monitoring and Situational Awareness Conference Bonneville Power Administration Self-Monitoring:
More informationCCNA CCNA Security Official Cert Guide. Course Outline. CCNA Security Official Cert Guide.
Course Outline CCNA Security 210-260 Official Cert 23 Apr 2018 Contents 1. Course Objective 2. Pre-Assessment 3. Exercises, Quizzes, Flashcards & Glossary Number of Questions 4. Expert Instructor-Led Training
More informationCYBER RESILIENCE & INCIDENT RESPONSE
CYBER RESILIENCE & INCIDENT RESPONSE www.nccgroup.trust Introduction The threat landscape has changed dramatically over the last decade. Once the biggest threats came from opportunist attacks and preventable
More informationSmart Grid Task Force
Smart Grid Task Force Workshop meeting Mladen Kezunovic Texas A&M University it Coordinator PSerc Workshop August st10-13, 13 2009 Breckenridge CO Agenda 1:30-3:00pm PSerc Smart Grid Task Force PSerc Smart
More informationNW NATURAL CYBER SECURITY 2016.JUNE.16
NW NATURAL CYBER SECURITY 2016.JUNE.16 ADOPTED CYBER SECURITY FRAMEWORKS CYBER SECURITY TESTING SCADA TRANSPORT SECURITY AID AGREEMENTS CONCLUSION QUESTIONS ADOPTED CYBER SECURITY FRAMEWORKS THE FOLLOWING
More informationWhy Should You Care About Control System Cybersecurity. Tim Conway ICS.SANS.ORG
Why Should You Care About Control System Cybersecurity Tim Conway ICS.SANS.ORG Events Example #1 Dec 23, 2015 Cyber attacks impacting Ukrainian Power Grid Targeted, synchronized, & multi faceted Three
More informationIndustry role moving forward
Industry role moving forward Discussion with National Research Council, Workshop on the Resiliency of the Electric Power Delivery System in Response to Terrorism and Natural Disasters February 27-28, 2013
More informationISAO SO Product Outline
Draft Document Request For Comment ISAO SO 2016 v0.2 ISAO Standards Organization Dr. Greg White, Executive Director Rick Lipsey, Deputy Director May 2, 2016 Copyright 2016, ISAO SO (Information Sharing
More informationBest Practices in ICS Security for System Operators
Best Practices in ICS Security for System Operators Introduction Industrial automation and control systems have become increasingly connected to internal and external networks. This exposure has resulted
More informationOn Bounded Rationality in Cyber-Physical Systems Security: Game-Theoretic Analysis with Application to Smart Grid Protection
On Bounded Rationality in Cyber-Physical Systems Security: Game-Theoretic Analysis with Application to Smart Grid Protection CPSR-SG 2016 CPS Week 2016 April 12, 2016 Vienna, Austria Outline CPS Security
More informationMethods for Reducing Cybersecurity Vulnerabilities of Power Substations Using Multi-Vendor Smart Devices in a Smart Grid Environment
S&L Logo Methods for Reducing Cybersecurity Vulnerabilities of Power Substations Using Multi-Vendor Smart Devices in a Smart Grid Environment Date: October 24, 2017 Authors/Presenters: J. Matt Cole, PE
More informationSecurity of cyber-physical systems: an old idea
Security of cyber-physical systems: an old idea Security Issues and Mitigation in Ethernet POWERLINK Jonathan Yung, Hervé Debar and Louis Granboulan AIRBUS Group Innovations & Télécom SudParis February
More informationInteractive Remote Access FERC Remote Access Study Compliance Workshop October 27, Eric Weston Compliance Auditor Cyber Security.
Interactive Remote Access Compliance Workshop October 27, 2016 Eric Weston Compliance Auditor Cyber Security 2 Agenda Interactive Remote Access Overview Review of Use Cases and Strategy 1 Interactive Remote
More informationCyber Security and Substation Equipment Overview
Cyber Security and Substation Equipment Overview Northeast Power Coordinating Council Task Force on Infrastructure Security & Technology s Cyber Security Workshop June 7 & 8, 2006 John Ciufo Alfred Moniz
More informationMeasurement Challenges and Opportunities for Developing Smart Grid Testbeds
Measurement Challenges and Opportunities for Developing Smart Grid Testbeds 10th Carnegie Mellon Conference on the Electricity Industry April 1, 2015 Paul Boynton boynton@nist.gov Testbed Manager Smart
More informationEnergy Assurance Energy Assurance and Interdependency Workshop Fairmont Hotel, Washington D.C. December 2 3, 2013
+ Energy Assurance Energy Assurance and Interdependency Workshop Fairmont Hotel, Washington D.C. December 2 3, 2013 Jeffrey R. Pillon, Director, Energy Assurance Programs National Association of State
More informationCyber Security Technologies
1 / Cyber Security Technologies International Seminar on Cyber Security: An Action to Establish the National Cyber Security Center Lisbon, 12 th September 2013 23 / Key highlights - Thales Group Thales
More informationExpanding Cyber Security Management for Critical Infrastructure
Expanding Cyber Security Management for Critical Infrastructure ISSE Wednesday 15 th November 17, Brussels Dr Andrew Hutchison, Telekom Security andrew.hutchison@t-systems.com OVERVIEW Attack Surface expands
More informationSecurity by Default: Enabling Transformation Through Cyber Resilience
Security by Default: Enabling Transformation Through Cyber Resilience FIVE Steps TO Better Security Hygiene Solution Guide Introduction Government is undergoing a transformation. The global economic condition,
More informationCybersecurity for Health Care Providers
Cybersecurity for Health Care Providers Montgomery County Medical Society Provider Meeting February 28, 2017 T h e MARYLAND HEALTH CARE COMMISSION Overview Cybersecurity defined Cyber-Threats Today Impact
More informationAnnual Industry Workshop March 27-29, Session Abstracts
Annual Industry Workshop March 27-29, 2017 Session Abstracts Case Study Presentation: Analyzing the Evolving Ukraine Cyber Attack(s) Presentation by Ben Miller, Dragos, Inc. Q&A Discussion led by Ben Miller,
More informationMultistage Cyber-physical Attack and SCADA Intrusion Detection
Multistage Cyber-physical Attack and SCADA Intrusion Detection Workshop on European Smart Grid Cybersecurity: Emerging Threats and Countermeasures Belfast, 26 th August, 2016 Kieran McLaughlin, BooJoong
More informationCyber Security. Our part of the journey
Cyber Security Our part of the journey The Journey Evolved Built on the past Will be continued Not always perfect Small Steps moving forward The Privileged How to make enemies quickly Ask before acting
More informationTechnology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited
Technology Risk Management in Banking Industry Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited Change in Threat Landscape 2 Problem & Threats faced by Banking Industry
More informationMarch 6, Dear Electric Industry Vendor Community: Re: Supply Chain Cyber Security Practices
March 6, 2019 Dear Electric Industry Vendor Community: Re: Supply Chain Cyber Security Practices On July 21, 2016, the Federal Energy Regulatory Commission (FERC) directed the North American Electric Reliability
More informationIndustrial Defender ASM. for Automation Systems Management
Industrial Defender ASM for Automation Systems Management INDUSTRIAL DEFENDER ASM FOR AUTOMATION SYSTEMS MANAGEMENT Industrial Defender ASM is a management platform designed to address the overlapping
More informationMike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS
Mike Spear, Ops Leader Greg Maciel, Cyber Director INDUSTRIAL CYBER SECURITY PROGRAMS Can You Answer These Questions? 1 What s my company s exposure to the latest industrial cyber threat? Are my plants
More information