The Path to a Secure and Resilient Power Grid Infrastructure

Similar documents
BILL SANDERS CYBERSECURITY & PRIVACY FOR THE SMART GRID: CHALLENGES AND OPPORTUNITIES FEBRUARY 10, 2015

TRUSTWORTHY CYBER INFRASTRUCTURE FOR THE POWER GRID TCIPG.ORG

Smart Grid Security Illinois

Building Resilience into the Smart Grid

Dmitry Ishchenko/Reynaldo Nuqui/Steve Kunsman, September 21, 2016 Collaborative Defense of Transmission and Distribution Protection & Control Devices

EPRI Research Overview IT/Security Focus. Power Delivery & Energy Utilization Sector From Generator Bus Bar to End Use

EDUCATION AND ENGAGEMENT JANA SEBESTIK ANNUAL INDUSTRY WORKSHOP NOVEMBER 12-13, 2014 NOVEMBER, 12, 2014

Trustworthy Cyber Infrastructure for the Power Grid (TCIPG)

SEGRID storyline. Workshop SEGRID November 14 th, 2016, Barcelona, Spain

Cyber Physical System Security

Power Affiliates Program Highlights. Pete Sauer

Cyber Defense & Network Assurance (CyberDNA) Center. Professor Ehab Al Shaer, Director of CyberDNA Center UNC Charlotte

The Virtual Power System Testbed (VPST) and Inter- Testbed Integration

Securing the Smart Grid. Understanding the BIG Picture 11/1/2011. Proprietary Information of Corporate Risk Solutions, Inc. 1.

NATIONAL DEFENSE INDUSTRIAL ASSOCIATION Homeland Security Symposium

Smart Grid Communications and Networking

The Key Principles of Cyber Security for Connected and Automated Vehicles. Government

Grid Modernization Challenges for the Integrated Grid

NW NATURAL CYBER SECURITY 2016.JUNE.16

Introducing Cyber Resiliency Concerns Into Engineering Education

Control Systems Cyber Security Awareness

SMART BUILDINGS IN THE SMART GRID

Future Grid Initiative Technology Challenges in Designing the Future Grid to Enable Sustainable Energy Systems

Annual Industry Workshop March 27-29, Session Abstracts

Cisco Smart Grid. Powering End-to-End Communications. Annette Winston Sr. Mgr., Product Operations Customer Value Chain Management

Next Generation Distribution Automation Phase III, Intelligent Modern Pole (IMP) Field Demonstration

Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure

AUTOMATED SECURITY ASSESSMENT AND MANAGEMENT OF THE ELECTRIC POWER GRID

Evaluating and Improving Cybersecurity Capabilities of the Electricity Critical Infrastructure

Cyber Security in Europe

CSD Project Overview DHS SCIENCE AND TECHNOLOGY. Dr. Ann Cox. March 13, 2018

Information Security Controls Policy

Illinois Cyber Navigator Program

Cyber Threat Assessment and Mitigation for Power Grids Lloyd Wihl Director, Application Engineering Scalable Network Technologies

Bridging The Gap Between Industry And Academia

Cyber Security Technologies

The NIS Directive and Cybersecurity in

T&D Challenges and Opportunities

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

Integrating Distributed Resources into Distribution Planning and Operations R&D Priorities

Summary of Cyber Security Issues in the Electric Power Sector

Addressing Cyber Threats in Power Generation and Distribution

IC32E - Pre-Instructional Survey

MASP Chapter on Safety and Security

Trustworthy Cyber Infrastructure for Power (TCIP) tcip.iti.uiuc.edu

Resilient Smart Grids

Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018

ARRA State & Local Energy Assurance Planning & Implementation

STATE OF ILLINOIS ILLINOIS COMMERCE COMMISSION ORDER

Improving SCADA System Security

Grid Modernization at the Department of Energy

Modernizing the Grid for a Low-Carbon Future. Dr. Bryan Hannegan Associate Laboratory Director

Chapter 18 SaskPower Managing the Risk of Cyber Incidents 1.0 MAIN POINTS

Cyber Security Program

EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led

IEEE Smart Grid Research IEEE Smart Grid Vision for Computing: 2030 and Beyond. Executive Summary... xv. Chapter 1 Introduction...

Innovation policy for Industry 4.0

Featured Articles II Security Research and Development Research and Development of Advanced Security Technology

Cyber Security Strategy

An Integrative Framework for Secure and Resilient Mission Assurance

Energy Assurance Plans

The Need for Operational and Cyber Resilience in Transportation Systems

SECURITY & PRIVACY DOCUMENTATION

SANS SCADA Conference 2012 Progress in implementing the Roadmap to Achieve Energy Delivery Systems Cybersecurity

Language for Control Systems

Cyber Security for Smart Grid Devices

Secure Product Design Lifecycle for Connected Vehicles

Securing Industrial Control Systems

Mission: Continuity BUILDING RESILIENCE AGAINST UNPLANNED SERVICE INTERRUPTIONS

Medical Device Cybersecurity: FDA Perspective

Cyber Security of Power Grids

Cybersecurity, safety and resilience - Airline perspective

ARC VIEW. Critical Industries Need Active Defense and Intelligence-driven Cybersecurity. Keywords. Summary. By Sid Snitkin

Function Category Subcategory Implemented? Responsible Metric Value Assesed Audit Comments

Why Should You Care About Control System Cybersecurity. Tim Conway ICS.SANS.ORG

FORTIKA - Cyber Security Accelerator for trusted SMEs IT Ecosystems THE PROJECT

Semantic Security Analysis of SCADA Networks to Detect Malicious Control Commands in Power Grids

Texas Reliability Entity, Inc. Strategic Plan for 2017 TEXAS RE STRATEGIC PLAN FOR 2017 PAGE 1 OF 13

Measurement Challenges and Opportunities for Developing Smart Grid Testbeds

Smart Grid Automation in a Cyber-Physical Context

Distributed Agent-Based Intrusion Detection for the Smart Grid

Security Standards for Electric Market Participants

Cyber Security and Privacy Issues in Smart Grids

Challenges and Opportunities in Cyber Physical System Research

Implementation Strategy for Cybersecurity Workshop ITU 2016

Tool-Supported Cyber-Risk Assessment

2016 Nationwide Cyber Security Review: Summary Report. Nationwide Cyber Security Review: Summary Report

The hidden cost of smart buildings

Critical Resilient Interdependent Infrastructure Systems and Processes

Cyber Security for Renewable Energy Systems

People risk. Capital risk. Technology risk

UNCLASSIFIED. UNCLASSIFIED Office of Secretary Of Defense Page 1 of 8 R-1 Line #18

SOC-2 Requirement Solution Brief. EventTracker 8815 Centre Park Drive, Columbia MD SOC-2

New Guidance on Privacy Controls for the Federal Government

Cyber Resilience. Think18. Felicity March IBM Corporation

Bird of a Feather Automated Responses

CALIFORNIA CYBERSECURITY TASK FORCE

Security protection to industrial control system based on Defense-in-Depth strategy

IEEE-SA Internet of Things - Security & Standards

Internet of Things Toolkit for Small and Medium Businesses

Transcription:

The Path to a Secure and Resilient Power Grid Infrastructure Bill Sanders University of Illinois at Urbana-Champaign www.tcipg.org whs@illinois.edu 1

Power Grid Trust Dynamics Span Two Interdependent Infrastructures Cyber Infrastructure Electrical (Physical) Infrastructure 2

The Challenge: Providing Trustworthy Smart Grid Operation in Possibly Hostile Environments Trustworthy A system which does what is supposed to do, and nothing else Availability, Security, Safety, Hostile Environment Accidental Failures Design Flaws Malicious Attacks Cyber Physical Must make the whole system trustworthy, including both physical & cyber components, and their interaction. 3

Infrastructure must provide control at multiple levels Multi-layer Control Loops Multi-domain Control Loops Demand Response Wide-area Real-time control Distributed Electric Storage Distributed Generation Intra-domain Control Loops Home controls for smart heating, cooling, appliances Home controls for distributed generation Utility distribution Automation Resilient and Secure Control Secure and real-time communication substrate Integrity, authentication, confidentiality Trust and key management End-to-end Quality of Service Automated attack response systems Risk and security assessment Model-based, quantitative validation tools Resilient and Secure Control Loops Generation and Transmission Transmission and Distribution Distribution and Generation Note: the underlying Smart Grid Architecture has been developed by EPRI/NIST. 4

Trustworthiness through Cyber-Physical Resiliency Physical infrastructure has been engineered for resiliency ( n-1 ), but Cyber infrastructure must also be made resilient: Protect the best you can (using classical cyber security methods optimized for grid characteristics), but Detect and Respond when intrusions succeed Resiliency of overall infrastructure dependent on both cyber and physical components 5

Classical (Physical) Attack Approaches Physical attacks on lines, buses and other equipment can also be effective: low tech attacks may be easy, and are also difficult to defend against Requires physical proximity of attacker Particularly effective if multiple facilities are attacked in a coordinated manner But coordination may be much easier in a cyber attack J.D. Konopka (a.k.a. Dr. Chaos) Alleged to have caused $800K in damage in disrupting power in 13 Wisconsin counties, directing teenaged accomplices to throw barbed wire into power stations. (From Milwaukee Journal Sentinel) http://www.jsonline.com/news/metro/may02/41693.asp 6

Combined Cyber-Physical Attack The physical element could be aimed at destabilizing the system and inflicting some lasting damage The cyber element could: Focus on blinding the operator to the true nature of the problem, inhibiting defensive responses, and spreading the extent of an outage Be the cause of the physical damage INL Generator Demonstration Stuxnet computer worm 7

Challenge 1: Trustworthy grid infrastructure and technologies for wide-area monitoring and control Secure wide-area data and communication networks for PMU-based power system applications Hierarchical gateway-based architecture Cooperative congestion avoidance and end-to-end real-time scheduling to achieve real time information delivery Real-time, secure, and converged power grid cyber-physical networks Algorithm-based intrusion-tolerant energy applications 8

Challenge 2: Trustworthy grid infrastructure and technologies for active demand management Cyber-Enabled management of distribution (physical) infrastructure Smart-grid-enabled distributed voltage support Agent technologies for active control applications in the grid Trustworthy integration of new distribution side technologies, e.g., vehicle-to-grid (V2G) Non-intrusive, privacy-preserving, practical demandresponse management 9

Challenge 3: Responding to and managing attacks and failures Sensors Monitor both physical and cyber state Make use of application characteristics improve sensing Actuators Not just in generation, transmission, and distribution, but in every outlet, car, parking garage, DER Response algorithms and engines that are: Have provable bounds on the quality of decisions that they recommend Cannot cause harm in the hands of an adversary Are scalable (and almost surely) hierarchical Are wide in their end-to-end scope 10

Challenge 4: Metrics and Risk Assessment Define appropriate security metrics Integrated at multiple levels Applied throughout system lifecycle Be both process and product oriented Determine methods for estimating metrics To choose appropriate architectural configuration To test implementation flaws, e.g., fuzzing, firewall rule analysis Can be applied in cost effective manner before an audit Which link technical and business concerns 11

TCIPG Vision & Research Focus Vision: Drive the design of an adaptive, resilient, and trustworthy cyber infrastructure for transmission & distribution of electric power, which operates through attacks Research focus: Resilient and Secure Smart Grid Systems Protecting the cyber infrastructure Making use of cyber and physical state information to detect, respond, and recover from attacks Supporting greatly increased throughput and timeliness requirements for next generation energy applications Quantifying security and resilience 12

TCIPG Statistics $18.8M over 5 years, starting Oct 1, 2009 Funded by Department of Energy, Office of Electricity and Department of Homeland Security Builds upon $7.5M NSF TCIP CyberTrust Center 2005-2010 5 Universities University of Illinois at Urbana-Champaign Washington State University University of California at Davis Dartmouth College Cornell University 13

TCIPG Impacts all aspects of the 2011 Roadmap to Achieve Energy Delivery Systems Cybersecurity Build a Culture of Security Assess and Monitor Risk Protective Measures/Risk Reduction Manage Incidents Sustain Security Improvements Conduct summer schools for industry Analyze security of protocols (e.g. DNP3, Zigbee, ICCP, C12.22) Build secure, realtime, & flexible communication mechanisms for WAMS Build gametheoretic Response and recovery engine Offer Testbed and Expertise as a Service to Industry TCIPG Efforts Develop K-12 power/cyber curriculum Develop public energy literacy Create tools for assessing security of devices, systems, & use cases Create integrated scalable cyber/physical modeling infrastructure Design secure information layer for V2G Provide malicious power system data detection and protection Develop forensic data analysis to support response Create effective Intrusion detection approach for AMI Anticipate/addres s issues of scale: PKI, data avalanche, PMU data compression Act as repository for cyber-securityrelated power system data Directly interact with industry Distribute NetAPT for use by utilities and auditors Participate in industry-led CEDS projects Educate nextgeneration cyberpower aware workforce Create fuzzing tools for SCADA protocols 14

To Learn More www.tcipg.org Bill Sanders whs@illinois.edu Request to be on our mailing list Attend our Industry/Govt. workshop Oct. 30-31, 2012 15

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback