Power Grid Resilience, Reliability and Security Research at Idaho National Laboratory Brent J. Stacey Associate Laboratory Director National & Homeland Security Presented at: 69 th Annual Meeting of the Council of State Governments-West September 2016 1
Grid Security is an Urgent National Challenge Living on a Diet of Poison Fruit Rapid Integration of DER Commodity Parts Complexity Ukraine Attack We are staking our future on a resource that we have not yet learned to protect. Former CIA Director, George J. Tenet Remarks at the Sam Nunn Nations Bank Policy Forum April 6, 1998 2
Capability Machines that innovate to solve multidisciplinary problems of national interest 3
What is DOE Doing? DOE s Grid Modernization Initiative (GMI) is helping to ensure that the grid is resilient and secure to withstand growing integration, cybersecurity, and climate challenges The Grid Modernization Laboratory Consortium (GMLC) is a multiyear collaboration of 14 DOE National Laboratories and regional networks that conduct critical R&D in a number of key modernization areas. Three key outcomes in the next 10 years: >10% reduction in the societal costs of power outages >33% decrease in cost of reserve margins while maintaining reliability >50% cut in the costs of wind, solar & other DER integration As the Sector Specific Agency, DOE provides leadership, R&D, and solutions for the energy sector. 4
GMI Vision & Emphasis Areas Thrust Areas Technology (i.e., hardware): better measurement, integration, management and control of grid operations Modeling & Analysis (i.e., software): models for analysis, management and grid optimization Institutional and Business: analytical methodologies and frameworks to improve business models Technical Areas Devices and Integrated Systems Testing Sensing and Measurements Systems Operations, Power Flow, and Control Design and Planning Tools Security and Resilience Institutional Support As part of GMI, DOE announced in Jan 2016 of up to $200M over three years for DOE labs and partners under the GMLC awards. INL is collaborating on 15 of the 88 GMLC projects, four of which INL leads: Smart Reconfiguration of Idaho Falls Power Distribution Network Systems Research Supporting Standards and Interoperability Diagnostic Security Modules for Electric Vehicles to Building Integration Weather Data to Improve Capacity of Existing Power Lines 5
WHAT IS INL DOING? 6
What are Control Systems? CSs are the components that govern and execute complex processes within chemical, critical manufacturing, energy, nuclear, transportation, water and wastewater sectors Sensors Human-machine Interface (HMI) Programmable Logic Controllers (PLC) Physical Processes Actuators (motors, valves, pumps) Cybersecurity of Control Systems Fundamentally Differs from Enterprise IT 7
Enterprise Information Technology (IT) vs Control System Operational Technology (OT) Refresh cycle is 1.5 to 4 years Installations are standards based Systems are proactively managed Hacking results in data loss Typically, an enterprise issue Hacking is typically generally applied and opportunistic Malicious code is found relatively quickly Refresh cycle is 20 to 40 years Installations are custom (process & integrator centric) Systems are passively managed Hacking results in physical damage or loss of life Typically, a governmental issue (e.g., Superstorm Sandy) Hackers are focused and multidisciplinary Most malicious code is discovered by third party in 4 months to 2 years 8
Priorities: Managing Risk for Critical Systems Threat Actors State- Sponsored Sophisticated Hackers Cyber-Informed Engineering High Consequence Low Frequency Consequences Catastrophic Failure Hacktivists & Criminal Organizations Opportunists (Credit Cards, Personal Information) Active Defense & Response Advanced Persistent Threat Cybersecurity Fundamentals & Secure Architecture Hygiene Lost Value Lost Data/ Productivity 9
INL s Innovations & Pilots Consequencedriven Cyber-informed Engineering Machine to Machine Automated Threat Response Embedded Systems & Wireless Communication Links Smart Device Integration into the Grid Wireless Spectrum Communications 10
Idaho National Laboratory Site We resemble a well-characterized, reconfigurable city/region in which energy and security questions can be addressed at scale Nuclear Science User Facility Wireless Test Bed Critical Infrastructure Test Range Complex Radiological Ranges Biomass Feedstock User Facility and DHS-ICS CERT We Steward 890 square miles 111 miles of electrical transmission and distribution lines 579 buildings 177 miles of paved roads 14 miles of railroad lines 3 reactors 2 spent fuel pools Mass transit system Security Museum Landfills 300 metric tons of used fuel CAES 11
Questions and Clarification 12 Image by Milos Milosevic - https://www.flickr.com/photos/21496790@n06/5065834411
13 13