190 likes | 446 Vues
Smart Grid Cyber Security Framework. Dr. Satyam Priyadarshy RKR Group, Inc ( renaming as Reignite Strategy , Inc. May 1,11) priyadarshy@ieee.org or +1 703 7314461 Dr. Arun Sood SCIT LaBS INC & George Mason University asood@scitlabs.com asood@gmu.edu Prepared For
E N D
Smart Grid Cyber Security Framework Dr. Satyam Priyadarshy RKR Group, Inc (renaming as Reignite Strategy, Inc. May 1,11) priyadarshy@ieee.org or +1 703 7314461 Dr. Arun Sood SCIT LaBS INC & George Mason University asood@scitlabs.com asood@gmu.edu Prepared For Third Workshop on Cyber security and global affairs in partnership with CERt-Hungary BudapesT, hungary May 31-June 2, 2011
What is Smart Grid? • Smart Grid is NOT a product or service. • Smart Grid is the integration of two infrastructures • Electrical Infrastructure (expanded Energy Infrastructure) • Information Infrastructure • Smart Grid is the power delivery system of the future • With Increased Energy Efficiency and Operational Productivity • With Increased Power System Reliability and QoS (Quality of Service) • Empowers Consumers and Everyone for Decision making to use Energy Efficiently • Smart Grid goals will be achieved through • Optimal Use of Assets • Efficient operation and the inclusion of active participation from consumers • Use of new energy sources, storage, products, services and markets • Proactive self-healing through continuous self-assessments of grid components • Resiliency to cyber attacks • Smart Grid needs a robust Cyber Security Framework, due to network dependency
Smart Grid Image Source: http://www.consumerenergyreport.com/wp-content/uploads/2010/04/smartgrid.jpg
Smart Grid Framework • Smart Grid Framework constitutes the following seven layers • Energy transmission and distribution infrastructure • Communication network • Data center computational platform • Informational systems infrastructure and operational systems • Business applications for automation, communications and management • Vendor partnerships and services • Smart Grid needs to have defense mechanisms at each of the above seven layers.
Smart Grid Framework • The layered cyber security framework should include: • The physical security • The access control • The secure devices, systems and network • The secure software, applications, databases, and storage • The secure intercommunications and data transport • The defense to the existing and emerging threat landscape • The self-healing of grid through real-time monitoring and management • In the following sections we discuss each one of them.
Cyber Security Framework Leverage the existing security systems. SCADA (Supervisory Control And Data Acquisition) is the security systems in the current grids, within isolated environments. Expand SCADA, for Smart Grid, as environments will no longer remain isolated and will be on always connected networks.
Cyber Security Framework – Physical Security • Requires an integrated solution for protecting the premises from intruders. • The solution will have to automate • Data analysis • Creation of Alerts, • Response to alerts from • Electronic access controls, Sensors, etc. • Generators, Smart Appliances, etc. • Equipment transport logs, etc. • Video surveillance, etc. • Other new technologies as become available
Cyber Security Framework –Access Control and Identity Management • Robust access control &identity management/verification policies for • People, • Vendors • Companies • Communicating devices, etc. • Use of strong passwords, reCAPTCHA, biometrics, etc. for authentication from the start • Implementation for Sarbanes-Oxley like rules • The default-deny policy for the servers, routers, switches, and other devices should be in place, when these devices go on the network. An access on the network should require explicit permission settings, to avoid any unauthorized entry. • For example, a customer shall access energy consumption metrics from the Smart Meter, but shall not be allowed to make changes to the device itself.
Cyber Security Framework • Hardening of the devices, servers, and network before deployment and connection to the backbone of Smart Grid. • For example, the factory settings like passwords, open ports, etc. on the devices, routers, switches, servers, sensors, and Wi-Fi networks shall be changed based on the access and control policies set earlier. • Implementation of the recommendations from the vendor on making their devices secure • For example, disruptions caused by denial of service (DoS) attacks can be reduced if the vendor recommendations for securing the devices are followed.
Cyber Security Framework –Secure SADS • Smart Grid will integrate multiple vendors for software, applications, databases and storage (SADS) through its backbone, the Smart Grid Network. • SADS are secure before deploying it on the networked devices. • For example, memory injection issues do not get deployed knowingly. • Consistent and timely upgrade and patch deployment policies for SADS. should take into account the consistency, timeliness and interdependencies of SADS. • Same robust testing and phased deployment of open source and commercial off-the shelf (COTS) SADS.
Cyber Security Framework –Secure Data Transport and Storage • Data transport at very low latency and high throughput is critical for Smart Grid. • Data needs be protected as it is shared between different entities and stored • Data encryption would be essential to implement across the board (both for transport and storage) • Granular access to sensitive data at the user and application level should be implemented. • Leveraging VPN technologies for data transmission between devices in the Smart Grid network will be needed.
Cyber Security Framework –Defense in Depth • Defense-in-depth approach of multi-level and multi-layer security to protect from existing and emerging threats. • The known threats from • Hackers, vandals, and disgruntled employees, • Competitors, customers, security systems, • Terrorists, and foreign countries, • Rogue devices, tainted software, and other yet unknown sources • Address attacks like • spoofing, cracking • denial of service, eavesdropping, • traffic analysis, social engineering, malware, etc.
Cyber Security Framework –Self-healing • Self-healing of Smart Grid requires that cyber security become pervasive and granular. • Real-time monitoring of data at the lowest possible granular level will provide immediate knowledge • About changes • Events that can disrupt the Smart Grid • Allow to take quick corrective actions • In a complex system like the Smart Grid, events can arise • As a result of a security breach • As a noise during the course of operations. • Monitoring these events will ensure the protection and security of the Smart Grid.
Thanks !! For a self-healing, always on, highly efficient SMART GRID, a robust Cyber Security Framework is essential. For more information Contact asood@gmu.edu or priyadarshy@ieee.org