1 / 36

Cyber Security for Smart Grids

Cyber Security for Smart Grids. Prof. Biplab Sikdar Department of Electrical, Computer and Systems Engineering Rensselaer Polytechnic Institute Troy NY 12180. Outline. Introduction to computer networks Network vulnerabilities Cyber security threats for smart grids Defense strategies.

malik-odonnell
Télécharger la présentation

Cyber Security for Smart Grids

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cyber Security for Smart Grids Prof. BiplabSikdar Department of Electrical, Computer and Systems Engineering Rensselaer Polytechnic Institute Troy NY 12180

  2. Outline • Introduction to computer networks • Network vulnerabilities • Cyber security threats for smart grids • Defense strategies

  3. Motivation Generation Transmission Customers Distribution GEN1 - Operational Information TOP1 – Operational Information DIST1 - Operational Information GENx - Operational Information TOPx – Operational Information DISTx – Operational Information Source: n-Dimension solutions

  4. Motivation Transmission Distribution Customers Generation AMI DSM System Operators Conservation Authorities End-to-End Communicationsand Intelligence Source: n-Dimension solutions

  5. What is a Computer Network? • A collection of computers (PCs, workstations) and other devices (e.g. printers, smart meters) that are all interconnected • Goal: provide connectivity and ubiquitous access to resources (e.g., database servers, Web), allow remote users to communicate (e.g., email) • Components: • Hosts (computers) • Links (coaxial cable, twisted pair, optical fiber, radio, satellite) • Switches/routers (intermediate systems)

  6. What is a Computer Network? Packet Server Client Server Hosts are computers and other devices such as cellphones and PDAs Mobile Client

  7. What is a Computer Network? Application Application Packet Networks connect applications on different stations

  8. What is a Computer Network? Packet Server Client Server Hosts communicate by sending messages called packets Mobile Client

  9. What is a Computer Network? Router Packet Router Router Router Packets may pass through multiple routers; Each switch reads the packet and passes it on

  10. What is a Computer Network? • In summary, a network is a system of hardware, software and transmission components that collectively allow two application programs on two different stations connected to the network to communicate well

  11. Networking Issues • Resource sharing (i.e., accommodate many users over the same link or through the same router) • Addressing and routing (i.e., how does an email message find its way to the receiver) • Reliability and recovery: guarantee end-to-end delivery • Traffic management: monitoring and regulating the traffic in the network

  12. Solution: Layering • Layering to deal with complex systems: • Conceptual simplicity • modularization eases maintenance, updating of system • change of implementation of layer’s service transparent to rest of system TCP/IP Model TCP/IP Protocols Application FTP Telnet HTTP Transport TCP UDP Internetwork IP Host to Network Ethernet WiFi Point-to-Point

  13. Network Performance • There are a number of measures that characterize and capture the performance of a network • It is not enough that networks work • They must work well • Quality of service (QoS) defines quantitative measures of service quality • Data rate or throughput • Delay (Latency) • Reliability • Security (not a QoS measure but crucial)

  14. Network Security • Confidentiality: only sender, intended receiver should “understand” message contents • Authentication: sender, receiver want to confirm identity of each other • Message integrity: sender, receiver want to ensure message not altered (in transit, or afterwards) without detection • Access and availability: services must be accessible and available to users

  15. Security for Smart Grids: Example 1 Communications Network(WAN) Communications Network(WAN) AMCC (Advanced Metering Control Computer) AMI WAN AMI WAN AMI WAN Cyber Penetration Attacker Controls the Head End Attacker Performs Remote Disconnect Attacker Retailers 3rd Parties Data Management Systems (MDM/R) Example from AMRA Webinar, Nov ’06 “The Active Attacker”, Source: n-dimension solutions

  16. Security for Smart Grids: Example 2 Send e-mail with malware Admin Operator Admin Opens Email with Malware Operator Acct MasterDB Slave Database RTU PerformARP Scan PerformARP Scan SQLEXEC Internet Takes Control of RTU • Hacker performs an ARP (Address Resolution Protocol) Scan • Once the Slave Database is found, hacker sends an SQL EXEC command • Performs another ARP Scan • Takes control of RTU • Hacker sends an e-mail with malware • E-mail recipient opens the e-mail and the malware gets installed quietly • Using the information that malware gets, hacker is able to take control of the e-mail recipient’s PC! Example from 2006 SANS SCADA Security Summit, Source: n-dimension solutions

  17. Network Security: Introduction • Bob and Alice want to communicate “securely” • Trudy (intruder) may intercept, delete, add messages Alice Bob channel data secure sender secure receiver data data Trudy

  18. Who might Bob, Alice be? • well, real-life Bobs and Alices! • Web browser/server for electronic transactions (e.g., on-line purchases) • Phasor measurement units sending synchrophasor data • Information exchange between power distribution networks and power generators • on-line banking client/server • routers exchanging routing table updates

  19. Impact of Security Breach Q: What can a “bad guy” do? A: A lot • eavesdrop: intercept messages • actively insert messages into connection • impersonation: can fake (spoof) source address in packet (or any field in packet) • hijacking: “take over” ongoing connection by removing sender or receiver, inserting himself in place • denial of service: prevent service from being used by others (e.g., by overloading resources)

  20. Network Security (Recap) • Confidentiality: only sender, intended receiver should “understand” message contents • Authentication: sender, receiver want to confirm identity of each other • Message integrity: sender, receiver want to ensure message not altered (in transit, or afterwards) without detection • Access and availability: services must be accessible and available to users

  21. The language of cryptography Alice’s encryption key Bob’s decryption key encryption algorithm decryption algorithm ciphertext plaintext plaintext K K A B m plaintext message KA(m) ciphertext, encrypted with key KA m = KB(KA(m))

  22. Simple encryption scheme substitution cipher: substituting one thing for another • monoalphabetic cipher: substitute one letter for another plaintext: abcdefghijklmnopqrstuvwxyz ciphertext: mnbvcxzasdfghjklpoiuytrewq E.g.: Plaintext: bob. how are you. alice ciphertext: nkn. akrmocwky. mgsbc Key: the mapping from the set of 26 letters to the set of 26 letters

  23. Message Integrity • allows communicating parties to verify that received messages are authentic. • Content of message has not been altered • Source of message is who/what you think it is • Sequence of messages is maintained • let’s first talk about message digests

  24. function H( ) that takes as input an arbitrary length message and outputs a fixed-length string: “message signature” note that H( ) is a many-to-1 function H( ) is often called a “hash function” Example: H(SIKDAR)= 19+13+11+4+1+18=66 desirable properties: easy to calculate irreversibility: Can’t determine m from H(m) collision resistance: computationally difficult to produce m and m’ such that H(m) = H(m’) seemingly random output large message m H: Hash Function H(m) Message Digests

  25. Message Authentication Code (MAC) s = shared secret s s message message message H( ) H( ) compare • Authenticates sender • Verifies message integrity • Also called “keyed hash” • Notation: MDm = H(s||m) ; send m||MDm

  26. MD5 hash function widely used (RFC 1321) computes 128-bit message digest in 4-step process. SHA-1 is also used. US standard [NIST, FIPS PUB 180-1] 160-bit message digest Hash Function Algorithms

  27. Common Security Attacks • Finding a way into the network • Firewalls • Exploiting software bugs, buffer overflows • Intrusion Detection Systems • Denial of Service • Ingress filtering, IDS • TCP hijacking • IPSec • Packet sniffing • Encryption (SSH, SSL, HTTPS) • Social problems • Education Source: J. Weisz, CMU

  28. Firewalls • Basic problem – many network applications and protocols have security problems that are fixed over time • Difficult for users to keep up with changes and keep host secure • Solution • Administrators limit access to end hosts by using a firewall • Firewall is kept up-to-date by administrators • Can be hardware or software • Ex. Some routers come with firewall functionality • ipfw, ipchains, pf on Unix systems, Windows XP and Mac OS X have built in firewalls Source: J. Weisz, CMU

  29. Firewalls Internet DMZ Web server, email server, web proxy, etc Firewall Firewall Intranet Source: J. Weisz, CMU

  30. Firewalls • Used to filter packets based on a combination of features • These are called packet filtering firewalls • Ex. Drop packets with destination port of 23 (Telnet) • Can use any combination of IP/UDP/TCP header information Source: J. Weisz, CMU

  31. Intrusion Detection • Used to monitor for “suspicious activity” on a network • Can protect against known software exploits, like buffer overflows • Uses “intrusion signatures” • Well known patterns of behavior • Example • IRIX vulnerability in webdist.cgi • Can make a rule to drop packets containing the line • “/cgi-bin/webdist.cgi?distloc=?;cat%20/etc/passwd” • However, IDS is only useful if contingency plans are in place to curb attacks as they are occurring Source: J. Weisz, CMU

  32. Denial of Service • Purpose: Make a network service unusable, usually by overloading the server or network • Many different kinds of DoS attacks • SYN flooding • Large number of TCP connection requests with fake source address • Server accepts connection request • Eventually server memory is exhausted • Smurf • Distributed attacks Source: J. Weisz, CMU

  33. Packet Sniffing • Local area networks: Ethernet, WiFi • Source: put data packet on wire with destination’s address • All other hosts listen • Anything in plaintext is easily eavesdropped (example: passwords in telnet) • Solution: • encryption Source: J. Weisz, CMU

  34. Social Problems • People can be just as dangerous as unprotected computer systems • People can be lied to, manipulated, bribed, threatened, harmed, tortured, etc. to give up valuable information • May use infected hardware (e.g. USB drives) inside a secure network • Disgruntled employees • There aren’t always solutions to all of these problems • Humans will continue to be tricked into giving out information they shouldn’t • Educating them may help • The best that can be done is to implement a wide variety of solutions and more closely monitor who has access to what network resources and information Source: J. Weisz, CMU

  35. Cyber Solutions - Defense in Depth Cyber Security Solutions for Smart Grids • Perimeter Protection • Firewall, IPS, VPN, AV • Host IDS, Host AV • Physical Security • Interior Security • Firewall, IDS, VPN, AV • Host IDS, Host AV • IEEE P1711 (Serial Connections) • Network admission control • Scanning • Monitoring • Management

  36. Questions?

More Related