1 / 45

SMART GRID COMMUNICATION SECURITY

SMART GRID COMMUNICATION SECURITY. EE5970 Computer Engineering Seminar Professor : Dr. Zhuo feng. OVERVIEW. Introduction History Why do we need cyber security How do we achieve it Summary Conclusion . What is smart grid.

shea
Télécharger la présentation

SMART GRID COMMUNICATION SECURITY

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SMART GRID COMMUNICATIONSECURITY EE5970 Computer Engineering Seminar Professor : Dr. Zhuo feng

  2. OVERVIEW • Introduction • History • Why do we need cyber security • How do we achieve it • Summary • Conclusion Cyber security for smart grid

  3. What is smart grid • Smart grids – add communication capabilities and intelligence to traditional grids • What enables smart grids • Intelligent sensors and actuators • Extended data management system • Expanded two way communication between utility operation system facilities and customers • Network security Cyber security for smart grid

  4. Primary objectives of smart grids • National integration • Self healing and adaptive –Improve distribution and transmission system operation • Allow customers freedom to purchase power based on dynamic pricing • Improved quality of power-less wastage • Integration of large variety of generation options Cyber security for smart grid

  5. Economic and social benefits of smart grids • Provide Customer Benefits • Reduce Peak Demand • Increase Energy Conservation & Efficiency • Reduce Operating Expenses • Increase Utility Worker Safety • Improve Grid Resiliency and Reliability • Reduce Greenhouse Gas Emissions • Promote Energy Independence • Promote Economic Growth & Productivity Cyber security for smart grid

  6. HISTORY

  7. Need to automate Cyber security for smart grid

  8. Transformation from mechanical relays to microprocessors GE CFD Intel 4004 Cyber security for smart grid

  9. Intelligent electronic devices (IED)explosion • Protection relay • Auxiliary relay • Cheap contractors • Remote terminal units • Circuit breaker monitor • Revenue meters • Solar flare detectors • Power quality monitors • Phasor measurement units • Communication processors • Communication alarm etc Cyber security for smart grid

  10. Telecontrol • SCADA (North America) • Different protocols for different operations • Proprietary protocols (more than 100) • Modbus • DNP • IEC61850 Cyber security for smart grid

  11. SCADA Protocols list (Not complete list ) • Siemens quad 4 meter • CONITEL 2000 • CONITEL 2100 • CONITEL 3000 • CONITEL 300 • HARRIS 5000 • HARRIS 5600 • HARRIS 6000 • UCA 2.0 or MMS • PG & E 2179 • MODBUS • DNP3 • ICCP • IEC 61850 Cyber security for smart grid

  12. Few existing general protocols • MODBUS -Primitive with no security and not very extensible • DNP3 –Advanced SCADA protocol • DNP1 and 2 are proprietary protocols • IEC 61850 the most used protocol for new implementations • ICCP Cyber security for smart grid

  13. ARCHITECTURE OF SMART GRIDS

  14. Architecture of smart grids Cyber security for smart grid Source : Fluke corporation

  15. Architecture of communication infrastructure [1] Cyber security for smart grid

  16. Communication media used for smart grids[1] • Urge for new FCC allocation for smart grids • PLC –Power line carriers • Ethernet • WLAN • Zigbee • Bluetooth • Optical fiber • Microwave etc Cyber security for smart grid

  17. Priority and types of information Cyber security for smart grid Communication model , source: NIST Vol 1

  18. Why ? • Network security is a priority and not a add on for smart grids • Protecting control center alone - not enough • Remote acess to devices • Qos requirement from security system • Safety (line worker public and equipment) • Reliability and availability Cyber security for smart grid

  19. Physical Manifestation Source : YouTube Cyber security for smart grid

  20. Different communication systems[4] Cyber security for smart grid

  21. Adversaries[5] • Nation states • Hackers • Terrorist /Cyber terrorists • Organized crime • Other criminal elements • Industrial competitors • Disgruntled employees • Careless and poorly trained employees Cyber security for smart grid

  22. Classification of attacks • Component based attacks • Protocol based attack Cyber security for smart grid

  23. COMPONENT BASED ATTACKS

  24. COMPONENT BASED ATTACK -STUXNET • Specifically programmed to attack scada and could reprogram PLC’s • Zero day attack • Highly complex • 0.5 Mb file transferred able to multiply • Targets- Iran nuclear plants ,Process plants in Germany and ISRO India Source: wikipedia Cyber security for smart grid

  25. SCADA attacks • Internal attacks • Employee • Contractor • External attacks • Non specific- malware , hackers • Targeted • Special knowledge – former insider • No special knowledge –hacker terrorist • Natural disaster • Manmade disasters Cyber security for smart grid

  26. Scada vulnerability points • Unused telephone line – war dialing • Use of removable media – stuxnet • Infected Bluetooth enabled devices • Wi-Fi enabled computer that has Ethernet connection to scada system • Insufficiently secure Wi-Fi • Corporate LAN /WAN • Corporate web server email servers internet gateways Cyber security for smart grid

  27. CYBER ATTACKS ON SCADA • Web servers or SQL attacks • Email attacks • Zombie recruitment • DDOS attacks Cyber security for smart grid

  28. Protocol based attacks • All protocols runs on top of IP protocol and IP protocol has its own set of weakness • DNP3 implements TLS and SSL encryption which is weak • The protocol is vulnerable to out-of-order, unexpected or incorrectly formatted packets • A significant weakness for IEC 61850 is that it maps to MMS (Manufacturing message specification)as the communications platform, which itself has a wide range of potential vulnerabilities Cyber security for smart grid

  29. Unique security challenges in smart grids • Scale • Legacy devices • Field location • Culture of security through obscurity • Evolving standards and regulations Cyber security for smart grid

  30. How ? • Security by obscurity • Trust no one • Layered security framework • Efficient firewall • Intrusion detection • Self healing security system Cyber security for smart grid

  31. Key management[1] • Issue of key management – Scale • PKI with trusted computing elements- considerable amount of security • Embedded computing Vs general purpose computing Cyber security for smart grid

  32. Basic PKI Infrastructure [1] Cyber security for smart grid

  33. Issues with PKI[3] • Updating the keys • Parameter generation • Key distribution • Staffing for key management Cyber security for smart grid

  34. Types of security[1] • Reactive Vs Proactive security • Reactive • Incident response plan • Applied for general purpose computers more • Proactive Security for embedded computers • High assurance boot • Secure software validation • Secure association termination if found infected • Device assertation Cyber security for smart grid

  35. Incidence response plan[1] Cyber security for smart grid

  36. Attack trees for assessment of cyber security[2] Cyber security for smart grid

  37. Calculation of cyber security conditions (omega) Cyber security for smart grid

  38. Weighing factor for password policy Cyber security for smart grid

  39. Calculations of vulnerability index • Leaf VI : max( total countermeasures implemented /total countermeasures available x ω , ω x weighing factor of password policy) • Scenario vulnerability index : Product of its leaf vulnerability indices • System vulnerability index is the max of all scenario vulnerabilities indices Cyber security for smart grid

  40. Use of attack trees to assess security Cyber security for smart grid

  41. Summary • Different security constraints that makes securing smart grids a difficult problem • Several highly efficient adversaries • Use existing protocols like IP with known vulnerabilities and work around to using new protocols with unknown vulnerabilities • Use of layered security architecture and attack tree’s for efficient security and risk assessment Cyber security for smart grid

  42. Groups working on smart grids • UCA International user group • www.ucaiug.org • International electrochemical commission • www.iec.ch • Electric power research institute • www.epri.com • Intelligrid consortium and architecture • www.intelligrid.epri.com • IEEE smart grid • www.smartgrid.ieee.org • NIST • csrc.nist.gov Cyber security for smart grid

  43. Conclusion • 25% of united states already runs smart grids • Any tiny vulnerabilities should be not be compromised • Scalable and adaptable security system • Light weight and self healing capabilities • Hybrid between centralized and distributed • Impenetrable and fail proof • Security should be real time Cyber security for smart grid

  44. References [1]  Metke, A.R.; Ekl, R.L.; , "Security Technology for Smart Grid Networks," Smart Grid, IEEE Transactions on , vol.1, no.1, pp.99-107, June2010 doi: 10.1109/TSG.2010.2046347 [2] Chee-Wooi Ten, Chen-Ching Liu, and Manimaran Govindarasu, "Vulnerability Assessment of Cybersecurity for SCADA Systems," IEEE Transactions on Power Systems, vol. 23, no. 4, pp. 1836-1846, Nov. 2008 [3] Khurana, H.; Hadley, M.; Ning Lu; Frincke, D.A.; , "Smart-Grid Security Issues," Security & Privacy, IEEE , vol.8, no.1, pp.81-85, Jan.-Feb. 2010doi: 10.1109/MSP.2010.49 URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5403159&isnumber=5403138 [4] Dong Wei; Yan Lu; Jafari, M.; Skare, P.; Rohde, K.; , "An integrated security system of protecting Smart Grid against cyber attacks," Innovative Smart Grid Technologies (ISGT), 2010 , vol., no., pp.1-7, 19-21 Jan. 2010doi: 10.1109/ISGT.2010.5434767URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5434767&isnumber=5434721 [5] NIST guidelines for smart grid security Vol 1 Cyber security for smart grid

  45. THANK YOU FOR LISTENING

More Related