Transcript Power System SCADA/DMS, Sensors, and Cyber Security

Smart Grid Cyber Security:
Support from Power System
SCADA and EMS
Frances Cleveland
[email protected]
Xanthus
Consulting International
Cyber Security and the Smart Grid –
Why is it important?
What caused the
blackout?
 Power Equipment Failures?
 Mistakes by People?
 Information Flow Design Flaws?
What does this blackout have to do
with Security? And Information
Flow Design Flaws? Are those Smart
Grid Security Issues?
Yes, given how dependent the Smart
Grid has (and will increasingly)
become on information, “All Hazards”
What is this picture?
August 14, 2003 Northeast Blackout – security mandates the need for a
reliable and secure information
(enhanced photo)
infrastructure July 16, 2015
2
Xanthus Consulting International
What is Security? Some Key Concepts
1.
For power systems, keeping the lights on is the primary focus. Therefore the key
security requirements are Availability and Integrity, not Confidentiality (AIC,
not CIA)
2.
Encryption, by itself, does not provide security.
3.
Security threats can be deliberate attacks OR inadvertent mistakes, failures,
and natural disasters.
4.
The most dangerous “attacker” is a disgruntled employee who knows exactly
where the weaknesses are the easiest to breach and could cause the worst
damage.
5.
Security solutions must be end-to-end to avoid “man-in-the-middle” attacks or
failed equipment from causing denial of service
6.
Security solutions must be layered, so that if one layer is breached, the next will
be there. Security is only as strong as its weakest link.
7.
Security will ALWAYS be breached at some time – there is no perfect security
solution. Security must always be planned around that eventuality.
8.
Security measures must balance the cost of security against the potential
impact of a security breach
Xanthus Consulting International
3
July 16, 2015
To maintain power system reliability, need to
manage both the Power System Infrastructure
and its supporting Information Infrastructure
1.Power System Infrastructure
Operators,
Planners & Engineers
Central Generating
Station
Step-Up
Transformer
2. Communications and Information Infrastructure
Distribution
Substation
Control Center
Gas
Turbine
Receiving
Station
Distribution
Substation
Cogeneration
Turbine
Distribution
Substation
Microturbine
Photovoltaic systems
Diesel
Engine
Commercial
Fuel
cell
Cogeneration
Storage
Wind Power
Industrial
Commercial
Residential
Xanthus Consulting International
4
July 16, 2015
Traditional “IT” Security Measures Cannot Meet All Power
System Security Requirements
• Two key security issues for utilities are power system reliability
and legacy equipment:
– Power systems must continue to operate as reliably as
possible even during a security attack.
– It is financially and logistically impractical to replace older
power system equipment just to add security measures.
• Layered security is critical not only to prevent security attacks, but
also to detect actual security breaches, to survive during a security
attack, and to log all events associated with the attack.
– Most traditional “IT” security measures, although able to
prevent and/or detect security attacks, cannot directly help
power systems to continue operating.
– For legacy systems and for non-critical, computeconstrained equipment, compensating methods may need to
be used in place of these traditional “IT” security measures.
Xanthus Consulting International
5
July 16, 2015
Use of Power System SCADA and Energy
Management Systems for Certain Security Solutions
• One method for addressing these problems is to use existing
power system management technologies as a valid and very
powerful method of security management, particularly for
detecting, coping with, and logging security events.
– Add sensors, intelligent controllers, and intrusion-detection
devices on “critical” equipment
– Utilize and expand existing SCADA systems to monitor these
additional security-related devices
– Expand the SCADA system to monitor judiciously selected
power system information from AMI systems.
– Expand Power Flow analysis functions to assess
anomalous power system behaviors such as unexpected shifts
of load and generation patterns, and abnormal power flow
contingency analysis results to identify unexpected situations.
Xanthus Consulting International
6
July 16, 2015
12
2
Energy Market Clearinghouse
Markets
6
ISO/RTO
Service Provider
Transmission
SCADA/EMS
1
13
Distribution
Operator
9
Distribution
SCADA
23
Distribution Field
Crews, Mobile
Computing
36
24
3
4
7
Energy Service
Providers
Aggregators and Energy
Market-based Providers
8
DMS power system
modeling functions:
DOMA, VVWS, FLIR,
CA, MFR, OMS, WMS
Distribution
Engineering
35
15
Sensors
Distributed Intelligence
Capabilities
28
Metering &
Billing
29
5
AMI Headend
Customer
Information Sys
25
22
27
26
16
33
Collectors
Geographic
Information
System AM/FM
21
14
34
RTUs
or
IEDs
Load
Management
System
Operations
Distribution Grid Management Use Cases: Logical
Interfaces Used by NIST for Security Assessments
DOMA: Distribution Operations Model & Analysis MFR: Multi-Feeder Reconnection
VVWS: Volt-Var-Watt
OMS: Outage Management System
7
FLIR: Fault Location,
Isolation, Restoration
Xanthus
Consulting
International
WMS: Work Management System
19
20 Distribution
31
AMI Network
17
ESI/Gateway
18
30
Metering
ESI/
Gatewa
y
Customer
EMS
32
Customer appliances, DER, PEV,
Electric Storage
11
10
Customer
July
16, 2015
¿Questions?
Frances Cleveland
[email protected]
Xanthus
Consulting International