Power System SCADA/DMS, Sensors, and Cyber Security
Download
Report
Transcript Power System SCADA/DMS, Sensors, and Cyber Security
Cyber Threats/Security and
System Security of Power
Sector
Workshop on Crisis & Disaster Management
of Power Sector
P.K.Agarwal, AGM
Power System Operation Corporation
[email protected]
SECURITY
2
Cyber Threats/Security and System Security
April 17, 2013
•
•
•
•
•
•
•
•
•
Threat –
Cyber Space
Cyber Threat
Security
Vulnerability
Risk
Risk Management
Vulnerabilities
Security vs Cyber Security
April 17, 2013
Cyber Threats/Security and System Security
Security Acronyms
• Information Security vs System Security
• Defense-in-depth
3
E-Commerce
Confidentiality
Unauthorised
access to
Infomation
Integrity
Unauthorised
Modification or Theft
of Infomation
Availability
Denial of Service or
Prevention of
Authorised Access
Authentication
Non-Repudiation
The individual is who he claims
to be.
Accountability: Denial of Action
That took place, or claim of
Action that did not take place
Cyber Threats/Security and System
Security
CIA Triad
What is Security
SECURITY CONCERNS FOR POWER
SECTOR
5
Cyber Threats/Security and System Security
April 17, 2013
• If compromised, have the potential to cause
great damages.
• A cyber attack has the unique in nature that it
can be launched through
•
•
•
•
public network
from a remote location
Form any where in the world.
Coordinated to attack many locations
Cyber Threats/Security and System
April 17, 2013
Security
• Current power grid depends on complex
network of computers, software and
communication technologies.
6
Concerns
• Many cyber vulnerabilities in Supervisory Control
and Data Acquisition (SCADA) System have been
surfaced.
• Level of automation in substations is increasing,
which can lead more cyber security issues.
• Recent study have shown that the deployed components have
significant cyber vulnerabilities.
Cyber Threats/Security and System
April 17, 2013
Security
• The legacy communication method used for grid
operations also provide potential cyber attack
paths.
7
More Concerns
• Efforts of energy sector to
•
uncover system vulnerabilities develop effective
countermeasures have prevented serious damages to
electric supply chain.
• Some of these vulnerabilities are in the process of
being mitigated.
• However, attack on energy control systems have
been successful in many cases.
Cyber Threats/Security and System
April 17, 2013
Security
• Increasing use of standard and open system –
“Security by Obscurity” is no more valid.
8
Still More Concerns
1.
2.
3.
4.
5.
6.
7.
8.
For power systems, keeping the lights on is the primary focus. Therefore the key
security requirements are Availability and Integrity, not Confidentiality (AIC, not CIA)
Encryption, by itself, does not provide security.
Security threats can be deliberate attacks OR inadvertent mistakes, failures, and natural
disasters.
The most dangerous “attacker” is a disgruntled employee who knows exactly where
the weaknesses are the easiest to breach and could cause the worst damage.
Security solutions must be end-to-end to avoid “man-in-the-middle” attacks or failed
equipment from causing denial of service
Security solutions must be layered, so that if one layer is breached, the next will be
there. Security is only as strong as its weakest link.
Security will ALWAYS be breached at some time – there is no perfect security solution.
Security must always be planned around that eventuality.
Security measures must balance the cost of security against the potential impact of a
security breach
April 17, 2013
Cyber Threats/Security and System Security
What is Security? Some Key
Concepts
9
CYBER SECURITY IN POWER SYSTEM
10
Cyber Threats/Security and System Security
April 17, 2013
1.Power System Infrastructure
Operators,
Planners & Engineers
Central Generating
Station
Step-Up
Transformer
2. Communications and Information
Infrastructure
Distribution
Substation
Control Center
Gas
Turbine
Receiving
Station
Distribution
Substation
Cogeneration
Turbine
Distribution
Substation
Microturbine
Photovoltaic systems
Diesel
Engine
April 17, 2013
Cyber Threats/Security and System Security
To maintain power system reliability, need to
manage both the Power System Infrastructure
and its supporting Information Infrastructure
Commercial
Fuel
cell
Cogeneration
Storage
Wind Power
Industrial
Residential
Commercial
11
• Two key security issues for utilities are power system reliability
and legacy equipment:
• Power systems must continue to operate as reliably as possible
even during a security attack.
• It is financially and logistically impractical to replace older power
system equipment just to add security measures.
• Layered security is critical not only to prevent security attacks, but
also to detect actual security breaches, to survive during a security
attack, and to log all events associated with the attack.
• Most traditional “IT” security measures, although able to
prevent and/or detect security attacks, cannot directly help
power systems to continue operating.
• For legacy systems and for non-critical, compute-constrained
equipment, compensating methods may need to be used in
place of these traditional “IT” security measures.
April 17, 2013
Cyber Threats/Security and System Security
Traditional Security Measures Cannot Meet All
Power System Security Requirements
12
• One method for addressing these problems is to use existing power
system management technologies as a valid and very powerful
method of security management, particularly for detecting, coping
with, and logging security events.
• Add sensors, intelligent controllers, and intrusion-detection
devices on “critical” equipment
• Utilize and expand existing SCADA systems to monitor these
additional security-related devices
• Expand the SCADA system to monitor judiciously selected power
system information from AMI systems.
• Expand Power Flow analysis functions to assess anomalous power
system behaviors such as unexpected shifts of load and generation
patterns, and abnormal power flow contingency analysis results to
identify unexpected situations.
April 17, 2013
Cyber Threats/Security and System Security
Use of Power System SCADA and Energy Management
Systems for Certain Security Solutions
13
CHALLENGES AND STRATEGIES.
14System Security
Cyber Threats/Security and
April 17, 2013
April 17, 2013
Challenges
New 2-Way
Systems
(e.g. AMI, DSM)
Increasing Use of
COTS Hardware
and Software
New Customer
Touch Points into
Utilities
Increasing Number
Of Systems and
Size of Code Base
Control Systems
Not Designed with
Security in Mind
Cyber Threats/Security and System Security
Increasing
Interconnection
and Integration
Increased Risk to Operations
15
Increased Attack Surface
April 17, 2013
Barriers
• Security upgrades to legacy systems are limited by
inherent limitations of the equipment and architectures
• Threat, vulnerability, incident, and mitigation information
sharing is insufficient among government and industry
• Weak business case for cyber security investment by
industry
Cyber Threats/Security and System Security
• Cyber threats are unpredictable and evolve faster than the
sector’s ability to develop and deploy countermeasures
16
• Regulatory uncertainty in energy sector cyber security
April 17, 2013
Strategies
• Develop and Implement New Protective Measures to
reduce Risks.
• Manage Incidence.
• Sustain Security Improvements.
• Use of emerging new security technologies like datadiode.
17
• Access and Monitor Risks.
Cyber Threats/Security and System Security
• Build a culture of security.
• ISO/IEC 27001
- Information Security
Management System.
• NERC-CIP Standards-Critical Infrastructure
Protection Standard.
• NIST IR 7628
– Guidelines for Smart
Grid Cyber Security.
• IEC 62351 Series Security Standards Standards
18
Adoption of Security Standards and
Framework
Cyber
Security
Require
ments
of
Indian
Power
Grid,
27th
May
2012,
Mumbai
April 17, 2013
Road Map for Cyber Security of Grid
• SCADA system up gradation is being done with:• Adoption of Secure ICCP.
• Secure connection between SCADA network and
Enterprise network for cyber security.
• Use of air-gap technology like data-diode at interfacing
point between secure and non-secure network.
19
• Each RLDC has been certified by International Certifying
Body (BSI) for ISO 27001:2005.
Cyber Threats/Security and System Security
• Information Security Management System have been
adopted by every regional load dispatch center.
• There is nothing like absolute security
April 17, 2013
Points to Ponder
• Secure real-time information is a key factor to reliable
delivery of power to the end-users.
• Commoditization of electricity means increased players –
increased exchange of power – increased requirement of
security solution.
• Emerging technology like data-diode is an exciting
technology for ensuring cyber security of critical
infrastructure.
20
• Security comes at a cost – need optimization.
Cyber Threats/Security and System Security
• Every requirement is unique and every solution is
unique.
21
Cyber Threats/Security and System Security
April 17, 2013