Transcript SG_2012_Review_2013_Funding_Request

Stronger, Smarter, More Secure and
Resilient Cyber-Physical Power Grid
Congressional Research and Development Caucus
B-369 Rayburn House Office Building, Washington, DC
Friday, May 15, 2015, Noon– 1:30pm
Dr. S. Massoud Amin*
–
–
–
–
–
Chairman, IEEE Smart Grid
ASME Energy Pubic Policy Task Force
Chairman, Board of Directors, Texas Reliability Entity (TexasRE)
Board of Directors, Midwest Reliability Organization (MRO)
Director, & Endowed Chair, Technological Leadership Institute; Professor of Electrical &
Computer Engineering, University Distinguished Teaching Professor; Univ. of Minnesota
* Support from EPRI, NSF, ORNL, Honeywell and SNL is gratefully acknowledged.
Electric Power Infrastructure:
Interdependencies, Security, and Resilience
Presidential Policy Directive 21:
“Energy and communications
infrastructure especially critical
because of their enabling
functions across all critical
infrastructure areas”
DOE: “A resilient electric grid…
is arguably the most complex
and critical infrastructure.”
The vast networks of electrification are the
greatest engineering achievement of the 20th century
– U.S. National Academy of Engineering
The Smart Infrastructure for a Digital Society
Excellent Power
System Reliability
A Secure Energy
Infrastructure
Exceptional Power
Quality
Integrated
Communications
A Complex Set of
Interconnected Webs:
Security is Fundamental
Adaptive Infrastructures
Threat Evolution: Malicious Code
source: Massoud Amin, EPRI, January 27, 1998
Contagion Timeframe
Seconds
Minutes
Hours
Class III
Human response: impossible
Automated response: unlikely
Proactive blocking: possible
“Flash” Threats
“Warhol” Threats
Class II
Human response: difficult/impossible
Automated response: possible
Blended Threats
Class I
Human response: possible
e-mail Worms
Days
Macro Viruses
Weeks or
months
File Viruses
Early 1990s
Adaptive Infrastructures
Mid 1990s
Late 1990s
2000
2003
Time
Critical System Dynamics and Resilience Capabilities
Variability and uncertainty are inherent in complex networked interdependent socio-technological systems
A system of systems view is necessary to measure, monitor, understand and manage complex work.
Necessary to understand “normal”
• Anticipation of disruptive events
• Look-ahead simulation capability
• Fast isolation and sectionalization
• Adaptive islanding
• Self-healing and restoration
re·sil·ience, noun,
1824: The capability of a
strained body to recover
its size and shape after
deformation caused
especially by
compressive stress;
An ability to recover
from or adjust easily to
misfortune or change
Resilience enables “Robustness”: A system, organism or design
may be said to be "robust" if it is capable of coping well with variations
(internal or external and sometimes unpredictable) in its operating
environment with minimal damage, alteration or loss of functionality.
Adaptive Infrastructures
September 11, 2001 Tragedies
Adaptive Infrastructures
Infrastructure Security
Source: EPRI Infrastructure Security Initiative (ISI) and Enterprise Information Security (EIS) Program
Massoud Amin, EPRI, September 27, 2001
We are
“Bullet Proof”
Adaptive Infrastructures
The Truth
“The Sky is Falling”
Infrastructure Security: The Threat
Source: EPRI Infrastructure Security Initiative (ISI) and Enterprise Information Security (EIS) Program
Massoud Amin, EPRI, September 27, 2001
• Electric power systems
constitute the fundamental
infrastructure of modern
society and therefore an
inviting target for three kinds
of terrorist attacks:
• Attacks upon the system
– Power system itself is
primary target with ripple
effect throughout society
• Attacks by the system
– Population is the actual
target, using parts of the
power system as a
weapon
• Attack through the system
– Utility networks provide
the conduit for attacks on
broad range of targets
Adaptive Infrastructures
Steps Toward Ensuring Security
Source: EPRI Infrastructure Security Initiative (ISI) and Enterprise Information Security (EIS) Program
Massoud Amin, EPRI, September 27, 2001
•
EPRI’s Electricity Infrastructure
Security Assessment considers six
broad areas:
– System-Wide Vulnerability
Assessment
– Grid Security
– Cyber and Communications
Threats
– Distribution System, Disaster
Mitigation & Recovery
– Generation/Environment
– Power Markets
Adaptive Infrastructures
ISI Areas: Addressing System Vulnerability to Various Attack
Modes, Reducing Their Impact, and Rapid Recovery
Source: EPRI Infrastructure Security Initiative (ISI) and Enterprise Information Security (EIS) Program
Massoud Amin, EPRI, October 8, 2001
• Strategic Spare Parts Inventory: Reducing recovery time from
terrorist attack or natural disaster by providing spare parts of
existing equipment and by developing standardized “recovery
transformers” with multiple voltage taps
• Vulnerability Assessment (VA): Determining the impact of potential
terrorist attacks on power system components throughout the endto-end electricity supply chain
• “Red Team” Attacks: Launch mock assaults on the computer and
information networks of selected utility systems, probing for
weaknesses in a manner similar to the FAA’s Red Team efforts
• Secure Communications: Scoping study to determine how to
develop a secure, private communications network for the electric
power industry, as an alternative to Internet-based systems
Adaptive Infrastructures
What can be Done? Vulnerability Assessment
Source: EPRI Infrastructure Security Initiative (ISI) and Enterprise Information Security (EIS) Program
Massoud Amin, EPRI, September 27, 2001
Profile Threats
(Determine
Intent &
Capabilities)
Identify Likely
Targets
Develop Attack
Scenarios*
*Evolving spectra of targets and modes of attack
Apply
War Gaming
Theory
Adaptive Infrastructures
Develop
Countermeasures
Assess Risks
(probability of
successful
attack x impact)
Assess
Vulnerabilities
to each Attack
Smart Grid Interdependencies
Security, Efficiency, and Resilience
The National Plan for Research and Development
In Support of Critical Infrastructure Protection
The area of self-healing
infrastructure was
recommended in 2005 by the
White House Office of Science
and Technology Policy (OSTP)
and the U.S. Department of
Homeland Security (DHS) as
one of three thrust areas for
the National Plan for research
and development in support of
Critical Infrastructure
Protection (CIP)
Technology development, transition and
Implementation: … the really hard part
• Steps in STEM-based R&D to
enable secure, efficient,
resilient and adaptive
infrastructure
• Markets and Policy
framework, implementation,
and evaluation
• Wind-tunnel testing of
designs, markets and policy
Seven Dynamically Interacting Grids
7. Economy Grid
Natural Gas Prices
6. Regulatory Grid
Standard Market Design
5. Ownership/Investor Grid
Investment Signals
4. Electricity Market Grid
Economic
Dispatch
3. “Smart” Self-Healing Grid
• Making the business case for
the opportunity
Self-Healing
FACTS
Control
2. Transmission Grid
Reliable
Delivery
• Decision Support
Dashboard: Have a plan …
Rev 2.2
1. Customers Grid
© 2003 KEE Intl.
Demand/Response
Over the next five years, smart
microgrids will play a growing
role in meeting local demand,
enhancing reliability and
ensuring local control of
electricity.
Emerging developments and
challenges the smart grid
community must address:
Decentralized
Local
Microgrids
International/Faraway
Regional
Cooperation:
Hybrid
Networks
Centralized &
Microgrids
International
Cooperation:
Primarily
Large
Centralized
Generation
Centralized
Possible Transitional and Hybridization
Options in a Wide Range of Assessed
Scenarios: Short- and Long-term
Strategies, Decision Pathways, ROI,
Economic and Societal Objectives,
Policies, and Disruptions (including
dollars, watts, GHG emissions,
risks/benefits – private and public)
Depending on assessments noted
herein, we:
Local/Nearby… Regional/National • Modernize, Retrofit, and Hybridize
Legacy Infrastructure
For a brief overview and some details on microgrids, and this transition, please see:
• Leap-Frog for Isolated Localities or
http://smartgrid.ieee.org/search?searchword=Microgrids&category=smart_grid&x=0&y=0
for Clean Slate Designs
Examples of SG Technologies & Systems
New Challenges for a Smart Grid
Need to integrate:
– Large-scale stochastic (uncertain) renewable generation
– Electric energy storage
– Distributed generation
– Plug-in hybrid electric vehicles
– Demand response (smart meters), AMI, Data Analytics, …
Need to deploy and integrate:
– New Synchronized measurement technologies
– New sensors
– New System Integrity Protection Schemes (SIPS)
Critical Security Controls
Paradigm Shift – Data at MN Valley Coop
Before smart meters
– Monthly read
– 480,000 data points per year
After smart meters
– 15-60 minute kWh
– Peak demand
– Voltage
– Power interruptions
– 480,000,000 data points per year
Industry Needs to Connect 50 Billion Devices by 2020
An unsolved problem costing billions per year in wasted resources
requires radically improved wireless performance and lower cost
Indoors
1B sensors
Battery
Powered
In Vaults
100M meters
1B Water Meters
1B Gas Meters
Underground
Millions of miles of Pipelines & Circuits
Courtesy of On-Ramp Wireless, Inc.
All rights reserved.
Security needs
Physical Security
– Transmission Equipment
– System Security: Preventing system impact
and Protecting critical substations
– Standards
Cyber Security
Security:
What should we be trying to protect
Fuel Supply and Generation Assets
Transmission and Distribution
Controls and Communications
Other Assets
Security:
What issues impede Protection
Inability to share
information
Increased cost of security
Widely dispersed assets
Widely dispersed owners
and operators
Finding training and
empowering security
personnel
• Commercial off-the-shelf
(COTS) controls and
communications
• Siting constraints
• Long lead-time
equipment
• Availability of restoration
funds
• R&D focused on
vulnerabilities
Electrical-Gas Interdependency
There has been a proliferation of natural gas
This has resulted in a shift to use gas for generation,
especially as older plants using other fuels are retired
Pipeline capacities are an issue during cold weather
New England governors and other parties are
bringing forward creative ideas to make long-term
commitments to build new capacity
Additional gas pipeline capacity, accompanied by supply contracts, is
required to meet the growing demand for natural gas for power generation
Recommendations – Security, Privacy,
and Resilience 1 (4)
Facilitate, encourage, or mandate that secure
sensing, “defense in depth,” fast reconfiguration and
self-healing be built into the infrastructure.
Continue developing regional planning of a more
redundant and less vulnerable transmission grid
Continue developing operational tools to more
accurately forecast the availability of natural gas
supply for generators and improve unit commitment
decisions
Recommendations – Security, Privacy,
and Resilience 2 (4)
Mandate consumer data privacy and security for AMI
systems to provide protection against personal profiling,
real-time remote surveillance, identity theft and home
invasions, activity censorship and decisions based on
inaccurate data
Support alternatives for Utilities that wish to eliminate the
use of wireless telecom networks and the public
Internet to decrease grid vulnerabilities
– Include options for utilities to obtain private spectrum at
a reasonable costs
Recommendations – Security, Privacy, and
Resilience 3 (4)
Improve the sharing of intelligence and threat
information and analysis to develop proactive
protection strategies,
– Includes development of coordinated hierarchical threat
coordination centers – at local, regional and national levels
– May require either more security clearances issued to
electric sector individuals or treatment of some intelligence
and threat information and analysis as sensitive business
information, rather than as classified information
Recommendations – Security, Privacy,
and Resilience 4 (4)
Speed up the development and enforcement of cyber
security standards, compliance requirements and
their adoption. Facilitate and encourage design of
security from the start and include it in standards
Design communications and controls systems for
more limited failures including better EMP withstand
capabilities
Increase investment in the grid and in R&D areas that
assure the security of the cyber infrastructure
(algorithms, protocols, chip-level & application-level)
Recommendations – Markets and Policy 1 (2)
Use the National Institute of Standards and Technology
Smart Grid Collaboration or the NARUC Smart Grid
Collaborative as models to bridge the jurisdictional gap
between the federal and the state regulatory organizations
on issues such as technology upgrades and system security
More transparent, participatory and collaborative
discussion among federal and state agencies, transmission
and distribution asset owners, regional transmission
operators and independent system operators and their
members and supporting research to improve
understanding of mutual impacts, interactions and benefits
Recommendations – Markets and Policy 2 (2)
Continue working at a federal level on better
coordination of electricity and gas markets to
mitigate potential new reliability issues due to increasing
reliance on gas generation
Update the wholesale market design to reflect the speed
at which a generator can increase or decrease the
amount of generation needed to complement variable
resources
Recommendations
1.
2.
3.
4.
5.
6.
7.
8.
9.
Facilitate, encourage, or mandate that secure sensing, “defense in depth,” fast reconfiguration
and self-healing be built into the infrastructure
Mandate security for the Advanced Metering Infrastructure, providing protection against
Personal Profiling, guarantee consumer Data Privacy, Real-time Remote Surveillance, Identity
Theft and Home Invasions, Activity Censorship, and Decisions Based on Inaccurate Data
Wireless and the public Internet increase vulnerability and thus should be avoided
Bridge the jurisdictional gap between Federal/NERC and the state commissions on cyber
security
Electric generation, transmission, distribution, and consumption need to be safe, reliable, and
economical in their own right. Asset owners should be required to practice due diligence in
securing their infrastructure as a cost of doing business
Develop coordinated hierarchical threat coordination centers – at local, regional, and national
levels – that proactively assess precursors and counter cyber attacks
Speed up the development and enforcement of cyber security standards, compliance
requirements and their adoption. Facilitate and encourage design of security in from the start
and include it in standards
Increase investment in the grid and in R&D areas that assure the security of the cyber
infrastructure (algorithms, protocols, chip-level and application-level security)
Develop methods, such as self-organizing micro-grids, to facilitate grid segmentation that limits
the effects of cyber and physical attacks
Energy Infrastructure, Economics, Efficiency, Environment, Secure
Communications and Adaptive Dynamic Systems
Economics
Electric Power
Efficiency
Incentives
Private Good
Reliability
Public Good
“Prices to Devices”
Complex, highly nonlinear infrastructure Evolving
markets, rules and designs
“if you measure it you manage it  if you price it you manage it even
better”… Technologies, Designs, Policies, Options, Risks/Valuation
Adaptive Systems (self-healing)
Society (including Policy & Environment)
IEEE Smart Grid http://smartgrid.ieee.org
Summary Recommendations
Support holistic, integrated approach in
simultaneously managing fleet of assets to best
achieve optimal cost-effective solutions addressing the
following:
– Aging infrastructure
– Grid hardening (including weather-related events,
physical vulnerability, and cyber-physical security)
– System reliability
Urgently address managing new Smart Grid assets
such as advanced metering infrastructure (AMI) and
intelligent electronic devices