Click here to load reader
Upload
mzayan
View
213
Download
0
Embed Size (px)
Citation preview
8/12/2019 Frances Cleveland
http://slidepdf.com/reader/full/frances-cleveland 1/8
Xanthusonsulting International
Smart Grid Cyber Security:Support from Power System
SCADA and EMS
Frances Cleveland
8/12/2019 Frances Cleveland
http://slidepdf.com/reader/full/frances-cleveland 2/8
Xanthus onsulting International June 4, 20142
Cyber Secu r i ty and the Smart Grid – Why is i t impo rtant?
August 14, 2003 Northeast Blackout –
(enhanced pho to)
What caused the
blackout?
Power Equipment Failures?
Mistakes by People?
Information Flow Design Flaws?
What does this blackout have to dowith Security? And Information
Flow Design Flaws? Are those SmartGrid Security Issues?
Yes, given how dependent the Smart
Grid has (and will increasingly)
become on information, “All Hazards”
security mandates the need for a
reliable and secure information
infrastructure
What is this picture?
8/12/2019 Frances Cleveland
http://slidepdf.com/reader/full/frances-cleveland 3/8
Xanthus onsulting International June 4, 20143
What is Security? Some Key Concepts1. For power systems, keeping the lights on is the primary focus. Therefore the key
security requirements are Availability and Integrity, not Confidentiality (AIC,
not CIA)
2. Encryption, by itself, does not provide security.
3. Security threats can be deliberate attacks OR inadvertent mistakes, failures,
and natural disasters.
4. The most dangerous “attacker” is a disgruntled employee who knows exactly
where the weaknesses are the easiest to breach and could cause the worstdamage.
5. Security solutions must be end-to-end to avoid “man-in-the-middle” attacks or
failed equipment from causing denial of service
6. Security solutions must be layered, so that if one layer is breached, the next will
be there. Security is only as strong as its weakest link.
7. Security will ALWAYS be breached at some time – there is no perfect security
solution. Security must always be planned around that eventuality.
8. Security measures must balance the cost of security against the potential
impact of a security breach
8/12/2019 Frances Cleveland
http://slidepdf.com/reader/full/frances-cleveland 4/8
Xanthus onsulting International June 4, 20144
To maintain power system reliability, need tomanage both the Power System Infrastructure and its supporting Information Infrastructure
Central Generating Station
Step-UpTransformer
Distribution Substation
Receiving Station
Distribution Substation
Distribution Substation
Commercial
Industrial Commercial
GasTurbine
Diesel Engine
Cogeneration
Cogeneration
Turbine
Fuelcell
Micro- turbine
Wind Power
Residential
Storage
Photovoltaic systems
Control Center
Operators,
Planners & Engineers
2. Communications and Information Infrastructure
1.Power System Infrastructure
8/12/2019 Frances Cleveland
http://slidepdf.com/reader/full/frances-cleveland 5/8
Xanthus onsulting International June 4, 20145
Traditional “IT” Security Measures Cannot Meet All PowerSystem Security Requirements
• Two key security issues for utilities are power system
reliability and legacy equipment: – Power systems must continue to operate as reliably as
possible even during a security attack.
– It is financially and logistically impractical to replace olderpower system equipment just to add security measures.
• Layered security is critical not only to prevent security attacks, butalso to detect actual security breaches, to survive during a securityattack, and to log all events associated with the attack.
– Most traditional “IT” security measures, although able toprevent and/or detect secur i ty attacks, cannot d irect ly h elp
power systems to con t inue operat ing.
– For legacy sy stems and fo r non -cr i t ical , compu te-
cons trained equipment, compensating methods may need to
be used in place of these traditional “IT” security measures.
8/12/2019 Frances Cleveland
http://slidepdf.com/reader/full/frances-cleveland 6/8
Xanthus onsulting International June 4, 20146
Use of Power System SCADA and EnergyManagement Systems for Certain Security Solutions
• One method for addressing these problems is to use existing
power system management technologies as a valid and verypowerful method of security management, particularly fordetecting, coping with, and logging security events.
– Add sensors, intelligent controllers, and intrusion-detectiondevices on “critical” equipment
– Utilize and expand existing SCADA systems to monitor theseadditional security-related devices
– Expand the SCADA system to monitor judiciously selectedpower system information from AMI systems.
– Expand Power Flow analysis functions to assess
anomalous power system behaviors such as unexpected shiftsof load and generation patterns, and abnormal power flowcontingency analysis results to identify unexpected situations.
8/12/2019 Frances Cleveland
http://slidepdf.com/reader/full/frances-cleveland 7/8
Xanthus onsulting International June 4, 20147
Distribution
Markets Service Provider
Distribution Grid Management Use Cases: Logical
Interfaces Used by NIST for Security Assessments
Customer
ISO/RTOTransmission
SCADA/EMS
Energy Market Clearinghouse Aggregators and Energy
Market-based Providers
Operations
Distribution
SCADA Geographic
Information
System AM/FM
Customer
Information Sys
Distribution
Operator
DMS power system
modeling functions:
DOMA, VVWS, FLIR,
CA, MFR, OMS, WMS
Metering &
Billing
Load
Management
System
AMI Headend
Customer appliances, DER, PEV,Electric Storage
MeteringDistribution
Engineering
Distributed Intelligence
Capabilities
Distribution Field
Crews, MobileComputing
2
3
Energy Service
Providers
5
6
8
9
12
14
13
15
16
1
19
28
21
23
24
25
26
DOMA: Distribution Operations Model & Analysis
VVWS: Volt-Var-WattFLIR: Fault Location, Isolation, Restoration
MFR: Multi-Feeder Reconnection
OMS: Outage Management SystemWMS: Work Management System
10
29
30
32
Customer
EMS
AMI Network
20
ESI/
Gatewa
y
11
CollectorsRTUs
or
IEDs
31
3334
35
ESI/Gateway
17
18
27
Sensors
4
722
36
8/12/2019 Frances Cleveland
http://slidepdf.com/reader/full/frances-cleveland 8/8
Xanthusonsulting International
¿Questions?
Frances Cleveland