Frances Cleveland

8/12/2019 Frances Cleveland

http://slidepdf.com/reader/full/frances-cleveland 1/8

Xanthusonsulting International

Smart Grid Cyber Security:Support from Power System

SCADA and EMS

Frances Cleveland

[email protected]



Xanthus onsulting International June 4, 20142

Cyber Secu r i ty and the Smart Grid – Why is i t impo rtant?

August 14, 2003 Northeast Blackout –

(enhanced pho to)

What caused the

blackout?

Power Equipment Failures?

Mistakes by People?

Information Flow Design Flaws?

What does this blackout have to dowith Security? And Information

Flow Design Flaws? Are those SmartGrid Security Issues?

Yes, given how dependent the Smart

Grid has (and will increasingly)

become on information, “All Hazards”

security mandates the need for a

reliable and secure information

infrastructure

What is this picture?




What is Security? Some Key Concepts1. For power systems, keeping the lights on is the primary focus. Therefore the key

security requirements are Availability and Integrity, not Confidentiality (AIC,

not CIA)

2. Encryption, by itself, does not provide security.

3. Security threats can be deliberate attacks OR inadvertent mistakes, failures,

and natural disasters.

4. The most dangerous “attacker” is a disgruntled employee who knows exactly

where the weaknesses are the easiest to breach and could cause the worstdamage.

5. Security solutions must be end-to-end to avoid “man-in-the-middle” attacks or

failed equipment from causing denial of service

6. Security solutions must be layered, so that if one layer is breached, the next will

be there. Security is only as strong as its weakest link.

7. Security will ALWAYS be breached at some time – there is no perfect security

solution. Security must always be planned around that eventuality.

8. Security measures must balance the cost of security against the potential

impact of a security breach




To maintain power system reliability, need tomanage both the Power System Infrastructure and its supporting Information Infrastructure

Central Generating Station

Step-UpTransformer

Distribution Substation

Receiving Station



Commercial

Industrial Commercial

GasTurbine

Diesel Engine

Cogeneration

Cogeneration

Turbine

Fuelcell

Micro- turbine

Wind Power

Residential

Storage

Photovoltaic systems

Control Center

Operators,

Planners & Engineers

2. Communications and Information Infrastructure

1.Power System Infrastructure




Traditional “IT” Security Measures Cannot Meet All PowerSystem Security Requirements

• Two key security issues for utilities are power system

reliability and legacy equipment: – Power systems must continue to operate as reliably as

possible even during a security attack.

– It is financially and logistically impractical to replace olderpower system equipment just to add security measures.

• Layered security is critical not only to prevent security attacks, butalso to detect actual security breaches, to survive during a securityattack, and to log all events associated with the attack.

– Most traditional “IT” security measures, although able toprevent and/or detect secur i ty attacks, cannot d irect ly h elp

power systems to con t inue operat ing.

– For legacy sy stems and fo r non -cr i t ical , compu te-

cons trained equipment, compensating methods may need to

be used in place of these traditional “IT” security measures.




Use of Power System SCADA and EnergyManagement Systems for Certain Security Solutions

• One method for addressing these problems is to use existing

power system management technologies as a valid and verypowerful method of security management, particularly fordetecting, coping with, and logging security events.

– Add sensors, intelligent controllers, and intrusion-detectiondevices on “critical” equipment

– Utilize and expand existing SCADA systems to monitor theseadditional security-related devices

– Expand the SCADA system to monitor judiciously selectedpower system information from AMI systems.

– Expand Power Flow analysis functions to assess

anomalous power system behaviors such as unexpected shiftsof load and generation patterns, and abnormal power flowcontingency analysis results to identify unexpected situations.




Distribution

Markets Service Provider

Distribution Grid Management Use Cases: Logical

Interfaces Used by NIST for Security Assessments

Customer

ISO/RTOTransmission

SCADA/EMS

Energy Market Clearinghouse Aggregators and Energy

Market-based Providers

Operations

Distribution

SCADA Geographic

Information

System AM/FM

Customer

Information Sys

Distribution

Operator

DMS power system

modeling functions:

DOMA, VVWS, FLIR,

CA, MFR, OMS, WMS

Metering &

Billing

Load

Management

System

AMI Headend

Customer appliances, DER, PEV,Electric Storage

MeteringDistribution

Engineering

Distributed Intelligence

Capabilities

Distribution Field

Crews, MobileComputing

2

3

Energy Service

Providers

5

6

8

9

12

14

13

15

16

1

19

28

21

23

24

25

26

DOMA: Distribution Operations Model & Analysis

VVWS: Volt-Var-WattFLIR: Fault Location, Isolation, Restoration

MFR: Multi-Feeder Reconnection

OMS: Outage Management SystemWMS: Work Management System

10

29

30

32

Customer

EMS

AMI Network

20

ESI/

Gatewa

y

11

CollectorsRTUs

or

IEDs

31

3334

35

ESI/Gateway

17

18

27

Sensors

4

722

36



Xanthusonsulting International

¿Questions?

Frances Cleveland

[email protected]

Documents

Frances Cleveland