Upload
opal-rt-technologies
View
864
Download
0
Embed Size (px)
Citation preview
PowerPoint Presentation
Power GridCybersecurity Webinar
Jan. 29, 2016
1
Introduction & Real-Time ApplicationsThomas KirkSales EngineerOPAL-RT TechnologiesKeynote SpeakerDavid ManzCybersecurity Research ScientistPacific Northwest National Laboratory
Your Hosts
2
1
2
3
4
5Introduction
Real-Time Simulation, Applications, & SolutionsCyber AttacksOPAL-RT UsersDavid ManzPNNL4
Question Period
6Presentation Outline
The electric power grid is evolving quickly with the introduction of new intelligent technologies, which will improve its efficiency and performance. However, these technologies have the potential to make the grid more vulnerable to cyberattacks, which has motivated a new set of standards (NERC CIP).1
OPAL-RT is dedicated to providing open power system real-time digital simulators that meets the new requirements of power system professionals as the industry focus on cybersecurity increases. Introduction
1 R. J. Campbell, Cybersecurity Issues for the Bulk Power System, Congressional Research Service, 2015
1
4
The art of ensuring the existence and continuity of the information society of a nation, guaranteeing and protecting, in Cyberspace, its information, assets and critical infrastructure. 23 Canongia, C., & Mandarino, R. 2014. Cybersecurity: The New Challenge of the Information Society. InCrisis Management: Concepts, Methodologies, Tools and Applications:60-80. Hershey, PA: IGI Global.
DEFINITIONS:
The activity or process, ability or capability, or state whereby information and communications systems and the information contained therein are protected from and/or defended against damage, unauthorized use or modification, or exploitation.12 Cybersecurity definition taken from National Initiative for Cybersecurity Careers and Studies (NICCS)
Introduction
2
Introduction: Grid ModernizationModern power grids are Cyber-Physical System (CPS) composed of electrical and information infrastructure
The grid is becoming intelligent through:Wide deployment of new technologiesSubstation, transmission and distribution automationIncreased distributed Energy Resource (DER) integrationAdvanced two-way communication networksDevelopment of synchrophasor systems
But as newer technologies are adopted, the grid is becoming more vulnerable to cybersecurity threats both: Malicious and Accidental4
4 See NIST (http://www.nist.gov/el/smartgrid/cybersg.cfm)
Asset Management
Grid Control
Data Collection & Local Control
Communication
Sensors
Source: EPRI 2007
3
Smart grid cybersecurity must address not only deliberate attacks, such as from disgruntled employees, industrial espionage, and terrorists, but also inadvertent compromises of the information infrastructure due to user errors, equipment failures, and natural disasters.-NIST (http://www.nist.gov/el/smartgrid/cybersg.cfm)
6
Introduction: Threats and ScenariosDozens of industrial-level cybersecurity incidents since 1999 (Source: Lloyds):2001: Cal-ISO hacking incident (15 days)2007: Idaho National Laboratory Aurora experiment2010: Iran nuclear Stuxnet incident 2012: German utility DoS attack (5 days)
FERC analysis: The loss of 9 out of 55k+ US substations could lead to an extended (1+ year) national blackout (Source: WSJ)
2014 NESCOR failure scenarios report includes failures due to:Compromised equipment functionalityData integrity attacksCommunication failuresHuman ErrorNatural Disasters
2014 NESCOR failure scenarios report 4
7
NERC CIP Standards focus largely on risk assessment and identification of:Critical AssetsCritical Cyber Assets
SGIP Cyber Security Guidelines (NISTIR 7628) are also based on risk assessment:
Simulation can be used to answer these questions and assess risk What about real-time simulation?
Introduction: Risk Assessment
From Introduction to NISTIR 7628 Guidelines for Smart Grid Cyber Security
5
Critical Asset: Facilities, systems, and equipment which if destroyed, degraded, or otherwise rendered unavailable would affect the reliability or operability of the Bulk Electric System.Critical Cyber Asset: Cyber Assets essential to the reliable operation of Critical Assets.
8
1
2
3
4
5Introduction
Real-Time Simulation, Applications, & SolutionsCyber AttacksOPAL-RT UsersDavid ManzPNNL4
Question Period
6Presentation Outline6
Real-Time Simulation7
10
Real-Time Cybersecurity ApplicationsRisk assessment studies including penetration testing, & cyber-critical asset and vulnerability identification
Research & development, design and testing of:Situational awareness, anomaly detection and cyber-attack mitigation systemsNetwork/communication systemsControl and monitoring systems (e.g. SCADA, DMS, EMS, WAMPAC)Synchrophasor systemsState Estimators
Meeting standards specific and related to cybersecurity, following smart grid guidelinese.g. NERC CIP, NIST SGIP-CSWG, IEEE C37.118
8
POLL after this slideWhich of these cybersecurity applications have you used or plan on using?11
To & From Virtual DevicesCommands, Status
Typical Real-Time Simulation Setup
GPS ClockPMU
Antenna
C37.118
Analog outTime syncRFTime sync
RelayIEC61850 SV, GOOSEVirtual Devices
Analog out
Digital Comm
Phasor Data Concentrator(PDC)Control Center: Control, Applications and HMI
Controller
Modbus, DNP3, etc.Analog, Digital IOCommunication Network
Synchropasors
Power Amplifier
9
12
Detailed Large-Scale Power System software developed by Hydro-Qubec
Automated testing with TestView (supports Python)
Based on MATLAB/Simulink & SimPowerSystems
Open API (Python, C++, Java)Automate studies, link to external systemsPhasor-based real-time simulation software for very large networksImport PSSE, CYME, DIgSILENT PowerFactory networks
Software Solutions ePHASORsim Real-Time Transient Stability Simulator 10 ms time step HYPERsim Large Scale Power System Simulation for Utilities & Manufacturers 25 s to 100 s time step
1 s(1 Hz)10,0002,0001,00050010010010 ms(100 Hz)50 s(20 KHz)10 s(100 KHz)20,000Period (frequency) of transient phenomena simulatedNumber of 3-Phase Buses eMEGAsim Power System & Power Electronics Simulation 10 s to 100 s time step
C37.118 PDCModel Predictive Controller
EmulatedPMUsC37.118 Systems Under Test10
13
Protocol support for smart grid applications:IEC61850-8-1 GOOSEIEC61850-9-2 Sampled ValuesC37.118MODBUSDNP3IRIG-B and 1 PPS Sync
Permits for some attacks/faults to be emulated directly within a model
Communication Protocols
IEC 60870-5-104OPC UA ServerTCP/IPUDPRS-232, RS-422, RS-485IEEE 1588
Signals from model11
14
Communication becoming critical component of grid along with new considerations (NISTIR 7628):CybersecurityPerformance: Latency, Bandwith, Processing SpeedAdded cost
Network simulators have been used towards real-time co-simulation of power and communication systems
Network SimulatorsCommercialFree-for-useNetSimQualnetRiverbed Modeler (formerly OPNET)NS2, NS3OMNeT++Kali LinuxJ-Sim
Network Simulation Tools with Real-Time Capabilities
Source: NISTIR 110012
12
3
4
5Introduction
Cyber AttacksOPAL-RT UsersDavid ManzPNNL4
Question Period
6Presentation Outline
2
Real-Time Simulation, Applications, & Solutions13
Denial-of-Service (DoS) Attacks can render a service unavailable either through a direct or indirect attackIEC61850 Goose identified as susceptible due to status numbers (Skopik & Smith 2015)Also refers to physical attacks on communication infrastructureCutting wiresWireless jamming
Cyberattacks: DoS
Reference: Skopik F., Smith P.: Smart Grid Security - Innovative Solutions for a Modernized Grid, Elsevier Science Publishing, 2015, ISBN: 978-0-12-802122-4.
14
17
Man-in-the-middle (MitM) attacks impersonate two communication nodes by making them believe that they are talking together (Skopik & Smith 2015):Packet injection/spoofing (IEC61850 Goose, DNP3, MODBUS),Packet suppression,Recording, replaying and modification of recorded packets
Cyberattacks : Man-in-the-Middle
Reference: Skopik F., Smith P.: Smart Grid Security - Innovative Solutions for a Modernized Grid, Elsevier Science Publishing, 2015, ISBN: 978-0-12-802122-4.
15
18
GNSS spoofing/meaconing is a threat to PMUs and synchrophasor systems, heavily reliant on time synchronizationFor 60 Hz networks, IEEE C37.118-2014 Standard allows max 26.53 s pure timing error
Cyberattacks : GNSS Spoofing/Meaconing
Source: http://rnl.ae.utexas.edu/images/stories/files/papers/spoofSMUCIP2012.pdf
Spoof lockedC37.118StandardBrokenSpoofer removed
D. P. Shepard, T. E. Humphreys, and A. A. Fansler, Evaluation of the vulnerability of phasor measurement units to GPS spoofing attacks, International Journal of Critical Infrastructure Protection, vol. 5, no. 34, pp. 146153, 2012.
GNSS Simulator
16
19
123
4
5Introduction
OPAL-RT UsersDavid ManzPNNL4
Question Period
6Presentation Outline
2
Real-Time Simulation, Applications, & Solutions
3
Cyber Attacks
KTH
Almas, M.S.; Baudette, M.; Vanfretti, L; Lovlund, S; Synchrophasor network, laboratory and software applications developed in the STRONg2rid project, 2014 PES General Meeting & Conference & Exposition, Wahsinton, USA, 27-31 July 2014
Comprehensive WAMPAC Test Bench
17
21
Virginia Tech University
D. Bian, M. Kuzlu, M. Pipattanasomporn, S. Rahman, Y. Wu, Real-time co-simulation platform using OPAL-RT and OPNET for analyzing smart grid Performance, Power & Energy Society General Meeting, 2015 IEEE, 1-5
Smart grid communication system performance testing OPNET uses to simulate smart grid traffic
18
22
Ohio State University
F. Guo, L. Herrara, R. Murawski, E. Inoa, C. Wang, P. Beauchamp, E. Ekici, J. Wang. Comprehensive Real-Time Simulation of the Smart Grid, IEEE Transactions on Industry Applicatio, Vol. 49, No. 2, 2013
Microgrid power and communication systems co-simulation Results show that communications have a significant effect on system dynamics
19
23
University of South Florida
Smart Grid Power Systems Lab (SPS) uses OPAL-RT to model power grid and PMUs in SCADA Testbed for research validation:Cybersecurity,Communication,Grid visualization,Power system control and optimization
Simulator connects to OSIsoft PI Server IEEE-C37.118 to PI Server to send data and receive commands
H.G. Aghamolki, Z. Miao, L. Fan. A Hardware-in-the-Loop SCADA Testbed, North American Power Symposium (NAPS), 2015
20
24
123Introduction
6Presentation Outline
2
Real-Time Simulation, Applications, & Solutions
3
Cyber Attacks
4
OPAL-RT Users
5
David ManzPNNL
Question Period
23Cyber-Physical Security Research, Experimentation and ApplicationsDavid Manz, PhDPacific Northwest National Laboratory Richland, WA
26
24powerNETWhat is it?Multi-user power system testbedSandbox environmentExperiment basedAccess controls by project/userAuto-configurationBuilt upon cloud technologyRemote accessScalableEmulation and simulationUser friendlyConfiguration/monitoring portalCommon library of scenarios
25What is it?Modular and extendableSupport for multiple cyber physical industriesFederation with internal and external testbeds and resourcesCurrent capacity2-3 projects at onceVisionNational user facility
26FacilitiesCloud technology based orchestration with web based user portalNetwork EmulationEmulate LAN/WAN communication characteristics. Examples:Dedicated LineDial-upWirelessSCADA environmentsReal equipment to model ~2 substationsSoftware simulation of dozens of SCADA equipmentSupport for legacy communications
2/1/201629
27Facilities Cont.Physical Process Emulation OPAL-RTHardware-in-the-loop modelingLarge scale simulationSynchrophasors9 PMU from variety of vendors1 PMU Development Platform1 Hardware PDC (Many software PDC possible) Up to ~1000 general purpose virtual nodes possibleXenServer hypervisorEnergy Management System
2/1/201630
28Testbed UsesValidation and verificationTechnology assessment and prototypingSimulation and modelingTraining and educationDemonstration (with PNNL EIOC)
Annual Review 201229Research TopicsCyber securityCyber-physical systemCyber impact/interaction on physical processesDistributed applicationsSmart GridInteroperability testingApplication prototyping
30powerNET Usage ExamplesGridlab-D Analysis ProjectFPGI: A Distributed Systems Architecture for the Power Grid CEDS Digital Ants IEC 61850/62351 Interoperability TestingSCADA network determinismCyber-Physical TrainingDHS Cyber-Physical Federation Demonstration
31powerNET Testbed BenefitsMulti-user shared facility and equipmentTime and resource efficientDynamically configurableRemote accessTest wide scale federation of testbeds and understand associated management and security concernsUser benefits:Researchers: Efficiency, Realistic SandboxIndustry: Conformance and Interoperability testingAcademia: Hands-on Education
32cyberNETPeer CapabilityModel and emulation enterprise environmentsEnterprise servicesUser modeling and simulationFederate resources for bigger experimentsIT and OT joint experiments
33powerNET Video
34Question Period
Thomas [email protected]
David [email protected]
37
Our new Cybersecurity webpage is now online:http://www.opal-rt.com/cybersecurity
For a one-on-one demo or any additional questions you might have:http://www.opal-rt.com/contact-opal-rt
Visit our event page to view where to meet OPAL-RT Technologies:http://opal-rt.com/events
The content of this webinar will be available shortly on: http://opal-rt.com/events/past-webinars
Quick Survey as you leave!35Thank you!
Join the Conversation! "Real-Time Simulation with OPAL-RT
38