SMART GRID COMMUNICATION SECURITY EE5970 Computer Engineering Seminar Professor : Dr. Zhuo feng.
Post on 22-Dec-2015
214 Views
Preview:
Transcript
SMART GRID COMMUNICATIONSECURITY
EE5970 Computer Engineering Seminar
Professor : Dr. Zhuo feng
OVERVIEW
• Introduction
• History
• Why do we need cyber security
• How do we achieve it
• Summary
• Conclusion 204/19/23 Cyber security for smart grid
What is smart grid
• Smart grids – add communication capabilities and intelligence to traditional grids
• What enables smart grids I. Intelligent sensors and actuatorsII. Extended data management systemIII.Expanded two way communication between
utility operation system facilities and customersIV.Network security
304/19/23 Cyber security for smart grid
Primary objectives of smart grids
• National integration
• Self healing and adaptive –Improve distribution and transmission system
operation
• Allow customers freedom to purchase power based on dynamic pricing
• Improved quality of power-less wastage
• Integration of large variety of generation options
404/19/23 Cyber security for smart grid
Economic and social benefits of smart grids
• Provide Customer Benefits• Reduce Peak Demand• Increase Energy Conservation & Efficiency• Reduce Operating Expenses• Increase Utility Worker Safety• Improve Grid Resiliency and Reliability• Reduce Greenhouse Gas Emissions• Promote Energy Independence• Promote Economic Growth & Productivity
504/19/23 Cyber security for smart grid
HISTORY
Need to automate
704/19/23 Cyber security for smart grid
Transformation from mechanical relays to microprocessors
GE CFD Intel 4004
804/19/23 Cyber security for smart grid
Intelligent electronic devices (IED)explosion
• Protection relay • Auxiliary relay • Cheap contractors• Remote terminal units • Circuit breaker monitor• Revenue meters• Solar flare detectors • Power quality monitors• Phasor measurement units• Communication processors• Communication alarm etc
904/19/23 Cyber security for smart grid
Telecontrol
• SCADA (North America)• Different protocols for different operations • Proprietary protocols (more than 100)• Modbus• DNP• IEC61850
1004/19/23 Cyber security for smart grid
SCADA Protocols list (Not complete list )
• Siemens quad 4 meter• CONITEL 2000• CONITEL 2100• CONITEL 3000• CONITEL 300• HARRIS 5000• HARRIS 5600• HARRIS 6000• UCA 2.0 or MMS• PG & E 2179• MODBUS• DNP3• ICCP • IEC 61850
1104/19/23 Cyber security for smart grid
Few existing general protocols
• MODBUS -Primitive with no security and not very extensible
• DNP3 –Advanced SCADA protocol• DNP1 and 2 are proprietary protocols • IEC 61850 the most used protocol for new
implementations • ICCP
1204/19/23 Cyber security for smart grid
ARCHITECTURE OF SMART GRIDS
Architecture of smart grids
14Source : Fluke corporation
04/19/23 Cyber security for smart grid
Architecture of communication infrastructure [1]
1504/19/23 Cyber security for smart grid
Communication media used for smart grids[1]
• Urge for new FCC allocation for smart grids • PLC –Power line carriers• Ethernet • WLAN • Zigbee• Bluetooth• Optical fiber • Microwave etc
1604/19/23 Cyber security for smart grid
Priority and types of information
17Communication model , source: NIST Vol 104/19/23 Cyber security for smart grid
Why ?
• Network security is a priority and not a add on for smart grids
• Protecting control center alone - not enough• Remote acess to devices• Qos requirement from security system • Safety (line worker public and equipment)• Reliability and availability
1804/19/23 Cyber security for smart grid
Physical Manifestation
19Source : YouTube
04/19/23 Cyber security for smart grid
Different communication systems[4]
2004/19/23 Cyber security for smart grid
Adversaries[5]
• Nation states• Hackers • Terrorist /Cyber terrorists• Organized crime• Other criminal elements• Industrial competitors• Disgruntled employees• Careless and poorly trained employees
2104/19/23 Cyber security for smart grid
Classification of attacks
• Component based attacks
• Protocol based attack
2204/19/23 Cyber security for smart grid
COMPONENT BASED ATTACKS
COMPONENT BASED ATTACK -STUXNET
• Specifically programmed to attack scada and could
reprogram PLC’s
• Zero day attack
• Highly complex
• 0.5 Mb file transferred able to multiply
• Targets- Iran nuclear plants ,Process plants in Germany and
ISRO India
Source: wikipedia
2404/19/23 Cyber security for smart grid
SCADA attacks
• Internal attacks Employee Contractor
• External attacks Non specific- malware , hackers Targeted
Special knowledge – former insider No special knowledge –hacker terrorist
Natural disaster Manmade disasters
2504/19/23 Cyber security for smart grid
Scada vulnerability points
• Unused telephone line – war dialing
• Use of removable media – stuxnet
• Infected Bluetooth enabled devices
• Wi-Fi enabled computer that has Ethernet connection to scada
system
• Insufficiently secure Wi-Fi
• Corporate LAN /WAN
• Corporate web server email servers internet gateways
2604/19/23 Cyber security for smart grid
CYBER ATTACKS ON SCADA
• Web servers or SQL attacks
• Email attacks
• Zombie recruitment
• DDOS attacks
2704/19/23 Cyber security for smart grid
Protocol based attacks
• All protocols runs on top of IP protocol and IP protocol has its own
set of weakness
• DNP3 implements TLS and SSL encryption which is weak
• The protocol is vulnerable to out-of-order, unexpected or
incorrectly formatted packets
• A significant weakness for IEC 61850 is that it maps to MMS
(Manufacturing message specification)as the communications
platform, which itself has a wide range of potential vulnerabilities
2804/19/23 Cyber security for smart grid
Unique security challenges in smart grids
• Scale
• Legacy devices
• Field location
• Culture of security through obscurity
• Evolving standards and regulations
2904/19/23 Cyber security for smart grid
How ?
• Security by obscurity
• Trust no one
• Layered security framework
• Efficient firewall
• Intrusion detection
• Self healing security system
3004/19/23 Cyber security for smart grid
Key management[1]
• Issue of key management – Scale
• PKI with trusted computing elements-
considerable amount of security
• Embedded computing Vs general purpose
computing
3104/19/23 Cyber security for smart grid
Basic PKI Infrastructure [1]
3204/19/23 Cyber security for smart grid
Issues with PKI[3]
• Updating the keys
• Parameter generation
• Key distribution
• Staffing for key management
3304/19/23 Cyber security for smart grid
Types of security[1]
• Reactive Vs Proactive security • Reactive
– Incident response plan – Applied for general purpose computers more
• Proactive Security for embedded computers • High assurance boot • Secure software validation• Secure association termination if found infected • Device assertation
3404/19/23 Cyber security for smart grid
Incidence response plan[1]
3504/19/23 Cyber security for smart grid
Attack trees for assessment of cyber security[2]
3604/19/23 Cyber security for smart grid
Calculation of cyber security conditions (omega)
3704/19/23 Cyber security for smart grid
Weighing factor for password policy
3804/19/23 Cyber security for smart grid
Calculations of vulnerability index
• Leaf VI : max( total countermeasures implemented /total countermeasures available x ω , ω x weighing factor of password policy)
• Scenario vulnerability index : Product of its leaf vulnerability indices
• System vulnerability index is the max of all scenario vulnerabilities indices
3904/19/23 Cyber security for smart grid
Use of attack trees to assess security
4004/19/23 Cyber security for smart grid
Summary
• Different security constraints that makes securing smart
grids a difficult problem
• Several highly efficient adversaries
• Use existing protocols like IP with known vulnerabilities and
work around to using new protocols with unknown
vulnerabilities
• Use of layered security architecture and attack tree’s for
efficient security and risk assessment
4104/19/23 Cyber security for smart grid
Groups working on smart grids• UCA International user group
www.ucaiug.org • International electrochemical commission
www.iec.ch • Electric power research institute
www.epri.com • Intelligrid consortium and architecture
www.intelligrid.epri.com • IEEE smart grid
www.smartgrid.ieee.org • NIST
csrc.nist.gov
4204/19/23 Cyber security for smart grid
Conclusion
• 25% of united states already runs smart grids
• Any tiny vulnerabilities should be not be compromised
• Scalable and adaptable security system
• Light weight and self healing capabilities
• Hybrid between centralized and distributed
• Impenetrable and fail proof
• Security should be real time
4304/19/23 Cyber security for smart grid
References[1] Metke, A.R.; Ekl, R.L.; , "Security Technology for Smart Grid Networks," Smart Grid, IEEE
Transactions on , vol.1, no.1, pp.99-107, June2010 doi: 10.1109/TSG.2010.2046347
[2] Chee-Wooi Ten, Chen-Ching Liu, and Manimaran Govindarasu, "Vulnerability Assessment of Cybersecurity for SCADA Systems," IEEE Transactions on Power Systems, vol. 23, no. 4, pp. 1836-1846, Nov. 2008
[3] Khurana, H.; Hadley, M.; Ning Lu; Frincke, D.A.; , "Smart-Grid Security Issues," Security & Privacy, IEEE , vol.8, no.1, pp.81-85, Jan.-Feb. 2010doi: 10.1109/MSP.2010.49URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5403159&isnumber=5403138
[4] Dong Wei; Yan Lu; Jafari, M.; Skare, P.; Rohde, K.; , "An integrated security system of protecting Smart Grid against cyber attacks," Innovative Smart Grid Technologies (ISGT), 2010 , vol., no., pp.1-7, 19-21 Jan. 2010doi: 10.1109/ISGT.2010.5434767URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5434767&isnumber=5434721
[5] NIST guidelines for smart grid security Vol 1
4404/19/23 Cyber security for smart grid
THANK YOU FOR LISTENING
top related