Securing Smart Grid
C. Edward Chow
University of Colorado at Colorado Springs
Outline of the Talk
Security in Smart Grid
Physical Security Challenges
Cyber Security Challenges
Related Education Programs at UCCS
Survey Results on Certificate Program in Power
and Energy being developed by
UCCS-Colorado Springs Utilities (CSU )
5/29/2009
Smart Grid Education Workshop / Chow
2
Wall Street Journal 4/8/2009
5/29/2009
Smart Grid Education Workshop / Chow
3
Russia Disrupt CNN Interview
with Georgia President
"When Russia invaded Georgia last year, it
simultaneously launched a cyber war. A multi-faceted
cyber attack began against the Georgian infrastructure
and key government web sites. The attack included
Distributed Denial of Service (DDoS)Attacks, Defacing of
Web Sites , Infecting and Disabling VoIP phone system.
Even CNN's interview with Georgian President MikHail
Saakashvili got interrupted and delayed.”
“Many industries are also gravitating towards reducing
the cost of physical security using IPTV and voice over IP
(VoIP) to remotely monitor premises.” --- Juniper Network
on Secure SCADA
5/29/2009
Smart Grid Education Workshop / Chow
4
Vision of Smart Secure Grid
(SSG)
Page 12 of Jeff Harrell & Ron Sega CSU 3_10_2009 Smart
Grid Workshop presentation:
Energy Security in the 21st Century requires a new,
environmentally responsible national energy system
A new Smart Secure Grid architecture will enable:
Increased use of renewable (clean energy options),
Demand-side management (greater efficiency),
And enhanced Infrastructure Security
To date, most Smart Grid projects have been Utility-centric and
heavily focused on AMI and Demand Management
Our region is well positioned to lead this charge and develop a
comprehensive model for the nation
5/29/2009
Smart Grid Education Workshop / Chow
5
Infrastructure Security in SSG
Physical Security Challenges
Vast area for perimeter defense
Few spares for EHV equipment,...
Opportunities for new surveillance/protection systems
Cyber Security Challenges
Old communication infrastructure
New/numerous power sources (potential threats)
SCADA/Distributed Control System (DCS) were not
designed with cyber security requirements in mind,…
Opportunities for new secure architectures/techniques
5/29/2009
Smart Grid Education Workshop / Chow
6
Physical
Security
Challenges
Vast
perimeter
security
(100,000
miles? Of
transmission
lines) to
monitor and
defend!
5/29/2009
Smart Grid
Education
Workshop / Chow3_10_2009
Page
3 of Hareell_Sega
presentation7
Physical Security Solutions
Adaptive High Dynamic Range Imaging
C2FUSE: Command and Control Fusion
INSPECCT: Inexpensive Spectrometer Color Camera Technology
GPS-Based Tracking System for Trauma Patients
Intelligent Imaging System
NCIIA: National Collegiate Inventors and Innovators Alliance
Network Security
NSF Privacy: NSF STTR on Privacy Enhanced Biometrics
ONR FAMME: ONR Facial Analysis in the Moving Maritime Environment
Privacy Enhanced Camera
Projective Biometric Invariants
Revocable Biometrics with Robust Distance Metrics
SEE Port: Surveillance and Enemy Evaluation with PTZ and Omnidirectional Reconnaissance Technology
See research projects http://vast.uccs.edu/
5/29/2009
Smart Grid Education Workshop / Chow
8
Cyber Security Challenges
www.juniper.net/us/en/local/pdf/whitepapers/2000276-en.pdf
Juniper Network White Paper
Architecture for Secure SCADA and Distributed Control System
Networks
DHS identifies industrial control system networks
for critical infrastructures of electric … as one of
the most vulnerable targets for the security of the
United States.
Contrary to popular belief, many modern
industrial control systems use common operating
systems, protocols and networking stacks,
making them vulnerable to worms, viruses, and
application level attacks
5/29/2009
Smart Grid Education Workshop / Chow
9
Securing Control Networks
5/29/2009
Smart Grid Education Workshop / Chow
10
Cyber Security Challenges
Key Management System for
SCADA/DCS
 Support unicast[Sandia],
broadcast[Choi08], multicast
[Lee09], concast?
Authentication in Disaster/Power
Outage Recovery Situation
One solution: Biotope based
Biometric Authentication System
Intrusion Detection/Mitigation
How we deal with Insider Attacks
and Distributed Denial of Services
Attacks
5/29/2009
Smart Grid Education Workshop / Chow
11
Related Cyber Security
Research Projects
Biotope/Biometric Infrastructure --- DOD
Secure Collective Network Defense ---AFOSR
Secure DNS with Indirect Routing against DDoS
Multipath Indirect Routing
Multi-tier QoS Server Systems --- NSF
Accelerated Learning through Game
Technologies: Defense against Insider Attacks -- AFRL-SBIR
Key Management System for Secure Storage
Systems --- joint research project with HP
5/29/2009
Smart Grid Education Workshop / Chow
12
SSG Related Curriculum @
UCCS
Master of Engineering in Information Assurance
Ph.D. in Engineering with Emphasis on Security
IA Certificate Program
Battery Control Curriculum
(funded by DOE
through U. Michigan)
UCCS- CSU need based power engineering
course (offered since 2006)
Power and Energy Certificate Program (being
planned)
5/29/2009
Smart Grid Education Workshop / Chow
13
Power Curriculum @UCCS
ECE 3910-3, Power Systems I, Offered in Spring Semester
Basic concepts and analytical methods in three-phase electric power
systems: single-phase equivalent models; per-unit system of
calculations; power, apparent power, and energy; basic properties of
power systems elements; short-circuit current; voltage drop; and
losses. Includes lectures and demonstrations.
ECE 4910-3, Power Systems II, Offered in Fall Semester
An expansion of topics covered in the first course in Power Systems.
Covers transmission lines, power flow analysis, generation dispatch
and the dynamic behavior of machines and power systems during
abnormal conditions.
ECE 4160-4 Power and Energy. Planned for future offerings.
Magnetic Circuits and materials, transformers, electromechanical
energy conversion principles, introduction to rotating machines, poly
phase induction machines, synchronous machines, DC machines,
stepper motors, laboratory experiments on transformers, synchronous
motors, induction motors, steeper motors, motor control circuits.
5/29/2009
Smart Grid Education Workshop / Chow
14
Survey on Certificate Program in Power and
Energy
May 2009 @ Denver MREL Conference
5/29/2009
Smart Grid Education Workshop / Chow
15
Survey Results
Susan Lovejoy: “With 19 respondents total, the
questionnaire results are not conclusive... except
that there does seem to be interest for
courses. Smart Grid is near the top of the list,
however, Power Systems Analysis is most
important to the utilities. Also, interesting to note
that of the 19 respondents, there are 26 potential
online students (no potential on-campus
students).” Energy economics and electricity
market is most important to the consultants.
5/29/2009
Smart Grid Education Workshop / Chow
16
Survey Comments
“Students must have strong theory in power
basics.”
“Trying to implement the latest stuff like Smart
Grid without power can be disastrous.....”
"no one wants a 20 year old graduate telling
them what they think smart grid should do"
5/29/2009
Smart Grid Education Workshop / Chow
17