PPT slides - Electrical and Computer Engineering
advertisement
SMART GRID COMMUNICATION SECURITY EE5970 Computer Engineering Seminar Professor : Dr. Zhuo feng OVERVIEW • Introduction • History • Why do we need cyber security • How do we achieve it • Summary • Conclusion 4/13/2015 Cyber security for smart grid 2 What is smart grid • Smart grids – add communication capabilities and intelligence to traditional grids • What enables smart grids I. Intelligent sensors and actuators II. Extended data management system III. Expanded two way communication between utility operation system facilities and customers IV. Network security 4/13/2015 Cyber security for smart grid 3 Primary objectives of smart grids • National integration • Self healing and adaptive –Improve distribution and transmission system operation • Allow customers freedom to purchase power based on dynamic pricing • Improved quality of power-less wastage • Integration of large variety of generation options 4/13/2015 Cyber security for smart grid 4 Economic and social benefits of smart grids • • • • • • • • • Provide Customer Benefits Reduce Peak Demand Increase Energy Conservation & Efficiency Reduce Operating Expenses Increase Utility Worker Safety Improve Grid Resiliency and Reliability Reduce Greenhouse Gas Emissions Promote Energy Independence Promote Economic Growth & Productivity 4/13/2015 Cyber security for smart grid 5 HISTORY Need to automate 4/13/2015 Cyber security for smart grid 7 Transformation from mechanical relays to microprocessors GE CFD 4/13/2015 Intel 4004 Cyber security for smart grid 8 Intelligent electronic devices (IED)explosion • • • • • • • • • • • Protection relay Auxiliary relay Cheap contractors Remote terminal units Circuit breaker monitor Revenue meters Solar flare detectors Power quality monitors Phasor measurement units Communication processors Communication alarm etc 4/13/2015 Cyber security for smart grid 9 Telecontrol • • • • • • SCADA (North America) Different protocols for different operations Proprietary protocols (more than 100) Modbus DNP IEC61850 4/13/2015 Cyber security for smart grid 10 SCADA Protocols list (Not complete list ) • • • • • • • • • • • • • • Siemens quad 4 meter CONITEL 2000 CONITEL 2100 CONITEL 3000 CONITEL 300 HARRIS 5000 HARRIS 5600 HARRIS 6000 UCA 2.0 or MMS PG & E 2179 MODBUS DNP3 ICCP IEC 61850 4/13/2015 Cyber security for smart grid 11 Few existing general protocols • MODBUS -Primitive with no security and not very extensible • DNP3 –Advanced SCADA protocol • DNP1 and 2 are proprietary protocols • IEC 61850 the most used protocol for new implementations • ICCP 4/13/2015 Cyber security for smart grid 12 ARCHITECTURE OF SMART GRIDS Architecture of smart grids 4/13/2015 Cyber security for smart grid Source : Fluke corporation 14 Architecture of communication infrastructure [1] 4/13/2015 Cyber security for smart grid 15 Communication media used for smart grids[1] • • • • • • • • Urge for new FCC allocation for smart grids PLC –Power line carriers Ethernet WLAN Zigbee Bluetooth Optical fiber Microwave etc 4/13/2015 Cyber security for smart grid 16 Priority and types of information 4/13/2015 security for smart grid Communication modelCyber , source: NIST Vol 1 17 Why ? • Network security is a priority and not a add on for smart grids • Protecting control center alone - not enough • Remote acess to devices • Qos requirement from security system • Safety (line worker public and equipment) • Reliability and availability 4/13/2015 Cyber security for smart grid 18 Physical Manifestation 4/13/2015 Source : YouTube Cyber security for smart grid 19 Different communication systems[4] 4/13/2015 Cyber security for smart grid 20 Adversaries[5] • • • • • • • • Nation states Hackers Terrorist /Cyber terrorists Organized crime Other criminal elements Industrial competitors Disgruntled employees Careless and poorly trained employees 4/13/2015 Cyber security for smart grid 21 Classification of attacks • Component based attacks • Protocol based attack 4/13/2015 Cyber security for smart grid 22 COMPONENT BASED ATTACKS COMPONENT BASED ATTACK STUXNET • Specifically programmed to attack scada and could reprogram PLC’s • Zero day attack • Highly complex • 0.5 Mb file transferred able to multiply • Targets- Iran nuclear plants ,Process plants in Germany and ISRO India Source: wikipedia 4/13/2015 Cyber security for smart grid 24 SCADA attacks • Internal attacks Employee Contractor • External attacks Non specific- malware , hackers Targeted 4/13/2015 Special knowledge – former insider No special knowledge –hacker terrorist Natural disaster Manmade disasters Cyber security for smart grid 25 Scada vulnerability points • Unused telephone line – war dialing • Use of removable media – stuxnet • Infected Bluetooth enabled devices • Wi-Fi enabled computer that has Ethernet connection to scada system • Insufficiently secure Wi-Fi • Corporate LAN /WAN • Corporate web server email servers internet gateways 4/13/2015 Cyber security for smart grid 26 CYBER ATTACKS ON SCADA • Web servers or SQL attacks • Email attacks • Zombie recruitment • DDOS attacks 4/13/2015 Cyber security for smart grid 27 Protocol based attacks • All protocols runs on top of IP protocol and IP protocol has its own set of weakness • DNP3 implements TLS and SSL encryption which is weak • The protocol is vulnerable to out-of-order, unexpected or incorrectly formatted packets • A significant weakness for IEC 61850 is that it maps to MMS (Manufacturing message specification)as the communications platform, which itself has a wide range of potential vulnerabilities 4/13/2015 Cyber security for smart grid 28 Unique security challenges in smart grids • Scale • Legacy devices • Field location • Culture of security through obscurity • Evolving standards and regulations 4/13/2015 Cyber security for smart grid 29 How ? • Security by obscurity • Trust no one • Layered security framework • Efficient firewall • Intrusion detection • Self healing security system 4/13/2015 Cyber security for smart grid 30 Key management[1] • Issue of key management – Scale • PKI with trusted computing elements- considerable amount of security • Embedded computing Vs general purpose computing 4/13/2015 Cyber security for smart grid 31 Basic PKI Infrastructure [1] 4/13/2015 Cyber security for smart grid 32 Issues with PKI[3] • Updating the keys • Parameter generation • Key distribution • Staffing for key management 4/13/2015 Cyber security for smart grid 33 Types of security[1] • Reactive Vs Proactive security • Reactive – Incident response plan – Applied for general purpose computers more • Proactive Security for embedded computers • High assurance boot • Secure software validation • Secure association termination if found infected • Device assertation 4/13/2015 Cyber security for smart grid 34 Incidence response plan[1] 4/13/2015 Cyber security for smart grid 35 Attack trees for assessment of cyber security[2] 4/13/2015 Cyber security for smart grid 36 Calculation of cyber security conditions (omega) 4/13/2015 Cyber security for smart grid 37 Weighing factor for password policy 4/13/2015 Cyber security for smart grid 38 Calculations of vulnerability index • Leaf VI : max( total countermeasures implemented /total countermeasures available x ω , ω x weighing factor of password policy) • Scenario vulnerability index : Product of its leaf vulnerability indices • System vulnerability index is the max of all scenario vulnerabilities indices 4/13/2015 Cyber security for smart grid 39 Use of attack trees to assess security 4/13/2015 Cyber security for smart grid 40 Summary • Different security constraints that makes securing smart grids a difficult problem • Several highly efficient adversaries • Use existing protocols like IP with known vulnerabilities and work around to using new protocols with unknown vulnerabilities • Use of layered security architecture and attack tree’s for efficient security and risk assessment 4/13/2015 Cyber security for smart grid 41 Groups working on smart grids • UCA International user group www.ucaiug.org • International electrochemical commission www.iec.ch • Electric power research institute www.epri.com • Intelligrid consortium and architecture www.intelligrid.epri.com • IEEE smart grid www.smartgrid.ieee.org • NIST 4/13/2015 csrc.nist.gov Cyber security for smart grid 42 Conclusion • 25% of united states already runs smart grids • Any tiny vulnerabilities should be not be compromised • Scalable and adaptable security system • Light weight and self healing capabilities • Hybrid between centralized and distributed • Impenetrable and fail proof • Security should be real time 4/13/2015 Cyber security for smart grid 43 References [1] Metke, A.R.; Ekl, R.L.; , "Security Technology for Smart Grid Networks," Smart Grid, IEEE Transactions on , vol.1, no.1, pp.99-107, June2010 doi: 10.1109/TSG.2010.2046347 [2] Chee-Wooi Ten, Chen-Ching Liu, and Manimaran Govindarasu, "Vulnerability Assessment of Cybersecurity for SCADA Systems," IEEE Transactions on Power Systems, vol. 23, no. 4, pp. 1836-1846, Nov. 2008 [3] Khurana, H.; Hadley, M.; Ning Lu; Frincke, D.A.; , "Smart-Grid Security Issues," Security & Privacy, IEEE , vol.8, no.1, pp.81-85, Jan.-Feb. 2010 doi: 10.1109/MSP.2010.49 URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5403159&isnumber=5403 138 [4] Dong Wei; Yan Lu; Jafari, M.; Skare, P.; Rohde, K.; , "An integrated security system of protecting Smart Grid against cyber attacks," Innovative Smart Grid Technologies (ISGT), 2010 , vol., no., pp.1-7, 19-21 Jan. 2010 doi: 10.1109/ISGT.2010.5434767 URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5434767&isnumber=5434 721 [5] NIST guidelines for smart grid security Vol 1 4/13/2015 Cyber security for smart grid 44 THANK YOU FOR LISTENING
