View
56
Download
2
Category
Preview:
DESCRIPTION
Cybersecurity of Smart Grid Systems. Dr. Vittal S. Rao Electrical and Computer Engineering Texas Tech University November 8, 2012 NSF-SFS Workshop on Education Initiatives in Cybersecurity for Critical Infrastructure. Out Line of Presentation. Smart Grid Systems TTU’s Unique Capabilities - PowerPoint PPT Presentation
Citation preview
Cybersecurity of Smart Grid Systems
Dr. Vittal S. RaoElectrical and Computer Engineering
Texas Tech University
November 8, 2012NSF-SFS Workshop on Education Initiatives in Cybersecurity for
Critical Infrastructure
Out Line of Presentation• Smart Grid Systems• TTU’s Unique Capabilities• TTU Real Time Simulator• Security Features of Smart Grid• Wide Area Monitoring Using SCADA and PMU Data• Multidisciplinary approaches for Cybersecurity• Cyber security/ Intrusion Detection Methods• Vulnerability of Smart Grid Communication Protocols• Conclusions
Benefits of the Smart Grid
• Near-zero wide-area blackouts and greatly reduced local interruptions.
• High-quality power for sensitive electronics and complex computer applications.
• Plug-and-play integration of renewable sources, distributed resources and control systems
• Options for consumers to manage their electricity use and costs, Smart Homes
• Improved resilience to attack, natural disasters, and operator errors.
Characteristics of Smart Grid Enables Active Consumer Participation Accommodates all Generation and Storage
Options Enables New Products, Services, and Markets Provides Power Quality for the Digital Economy Optimize Asset Utilization and Operates
Efficiently Anticipates and Responds to System
Disturbances (Self-heals) Operates Resiliently Against Attack and Natural
Disaster
Smart Grid
Essential Functions
• Integration of ‘Electrical Infrastructure’ with ‘Intelligence Infrastructure’
• Smart Sensors, Protective Relays and Control Devices
• On-Line Equipment Monitoring• Communications Infrastructure• New Operating Models and Algorithms• Real-Time Simulation and Contingency Analysis• Improved Operator Visualization Techniques• Interconnection Codes and Standards• Cyber Security
Integration of Generation and Storage Options
• Distributed Generation : small, widely dispersed plants
• Renewables: Wind, Solar, Biomass, etc• Maximum Penetration of Renewable Energy
Sources with Grid• Energy Storage: Giant Batteries and Capacitors• Demand Response(DR): Response to peak
loads
Smart Grid Systems at Texas Tech• Multidisciplinary Research Centers (Wind Science and Engineering,
Smart Grid Energy Center)• Alstom 1.5MW Commercial Grade Wind Turbine on TTU campus• DOE/Sandia Facilities for Testing Wind Farms/ Energy Storage
Systems• TTU Real Time Simulator sponsored by the National Science
Foundation (NSF)• Smart Microgrid Test Bed• Interdisciplinary research teams for Smart Grid and Cyber Security:
ECE, CSc, ME, IE, Mathematics, Business, and Law• New BS Degree program in Wind Energy• Interdisciplinary Curriculum for Cyber Security
Unique Capabilities• Formation of a Team of applied and academic background researchers
to address the “Technology for Cyber-Physical Systems”.• Accessibility of industrial partners of CCET and PMU manufacturer,
National Instruments (NI).• TTU is the leader in Wind Sciences and Engineering in the Nation. TTU
has established an interdisciplinary PhD program in Wind Energy. Texas Tech in collaboration with Group NIRE has developed a significant facilities related with Smart Microgrid Systems. This system has commercial grade Wind Turbines, Large scale battery storage (proposed) , planning to install 4 or 5 PMUs in Southwest Power Pool (SPP) Power System.
• TTU has received a major research instrumentation (MRI) and Capacity Building grant for Cybersecurity from NSF. TTU is working with Northrop Grumman Corporation, who is the industrial leader for Cyber Security.
Thematic Research Areas
• Maximum Penetration of Distributed Renewable Energy Sources to Grid
• Cyber Security of Energy Delivery Systems/ SCADA Control Systems
• PMU based Wide Area Monitoring and Damping Control Strategies
• Home Area Networks• Hybrid Energy Storage Systems• Dynamic Stability of Power Systems• Development of Experimental Microgrid Test Bed• Optimal Energy Management of Smart Micro grids
TTU Real Time Simulator
DFIG
Solar Data
Inverter Control
RTDSRTDS
Controller
RSCAD
Wind Data
Campus Wind Turbine
Solar
Battery Storage
Utility Grid
Controller
GTNET PMU
GE N60 & D90 plus
SEL-421 ABB-REL-670
D400 Substation Gateway
Phasor Data Concentrator
Visualization Screen in our lab
IEC 61850
IEEE C37.118
Cyber Security
IEC 61850
IEEE C37.118
Interoperability• Energy Management Systems (EMS) architecture
with products from different companies.
REF: 1. http://zone.ni.com/devzone/cda/pub/p/id/1238 2. www.multilin.com
PHEV
Natural Gas Engine
Wind Energy
Solar Energy
DC/AC Inverter
Fuel Cells
Battery Storage Ultra Capacitor
UTILITY GRID
DC/AC Inverter
DC/AC InverterGenerator
DC/AC Inverter
Smart Meter
Laboratory Building
Priority LoadsPriority Loads
Micro GridMicro Grid
Control and Energy Management
Control and Energy Management
Generator
Transformer /CB
Distributed Micro Energy Sources
Distributed Micro Energy Sources
Local LoadsLocal Loads
Dis
trib
uted
St
orag
eD
istr
ibut
ed
Stor
age
Generator
Flywheel Storage
DFIG
Micro Turbine
Cyber Security
• Today’s grid lacks the robustness needed to withstand attacks by saboteurs or acts of nature. (Supervisory Control and Data Acquisition (SCADA) systems)
• Today’s grid lacks the information and control capabilities to rapidly recover from manmade or natural events.
• Advanced cyber security protection systems have to be integrated utilizing cyber security standards to ensure that new smart grid technologies are secure and that existing technologies such as SCADA, protective relaying, and communication systems are retrofitted with methods that provide the same level of advanced cyber security.
Cyber Security of Energy Delivery Systems
• Assessment and monitoring of risk• Development and integration of protective
measures• Detection of intrusion and implementation of
response strategies• Enhancement of security methods
Smart Grid Information Networks
Increased Connectivity
Security Features
Integrated Communications Interoperability standards that include advanced cyber
security protection Transport vehicle that provides the needed operational
and condition data to enable self healing Redundant communication paths making interruption of
data flows unlikelySensing & Measurement
Remote monitoring that detects potential events anywhere in the grid
Sensors and measuring devices with embedded protection Events detected in time to respond
Security Features
Advanced Components Tolerant and resilient grid devices Rapid response to emergent threats Fewer critical points of failure Reduced consequences of failure Distributed, autonomous resources
Advanced Control Methods Islanding to isolate vulnerable areas in response to real or expected
security events Automated network “agents” for dynamic reconfiguration and demand
management Self-healing with preventive or corrective actions in real time
Improved Interfaces & Decision Support Greatly enhanced situational awareness Recommendations for addressing security threats provided to operators
in real time Advanced real-time modeling and simulation tools with predictive
capabilities Improved operator training and guidance systems aimed at response to
security events
R&D Theme Areas for Cybersecurity
Device Level Cost effective secure architecture for Smart meters
Cryptography and Key management On processors with strict space/computation limits
System Level Built to adapt to changing needs in scale and functionality Able to tolerate and survive malicious attacks of the present and future Denial of service resiliency Infrastructure interdependency issues
Legacy System Integration Compatibility problems
Emerging Research Topics Synchrophasor Security/ NASPI Net Anonymization Infrastructure interdependency issues
Wide Area Monitoriong
• Analysis of power system performance in different oscillation modes.
• Intelligent system protection schemes
• Situational awareness
• Monitoring of power system harmonics
• Frequency monitoring
• Data visualization using the geographical coordinates
• Black out monitoring and real time grid control center application
• Post event analysis
Phasor Measurement UnitsA PMU measures bus voltage (phase or sequence) and all 3-phase line currents on all branches (transmission lines and transformers) emanating from the substation along with the phasor angles
Integration of PMU data
Wide Area Monitoring Using PMUs and PDCs
Threats against these devices include: Denial of service (DoS) attacks
Attacks against open ports and services
Attempt to change device settings
Attempt to inject malicious data
Attempt to place a man-in-the-middle(MITM) between devices.
24
Reference: Salvatore, et al., Presentation on “Security analysis of a commercial synchrophasor device, May, 30-31,2011”25
Open PDC• C37.118 is the IEEE standard for PDC, current version issued in 2005.
• Three adapter layer:
Input adapter (C37.118)
Action adapter
Output adapter (32 bit access)
26
Vulnerabilities1. C37.118 vulnerabilities : lack of encryption and source verification (MITM)
2. OpenPDC vulnerabilities: lack of input validation (Malicious Data Injection)
Drop statement injection: destroy all the measurements data for a PMU
Delete statement injection: selectively erase some specific measurements
Alter statement injection:
Can be used to smartly swap the names of measurements tables
Deceive the monitoring operator
Cheat the triangulation used to detect source of dangerous event like blackouts
27
Intrusion Detection
• There are several reasons that make intrusion detection a necessary part of the entire
defense system.
• First, many traditional systems and applications were developed without security in
mind. In other cases, systems and applications were developed to work in a different
environment and may become vulnerable when deployed in the current environment.
(For example, a system may be perfectly secure when it is isolated but become
vulnerable when it is connected to the Internet.) Intrusion detection provides a way to
identify and thus allow responses to, attacks against these systems.
• Second, due to the limitations of information security and software engineering practice,
computer systems and applications may have design flaws or bugs that could be used by
an intruder to attack the systems or applications. As a result, certain preventive
mechanisms (e.g., firewalls) may not be as effective as expected.
28
Intrusion Detection MethodsIntrusion detection systems (IDSs) are usually deployed along with other
preventive security mechanisms, such as access control and authentication, as a
second line of defense that protects information systems.
Anomaly detection: based on normal behavior of a user and any action that
significantly deviate from the normal behavior is considered intrusive.
Misuse detection: catches intrusion in terms of the characteristics of known
attacks and any action that conforms to the pattern of a known attack is
considered intrusive.
29
Functions of IDS
• Monitoring users and system activity
• Auditing system configuration for vulnerabilities and misconfigurations
• Assessing the integrity of critical system and data files
• Recognizing known attack patterns in system activity.
• Identifying abnormal activity through statistical analysis
• Managing audit trails and highlighting user violation of policy or normal
activity
• Correcting system configuration errors
• Installing and operating traps to record information about intruders
30
Intrusion Detection MethodsAnomaly detection:
Statistical models (Discrete Wavelet Transform)
Machine learning and data mining techniques
Specification-based methods
Information-theoretic measures
Misuse detection:
Rule-based language
Abstraction-based intrusion detection
State transition analysis tool kit
Colored Petri automata
31
Statistical Decision Theory in Intrusion Detection
By Saed Alajlouni
SCADA Systems
• SCADA systems, What are they?
11/07/2012 S. Alajlouni. "Cyber-Security of Critical Infrastructure" 33
Intro-Efforts for securing SCADA systems
• IT perspective: “Obscurity Principle”.
• Control Engineering perspective:“reliability” .
• Very few researchers have investigated how
malicious attacks affect the estimation and
control algorithms, and ultimately, how
attacks affect the physical world
11/07/2012 S. Alajlouni. "Cyber-Security of Critical Infrastructure" 34
Interdisciplinary research
Statistical Decision Theory: Main Idea
• A receiver is reading an input signal that is corrupted by some additive noise
• Depending on the application, the receiver has to make a decision whether the received signal is high or low (Binary applications), or whether the data is malicious or true.
• The decision rule is based on minimizing a risk function (average cost).
S. Alajlouni. "Cyber-Security of Critical Infrastructure"
Binary Bayesian hypothesis testing
• H0=N~(0,σ2)
• H1=m+N~(0,σ2)
• P0+P1=1 (Probabilities are given a priori)
• Bayes rule example:
• P(D1,H0)=P(decide H1 given H∣ 0 is true)xP0
• =PFxP0
S. Alajlouni. "Cyber-Security of Critical Infrastructure"
Decision rule
• Decision Risk= C00P(D0,H0)+ C11P(D1,H1)+ C10P(D1,H0)+
C01P(D0,H1)
• Minimization of the risk function yields the receiver’s optimal decision rule
11/07/2012 S. Alajlouni. "Cyber-Security of Critical Infrastructure" 38
Composite Hypothesis Testing
• If the parameters defining probability density functions of the expected
hypothesis are unknown, then the hypothesis testing problem is called
composite.
• In some cases the unknown parameters does not appear in the decision
rule equation, so a decision can still be made.
• If the decision rule depends on the unknown parameters, then the
parameters must be estimated before a decision can be made
• Parameters are usually estimated using maximum likelihood estimation.
11/07/2012 S. Alajlouni. "Cyber-Security of Critical Infrastructure" 39
Sequential detection
• In a sequence of data samples, one of the following decisions must be made after each sample:
• Decide H1
• Decide H0
• Not enough information
• If Decisions H0 or H1 are made, the hypothesis testing
procedure stops. Otherwise, an additional sample is taken.
11/07/2012 S. Alajlouni. "Cyber-Security of Critical Infrastructure" 40
Hardware Cyber Security
• Threats against hardware security:– Physical tampering– Side channel attacks– Data injection– Man in the middle attacks
• How to protect hardware:– Secure Startup– Configuration hopping– Masking power consumption
41
Secure Startup
• Use of module separate from normal device operations
• Module uses hardware ID and TCM for security
• TCM checks hardware ID and sends encrypted packet out, is returned and checked before system is allowed to fully operate [1]
42
[1] A security embedded system base on TCM and FPGA
Configuration Hopping
• Several processors in system assigned to individual tasks
• At random intervals processor configuration changes
• Creates narrower window for hacking [2]
43
Processor 1
Processor 2
Processor 3
Data In
Data Out
Side Channel Attacks
• Types of SCA:– Simple Power Analysis– Differential Power
Analysis
• Masking– Current Equalizing– Current Randomization
Current Equalizer States [3]44
Conclusions• TTU has significant infrastructural and
research capabilities in Cyber-Physical Systems
• Multidisciplinary approaches to address cybersecurity of critical infrastructural systems.
• We are very enthusiastic to develop “ Smart Micro Grid System” with embedded Cyber Security capabilities.
Recommended