Upload
khanh
View
37
Download
0
Tags:
Embed Size (px)
DESCRIPTION
Ontario Smart Grid Forum. Cyber Security and The Smart Grid November 11, 2008. Cyber Security for the Smart Grid TM. Objectives of Presentation About N-Dimension Solutions Cyber Security and the Smart Grid Solutions and Recommendations. Discussion Topics. - PowerPoint PPT Presentation
Citation preview
Cyber Security andThe Smart Grid
November 11, 2008
Cyber Security for the Smart Grid TM
Ontario Smart Grid Forum
Cyber Security and The Smart Grid - Ontario Smart Grid Forum
- 2 -November 2008 Cyber Security for the Smart Grid TM
• Objectives of Presentation• About N-Dimension Solutions• Cyber Security and the Smart Grid• Solutions and Recommendations
Discussion Topics
Cyber Security and The Smart Grid - Ontario Smart Grid Forum
- 3 -November 2008 Cyber Security for the Smart Grid TM
Engage in two-way discussion on a critical Smart Grid topic
and
provide useful context and recommendations for the Ontario Smart
Grid Forum participants
Objectives of Presentation
Cyber Security and The Smart Grid - Ontario Smart Grid Forum
- 4 -November 2008 Cyber Security for the Smart Grid TM
N-Dimension Solutions Inc.
• Cyber Security Solutions Provider laser focused on the Power & Energy market
• Headquartered in Richmond Hill Ontario with office in Austin Texas • Member of:
• NERC• NERC’s new Demand-Side Management Task Force• IESO’s Reliability Standards Standing Committee• Cyber Security Technical Working Groups (IEEE P1711, AMI-SEC)• Advisory Committee for University of Illinois Trusted Cyber Security
Computing Infrastructure for Power• Developed comprehensive AMI cyber security analysis and report for
the Ontario Utilities Smart Metering (OUSM) working group• Published thought leader on cyber security for the emerging Smart Grid• Active across North America and globally in delivering Smart Grid cyber
security solutions in conjunction with our business partners
Cyber Security and
The Smart Grid
The Ontario Smart Grid
Forum
November 2008Cyber Security for the Smart Grid TM
Overview of The Smart Grid
Cyber Security and The Smart Grid - Ontario Smart Grid Forum
- 6 -November 2008 Cyber Security for the Smart Grid TM
Transmission
TOP1 – Operational Information
Distribution
DIST1 - Operational Information
DISTx – Operational Information
CustomersGeneration
GEN1 - Operational Information
GENx - Operational Information
The Current Electric Grid – Islands of Technology
TOPx – Operational Information
Cyber Security and The Smart Grid - Ontario Smart Grid Forum
- 7 -November 2008 Cyber Security for the Smart Grid TM
Convergence of Enterprise & Operations IT
Enterprise Systems
Web ApplicationsControl Systems
Protection Systems
Information Technology Operations Technology
AMIDSMOMSGIS
Smart Grid Technology
Integration counters key security principals of isolation and segregation
Cyber Secure
Integration counters key security principals of isolation and segregation
Cyber Security and The Smart Grid - Ontario Smart Grid Forum
- 8 -November 2008 Cyber Security for the Smart Grid TM
The Smart Grid – Connectivity with Security
Transmission Distribution CustomersGeneration
System
Operators
Conservation
Authorities
End-to-End Communications, Intelligence, and Defense-in-Depth Security
AMI DSM
Cyber Security and
The Smart Grid
The Ontario Smart Grid
Forum
November 2008Cyber Security for the Smart Grid TM
Smart GridCyber Security
Cyber Security and The Smart Grid - Ontario Smart Grid Forum
- 10 -November 2008 Cyber Security for the Smart Grid TM
The Smart Grid – Characteristics
1. Self-healing
2. Empowers and incorporates the consumer
3. Resilient to physical and cyber attacks
4. Provides power quality needed by 21st century users
5. Accommodates a wide variety of generation options
6. Fully enables maturing electricity markets
7. Optimizes assets
Source: The US National Energy Technology Laboratory
Cyber Security and The Smart Grid - Ontario Smart Grid Forum
- 11 -November 2008 Cyber Security for the Smart Grid TM
Smart Grid Technology
Source: The Emerging Smart Grid, Global Environment Fund - Centre for Smart Energy
• Sensors– Monitoring and detecting the data
• Communications– Moving the data through the build of networks
• First-level integration– Collecting the data
• Centralized control– Using the data for visualization and control
• Security– Protecting the data with Security Services & Solutions
• Full integration– Integrating the data with the rest of the business
• Services and Applications– Using the data in new ways
Cyber Security and The Smart Grid - Ontario Smart Grid Forum
- 12 -November 2008 Cyber Security for the Smart Grid TM
Smart Grid Attack Threats
“Energy control systems are subject to targeted cyber attacks. Potential adversaries have pursued progressively devious means to exploit flaws
in system components, telecommunication methods, and common operating systemsfound in modern energy systems with the intent to infiltrate and sabotage
vulnerable control systems. Sophisticated cyber attack tools require little technicalknowledge to use and can be found on the Internet, as can manufacturers’
technical specifications for popular control system equipment.”
Source: Roadmap to Secure Control Systems in the Energy Sector, The Department of Homeland Security and US Department of Energy
Cyber Security and The Smart Grid - Ontario Smart Grid Forum
- 13 -November 2008 Cyber Security for the Smart Grid TM
Smart Grid Cyber Security Drivers
Increasing NumberOf Systems and
Size of Code Base
Control SystemsNot Designed withSecurity in Mind
Increasing Use ofCOTS Hardware
and Software
New CustomerTouch Points into
Utilities
New 2-WaySystems
(e.g. AMI, DSM)
IncreasingInterconnectionand Integration
Increased Attack SurfaceIncreased Risk to Operations
Cyber Security and The Smart Grid - Ontario Smart Grid Forum
- 14 -November 2008 Cyber Security for the Smart Grid TM
Example from 2006 SANS SCADA Security Summit, INL
Overview of Cyber Security – Threats
InternetInternet
Admin
Acct
Opens Email with Malware
Admin
Send e-mail with malware
1. Hacker sends an e-mail with malware
2. E-mail recipient opens the e-mail and the malware gets installed quietly
3. Using the information that malware gets, hacker is able to take control of the e-mail recipient’s PC!
4. Hacker performs an ARP (Address Resolution Protocol) Scan
5. Once the Slave Database is found, hacker sends an SQL EXEC command
6. Performs another ARP Scan
7. Takes control of RTU
Slave Database
Operator
Operator
MasterDB
RTU
PerformARP Scan
SQLEXEC
PerformARP Scan
Takes C
ontrol o
f RTU
Cyber Security and The Smart Grid - Ontario Smart Grid Forum
- 15 -November 2008 Cyber Security for the Smart Grid TM
Example from AMRAWebinar, Nov ’06“The Active Attacker”
Overview of Cyber Security – Threats
U N I V E R S I T YU N I V E R S I T Y
AMI WAN AMI WAN AMI WAN
Communications Network(WAN)
Communications Network(WAN)
Data Management Systems(MDM/R)
Retailers3rd Parties
AMCC (Advanced Metering Control Computer)
Attacker
Cyber Penetration
Attacker Controls the Head End
Attacker Performs Remote
Disconnect
Cyber Security and The Smart Grid - Ontario Smart Grid Forum
- 16 -November 2008 Cyber Security for the Smart Grid TM
Cyber Security Challenges
• The challenge is complex and continuously changing
• Legacy systems need to be protected• Number and geographic location of end points• Relationship to physical security• Systems are 7x24 and critical • The human element / social engineering
Cyber Security and The Smart Grid - Ontario Smart Grid Forum
- 17 -November 2008 Cyber Security for the Smart Grid TM
Cyber Solutions
Unlike the beer industry,there is no silver bullet !
Cyber Security and The Smart Grid - Ontario Smart Grid Forum
- 18 -November 2008 Cyber Security for the Smart Grid TM
Cyber Solutions - Defense in Depth
• Perimeter Protection– Firewall, IPS, VPN, AV– Host IDS, Host AV– DMZ– Physical Security
• Interior Security– Firewall, IDS, VPN, AV– Host IDS, Host AV– IEEE P1711 (Serial Connections)
– NAC– Scanning
• Monitoring• Management• Processes
IDS Intrusion Detection SystemIPS Intrusion Prevention SystemDMZ DeMilitarized ZoneVPN Virtual Private Network (encrypted)AV Anti-Virus (anti-malware)NAC Network Admission Control
Cyber Security and The Smart Grid - Ontario Smart Grid Forum
- 19 -November 2008 Cyber Security for the Smart Grid TM
Cyber Solutions – 50,000 Foot View of Control Network
Internet
Enterprise Network
Control Network
Field Site Field Site Field Site
PartnerSite
VPN
VPN
FW
FW
IPS
IDSScan
AV
FWIPS
P1711
FWAV
Host IPS Host AVProxy
Host IDS Host AV
IDSScan
NAC
NAC
• Defense in Depth• Access Control• Secure connections• Link to Physical• Security Management• Apply same approach to other Smart Grid elements
Key Points:
Cyber Security and The Smart Grid - Ontario Smart Grid Forum
- 20 -November 2008 Cyber Security for the Smart Grid TM
• Cyber security is an absolute requirement for the Smart Grid
• Smart Grid deployments will fail without proper cyber security
• A strong security posture can be established so that the benefits can be realized from Smart Grid deployments
• Ontario can establish a leadership position:– Standards– Trials– Information exchange– Learning
The N-Dimension Viewpoint
Cyber Security and The Smart Grid - Ontario Smart Grid Forum
- 21 -November 2008 Cyber Security for the Smart Grid TM
• View cyber security as a critical element of your Smart Grid deployment
• Apply the defense in depth concept isolating and segregating systems and applications, then allow selected connectivity– Best accomplished at the foundational / design level
• Establish a security management system – “you can’t manage what you can’t measure”
• Involve your vendors and interconnected partners• Embed into your corporate governance systems• Develop and track business case:
– Project by project basis– Integrated system
• Look to others for learning and suggestions– such as the Ontario Smart Grid Forum !
Recommendations
Cyber Security and
The Smart Grid
The Ontario Smart Grid
Forum
November 2008Cyber Security for the Smart Grid TM
Peter VickeryExecutive Vice-PresidentN-Dimension Solutions Inc.Office: 905-707-8884 ext 223Mobile: [email protected]
Doug WestlundCEON-Dimension Solutions Inc.Office: 905-707-8884 ext 227Mobile: [email protected]
Thank You !