1 / 34

Trustworthy Wide Area Measurement Systems

Trustworthy Wide Area Measurement Systems. Presented by: Himanshu Khurana, University of Illinois ACM CCS 2009 Tutorial on Cyber Security for the Power Grid. Outline. Wide area transmission systems August 2003 blackout Analysis and recommendations

tanika
Download Presentation

Trustworthy Wide Area Measurement Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Trustworthy Wide Area Measurement Systems Presented by: Himanshu Khurana, University of Illinois ACM CCS 2009 Tutorial on Cyber Security for the Power Grid

  2. Outline • Wide area transmission systems • August 2003 blackout • Analysis and recommendations • North American SynchrPhasor Initiative (NASPI) • NASPInet Wide Area Network • Challenges: distributed networking, quality of service, cyber security

  3. Background: Power Grid Control Center Networks and Applications Control Communication Architecture From a presentation by D. Whitehead, “Communication and Control in Power Systems”, tcip summer school, June, 2008

  4. Background: Power Grid Control Center Networks and Applications Control centers

  5. Federal Energy Regulatory Commission (FERC) North American Electric Reliability Corp. (NERC) State legislatures Regional reliability councils ISOs and RTOs State commerce commissions Control area operators Who’s in charge?

  6. NERC Regions

  7. Balancing Authorities (Control Areas)

  8. Current Control Strategy and Hierarchy Control Strategy Control Hierarchy Balancing Authorities (BAs) Real-time generation, load and interchange balance Reliability Coordinators (RCs) Wide area coordination and reliability • Centralized Control Center (Balancing Area) • Open loop control • Telemetry through SCADA • Polls data ~ 2 seconds • Local control (Power plants, Substations) • Feedback control • Protection

  9. NERC Interconnections

  10. Independent System OperatorsRegional Transmission Operations

  11. 11 Major North American Blackouts

  12. 12 Blackout of August 14, 2003 Credit: Jeff Dagle

  13. August 14, 2003 Blackout Investigation • Phase I • Investigate the outage to determine its causes and why it was not contained • Interim report released November 19, 2003 • Phase II • Develop recommendations to reduce the possibility of future outages and minimize the scope of any that occur • Final report released April 5, 2004 Review performance of plants and assess possibility of damage. Determine if failures were caused with malicious intent. Investigate the cascading electrical failure. Credit: Jeff Dagle

  14. Blackout Root Causes • Situational Awareness: lack of effective • contingency analysis capability • procedures to ensure operators were aware of the status of critical monitoring tools • procedures to test monitoring tools after repairs • monitoring tools after alarm system failed • Vegetation management • Reliability Coordinator Diagnostics • Lack of wide area visibility, monitoring, coordination

  15. Select Blackout Report Recommendations • Use better real-time tools for grid monitoring and operation • Establish physical and cyber-security capabilities

  16. Wide Area Situational Awareness • A FERC/NIST Priority Area • Monitoring and display of power system components and performance across interconnections and wide geographic areas in real time • Enable understanding, optimized management, performance, prevent/respond to problem • Other relevant priorities • Cyber Security: “Measures to ensure the confidentiality, integrity and availability of the electronic information communication systems, necessary for the management and protection of the Smart Grid’s energy, information technology, and telecommunications these infrastructures” • Network Communications: “Encompassing public and non-public networks, the Smart Grid will require implementation and maintenance of appropriate security and access controls tailored to the networking and communication requirements of different applications, actors and domains”

  17. Wide Area Measurement System • A Wide Area Measurement System (WAMS) is crucial for the Grid • One very promising data source for WAMS: Synchrophasors • GPS clock synchronized; Fast data rate > 30 samples/sec • Phasor Measurement Unit (PMU) • Future applications will rely on large number of PMUs envisioned across Grid (>100k) • WAMS Design and Deployment underway: North American Synchrophasor Initiative - (www.naspi.org) • Collaboration - DOE, NERC, Utilities, Vendors, Consultants and Researchers • NASPInet – distributed, wide-area network

  18. PMUs and Synchrophasors • Traditional SCADA data since the 1960’s • Voltage & Current Magnitudes • Frequency • Every 2-4 seconds • Future data from Phasor Measurement Units (PMU’s) • Voltage & current phase angles • Rate of change of frequency • Time synchronized using GPS and 30 - 120 times per second

  19. Why do Phase Angles Matter? Wide-area visibility could have helped prevent August 14, 2003 Northeast blackout

  20. Why do Phase Angles Matter? Entergy and Hurricane Gustav -- a separate electrical island formed on Sept 1, 2008, identified with phasor data Island kept intact and resynchronized 33 hours later Source: Entergy

  21. Phasor Application Taxonomy

  22. PMU Applications and Deployment Source – Chakrabarti, Kyriakides, Bi, Cai and Terzija, “Measurements Get Together,” IEEE Power & Energy, January-February 2009

  23. Source: NASPI

  24. Current Architecture for PMU Data Sharing Secure Network Apps Source: NASPI

  25. Envisioned PMU Data Flow in NASPInet

  26. Opportunities and Challenges • Opportunities • Important applications emerging that require data sharing • Research into new applications needed • Smart Grid Investment Program to fund deployment of 800+ PMUs nation-wide • Challenges in data sharing • Distributed network for data delivery • Tradeoffs between operational, regulatory and business aspects • Challenges in realizing NASPInet • Distributed wide-area network design • Network management • Quality of Service and real-time delivery • Cyber security • Progress on these topics made in recently released NASPInet specification document (Quanta Technologies)

  27. Wide Area Networking Source: NASPInet Specification

  28. Network Management • Network management functions • Performance • Configuration • Accounting • Fault management • Security management • Need for appropriate services in NASPInet and means to coordinate between organizations

  29. Quality of Service • QoS goals per data flow are to minimize latency, delay, jitter, loss, error • Overall QoS goals are to support dedicated bandwidth, resource provisioning and allocation, avoiding and managing network congestion, shaping network traffic and managing priorities • A suggested approach: class-based QOS

  30. Cyber Security • Authentication and Integrity • Essential to ensure reliable and trustworthy decisions • Tools: cryptographic protocols leveraging digital signatures, HMACs, etc. • Challenges: efficiency, supporting one-to-many data exchanges • Availability • Essential due to the critical nature of underlying power system • Specific requirements may vary by application classes • Tools: redundancy, security monitoring, attack detection and response, fail-safe design • Challenges: scalability and cost-effective design • Confidentiality • Needed to provide data privacy • Tools: encryption protocols, access control • Challenges: efficiency for streaming data, supporting one-to-many data exchanges

  31. Cyber Security • Key Management • Distribution and management of key material and credentials • Revocation • Tools: Public Key Infrastructure, on-line credential distribution/verification services • Challenges: scalability, trust establishment • Monitoring and compliance • Intrusion detection and response services • Future regulations may apply; e.g., NERC CIP • Tools: IDS, firewalls, etc. • Challenges: multi-organization coordination

  32. Authentication Protocols for Power Grid • Authentication is a widely recognized problem for power grid. • Currently, there is a focus on developing authentication protocols; e.g., DNP3 Secure Authentication and IEC’s 62351-5. • Designing security protocols is hard and error-prone • Literature has many examples of security protocols that were considered secure but were broken later

  33. Design Principles for Power Grid Cyber-Infrastructure Authentication Protocols

  34. Questions? hkhurana@illinois.edu

More Related