slide1 n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Cyber Security and The Smart Grid November 11, 2008 PowerPoint Presentation
Download Presentation
Cyber Security and The Smart Grid November 11, 2008

Loading in 2 Seconds...

play fullscreen
1 / 22

Cyber Security and The Smart Grid November 11, 2008 - PowerPoint PPT Presentation


  • 263 Views
  • Uploaded on

Ontario Smart Grid Forum. Cyber Security and The Smart Grid November 11, 2008. Cyber Security for the Smart Grid TM. Objectives of Presentation About N-Dimension Solutions Cyber Security and the Smart Grid Solutions and Recommendations. Discussion Topics.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Cyber Security and The Smart Grid November 11, 2008' - khanh


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1

Ontario Smart Grid Forum

Cyber Security and

The Smart Grid

November 11, 2008

Cyber Security for the Smart Grid TM

discussion topics
Objectives of Presentation

About N-Dimension Solutions

Cyber Security and the Smart Grid

Solutions and Recommendations

Discussion Topics
objectives of presentation
Engage in two-way discussion on a critical Smart Grid topic

and

provide useful context and recommendations for the Ontario Smart Grid Forum participants

Objectives of Presentation
n dimension solutions inc
N-Dimension Solutions Inc.
  • Cyber Security Solutions Provider laser focused on the Power & Energy market
  • Headquartered in Richmond Hill Ontario with office in Austin Texas
  • Member of:
    • NERC
    • NERC’s new Demand-Side Management Task Force
    • IESO’s Reliability Standards Standing Committee
    • Cyber Security Technical Working Groups (IEEE P1711, AMI-SEC)
    • Advisory Committee for University of Illinois Trusted Cyber Security Computing Infrastructure for Power
  • Developed comprehensive AMI cyber security analysis and report for the Ontario Utilities Smart Metering (OUSM) working group
  • Published thought leader on cyber security for the emerging Smart Grid
  • Active across North America and globally in delivering Smart Grid cyber security solutions in conjunction with our business partners
slide5

Overview of

The Smart Grid

slide6

The Current Electric Grid – Islands of Technology

Generation

Transmission

Customers

Distribution

GEN1 - Operational Information

TOP1 – Operational Information

DIST1 - Operational Information

GENx - Operational Information

TOPx – Operational Information

DISTx – Operational Information

slide7

Convergence of Enterprise & Operations IT

Integration counters key security principals of isolation and segregation

Information Technology

Smart Grid Technology

Operations Technology

Enterprise Systems

Web Applications

Control Systems

Protection Systems

AMI

DSM

OMS

GIS

Cyber Secure

Integration counters key security principals of isolation and segregation

slide8

Transmission

Distribution

Customers

Generation

AMI

DSM

System

Operators

Conservation

Authorities

The Smart Grid – Connectivity with Security

End-to-End Communications, Intelligence, and Defense-in-Depth Security

slide9

Smart Grid

Cyber Security

the smart grid characteristics
Self-healing

Empowers and incorporates the consumer

Resilient to physical and cyber attacks

Provides power quality needed by 21st century users

Accommodates a wide variety of generation options

Fully enables maturing electricity markets

Optimizes assets

The Smart Grid – Characteristics

Source: The US National Energy Technology Laboratory

smart grid technology
Sensors

Monitoring and detecting the data

Communications

Moving the data through the build of networks

First-level integration

Collecting the data

Centralized control

Using the data for visualization and control

Security

Protecting the data with Security Services & Solutions

Full integration

Integrating the data with the rest of the business

Services and Applications

Using the data in new ways

Smart Grid Technology

Source: The Emerging Smart Grid, Global Environment Fund - Centre for Smart Energy

smart grid attack threats
Smart Grid Attack Threats

“Energy control systems are subject to targeted cyber attacks.

Potential adversaries have pursued progressively devious means to exploit flaws

in system components, telecommunication methods, and common operating systems

found in modern energy systems with the intent to infiltrate and sabotage

vulnerable control systems. Sophisticated cyber attack tools require little technical

knowledge to use and can be found on the Internet, as can manufacturers’

technical specifications for popular control system equipment.”

Source: Roadmap to Secure Control Systems in the Energy Sector,

The Department of Homeland Security and US Department of Energy

smart grid cyber security drivers

Increasing

Interconnection

and Integration

New 2-Way

Systems

(e.g. AMI, DSM)

Increasing Use of

COTS Hardware

and Software

New Customer

Touch Points into

Utilities

Control Systems

Not Designed with

Security in Mind

Increasing Number

Of Systems and

Size of Code Base

Increased Attack Surface

Increased Risk to Operations

Smart Grid Cyber Security Drivers
slide14

Send e-mail with malware

Admin

Operator

Admin

Opens Email with Malware

Operator

Acct

MasterDB

Slave Database

RTU

Overview of Cyber Security – Threats

PerformARP Scan

PerformARP Scan

SQLEXEC

Internet

Takes Control of RTU

  • Hacker performs an ARP (Address Resolution Protocol) Scan
  • Once the Slave Database is found, hacker sends an SQL EXEC command
  • Performs another ARP Scan
  • Takes control of RTU
  • Hacker sends an e-mail with malware
  • E-mail recipient opens the e-mail and the malware gets installed quietly
  • Using the information that malware gets, hacker is able to take control of the e-mail recipient’s PC!

Example from 2006 SANS SCADA Security Summit, INL

slide15

Communications Network(WAN)

Communications Network(WAN)

AMCC (Advanced Metering Control Computer)

AMI WAN

AMI WAN

AMI WAN

Overview of Cyber Security – Threats

Cyber Penetration

Attacker Controls the Head End

Attacker Performs Remote Disconnect

Attacker

Retailers

3rd Parties

Data Management Systems

(MDM/R)

Example from AMRA

Webinar, Nov ’06

“The Active Attacker”

cyber security challenges
The challenge is complex and continuously changing

Legacy systems need to be protected

Number and geographic location of end points

Relationship to physical security

Systems are 7x24 and critical

The human element / social engineering

Cyber Security Challenges
cyber solutions

Unlike the beer industry,

there is no silver bullet !

Cyber Solutions
cyber solutions defense in depth
Perimeter Protection

Firewall, IPS, VPN, AV

Host IDS, Host AV

DMZ

Physical Security

Interior Security

Firewall, IDS, VPN, AV

Host IDS, Host AV

IEEE P1711 (Serial Connections)

NAC

Scanning

Monitoring

Management

Processes

Cyber Solutions - Defense in Depth

IDS Intrusion Detection System

IPS Intrusion Prevention System

DMZ DeMilitarized Zone

VPN Virtual Private Network (encrypted)

AV Anti-Virus (anti-malware)

NAC Network Admission Control

cyber solutions 50 000 foot view of control network
Cyber Solutions – 50,000 Foot View of Control Network

Key Points:

  • Defense in Depth
  • Access Control
  • Secure connections
  • Link to Physical
  • Security Management
  • Apply same approach
  • to other Smart Grid
  • elements

Internet

Enterprise Network

VPN

FW

IPS

Proxy

IPS

AV

FW

Host AV

Host IPS

Partner

Site

IDS

Control Network

NAC

Scan

Host IDS

Host AV

FW

VPN

P1711

FW

IDS

AV

Field Site

Field Site

Scan

Field Site

NAC

the n dimension viewpoint
Cyber security is an absolute requirement for the Smart Grid

Smart Grid deployments will fail without proper cyber security

A strong security posture can be established so that the benefits can be realized from Smart Grid deployments

Ontario can establish a leadership position:

Standards

Trials

Information exchange

Learning

The N-Dimension Viewpoint
slide21
View cyber security as a critical element of your Smart Grid deployment

Apply the defense in depth concept isolating and segregating systems and applications, then allow selected connectivity

Best accomplished at the foundational / design level

Establish a security management system

“you can’t manage what you can’t measure”

Involve your vendors and interconnected partners

Embed into your corporate governance systems

Develop and track business case:

Project by project basis

Integrated system

Look to others for learning and suggestions

such as the Ontario Smart Grid Forum !

Recommendations

slide22

Thank You !

Peter Vickery

Executive Vice-President

N-Dimension Solutions Inc.

Office: 905-707-8884 ext 223

Mobile: 416-951-8811

peter.vickery@n-dimension.com

Doug Westlund

CEO

N-Dimension Solutions Inc.

Office: 905-707-8884 ext 227

Mobile: 416-997-8833

doug.westlund@n-dimension.com