460 likes | 832 Views
Trustworthy Wide Area Measurement Systems. Presented by: Himanshu Khurana, University of Illinois ACM CCS 2009 Tutorial on Cyber Security for the Power Grid. Outline. Wide area transmission systems August 2003 blackout Analysis and recommendations
 
                
                E N D
Trustworthy Wide Area Measurement Systems Presented by: Himanshu Khurana, University of Illinois ACM CCS 2009 Tutorial on Cyber Security for the Power Grid
Outline • Wide area transmission systems • August 2003 blackout • Analysis and recommendations • North American SynchrPhasor Initiative (NASPI) • NASPInet Wide Area Network • Challenges: distributed networking, quality of service, cyber security
Background: Power Grid Control Center Networks and Applications Control Communication Architecture From a presentation by D. Whitehead, “Communication and Control in Power Systems”, tcip summer school, June, 2008
Background: Power Grid Control Center Networks and Applications Control centers
Federal Energy Regulatory Commission (FERC) North American Electric Reliability Corp. (NERC) State legislatures Regional reliability councils ISOs and RTOs State commerce commissions Control area operators Who’s in charge?
Current Control Strategy and Hierarchy Control Strategy Control Hierarchy Balancing Authorities (BAs) Real-time generation, load and interchange balance Reliability Coordinators (RCs) Wide area coordination and reliability • Centralized Control Center (Balancing Area) • Open loop control • Telemetry through SCADA • Polls data ~ 2 seconds • Local control (Power plants, Substations) • Feedback control • Protection
Independent System OperatorsRegional Transmission Operations
11 Major North American Blackouts
12 Blackout of August 14, 2003 Credit: Jeff Dagle
August 14, 2003 Blackout Investigation • Phase I • Investigate the outage to determine its causes and why it was not contained • Interim report released November 19, 2003 • Phase II • Develop recommendations to reduce the possibility of future outages and minimize the scope of any that occur • Final report released April 5, 2004 Review performance of plants and assess possibility of damage. Determine if failures were caused with malicious intent. Investigate the cascading electrical failure. Credit: Jeff Dagle
Blackout Root Causes • Situational Awareness: lack of effective • contingency analysis capability • procedures to ensure operators were aware of the status of critical monitoring tools • procedures to test monitoring tools after repairs • monitoring tools after alarm system failed • Vegetation management • Reliability Coordinator Diagnostics • Lack of wide area visibility, monitoring, coordination
Select Blackout Report Recommendations • Use better real-time tools for grid monitoring and operation • Establish physical and cyber-security capabilities
Wide Area Situational Awareness • A FERC/NIST Priority Area • Monitoring and display of power system components and performance across interconnections and wide geographic areas in real time • Enable understanding, optimized management, performance, prevent/respond to problem • Other relevant priorities • Cyber Security: “Measures to ensure the confidentiality, integrity and availability of the electronic information communication systems, necessary for the management and protection of the Smart Grid’s energy, information technology, and telecommunications these infrastructures” • Network Communications: “Encompassing public and non-public networks, the Smart Grid will require implementation and maintenance of appropriate security and access controls tailored to the networking and communication requirements of different applications, actors and domains”
Wide Area Measurement System • A Wide Area Measurement System (WAMS) is crucial for the Grid • One very promising data source for WAMS: Synchrophasors • GPS clock synchronized; Fast data rate > 30 samples/sec • Phasor Measurement Unit (PMU) • Future applications will rely on large number of PMUs envisioned across Grid (>100k) • WAMS Design and Deployment underway: North American Synchrophasor Initiative - (www.naspi.org) • Collaboration - DOE, NERC, Utilities, Vendors, Consultants and Researchers • NASPInet – distributed, wide-area network
PMUs and Synchrophasors • Traditional SCADA data since the 1960’s • Voltage & Current Magnitudes • Frequency • Every 2-4 seconds • Future data from Phasor Measurement Units (PMU’s) • Voltage & current phase angles • Rate of change of frequency • Time synchronized using GPS and 30 - 120 times per second
Why do Phase Angles Matter? Wide-area visibility could have helped prevent August 14, 2003 Northeast blackout
Why do Phase Angles Matter? Entergy and Hurricane Gustav -- a separate electrical island formed on Sept 1, 2008, identified with phasor data Island kept intact and resynchronized 33 hours later Source: Entergy
PMU Applications and Deployment Source – Chakrabarti, Kyriakides, Bi, Cai and Terzija, “Measurements Get Together,” IEEE Power & Energy, January-February 2009
Current Architecture for PMU Data Sharing Secure Network Apps Source: NASPI
Opportunities and Challenges • Opportunities • Important applications emerging that require data sharing • Research into new applications needed • Smart Grid Investment Program to fund deployment of 800+ PMUs nation-wide • Challenges in data sharing • Distributed network for data delivery • Tradeoffs between operational, regulatory and business aspects • Challenges in realizing NASPInet • Distributed wide-area network design • Network management • Quality of Service and real-time delivery • Cyber security • Progress on these topics made in recently released NASPInet specification document (Quanta Technologies)
Wide Area Networking Source: NASPInet Specification
Network Management • Network management functions • Performance • Configuration • Accounting • Fault management • Security management • Need for appropriate services in NASPInet and means to coordinate between organizations
Quality of Service • QoS goals per data flow are to minimize latency, delay, jitter, loss, error • Overall QoS goals are to support dedicated bandwidth, resource provisioning and allocation, avoiding and managing network congestion, shaping network traffic and managing priorities • A suggested approach: class-based QOS
Cyber Security • Authentication and Integrity • Essential to ensure reliable and trustworthy decisions • Tools: cryptographic protocols leveraging digital signatures, HMACs, etc. • Challenges: efficiency, supporting one-to-many data exchanges • Availability • Essential due to the critical nature of underlying power system • Specific requirements may vary by application classes • Tools: redundancy, security monitoring, attack detection and response, fail-safe design • Challenges: scalability and cost-effective design • Confidentiality • Needed to provide data privacy • Tools: encryption protocols, access control • Challenges: efficiency for streaming data, supporting one-to-many data exchanges
Cyber Security • Key Management • Distribution and management of key material and credentials • Revocation • Tools: Public Key Infrastructure, on-line credential distribution/verification services • Challenges: scalability, trust establishment • Monitoring and compliance • Intrusion detection and response services • Future regulations may apply; e.g., NERC CIP • Tools: IDS, firewalls, etc. • Challenges: multi-organization coordination
Authentication Protocols for Power Grid • Authentication is a widely recognized problem for power grid. • Currently, there is a focus on developing authentication protocols; e.g., DNP3 Secure Authentication and IEC’s 62351-5. • Designing security protocols is hard and error-prone • Literature has many examples of security protocols that were considered secure but were broken later
Design Principles for Power Grid Cyber-Infrastructure Authentication Protocols
Questions? hkhurana@illinois.edu