Cybersecurity for Energy Delivery Systems (CEDS) R&D Following the Energy Sector’s Roadmap Carol Hawk CEDS R&D Program Manager
Roadmap – Framework for Collaboration • Energy Sector’s synthesis of energy delivery systems security challenges, R&D needs, and implementation milestones • Provides strategic framework to – align activities to sector needs – coordinate public and private programs – stimulate investments in energy delivery systems security Roadmap Vision By 2020, resilient energy delivery systems are designed, installed, operated, and maintained to survive a cyber incident while sustaining critical functions. For more information go to: www.controlsystemsroadmap.net 2
Energy Sector Cybersecurity Different Priorities Business IT Energy Delivery Systems Control Systems • Energy delivery control systems (EDS) must be able to survive a cyber incident while sustaining critical functions • Power systems must operate 24/7 with high reliability and high availability, no down time for patching/upgrades • The modern grid contains a mixture of legacy and modernized components and controls • EDS components may not have enough computing resources (e.g., memory, CPU, communication bandwidth) to support the addition of cybersecurity capabilities that are not tailored to the energy delivery system operational environment • EDS components are widely dispersed over wide geographical regions, and located in publicly accessible areas where they are subject to physical tampering • Real-time operations are imperative, latency is unacceptable • Real-time emergency response capability is mandatory 3
DOE Activities Align with the Roadmap Develop and Build a Culture of Assess and Monitor Implement New Sustain Security Manage Incidents Security Risk Protective Measures Improvements to Reduce Risk Electricity Support Product upgrades Subsector Cybersecurity NSTB (National Training to address Cybersecurity Standards SCADA Test Bed) evolving threats Capability Development Maturity Model Collaboration Near-term among all Education Situational Industry-led Outreach stakeholders to Awareness Tools R&D projects identify needs and implement solutions Mid-term Improved Common Laboratory communication Cyber Exercises Vulnerability Academia within industry Analysis R&D projects Long-term Laboratory Threat Academia Assessments R&D projects Consequence Assessments 4
CEDS Alignment with the Roadmap 3. Develop and 1. Build a Culture of 2. Assess and Monitor 5. Sustain Security Implement New 4. Manage Incidents CEDS provides Security Risk Improvements Protective Measures Executive 2.1 Common terms and 3.1 Capabilities to evaluate Tools to identify cyber Cyber threats, 1.1 4.1 5.1 engagement and measures specific to the robustness and events across all levels vulnerability, mitigation Federal funding to: support of cyber each energy subsector survivability of new of energy delivery strategies, and resilience efforts available for baselining platforms, systems, system networks incidents timely shared security posture in networks, architectures, commercially available among appropriate Industry-driven safe 1.2 operational settings policies, and other sector stakeholders code development Tools to support and 4.2 • National Near-term system changes and software implement cyber attack Federal and state 5.2 (0 – 3 yrs) commercially available assurance awareness response decision incentives available to workforce training making for the human accelerate investment campaign launched operator commercially in resilient energy Laboratories available delivery systems • Academia 1.3 Vendor systems and 2.2 Majority of asset owners 3.2 Scalable access control 4.3 Incident reporting 5.3 Collaborative components using baselining their security for all energy delivery guidelines accepted environments, sophisticated secure posture using energy system devices and implemented by mechanisms, and coding and software subsector specific available each energy subsector resources available for assurance practices metrics connecting security 3.3 Next-generation, 4.4 Real-time forensics • Solution widely available and operations interoperable, and capabilities researchers, vendors, Field-proven best upgradeable solutions commercially available 1.4 Mid-term and asset owners practices for energy for secure serial and Cyber event detection 4.5 (4-7 years) delivery systems routable Federally funded 5.4 tools that evolve with providers security widely communications partnerships and the dynamic threat employed between devices at all organizations focused landscape levels of energy delivery on energy sector Compelling business commercially available 1.5 system networks cybersecurity become case developed for implemented self-sustaining investment in energy To accelerate delivery systems security 1.6 Significant increase in 2.3 Tools for real-time Self-configuring energy Lessons learned from Private sector 3.4 4.6 5.5 the number of workers security state monitoring delivery system cyber incidents shared investment surpasses cybersecurity skilled in energy and risk assessment of network architectures and implemented Federal investment in delivery, information all energy delivery widely available throughout the energy developing systems, and system architecture sector cybersecurity solutions Capabilities that enable 3.5 cybersecurity levels and across cyber- for energy delivery investment and security solutions to Capabilities for 4.7 employed by industry physical domains systems continue operation automated response to commercially available during a cyber attack cyber incidents, Mature, proactive 5.6 available as upgrades including best practices processes to rapidly Long-term adoption of and built-in to new for implementing these share threat, (8-10 security solutions capabilities available vulnerabilities, and mitigation strategies years) 3.6 Next-generation, are implemented interoperable, and resilient energy throughout the energy upgradeable solutions sector for secure wireless communications between devices at all delivery systems levels of energy delivery system networks implemented 5
Project Title Project Lead Project Partnerships Project: short description (summary) Priority aspect(s) of the project Cyber summary: Benefits to the energy sector, asset owner • Supporting technical information/approach • How to get there Addresses Roadmap Milestones: (milestone numbers from slide 5) Home Intelligence Feeder Automation Substation Automation Transmission Automation Generation Distribution Automation (DA) Balancing Solar Communications Authority (or Wind) Tower AMI Collector Utility Central Cyber- Smart Fiber Operations Physical Thermostat Optic Interface Line Switch Energy with Radio Mobile Management Transceiver Devices, System (EMS) Remote Smart Access Meter House Other Utility’s Cloud Distribution Poles Computing Smart Substations Control Center (Transmission & Distribution Electric Vehicles Wide Area Network (WAN) 6 Home Area Network (HAN) Field Area Network (FAN) Local Area Network (LAN) Local Area Network (LAN)
Recommend
More recommend
