panel session lessons learned in smart grid cybersecurity
play

Panel Session: Lessons Learned in Smart Grid Cybersecurity TCIPG - PowerPoint PPT Presentation

May 11, 2023 •567 likes •757 views

PNNL-SA-91587 Panel Session: Lessons Learned in Smart Grid Cybersecurity TCIPG Industry Workshop October 30, 2012 Jeff Dagle, PE Chief Electrical Engineer Advanced Power and Energy Systems Pacific Northwest National Laboratory (509)

  1. PNNL-SA-91587 Panel Session: Lessons Learned in Smart Grid Cybersecurity TCIPG Industry Workshop October 30, 2012 Jeff Dagle, PE Chief Electrical Engineer Advanced Power and Energy Systems Pacific Northwest National Laboratory (509) 375-3629 jeff.dagle@pnnl.gov October 30, 2012 1

  2. Outline Setting the context for challenges associated with control system security in the electricity sector Smart grid security considerations Defining the “smart grid” A discussion on synchrophasors and their security implications DOE efforts on securing ARRA smart grid investment grants The author’s perspectives on security and resilience Issues for consideration October 30, 2012 2

  3. The Emerging Cyber Threat Industry has long history of planning for and coping with natural disasters and other reliability events Through industry standard operating procedures, there is much effort expended to reduce likelihood of cascading outages leading to widespread blackouts Historically, cyber security focused on countering unstructured adversaries e.g., individuals, untargeted malicious software, human error Very little protection against structured adversaries intent on exploiting vulnerabilities to maximize consequences e.g., terrorist groups, organized crime, hostile nation states Insider threat remains very challenging, can be used as part of structured threat vector New possibilities for widespread sustained outages resulting from cyber attack are now being contemplated Currently, most of the emphasis is on compliance to mandatory cyber security requirements, e.g., NERC CIP Some effort to expand thinking beyond minimum necessary requirements, e.g., the joint NERC-DOE effort on High Impact, Low Frequency Events October 30, 2012 3

  4. Smart Grid Defined A smart grid uses digital technology to improve reliability, security, and efficiency of the electric system: from large generation, through the delivery systems to electricity consumers and a growing number of distributed- generation and storage resources. The information networks that are transforming our economy in other areas are also being applied to applications for dynamic optimization of electric system operations, maintenance, and planning. October 30, 2012 4

  5. Smart Grid Vision Bring digital intelligence & real-time communications to transform grid operations Demand-side resources participate with distribution equipment in system operation Consumers engage to mitigate peak demand and price spikes More throughput with existing assets reduces need for new assets Enhances reliability by reducing disturbance impacts, local resources self-organize in response to contingencies Provide demand-side ancillary services – supports wind integration The transmission and bulk generation resources get smarter too Improve the timeliness, quality, and geographic scope of the operators’ situational awareness and control Better coordinate generation, balancing, reliability, and emergencies Utilize high-performance computing, sophisticated sensors, and advanced coordination strategies October 30, 2012 5

  6. Communication and Information Technology will be Central to Smart Grid Deployment NIST Framework and Roadmap for Smart Grid Interoperability Standards. Release 1.0 (Draft), September 2009 October 30, 2012 6

  7. Smart Grid Cyber Security The same information and communication technologies that enhance the resilience of the power system may also present a new set of vulnerabilities related to the control layer of the physical infrastructure If there are common modes of failure present in these control layers, there will necessarily be challenges to achieving full degrees of resilience in future smart grid deployments Because smart grid technologies transcend the scope of the FERC/NERC jurisdiction associated with the bulk electricity system, we cannot rely on existing mandatory cyber security standards and requirements October 30, 2012 7

  8. North American SynchroPhasor Initiative DOE and NERC are working together closely with industry to enable wide area time-synchronized measurements that will enhance the reliability of the electric power grid through improved situational awareness and other applications March 2012 April 2007 “Better information supports better - and faster - decisions.” 8

  9. REAL-TIME SYNCHROPHASOR APPLICATIONS AND THEIR PREREQUISITES Functions  Automated wide- System protection area controls Applications  Reliability Action Increase in operating Schemes transfer capacity  Operator Renewable integration decision support Wide-area Monitoring Congestion  Event detection  Visualization management  Alarming  Frequency and Outage avoidance voltage monitoring  Oscillation detection Situational awareness TODAY FUTURE Prerequisites Model validation – Interconnection- Pattern System Good data A NALYSIS system & elements wide baselining detection studies collection Interoperability High availability, Appropriate physical Redundant, C OMMUNICATIONS standards high speed & cyber-security fault-tolerant U SERS Familiarity Good visual interface Training

  10. Security of Synchrophasors Synchrophasors are becoming part of the bulk electric system and will require physical and cyber security But these systems shouldn’t be treated any differently than other forms of measurement and control telemetry Synchrophasor systems will coexist with other bulk electricity system (BES) cyber infrastructure and will have similar dependencies on common communications and network elements System designers and owners are leveraging emerging cyber-security standards and technologies Currently available phasor applications require further data analysis, software refinement and operational validation to be fully effective; many are in advanced development and testing and are not in full operational use Therefore, many of these systems are not currently considered critical cyber assets Due to nature of continuous, high-volume data flows, new technology will likely be required for measurement, communications, and applications Technology anticipated to undergo rapid change and refinement over the next several years October 30, 2012 10

  11. Cyber Security ARRA Activities Critical to Smart Grid Success Organized interagency group (DOE, NIST, “DOE may not make an FERC, DHS, others) for development of award to an otherwise cyber security requirements in the funding meritorious application if opportunity announcement that application cannot Cyber security - major factor in technical provide reasonable merit review assurance that their Separate subject matter expert team approach to cyber provided independent reviews security will prevent DOE’s team of subject matter experts broad based systemic reviewed and approved the cyber security failures in the electric plans grid in the event of a Annual site assessments currently cyber security breach.” underway Smart Grid FOA October 30, 2012 11

  12. www.ARRASmartGridCyber.net Provide a resource enabling Smart Grid Investment Grants (SGIG) and Smart Grid Demonstration Projects (SGDP) to understand the baseline principles and practices necessary to implement cyber security in the deployment of smart grid technologies October 30, 2012 12

  13. Cyber Security Plan ARRA projects committed to a technical approach to cyber security that included a plan to provide a summary of: the cyber security risks and how they will be mitigated at each stage of the lifecycle (focusing on vulnerabilities and impact), cyber security criteria utilized for vendor and device selection, relevant cyber security standards and/or best practices that will be followed, and how the project will support emerging smart grid cyber security standards. A strong Cyber Security Plan will: provide commitment to the organization’s cyber security assessments, evaluations, and threat analyses, provide assurance that a defensive strategy will be created, appropriate security controls, will be selected, and mitigation methodologies based on risk-informed processes will be implemented, and document that all systems are installed, tested, and operated with appropriate and diligent cyber security. October 30, 2012 13

  14. Identifying Risks of Implementing Smart Grid Systems (an All Hazards Approach) Complexity Introduces potential vulnerabilities More access points (increased exposure) Difficult to manage a complex system Power system would be more vulnerable to communication (or software) disruptions Denial of service (e.g., unintentional load shedding) Potential for common failure modes across connected systems Software/system integrity (e.g., firmware, logic bomb, supply chain, etc.) Intelligence gathering tool for the adversary Potential for breach of customer privacy Implementation issues Inappropriate or premature mandating of technologies that aren’t appropriate for the application Potential for technology obsolescence October 30, 2012 14

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Lessons Learned In Smart Grid Cybersecurity Chris Blask Chair ICS-ISAC TCIPG Workshop, October

Lessons Learned In Smart Grid Cybersecurity Chris Blask Chair ICS-ISAC TCIPG Workshop, October

Lessons Learned In Smart Grid Cybersecurity Chris Blask Chair ICS-ISAC TCIPG Workshop, October 30, 2012 Cyberwar Hits Energy Firms Escalating from Interruption to Destruction Iranian nuclear program: Stuxnet destroys 1,000+

253 views • 12 slides
Keeping the Lights On: Challenges of Cybersecurity Training and Awareness for the Smart Grid

Keeping the Lights On: Challenges of Cybersecurity Training and Awareness for the Smart Grid

Keeping the Lights On: Challenges of Cybersecurity Training and Awareness for the Smart Grid Susan Farrand What is the Grid? Why is the Grid like it is? The War of the Currents Thomas Edison Nikola Tesla George Westinghouse Electricity

303 views • 27 slides
of Cybersecurity in Smart Grid Deployments Prof. Dave Bakken School of Electrical Engineering

of Cybersecurity in Smart Grid Deployments Prof. Dave Bakken School of Electrical Engineering

Industry Panel: Case Studies of Cybersecurity in Smart Grid Deployments Prof. Dave Bakken School of Electrical Engineering and Computer Science Washington State University Pullman, Washington, USA TCIPG Industry Workshop Champaign, Illinois

76 views • 4 slides
Hank Kenchington Deputy Assistant Secretary Office of Electricity Delivery and Energy Reliability

Hank Kenchington Deputy Assistant Secretary Office of Electricity Delivery and Energy Reliability

Smart Grid Cybersecurity Lessons Learned From More than 11 Million Smart Meters Deployed Hank Kenchington Deputy Assistant Secretary Office of Electricity Delivery and Energy Reliability Grid Modernization: A National Energy Priority Energy

556 views • 33 slides
Smart Grid Increasing the IQ of the Smart Grid Unclear exactly what the smart grid is, but

Smart Grid Increasing the IQ of the Smart Grid Unclear exactly what the smart grid is, but

Smart Grid Increasing the IQ of the Smart Grid Unclear exactly what the smart grid is, but Through Active Customer it does include Participation in Wholesale Electricity Interval meters Markets Storage and load flexibility

465 views • 15 slides
Cybersecurity Training for the End User A Journey of Lessons Learned Chris Gaucher, Director of

Cybersecurity Training for the End User A Journey of Lessons Learned Chris Gaucher, Director of

Cybersecurity Training for the End User A Journey of Lessons Learned Chris Gaucher, Director of Cybersecurity & Privacy Simon McLaren, LCDR US Navy N A V A L P O S T G R A D U A T E S C H O O L NPS Mission Statement NPS provides

355 views • 18 slides
Lessons Learned Lessons Learned From From Lessons Learned Lessons Learned From From

Lessons Learned Lessons Learned From From Lessons Learned Lessons Learned From From

Protg 2006, July 26th, Stanford I R I S A C 1 R E C Saint-Cyr Lessons Learned Lessons Learned From From Lessons Learned Lessons Learned From From Ontology Ontology Design Design Ontology Ontology Design Design Jean Andr B

371 views • 12 slides
How to Think Like a Hacker: Lessons Learned & Best Practices Jointly hosted by: PRESENTERS

How to Think Like a Hacker: Lessons Learned & Best Practices Jointly hosted by: PRESENTERS

How to Think Like a Hacker: Lessons Learned & Best Practices Jointly hosted by: PRESENTERS BRIAN KIRK ANNIE BRINK DIRECTOR BUSINESS DEVELOPMENT Digital Operations Digital Operations And Cybersecurity And Cybersecurity Direct:

370 views • 25 slides
Cybersecurity Standards and the Smart Grid Marianne Swanson Computer Security Division

Cybersecurity Standards and the Smart Grid Marianne Swanson Computer Security Division

Cybersecurity Standards and the Smart Grid Marianne Swanson Computer Security Division Information Technology Laboratory National Institute of Standards and Technology April 19, 2012 1 Cyber Security Working Group (CSWG) Background To

370 views • 9 slides
More than 60,000 grid connected PV-Home- Storage systems in Germany Lessons Learned

More than 60,000 grid connected PV-Home- Storage systems in Germany Lessons Learned

More than 60,000 grid connected PV-Home- Storage systems in Germany Lessons Learned Kai-Philipp Kairies, Jan Figgener, Dirk Magnor, Hendrik Axelsen, Eberhard Waffenschmidt , Dirk Uwe Sauer IRENEC 2017 Conference, Istanbul, Turkey, 20. May

1.2k views • 23 slides
Sustainability and Smart Grid Implementing a Non residential Smart Metering System PaperCon

Sustainability and Smart Grid Implementing a Non residential Smart Metering System PaperCon

Sustainability and Smart Grid Implementing a Non residential Smart Metering System PaperCon 2011 Page 195 Smart Grid Popular Topics in the News Smart Grid Smart Meter Smart Meter Micro Grid Distributive Generation Most talk is

427 views • 39 slides
Smart Networks III Cybersecurity Panel Verizon Perspective Ernie Hayden CISSP CEH Managing

Smart Networks III Cybersecurity Panel Verizon Perspective Ernie Hayden CISSP CEH Managing

Smart Networks III Cybersecurity Panel Verizon Perspective Ernie Hayden CISSP CEH Managing Principal Energy Security Global Energy & Utility Practice ernest.hayden@verizonbusiness.com Confidential and proprietary material for

188 views • 4 slides
Lessons Learned from Agnews None Presenter: Alan Wilens M.Ed. Panel Members: Amy M. Narciso,

Lessons Learned from Agnews None Presenter: Alan Wilens M.Ed. Panel Members: Amy M. Narciso,

Disclosures Lessons Learned from Agnews None Presenter: Alan Wilens M.Ed. Panel Members: Amy M. Narciso, RN, MSN, CNS Doreen E. Canton, RN, CDDN, BS 2 Background Regional Centers Lanterman Developmental Disabilities Act DC2

352 views • 8 slides
OSG PKI Transition: Status and Next Steps (and Lessons Learned) Von Welch OSG PKI

OSG PKI Transition: Status and Next Steps (and Lessons Learned) Von Welch OSG PKI

OSG PKI Transition: Status and Next Steps (and Lessons Learned) Von Welch OSG PKI Transition Lead Indiana University Center for Applied Cybersecurity Research Key Message DOE Grids CA stops issuing new certificates March 23 rd ,

397 views • 29 slides
Modernizing T&D on the Electric Grid 11/29/2011 Mark Nealon System Meter & Smart Grid

Modernizing T&D on the Electric Grid 11/29/2011 Mark Nealon System Meter & Smart Grid

Modernizing T&D on the Electric Grid 11/29/2011 Mark Nealon System Meter & Smart Grid Ameren Missouri PSC Smart Grid Technical Conference 1 What is the Smart Grid? What Smart Grid means to Ameren Transform Amerens grid to

341 views • 7 slides
Lessons Learned from Implementing Privacy- Preserving Protocols for Smart Meters Benessa Defend

Lessons Learned from Implementing Privacy- Preserving Protocols for Smart Meters Benessa Defend

Lessons Learned from Implementing Privacy- Preserving Protocols for Smart Meters Benessa Defend Real World Crypto, London January 9, 2015 - Confidential - 1 In Collaboration with Klaus Kursawe George Danezis Markulf

570 views • 23 slides
Logic for Computer Science 02 Propositions Wouter Swierstra University of Utrecht 1 Last

Logic for Computer Science 02 Propositions Wouter Swierstra University of Utrecht 1 Last

Logic for Computer Science 02 Propositions Wouter Swierstra University of Utrecht 1 Last time Organisation What is logic? Why study logic? How to reason about programs? 2 Today Propositional logic Truth

1.19k views • 104 slides
Non-classical logics Lecture 11: Modal logics (Part 1) Viorica Sofronie-Stokkermans

Non-classical logics Lecture 11: Modal logics (Part 1) Viorica Sofronie-Stokkermans

Non-classical logics Lecture 11: Modal logics (Part 1) Viorica Sofronie-Stokkermans sofronie@uni-koblenz.de 1 History and Motivation Extensions of classical logic by means of new logical operators Modal logic - modal operators , meaning

762 views • 53 slides
20. Logic constraints, integer variables If-then constraints Generalized assignment

20. Logic constraints, integer variables If-then constraints Generalized assignment

CS/ECE/ISyE 524 Introduction to Optimization Spring 201718 20. Logic constraints, integer variables If-then constraints Generalized assignment problems Logic constraints Modeling a restricted set of values Sudoku! Laurent

475 views • 24 slides
CPSC 121: Models of Computation Unit 2: Conditionals and Logical Equivalences CPSC 121 2011W

CPSC 121: Models of Computation Unit 2: Conditionals and Logical Equivalences CPSC 121 2011W

CPSC 121: Models of Computation Unit 2: Conditionals and Logical Equivalences CPSC 121 2011W T2 Unit 2: Conditionals and Logical Equivalences The third online quiz is due Sunday at 21:00. Assigned reading for the quiz: Epp, 4 th

290 views • 26 slides
First-Order Logic & Inference The last little bit of PL and FOL Axioms and Theorems

First-Order Logic & Inference The last little bit of PL and FOL Axioms and Theorems

11/20/17 Todays Class First-Order Logic & Inference The last little bit of PL and FOL Axioms and Theorems AI Class 20 (Ch. 8.18.3, 9 ) Sufficient and Necessary Logical Agents Reflex Model-Based Goal-Based

468 views • 9 slides
CSE*351:*The*Hardware/So9ware*Interface * * Sec/on*3:*Control*flow,*assembly,*and*Lab*2 *

CSE*351:*The*Hardware/So9ware*Interface * * Sec/on*3:*Control*flow,*assembly,*and*Lab*2 *

University*of* Washington * CSE*351:*The*Hardware/So9ware*Interface * * Sec/on*3:*Control*flow,*assembly,*and*Lab*2 * University*of* Washington * Control*Flow* ! do?while:*a*useful*variaBon*on*the*while*loop* int value; do { value = value

384 views • 15 slides
Rules for logarithms We review the properties of logarithms from the previous lecture. In that

Rules for logarithms We review the properties of logarithms from the previous lecture. In that

Rules for logarithms We review the properties of logarithms from the previous lecture. In that lecture, we developed the following identities. The Product Property is an identity involving the logarithm of product: Elementary Functions log

93 views • 6 slides
Family Orientation Remote Learning September 2020 2 Lowell Public Schools With parent feedback

Family Orientation Remote Learning September 2020 2 Lowell Public Schools With parent feedback

Lowell Public Schools: DALEY SCHOOL Family Orientation Remote Learning September 2020 2 Lowell Public Schools With parent feedback about the emergency closure, we developed this plan to: Rationale Eliminate the need for families to

368 views • 14 slides

More recommend