seminar series resiliency in the electricity subsector
play

Seminar Series Resiliency in the Electricity Subsector Information - PowerPoint PPT Presentation

Sep 13, 2023 •333 likes •820 views

Seminar Series Resiliency in the Electricity Subsector Information Sharing and Exercises against Black Sky Events Bill Lawrence, Director of Programs and Engagement Cyber Resilient Energy Delivery Consortium February 3, 2017 1 Agenda

  1. Seminar Series

  2. Resiliency in the Electricity Subsector Information Sharing and Exercises against Black Sky Events Bill Lawrence, Director of Programs and Engagement Cyber Resilient Energy Delivery Consortium February 3, 2017 1

  3. Agenda • Historical outages and NERC • High Impact, Low Frequency (HILF) aka “Black Sky” events • The Electricity Information Sharing and Analysis Center • Recent threats and impacts • GridEx 2

  4. November 9, 1965 Image: Wikipedia 3

  5. August 14, 2003 Image: Wikipedia 4

  6. NERC I nterconnections and Regions 5

  7. Reliability Coordinators 6

  8. September 8, 2011 Image: Wikipedia 7

  9. 30-31 July 2012 Image: Wikipedia 8

  10. Power Grid 9

  11. QER 1.2 • Quadrennial Energy Review (QER 1.2) 10

  12. HI LF / “Black Sky” • High Impact, Low Frequency  1987 – NERC committee formed to address terrorism and sabotage  1999 – Electricity Sector Information Sharing and Analysis Center (ES-ISAC)  2004 – Critical Infrastructure Protection Committee (permanent)  2009/10 – HILF Report (joint DOE and NERC) o Pandemic Illness o Geomagnetic and Electromagnetic Events o Coordinated Cyber/Physical Attack  2011 – GridEx 2011  2012 – Severe Impact Resilience report  2012 – Cyber Attack report  2013 – GridEx II  2015 – GridEx III 11

  13. Pandemic I llness Image: CNN (4 July 2014) 12

  14. Geomagnetic and Electromagnetic Events Image: NASA Image: Scientific American 13

  15. Cyber and Physical – Real World • Stuxnet, Shamoon, Dragonfly/Energetic Bear, Havex/Black Energy • Metcalf in California 14

  16. Electricity Threat Landscape 15

  17. Most Common Threat Agents http://cybersquirrel1.com/ 16

  18. Remote and Urban CIP 014, Design Basis Threat document 17

  19. Over 55,000 Substations over 100Kv 18

  20. E-I SAC Brief History • ISAC concept introduced in Presidential Decision Document 63, published in 1998  Electric power was identified as a critical sector along with 14 others  Homeland Security Presidential Directive 7 (2003)  Presidential Policy Directive 21 (2013) • Electricity sector’s ISAC has been hosted by NERC since 1999  Recent concerns about sensitive information shared with the ISAC  Could “leak” to NERC compliance and enforcement groups  Caused a rethinking about the proper relationship • ESCC identified strategic review of the ES-ISAC as a priority national security issue for 2015  Strategic review initiated in January 2015, completed in June 2015 • ES-ISAC renamed to E-ISAC in September 2015 19

  21. Electricity I nformation Sharing and Analysis Center Mission The E-ISAC reduces cyber and physical security risk to the electricity sector across North America by providing unique insights, leadership, and coordination Vision To be a leading, trusted source for the analysis and sharing of Electricity Subsector security information 20

  22. Suspicious damage 21

  23. Other damage 22

  24. Criminal Threats – Copper Theft 23

  25. Targeted Threats – Pipe Bomb 24

  26. October 30, 2015 25

  27. Most Common Cyber Threat 26

  28. What We Share - Cyber We encourage voluntary information sharing! • Cyber Security-related information sharing  Indicators of compromise (such as IP addresses, domains, URLs, MD5s, etc.)  Forensics artifacts or samples (malicious email, malware, malicious binaries, logs or packet captures)  Reports (forensics, after action reports, or analysis) • Potential Operational Technology (OT) vulnerability issue sharing  Unknown or unexplained PLC or RTU freezes, reboots, or failures  Discovered zero day vulnerabilities 27

  29. What We Share - Physical We encourage voluntary information sharing! • Physical Security-related Information Sharing  Breach/attempted intrusion of electricity facilities  Misrepresentation – presenting false information or misusing insignia, documents, and/or identification to misrepresent one’s affiliation as a means of concealing possible illegal activity  Theft/loss/diversion of key safety or security system, item, or technology  Sabotage/tampering/vandalism of facilities  Expressed or implied threats  Unusual observation or surveillance of facilities 28

  30. E-I SAC Products and Services • Products  NERC Alerts  Incident (cyber and physical) bulletins  Daily, weekly, and monthly summary reports  Issue-specific reports • Programs and Services  Monthly briefing series, first Tuesday of the month  Training at quarterly CIPC meetings  Grid Security Conference (GridSecCon)  Grid Exercise (GridEx)  Cyber Risk Information Sharing Program (CRISP)  Physical security outreach visits • Tools  E-ISAC portal (www.eisac.com)  Emergency notifications  STIX/TAXII automated information sharing 29

  31. December 23, 2015 Kyivoblenergo (KOE) Prykarpattyaoblenergo (PKO) Chernivtsioblenergo (CHE) 30

  32. Recent Operational Themes • Lately, we have seen opportunities to educate through events like E-ISAC/SANS Ukraine DUC – Defense Use Case  Common threat and vulnerabilities and top twenty type controls  Substantial opportunities in improved ways to view and manage OT environments • Lessons learned from red team penetration tests 31

  33. October 21, 2016 • NERC Level 2 Alert (two weeks prior) • Internet of Things / DDoS White Paper 32

  34. December 17-18, 2016 33

  35. I mprovements • CRISP and Data Repository, OT Pilot • Cyber Automated Information Sharing System (CAISS) Pilot • Portal Improvements / Platform Initiative • Virtual Forensics (Malware Analysis Dropbox) • DOE National Laboratory system • DARPA RADICS 34

  36. November 18-19, 2015 35

  37. GridEx I I I Scenario Escalation Distributed Play Real time Nov 18 Nov 18 Nov 19 Nov 19 Grid (Eastern) 9 am – 1 pm 1 pm – 5 pm 9 am – 1 pm 1 pm - 5 pm Reliability Level Nov 19 11 am - 5 pm Normal Executive Tabletop ESCC Calls December + Executive Tabletop Move 1 Move 2 Move 4 Move 3 Scenario T = 0 to 4 hours T = 4 to 8 hours T = 72 to 76 hours T = 24 to 28 hours Time 36

  38. GridEx Program Vision The vision of the GridEx Program is to strengthen capability to respond to and recover from severe events • Exercising timely, real-world scenarios • Increasing stakeholder participation and training value • Increasing integration with BPS operations • Greater state/provincial and local government participation • Greater integration with U.S. and Canadian senior executives and government officials • Including other most critically interdependent infrastructure sectors • Increasing interactive simulation into joint simulation 37

  39. Communications Executive NERC Electricity Subsector Energy GCC Coordinating Council (ESCC) Coordination Other SCCs Crisis Action Team Trade Regional Entities Unified Coordination Group (UCG) or Associations non-US equiv. Other Federal Agencies NERC E-I SAC DHS US : FBI, FERC, DOD DOE Bulk Power Electricity NCCI C Canada : Public Safety Department System Information ICS-CERT Canada, NRCan, RCMP, CSIS, of Energy Sharing & Awareness US-CERT CCIRC Analysis Center (BPSA) Coordination with Government Local, Vendor Bulk-Power System Entities State/ Provincial Support Government Coordinated Operations IT, ICS, ISP, Anti-virus • Emergency Management Reliability Coordinators, Organizations Balancing Authorities, • Emergency Generator Operators, Operations Centers / Other Critical Fusion Centers Transmission Operators, Load I nfrastructures • Local FBI, PSAs, NG Serving Entities, etc. Telecommunications Oil & Gas others ExCon - GridEx IV Exercise Control NERC staff, GEWG, Booz Allen, Nat’l Labs, SMEs for Sim-cell, etc. 38

  40. GridEx I V Objectives • Exercise incident response plans • Expand local and regional response • Engage critical interdependencies • Improve communication • Gather lessons learned • Engage senior leadership 39

  41. Participation and Planning Planning Physical E-ISAC Sub CIPC GEWG Cyber Teams Lead Planner Planners Operations Players Observers Participants 40

  42. The GEWG Physical 65+ Cyber Members Operations RC-to-RC Training Task Force 41

  43. I nitial Scenario Discussion GEWG scenario themes and potential attack vectors from GE3 ‘Yes’ ‘No’ • Distribution • NERC/DOE as patient zero Open Issues/ • Simulated time of year • PMU/PDC Boundaries Key personnel unavailability • GPS, EMP, GMD • Watering hole/HAVEX • Remote access infiltration • • USB in substation • Spearphishing Cyber • Shared tools/applications • Degradation of Attacks • Comms links/MPLS monitoring tools • Supply chain corruption • BCS issues UAV threats • Fuel supply • • Transmission line attack • Active Shooter / explosives Physical • Leak of critical substations • Vendor access to multiple Attacks • Scrubber damage sites • Control center habitability • Exfiltration of security plans Water intake degradation • 42

  44. Communications 43

  45. Social Media 44

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Seminar Series Oil and Gas Pipeline Transmission Infrastructure Cybersecurity and Resiliency Al

Seminar Series Oil and Gas Pipeline Transmission Infrastructure Cybersecurity and Resiliency Al

Seminar Series Oil and Gas Pipeline Transmission Infrastructure Cybersecurity and Resiliency Al Rivero, PE CREDC Summer School February 5th, 2018 Funded by the U.S. Department of Energy and the U.S. Department of Homeland Security |

469 views • 11 slides
Role of Coal in Modern Electricity Role of Coal in Modern Electricity Generation Systems

Role of Coal in Modern Electricity Role of Coal in Modern Electricity Generation Systems

Role of Coal in Modern Electricity Role of Coal in Modern Electricity Generation Systems Generation Systems Energy and Environment Seminar Series Energy and Environment Seminar Series John Kramlich John Kramlich UW Mechanical Engineering UW

410 views • 40 slides
Renewable Energy Storage Increases grid reliability, resiliency, integrity, and stability

Renewable Energy Storage Increases grid reliability, resiliency, integrity, and stability

Renewable Energy Storage Increases grid reliability, resiliency, integrity, and stability Helps residents and businesses manage electricity use, lowering costs Lowers costs to ratepayers by reducing electricity demand during peak

321 views • 10 slides
The impact of distributed solar on electricity prices Public Seminar: How are renewable

The impact of distributed solar on electricity prices Public Seminar: How are renewable

The impact of distributed solar on electricity prices Public Seminar: How are renewable technologies impacting the price of electricity? 27 th June 2013 Dylan McConnell Solar in Australia [Source: CEC 2013] Economic dispatch - how electricity

703 views • 24 slides
Billion-Way Resiliency for Extreme Scale Computing Seminar at German Research School for

Billion-Way Resiliency for Extreme Scale Computing Seminar at German Research School for

Billion-Way Resiliency for Extreme Scale Computing Seminar at German Research School for Simulation Sciences, Aachen October 6 th , 2014 Kento Sato Lawrence Livermore National Laboratory LLNL-PRES-662034 This work was performed under the

767 views • 74 slides
TPCB Research in Progress Seminar Series Overview The TPCB Research in Progress Seminar Series is

TPCB Research in Progress Seminar Series Overview The TPCB Research in Progress Seminar Series is

TPCB Research in Progress Seminar Series Overview The TPCB Research in Progress Seminar Series is an important component of our graduate training program. It provides students with opportunities to learn about chemical biology research being

419 views • 3 slides
Cultivating Resiliency as a Palliative Care Program Leader CAPC Leadership Series Panel: Betty

Cultivating Resiliency as a Palliative Care Program Leader CAPC Leadership Series Panel: Betty

Cultivating Resiliency as a Palliative Care Program Leader CAPC Leadership Series Panel: Betty Ferrell, PhD, FAAN, FHPN Michael Fratkin, MD Tammy Kang, MD, MSCE Donna Stevens, MHA March 10, 2020 Facilitated by: Jeanne Sheils Twohig, MPA

349 views • 4 slides
Inspiring Great Downtowns RECOVERY & RESILIENCY ON MAIN STREET Educational Series Main

Inspiring Great Downtowns RECOVERY & RESILIENCY ON MAIN STREET Educational Series Main

Inspiring Great Downtowns RECOVERY & RESILIENCY ON MAIN STREET Educational Series Main Street Forums for the 21 st Century Session Sponsors: Corporate Investors: Founding Sponsors: Growth Partners: State Histor oric Preservation Office

543 views • 42 slides
Workshop P Affordable Resiliency Best Practices & Case Studies in Integrating Backup

Workshop P Affordable Resiliency Best Practices & Case Studies in Integrating Backup

Workshop P Affordable Resiliency Best Practices & Case Studies in Integrating Backup Generation with Electricity Supply to Minimize Total Cost of Ownership Tuesday, February 18, 2020 3:15 p.m. to 4:30 p.m. Biographical Information

377 views • 21 slides
Support to the Electricity Sector John Swinscoe Electricity Markets Convergence Expert Tbilisi,

Support to the Electricity Sector John Swinscoe Electricity Markets Convergence Expert Tbilisi,

Regional seminar: INOGATE PC convergence with EU Electricity and Gas Tariffs INOGATE Information Event Support to the Electricity Sector John Swinscoe Electricity Markets Convergence Expert Tbilisi, February 19, 2014 1 Tariff Review

531 views • 25 slides
Dirty Electricity and Electromagnetic Fields BOB JOHNSON GREEN BUILDING LECTURE SERIES

Dirty Electricity and Electromagnetic Fields BOB JOHNSON GREEN BUILDING LECTURE SERIES

Dirty Electricity and Electromagnetic Fields BOB JOHNSON GREEN BUILDING LECTURE SERIES DECEMBER 5, 2019 Presentation Overview What the heck is Dirty Electricity? Electromagnetic Fields Health effects overview from

408 views • 16 slides
SIGTACS Seminar Series Metric Embeddings and Applications in Computer Science Presented by :

SIGTACS Seminar Series Metric Embeddings and Applications in Computer Science Presented by :

Introduction Embeddings into Normed Spaces Dimensionality Reduction The JL Lemma Discussion SIGTACS Seminar Series Metric Embeddings and Applications in Computer Science Presented by : Purushottam Kar January 10, 2009 SIGTACS Seminar Series

674 views • 56 slides
System Effects and electricity generation costs in low-carbon electricity systems Marco Cometto,

System Effects and electricity generation costs in low-carbon electricity systems Marco Cometto,

System Effects and electricity generation costs in low-carbon electricity systems Marco Cometto, CFA Nuclear Energy Analyst, OECD/NEA Division of Nuclear Development Seminar on Electricity Systems within the energy transition, Brussels, 19

529 views • 36 slides
Electricity update from Europe technology, market & regulation: the case of Italy Maurizio

Electricity update from Europe technology, market & regulation: the case of Italy Maurizio

Electricity in Italy, the UK and Spain lessons learnt and future directions A seminar from IVAs Electricity Crossroads project. Electricity update from Europe technology, market & regulation: the case of Italy Maurizio Delfanti

607 views • 23 slides
Beyond Power Capping Coping with the Complexity of the German Electricity Market Dagstuhl Seminar

Beyond Power Capping Coping with the Complexity of the German Electricity Market Dagstuhl Seminar

Beyond Power Capping Coping with the Complexity of the German Electricity Market Dagstuhl Seminar Dark Silicon: From Embedded to HPC Systems Axel Auweter Leibniz Supercomputing Centre of the Bavarian Academy of Sciences and Humanities

363 views • 23 slides
Electricity System Operator Incentives BSUoS Seminar Place your chosen image here. The four

Electricity System Operator Incentives BSUoS Seminar Place your chosen image here. The four

Electricity System Operator Incentives BSUoS Seminar Place your chosen image here. The four corners must just cover the arrow tips. For covers, the three pictures should be the same size and in a straight line. Tuesday 15 th February 2011

1.08k views • 84 slides
China ten most wonderful highways Hangzhou Bridge World's Longest Trans-oceanic Bridge, total

China ten most wonderful highways Hangzhou Bridge World's Longest Trans-oceanic Bridge, total

China ten most wonderful highways Hangzhou Bridge World's Longest Trans-oceanic Bridge, total length 36km. China has 6 such hanging highways one of then is Quabi Highway in Taihang Mountain as shown. A photo shows view along the Guoliang

1.03k views • 74 slides
New variants of Nonnegative Matrix Factorization for sparsity improvement and maximum biclique

New variants of Nonnegative Matrix Factorization for sparsity improvement and maximum biclique

New variants of Nonnegative Matrix Factorization for sparsity improvement and maximum biclique finding Nicolas Gillis nicolas.gillis@uclouvain.be In collaboration with Fran cois Glineur UCL/CORE (Center for Operations Research and

1.18k views • 98 slides
Reclassification of Cranial Electrotherapy Stimulation (CES) SPEAKERS Charles Avery Fisher Richard

Reclassification of Cranial Electrotherapy Stimulation (CES) SPEAKERS Charles Avery Fisher Richard

SPONSOR: Fisher Wallace Laboratories, LLC PANEL: Neurological Devices Panel DATE: February 10, 2012 Reclassification of Cranial Electrotherapy Stimulation (CES) SPEAKERS Charles Avery Fisher Richard P. Chiacchierini, Ph.D. Mitchell Rosenthal, MD

802 views • 43 slides
Intro, Math Review, OpenGL Pipeline Week 1, Tue May 10 http://www.ugrad.cs.ubc.ca/~cs314/Vmay2005

Intro, Math Review, OpenGL Pipeline Week 1, Tue May 10 http://www.ugrad.cs.ubc.ca/~cs314/Vmay2005

University of British Columbia CPSC 314 Computer Graphics May-June 2005 Tamara Munzner Intro, Math Review, OpenGL Pipeline Week 1, Tue May 10 http://www.ugrad.cs.ubc.ca/~cs314/Vmay2005 Introduction Expectations hard course!

1.36k views • 121 slides
The Beginning and Construction of the MAGIC Telescopes Razmik Mirzoyan Max-Planck-Institute for

The Beginning and Construction of the MAGIC Telescopes Razmik Mirzoyan Max-Planck-Institute for

The Beginning and Construction of the MAGIC Telescopes Razmik Mirzoyan Max-Planck-Institute for Physics Munich, Germany The very beginning of MAGIC In September 1992, after ~2 months of commissioning, we put into operation the 1 st IACT of

624 views • 60 slides
Preparing HIV+ Patients for Travel I have nothing to disclose Greg Melcher, M.D. Professor

Preparing HIV+ Patients for Travel I have nothing to disclose Greg Melcher, M.D. Professor

10/28/2016 Disclosures Preparing HIV+ Patients for Travel I have nothing to disclose Greg Melcher, M.D. Professor of Clinical Medicine Division of Infectious Diseases UCSF Learning Objectives Approach to Traveler Health Develop

491 views • 7 slides
Computational Models of Discourse Regina Barzilay MIT What is Discourse? What is Discourse?

Computational Models of Discourse Regina Barzilay MIT What is Discourse? What is Discourse?

Computational Models of Discourse Regina Barzilay MIT What is Discourse? What is Discourse? Landscape of Discourse Processing Discourse Models: cohesion-based, content-based, rhetorical, intentional Applications: anaphora resolution,

1.12k views • 75 slides
a) b) Stereo Camera Sonar Sensors IR Sensors c) Omnidirectional Camera IMU Inertial

a) b) Stereo Camera Sonar Sensors IR Sensors c) Omnidirectional Camera IMU Inertial

4 Perception One of the most important tasks of an autonomous system of any kind is to acquire knowl- edge about its environment. This is done by taking measurements using various sensors and then extracting meaningful information from those

839 views • 35 slides

More recommend