edp distribuição road to reality: rolling-out a secure ... · edp distribuição road to reality:...

EDP Distribuição Road to Reality: Rolling-out a Secure Smart Grid

Nuno Medeiros, Head of Cyber Security Department, C|CISO

EDP Distribuição

European Utility Week 2017

October 4th , 2017

Amsterdam, The Netherlands

The National Electricity System includes EDP Distribuição as the regulated electricitydistribution company, acting under a public service concession

2

Smart Grid

Quality of Service

Operational Efficiency

Historical Challenges New Challenges

A smarter distribution

grid to new challenges

• New ways of planning and

managing the grid (e.g. DG,

bidirectional energy

flows...)

• More information to

customer energy efficiency

• New technologies (e.g.

energy storage) and new

business models (e.g. DSM,

dynamic energy prices...)

• EV integration (e.g. V2G,

smart charging...)

Advanced Metering

Infrastructure

MV/LV automation & sensoring

Energy efficiency and new business

models

Electric vehicle Supply customers with

high quality of service

Minimize OPEX and CAPEX

Renewables and

Distributed Generation

3

There is a clear paradigm shift in the energy sector, which carries many new andcomplex challenges for DSOs, that require a profound business transformation

4

HV network

VHV/HV substation

HV/MV susbstation

MV network

MV/LV substation

LV networkConsummers

Microgenerationintegration

EV charge network

GIS andWork Force

Management

Remote public lighting metering and management

MV automation and telecontrol

DG and storageand VPP

Improved network operation and

quality of service

New tools for smarter network

management

Energy services (efficiency, DR, …)

New tariffs and pricing mechanismsSystem integration

and cybersecurity

Information management and

data mining

WAN HAN

EDP BoxHead-end systems

LAN

DTC

Wide area network Local area network Home area network

Sm

art

gri

ds

ap

plic

atio

ns

an

d s

erv

ice

sSG

en

ab

lin

g

infr

ast

ruc

ture

Dis

trib

utio

n

ne

two

rk

The InovGrid Project represents this transformation at EDP Distribuição, seeking agradual and integrated approach towards a smarter distribution grid

…but it also brings a major new threat level. Smart Grids and the increase of ICTmakes cyber security a new and complex challenge, that is continuously changing…

DAT /DTI5

There are serious threat scenarios to be considered: 1. Meters incorporate remotely controlled switches (QoS)2. Metering data might be tampered (fraud) 3. Ilegitimate access to personnal data (privacy)

The EU and other utilities are commited to secure Smart Grids:- SGTF EG2 and TEG / Iberdrola, ERDF, GNF, Alliander, E-ON, Enexis,

Context is evolvingEU Digital Single Market (DSM) Strategy, engaging Critical Infrastructure Operators:

Network and Information Security DirectiveCyber Security for Operators of EssentialServices:

• Risk Management methodologies;• Security Controls;• Incidents affecting services must be notified.

GDPR – General Data Protection RegulationEU commitment to Personnal Data Protection

• Data Protection Controls;• Data breach penalties:o 20M€ vs 2%-4% dos anual revenue.

• Some risks have been assessed in internal initiatives: - Risk Assessment EDPD, Critical SW, SEGRID PenTest, DPIA (SGTF-EG2)…

Security and Data Protection

Impact

DSO and EU Alignment

Threat LandcapeInovgrid infrastructure is being rolled-out, meaning, the organization exposure to Cyber Security and Data Protection threats keeps increasing.

Therefore, it is essential to understand the risks of the increasing digitalization of thegrid, acknowledging that it shall be accomplished in a secure and sustainable manner

DAT /DTI6

There are serious threat scenarios to be considered: 1. Meters incorporate remotely controlled switches (QoS)2. Metering data might be tampered (fraud) 3. Ilegitimate access to personnal data (privacy)

The EU and other utilities are commited to secure Smart Grids:- SGTF EG2 and TEG / Iberdrola, ERDF, GNF, Alliander, E-ON, Enexis,

Context is evolvingEU Digital Single Market (DSM) Strategy, engaging Critical Infrastructure Operators:

Network and Information Security DirectiveCyber Security for Operators of EssentialServices:

• Risk Management methodologies;• Security Controls;• Incidents affecting services must be notified.

GDPR – General Data Protection RegulationEU commitment to Personnal Data Protection

• Data Protection Controls;• Data breach penalties:o 20M€ vs 2%-4% dos anual revenue.

• Some risks have been assessed in internal initiatives: - Risk Assessment EDPD, Critical SW, SEGRID PenTest, DPIA (SGTF-EG2)…

Security and Data Protection

Impact

DSO and EU Alignment

Threat LandcapeInovgrid infrastructure is being rolled-out, meaning, the organization exposure to Cyber Security and Data Protection threats keeps increasing.

Therefore, it is essential to understand the risks of the increasing digitalization of thegrid, acknowledging that it shall be accomplished in a secure and sustainable manner

7

• Smart Grid Security is Key for overall security

• New set of Security Requirements

• Adopting Standard Security Suites

• Engaging vendors with security obligations

• Rolling-out a securer Smart Grid

SecondarySubstation

HV network

Client

EDP Box

MV network LV network

PrimarySubstation

EVEV

DG (RES) μG

Step 1 Step 2

EDP Distribuição has been evolving its cyber security strategy to cover the Smart Gridimplementation within the security in depth model

2014 - 2015 2017 - 2018

8

Risk Assessment and Security Requirements

Problem• The level of security of the Smart Grid

• Exposure and Scalability of the SM and DTC

Objective

• To achieve an acceptable level of security for SG infrastructure

• Develop a new set of minimum security requirements

• Develop a cyber security implementation plan

Deliverables• Risk Assessment report

• Security requirement report

Step 1 Step 2

9

Risk Assessment and Security Requirements Step 1 Step 2

• Stakeholder oriented risk assessment process, tracing requirements to the risks

& threats, and stakeholders and their business processes;

• Use EDP’s standard classification risk matrix, where we mapped the likelihood

and impact levels

• Privacy risks were included

Risk Evaluation

• For the scope considered in the project we identified 23 security threat scenarios spread out over 3 domains (DTC, PLC Network, EDP-Box).

Of these threat scenarios:

•9 classified as High priority risks

•14 classified as Medium or Low priority

Risk Prioritization

4 Nr Threat Probability Impact Risk

DTC-4 Unauthorized access to DTC interface from PLC network 4 4 I5

H H H

Values Business Reputation Quality of Service Economic

very high high medium low very low

(f≤0,5) (1≥f>0,5) (2≥f>1) (5≥f>2) (f≥5)

5 4 3 2 1

5

very critical

Can cause death or

permanent and serious

disability of people

Can cause significant damage to

the environment, over a period

exceeding five years

- International

- National with potential

repetition in the media

TIEPI MT ≥ 3 R ≥ 4500 I1 I2 I4 M5 M1

4

critical

May require

hospitalization

Can cause significant damage to

the environment, over a period up

to 5 years

- National

- Regional with potential

repetition in the media

3 > TIEPI MT ≥ 1,33 4500 > R ≥ 2000 I3 I5 M6 M2 A10

3

high significanceMay require medical treatment

Can cause minor damage to the

environment, over a period

exceeding 5 years

- Regional

- Local with potential repetition

in the media

1,33 > TIEPI MT ≥ 0,5 2000 > R ≥ 750 I6 M7 M3 A9 A6

2

average meaning

May require

first aid

Can cause minor damage to the

environment, over a period up to 5

years

Local News 0,5 > TIEPI MT ≥ 0,17 750 > R ≥ 250 M8 M4 A8 A5 A3

1

low significanceNo impact No material impact

No external impact

the group0,17 < TIEPI MT 250 > R A11 A7 A4 A2 A1

*grid outage minutes k€ I = Intolerable M = Medium A = Acceptable

minutes (with

correspondence

1 500 k € / min)

ImpactFrequency

Sustainability

Average period between occurences (years)

Seve

rity

Indicators

Pe

op

le S

afe

ty

Envi

ron

me

nt

Re

pe

rcu

sio

n in

the

Me

dia

an

d

Po

pu

lati

on

Inte

rnal

TIE

MT

(Min

) (E

DP

Bas

e)*

Re

sult

s (k

€)

10

Risk Assessment and Security Requirements Step 1 Step 2

Security without jeopardizing any of the Smart Grid Uses Cases and to much complexity

Challenges that have to be met…

Identify the security requirements to mitigate or reduce the main risks identified during a Risk Assessment

Traceability of each of the requirements to the risks & threats, and stakeholders and their business processes

Involve vendors in the process to align & assess the financial-, technical- and operational impact

Develop a baseline for future security technical specifications

They are aligned with EC positioning and several European Smart Grid Projects

11

• Convert the security requirements into detailed specifications

• Create the security processes required by security

• Support Key Management: Solution and Integration in SG environment

• Develop and Test the components and assure their interoperability

− New secure devices

− Existing devices with security upgrade

• Proceed with vendor qualification Process and EDP-Box & DTC's Tenders

Roll-out of the new EDP Security Requirements Step 1 Step 2

12


The new security requirements of the Inovgrid architecture are applicable to existing and future devices,and consider the introduction of a new component – KMF (Key Management Facility)

KMF

The DTCs and EDP Boxes will be developed with security requirements

New component for managing cryptographic material (generation, storage and distribution of keys via AMI)

HE systems will be adapted to support encrypted communications

13


ENCS: a non-profit organization that brings together Utilities (members) and Cybersecurity specialists (partners) in the European development of the critical energy infrastructure.

Indra: Consulting and Technology multinational with experience in the implementation of security projects in various sectors (incl. SG)

• EC alignment – Engagement in various cybersecurity and data protection initiatives and projects for Smart Grids.

• Recognized experts in the area of Cybersecurity in the Energy sector

• EDP Distribuição is a member

• Experience in a similar process – leading the implementation of the Cyber Security and Privacy project of Iberdrola

• Geographical proximity (for operational activities)

• Alignment of solution with other Iberian counterparts

Besides a multidisciplinary team from EDPD, we sought help from 2 organizations, taking advantage of each’s strengths without compromising the success and quality of the results.

14


WP1: Security

Solution

• Review of the

requirements defined in

Step 1.

• Definition of Inovgrid's

future cyber security

and privacy architecture

• Definition of the security

principles of the new

solution.

WP2: Technical

Specifications

• Development Technical

Specifications

Equipment and HES.

• Development of security

key management

solution and processes.

WP3:

Implementation

• Technical support to:

- the development of

equipment;

- HES development

and integration of

KMS

WP4: Security and

Integration Testing

• Penetration tests on

equipment and HES.

• Integration tests of all

equipment, HES and the

KMF.

WP5: Field Pilot

• Global system

performance tests in pilot

environment.

• Impact analysis of the of

the security requirements

on overall system

performance.

WP0: Overall Supervision of activities and Quality Assurance

• Supervision of all the activities and guarantee of alignment of all the activaties executed in the different WP.

• Assuring the conformity and quality of results.

15


WP1: Security

Solution

• Review of the


Step 1.






solution.

WP2: Technical

Specifications


Specifications

Equipment and HES.


key management


WP3:

Implementation



equipment;

- HES development

and integration of

KMS

WP4: Security and

Integration Testing


equipment and HES.



KMF.

WP5: Field Pilot

• Global system


environment.



on overall system

performance.




16


WP1: Security

Solution

• Review of the


Step 1.






solution.

WP2: Technical

Specifications


Specifications

Equipment and HES.


key management


WP3:

Implementation



equipment;

- HES development

and integration of

KMS

WP4: Security and

Integration Testing


equipment and HES.



KMF.

WP5: Field Pilot

• Global system


environment.



on overall system

performance.




17


WP1: Security

Solution

• Review of the


Step 1.






solution.

WP2: Technical

Specifications


Specifications

Equipment and HES.


key management


WP3:

Implementation



equipment;

- HES development

and integration of

KMS

WP4: Security and

Integration Testing


equipment and HES.



KMF.

WP5: Field Pilot

• Global system


environment.



on overall system

performance.




New devices with full list of requirements Existing devices with limited firmware-upgreadable

requirements

18


WP1: Security

Solution

• Review of the


Step 1.






solution.

WP2: Technical

Specifications


Specifications

Equipment and HES.


key management


WP3:

Implementation



equipment;

- HES development

and integration of

KMS

WP4: Security and

Integration Testing


equipment and HES.



KMF.

WP5: Field Pilot

• Global system


environment.



on overall system

performance.




Jan - Mar 2017 Abr - Sept 2017 Oct 2017 - Jun 2018 Jan - Sept 2018 Sept – Dec 2018

19


• Security by design would make everything easier

• If the challenge is too complex - first plan and structure, then do

• …however…don’t take too much time (ongoing rollout)

• A collective effort makes things easier

• Promote standard solutions for SG security

• Keep investing in Cybersecurity …

Key Take-Aways

EDP Distribuição Road to Reality: Rolling-out a Secure Smart Grid

Thank you for your attention

Nuno [email protected]

edp distribuição road to reality: rolling-out a secure ... · edp distribuição road to reality:...

Documents