SMART GRID COMMUNICATIONSECURITY

EE5970 Computer Engineering Seminar

Professor : Dr. Zhuo feng

OVERVIEW

• Introduction

• History

• Why do we need cyber security

• How do we achieve it

• Summary

• Conclusion 204/19/23 Cyber security for smart grid

What is smart grid

• Smart grids – add communication capabilities and intelligence to traditional grids

• What enables smart grids I. Intelligent sensors and actuatorsII. Extended data management systemIII.Expanded two way communication between

utility operation system facilities and customersIV.Network security

304/19/23 Cyber security for smart grid

Primary objectives of smart grids

• National integration

• Self healing and adaptive –Improve distribution and transmission system

operation

• Allow customers freedom to purchase power based on dynamic pricing

• Improved quality of power-less wastage

• Integration of large variety of generation options

404/19/23 Cyber security for smart grid

Economic and social benefits of smart grids

• Provide Customer Benefits• Reduce Peak Demand• Increase Energy Conservation & Efficiency• Reduce Operating Expenses• Increase Utility Worker Safety• Improve Grid Resiliency and Reliability• Reduce Greenhouse Gas Emissions• Promote Energy Independence• Promote Economic Growth & Productivity

504/19/23 Cyber security for smart grid

HISTORY

Need to automate

704/19/23 Cyber security for smart grid

Transformation from mechanical relays to microprocessors

GE CFD Intel 4004

804/19/23 Cyber security for smart grid

Intelligent electronic devices (IED)explosion

• Protection relay • Auxiliary relay • Cheap contractors• Remote terminal units • Circuit breaker monitor• Revenue meters• Solar flare detectors • Power quality monitors• Phasor measurement units• Communication processors• Communication alarm etc

904/19/23 Cyber security for smart grid

Telecontrol

• SCADA (North America)• Different protocols for different operations • Proprietary protocols (more than 100)• Modbus• DNP• IEC61850

1004/19/23 Cyber security for smart grid

SCADA Protocols list (Not complete list )

• Siemens quad 4 meter• CONITEL 2000• CONITEL 2100• CONITEL 3000• CONITEL 300• HARRIS 5000• HARRIS 5600• HARRIS 6000• UCA 2.0 or MMS• PG & E 2179• MODBUS• DNP3• ICCP • IEC 61850

1104/19/23 Cyber security for smart grid

Few existing general protocols

• MODBUS -Primitive with no security and not very extensible

• DNP3 –Advanced SCADA protocol• DNP1 and 2 are proprietary protocols • IEC 61850 the most used protocol for new

implementations • ICCP

1204/19/23 Cyber security for smart grid

ARCHITECTURE OF SMART GRIDS

Architecture of smart grids

14Source : Fluke corporation

04/19/23 Cyber security for smart grid

Architecture of communication infrastructure [1]

1504/19/23 Cyber security for smart grid

Communication media used for smart grids[1]

• Urge for new FCC allocation for smart grids • PLC –Power line carriers• Ethernet • WLAN • Zigbee• Bluetooth• Optical fiber • Microwave etc

1604/19/23 Cyber security for smart grid

Priority and types of information

17Communication model , source: NIST Vol 104/19/23 Cyber security for smart grid

Why ?

• Network security is a priority and not a add on for smart grids

• Protecting control center alone - not enough• Remote acess to devices• Qos requirement from security system • Safety (line worker public and equipment)• Reliability and availability

1804/19/23 Cyber security for smart grid

Physical Manifestation

19Source : YouTube

04/19/23 Cyber security for smart grid

Different communication systems[4]

2004/19/23 Cyber security for smart grid

Adversaries[5]

• Nation states• Hackers • Terrorist /Cyber terrorists• Organized crime• Other criminal elements• Industrial competitors• Disgruntled employees• Careless and poorly trained employees

2104/19/23 Cyber security for smart grid

Classification of attacks

• Component based attacks

• Protocol based attack

2204/19/23 Cyber security for smart grid

COMPONENT BASED ATTACKS

COMPONENT BASED ATTACK -STUXNET

• Specifically programmed to attack scada and could

reprogram PLC’s

• Zero day attack

• Highly complex

• 0.5 Mb file transferred able to multiply

• Targets- Iran nuclear plants ,Process plants in Germany and

ISRO India

Source: wikipedia

2404/19/23 Cyber security for smart grid

SCADA attacks

• Internal attacks Employee Contractor

• External attacks Non specific- malware , hackers Targeted

Special knowledge – former insider No special knowledge –hacker terrorist

Natural disaster Manmade disasters

2504/19/23 Cyber security for smart grid

Scada vulnerability points

• Unused telephone line – war dialing

• Use of removable media – stuxnet

• Infected Bluetooth enabled devices

• Wi-Fi enabled computer that has Ethernet connection to scada

system

• Insufficiently secure Wi-Fi

• Corporate LAN /WAN

• Corporate web server email servers internet gateways

2604/19/23 Cyber security for smart grid

CYBER ATTACKS ON SCADA

• Web servers or SQL attacks

• Email attacks

• Zombie recruitment

• DDOS attacks

2704/19/23 Cyber security for smart grid

Protocol based attacks

• All protocols runs on top of IP protocol and IP protocol has its own

set of weakness

• DNP3 implements TLS and SSL encryption which is weak

• The protocol is vulnerable to out-of-order, unexpected or

incorrectly formatted packets

• A significant weakness for IEC 61850 is that it maps to MMS

(Manufacturing message specification)as the communications

platform, which itself has a wide range of potential vulnerabilities

2804/19/23 Cyber security for smart grid

Unique security challenges in smart grids

• Scale

• Legacy devices

• Field location

• Culture of security through obscurity

• Evolving standards and regulations

2904/19/23 Cyber security for smart grid

How ?

• Security by obscurity

• Trust no one

• Layered security framework

• Efficient firewall

• Intrusion detection

• Self healing security system

3004/19/23 Cyber security for smart grid

Key management[1]

• Issue of key management – Scale

• PKI with trusted computing elements-

considerable amount of security

• Embedded computing Vs general purpose

computing

3104/19/23 Cyber security for smart grid

Basic PKI Infrastructure [1]

3204/19/23 Cyber security for smart grid

Issues with PKI[3]

• Updating the keys

• Parameter generation

• Key distribution

• Staffing for key management

3304/19/23 Cyber security for smart grid

Types of security[1]

• Reactive Vs Proactive security • Reactive

– Incident response plan – Applied for general purpose computers more

• Proactive Security for embedded computers • High assurance boot • Secure software validation• Secure association termination if found infected • Device assertation

3404/19/23 Cyber security for smart grid

Incidence response plan[1]

3504/19/23 Cyber security for smart grid

Attack trees for assessment of cyber security[2]

3604/19/23 Cyber security for smart grid

Calculation of cyber security conditions (omega)

3704/19/23 Cyber security for smart grid

Weighing factor for password policy

3804/19/23 Cyber security for smart grid

Calculations of vulnerability index

• Leaf VI : max( total countermeasures implemented /total countermeasures available x ω , ω x weighing factor of password policy)

• Scenario vulnerability index : Product of its leaf vulnerability indices

• System vulnerability index is the max of all scenario vulnerabilities indices

3904/19/23 Cyber security for smart grid

Use of attack trees to assess security

4004/19/23 Cyber security for smart grid

Summary

• Different security constraints that makes securing smart

grids a difficult problem

• Several highly efficient adversaries

• Use existing protocols like IP with known vulnerabilities and

work around to using new protocols with unknown

vulnerabilities

• Use of layered security architecture and attack tree’s for

efficient security and risk assessment

4104/19/23 Cyber security for smart grid

Groups working on smart grids• UCA International user group

www.ucaiug.org • International electrochemical commission

www.iec.ch • Electric power research institute

www.epri.com • Intelligrid consortium and architecture

www.intelligrid.epri.com • IEEE smart grid

www.smartgrid.ieee.org • NIST

csrc.nist.gov

4204/19/23 Cyber security for smart grid

Conclusion

• 25% of united states already runs smart grids

• Any tiny vulnerabilities should be not be compromised

• Scalable and adaptable security system

• Light weight and self healing capabilities

• Hybrid between centralized and distributed

• Impenetrable and fail proof

• Security should be real time

4304/19/23 Cyber security for smart grid

References[1] Metke, A.R.; Ekl, R.L.; , "Security Technology for Smart Grid Networks," Smart Grid, IEEE

Transactions on , vol.1, no.1, pp.99-107, June2010 doi: 10.1109/TSG.2010.2046347

[2] Chee-Wooi Ten, Chen-Ching Liu, and Manimaran Govindarasu, "Vulnerability Assessment of Cybersecurity for SCADA Systems," IEEE Transactions on Power Systems, vol. 23, no. 4, pp. 1836-1846, Nov. 2008

[3] Khurana, H.; Hadley, M.; Ning Lu; Frincke, D.A.; , "Smart-Grid Security Issues," Security & Privacy, IEEE , vol.8, no.1, pp.81-85, Jan.-Feb. 2010doi: 10.1109/MSP.2010.49URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5403159&isnumber=5403138

[4] Dong Wei; Yan Lu; Jafari, M.; Skare, P.; Rohde, K.; , "An integrated security system of protecting Smart Grid against cyber attacks," Innovative Smart Grid Technologies (ISGT), 2010 , vol., no., pp.1-7, 19-21 Jan. 2010doi: 10.1109/ISGT.2010.5434767URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5434767&isnumber=5434721

[5] NIST guidelines for smart grid security Vol 1

4404/19/23 Cyber security for smart grid

THANK YOU FOR LISTENING