Upload File

smart grid cyber-resilience · this also applies to „our“ energy systems. 14.05.2019 prof. dr....

  • Home
  • Documents
  • Smart Grid Cyber-Resilience · This also applies to „our“ Energy Systems. 14.05.2019 Prof. Dr. S. Lehnhoff | OFFIS | EGRD Workshop 2019 5. Cyber-attacks on the power system in
12
Prof. Dr. Sebastian Lehnhoff Smart Grid Cyber-Resilience

Upload: others

Post on 06-May-2020

0 views

Category:

Documents


0 download

Report

TRANSCRIPT

  • Prof. Dr. Sebastian Lehnhoff

    Smart Grid Cyber-Resilience

  • Three Major Trends

    14.05.2019 Prof. Dr. S. Lehnhoff | OFFIS | EGRD Workshop 2019 2

    1. Conversion of the energy system, e.g.> Many smaller systems, system-critical as a whole> Competition and new business models> Interconnectivity, flexibilization through digitalization

    2. Digitization trends, including> Internet of Things (IoT): several billion devices on the Internet and

    connected to our power grid (televisions, baby monitors, alexa, etc.)> Smart Services, Cloud, Outsourcing, Artificial Intelligence, Big Data,...

    3. Susceptibility to new effects, e.g.> Occurrence of "classic" IT challenges (errors, update management,

    interactions)> Sophisticated cyber-attacks (partly supported by states)

    …that influence the stability of KRITIS Energy

  • Energy Systems are Complex Cyber-Physical Systems

    3

    Diverse tasks in heterogeneous, distributed (sub)systems under different responsibilities

    • Load and flexibility management,• Integration of end customers,• Smart metering.

    • Virtual power plants,• multi-modal optimization,• Sector coupling.

    • Monitoring of the operating states,• Automation yellow traffic light phase,• decentralised system services.

    • Algorithmic energy trading,• Market integration of

    renewable energies.

    • Forecast of network conditions,• Optimized reactive power management,• Detection of anomalies in power and

    communication networks.HV

    MV

    A wide range of entry-points into a safety-critical infrastructure...

    14.05.2019 Prof. Dr. S. Lehnhoff | OFFIS | EGRD Workshop 2019

  • 06.12.2018 OFFIS | 25. SafeTRANS Industrial Day 4

    Komplexe CPS sind theoretisch immer kompromittiert “There are two types of companies:those that have been hackedand those who don‘t know that they have been hacked.“

    John T. Chambers.

    Source: Jérémy Barande

    / Ecole polytechnique Université Paris-Saclay / CC BY-SA 2.0

  • This also applies to „our“ Energy Systems

    14.05.2019 Prof. Dr. S. Lehnhoff | OFFIS | EGRD Workshop 2019 5

    Cyber-attacks on the power system in the Ukraine, 23.12.2015 (and subsequently in 2016)

    > Blackout in Ukraine due to hacker attack

    > 3 Power utilities affected> Operative manipulation of the

    automation systems and decoupling of several transformer stations from the network

    > Several months of preparation

    > Power Systems are high-value targets: how to reliably detect vulnerabilities?

  • ...to critical dependencies and cyber-attacksVulnerabilities

    14.05.2019 Prof. Dr. S. Lehnhoff | OFFIS | EGRD Workshop 2019 6

    Critical attack vectors in energy systems (non exhaustive)> Reconnaissance, data theft> IT/OT-hacking: remote access and control> Data-spoofing: bad data injection, data manipulation,

    excitation of dynamic instabilities/sliding modes

    Existing monitoring systems> Intrusion/anomaly detection abnormal network traffic> State estimation measurement outliers (statistical),

    varying accuracy of measurements

    Not sufficient for detecting critical situations in digitalized energy systems!

  • ...State Assessment based on Trust Facets

    14.05.2019 Prof. Dr. S. Lehnhoff | OFFIS | EGRD Workshop 2019 7

    HV

    MV-12,4 kW-2,3 kVAR

    8,2 kW0,7 kVAR

    9,4 kW1,2 kVAR

    3,4 kW0,3 kVAR

    8,1 kW0,6 kVAR

    8,4 kW0,9 kVAR

    I. Functional Correctness

    II. Safety

    III. Security

    IV. Reliability

    V. Credibility

    VI. Usability, Understandability

    Trus

    t Fac

    etsof Measurement Data

    > All conceivable attack vectors manifest themselves in a combination of (violated) trust facets

    > What to do with this multivariate assessment?> E.g. substitute measurements with

    historical/simulated values?> Do nothing?

    > What is the worst that could happen?

    Dynamic Accuracy w.r.t. Operational Margin of Error (State Estimation)

    IT Health Monitoring

    Intrusion/Anomaly Detection Systems

    (Historical) Network/QoS Monitoring

    (Historical) Contextual Trust Information

    Expert Operator

    Input Sources

    0.40.90.80.30.90.7 ?

  • HV

    MV

    The Concept of Adversarial Resilience Learning

    14.05.2019 Prof. Dr. S. Lehnhoff | OFFIS | EGRD Workshop 2019 8

    Competing agents learn by interacting on a shared environment

    „Attacker“Agent

    „Defender“Agent

    Shared Environment(Digital Twin of a CPS)

    Interaction via Sensors and

    Actuators

    Action Action

    Observation Observation

  • Use Case: Resilient Systems Analysis and Training

    14.05.2019 Prof. Dr. S. Lehnhoff | OFFIS | EGRD Workshop 2019 9

    Variations of ARL

    Analysis – only Attacker> Test laboratory for resilient systems> Attacker explores vulnerabilities> "Conquest" of the system> Attack vectors/results as a basis for

    analysis

    Training – Attacker and Defender> AI for automated operation> Resilience strategies of the overall

    system> Attacker trains defender> Attacks: not only malicious, but also

    natural environmental factors> forecast deviations> Damage caused by accidents etc.

    What about the obvious ethical dilemma?

    > ARL as "assault weapon"?> License as a solution?> Making “laws of robotics”

    inherent by transfer learning?

  • Prevention of (sub-)system takeover as a secondary problemDemo: Attack on a Power System

    14.05.2019 Prof. Dr. S. Lehnhoff | OFFIS | EGRD Workshop 2019 10

    HV

    MV

    Time

    Syst

    em P

    erfo

    rman

    ce

    Attack Attack

    Countermeasure

    Countermeasure

    Attacker AI Defender AI

    Smart GridCyber-Resilience Lab

  • Digitalization is indispensable for flexible energy systems (and highly vulnerable at the same time)Conclusion and Outlook

    14.05.2019 Prof. Dr. S. Lehnhoff | OFFIS | EGRD Workshop 2019 13

    Traditional means/methods have been proven to miss:> Vulnerabilities to interdependent/dynamic failures> Specialized/targeted attacks

    Multivariate impact analysis necessary> Basis for (automated) decision-making during operation (“always

    compromised”)> Risk-based investments in countermeasures?

    ARL as an AI-based game-theoretic approach to vulnerability testing (CPS modelling)

    > Equilibria more relevant (and achievable) than “absolute” safety

    There is no way back from digitalized energy systems!> Most promising answer against highly specialized/targeted

    attacks is Operational Flexibility (on-line change of system characteristics) for Cyber-Resilience!

    Smart GridCyber-Resilience Lab

    Foliennummer 1Three Major TrendsEnergy Systems are Complex Cyber-Physical SystemsFoliennummer 4This also applies to „our“ Energy SystemsVulnerabilitiesState Assessment based on Trust FacetsThe Concept of Adversarial Resilience LearningUse Case: Resilient Systems Analysis and Training Demo: Attack on a Power SystemFoliennummer 12Conclusion and Outlook


Title: Cyber Table Top Cyber Table... · 3 Cyber Table Top. 4 Cyber Table Top. 5 Cyber Table Top. 6 Cyber Table Top. 7 Cyber Table Top. Cyber Table Top (CTT ) • Input to Controls

UG TT - Raj Rishi Bhartrihari Matsya University TT.pdf · Eng. Lit-Il 06.05.2019 08.05.2019 09.05.2019 10.05.2019 11.05.2019 13.05.2019 14.05.2019 15.05.2019 16.05.2019 1105.2019

Cyber Crime & Cyber War

Utilizing cyber intelligence to combat cyber adversaries (OA Cyber Summit)

Cyber, cyber everywhere: Is your cyber strategy everywhere ... · Cyber, cyber everywhere 67 this, each cyber solution requires a level of bespoke customization that makes every solu-tion

Cyber Crime: Cyber-Bullying

cyber crime & cyber law

The DFB-Ligapokal 1997 (GER) - The Overview File · Ferreira da Rosa, Markus Happe - Hans-Peter Lehnhoff (75. René Rydlewicz), Niko Kovaþ, Stefan Beinlich - Ulf Kirsten, PAULO Roberto

Bullying, Cyber-bullying & Cyber-Integrity

Brussels June-11-2015 Cyber-Security Cyber-Protection Cyber-Sustainability

Cyber-savvy Cyber-safety

Cyber Crimeand Cyber Laws

Cyber-safety, Cyber-security, Cyber-ethics, (C3) Digital Literacy Skills

AYURVED BROCHURE 14.05.2019 final - iconference.iniconference.in/nbloom/fckuploads/file/Ayurved Brochure Saundarya 2019.pdf · 91-9555269393, 91-9990269393, [email protected],

Knowing cyber risks is essential to manage cyber liabilities CYBER SECURITY TO REDUCE CYBER LIABILITY

Rapid Clearance Profile of Plasma Circulating Tumor HPV ... · 14.05.2019  · 79 favorable clearance profile, and none had persistent or recurrent regional disease after CRT. In

45BW-5e-20190530091111...2019/05/15  · Proces-verbal Sedinta extraordinarä din data de 15.05.2019 Prin Dispozitia primarului nr. 334/14.05.2019 a fost convocat Consiliul Local al

Cyber Crimes & Cyber War

Cyber, cyber everywhere: Is your cyber strategy everywhere

COMPARISON OF SIX WEATHER BASED RISK MODELS FOR …agro.au.dk/fileadmin/euroblight/Workshops/York/Presentations_and... · Foto: Vinh Hong Le. OVERVIEW Anne-Grete Roer Hjelkrem 14.05.2019

ideas that work. - Screening & Crushing Attachments · Everything can be made. Apart from compromises. Full-Liner One idea, an infinite number of possibilities. Hence the Lehnhoff

Annex 48 Industrial Heat Pumps Workshop · Annex 48 –Industrial Heat Pumps Workshop 14.05.2019 –Tokio Benjamin Zühlsdorf, [email protected], +45 7220 1258

María José González, FCG Sofía Paredes, FCG Claudia ... · PDF fileJuan José Dada, TNC Andreas Lehnhoff, TNC Juan Carlos Godoy PROARCA-APM Con la Colaboración Técnica de: The

Cyber Security Specialist Information Security • Cyber ... · Cyber Security • Security Analyst • Cyber Security Specialist Information Security • Cyber Operations Manager

Multiple Herbicide Resistance in Wild Oat and Impacts on ... · Multiple Herbicide Resistance in Wild Oat and Impacts on Physiology, Germinability, and Seed Production Erik A. Lehnhoff,*

Bechtle AG – Company Presentation53d88781-9798-4e78... · Contents. 14.05.2019 Bechtle AG | Company Presentation 2 1. Introduction of Bechtle AG. Business Model Shareholders 2

Cyber-Crime, Cyber- Warfare, Cyber- Conflict€¦ · 270k quiz-takers -> 87M friends of quiz-takers ... What next? Prepare for Stormy weather: Cyber-Crime, Cyber-War, Cyber-Conflict

ppt -Cyber Crime, Cyber Security and Cyber Laws

WAUKESHA COUNTY ARROWHEAD HIGH SCHOOLmlb.mlb.com/mil/downloads/y2009/sa_waukesha.pdf · 2020-04-22 · Koeble, John 11 Lee, Seungjoo 9 Lehnhoff, Michelle 9 Leis, Erica 9 Manikowski,

SACsac.ap.gov.in/sac/UserInterface/Downlaods/UCs and... · 13.08.2015 130.00 100.00 30.00 14.05.2019 29.30 0.00 29.30 12.03.2016 234.22 234.22 0.00 02.07.2018 491.79 259.31 232.48

Autism Spectrum Disorders (ASDs) Servicesand the production of the report. Rekha Varghese, Lauren Focazzo, Nathan Lehnhoff, and ra ... local governments, advocacy groups, and people

Deloitte’s Cyber Risk capabilities Cyber Strategy, Secure ... · Deloitte’s Cyber Risk portfolio 06 Cyber Strategy 07 Cyber Strategy, Transformation, and Assessments 08 Cyber

Bridging Connections to Rebuild a Neighborhood By James Lehnhoff Rio Roland Wenling Chen May 7 th 2003

Výrobní výjimka z ochranného dodatkového osvědčení · 14.05.2019 1 Výrobní výjimka z ochranného dodatkového osvědčení Mgr. Martin Mátl Certifikovaný Regulatory Affairs

LISA JANE REW - Montana State Univweedeco.msu.montana.edu/faculty/lisa_rew/documents/... · 2020. 6. 22. · Lehnhoff EA, Rew LJ, Zabinksi CA, and Menalled FD (2012) Impacts of tamarisk