Title: Cyber Threats/Security and System Security of Power Sector Workshop on Crisis
1Cyber Threats/Security and System Security of
Power SectorWorkshop on Crisis Disaster
Management of Power Sector
- P.K.Agarwal, AGM
- Power System Operation Corporation
- pk.agarwal_at_posoco.in
2Security
3Security Acronyms
- Threat
- Cyber Space
- Cyber Threat
- Security
- Vulnerability
- Risk
- Risk Management
- Vulnerabilities
- Security vs Cyber Security
- Information Security vs System Security
- Defense-in-depth
4What is Security
Unauthorised access to Infomation
Confidentiality
CIA Triad
Unauthorised Modification or Theft of Infomation
Integrity
Denial of Service or Prevention of Authorised
Access
Availability
E-Commerce
Authentication
The individual is who he claims to be.
Accountability Denial of Action That took place,
or claim of Action that did not take place
Non-Repudiation
5Security concerns for power sector
6Concerns
- Current power grid depends on complex network of
computers, software and communication
technologies. - If compromised, have the potential to cause
great damages. - A cyber attack has the unique in nature that it
can be launched through - public network
- from a remote location
- Form any where in the world.
- Coordinated to attack many locations
7More Concerns
- The legacy communication method used for grid
operations also provide potential cyber attack
paths. - Many cyber vulnerabilities in Supervisory Control
and Data Acquisition (SCADA) System have been
surfaced. - Level of automation in substations is
increasing, which can lead more cyber security
issues. - Recent study have shown that the deployed
components have significant cyber
vulnerabilities.
8Still More Concerns
- Increasing use of standard and open system
Security by Obscurity is no more valid. - Efforts of energy sector to
- uncover system vulnerabilities develop
effective countermeasures have prevented
serious damages to electric supply chain. - Some of these vulnerabilities are in the process
of being mitigated. - However, attack on energy control systems have
been successful in many cases.
9What is Security? Some Key Concepts
- For power systems, keeping the lights on is the
primary focus. Therefore the key security
requirements are Availability and Integrity, not
Confidentiality (AIC, not CIA) - Encryption, by itself, does not provide security.
- Security threats can be deliberate attacks OR
inadvertent mistakes, failures, and natural
disasters. - The most dangerous attacker is a disgruntled
employee who knows exactly where the weaknesses
are the easiest to breach and could cause the
worst damage. - Security solutions must be end-to-end to avoid
man-in-the-middle attacks or failed equipment
from causing denial of service - Security solutions must be layered, so that if
one layer is breached, the next will be there.
Security is only as strong as its weakest link. - Security will ALWAYS be breached at some time
there is no perfect security solution. Security
must always be planned around that eventuality. - Security measures must balance the cost of
security against the potential impact of a
security breach
10Cyber Security in Power System
11To maintain power system reliability, need to
manage both the Power System Infrastructure and
its supporting Information Infrastructure
1.Power System Infrastructure
Photovoltaic systems
12Traditional Security Measures Cannot Meet All
Power System Security Requirements
- Two key security issues for utilities are power
system reliability and legacy equipment - Power systems must continue to operate as
reliably as possible even during a security
attack. - It is financially and logistically impractical to
replace older power system equipment just to add
security measures. - Layered security is critical not only to prevent
security attacks, but also to detect actual
security breaches, to survive during a security
attack, and to log all events associated with the
attack. - Most traditional IT security measures, although
able to prevent and/or detect security attacks,
cannot directly help power systems to continue
operating. - For legacy systems and for non-critical,
compute-constrained equipment, compensating
methods may need to be used in place of these
traditional IT security measures.
13Use of Power System SCADA and Energy Management
Systems for Certain Security Solutions
- One method for addressing these problems is to
use existing power system management technologies
as a valid and very powerful method of security
management, particularly for detecting, coping
with, and logging security events. - Add sensors, intelligent controllers, and
intrusion-detection devices on critical
equipment - Utilize and expand existing SCADA systems to
monitor these additional security-related devices - Expand the SCADA system to monitor judiciously
selected power system information from AMI
systems. - Expand Power Flow analysis functions to assess
anomalous power system behaviors such as
unexpected shifts of load and generation
patterns, and abnormal power flow contingency
analysis results to identify unexpected
situations.
14Challenges and Strategies.
15Challenges
16Barriers
- Cyber threats are unpredictable and evolve faster
than the sectors ability to develop and deploy
countermeasures - Security upgrades to legacy systems are limited
by inherent limitations of the equipment and
architectures - Threat, vulnerability, incident, and mitigation
information sharing is insufficient among
government and industry - Weak business case for cyber security investment
by industry - Regulatory uncertainty in energy sector cyber
security
17Strategies
- Build a culture of security.
- Access and Monitor Risks.
- Develop and Implement New Protective Measures to
reduce Risks. - Manage Incidence.
- Sustain Security Improvements.
- Use of emerging new security technologies like
data-diode.
18Adoption of Security Standards and Framework
- ISO/IEC 27001 - Information Security
Management System. - NERC-CIP Standards-Critical Infrastructure
Protection Standard. - NIST IR 7628 Guidelines for Smart Grid
Cyber Security. - IEC 62351 Series Security Standards Standards
19Road Map for Cyber Security of Grid
- Information Security Management System have been
adopted by every regional load dispatch center. - Each RLDC has been certified by International
Certifying Body (BSI) for ISO 270012005. - SCADA system up gradation is being done with-
- Adoption of Secure ICCP.
- Secure connection between SCADA network and
Enterprise network for cyber security. - Use of air-gap technology like data-diode at
interfacing point between secure and non-secure
network.
20Points to Ponder
- There is nothing like absolute security
- Every requirement is unique and every solution is
unique. - Security comes at a cost need optimization.
- Secure real-time information is a key factor to
reliable delivery of power to the end-users. - Commoditization of electricity means increased
players increased exchange of power increased
requirement of security solution. - Emerging technology like data-diode is an
exciting technology for ensuring cyber security
of critical infrastructure.
21Thankyou