Cyber Security and the Smart Grid - PowerPoint PPT Presentation

About This Presentation
Title:

Cyber Security and the Smart Grid

Description:

* * * Cyber Security and the Smart Grid George W. Arnold, Eng.Sc.D. National Institute of Standards and Technology (NIST) U.S. Department of Commerce george.arnold_at_ ... – PowerPoint PPT presentation

Number of Views:333
Avg rating:3.0/5.0
Slides: 20
Provided by: seb65
Category:

less

Transcript and Presenter's Notes

Title: Cyber Security and the Smart Grid


1
(No Transcript)
2
Cyber Security and the Smart Grid
  • George W. Arnold, Eng.Sc.D.
  • National Institute of Standards and Technology
    (NIST)
  • U.S. Department of Commerce
  • george.arnold_at_nist.gov

3
The Electric Grid
One of the largest, most complex infrastructures
ever built
The supreme engineering achievement of the 20th
century - National Academy of Engineering
4
Electric Grid in the U.S.
  • 3,200 electric utility companies
  • 17,000 power plants
  • 800 gigawatt peak demand
  • 266,000 km of high-voltage lines
  • 10 million km of distribution lines
  • 140 million meters
  • 1 trillion in assets
  • 350 billion annual revenues

5
The Electric Grid Today
Generation
Transmission
Distribution
Markets and Operations
Customer Use
One-way flow of electricity
  • Centralized, bulk generation, mainly coal and
    natural gas
  • Responsible for 40 of human-caused CO2
    production
  • Controllable generation and predictable loads
  • Limited automation and situational awareness
  • Lots of customized proprietary systems
  • Lack of customer-side data to manage and reduce
    energy use

6
Smart Grid Goals
  • Enable customers to reduce energy use
  • Increase use of renewable sources
  • Improve reliability and security
  • Facilitate infrastructure for electric vehicles

7
What Will the Smart Grid Look Like?
Energy management systems
Dynamic pricing
Distributed generation and microgrids
High use of variable renewables
Distributed storage
Electric vehicles
Bidirectional metering
Smart appliances
Smart meters and real time usage data
Ubiquitous networked sensors
8
Smart Grid The Energy Internet


2-way flow of electricity and information
Standards Provide a Critical Foundation
Graphics courtesy of EPRI
9
Current Grid Environment
  • Legacy SCADA systems
  • Limited cyber security controls currently in
    place
  • Specified for specific domains bulk power
    distribution, metering
  • Vulnerabilities might allow an attacker to
  • Penetrate a network,
  • Gain access to control software, or
  • Alter load conditions to destabilize the grid in
    unpredictable ways
  • Even unintentional errors could result in
    destabilization of the grid

10
Threats to the Grid
  • Deliberate attacks
  • Disgruntled employees
  • Industrial espionage
  • Unfriendly states
  • Organized crime
  • Inadvertent threats
  • Equipment failures
  • User/Administrator errors
  • Natural phenomena
  • Weather hurricanes, earthquakes
  • Solar activity

11
New Risks
  • Greater complexity increases exposure to
    potential attackers and unintentional errors
  • Linked networks introduce common vulnerabilities
  • Denial of Service type attacks
  • Increased number of entry points and paths
  • Compromise of data confidentiality or customer
    privacy

12
Ensuring Security and Privacy
13
Smart Grid an Opportunity
  • Modernization provides an opportunity to improve
    security of the Grid
  • Integration of new IT and networking technologies
  • Brings new risks as well as an array of security
    standards, processes, and tools
  • Architecture is key
  • Security must be designed in it cannot be added
    on later

13
14
Cyber Security Working Group
  • Building cyber security in from the start has
    been a paramount concern
  • Permanent Working Group
  • Over 460 public and private sector participants
  • August 2010 NIST publishes Guidelines for Smart
    Grid Cyber Security
  • Reflects Comments on Sept 2009 and Feb 2010 Draft
    Smart Grid Cyber Security Strategy and
    Requirements
  • Guideline includes
  • Risk assessment guidance for implementers
  • Recommended security requirements
  • Privacy recommendations

14
15
Guidelines for Smart Grid Cyber Security
  • NIST Interagency Report 7628 - August 2010
  • Development of the document lead by NIST
  • Represents significant coordination among
  • Federal agencies
  • Private sector
  • Regulators
  • Academics
  • Document includes material that will be used in
    selecting and modifying security requirements

15
16
NISTIR 7628 What it IS and IS NOT
  • What it IS
  • A tool for organizations that are researching,
    designing, developing, and implementing Smart
    Grid technologies
  • May be used as a guideline to evaluate the
    overall cyber risks to a Smart Grid system during
    the design phase and during system implementation
    and maintenance
  • Guidance for organizations
  • Each organization must develop its own cyber
    security strategy (including a risk assessment
    methodology) for the Smart Grid.
  • What it IS NOT
  • It does not prescribe particular solutions
  • It is not mandatory

16
17
NISTIR 7628 Content
  • The NISTIR includes the following
  • Executive Summary
  • Chapter 1 - Overall cyber security strategy for
    the Smart Grid
  • Chapter 2 High level and logical security
    architecture
  • Chapter 3 High level security requirements
  • Chapter 4 Cryptography and key management

17
18
NISTIR 7628 Content (Continued)
  • Chapter 5 - Privacy and the Smart Grid
  • Chapter 6 Bottom-up security analysis of the
    Smart Grid
  • Chapter 7 RD themes for cyber security in the
    Smart Grid
  • Chapter 8 Overview of the standards review
  • Chapter 9 Key power system use cases for
    security requirements
  • Appendices A - J

18
19
Further Information
  • Web portal http//www.nist.gov/smartgrid
  • Contact
  • George Arnold, National Coordinator
  • Email george.arnold_at_nist.gov
  • Telephone 1.301.975.2232
Write a Comment
User Comments (0)
About PowerShow.com