Smart Grid Cyber Security. The Smart Grid. What is a Smart Grid?

GE Energy Smart Grid Cyber Security John D. McDonald, P.E. GM, T&D Marketing IEEE PES Past President IEEE Division VII Director IEEE Fellow POWERING...
Author: Sibyl Simmons
4 downloads 0 Views 502KB Size
GE Energy

Smart Grid Cyber Security John D. McDonald, P.E. GM, T&D Marketing IEEE PES Past President IEEE Division VII Director IEEE Fellow

POWERING POTENTIA L

The Smart Grid

What is a Smart Grid? The integration of two infrastructures

… to provide customer value Increases energy efficiency and operational productivity

Electrical infrastructure

Increases power system reliability and quality of service Empowers everyone to meet environmental objectives

Information infrastructure

An Integrated ‘Systems’ Solution to a Complex Set of Challenges 2/ GE /

The Power Delivery System of the Future Must Have Advanced Capabilities To achieve benefits identified by stakeholders, the intelligent grid must be: Self-Healing and Adaptive to correct problems before they become emergencies Interactive with consumers and markets Optimized to make best use of resources and equipment i t Predictive rather than reactive, to prevent emergencies ahead rather than solve after Distributed assets and information across geographical and organizational boundaries Integrated to merge all critical information More Secure from threats from all hazards Enabling The Power Delivery System of the Future Don Von Dollen - EPRI IntelliGrid, April 6, 20053 /

GE /

1

Smart Grid Simplified Architecture Utility Offices

Corporate Security Server

Operational Bus Operational Systems

Non-Operational Systems

Mobile Workforce

Backhaul Networks

T&D Sub-Stations

Distribution Networks

Station LAN

I/O

Protection Merging Unit

Monitoring & Diagnostics

Renewable Generation

Distribution Devices Home LAN Switches & Reclosers

Caps

Customer Portal

Meters

Smart Homes

DSM Dist. Gen.

4/ GE /

Cyber Security Standards NERC CIP “To reduce risks to the reliability of the bulk electric systems from any compromise of critical cyber assets (computers, software and communication networks) that support those systems.”

5/ GE /

Network Security NERC Cyber Security (Draft 4 approved)

CIP-002-01 Critical Cyber Assets CIP-003-01 Security Management Controls CIP-004-01 Personnel & Training CIP-005-01 Electronic Security CIP-007-01 Physical Security CIP-008-01 Systems Security Management CIP-009-01 Incident Reporting and Response Planning http://www.nerc.com/~filez/standards/Cyber-Security-Permanent.html 6/ GE /

2

Secure Substation Architectures Key NERC Security Requirements: • Define Critical Cyber Assets • Define & Create Electronic Security Perimeters • Provide Support Dial-up and/or Wide Area Networks • Track and Report Access by User – Audit Trail of Success or Failure • Remove User Access (in 24 hours) for Termination for Cause • Provide for User Access Rights – Gateway & IEDs • Strong Two Factor User Authentication for Interactive Access • Disable Unused Ports And Services • Appropriate Use Banner • Malicious Software Prevention Other Common Security Requirements: • Support access to SCADA and Non-SCADA Data • Communication Line Encryption • Support Centralized Security Management

7/ GE /

Failure Mode and Effects Analysis of Security 1.

Function: Describe the function to be analyzed to secure against a specific cyber incident. Failure Mode: Understanding the threat Failure Causes: Understanding the types of attacks Identify Failure Effects and Criticality: How serious are the consequences Understand Solutions: What are the current methods of securing against the attack? Match solution to analysis: Establish a Security system to match the analysis

2. 3. 4 4. 5. 6.

8/ GE /

Simplified Smart Grid Architecture Utility Offices

Security Server Operational Bus Operational Servers

T&D Sub-Stations

Non-Op Servers

IED

Backhaul Networks

IED

Distribution Networks

Station LAN

IED IED Protection

IED I/O

IED Monitoring & Diagnostics

Mobile Workforce

Renewable Generation

Distribution Devices

IED

Home LAN

IED IED IED Meters

IED IED

9/ GE /

Smart Homes

3

Smart Grid Functionality • • • • • • • • •

Information & Data Access Device Control System or End Device Configuration Network Management and Performance Automation Systems Databases Data Calculations Cyber Security Physical Security 10 / GE /

Understanding the Threat Protecting against • The Hacker • The Vandal • The Terrorist • The Disgruntled Employee • The Competitor • The Customer • The Security System

Types of attack • Eavesdropping • Traffic Analysis • Replaying • Spoofing • Cracking C ki • Social Engineering • Denial of Service • Destruction • Reconfigure • Malware 11 / GE /

Understanding Consequences and Risks Analysis of Areas of Attack: Control – Take control of switches (meters or substations) Information – Interrupt or corrupt data flow Configuration – Change configuration to open door for future action Safety – Compromise safety of people or things 12 / GE /

4

Strong Security Techniques • RADIUS server – Centralized security server with AAA – Authentication, Authorization and Accounting • Extensible Authentication Protocol (EAP)- Transport Layer Security (TLS) – Commonly used in wireless systems • X.509 is a standard for Public Key Infrastructure (PKI) and P i il Privilege M Managementt IInfrastructure f t t (PMI) • Ephemeral Cryptographic Key Management – DHE-DSS Diffie-Hellman Key Exchange - Digital Security Standard • Secure Communication (message integrity, encryption, and replay protection) – Encryption / Hashing / Digital Signature

13 / GE /

Factors of Authentication 1. What You Know – Passwords are widely used to identify a User, but only verify that somebody knows the password.

2. What You Have – Digital certificates in the User's computer add more security than a password, and smart cards verify that Users have a physical token in their possession but either can be stolen possession, stolen.

3. What You Are – Biometrics such as fingerprints and iris recognition are more difficult but not impossible to forge.

4. What You Do – Dynamic biometrics such as hand writing a signature and voice recognition are the most secure; however, replay attacks can fool the system. NERC CIP: Two Factors required for Interactive Access 14 / GE /

Digital Signatures Using asymmetric encryption for authentication Uses a “one-way-hash” that is similar to a CRC or checksum1. Alice hashes the Message

5. Bob hashes the message, too.

3. Alice sends message and signature to Bob

Hash

Hash

Encrypt

2. Alice signs with her PRIVATE Key

Decrypt

4. Only her PUBLIC key can decrypt the hash

If Bob’s hashed value matches Alice’s, it’s the same message Alice signed 15 / GE /

5

Smart Grid Architecture Utility Offices

Security Server Operational Bus Operational Servers

T&D Sub-Stations

Non-Op Servers

IED

Backhaul Networks

IED

Distribution Networks

Station LAN

IED IED

IED

Renewable Generation

Distribution Devices

Monitoring & Diagnostics

I/O

Protection

IED

Mobile Workforce

IED

Home LAN

IED IED IED Meters

IED IED

16 / GE /

Smart Homes

Establishing Secure Communications - Encryption Utility Offices

Blocks attacks along channels

Security Server Operational Bus Operational Servers

Non-Op Servers

IED

T&D Sub-Stations

Mobile Workforce

IED

Station LAN

IED IED

IED I/O

Protection

IED

Renewable Generation

Distribution Devices

Monitoring & Diagnostics

IED

Home LAN

IED Meters

IED IED

17 / GE /

Smart Homes

Applying Security Perimeters with AAA Server Blocks attacks at Perimeters

Utility Offices

Security Server Perimeter Operational Bus Perimeter Perimeter Operational Servers

T&D Sub-Stations

Non-Op Servers

IED

Mobile Workforce

Perimeter IED

Station LAN

I/O

IED Monitoring & Diagnostics

Distribution Devices

IED

IED Meters

Perimeter

Protection

IED

Perimeter

IED IED

Renewable Generation

Home LAN

IED IED

18 / GE /

Smart Homes

6

Secure the Devices with Private Keys and AAA Server Blocks attacks at end devices Security Utility Offices

Server Perimeter Operational Bus Perimeter Perimeter Operational Servers

T&D Sub-Stations

Non-Op Servers

IED

Mobile Workforce

Perimeter IED

Station LAN

I/O

Protection

IED

Distribution Devices

Monitoring & Diagnostics

IED

IED Meters

Perimeter

IED

Perimeter

IED IED

Renewable Generation

Home LAN

IED IED

19 / GE /

Smart Homes

Physical Security Blocks physical “6-wall” attacks

Utility Offices

Security Server Perimeter Operational Bus Perimeter Perimeter Operational Servers

T&D Sub-Stations

Non-Op Servers

IED

Mobile Workforce

Perimeter IED

Station LAN

I/O

IED Monitoring & Diagnostics

Distribution Devices

IED

IED Meters

Perimeter

Protection

IED

Perimeter

IED IED

Renewable Generation

Home LAN

IED IED

20 / GE /

Smart Homes

Summary NERC and Corporate Security Requirements Functions to Protect Understanding the threat Understanding the types of attacks How likely and serious are the consequences Current security methods Deploy a matching solution

21 / GE /

7