Smartgrid - (In)security in Advanced Metering Infrastructure PwC June 2013
June 2013 2
Smart Grid What is it? NIST: "a modernized grid that enables bidirectional flows of energy and uses two-way communication and control capabilities that will lead to an array of new functionalities and applications."
Smartgrid - (In)security in Advanced Metering Infrastructure PwC June 2013
June 2013 3
Smart Grid What is it? NIST: "a modernized grid that enables bidirectional flows of energy and uses two-way communication and control capabilities that will lead to an array of new functionalities and applications."
two-way communication and control capabilities!
Smartgrid - (In)security in Advanced Metering Infrastructure PwC June 2013
June 2013 4
Smart Grid What is it?
Smartgrid - (In)security in Advanced Metering Infrastructure PwC June 2013
June 2013 5
Smart Grid What is it?
Smartgrid - (In)security in Advanced Metering Infrastructure PwC June 2013
June 2013 6
Smart Grid Investments
Smartgrid - (In)security in Advanced Metering Infrastructure PwC June 2013
June 2013 7
Smart Grid Who will be affected?
All of us
Smartgrid - (In)security in Advanced Metering Infrastructure PwC June 2013
June 2013 8
Cyber Threat Landscape • State-sponsored groups Cyberwarfare • Organized cyber criminals Financial gain • Hacktivists Chaos
• Insiders Financial gain • Coincidental attacks / vandals
Smartgrid - (In)security in Advanced Metering Infrastructure PwC June 2013
June 2013 9
Advanced Metering Infrastructure (AMI) What it it?
Monitoring/ control
Smart Meter
Aggregator Internet Mobile Radio Powerline ISDN Leased line
Smartgrid - (In)security in Advanced Metering Infrastructure PwC June 2013
Internet Mobil Radio Powerline
Home Area Network
Radio
June 2013 10
Threats & vulnerabilities
Monitoring/ control
• Malware infections • (Un)intentional attacks from staff members • External/internal network based hacker attacks
• Social engineering (fx e-mail scams, phishing) • Physical penetration
Smartgrid - (In)security in Advanced Metering Infrastructure PwC June 2013
June 2013 11
Threats & vulnerabilities
Aggregator
• Physical destruction • Physical penetration • Escalation of physical access to remote access
• External/internal network based hacker attacks
Smartgrid - (In)security in Advanced Metering Infrastructure PwC June 2013
June 2013 12
Threats & vulnerabilities
Smart Meter
• Escalation of physical access to remote access • Encryption key & firmware extraction • Firmware vulnerabilities
• Firmware manipulation • Radio signal jamming/eavesdropping • Malware infections
Smartgrid - (In)security in Advanced Metering Infrastructure PwC June 2013
June 2013 13
Threats & vulnerabilities
Smartgrid - (In)security in Advanced Metering Infrastructure PwC June 2013
Smart Meter
June 2013 14
Threats & vulnerabilities
Smartgrid - (In)security in Advanced Metering Infrastructure PwC June 2013
Smart Meter
June 2013 15
Threats & vulnerabilities
Home Area Network
• Radio signal jamming/eavesdropping/injection (ZigBee)
Smartgrid - (In)security in Advanced Metering Infrastructure PwC June 2013
June 2013 16
Threats Non-technical (ENISA*) • No coordination • No consistent standards • No regulation or legislation
• No certification • Complexity • Lack of emergency response capabilities
*) European Network and information Security Agency Source: “ENISA Smart Grid Security Recommendations”, July 2012 Smartgrid - (In)security in Advanced Metering Infrastructure PwC June 2013
June 2013 17
Defenses & recommendations • Secure architecture/design • Secure software development and maintenance • Software update and patch management
• Malware protection • System management and hardening processes • Access control and identity management
• User awareness training • Physical protection • Monitoring and response
• Background checks Smartgrid - (In)security in Advanced Metering Infrastructure PwC June 2013
Smartgrid - (In)security in Advanced Metering Infrastructure PwC June 2013
June 2013 19
Recommendations ENISA • Improve the regulatory and policy framework on smart grid cyber security at national and EU levels. • Create public-private partnership to coordinate smart grid cyber security initiatives. • Foster awareness raising and training initiatives. • Encourage dissemination and knowledge-sharing initiatives. • Develop a minimum set of security measures based on existing standards and guidelines. • Sponsor the development of security certification schemes for components, products and organizational security. Source: “ENISA Smart Grid Security Recommendations”, July 2012 Smartgrid - (In)security in Advanced Metering Infrastructure PwC June 2013
June 2013 20
ENISA recommendations • Cultivate the creation of test beds and security assessments. • Study and refine strategies to coordinate measures countering large scale pan-European cyber incidents affecting power grids.
• Get computer emergency response teams to play an advisory role in dealing with cyber security issues affecting power grids.
Smartgrid - (In)security in Advanced Metering Infrastructure PwC June 2013
