D R . S A T Y A M P R I Y A D A R S H YR K R G R O U P, I N C

( R E N A M I N G A S R E I G N I T E S T R A T E G Y , I N C . M A Y 1 , 1 1 ) P R I Y A D A R S H Y @ I E E E . O R G O R + 1 7 0 3 7 3 1 4 4 6 1

D R . A R U N S O O DS C I T L A B S I N C

&G E O R G E M A S O N U N I V E R S I T Y

a s o o d @ s c i t l a b s . c o ma s o o d @ g m u . e d u

P R E P A R E DF O R

T H I R D W O R K S H O P O N C Y B E R S E C U R I T Y A N D G L O B A L A F F A I R S I N P A R T N E R S H I P W I T H

C E R T- H U N G A R YB U D A P E S T, H U N G A R Y

Smart Grid Cyber Security Framework

M A Y 3 1 - J U N E 2 , 2 0 1 1

Third Workshop on Cyber Security and Global affairs

What is Smart Grid?

Smart Grid is NOT a product or service.

Smart Grid is the integration of two infrastructures Electrical Infrastructure (expanded Energy Infrastructure) Information Infrastructure

Smart Grid is the power delivery system of the future With Increased Energy Efficiency and Operational Productivity With Increased Power System Reliability and QoS (Quality of Service) Empowers Consumers and Everyone for Decision making to use Energy Efficiently

Smart Grid goals will be achieved through Optimal Use of Assets Efficient operation and the inclusion of active participation from consumers Use of new energy sources, storage, products, services and markets Proactive self-healing through continuous self-assessments of grid components Resiliency to cyber attacks

Smart Grid needs a robust Cyber Security Framework, due to network dependency

March 28,2011

2

Third Workshop on Cyber Security and Global affairs

Smart Grid

March 28,2011

3

Image Source: http://www.consumerenergyreport.com/wp-content/uploads/2010/04/smartgrid.jpg

Third Workshop on Cyber Security and Global affairs

Smart Grid Framework

March 28,2011

4

Smart Grid Framework constitutes the following seven layers

Energy transmission and distribution infrastructure Communication network Data center computational platform Informational systems infrastructure and operational systems Business applications for automation, communications and

management Vendor partnerships and services

Smart Grid needs to have defense mechanisms at each of the above seven layers.

Third Workshop on Cyber Security and Global affairs

Smart Grid Framework

March 28,2011

5

The layered cyber security framework should include:

The physical security The access control The secure devices, systems and network The secure software, applications, databases, and storage The secure intercommunications and data transport The defense to the existing and emerging threat landscape The self-healing of grid through real-time monitoring and

management

In the following sections we discuss each one of them.

Third Workshop on Cyber Security and Global affairs

Cyber Security Framework

Leverage the existing security systems. SCADA (Supervisory Control And Data

Acquisition) is the security systems in the current grids, within isolated environments.

Expand SCADA, for Smart Grid, as environments will no longer remain isolated and will be on always connected networks.

March 28,2011

6

Third Workshop on Cyber Security and Global affairs

Cyber Security Framework – Physical Security

Requires an integrated solution for protecting the premises from intruders.

The solution will have to automate Data analysis Creation of Alerts, Response to alerts from

Electronic access controls, Sensors, etc. Generators, Smart Appliances, etc. Equipment transport logs, etc. Video surveillance, etc.

Other new technologies as become available

March 28,2011

7

Third Workshop on Cyber Security and Global affairs

Cyber Security Framework –Access Control and Identity Management

Robust access control & identity management/verification policies for People, Vendors Companies Communicating devices, etc.

Use of strong passwords, reCAPTCHA, biometrics, etc. for authentication from the start

Implementation for Sarbanes-Oxley like rules The default-deny policy for the servers, routers, switches, and

other devices should be in place, when these devices go on the network. An access on the network should require explicit permission settings, to avoid any unauthorized entry.

For example, a customer shall access energy consumption metrics from the Smart Meter, but shall not be allowed to make changes to the device itself.

March 28,2011

8

Third Workshop on Cyber Security and Global affairs

Cyber Security Framework

Hardening of the devices, servers, and network before deployment and connection to the backbone of Smart Grid. For example, the factory settings like passwords, open

ports, etc. on the devices, routers, switches, servers, sensors, and Wi-Fi networks shall be changed based on the access and control policies set earlier.

Implementation of the recommendations from the vendor on making their devices secure For example, disruptions caused by denial of service

(DoS) attacks can be reduced if the vendor recommendations for securing the devices are followed.

March 28,2011

9

Third Workshop on Cyber Security and Global affairs

Cyber Security Framework –Secure SADS

Smart Grid will integrate multiple vendors for software, applications, databases and storage (SADS) through its backbone, the Smart Grid Network.

SADS are secure before deploying it on the networked devices. For example, memory injection issues do not get deployed

knowingly. Consistent and timely upgrade and patch deployment

policies for SADS. should take into account the consistency, timeliness and interdependencies of SADS.

Same robust testing and phased deployment of open source and commercial off-the shelf (COTS) SADS.

March 28,2011

10

Third Workshop on Cyber Security and Global affairs

Cyber Security Framework –Secure Data Transport and Storage

Data transport at very low latency and high throughput is critical for Smart Grid. Data needs be protected as it is shared between

different entities and stored Data encryption would be essential to implement

across the board (both for transport and storage)Granular access to sensitive data at the user

and application level should be implemented. Leveraging VPN technologies for data

transmission between devices in the Smart Grid network will be needed.

March 28,2011

11

Third Workshop on Cyber Security and Global affairs

Cyber Security Framework –Defense in Depth

Defense-in-depth approach of multi-level and multi-layer security to protect from existing and emerging threats.

The known threats from Hackers, vandals, and disgruntled employees, Competitors, customers, security systems, Terrorists, and foreign countries, Rogue devices, tainted software, and other yet unknown

sourcesAddress attacks like

spoofing, cracking denial of service, eavesdropping, traffic analysis, social engineering, malware, etc.

March 28,2011

12

Third Workshop on Cyber Security and Global affairs

Cyber Security Framework –Self-healing

Self-healing of Smart Grid requires that cyber security become pervasive and granular.

Real-time monitoring of data at the lowest possible granular level will provide immediate knowledge About changes Events that can disrupt the Smart Grid Allow to take quick corrective actions

In a complex system like the Smart Grid, events can arise As a result of a security breach As a noise during the course of operations.

Monitoring these events will ensure the protection and security of the Smart Grid.

March 28,2011

13

Third Workshop on Cyber Security and Global affairs

Thanks !!

March 28,2011

14

For a self-healing, always on, highly efficient SMART GRID, a robust Cyber Security

Framework is essential.

For more informationContact

asood@gmu.edu or priyadarshy@ieee.org