Securing Smart GridSecuring Smart Grid

C. Edward ChowUniversity of Colorado at Colorado

Springs

C. Edward ChowUniversity of Colorado at Colorado

Springs

Smart Grid Education Workshop / Chow 25/29/2009

Outline of the TalkOutline of the Talk

Security in Smart GridPhysical Security ChallengesCyber Security Challenges

Related Education Programs at UCCS Survey Results on Certificate Program in Power and Energy being developed by UCCS-Colorado Springs Utilities (CSU )

Security in Smart GridPhysical Security ChallengesCyber Security Challenges

Related Education Programs at UCCS Survey Results on Certificate Program in Power and Energy being developed by UCCS-Colorado Springs Utilities (CSU )

Smart Grid Education Workshop / Chow 3

Wall Street Journal 4/8/2009 Wall Street Journal 4/8/2009

5/29/2009

Smart Grid Education Workshop / Chow 4

Russia Disrupt CNN Interview with Georgia President

Russia Disrupt CNN Interview with Georgia President"When Russia invaded Georgia last year, it

simultaneously launched a cyber war. A multi-faceted cyber attack began against the Georgian infrastructure and key government web sites. The attack included Distributed Denial of Service (DDoS)Attacks, Defacing of Web Sites , Infecting and Disabling VoIP phone system. Even CNN's interview with Georgian President MikHail Saakashvili got interrupted and delayed.”

“Many industries are also gravitating towards reducing the cost of physical security using IPTV and voice over IP (VoIP) to remotely monitor premises.” --- Juniper Network on Secure SCADA

"When Russia invaded Georgia last year, it simultaneously launched a cyber war. A multi-faceted cyber attack began against the Georgian infrastructure and key government web sites. The attack included Distributed Denial of Service (DDoS)Attacks, Defacing of Web Sites , Infecting and Disabling VoIP phone system. Even CNN's interview with Georgian President MikHail Saakashvili got interrupted and delayed.”

“Many industries are also gravitating towards reducing the cost of physical security using IPTV and voice over IP (VoIP) to remotely monitor premises.” --- Juniper Network on Secure SCADA

5/29/2009

Smart Grid Education Workshop / Chow 5

Vision of Smart Secure Grid (SSG)Vision of Smart Secure Grid (SSG)Page 12 of Jeff Harrell & Ron Sega CSU 3_10_2009

Smart Grid Workshop presentation:Energy Security in the 21st Century requires a new, environmentally responsible national energy system A new Smart Secure Grid architecture will enable:

Increased use of renewable (clean energy options), Demand-side management (greater efficiency),

And enhanced Infrastructure SecurityTo date, most Smart Grid projects have been Utility-centric and heavily focused on AMI and Demand ManagementOur region is well positioned to lead this charge and develop a comprehensive model for the nation

Page 12 of Jeff Harrell & Ron Sega CSU 3_10_2009 Smart Grid Workshop presentation:Energy Security in the 21st Century requires a new, environmentally responsible national energy system A new Smart Secure Grid architecture will enable:

Increased use of renewable (clean energy options), Demand-side management (greater efficiency),

And enhanced Infrastructure SecurityTo date, most Smart Grid projects have been Utility-centric and heavily focused on AMI and Demand ManagementOur region is well positioned to lead this charge and develop a comprehensive model for the nation

5/29/2009

Smart Grid Education Workshop / Chow 6

Infrastructure Security in SSGInfrastructure Security in SSGPhysical Security Challenges

Vast area for perimeter defenseFew spares for EHV equipment,...

Opportunities for new surveillance/protection systems

Cyber Security ChallengesOld communication infrastructureNew/numerous power sources (potential threats)SCADA/Distributed Control System (DCS) were not designed with cyber security requirements in mind,…

Opportunities for new secure architectures/techniques

Physical Security ChallengesVast area for perimeter defenseFew spares for EHV equipment,...

Opportunities for new surveillance/protection systems

Cyber Security ChallengesOld communication infrastructureNew/numerous power sources (potential threats)SCADA/Distributed Control System (DCS) were not designed with cyber security requirements in mind,…

Opportunities for new secure architectures/techniques5/29/2009

Smart Grid Education Workshop / Chow 7

Physical Security Challenges

Physical Security Challenges Vast

perimeter security (100,000 miles? Of transmission lines) to monitor and defend!

Vast perimeter security (100,000 miles? Of transmission lines) to monitor and defend!

5/29/2009 Page 3 of Hareell_Sega 3_10_2009 presentation

Smart Grid Education Workshop / Chow 8

Physical Security SolutionsPhysical Security SolutionsAdaptive High Dynamic Range Imaging C2FUSE: Command and Control Fusion INSPECCT: Inexpensive Spectrometer Color Camera Technology GPS-Based Tracking System for Trauma Patients Intelligent Imaging System NCIIA: National Collegiate Inventors and Innovators Alliance Network Security NSF Privacy: NSF STTR on Privacy Enhanced Biometrics ONR FAMME: ONR Facial Analysis in the Moving Maritime Environment Privacy Enhanced Camera Projective Biometric Invariants

Revocable Biometrics with Robust Distance Metrics SEE Port: Surveillance and Enemy Evaluation with PTZ and Omni-directional Reconnaissance Technology

See research projects http://vast.uccs.edu/

Adaptive High Dynamic Range Imaging C2FUSE: Command and Control Fusion INSPECCT: Inexpensive Spectrometer Color Camera Technology GPS-Based Tracking System for Trauma Patients Intelligent Imaging System NCIIA: National Collegiate Inventors and Innovators Alliance Network Security NSF Privacy: NSF STTR on Privacy Enhanced Biometrics ONR FAMME: ONR Facial Analysis in the Moving Maritime Environment Privacy Enhanced Camera Projective Biometric Invariants

Revocable Biometrics with Robust Distance Metrics SEE Port: Surveillance and Enemy Evaluation with PTZ and Omni-directional Reconnaissance Technology

See research projects http://vast.uccs.edu/5/29/2009

Smart Grid Education Workshop / Chow 9

Cyber Security ChallengesCyber Security Challengeswww.juniper.net/us/en/local/pdf/whitepapers/2000276-en.pdf Juniper Network White PaperArchitecture for Secure SCADA and Distributed Control System Networks

DHS identifies industrial control system networks for critical infrastructures of electric … as one of the most vulnerable targets for the security of the United States.Contrary to popular belief, many modern industrial control systems use common operating systems, protocols and networking stacks, making them vulnerable to worms, viruses, and application level attacks

www.juniper.net/us/en/local/pdf/whitepapers/2000276-en.pdf Juniper Network White PaperArchitecture for Secure SCADA and Distributed Control System Networks

DHS identifies industrial control system networks for critical infrastructures of electric … as one of the most vulnerable targets for the security of the United States.Contrary to popular belief, many modern industrial control systems use common operating systems, protocols and networking stacks, making them vulnerable to worms, viruses, and application level attacks 5/29/2009

Smart Grid Education Workshop / Chow 10

Securing Control NetworksSecuring Control Networks

5/29/2009

Smart Grid Education Workshop / Chow 11

Cyber Security ChallengesCyber Security ChallengesKey Management System for SCADA/DCS Support unicast[Sandia], broadcast[Choi08], multicast [Lee09], concast?Authentication in Disaster/Power Outage Recovery SituationOne solution: Biotope based Biometric Authentication SystemIntrusion Detection/Mitigation How we deal with Insider Attacks and Distributed Denial of Services Attacks

Key Management System for SCADA/DCS Support unicast[Sandia], broadcast[Choi08], multicast [Lee09], concast?Authentication in Disaster/Power Outage Recovery SituationOne solution: Biotope based Biometric Authentication SystemIntrusion Detection/Mitigation How we deal with Insider Attacks and Distributed Denial of Services Attacks

5/29/2009

Smart Grid Education Workshop / Chow 12

Related Cyber Security Research ProjectsRelated Cyber Security Research Projects

Biotope/Biometric Infrastructure --- DODSecure Collective Network Defense ---AFOSR

Secure DNS with Indirect Routing against DDoSMultipath Indirect Routing

Multi-tier QoS Server Systems --- NSFAccelerated Learning through Game Technologies: Defense against Insider Attacks --- AFRL-SBIRKey Management System for Secure Storage Systems --- joint research project with HP

Biotope/Biometric Infrastructure --- DODSecure Collective Network Defense ---AFOSR

Secure DNS with Indirect Routing against DDoSMultipath Indirect Routing

Multi-tier QoS Server Systems --- NSFAccelerated Learning through Game Technologies: Defense against Insider Attacks --- AFRL-SBIRKey Management System for Secure Storage Systems --- joint research project with HP

5/29/2009

Smart Grid Education Workshop / Chow 13

SSG Related Curriculum @ UCCSSSG Related Curriculum @ UCCS

Master of Engineering in Information Assurance Ph.D. in Engineering with Emphasis on SecurityIA Certificate ProgramBattery Control Curriculum(funded by DOE through U. Michigan)UCCS- CSU need based power engineering course (offered since 2006)Power and Energy Certificate Program (being planned)

Master of Engineering in Information Assurance Ph.D. in Engineering with Emphasis on SecurityIA Certificate ProgramBattery Control Curriculum(funded by DOE through U. Michigan)UCCS- CSU need based power engineering course (offered since 2006)Power and Energy Certificate Program (being planned)

5/29/2009

Smart Grid Education Workshop / Chow 14

Power Curriculum @UCCSPower Curriculum @UCCSECE 3910-3, Power Systems I, Offered in Spring Semester

Basic concepts and analytical methods in three-phase electric power systems: single-phase equivalent models; per-unit system of calculations; power, apparent power, and energy; basic properties of power systems elements; short-circuit current; voltage drop; and losses. Includes lectures and demonstrations.

ECE 4910-3, Power Systems II, Offered in Fall Semester

An expansion of topics covered in the first course in Power Systems. Covers transmission lines, power flow analysis, generation dispatch and the dynamic behavior of machines and power systems during abnormal conditions.

ECE 4160-4 Power and Energy. Planned for future offerings.

Magnetic Circuits and materials, transformers, electromechanical energy conversion principles, introduction to rotating machines, poly phase induction machines, synchronous machines, DC machines, stepper motors, laboratory experiments on transformers, synchronous motors, induction motors, steeper motors, motor control circuits.

ECE 3910-3, Power Systems I, Offered in Spring Semester

Basic concepts and analytical methods in three-phase electric power systems: single-phase equivalent models; per-unit system of calculations; power, apparent power, and energy; basic properties of power systems elements; short-circuit current; voltage drop; and losses. Includes lectures and demonstrations.

ECE 4910-3, Power Systems II, Offered in Fall Semester

An expansion of topics covered in the first course in Power Systems. Covers transmission lines, power flow analysis, generation dispatch and the dynamic behavior of machines and power systems during abnormal conditions.

ECE 4160-4 Power and Energy. Planned for future offerings.

Magnetic Circuits and materials, transformers, electromechanical energy conversion principles, introduction to rotating machines, poly phase induction machines, synchronous machines, DC machines, stepper motors, laboratory experiments on transformers, synchronous motors, induction motors, steeper motors, motor control circuits.

5/29/2009

Smart Grid Education Workshop / Chow 15

Survey on Certificate Program in Power and EnergySurvey on Certificate Program in Power and Energy

May 2009 @ Denver MREL ConferenceMay 2009 @ Denver MREL Conference

5/29/2009

Smart Grid Education Workshop / Chow 16

Survey ResultsSurvey ResultsSusan Lovejoy: “With 19 respondents total, the questionnaire results are not conclusive... except that there does seem to be interest for courses.    Smart Grid is near the top of the list, however, Power Systems Analysis is most important to the utilities.  Also, interesting to note that of the 19 respondents, there are 26 potential online students (no potential on-campus students).” Energy economics and electricity market is most important to the consultants. 

Susan Lovejoy: “With 19 respondents total, the questionnaire results are not conclusive... except that there does seem to be interest for courses.    Smart Grid is near the top of the list, however, Power Systems Analysis is most important to the utilities.  Also, interesting to note that of the 19 respondents, there are 26 potential online students (no potential on-campus students).” Energy economics and electricity market is most important to the consultants. 

5/29/2009

Smart Grid Education Workshop / Chow 17

Survey CommentsSurvey Comments“Students must have strong theory in power basics.”“Trying to implement the latest stuff like Smart Grid without power can be disastrous.....”

"no one wants a 20 year old graduate telling them what they think smart grid should do"

“Students must have strong theory in power basics.”“Trying to implement the latest stuff like Smart Grid without power can be disastrous.....”

"no one wants a 20 year old graduate telling them what they think smart grid should do"

5/29/2009