© 2009 Verizon. All Rights Reserved. PTEXXXXX XX/09
End to End Security on the Smart GridPerry Jurancich
Utilities Vertical Market Development
Verizon
“A smart grid uses information technology to improve the reliability, availability and efficiency of the electric system:
from large generation through the delivery system to electricity consumers and eventually to individual end‐uses or appliances.
The information networks that are transforming our economy in other areas are also being applied to grid applications for dynamic optimization
of electric systems operations, maintenance, and planning. “
Patricia Hoffman Acting Assistant Secretary for Electricity Delivery and Energy Reliability, U.S. Department of Energy. To U.S. Senate Committee on Energy and Natural Resources,
March 3, 2009.
Opportunities for a New Data Network
•Build Security In!–Confidentiality, Integrity, and Availability
•Apply the network security lessons learned in the past 40 years–Need Innovation in technology, process and people–A fast changing landscape–Apply best practices–Authentication and authorization of all transactions (no anonymity)
–Create a “trust anchor” in something other than the users of the system
The Power Grid will Soon be “Smart”
•It must also be “Secure" and “Resilient”
•We should adopt and extend best practices – From communications, financials, government, and industrial automation (NIST process ongoing)
–Partner with the research community
•Holistic Approach – planning, implementation, operation, testing – and do it continuously–Security as integral part of smart grid additions–Strong policies for participating companies–Strong focus on availability of service–Segment networks
Major Threat is Organized Crime
•Cyber threats range from young adolescents to criminals, terrorists, and nation-states–But a computer does not know the difference–Can be launched from anywhere in the world
•Criminal organizations orient on theft of value–High perceived value in power systems–Fraud, theft of service, manipulation of commodities futures are
potential actions
•Criminal actions can also be disruptive–Extortion, deliberate outages, sabotage
•The Threat is Dynamic– Need real-time analysis
Smart Grid Topology OverviewSmartGrid Solution Overview
Multiple Access Technologies
Communications Platform Mgmt functions extend to Smart Meter & Other Grid Devices
Meter Data Mgmt functions extend to Smart Meter through Meter Communications Network
Meter Comms Network
Grid Devices and Substations
Home Area NetworksBldg Area Networks
PrivateWAN Backhaul
Wireless (Cellular or WiMax)
to Private IP/MPLS
Or Private Line
PublicInternet
Security designed into the solution end-to-end across the network with certified components
A Communications and Information Technology Overlay to the Utility Grid
HAN Comms through both Meter Comms Network & InternetHosted Data Centers
And/OrUtility Data Centers
Final Thoughts
•A smart grid represents an incredible opportunity for the electric power and communications sectors to show the rest of the world “how to do it right”
•With opportunities come challenges–Technical–Political–Cultural
From:
INL 2006 Training Deck