Protection of Electricity Networks - Interconnectivity related aspects

1. Protection of Electricity Networks-Interconnectivityrelated aspects Rajesh Nair Bratislava, 10. October 2014

2. The Change in Banking OLD Front office agents who take care of your needs. RECENTLY Cash from ATMs, e-banking NEW Device based banking, location based payments, flexible access to funds

3. Are There Parallels in the Power System? Production Today: One-Way Future: Two-Way Transmission & Distribution Consumption

4. Rapidly Changing Paradigms Energy eco system • Vertical integration • Horizontal sliced • System of systems Architecture • Individual islands • Separated layers • A mixed world Operations • Predictable • Market variable • Market and environ-ment variable Security • Not an issue • Take care of your area • An integrated world Communication • Serial, point to point • Grouped, proprietary • Open and uncontrolled

5. Cyber Threats are a Reality! “We have information, from multiple regions outside the United States, of cyber intrusions into utilities, followed by extortion demands. We suspect, but cannot confirm, that some of these attackers had the benefit of inside knowledge. We have information that cyber attacks have been used to disrupt power equipment in several regions outside the United States. In at least one case, the disruption caused a power outage affecting multiple cities. We do not know who executed these attacks or why, but all involved intrusions through the Internet.“ Tom Donahue, the CIA's top cybersecurity analyst Source: NewsBites January 18, 2013

6. Why Security forthe Power System? • Power systems and automation are changing in the face of new opportunities and challenges • Parts ofenergyinfrastructureisinternetbasedandeasilyattackable • WithsmartgridsandsmartmetersthevulnerabiltyofIT-systems isevenincreasing • Swissgridisoperating a criticalinfrastructure. Security ofsupplymust beassured • All power systems have Industrial Control Systems (ICS), are they secure?

7. Cyber related roles and players

8. Integrated Governance as Main Target

9. Swissgrid Security Approach is Multi-Dimensional (1) Prevent • Normal security controls • Strong updating and upgrading of the infra-structure • Isolation • Architectures that are inherently secure Monitor • Device level monitoring of behaviour • Network level behaviour • Plausibility checks on the data • Watching the actors • Monitoring the interconnects Respond • Rapid isolation capabilities in design for all actors, inter-connectors and infrastructures • Redundancy with minimum commonality where possible • Standardize non-critical elements Total Vector VerticalComponent Horizontal Component

10. Swissgrid Security Approach is Multi-Dimensional (2)

11. A Decision-Making Framework Identify the critical assets or the ones that make the biggest “bang” • critical assets: make the impact smaller by segmentation • Increase the resilience • Increase the security in layers • Contextual data checks • Encryption • Isolation • Separation • non critical assets: do not use the data operationally • Defence in depth based on business cases • Accept that the systems are inherently unsecure • Use data accordingly Implement a process to keep these systems monitored and set up an emergency response capability at the organizational, country and European level.

12. Need for a minimum standard • We have a pan-European integrated electrical grid network • Regulation in a number of countries looks only at cost • A risk based approach sounds good… but in practice could lead to exposing the various risk appetites of various linked entities • We are exposed. There have been a few incidents already. Maybe it is not a good idea to wait for someone else to act. A minimum standard and agreement is required.