220 likes | 510 Views
Ontario Smart Grid Forum. Cyber Security and The Smart Grid November 11, 2008. Cyber Security for the Smart Grid TM. Objectives of Presentation About N-Dimension Solutions Cyber Security and the Smart Grid Solutions and Recommendations. Discussion Topics.
E N D
Ontario Smart Grid Forum Cyber Security and The Smart Grid November 11, 2008 Cyber Security for the Smart Grid TM
Objectives of Presentation About N-Dimension Solutions Cyber Security and the Smart Grid Solutions and Recommendations Discussion Topics
Engage in two-way discussion on a critical Smart Grid topic and provide useful context and recommendations for the Ontario Smart Grid Forum participants Objectives of Presentation
N-Dimension Solutions Inc. • Cyber Security Solutions Provider laser focused on the Power & Energy market • Headquartered in Richmond Hill Ontario with office in Austin Texas • Member of: • NERC • NERC’s new Demand-Side Management Task Force • IESO’s Reliability Standards Standing Committee • Cyber Security Technical Working Groups (IEEE P1711, AMI-SEC) • Advisory Committee for University of Illinois Trusted Cyber Security Computing Infrastructure for Power • Developed comprehensive AMI cyber security analysis and report for the Ontario Utilities Smart Metering (OUSM) working group • Published thought leader on cyber security for the emerging Smart Grid • Active across North America and globally in delivering Smart Grid cyber security solutions in conjunction with our business partners
Overview of The Smart Grid
The Current Electric Grid – Islands of Technology Generation Transmission Customers Distribution GEN1 - Operational Information TOP1 – Operational Information DIST1 - Operational Information GENx - Operational Information TOPx – Operational Information DISTx – Operational Information
Convergence of Enterprise & Operations IT Integration counters key security principals of isolation and segregation Information Technology Smart Grid Technology Operations Technology Enterprise Systems Web Applications Control Systems Protection Systems AMI DSM OMS GIS Cyber Secure Integration counters key security principals of isolation and segregation
Transmission Distribution Customers Generation AMI DSM System Operators Conservation Authorities The Smart Grid – Connectivity with Security End-to-End Communications, Intelligence, and Defense-in-Depth Security
Smart Grid Cyber Security
Self-healing Empowers and incorporates the consumer Resilient to physical and cyber attacks Provides power quality needed by 21st century users Accommodates a wide variety of generation options Fully enables maturing electricity markets Optimizes assets The Smart Grid – Characteristics Source: The US National Energy Technology Laboratory
Sensors Monitoring and detecting the data Communications Moving the data through the build of networks First-level integration Collecting the data Centralized control Using the data for visualization and control Security Protecting the data with Security Services & Solutions Full integration Integrating the data with the rest of the business Services and Applications Using the data in new ways Smart Grid Technology Source: The Emerging Smart Grid, Global Environment Fund - Centre for Smart Energy
Smart Grid Attack Threats “Energy control systems are subject to targeted cyber attacks. Potential adversaries have pursued progressively devious means to exploit flaws in system components, telecommunication methods, and common operating systems found in modern energy systems with the intent to infiltrate and sabotage vulnerable control systems. Sophisticated cyber attack tools require little technical knowledge to use and can be found on the Internet, as can manufacturers’ technical specifications for popular control system equipment.” Source: Roadmap to Secure Control Systems in the Energy Sector, The Department of Homeland Security and US Department of Energy
Increasing Interconnection and Integration New 2-Way Systems (e.g. AMI, DSM) Increasing Use of COTS Hardware and Software New Customer Touch Points into Utilities Control Systems Not Designed with Security in Mind Increasing Number Of Systems and Size of Code Base Increased Attack Surface Increased Risk to Operations Smart Grid Cyber Security Drivers
Send e-mail with malware Admin Operator Admin Opens Email with Malware Operator Acct MasterDB Slave Database RTU Overview of Cyber Security – Threats PerformARP Scan PerformARP Scan SQLEXEC Internet Takes Control of RTU • Hacker performs an ARP (Address Resolution Protocol) Scan • Once the Slave Database is found, hacker sends an SQL EXEC command • Performs another ARP Scan • Takes control of RTU • Hacker sends an e-mail with malware • E-mail recipient opens the e-mail and the malware gets installed quietly • Using the information that malware gets, hacker is able to take control of the e-mail recipient’s PC! Example from 2006 SANS SCADA Security Summit, INL
Communications Network(WAN) Communications Network(WAN) AMCC (Advanced Metering Control Computer) AMI WAN AMI WAN AMI WAN Overview of Cyber Security – Threats Cyber Penetration Attacker Controls the Head End Attacker Performs Remote Disconnect Attacker Retailers 3rd Parties Data Management Systems (MDM/R) Example from AMRA Webinar, Nov ’06 “The Active Attacker”
The challenge is complex and continuously changing Legacy systems need to be protected Number and geographic location of end points Relationship to physical security Systems are 7x24 and critical The human element / social engineering Cyber Security Challenges
Unlike the beer industry, there is no silver bullet ! Cyber Solutions
Perimeter Protection Firewall, IPS, VPN, AV Host IDS, Host AV DMZ Physical Security Interior Security Firewall, IDS, VPN, AV Host IDS, Host AV IEEE P1711 (Serial Connections) NAC Scanning Monitoring Management Processes Cyber Solutions - Defense in Depth IDS Intrusion Detection System IPS Intrusion Prevention System DMZ DeMilitarized Zone VPN Virtual Private Network (encrypted) AV Anti-Virus (anti-malware) NAC Network Admission Control
Cyber Solutions – 50,000 Foot View of Control Network Key Points: • Defense in Depth • Access Control • Secure connections • Link to Physical • Security Management • Apply same approach • to other Smart Grid • elements Internet Enterprise Network VPN FW IPS Proxy IPS AV FW Host AV Host IPS Partner Site IDS Control Network NAC Scan Host IDS Host AV FW VPN P1711 FW IDS AV Field Site Field Site Scan Field Site NAC
Cyber security is an absolute requirement for the Smart Grid Smart Grid deployments will fail without proper cyber security A strong security posture can be established so that the benefits can be realized from Smart Grid deployments Ontario can establish a leadership position: Standards Trials Information exchange Learning The N-Dimension Viewpoint
View cyber security as a critical element of your Smart Grid deployment Apply the defense in depth concept isolating and segregating systems and applications, then allow selected connectivity Best accomplished at the foundational / design level Establish a security management system “you can’t manage what you can’t measure” Involve your vendors and interconnected partners Embed into your corporate governance systems Develop and track business case: Project by project basis Integrated system Look to others for learning and suggestions such as the Ontario Smart Grid Forum ! Recommendations
Thank You ! Peter Vickery Executive Vice-President N-Dimension Solutions Inc. Office: 905-707-8884 ext 223 Mobile: 416-951-8811 peter.vickery@n-dimension.com Doug Westlund CEO N-Dimension Solutions Inc. Office: 905-707-8884 ext 227 Mobile: 416-997-8833 doug.westlund@n-dimension.com