130 likes | 447 Views
Analyst Presentation November 2008`1. Cyber-Security & Interoperability Breakout - Michelle Mindala-Freeman National Town Meeting – July 14, 2009. Confidential Company Overview & Update DRAFT November 2008. Introduction….
E N D
Analyst Presentation November 2008`1 Cyber-Security & Interoperability Breakout - Michelle Mindala-Freeman National Town Meeting – July 14, 2009 Confidential Company Overview & UpdateDRAFT November 2008
Introduction… • Many of Landis+Gyr customers have been early adopters of intelligent, automated metering systems • We design smart grid solutions for these customers & prospects that meet operational & financial objectives and consumers’ needs • We believe interoperability isn't an end – it’s an process that requires diligence in design & implementation to deliver real value • Security is paramount; however, delivering a secure smart grid is a journey…perhaps without a final destination • Our core approach is to deliver the right building blocks for an interoperable and secure smart grid – rapidly delivery technology at the pace of value - value to the utility, to the consumers and to this growing market
Landis+Gyr – where we are the smart grid… • 5,000 people in 30 countries with $1.3B+ in sales. • Over $1B invested in more than a dozen companies • 15+years of fixed network deployment and measurement automation experience • Global leader in metering – PG&E, PEPCO, SMUD, E.ON, CHED • Leader in fixed networks - 20M+ embedded endpoints - Oncor, Austin Energy, AEP Texas, Fortis Alberta Meters & Endpoints Communication Networks Data Management Application Demand Management Distribution Automation Deployment & Operations Services
Interoperability – a means or an end? • A smart grid [will] employ real-time, two-way communication technologies to allow users to connect directly with power suppliers. The development of the grid will create jobs and spur the development of innovative products that can be exported. • The greatest benefit from the smart grid will be interoperability that will open up every aspect of the generation, distribution, and use of energy to innovation. * • Products/ Services • Improved Competition • Time to Market • Customer Value Source: NIST Interim SG Standards June 09
Interoperability – what can we learn? • Internet analogy • Telecom analogy • Interoperability ≠ Plug and Play • Specifications ≠ Uniformity • Sameness ≠ Value
How can we move forward “faster”? • Drive, not stall, deployments • Leverage upgradability • Value to Consumers • Value between Systems • Value within the System • Scale with International Standards • Flexibility for different Utility conditions • Stay focused on drivers • Prioritize - set the value pace • Allow market forces to work
How is Landis+Gyr approaching Interoperability? • Develop for Value 1st --- Interoperability at Head-End and HAN • Protect for the Future -- Secure upgradability • Meter, Comms & HAN • Create Scale • Supporting International standards & working groups • Promoting Common information/Data Model – Multispeak CIM • Evolve for next value phase -- Working to fill standards gaps / refine • Meter tables • Common PHY/MAC • Mesh routing protocols
Security • Cyber security is a critical issue due to the increasing potential of cyber attacks and incidents against this critical sector as it becomes more and more interconnected. Cyber security must address deliberate attacks…[and] inadvertent compromises of the…infrastructure* • Key issues: • Risk mitigation & protection in current systems • Standards to assess & address risks in the system • Addressing future vulnerability as the grid evolves
Landis+Gyr’s Protections Today • Privacy, Accuracy & Authenticity of Information • AES encryption & protocol wrappers • Randomized Meshed Paths • Unique Channel Schemes • HAN leveraging ECC • Avoiding Disruption or Malicious Use of the Network • Role-based access control • Device registration and validation • Limited allowable / verified actions at the edge • Natural protection via network design
No one can sit still… • Disruptions on a widescale today would take tremendous experimentation & determination, with limited “results” • However… • Aug 18, 2008 - Staged cyberattack exposes vulnerability in power grid • March 21st, 2009 – Power Grid Is Found Susceptible to Cyberattack • April 8th, 2009 - Electricity Grid in U.S. Penetrated By Spies • June 12th, 2009 – Hacking will be demonstrated in July • The cat and mouse chase is on – system managers & vendors will improve security postures as exploits are developed
Landis+Gyr’s Top Recommended Security Practices • Implement strong security techniques, such as mutual authentication, cryptography & message integrity verification to protect information • Provide countermeasures to identify potential breaches, the areas affected, and a means for user’s timely reaction • Ensure protection of all user and credential information, allowing access according to designated rights. • Incorporate use of access controls to ensure access to certain data/functionality is allowed only to specific trusted entities • Train all employees who have access to AMI data or controls. • Perform ongoing 3rd-party penetration testing to uncover vulnerabilities
Thank you Michelle Mindala-Freeman VP, Marketing & Product Management, North Am Michelle.mindala@landisgyr.com