Cyber Physical Security for Smart Grid - University of
Transcript of Cyber Physical Security for Smart Grid - University of
![Page 1: Cyber Physical Security for Smart Grid - University of](https://reader031.fdocuments.us/reader031/viewer/2022020706/61fca2e69d50e757a521ed4c/html5/thumbnails/1.jpg)
Cyber Physical Security for Smart Grid Broad Analysis: Information Hierarchy for the Future Grid
Manimaran Govindarasu & Adam Hahn
Iowa State University [email protected] [email protected]
Pete Sauer
University of Illinois at Urbana-Champaign [email protected]
PSERC Future Grid Initiatives Webinar Series
PSERC Future Grid Initiative Webinar Series February 7, 2012
![Page 2: Cyber Physical Security for Smart Grid - University of](https://reader031.fdocuments.us/reader031/viewer/2022020706/61fca2e69d50e757a521ed4c/html5/thumbnails/2.jpg)
Talk Outline • Cyber Physical Power Grid • Cyber Threats & Impacts • Research Challenges
1. Cyber-Physical System Security 2. Risk modeling and mitigation 3. Security of WAM, WAP, WAC 4. DMS & AMI Security 5. Defense against coordinated attacks 6. Trust management & attack attribution 7. Data sets, models, validation studies
• Conclusions
PSERC Future Grid Initiative Webinar Series February 7, 2012 2
Covered in detail
Covered briefly
![Page 3: Cyber Physical Security for Smart Grid - University of](https://reader031.fdocuments.us/reader031/viewer/2022020706/61fca2e69d50e757a521ed4c/html5/thumbnails/3.jpg)
Smart Grid: A Cyber-Physical System
PSERC Future Grid Initiative Webinar Series February 7, 2012 3
Source: http://cnslab.snu.ac.kr/twiki/bin/view/Main/Research
![Page 4: Cyber Physical Security for Smart Grid - University of](https://reader031.fdocuments.us/reader031/viewer/2022020706/61fca2e69d50e757a521ed4c/html5/thumbnails/4.jpg)
Cyber Threats to Critical Infrastructures
PSERC Future Grid Initiative Webinar Series February 7, 2012 4
Cyber-Based Attacks
Protocol Attacks
Intrusions Worms / Spyware/ Malware
Routing Attacks
Denial of Service (DoS)
[General Accounting Office, CIP Reports, 2004 to 2010]; [NSA “Perfect Citizen”, 2010]: Recognizes that critical infrastructures are vulnerable to cyber attacks from numerous sources, including hostile governments, terrorist groups, disgruntled employees, and other malicious intruders.
Insider Threats
![Page 5: Cyber Physical Security for Smart Grid - University of](https://reader031.fdocuments.us/reader031/viewer/2022020706/61fca2e69d50e757a521ed4c/html5/thumbnails/5.jpg)
Attacks-Cyber-Control-Physical
PSERC Future Grid Initiative Webinar Series February 7, 2012 5
![Page 6: Cyber Physical Security for Smart Grid - University of](https://reader031.fdocuments.us/reader031/viewer/2022020706/61fca2e69d50e757a521ed4c/html5/thumbnails/6.jpg)
Security systems is difficult …
Open and interoperable protocols
Security vs. performance tradeoff
Security vs. usability tradeoff
Security is expensive
Attackers enjoy breaking into system
Security had been not a design criteria
Securing legacy systems even harder
PSERC Future Grid Initiative Webinar Series February 7, 2012 6
![Page 7: Cyber Physical Security for Smart Grid - University of](https://reader031.fdocuments.us/reader031/viewer/2022020706/61fca2e69d50e757a521ed4c/html5/thumbnails/7.jpg)
Power Grid Cyber Security Roadblocks Legacy systems Geographically disperse Insecure remote connections Long system deployments Limited physical protections
Adoption of standardized technologies with known
vulnerabilities Connectivity of control systems to other networks
No “fail-closed” security mechanisms Widespread availability of technical info
PSERC Future Grid Initiative Webinar Series February 7, 2012 7
![Page 8: Cyber Physical Security for Smart Grid - University of](https://reader031.fdocuments.us/reader031/viewer/2022020706/61fca2e69d50e757a521ed4c/html5/thumbnails/8.jpg)
Documented Concerns Policies/Reports
DoE Roadmap to Achieve Energy Delivery System Cybersecurity, 2011
NERC-DoE HILF: High-Impact, Low-Frequency (HILF) Event Risk to the North American Bulk Power System
NISTIR 7628, “Guidelines for Smart Grid Cyber Security”
NERC CIP (Critical Infrastructure Protection)
NIST 800-82, “Guide to Industrial Control Systems (ICS) Security”
DHS Common Cyber Security Vulnerabilities in Industrial Control Systems
GAO-11-117: Electricity Grid Modernization: Progress Being Made on Cybersecurity Guidelines, but Key Challenges Remain to be Addressed
MIT Report: The Future of the Electric Grid, 2011
PSERC Future Grid Initiative Webinar Series February 7, 2012 8
![Page 9: Cyber Physical Security for Smart Grid - University of](https://reader031.fdocuments.us/reader031/viewer/2022020706/61fca2e69d50e757a521ed4c/html5/thumbnails/9.jpg)
Smart Grid Vision
PSERC Future Grid Initiative Webinar Series February 7, 2012 9
Smart Grid vision Economic Benefits Reliability Benefits Environmental Benefits Enabling Technologies Advanced sensing, communication, control Built-in Security Renewable Energy Emerging apps: WAMS, WAMPAC, DMS, SAS, AMI
![Page 10: Cyber Physical Security for Smart Grid - University of](https://reader031.fdocuments.us/reader031/viewer/2022020706/61fca2e69d50e757a521ed4c/html5/thumbnails/10.jpg)
Smart Grid Security = Info + Infra + Appln. Security Information Security Infrastructure Security Applications Security
NEEDS
Information Protection Confidentiality Integrity Availability Authentication Non-repudiation
Infrastructure protection Routers DNS servers Links Internet protocols
Service availability
Generation Control apps. Transmission Control apps. Distribution Control apps. System Monitoring functions Protection functions Real-Time Energy Markets
MEANS
Encryption/Decryption Digital signature Message Auth.Codes Public Key Infrastructure
Firewalls IDS/IPS Authentication Protocols Secure Protocols Secure Servers IPSEC, DNSSEC
Attack-Resilient Control Algos Model-based Algorithms - Anomaly detection - Intrusion Tolerance Risk modeling and mitigation Attack-Resilient Monitoring & Protection
PSERC Future Grid Initiative Webinar Series February 7, 2012 10
Cyber Attacks: Deter, Prevent, Detect, Mitigate, Attribution; be Resilient
![Page 11: Cyber Physical Security for Smart Grid - University of](https://reader031.fdocuments.us/reader031/viewer/2022020706/61fca2e69d50e757a521ed4c/html5/thumbnails/11.jpg)
Smart Grid Cyber Security requirements • Confidentiality (C), Integrity (I), Availability (A), • Authentication (AT), Non-repudiation (N)
PSERC Future Grid Initiative Webinar Series February 7, 2012 11
Smart Grid Application
Information & Infrastructure
Security
Application Security
AMI I, AT, C I, N
DMS I, A, AT I, AT
EMS I, A, AT I, AT
WAMPAC I, A, AT, C I, A
Power Markets I, A, AT, C I, N
![Page 12: Cyber Physical Security for Smart Grid - University of](https://reader031.fdocuments.us/reader031/viewer/2022020706/61fca2e69d50e757a521ed4c/html5/thumbnails/12.jpg)
Risk modeling & Mitigation
PSERC Future Grid Initiative Webinar Series February 7, 2012 12
![Page 13: Cyber Physical Security for Smart Grid - University of](https://reader031.fdocuments.us/reader031/viewer/2022020706/61fca2e69d50e757a521ed4c/html5/thumbnails/13.jpg)
PSERC Future Grid Initiative Webinar Series February 7, 2012 13
![Page 14: Cyber Physical Security for Smart Grid - University of](https://reader031.fdocuments.us/reader031/viewer/2022020706/61fca2e69d50e757a521ed4c/html5/thumbnails/14.jpg)
Cyber Security of Wide-Area Monitoring, Protection and Control
PSERC Future Grid Initiative Webinar Series February 7, 2012 14
•Man-in-the-middle attacks •Data integrity attacks •Denial of service attacks •Replay attacks •Timing attacks …
• Frequency control • Voltage control • Transient stability
Attack-Resilient Monitoring, Protection Control Algorithms
S. Siddharth, A. Hahn, and M. Govindarasu, “Cyber Physical Systems Security for Smart Grid” Special issue on Cyber-Physical Systems, Proceedings of the IEEE, Jan. 2012.
![Page 15: Cyber Physical Security for Smart Grid - University of](https://reader031.fdocuments.us/reader031/viewer/2022020706/61fca2e69d50e757a521ed4c/html5/thumbnails/15.jpg)
Control Systems Attack Model
PSERC Future Grid Initiative Webinar Series February 7, 2012 15
Figure adopted from - Yu-Hu. Huang, Alvaro A. Cardenas, et al, “Understanding the Physical and Economic Consequences of Attacks on Control Systems”
• Data integrity • Replay • Denial of service • De-synchronization
and timing-based Machine/
Device Actuators
Analyses & Computation
Control Center
Sensors
Physical System
Data Acquisition
Remote/Local Control
ui(t) yi(t)
Types of Attacks Generic Control System Model
![Page 16: Cyber Physical Security for Smart Grid - University of](https://reader031.fdocuments.us/reader031/viewer/2022020706/61fca2e69d50e757a521ed4c/html5/thumbnails/16.jpg)
PSERC Future Grid Initiative Webinar Series February 7, 2012 16
Power System Control Loops
![Page 17: Cyber Physical Security for Smart Grid - University of](https://reader031.fdocuments.us/reader031/viewer/2022020706/61fca2e69d50e757a521ed4c/html5/thumbnails/17.jpg)
Automatic Generation Control Frequency Control
PSERC Future Grid Initiative Webinar Series February 7, 2012 17
AGC Algorithm
Frequency Sensor
Tie-Line Flow Sensor
Power System
Generators
ACE Gen Error
Tie-Line Flow Measurement
Frequency Measurement
Modify tie-line flow and frequency measurements Attack:
Impact: Abnormal operating frequency conditions
Siddharth Sridhar and G. Manimaran – “Data Integrity Attacks and Impacts on SCADA Control System” – PES GM 2011
![Page 18: Cyber Physical Security for Smart Grid - University of](https://reader031.fdocuments.us/reader031/viewer/2022020706/61fca2e69d50e757a521ed4c/html5/thumbnails/18.jpg)
Attack Resilient Control (ARC)
PSERC Future Grid Initiative Webinar Series February 7, 2012 18
Actuators Power System
Control Algorithms
Sensors
Intelligent Attack Detection and Mitigation Module
Measurements Control
Physical System
Control Center
![Page 19: Cyber Physical Security for Smart Grid - University of](https://reader031.fdocuments.us/reader031/viewer/2022020706/61fca2e69d50e757a521ed4c/html5/thumbnails/19.jpg)
ARC – Intelligence Sources
PSERC Future Grid Initiative Webinar Series February 7, 2012 19
Forecasts
Situational Awareness System Resources
System Data
Attack Templates
• Forecasts – Load and wind forecasts • Situational Awareness – System topology, geographic location, market operation • Attack Templates – Attack vectors, signatures, potential impacts • System Data – Machine data, control systems • System Resources – Generation reserves, VAR reserves, available transmission capacity
![Page 20: Cyber Physical Security for Smart Grid - University of](https://reader031.fdocuments.us/reader031/viewer/2022020706/61fca2e69d50e757a521ed4c/html5/thumbnails/20.jpg)
Wide-Area Monitoring & Protection
PSERC Future Grid Initiative Webinar Series February 7, 2012 20
![Page 21: Cyber Physical Security for Smart Grid - University of](https://reader031.fdocuments.us/reader031/viewer/2022020706/61fca2e69d50e757a521ed4c/html5/thumbnails/21.jpg)
Secure WAMS &Protection ( & NASPInet)
PSERC Future Grid Initiative Webinar Series February 7, 2012 21
![Page 22: Cyber Physical Security for Smart Grid - University of](https://reader031.fdocuments.us/reader031/viewer/2022020706/61fca2e69d50e757a521ed4c/html5/thumbnails/22.jpg)
CPS Testbed – A Layered View
PSERC Future Grid Initiative Webinar Series February 7, 2012 22
Information/Control Layer
Physical Layer
Communication Layer Cyber attacks
EMS, SAS, RTUs, IEDs
Routing infrastructure, Network protocols, Routers, Firewalls
Power System Simulators (RTDS, Power factory)
Defenses
![Page 23: Cyber Physical Security for Smart Grid - University of](https://reader031.fdocuments.us/reader031/viewer/2022020706/61fca2e69d50e757a521ed4c/html5/thumbnails/23.jpg)
PowerCyber Testbed @ Iowa State
PSERC Future Grid Initiative Webinar Series February 7, 2012 23
![Page 24: Cyber Physical Security for Smart Grid - University of](https://reader031.fdocuments.us/reader031/viewer/2022020706/61fca2e69d50e757a521ed4c/html5/thumbnails/24.jpg)
Research Challenges
1. Cyber Physical Systems Security • Information Hierarchy • Communication, Control Architectures • Cyber-Control- Physical Mapping: Threats Attacks Cyber Control Impacts
PSERC Future Grid Initiative Webinar Series February 7, 2012 24
![Page 25: Cyber Physical Security for Smart Grid - University of](https://reader031.fdocuments.us/reader031/viewer/2022020706/61fca2e69d50e757a521ed4c/html5/thumbnails/25.jpg)
Research Challenges 2. Risk Modeling and Mitigation
• Vulnerability Assessment • Impact Analysis • Novel metrics
– Load loss, Stability, Reliability, Economic factors
• Hierarchical risk modeling framework • Synergistic Cyber-Physical mitigation
PSERC Future Grid Initiative Webinar Series February 7, 2012 25
![Page 26: Cyber Physical Security for Smart Grid - University of](https://reader031.fdocuments.us/reader031/viewer/2022020706/61fca2e69d50e757a521ed4c/html5/thumbnails/26.jpg)
Research Challenges 3. Attack Resilient WAMPAC Algorithms • Attack Resilient Wide-Area Measurement
- Security of PMU networks and data (NASPInet)
• Attack Resilient Wide-Area Control - Secure Automatic Generation Control (AGC)
• Attack Resilient Wide-Area Protection - Adaptive, Intelligent Remedial Action Scheme
• Secure Energy Management System (EMS)
PSERC Future Grid Initiative Webinar Series February 7, 2012 26
![Page 27: Cyber Physical Security for Smart Grid - University of](https://reader031.fdocuments.us/reader031/viewer/2022020706/61fca2e69d50e757a521ed4c/html5/thumbnails/27.jpg)
Research Challenges
4. Defense against Coordinated Attacks • Risk modeling of coordinated attacks • Beyond N-1 contingency
- Scope, planning, system design
• Cyber-physical mitigation
PSERC Future Grid Initiative Webinar Series February 7, 2012 27
![Page 28: Cyber Physical Security for Smart Grid - University of](https://reader031.fdocuments.us/reader031/viewer/2022020706/61fca2e69d50e757a521ed4c/html5/thumbnails/28.jpg)
Research Challenges
5. DMS & AMI Security • Remote attestation of AMI components • Model-based anomaly detection methods • Secure Distribution Management Systems (DMS) • Security vs. Privacy tradeoffs
PSERC Future Grid Initiative Webinar Series February 7, 2012 28
![Page 29: Cyber Physical Security for Smart Grid - University of](https://reader031.fdocuments.us/reader031/viewer/2022020706/61fca2e69d50e757a521ed4c/html5/thumbnails/29.jpg)
Research Challenges
6. Trust Management & Attack Attribution • Dynamic trust
- Models, protocols, and validation • Insider threats - Models, metrics, mitigation • Attack attribution - Scalable architectures and algorithms
PSERC Future Grid Initiative Webinar Series February 7, 2012
29
![Page 30: Cyber Physical Security for Smart Grid - University of](https://reader031.fdocuments.us/reader031/viewer/2022020706/61fca2e69d50e757a521ed4c/html5/thumbnails/30.jpg)
Research Challenges
7. Datasets and Validation • Data sets and models for:
- SCADA networks, AMI, WAMPAC, CIM • Realistic attack models and traces • Testbed Development • Realistic Attack-Defense studies
PSERC Future Grid Initiative Webinar Series February 7, 2012 30
![Page 31: Cyber Physical Security for Smart Grid - University of](https://reader031.fdocuments.us/reader031/viewer/2022020706/61fca2e69d50e757a521ed4c/html5/thumbnails/31.jpg)
Conclusions • Cyber security of smart grid is a national security issue
• Smart Grid Security = Info Sec + Infra Sec + Application Security
• Defense against Smart Coordinated Cyber Attacks
• Risk Modeling & Mitigation Algorithms
• Attack-Resilient Monitoring, Protection, and Control algorithms
• Trust management, Attack Attribution, AMI & DMS Security
• Data sets, models, and Validation studies • Cyber-Physical Systems Security is an important area of R&D • Standards development and Industry adoption are critical
PSERC Future Grid Initiative Webinar Series February 7, 2012 31
![Page 32: Cyber Physical Security for Smart Grid - University of](https://reader031.fdocuments.us/reader031/viewer/2022020706/61fca2e69d50e757a521ed4c/html5/thumbnails/32.jpg)
PSERC Future Grid Initiative Webinar Series February 7, 2012 32
Acknowledgements: • Department of Energy • National Science Foundation • Power Engineering Research Center (PSERC)
•Grad Students: Aditya Ashok, Siddharth Sridhar @ Iowa State University
Thank you !!! • Reviewers:
• Scott Backhaus, Las Alamos National Laboratory • Jianhui Wang, Argonne National Laboratory