Nathan Wallace, PhD€¦ · Nathan Wallace, PhD @NathanSWallace [email protected] 06/07/2018...
Transcript of Nathan Wallace, PhD€¦ · Nathan Wallace, PhD @NathanSWallace [email protected] 06/07/2018...
@NathanSWallace www.nathanswallace.org
NathanWallace,PhD
06/07/2018
Dir.CyberEngineeringStaffEngineer
@NathanSWallace www.nathanswallace.org
Disclaimer
• Statementsandopinionsaremyownwhichmayormaynotreflectthatofmycurrentemployer.
• Statementsarebasedongeneralizedobservationsoftheindustryanddo
notrepresentanyparticularentityorassetowner.
@NathanSWallace www.nathanswallace.org
Volunteering:
EEIntern EEIntern AssociateEngineer
Co-Founder,Dir.CyberEngineering
Drafting RelaySettingsT&DProtection
ResearchAssociate
ICSCybersecurityResearcherDigitalForensicsExaminer
StaffEngineer
Relay&RTUDesign,Setting,&Commissioning
RiskAssessments,SecurityDesign&Integration
• ElectricalPowerSystemCyberDeviceFunctionNumbers,Acronyms,andDesignations• GuideforTestingandCommissioningPowerSystemCybersecurityControls• IoTforconnectedhome–CommunicationandCybersecurityRequirementsforConnecting
HometoUtility• Std.C37.240CyberSecurityRequirementsforPowerSystemAutomation,Protectionand
ControlSystems
IndustryStandards&Guides
PersonalBackground
@NathanSWallace www.nathanswallace.org
InherentlySafeCyber-securePowerSystemEnvironments
• Inherent=>Built-in,included,integrated,…ithasbeenengineered.
• Safe=>PowerSystemCybersecurityisaSAFETYIssue
Baked-invsBolted-on.Requireslittletonohumaninteraction.
Ex:AuroraGeneratorTest Ex:DERs
@NathanSWallace www.nathanswallace.org
KeyTakeawaysfromProtectionandControlEngineering
Security:“Thefacetofreliabilitythatrelatestothedegreeofcertaintythatarelayorrelaysystemwillnotoperateincorrectly.”cyberdeviceor
NortheastOutage2003
ArizonaOutage2007
FPLOutage2008
UkraineAttack2016
LoadLost 61,800MW 400MW 4,300MW 230,000Customers
Intent Unintentional Unintentional Unintentional Intentional
Cyber Yes Yes Yes Yes
Areallgridcyber-eventsmaliciousandintentional?
@NathanSWallace www.nathanswallace.org
TaxonomyofPowerGridCyber-Events
Malicious
Unintentional
95%-99%Known
1 2 3
45
n
…
nthupdateatSub1
nthupdateatSubN
PathBIndustryTechnical
Standards&BestPractices
Energized
PathAReview
Design
ProactiveorReactive
@NathanSWallace www.nathanswallace.org
CyberInfrastructure(Computation&Communication)
PhysicalInfrastructure(FlowofPower)
Inputs:Currents,Voltages,Impedance,Status(open,close,lockout)
Output:Open/CloseBkr,+/-Vars,
Inputs:Topology,trafficflows,deeppacketinspection,communicationstate,
stateofphysicalpowersystem
Output:ForthemostpartNOTHING!
KeyTakeawaysfromProtectionandControlEngineering
ProtectionandControloftheModernizedGrid
@NathanSWallace www.nathanswallace.org
CyberInfrastructure(Computation&Communication)
ProtectionandControloftheModernizedGrid
PhysicalInfrastructure(FlowofPower)
Identify
Detect
Respond
Recover
Protect
Tasks
NIST.FrameworkforImprovingCriticalInfrastructureCybersecurity,V1,2014
-CyberAssets,Zones
-Controls,Firewalls,data-diodes,IEDsettingconfiguration
-Controls,Relays,RTUs,EMS,IEDsettingconfiguration
-Loads,transformers,Zones
-IEDs,Relays,RTUs,SCADA,Firewalls,IDS,SIEMs
-RelayProtectionLogic,Primary&Back-up,SCADA
-Isolatefault,reclose,lockout,open,close,SOE
-open,close,+/-Vars,Improvements
-Removeaccess,droppackets,SoE,ICSDigitalforensics
-Backups,Replace,Improvements
@NathanSWallace www.nathanswallace.org
Filledboxmethod(IEEEStdPC37.2)
KeyTakeawaysfromProtectionandControlEngineering
• OperationalOne-Line
CyberInfrastructure(Computation&Communication)
PhysicalInfrastructure(FlowofPower)
DocumentingProtection&Control
• AFirewallina‘CommunicationsOne-Line’
PSCCWGS7-ElectricalPowerSystemCyberDeviceFunctionNumbers,Acronyms,andDesignations
c50–Rolebasedaccesscontrolc51–Reportcybereventstomasterc52–Cyber-eventconcentrator(RTU)c53–Cyber-eventconverter,(DNP->Syslog)c54–Logcyber-eventslocallyc56-Antivirusc57–Enablehostfirewallc58–Intrusiondetectionc59–Intrusionpreventionc60–Webaccessc61– Emailalerts
@NathanSWallace www.nathanswallace.org
KeyTakeawaysfromProtectionandControlEngineering
PSCCWGS8–GuideforTestingPowerSystemCybersecurityControls
CyberInfrastructure(Computation&Communication)
PhysicalInfrastructure(FlowofPower)
Testing&CommissioningProtection&Control
IEEEStdC37.233-2009“GuideforPowerSystemProtectionTesting”
• TestingLogic
• End-to-EndBinary/Analogs
OtherthancommunicationchecksNOTHING!
• 1stNERC-CIPauditofassetownerinTNrevealedoverhalfofthefirewallsweremisconfigured.
• Anotherassetownerhadmultiplecyberrelated
alarmsenabledintheIEDs,buttheywerenotbeingmonitored.
InjectPT/CTSignals
Trip?
IEDn
@NathanSWallace www.nathanswallace.org
Safety Reliability
ThankYou!
NathanWallace@NathanSWallace
Dir.CyberEngineeringStaffEngineer