Veena kakati
-
Upload
veena-kakati -
Category
Engineering
-
view
45 -
download
0
Transcript of Veena kakati
![Page 1: Veena kakati](https://reader031.fdocuments.us/reader031/viewer/2022012402/55ceae33bb61ebb3528b474a/html5/thumbnails/1.jpg)
seminar on
CYBER SECURITY FOR SUBSTATION AUTOMATION SYSTEMS
byVeena Vijay Kakati
(USN : 2JI14EPS )
Department of Electrical & Electronics Engineering
[Affiliated by AICTE, recognized research center of VTU Belgavi]
Jain Engineering College, Belgavi
J G I
Under the guidance ofProf. Shubha Baravani
EEED,JCE,BELAGAVI
1
M.Te
ch., P
SE, E
EE, JC
E, B
ela
gavi
![Page 2: Veena kakati](https://reader031.fdocuments.us/reader031/viewer/2022012402/55ceae33bb61ebb3528b474a/html5/thumbnails/2.jpg)
CONTENTS
INTRODUCTION OVERVIEW OF SCADA
Components of SCADA Common vulnerabilities of scada
RECENT CASES OF THREATS SYSTEMATIC APPROACH TO ENHANCE CYBER
SECURITY Standards to be followed Types of cyber security threats Key requirements for substation
COMMON TECHNOLOGIES FOR CYBER SECURITY
CONCLUSION REFERENCES 2
![Page 3: Veena kakati](https://reader031.fdocuments.us/reader031/viewer/2022012402/55ceae33bb61ebb3528b474a/html5/thumbnails/3.jpg)
INTRODUCTION
Many automation and power control systems are integrated into the ‘Smart Grid’ concept for efficiently managing and delivering electric power. This integrated approach has created several challenges that need to be taken into consideration such as cyber security issues, information sharing, and regulatory compliance.
![Page 4: Veena kakati](https://reader031.fdocuments.us/reader031/viewer/2022012402/55ceae33bb61ebb3528b474a/html5/thumbnails/4.jpg)
OVERVIEW OF SCADA
SCADA systems lie at the heart of power utility control networks and monitors the entire power control system in real time.
The devices allow utilities such as power plants, to remotely control and monitor power generation devices and substations over phone lines, radio links and, IP networks
4
![Page 5: Veena kakati](https://reader031.fdocuments.us/reader031/viewer/2022012402/55ceae33bb61ebb3528b474a/html5/thumbnails/5.jpg)
COMPONENTS OF SCADA SYSTEM
A Human-Computer Interface A computer (supervisor) Remote Terminal Units (RTU) Programmable Logic Controllers (PLC) Communication between the RTU and the
computer
5
![Page 6: Veena kakati](https://reader031.fdocuments.us/reader031/viewer/2022012402/55ceae33bb61ebb3528b474a/html5/thumbnails/6.jpg)
COMMON VULNERABILITIES Category Common Vulnerability
Poor code Quality Use of potentially dangerous functions in the code
Vulnerable Services Poor authentication, Clear text authentication. No password, Weak password
Network Protocol Implementations Buffer Overflow is possible, Lack of bounds checking in the service
Information disclosure Unencrypted communication , weak protection of users credentials
Network component configuration vulnerabilities
Access to specific ports on the host not restricted to required IP address, Port security not implemented on network equipment
![Page 7: Veena kakati](https://reader031.fdocuments.us/reader031/viewer/2022012402/55ceae33bb61ebb3528b474a/html5/thumbnails/7.jpg)
RECENT CASES OF POWER THREATS
Chinese PLA hackers are blamed to have accidentally triggered the power shortage in Florida, in April 2009.
In July 2010, the Windows computer worm, Stuxnet, was propagated in the industrial software and equipment. The worm was targeted only to Siemens SCADA with a highly specific payload to reprogram the operation of attached uranium refining centrifuges in Iranian facilities.
![Page 8: Veena kakati](https://reader031.fdocuments.us/reader031/viewer/2022012402/55ceae33bb61ebb3528b474a/html5/thumbnails/8.jpg)
WHAT IS CYBER SECURITY REQUIREMENT ?
Confidentiality
Integrity
Availability
Unauthorised access to Infomation
UnauthorisedModification or Theft of Infomation
Denial of Service orPrevention ofAuthorised Access
![Page 9: Veena kakati](https://reader031.fdocuments.us/reader031/viewer/2022012402/55ceae33bb61ebb3528b474a/html5/thumbnails/9.jpg)
SYSTEMATIC APPROACH TO ENSURE CYBER SECURITY
Standards Main focus
IEC 61850 Substation Communication Requirements
IEC 62351 Cover Security Information
NISTIR 7628 A tool and set for implementation Smart Grid
NERC CIP It is an international regulatory authority established to evaluate the reliability of the bulk power system
IEEE 1686-2007 Security for IED’s
![Page 10: Veena kakati](https://reader031.fdocuments.us/reader031/viewer/2022012402/55ceae33bb61ebb3528b474a/html5/thumbnails/10.jpg)
CYBER SECURITY THREATS TO SUBSTATION NETWORKS
Deliberate threat
Inadvertent threat
10
![Page 11: Veena kakati](https://reader031.fdocuments.us/reader031/viewer/2022012402/55ceae33bb61ebb3528b474a/html5/thumbnails/11.jpg)
11
FOR NETWORK SECURITY
For network security, general security mechanism is AAA (Authentication, Authorization and Accounting).
The following technologies can be applied using the AAA standard.
SNMPv3: Simple Network Management Protocol.
RADIUS: Remote Authentication Dial in User Service.
TACACS: TACACS stands for Terminal Access Controller Access-Control System.
SSH: Secure Shell
![Page 12: Veena kakati](https://reader031.fdocuments.us/reader031/viewer/2022012402/55ceae33bb61ebb3528b474a/html5/thumbnails/12.jpg)
12
OTHER TECHNOLOGIES FOR CYBER SECURITY
The following technologies can address data security issues in substation communication networks.
Switch Level Security Router Level Security Firewall Level Security Gateway Security VPN
OpenVPNIPSec
![Page 13: Veena kakati](https://reader031.fdocuments.us/reader031/viewer/2022012402/55ceae33bb61ebb3528b474a/html5/thumbnails/13.jpg)
13
CONCLUSION
Cyber Security tools help to protect and control the data that may need to traverse untrusted network paths located near substation networks.
Cyber Security maintains the reliability and safety of control systems and reduces operational expenses in substations.
![Page 14: Veena kakati](https://reader031.fdocuments.us/reader031/viewer/2022012402/55ceae33bb61ebb3528b474a/html5/thumbnails/14.jpg)
REFERENCES
[1]. A thesis by Venkatraman Sridharan. Georgia Institute “Cyber Security in Power Systems” of Technology May 2012. [2]. ABB’s Manual & ABB “White paper manual for cyber security”- Dec-2010. [3]. Hirschmann , WP 1004HE – Part 5 , “White Paper – Data Communication in Substation Automation System (SAS)” Cyber security in substation communication network. [4]. S. Siddharth and G. Manimaran, “Data integrity attacks and their impacts on SCADA control system” IEEE PES General Meeting, 2010
![Page 15: Veena kakati](https://reader031.fdocuments.us/reader031/viewer/2022012402/55ceae33bb61ebb3528b474a/html5/thumbnails/15.jpg)
THANK YOU