SlideShare ist ein Scribd-Unternehmen logo

Substation Cyber Security Protecting Automated Systems

Schneider Electric
Schneider Electric

This document discusses cyber security for substation automation systems. It notes that substation systems are now increasingly connected via Ethernet and IP-based protocols, introducing cyber security risks. The document outlines various potential threats including internal attackers, suppliers, hackers, criminals, and terrorists. It examines vulnerabilities in substation systems like slow processors, real-time operating systems, communications media, open protocols, lack of authentication, and centralized administration. The document proposes measures to enhance security such as access control, encryption, authentication, and intrusion detection. Overall, the document analyzes cyber security risks for substation automation and proposes strategies to protect, detect, and recover from potential intrusions or attacks.

Technologie
1 von 18
Downloaden Sie, um offline zu lesen
Substation Cyber Security Protecting the automated control system June 2012 Make the most of your energy SM
Summary Executive Summary . ................................................................................... p 1 Introduction ................................................................................................. p 2 Substation systems: security threat targets................................................... p 4 Vulnerability of the substation automation system ........................................ p 6 Measures to enhance substation automation system.................................... p 9 Addressing cyber security for the substation automation system . ................ p 13 Conclusion................................................................................................... p 15
Substation Cyber Security Executive summary The electric power grid has changed significantly over the past decade and continues to change as technology evolves. More and more, new-generation substation control systems are based on open standards and commercial technology, including Ethernet and TCP/IP based communication protocols such as IEC 60870-5-104, DNP 3.0 or IEC 61850. While this change in technology has brought about huge operational benefits, it has introduced cyber security concerns and a potential challenge to network reliability. Electronic intrusion into a substation can misdirect or terminate service, and this intrusion can be from internal individuals or external hackers or organizations. Many substation control and diagnostic systems in deployment were not designed for real-time security functionality and centralized system administration with robust access control. Utilities must implement policies to protect their substation systems against intrusion from within and from outside the corporate network. Further, they must be able to detect intrusion when it does occur to eliminate future untoward effects. Finally, they need to be prepared with planned response and restoration that not only returns targeted functionality but can improve system security. The global power industry has stepped up its focus on cyber security for control and automation systems, and standards are in place identifying the functionalities required for secure substation operation. Utilities looking to protect against cyber attack on their substation automation systems must implement the SCADA, RTU and IED solutions that incorporate proven-technology and the security mechanisms meeting these standards. White paper | 01
Substation Cyber Security Introduction Traditionally, an electric utility’s concerns regarding substation asset security centered on physical threats, both natural and human. In locations other than those experiencing civil strife, the primary human threat was considered to be a single, disgruntled employee; an angry customer; or a politically motivated vandal. In any of these cases, the malfeasant had to be within, or physically close to, the substation to cause damage. To protect assets from these human threats, the utility used fences, locked gates, security cameras, SCADA- monitored intrusion alarms and occasional onsite monitoring visits by utility security staff. More recently, both the nature and magnitude of the threat to substation assets have changed. Now, the equipment for monitoring and controlling substation devices is usually connected by communication lines to wide-area networks potentially accessible by the general public. Consequently, an individual seeking to damage utility assets can do so from places hundreds or thousands of kilometers distant and potentially impact multiple substations simultaneously. The magnitude of the threat also has changed. Organized and well-funded groups have publicly stated their goal of damaging key elements of society’s critical infrastructure. Evidence shows that some organizations have been gathering information about public utilities and investigating the electronic defenses of corporate computing networks. Probes specifically targeting the business systems of electric utilities have been documented. However, because substations generally do not have firewalls or intrusion detection systems, it is not possible to know if they are being targeted. This paper addresses the nature of cyber threats, their potential to damage utility assets and the means to detect and recover from them. White paper | 02
Substation Cyber Security
Substation Cyber Security Substation systems: security threat targets The IEEE 1402 standard refers to cyber intrusions as ‘electronic intrusions’ and defines them as “Entry into the substation via telephone lines or other electronic- based media for the manipulation or disturbance of electronic devices. These devices include digital relays, fault recorders, equipment diagnostic packages, automation equipment, computers, programmable logic controllers, and communication interfaces.” Power substation security threats are primarily related to the ability to remotely access protection, control, automation and SCADA equipment. Through a power substation’s communications vulnerability, an electronic intruder could access the substation SCADA system. Inappropriate circuit breaker other utilities, as well as industry equipment suppliers, operation sequence would result in an electric arc contractors and consultants, are well acquainted between the contacts of the disconnector and high- with the hardware, software, architecture and rate optic and acoustic phenomena. Manifesting as communication protocols implemented in substation an explosion, the event would spray melted metal operations. Often, the suppliers of hardware, and result in an inter-phase short circuit. software, and services to the utility industry are granted the same level of trust and access as the Such a failure would lead to complete destruction of utility individuals themselves – making the definition of the disconnector and partial or complete destruction an ‘insider’ much more broad. of other components in the substation, along with disturbance in substation operation and interruption Further, a utility employee who has access keys of energy supply to consumers. Personnel can be and passwords can be motivated by the prospect seriously injured. Depending on the state of the of financial gain from making that information power system at the moment of switching operation, available. Computer-based systems at substations the incorrect switching sequence could also cause contain data of value to a utility’s competitors as a large power system failure and compromise the well as information – such as the electric load of a safety of the electric power system. customer industrial plant – that might be of value to that customer’s competitors. Certainly, corporate Internal attackers. Investigations of threats to employees are approached to provide interested corporate computer hardware and software systems parties with valuable information; it can’t be ruled typically reveal that the majority of attacks come from out that a similar situation could occur with utility internal sources. Substation control systems and employees who have access to substation systems. intelligent electronic devices (IEDs) are different from Further, the possibility exists of an employee being those at work in corporations, in that information bribed or blackmailed to cause physical damage or about their computer hardware and software systems to disclose privileged information that would enable is not well known to the general public. However, other parties to cause damage. White paper | 04
Substation Cyber Security Suppliers. A potential threat exists with employees Terrorists. The most serious security concern is of substation equipment suppliers, who also have with those antagonists, domestic or foreign, who access to – or the knowledge that enables access have the resources to mount a serious attack. They to or damage of – substation assets. One access can be quite knowledgeable, since the computer- path is through the diagnostic port of the substation based systems that outfit a substation are sold with monitoring and control equipment. It is common minimal export restrictions worldwide – complete with that the manufacturer of a substation device has documentation and operational training. The danger the ability to establish an Internet link or telephone from an attack mounted by an organized hostile connection with the device for the purpose of power is increased by the fact it can occur in many performing diagnostics. An unscrupulous employee places simultaneously and would likely be coupled of the manufacturer could use this link to cause with other cyber, physical, or biological attacks aimed damage or gather confidential information, as has at crippling response capabilities. happened many times in other industries. Employees of the utility or equipment supplier also can illicitly access computer-based substation equipment via the communications paths into the substation. Hackers. Other potential intruders include the hacker who is simply browsing and probing for weak links to penetrate corporate defenses and the individual who is motivated to cause damage by a grievance against the utility or against society in general. Criminals. Another potential security problem lies with those who threaten to do damage, in the attempt to extort money, or attempt to access confidential corporate records, such as the customer database, for sale or use. White paper | 05
Substation Cyber Security Vulnerability of the substation automation system Conventional computer systems have always been susceptible to those exploiting programming errors in operating systems and application software; cracking user passwords; taking advantage of system installations that leave extraneous services and open ports susceptible; and penetrating improperly configured firewalls that do guard against unauthorized communications. In addition to these common vulnerabilities, the control and diagnostic systems in substations have a number of system-related cyber security vulnerabilities – Slow processors One way to strengthen the privacy and authenticity The remote terminal units (RTUs) and IEDs in some of messages transmitted across insecure channels substation systems use early microprocessor is to use encryption. However, encryption technique technology. They have limited memory and often often is too resource-intensive for most current IEDs have to meet stringent time constraints on their and many existing substation automation systems. communications. With microprocessors that do not Further, many substation communications channels have the processing capability to support additional do not have sufficient bandwidth for the transmission computational burden, it is not feasible to enhance of longer, block-encrypted messages. communications security through data message encryption. Real-time operating systems Design of the real-time operating systems embedded within many IEDs poses another security risk. Some suppliers of these embedded operating systems have not had to meet the requirements for secure communications. Their software systems were designed to operate in an environment focusing on deterministic response to events; information security was a lower priority. White paper | 06
Substation Cyber Security Communications media The data messages that substation IEDs exchange In addition, much of the data traffic to and from a with the outside world are often transmitted over substation travels over wireless networks. Intruders media that are potentially open to eavesdropping with the proper equipment can record and interpret or active intrusion. Dial-in lines are common, and data exchanges and can insert their own messages the IED will accept phone calls from anyone who to control power system devices. knows its phone number. Many IEDs are IP (Internet protocol)-enabled, which means they can be addressed by computers connected to the Internet. Open protocols Many protocols have been used for communications An RTU test set usually involves a portable device between the substation and the utility control center. and communications port with a user interface that In the past, these protocols typically were vendor- interprets the messages being sent to and from the specific and proprietary. However, in recent years RTU or IED, allowing the user to define and issue the majority of communications implementations commands to the substation device. An intruder have been executed to the IEC 60870-5 standard can patch into the communications channel to a (in Europe), the DNP3 standard (in North America), substation and use a test set to operate devices at or – to much less extent – the IEC 60870-6 TASE.2 the substation. standard, also called ICCP. These protocols are non- proprietary, well documented and available to the general public. When these protocols were designed, security was not a key issue. Lack of authentication Communication protocols in current use do not provide a means for confirming each other’s identity and securing data exchange. An intruder with access to a communications line to a controllable device can execute a control in the same manner as an authorized user. Intruders can also mimic a data source and substitute invalid data. In most cases, the program receiving the data does not perform validation that would detect this kind of interference. White paper | 07
Substation Cyber Security Lack of centralized system administration Unlike the IT domain, where there is a central system personnel who have no reason for access. They would administrator to designate and track authorized users, be able to perform critical functions such as assigning substation automation system users often are their passwords, assigning log-in IDs, configuring the own system administrators and have the authority to system and adding or deleting software. perform all security functions. This situation can make access to substation automation systems available to Large numbers of remote devices A typical utility has from several dozen to several hundred substations at geographically dispersed locations, and each automated substation typically has many IEDs. Therefore, there is a high cost to implement any solution that requires upgrading, reprogramming or replacing the IEDs. White paper | 08
Substation Cyber Security Addressing cyber security for the substation automation system The strategies for enhancing cyber security of control and diagnostic systems at substations are the same as those that would be applied for other corporate computer systems: (1) prevent cyber intrusion where possible; (2) detect intrusion where it could not be prevented; (3) recover from an intrusion after detection; and (4) use the experience to improve preventive measures. Protecting Substation Systems Intrusion from inside the corporate network. With substation control and monitoring systems connected to the utility’s corporate wide-area network, a large potential threat to these systems exists from unauthorized users on that corporate network. The corporate network should be made as secure as possible – • he most important measure is one of the simplest: T ensuring that all default passwords have been removed from all substation systems and that there are no accounts without any password. • ser passwords should not be simplistic. U However, passwords that are difficult to guess are also difficult to remember. Procedures should discourage users from posting their passwords on the terminal of the system being protected. • asswords should be immediately terminated as P soon as its owner leaves employment or changes job assignments. Intrusion from outside the corporate network. • ifferent sets of privileges should be established for D The possibility of intrusion by outsiders who have different classes of users. For example, some users gained direct access to substation devices through should be allowed only to view historical substation unprotected communications channels poses data. Other users might be permitted to view only new challenges to the cyber security of substation real-time data. Operators should be given only systems. control privileges, and relay engineers’ authority The SCADA communication line links the utility should be limited to changing relay settings. control center and the substation. This line carries White paper | 09
Substation Cyber Security real-time data from substation devices to dispatchers at the control center and controls messages from the dispatchers back to the substation. In the case of substation automation, a data concentrator or a substation automation host processor serves as the RTU in sending substation data to the control center and in responding to the dispatcher’s control commands. A variety of media, such as power line, leased lines, microwave, multiple-address radio, satellite- based communications, fiber optic cable and others, are used to connect the substation RTU with the control center. It is quite common for communications from control center to substation to use different media along different There are two lines of defense that a utility can segments of the path. Some of these media, take – especially the wireless ones, are subject to eavesdropping or active intrusion. At least one • trengthening the authentication of the user S case has been reported in which an intruder confirms the identity of the prospective IED user. used radio technology to commandeer SCADA As the very first step, the utility should ensure communications and sabotage the system. Of that the default passwords originally supplied the many alternatives, using fiber optics offers the with the IEDs are changed and that a set of most security against SCADA communications strong passwords are implemented. intrusion. • Encrypting communications between the In substation integration and automation user and the IED to ensure that only users in systems, IEDs intrinsically support two-way possession of the secret key would be able communications. Once the user has logged on to to interpret data from the IED and change IED the IED, the user can use the connection to: parameters. • Acquire data that the IED has stored Note: once the industry has agreed on a standard technique for encrypting messages, • hange the parameters of the IED, such as the C IED manufacturers can plan for economies of settings of a protective relay scale. If there is a demand for encryption of IED communications, and industry-wide consensus • Perform diagnostics on the IED on the approach, IED manufacturers will develop an effective way to embed the algorithm in the • ontrol the power system device connected to C processor of IEDs at little incremental cost. the IED; that is, operate a circuit breaker White paper | 10
Substation Cyber Security Detecting Intrusion While it is extremely important to prevent intrusions to a security breach instead of some other failure into one’s systems and databases, an axiom of cyber such as a voltage transient, relay failure or software security is that any intrusions must be detected, bug. because an intruder who gains control of a substation computer can gather data – including the log-on For these reasons, it is important to make every passwords of legitimate users – and use that data at effort to detect intrusions when they occur and derail a later time to operate power system devices. Further, future data manipulation by the intruder. To this the intruder can set up a mechanism, sometimes end, a number of IT security system manufacturers referred to as a ‘backdoor’, that will allow easy have developed intrusion detection systems (IDS). access at a future time. These systems are designed to recognize intrusions, based on parameters such as communications If no obvious damage was done at the time of the attempted from unauthorized or unusual addresses intrusion, it can be very difficult to detect that the and an unusual pattern of activity, and generate logs software has been modified. For example, if the goal of suspicious events. This response allows system of the intrusion was to gain unauthorized access administrators, control engineers and operators to utility data, the fact that another party is reading to apply solutions powered by security event confidential data might never be noticed. Even when management technology to quickly recognize and the intrusion does intentionally open a circuit breaker respond to events impacting security, compliance on a critical circuit or cause other damage, it might and operational efficiency. not be at all obvious that the false operation was due Responding to Intrusion The ‘three Rs’ of response to cyber intrusion are as evidence in court in the event the intruder is recording, reporting, and restoring – apprehended. However, due to the high frequency of SCADA communications, the low cost of substation Theoretically, it would be desirable to record all communications equipment, and the fact that data communications into and out of all substation substations are distant from corporate security staff, devices. If an intruder successfully attacks the it might be impractical to record all communications. system, the recordings could be used to determine System owners will probably defer any attempts what technique the intruder used to modify the to record substation data communications until system and then close that particular vulnerability. (a) storage media are developed that are fast, voluminous and inexpensive, or (b) SCADA-oriented Recording would be invaluable in helping identify intrusion detection systems are developed that can the intruder. Further, a recording made in a way filter out usual traffic and record only the deviant that is demonstrably inalterable can be admissible patterns. White paper | 11
Substation Cyber Security But even if the communications sequence responsible for an intrusion is neither detected nor recorded when it occurs, it is essential that procedures be developed for the restoration of service after a cyber attack. It is extremely important that the utility maintain backups of the software of all programmable substation units and documentation of all IED standard parameters and settings. After the utility suspects an intrusion or determines that a particular programmable device has been compromised, the software should be reloaded from the secure backup. If the settings on an IED had been illicitly changed, the original settings must be restored. Unless the nature of the breach of security is known and can be repaired, the utility should seriously consider taking the device off line or otherwise making it inaccessible to prevent a future exploitation of the same vulnerability. White paper | 12
Substation Cyber Security Addressing cyber security for the substation automation system Cyber security risks were inherited when open IT standards were adopted. Fortunately, this movement also inspired the development of cyber security mechanisms in a large number of enterprise environments to address these risks. Substation automation system providers are taking a systematic, global approach, continuously adapting to meet changing demand through standardization and proactive RD efforts. Standards activity addresses cyber security requirements both at the system level and the product level and includes – • IST SGIP-CSWG Smart Grid Interoperability Panel N – Cyber Security Working Group • ERC CIP Cyber Security regulation for North N Security mechanisms designed and developed American power utilities specifically for substation automation systems use proven technology to support advanced account • EC 62351 Data and Communications Security I management and detailed security audit trails in RTUs/IEDs and SCADA. Utilities should look for cyber • EEE PSRC/H13 Cyber Security Requirements for I security solutions that enable: Substation SUB/C10 Automation, Protection and Control Systems • ser account management – Supports user U authentication and authorization at the individual- • EEE 1686 IEEE Standard for Substation I user level. User authentication is required and Intelligent Electronic Devices (IEDs) Cyber Security authorization is enforced for all interactive access to Capabilities the device. • SA S99 Industrial Automation and Control System I • ser accounts – Allows full management of user U Security accounts, including creating, editing and deleting. User names and passwords can be configured Verified antivirus software protects station according to user‘s requirements. computers from attacks and viruses. Cyber security also can be improved by limiting the use of removable media in the station computers. White paper | 13
Substation Cyber Security • Role-based access control – Enables each • External security clients – Sends security user account to be assigned a specific role, and events to external security log clients such user roles can be added, removed and changed as the Security Event Manager, which uses a as needed. monitoring and response device for visibility of real time security events. • assword complexity – Enforces password P policies with minimum password length, • ecurity events to control system – Sends S maximum password lifetime and use of security events and alarms via host protocol to lower case, upper case, numeric and special the control systems. User configures settings for characters. security alarms. • HTTPS support – Permits encrypted • VPN function – Offers one encrypted channel communication between the web browser and between the SCADA or RTU and the IPsec the RTU. A standard browser can be utilized Router on the user’s side. The VPN tunnel such as Internet Explorer or Firefox. In addition, provides confidentiality, integrity and authenticity. self-signed certificates, pre-installed at web A secure communication via public networks client, can be used. with fixed IP addresses is possible. The authentication is managed with pre-shared keys. • ocal logging – Creates audit trails (log files) L of all security-relevant user activities. Security events logged include user login, logout, change of parameters, configurations and updates of firmware. For each event, the date and time, user, event ID, outcome and source of event is logged. Access to the audit trail is available to authorized users only. White paper | 14
Substation Cyber Security Conclusion The electric utility’s concern about cyber security of its substation automation systems is well founded. These systems are, in several ways, even more subject to intrusion than conventional computer systems. Yet, the utility has many options for preventing and detecting electronic intrusion from within its organization and from outside the corporate network. Substation automation system providers have identified cyber security as a key requirement and are designing and developing solutions, using proven technology, to provide advanced account management and detailed security audit trails for their network RTUs, IEDs and SCADA. White paper | 15
©2012 Schneider Electric. All rights reserved. Schneider Electric USA, Inc. 4701 Royal Vista Circle Fort Collins, CO 80528 Phone: -866-537-1091 1 + (34) 9-17-14-70-02 Fax: 1-970-223-5577 www.schneider-electric.com/us July 2012

Empfohlen

Maquinas sincronas y de cd
Maquinas sincronas y de cdMaquinas sincronas y de cd
Maquinas sincronas y de cd20_masambriento
 
Power Quality Issues _Literature Survey
Power Quality Issues _Literature SurveyPower Quality Issues _Literature Survey
Power Quality Issues _Literature SurveyKetan Bhavsar
 
Subestaciones radiales y nadal
Subestaciones radiales y nadalSubestaciones radiales y nadal
Subestaciones radiales y nadalPitoVictorManuel
 
Motores monofasicos de fase partida
Motores monofasicos de fase partidaMotores monofasicos de fase partida
Motores monofasicos de fase partidaasc99
 
Power angle curve calclation
Power angle curve calclationPower angle curve calclation
Power angle curve calclationSanthi Anumula
 
Manual de sistemas de protecciones
Manual de sistemas de proteccionesManual de sistemas de protecciones
Manual de sistemas de proteccionesAlejandro Alfonso
 
Acoplamiento de inductancias
Acoplamiento de inductanciasAcoplamiento de inductancias
Acoplamiento de inductanciasmaria arellano
 
Automatic Load Frequency Control ppt.pdf
Automatic Load Frequency Control ppt.pdfAutomatic Load Frequency Control ppt.pdf
Automatic Load Frequency Control ppt.pdfPhenomAssassin
 

Empfohlen

Maquinas sincronas y de cd
Maquinas sincronas y de cdMaquinas sincronas y de cd
Maquinas sincronas y de cd20_masambriento
 
Power Quality Issues _Literature Survey
Power Quality Issues _Literature SurveyPower Quality Issues _Literature Survey
Power Quality Issues _Literature SurveyKetan Bhavsar
 
Subestaciones radiales y nadal
Subestaciones radiales y nadalSubestaciones radiales y nadal
Subestaciones radiales y nadalPitoVictorManuel
 
Motores monofasicos de fase partida
Motores monofasicos de fase partidaMotores monofasicos de fase partida
Motores monofasicos de fase partidaasc99
 
Power angle curve calclation
Power angle curve calclationPower angle curve calclation
Power angle curve calclationSanthi Anumula
 
Manual de sistemas de protecciones
Manual de sistemas de proteccionesManual de sistemas de protecciones
Manual de sistemas de proteccionesAlejandro Alfonso
 
Acoplamiento de inductancias
Acoplamiento de inductanciasAcoplamiento de inductancias
Acoplamiento de inductanciasmaria arellano
 
Automatic Load Frequency Control ppt.pdf
Automatic Load Frequency Control ppt.pdfAutomatic Load Frequency Control ppt.pdf
Automatic Load Frequency Control ppt.pdfPhenomAssassin
 
Motor Electrico
Motor Electrico Motor Electrico
Motor Electrico Cintia E
 
inverter & its application in power system
inverter & its application in power system inverter & its application in power system
inverter & its application in power system Deepak singh Chauhan
 
Vibraciones mecánicas
Vibraciones mecánicasVibraciones mecánicas
Vibraciones mecánicasLuis Humberto Bolivar moreno
 
An presentation on power system stability
An presentation on power system stability An presentation on power system stability
An presentation on power system stability Northwestern University Khulna, Bangladesh
 
Power system security
Power system securityPower system security
Power system securityAdani Institute of Infrastructure Engineering College
 
Unit 3 FACTS Technology
Unit 3 FACTS TechnologyUnit 3 FACTS Technology
Unit 3 FACTS TechnologySANTOSH GADEKAR
 
SUBESTACIONES ELECTRICAS
SUBESTACIONES ELECTRICASSUBESTACIONES ELECTRICAS
SUBESTACIONES ELECTRICASCarlos Ordorica
 
Preinforme rectificador controlado
Preinforme rectificador controladoPreinforme rectificador controlado
Preinforme rectificador controladoLautaro Narvaez
 
Generalidades control electrico (1)
Generalidades control electrico (1)Generalidades control electrico (1)
Generalidades control electrico (1)Jonathan Marret
 
Comparision of svc and statcom
Comparision of svc and statcomComparision of svc and statcom
Comparision of svc and statcomjawaharramaya
 
Vinay report
Vinay reportVinay report
Vinay reportVinay Singh
 
Load flow studies
Load flow studiesLoad flow studies
Load flow studiesDarshil Shah
 
Cuestionario de Maquinas Eléctricas I
Cuestionario de Maquinas Eléctricas ICuestionario de Maquinas Eléctricas I
Cuestionario de Maquinas Eléctricas IFco José Alemán Urbina
 
Motor de induccion diapositiva.
Motor de induccion diapositiva.Motor de induccion diapositiva.
Motor de induccion diapositiva.Rafael Sandoval
 
Swing equation
Swing equationSwing equation
Swing equationDarshil Shah
 
Taller 1 Hernando Pallares.docx
Taller 1 Hernando Pallares.docxTaller 1 Hernando Pallares.docx
Taller 1 Hernando Pallares.docxHernandoPallares1
 
single-phase-lab-report
single-phase-lab-reportsingle-phase-lab-report
single-phase-lab-reportMalik Zaid
 
Primera unidad simbología y normatividad
Primera unidad simbología y normatividadPrimera unidad simbología y normatividad
Primera unidad simbología y normatividadfernando hernandez
 
Applications of power electronics in HVDC
Applications of power electronics in HVDCApplications of power electronics in HVDC
Applications of power electronics in HVDCKabilesh K
 
Lecture 2 Servomotors - Basics & Working
Lecture 2 Servomotors - Basics & WorkingLecture 2 Servomotors - Basics & Working
Lecture 2 Servomotors - Basics & WorkingManipal Institute of Technology
 
Buscando tu perfil profesional.Presentación por Javier Fe-Castell
Buscando tu perfil profesional.Presentación por Javier Fe-CastellBuscando tu perfil profesional.Presentación por Javier Fe-Castell
Buscando tu perfil profesional.Presentación por Javier Fe-CastellJavier Fe-Castell Benedito
 
Memoria venta aguas de alcázar
Memoria venta aguas de alcázarMemoria venta aguas de alcázar
Memoria venta aguas de alcázarpsoealcazar
 

Weitere ähnliche Inhalte

Was ist angesagt?

Motor Electrico
Motor Electrico Motor Electrico
Motor Electrico Cintia E
 
inverter & its application in power system
inverter & its application in power system inverter & its application in power system
inverter & its application in power system Deepak singh Chauhan
 
SUBESTACIONES ELECTRICAS
SUBESTACIONES ELECTRICASSUBESTACIONES ELECTRICAS
SUBESTACIONES ELECTRICASCarlos Ordorica
 
Preinforme rectificador controlado
Preinforme rectificador controladoPreinforme rectificador controlado
Preinforme rectificador controladoLautaro Narvaez
 
Generalidades control electrico (1)
Generalidades control electrico (1)Generalidades control electrico (1)
Generalidades control electrico (1)Jonathan Marret
 
Comparision of svc and statcom
Comparision of svc and statcomComparision of svc and statcom
Comparision of svc and statcomjawaharramaya
 
Motor de induccion diapositiva.
Motor de induccion diapositiva.Motor de induccion diapositiva.
Motor de induccion diapositiva.Rafael Sandoval
 
Taller 1 Hernando Pallares.docx
Taller 1 Hernando Pallares.docxTaller 1 Hernando Pallares.docx
Taller 1 Hernando Pallares.docxHernandoPallares1
 
single-phase-lab-report
single-phase-lab-reportsingle-phase-lab-report
single-phase-lab-reportMalik Zaid
 
Primera unidad simbología y normatividad
Primera unidad simbología y normatividadPrimera unidad simbología y normatividad
Primera unidad simbología y normatividadfernando hernandez
 
Applications of power electronics in HVDC
Applications of power electronics in HVDCApplications of power electronics in HVDC
Applications of power electronics in HVDCKabilesh K
 

Was ist angesagt? (20)

Motor Electrico
Motor Electrico Motor Electrico
Motor Electrico
 
inverter & its application in power system
inverter & its application in power system inverter & its application in power system
inverter & its application in power system
 
Vibraciones mecánicas
Vibraciones mecánicasVibraciones mecánicas
Vibraciones mecánicas
 
An presentation on power system stability
An presentation on power system stability An presentation on power system stability
An presentation on power system stability
 
Power system security
Power system securityPower system security
Power system security
 
Unit 3 FACTS Technology
Unit 3 FACTS TechnologyUnit 3 FACTS Technology
Unit 3 FACTS Technology
 
SUBESTACIONES ELECTRICAS
SUBESTACIONES ELECTRICASSUBESTACIONES ELECTRICAS
SUBESTACIONES ELECTRICAS
 
Preinforme rectificador controlado
Preinforme rectificador controladoPreinforme rectificador controlado
Preinforme rectificador controlado
 
Generalidades control electrico (1)
Generalidades control electrico (1)Generalidades control electrico (1)
Generalidades control electrico (1)
 
Comparision of svc and statcom
Comparision of svc and statcomComparision of svc and statcom
Comparision of svc and statcom
 
Vinay report
Vinay reportVinay report
Vinay report
 
Load flow studies
Load flow studiesLoad flow studies
Load flow studies
 
Cuestionario de Maquinas Eléctricas I
Cuestionario de Maquinas Eléctricas ICuestionario de Maquinas Eléctricas I
Cuestionario de Maquinas Eléctricas I
 
Motor de induccion diapositiva.
Motor de induccion diapositiva.Motor de induccion diapositiva.
Motor de induccion diapositiva.
 
Swing equation
Swing equationSwing equation
Swing equation
 
Taller 1 Hernando Pallares.docx
Taller 1 Hernando Pallares.docxTaller 1 Hernando Pallares.docx
Taller 1 Hernando Pallares.docx
 
single-phase-lab-report
single-phase-lab-reportsingle-phase-lab-report
single-phase-lab-report
 
Primera unidad simbología y normatividad
Primera unidad simbología y normatividadPrimera unidad simbología y normatividad
Primera unidad simbología y normatividad
 
Applications of power electronics in HVDC
Applications of power electronics in HVDCApplications of power electronics in HVDC
Applications of power electronics in HVDC
 
Lecture 2 Servomotors - Basics & Working
Lecture 2 Servomotors - Basics & WorkingLecture 2 Servomotors - Basics & Working
Lecture 2 Servomotors - Basics & Working
 

Andere mochten auch

Buscando tu perfil profesional.Presentación por Javier Fe-Castell
Buscando tu perfil profesional.Presentación por Javier Fe-CastellBuscando tu perfil profesional.Presentación por Javier Fe-Castell
Buscando tu perfil profesional.Presentación por Javier Fe-CastellJavier Fe-Castell Benedito
 
Memoria venta aguas de alcázar
Memoria venta aguas de alcázarMemoria venta aguas de alcázar
Memoria venta aguas de alcázarpsoealcazar
 
Increasing pre-booked capacity
Increasing pre-booked capacityIncreasing pre-booked capacity
Increasing pre-booked capacityAlexandra Ashton
 
2013 - Identificación con técnica FISH de bacterias filamentosas en MBR
2013 - Identificación con técnica FISH de bacterias filamentosas en MBR2013 - Identificación con técnica FISH de bacterias filamentosas en MBR
2013 - Identificación con técnica FISH de bacterias filamentosas en MBRWALEBUBLÉ
 
Activa egypt For Website Design Service in Egypt Cairo company profile
Activa egypt For Website Design Service in Egypt Cairo company profileActiva egypt For Website Design Service in Egypt Cairo company profile
Activa egypt For Website Design Service in Egypt Cairo company profileAhmed Farouk
 
Fueling a Culture of Sustainability: Using Behavior Design Technology to HR's...
Fueling a Culture of Sustainability: Using Behavior Design Technology to HR's...Fueling a Culture of Sustainability: Using Behavior Design Technology to HR's...
Fueling a Culture of Sustainability: Using Behavior Design Technology to HR's...WeSpire
 
Calidad empresarial, mil std-105 e
Calidad empresarial, mil std-105 eCalidad empresarial, mil std-105 e
Calidad empresarial, mil std-105 eJose Hereira
 
Tarea del sabado. etapa prenatal.
Tarea del sabado. etapa prenatal.Tarea del sabado. etapa prenatal.
Tarea del sabado. etapa prenatal.Elena Armijos
 
FHS- PARQUES INFANTILES PERSONALIZADOS
FHS- PARQUES INFANTILES PERSONALIZADOSFHS- PARQUES INFANTILES PERSONALIZADOS
FHS- PARQUES INFANTILES PERSONALIZADOSLURKOI
 
Flipkart (Consumer Behavior Buying Decision Process)
Flipkart (Consumer Behavior Buying Decision Process)Flipkart (Consumer Behavior Buying Decision Process)
Flipkart (Consumer Behavior Buying Decision Process)IMM Graduate School
 
Ohio Construction Seminar- "Dealing with One-Sided Public Contracts: Survivin...
Ohio Construction Seminar- "Dealing with One-Sided Public Contracts: Survivin...Ohio Construction Seminar- "Dealing with One-Sided Public Contracts: Survivin...
Ohio Construction Seminar- "Dealing with One-Sided Public Contracts: Survivin...Kegler Brown Hill + Ritter
 
HBR Accurate Response _ Making Supply Meet Demand in an Uncetain World
HBR Accurate Response _ Making Supply Meet Demand in an Uncetain WorldHBR Accurate Response _ Making Supply Meet Demand in an Uncetain World
HBR Accurate Response _ Making Supply Meet Demand in an Uncetain WorldAna Carina Villa, MBA
 
쉐어앤케어(shareNcare)
쉐어앤케어(shareNcare)쉐어앤케어(shareNcare)
쉐어앤케어(shareNcare)SocialNote
 
Blue Print Juice Advertising Strategy Plan
Blue Print Juice Advertising Strategy PlanBlue Print Juice Advertising Strategy Plan
Blue Print Juice Advertising Strategy PlanSona Martirosian
 
Python for Image Understanding: Deep Learning with Convolutional Neural Nets
Python for Image Understanding: Deep Learning with Convolutional Neural NetsPython for Image Understanding: Deep Learning with Convolutional Neural Nets
Python for Image Understanding: Deep Learning with Convolutional Neural NetsRoelof Pieters
 
Fréquentation et impact économique de La Loire à Vélo - Présentation des résu...
Fréquentation et impact économique de La Loire à Vélo - Présentation des résu...Fréquentation et impact économique de La Loire à Vélo - Présentation des résu...
Fréquentation et impact économique de La Loire à Vélo - Présentation des résu...Mission Val de Loire
 
Clase 5 tratamiento periodontal higienene bucal
Clase 5 tratamiento periodontal higienene bucalClase 5 tratamiento periodontal higienene bucal
Clase 5 tratamiento periodontal higienene bucal6224
 

Andere mochten auch (20)

Buscando tu perfil profesional.Presentación por Javier Fe-Castell
Buscando tu perfil profesional.Presentación por Javier Fe-CastellBuscando tu perfil profesional.Presentación por Javier Fe-Castell
Buscando tu perfil profesional.Presentación por Javier Fe-Castell
 
Memoria venta aguas de alcázar
Memoria venta aguas de alcázarMemoria venta aguas de alcázar
Memoria venta aguas de alcázar
 
Increasing pre-booked capacity
Increasing pre-booked capacityIncreasing pre-booked capacity
Increasing pre-booked capacity
 
2013 - Identificación con técnica FISH de bacterias filamentosas en MBR
2013 - Identificación con técnica FISH de bacterias filamentosas en MBR2013 - Identificación con técnica FISH de bacterias filamentosas en MBR
2013 - Identificación con técnica FISH de bacterias filamentosas en MBR
 
Capacitación operarios biométricos nueva
Capacitación operarios biométricos nuevaCapacitación operarios biométricos nueva
Capacitación operarios biométricos nueva
 
Activa egypt For Website Design Service in Egypt Cairo company profile
Activa egypt For Website Design Service in Egypt Cairo company profileActiva egypt For Website Design Service in Egypt Cairo company profile
Activa egypt For Website Design Service in Egypt Cairo company profile
 
Fueling a Culture of Sustainability: Using Behavior Design Technology to HR's...
Fueling a Culture of Sustainability: Using Behavior Design Technology to HR's...Fueling a Culture of Sustainability: Using Behavior Design Technology to HR's...
Fueling a Culture of Sustainability: Using Behavior Design Technology to HR's...
 
Calidad empresarial, mil std-105 e
Calidad empresarial, mil std-105 eCalidad empresarial, mil std-105 e
Calidad empresarial, mil std-105 e
 
Tarea del sabado. etapa prenatal.
Tarea del sabado. etapa prenatal.Tarea del sabado. etapa prenatal.
Tarea del sabado. etapa prenatal.
 
Quinolonas
QuinolonasQuinolonas
Quinolonas
 
FHS- PARQUES INFANTILES PERSONALIZADOS
FHS- PARQUES INFANTILES PERSONALIZADOSFHS- PARQUES INFANTILES PERSONALIZADOS
FHS- PARQUES INFANTILES PERSONALIZADOS
 
Flipkart (Consumer Behavior Buying Decision Process)
Flipkart (Consumer Behavior Buying Decision Process)Flipkart (Consumer Behavior Buying Decision Process)
Flipkart (Consumer Behavior Buying Decision Process)
 
CCSP Email 2.20.03
CCSP Email 2.20.03CCSP Email 2.20.03
CCSP Email 2.20.03
 
Ohio Construction Seminar- "Dealing with One-Sided Public Contracts: Survivin...
Ohio Construction Seminar- "Dealing with One-Sided Public Contracts: Survivin...Ohio Construction Seminar- "Dealing with One-Sided Public Contracts: Survivin...
Ohio Construction Seminar- "Dealing with One-Sided Public Contracts: Survivin...
 
HBR Accurate Response _ Making Supply Meet Demand in an Uncetain World
HBR Accurate Response _ Making Supply Meet Demand in an Uncetain WorldHBR Accurate Response _ Making Supply Meet Demand in an Uncetain World
HBR Accurate Response _ Making Supply Meet Demand in an Uncetain World
 
쉐어앤케어(shareNcare)
쉐어앤케어(shareNcare)쉐어앤케어(shareNcare)
쉐어앤케어(shareNcare)
 
Blue Print Juice Advertising Strategy Plan
Blue Print Juice Advertising Strategy PlanBlue Print Juice Advertising Strategy Plan
Blue Print Juice Advertising Strategy Plan
 
Python for Image Understanding: Deep Learning with Convolutional Neural Nets
Python for Image Understanding: Deep Learning with Convolutional Neural NetsPython for Image Understanding: Deep Learning with Convolutional Neural Nets
Python for Image Understanding: Deep Learning with Convolutional Neural Nets
 
Fréquentation et impact économique de La Loire à Vélo - Présentation des résu...
Fréquentation et impact économique de La Loire à Vélo - Présentation des résu...Fréquentation et impact économique de La Loire à Vélo - Présentation des résu...
Fréquentation et impact économique de La Loire à Vélo - Présentation des résu...
 
Clase 5 tratamiento periodontal higienene bucal
Clase 5 tratamiento periodontal higienene bucalClase 5 tratamiento periodontal higienene bucal
Clase 5 tratamiento periodontal higienene bucal
 

Ähnlich wie Substation Cyber Security Protecting Automated Systems

Cyber Security for SCADA
Cyber Security for SCADACyber Security for SCADA
Cyber Security for SCADARichard Umbrino
 
Encryption Security in SCADA Networks
Encryption Security in SCADA NetworksEncryption Security in SCADA Networks
Encryption Security in SCADA NetworksIJRES Journal
 
Cyber-Defensive Architecture for Networked Industrial Control Systems
Cyber-Defensive Architecture for Networked Industrial Control SystemsCyber-Defensive Architecture for Networked Industrial Control Systems
Cyber-Defensive Architecture for Networked Industrial Control SystemsIJEACS
 
IJSRED-V2I2P15
IJSRED-V2I2P15IJSRED-V2I2P15
IJSRED-V2I2P15IJSRED
 
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...Abhishek Goel
 
Booz Allen Industrial Cybersecurity Threat Briefing
Booz Allen Industrial Cybersecurity Threat BriefingBooz Allen Industrial Cybersecurity Threat Briefing
Booz Allen Industrial Cybersecurity Threat BriefingBooz Allen Hamilton
 
introduction to #OT cybersecurity for O&M teams.pdf
introduction to #OT cybersecurity for O&M teams.pdfintroduction to #OT cybersecurity for O&M teams.pdf
introduction to #OT cybersecurity for O&M teams.pdfPrabaKaran649935
 
Threat, Attack and Vulnerability Play a Key Role in Cyber Security
Threat, Attack and Vulnerability Play a Key Role in Cyber SecurityThreat, Attack and Vulnerability Play a Key Role in Cyber Security
Threat, Attack and Vulnerability Play a Key Role in Cyber SecurityIRJET Journal
 
CYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMS
CYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMSCYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMS
CYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMSGeorge Wainblat
 
Kudler Fine Foods IT Security Report And Presentation –...
Kudler Fine Foods IT Security Report And Presentation –...Kudler Fine Foods IT Security Report And Presentation –...
Kudler Fine Foods IT Security Report And Presentation –...Lana Sorrels
 
System and Enterprise Security Project - Penetration Testing
System and Enterprise Security Project - Penetration TestingSystem and Enterprise Security Project - Penetration Testing
System and Enterprise Security Project - Penetration TestingBiagio Botticelli
 
3778975074 january march 2015 1
3778975074 january march 2015 13778975074 january march 2015 1
3778975074 january march 2015 1nicfs
 
Cybersecurity Goes Mainstream
Cybersecurity Goes MainstreamCybersecurity Goes Mainstream
Cybersecurity Goes MainstreamRob Marson
 
Effects of Backdoor Awareness on Cyber Hygiene Culture of Nigeria’s Civil Ser...
Effects of Backdoor Awareness on Cyber Hygiene Culture of Nigeria’s Civil Ser...Effects of Backdoor Awareness on Cyber Hygiene Culture of Nigeria’s Civil Ser...
Effects of Backdoor Awareness on Cyber Hygiene Culture of Nigeria’s Civil Ser...IRJET Journal
 
Effects of Backdoor Awareness on Cyber Hygiene Culture of Nigeria’s Civil Ser...
Effects of Backdoor Awareness on Cyber Hygiene Culture of Nigeria’s Civil Ser...Effects of Backdoor Awareness on Cyber Hygiene Culture of Nigeria’s Civil Ser...
Effects of Backdoor Awareness on Cyber Hygiene Culture of Nigeria’s Civil Ser...IRJET Journal
 
CYBER SECURITY PRIMERCYBER SECURITY PRIMERA brief in
CYBER SECURITY PRIMERCYBER SECURITY PRIMERA brief inCYBER SECURITY PRIMERCYBER SECURITY PRIMERA brief in
CYBER SECURITY PRIMERCYBER SECURITY PRIMERA brief inOllieShoresna
 
The Top 20 Cyberattacks on Industrial Control Systems
The Top 20 Cyberattacks on Industrial Control SystemsThe Top 20 Cyberattacks on Industrial Control Systems
The Top 20 Cyberattacks on Industrial Control SystemsMuhammad FAHAD
 
Firewall buyers-guide
Firewall buyers-guideFirewall buyers-guide
Firewall buyers-guideAndy Kwong
 
Capstone Team Report -The Vicious Circle of Smart Grid Security
Capstone Team Report -The Vicious Circle of Smart Grid SecurityCapstone Team Report -The Vicious Circle of Smart Grid Security
Capstone Team Report -The Vicious Circle of Smart Grid Securityreuben_mathew
 

Ähnlich wie Substation Cyber Security Protecting Automated Systems (20)

Utilization of Encryption for Security in SCADA Networks
Utilization of Encryption for Security in SCADA NetworksUtilization of Encryption for Security in SCADA Networks
Utilization of Encryption for Security in SCADA Networks
 
Cyber Security for SCADA
Cyber Security for SCADACyber Security for SCADA
Cyber Security for SCADA
 
Encryption Security in SCADA Networks
Encryption Security in SCADA NetworksEncryption Security in SCADA Networks
Encryption Security in SCADA Networks
 
Cyber-Defensive Architecture for Networked Industrial Control Systems
Cyber-Defensive Architecture for Networked Industrial Control SystemsCyber-Defensive Architecture for Networked Industrial Control Systems
Cyber-Defensive Architecture for Networked Industrial Control Systems
 
IJSRED-V2I2P15
IJSRED-V2I2P15IJSRED-V2I2P15
IJSRED-V2I2P15
 
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...
Challenges and Solution to Mitigate the cyber-attack on Critical Infrastruct...
 
Booz Allen Industrial Cybersecurity Threat Briefing
Booz Allen Industrial Cybersecurity Threat BriefingBooz Allen Industrial Cybersecurity Threat Briefing
Booz Allen Industrial Cybersecurity Threat Briefing
 
introduction to #OT cybersecurity for O&M teams.pdf
introduction to #OT cybersecurity for O&M teams.pdfintroduction to #OT cybersecurity for O&M teams.pdf
introduction to #OT cybersecurity for O&M teams.pdf
 
Threat, Attack and Vulnerability Play a Key Role in Cyber Security
Threat, Attack and Vulnerability Play a Key Role in Cyber SecurityThreat, Attack and Vulnerability Play a Key Role in Cyber Security
Threat, Attack and Vulnerability Play a Key Role in Cyber Security
 
CYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMS
CYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMSCYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMS
CYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMS
 
Kudler Fine Foods IT Security Report And Presentation –...
Kudler Fine Foods IT Security Report And Presentation –...Kudler Fine Foods IT Security Report And Presentation –...
Kudler Fine Foods IT Security Report And Presentation –...
 
System and Enterprise Security Project - Penetration Testing
System and Enterprise Security Project - Penetration TestingSystem and Enterprise Security Project - Penetration Testing
System and Enterprise Security Project - Penetration Testing
 
3778975074 january march 2015 1
3778975074 january march 2015 13778975074 january march 2015 1
3778975074 january march 2015 1
 
Cybersecurity Goes Mainstream
Cybersecurity Goes MainstreamCybersecurity Goes Mainstream
Cybersecurity Goes Mainstream
 
Effects of Backdoor Awareness on Cyber Hygiene Culture of Nigeria’s Civil Ser...
Effects of Backdoor Awareness on Cyber Hygiene Culture of Nigeria’s Civil Ser...Effects of Backdoor Awareness on Cyber Hygiene Culture of Nigeria’s Civil Ser...
Effects of Backdoor Awareness on Cyber Hygiene Culture of Nigeria’s Civil Ser...
 
Effects of Backdoor Awareness on Cyber Hygiene Culture of Nigeria’s Civil Ser...
Effects of Backdoor Awareness on Cyber Hygiene Culture of Nigeria’s Civil Ser...Effects of Backdoor Awareness on Cyber Hygiene Culture of Nigeria’s Civil Ser...
Effects of Backdoor Awareness on Cyber Hygiene Culture of Nigeria’s Civil Ser...
 
CYBER SECURITY PRIMERCYBER SECURITY PRIMERA brief in
CYBER SECURITY PRIMERCYBER SECURITY PRIMERA brief inCYBER SECURITY PRIMERCYBER SECURITY PRIMERA brief in
CYBER SECURITY PRIMERCYBER SECURITY PRIMERA brief in
 
The Top 20 Cyberattacks on Industrial Control Systems
The Top 20 Cyberattacks on Industrial Control SystemsThe Top 20 Cyberattacks on Industrial Control Systems
The Top 20 Cyberattacks on Industrial Control Systems
 
Firewall buyers-guide
Firewall buyers-guideFirewall buyers-guide
Firewall buyers-guide
 
Capstone Team Report -The Vicious Circle of Smart Grid Security
Capstone Team Report -The Vicious Circle of Smart Grid SecurityCapstone Team Report -The Vicious Circle of Smart Grid Security
Capstone Team Report -The Vicious Circle of Smart Grid Security
 

Mehr von Schneider Electric

Secure Power Design Considerations
Secure Power Design ConsiderationsSecure Power Design Considerations
Secure Power Design ConsiderationsSchneider Electric
 
Digital International Colo Club: Attracting Investors
Digital International Colo Club: Attracting InvestorsDigital International Colo Club: Attracting Investors
Digital International Colo Club: Attracting InvestorsSchneider Electric
 
32 phaseo power supplies and transformers briefing
32 phaseo power supplies and transformers briefing 32 phaseo power supplies and transformers briefing
32 phaseo power supplies and transformers briefing Schneider Electric
 
Key Industry Trends, M&A Valuation Trends
Key Industry Trends, M&A Valuation TrendsKey Industry Trends, M&A Valuation Trends
Key Industry Trends, M&A Valuation TrendsSchneider Electric
 
EcoStruxure™ for Cloud & Service Providers
EcoStruxure™ for Cloud & Service Providers EcoStruxure™ for Cloud & Service Providers
EcoStruxure™ for Cloud & Service ProvidersSchneider Electric
 
Zelio Time Electronic Relay Briefing
Zelio Time Electronic Relay BriefingZelio Time Electronic Relay Briefing
Zelio Time Electronic Relay BriefingSchneider Electric
 
Spacial, Thalassa, ClimaSys Universal enclosures Briefing
Spacial, Thalassa, ClimaSys Universal enclosures BriefingSpacial, Thalassa, ClimaSys Universal enclosures Briefing
Spacial, Thalassa, ClimaSys Universal enclosures BriefingSchneider Electric
 
Relay Control Zelio SSR Briefing
Relay Control Zelio SSR BriefingRelay Control Zelio SSR Briefing
Relay Control Zelio SSR BriefingSchneider Electric
 
Magelis HMI, iPC and software Briefing
Magelis HMI, iPC and software BriefingMagelis HMI, iPC and software Briefing
Magelis HMI, iPC and software BriefingSchneider Electric
 
Where will the next 80% improvement in data center performance come from?
Where will the next 80% improvement in data center performance come from?Where will the next 80% improvement in data center performance come from?
Where will the next 80% improvement in data center performance come from?Schneider Electric
 
EcoStruxure for Intuitive Industries
EcoStruxure for Intuitive IndustriesEcoStruxure for Intuitive Industries
EcoStruxure for Intuitive IndustriesSchneider Electric
 
Systems Integrator Alliance Program 2017
Systems Integrator Alliance Program 2017Systems Integrator Alliance Program 2017
Systems Integrator Alliance Program 2017Schneider Electric
 
EcoStruxure, IIoT-enabled architecture, delivering value in key segments.
EcoStruxure, IIoT-enabled architecture, delivering value in key segments.EcoStruxure, IIoT-enabled architecture, delivering value in key segments.
EcoStruxure, IIoT-enabled architecture, delivering value in key segments.Schneider Electric
 
It's time to modernize your industrial controls with Modicon M580
It's time to modernize your industrial controls with Modicon M580It's time to modernize your industrial controls with Modicon M580
It's time to modernize your industrial controls with Modicon M580Schneider Electric
 
A Practical Guide to Ensuring Business Continuity and High Performance in Hea...
A Practical Guide to Ensuring Business Continuity and High Performance in Hea...A Practical Guide to Ensuring Business Continuity and High Performance in Hea...
A Practical Guide to Ensuring Business Continuity and High Performance in Hea...Schneider Electric
 
Connected Services Study – Facility Managers Respond to IoT
Connected Services Study – Facility Managers Respond to IoTConnected Services Study – Facility Managers Respond to IoT
Connected Services Study – Facility Managers Respond to IoTSchneider Electric
 
Telemecanqiue Cabling and Accessories Briefing
Telemecanqiue Cabling and Accessories BriefingTelemecanqiue Cabling and Accessories Briefing
Telemecanqiue Cabling and Accessories BriefingSchneider Electric
 
Telemecanique Photoelectric Sensors Briefing
Telemecanique Photoelectric Sensors BriefingTelemecanique Photoelectric Sensors Briefing
Telemecanique Photoelectric Sensors BriefingSchneider Electric
 
Telemecanique Limit Switches Briefing
Telemecanique Limit Switches BriefingTelemecanique Limit Switches Briefing
Telemecanique Limit Switches BriefingSchneider Electric
 

Mehr von Schneider Electric (20)

Secure Power Design Considerations
Secure Power Design ConsiderationsSecure Power Design Considerations
Secure Power Design Considerations
 
Digital International Colo Club: Attracting Investors
Digital International Colo Club: Attracting InvestorsDigital International Colo Club: Attracting Investors
Digital International Colo Club: Attracting Investors
 
32 phaseo power supplies and transformers briefing
32 phaseo power supplies and transformers briefing 32 phaseo power supplies and transformers briefing
32 phaseo power supplies and transformers briefing
 
Key Industry Trends, M&A Valuation Trends
Key Industry Trends, M&A Valuation TrendsKey Industry Trends, M&A Valuation Trends
Key Industry Trends, M&A Valuation Trends
 
EcoStruxure™ for Cloud & Service Providers
EcoStruxure™ for Cloud & Service Providers EcoStruxure™ for Cloud & Service Providers
EcoStruxure™ for Cloud & Service Providers
 
Magelis Basic HMI Briefing
Magelis Basic HMI Briefing Magelis Basic HMI Briefing
Magelis Basic HMI Briefing
 
Zelio Time Electronic Relay Briefing
Zelio Time Electronic Relay BriefingZelio Time Electronic Relay Briefing
Zelio Time Electronic Relay Briefing
 
Spacial, Thalassa, ClimaSys Universal enclosures Briefing
Spacial, Thalassa, ClimaSys Universal enclosures BriefingSpacial, Thalassa, ClimaSys Universal enclosures Briefing
Spacial, Thalassa, ClimaSys Universal enclosures Briefing
 
Relay Control Zelio SSR Briefing
Relay Control Zelio SSR BriefingRelay Control Zelio SSR Briefing
Relay Control Zelio SSR Briefing
 
Magelis HMI, iPC and software Briefing
Magelis HMI, iPC and software BriefingMagelis HMI, iPC and software Briefing
Magelis HMI, iPC and software Briefing
 
Where will the next 80% improvement in data center performance come from?
Where will the next 80% improvement in data center performance come from?Where will the next 80% improvement in data center performance come from?
Where will the next 80% improvement in data center performance come from?
 
EcoStruxure for Intuitive Industries
EcoStruxure for Intuitive IndustriesEcoStruxure for Intuitive Industries
EcoStruxure for Intuitive Industries
 
Systems Integrator Alliance Program 2017
Systems Integrator Alliance Program 2017Systems Integrator Alliance Program 2017
Systems Integrator Alliance Program 2017
 
EcoStruxure, IIoT-enabled architecture, delivering value in key segments.
EcoStruxure, IIoT-enabled architecture, delivering value in key segments.EcoStruxure, IIoT-enabled architecture, delivering value in key segments.
EcoStruxure, IIoT-enabled architecture, delivering value in key segments.
 
It's time to modernize your industrial controls with Modicon M580
It's time to modernize your industrial controls with Modicon M580It's time to modernize your industrial controls with Modicon M580
It's time to modernize your industrial controls with Modicon M580
 
A Practical Guide to Ensuring Business Continuity and High Performance in Hea...
A Practical Guide to Ensuring Business Continuity and High Performance in Hea...A Practical Guide to Ensuring Business Continuity and High Performance in Hea...
A Practical Guide to Ensuring Business Continuity and High Performance in Hea...
 
Connected Services Study – Facility Managers Respond to IoT
Connected Services Study – Facility Managers Respond to IoTConnected Services Study – Facility Managers Respond to IoT
Connected Services Study – Facility Managers Respond to IoT
 
Telemecanqiue Cabling and Accessories Briefing
Telemecanqiue Cabling and Accessories BriefingTelemecanqiue Cabling and Accessories Briefing
Telemecanqiue Cabling and Accessories Briefing
 
Telemecanique Photoelectric Sensors Briefing
Telemecanique Photoelectric Sensors BriefingTelemecanique Photoelectric Sensors Briefing
Telemecanique Photoelectric Sensors Briefing
 
Telemecanique Limit Switches Briefing
Telemecanique Limit Switches BriefingTelemecanique Limit Switches Briefing
Telemecanique Limit Switches Briefing
 

Kürzlich hochgeladen

Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 

Kürzlich hochgeladen (20)

Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 

Substation Cyber Security Protecting Automated Systems

  • 1. Substation Cyber Security Protecting the automated control system June 2012 Make the most of your energy SM
  • 2. Summary Executive Summary . ................................................................................... p 1 Introduction ................................................................................................. p 2 Substation systems: security threat targets................................................... p 4 Vulnerability of the substation automation system ........................................ p 6 Measures to enhance substation automation system.................................... p 9 Addressing cyber security for the substation automation system . ................ p 13 Conclusion................................................................................................... p 15
  • 3. Substation Cyber Security Executive summary The electric power grid has changed significantly over the past decade and continues to change as technology evolves. More and more, new-generation substation control systems are based on open standards and commercial technology, including Ethernet and TCP/IP based communication protocols such as IEC 60870-5-104, DNP 3.0 or IEC 61850. While this change in technology has brought about huge operational benefits, it has introduced cyber security concerns and a potential challenge to network reliability. Electronic intrusion into a substation can misdirect or terminate service, and this intrusion can be from internal individuals or external hackers or organizations. Many substation control and diagnostic systems in deployment were not designed for real-time security functionality and centralized system administration with robust access control. Utilities must implement policies to protect their substation systems against intrusion from within and from outside the corporate network. Further, they must be able to detect intrusion when it does occur to eliminate future untoward effects. Finally, they need to be prepared with planned response and restoration that not only returns targeted functionality but can improve system security. The global power industry has stepped up its focus on cyber security for control and automation systems, and standards are in place identifying the functionalities required for secure substation operation. Utilities looking to protect against cyber attack on their substation automation systems must implement the SCADA, RTU and IED solutions that incorporate proven-technology and the security mechanisms meeting these standards. White paper | 01
  • 4. Substation Cyber Security Introduction Traditionally, an electric utility’s concerns regarding substation asset security centered on physical threats, both natural and human. In locations other than those experiencing civil strife, the primary human threat was considered to be a single, disgruntled employee; an angry customer; or a politically motivated vandal. In any of these cases, the malfeasant had to be within, or physically close to, the substation to cause damage. To protect assets from these human threats, the utility used fences, locked gates, security cameras, SCADA- monitored intrusion alarms and occasional onsite monitoring visits by utility security staff. More recently, both the nature and magnitude of the threat to substation assets have changed. Now, the equipment for monitoring and controlling substation devices is usually connected by communication lines to wide-area networks potentially accessible by the general public. Consequently, an individual seeking to damage utility assets can do so from places hundreds or thousands of kilometers distant and potentially impact multiple substations simultaneously. The magnitude of the threat also has changed. Organized and well-funded groups have publicly stated their goal of damaging key elements of society’s critical infrastructure. Evidence shows that some organizations have been gathering information about public utilities and investigating the electronic defenses of corporate computing networks. Probes specifically targeting the business systems of electric utilities have been documented. However, because substations generally do not have firewalls or intrusion detection systems, it is not possible to know if they are being targeted. This paper addresses the nature of cyber threats, their potential to damage utility assets and the means to detect and recover from them. White paper | 02
  • 6. Substation Cyber Security Substation systems: security threat targets The IEEE 1402 standard refers to cyber intrusions as ‘electronic intrusions’ and defines them as “Entry into the substation via telephone lines or other electronic- based media for the manipulation or disturbance of electronic devices. These devices include digital relays, fault recorders, equipment diagnostic packages, automation equipment, computers, programmable logic controllers, and communication interfaces.” Power substation security threats are primarily related to the ability to remotely access protection, control, automation and SCADA equipment. Through a power substation’s communications vulnerability, an electronic intruder could access the substation SCADA system. Inappropriate circuit breaker other utilities, as well as industry equipment suppliers, operation sequence would result in an electric arc contractors and consultants, are well acquainted between the contacts of the disconnector and high- with the hardware, software, architecture and rate optic and acoustic phenomena. Manifesting as communication protocols implemented in substation an explosion, the event would spray melted metal operations. Often, the suppliers of hardware, and result in an inter-phase short circuit. software, and services to the utility industry are granted the same level of trust and access as the Such a failure would lead to complete destruction of utility individuals themselves – making the definition of the disconnector and partial or complete destruction an ‘insider’ much more broad. of other components in the substation, along with disturbance in substation operation and interruption Further, a utility employee who has access keys of energy supply to consumers. Personnel can be and passwords can be motivated by the prospect seriously injured. Depending on the state of the of financial gain from making that information power system at the moment of switching operation, available. Computer-based systems at substations the incorrect switching sequence could also cause contain data of value to a utility’s competitors as a large power system failure and compromise the well as information – such as the electric load of a safety of the electric power system. customer industrial plant – that might be of value to that customer’s competitors. Certainly, corporate Internal attackers. Investigations of threats to employees are approached to provide interested corporate computer hardware and software systems parties with valuable information; it can’t be ruled typically reveal that the majority of attacks come from out that a similar situation could occur with utility internal sources. Substation control systems and employees who have access to substation systems. intelligent electronic devices (IEDs) are different from Further, the possibility exists of an employee being those at work in corporations, in that information bribed or blackmailed to cause physical damage or about their computer hardware and software systems to disclose privileged information that would enable is not well known to the general public. However, other parties to cause damage. White paper | 04
  • 7. Substation Cyber Security Suppliers. A potential threat exists with employees Terrorists. The most serious security concern is of substation equipment suppliers, who also have with those antagonists, domestic or foreign, who access to – or the knowledge that enables access have the resources to mount a serious attack. They to or damage of – substation assets. One access can be quite knowledgeable, since the computer- path is through the diagnostic port of the substation based systems that outfit a substation are sold with monitoring and control equipment. It is common minimal export restrictions worldwide – complete with that the manufacturer of a substation device has documentation and operational training. The danger the ability to establish an Internet link or telephone from an attack mounted by an organized hostile connection with the device for the purpose of power is increased by the fact it can occur in many performing diagnostics. An unscrupulous employee places simultaneously and would likely be coupled of the manufacturer could use this link to cause with other cyber, physical, or biological attacks aimed damage or gather confidential information, as has at crippling response capabilities. happened many times in other industries. Employees of the utility or equipment supplier also can illicitly access computer-based substation equipment via the communications paths into the substation. Hackers. Other potential intruders include the hacker who is simply browsing and probing for weak links to penetrate corporate defenses and the individual who is motivated to cause damage by a grievance against the utility or against society in general. Criminals. Another potential security problem lies with those who threaten to do damage, in the attempt to extort money, or attempt to access confidential corporate records, such as the customer database, for sale or use. White paper | 05
  • 8. Substation Cyber Security Vulnerability of the substation automation system Conventional computer systems have always been susceptible to those exploiting programming errors in operating systems and application software; cracking user passwords; taking advantage of system installations that leave extraneous services and open ports susceptible; and penetrating improperly configured firewalls that do guard against unauthorized communications. In addition to these common vulnerabilities, the control and diagnostic systems in substations have a number of system-related cyber security vulnerabilities – Slow processors One way to strengthen the privacy and authenticity The remote terminal units (RTUs) and IEDs in some of messages transmitted across insecure channels substation systems use early microprocessor is to use encryption. However, encryption technique technology. They have limited memory and often often is too resource-intensive for most current IEDs have to meet stringent time constraints on their and many existing substation automation systems. communications. With microprocessors that do not Further, many substation communications channels have the processing capability to support additional do not have sufficient bandwidth for the transmission computational burden, it is not feasible to enhance of longer, block-encrypted messages. communications security through data message encryption. Real-time operating systems Design of the real-time operating systems embedded within many IEDs poses another security risk. Some suppliers of these embedded operating systems have not had to meet the requirements for secure communications. Their software systems were designed to operate in an environment focusing on deterministic response to events; information security was a lower priority. White paper | 06
  • 9. Substation Cyber Security Communications media The data messages that substation IEDs exchange In addition, much of the data traffic to and from a with the outside world are often transmitted over substation travels over wireless networks. Intruders media that are potentially open to eavesdropping with the proper equipment can record and interpret or active intrusion. Dial-in lines are common, and data exchanges and can insert their own messages the IED will accept phone calls from anyone who to control power system devices. knows its phone number. Many IEDs are IP (Internet protocol)-enabled, which means they can be addressed by computers connected to the Internet. Open protocols Many protocols have been used for communications An RTU test set usually involves a portable device between the substation and the utility control center. and communications port with a user interface that In the past, these protocols typically were vendor- interprets the messages being sent to and from the specific and proprietary. However, in recent years RTU or IED, allowing the user to define and issue the majority of communications implementations commands to the substation device. An intruder have been executed to the IEC 60870-5 standard can patch into the communications channel to a (in Europe), the DNP3 standard (in North America), substation and use a test set to operate devices at or – to much less extent – the IEC 60870-6 TASE.2 the substation. standard, also called ICCP. These protocols are non- proprietary, well documented and available to the general public. When these protocols were designed, security was not a key issue. Lack of authentication Communication protocols in current use do not provide a means for confirming each other’s identity and securing data exchange. An intruder with access to a communications line to a controllable device can execute a control in the same manner as an authorized user. Intruders can also mimic a data source and substitute invalid data. In most cases, the program receiving the data does not perform validation that would detect this kind of interference. White paper | 07
  • 10. Substation Cyber Security Lack of centralized system administration Unlike the IT domain, where there is a central system personnel who have no reason for access. They would administrator to designate and track authorized users, be able to perform critical functions such as assigning substation automation system users often are their passwords, assigning log-in IDs, configuring the own system administrators and have the authority to system and adding or deleting software. perform all security functions. This situation can make access to substation automation systems available to Large numbers of remote devices A typical utility has from several dozen to several hundred substations at geographically dispersed locations, and each automated substation typically has many IEDs. Therefore, there is a high cost to implement any solution that requires upgrading, reprogramming or replacing the IEDs. White paper | 08
  • 11. Substation Cyber Security Addressing cyber security for the substation automation system The strategies for enhancing cyber security of control and diagnostic systems at substations are the same as those that would be applied for other corporate computer systems: (1) prevent cyber intrusion where possible; (2) detect intrusion where it could not be prevented; (3) recover from an intrusion after detection; and (4) use the experience to improve preventive measures. Protecting Substation Systems Intrusion from inside the corporate network. With substation control and monitoring systems connected to the utility’s corporate wide-area network, a large potential threat to these systems exists from unauthorized users on that corporate network. The corporate network should be made as secure as possible – • he most important measure is one of the simplest: T ensuring that all default passwords have been removed from all substation systems and that there are no accounts without any password. • ser passwords should not be simplistic. U However, passwords that are difficult to guess are also difficult to remember. Procedures should discourage users from posting their passwords on the terminal of the system being protected. • asswords should be immediately terminated as P soon as its owner leaves employment or changes job assignments. Intrusion from outside the corporate network. • ifferent sets of privileges should be established for D The possibility of intrusion by outsiders who have different classes of users. For example, some users gained direct access to substation devices through should be allowed only to view historical substation unprotected communications channels poses data. Other users might be permitted to view only new challenges to the cyber security of substation real-time data. Operators should be given only systems. control privileges, and relay engineers’ authority The SCADA communication line links the utility should be limited to changing relay settings. control center and the substation. This line carries White paper | 09
  • 12. Substation Cyber Security real-time data from substation devices to dispatchers at the control center and controls messages from the dispatchers back to the substation. In the case of substation automation, a data concentrator or a substation automation host processor serves as the RTU in sending substation data to the control center and in responding to the dispatcher’s control commands. A variety of media, such as power line, leased lines, microwave, multiple-address radio, satellite- based communications, fiber optic cable and others, are used to connect the substation RTU with the control center. It is quite common for communications from control center to substation to use different media along different There are two lines of defense that a utility can segments of the path. Some of these media, take – especially the wireless ones, are subject to eavesdropping or active intrusion. At least one • trengthening the authentication of the user S case has been reported in which an intruder confirms the identity of the prospective IED user. used radio technology to commandeer SCADA As the very first step, the utility should ensure communications and sabotage the system. Of that the default passwords originally supplied the many alternatives, using fiber optics offers the with the IEDs are changed and that a set of most security against SCADA communications strong passwords are implemented. intrusion. • Encrypting communications between the In substation integration and automation user and the IED to ensure that only users in systems, IEDs intrinsically support two-way possession of the secret key would be able communications. Once the user has logged on to to interpret data from the IED and change IED the IED, the user can use the connection to: parameters. • Acquire data that the IED has stored Note: once the industry has agreed on a standard technique for encrypting messages, • hange the parameters of the IED, such as the C IED manufacturers can plan for economies of settings of a protective relay scale. If there is a demand for encryption of IED communications, and industry-wide consensus • Perform diagnostics on the IED on the approach, IED manufacturers will develop an effective way to embed the algorithm in the • ontrol the power system device connected to C processor of IEDs at little incremental cost. the IED; that is, operate a circuit breaker White paper | 10
  • 13. Substation Cyber Security Detecting Intrusion While it is extremely important to prevent intrusions to a security breach instead of some other failure into one’s systems and databases, an axiom of cyber such as a voltage transient, relay failure or software security is that any intrusions must be detected, bug. because an intruder who gains control of a substation computer can gather data – including the log-on For these reasons, it is important to make every passwords of legitimate users – and use that data at effort to detect intrusions when they occur and derail a later time to operate power system devices. Further, future data manipulation by the intruder. To this the intruder can set up a mechanism, sometimes end, a number of IT security system manufacturers referred to as a ‘backdoor’, that will allow easy have developed intrusion detection systems (IDS). access at a future time. These systems are designed to recognize intrusions, based on parameters such as communications If no obvious damage was done at the time of the attempted from unauthorized or unusual addresses intrusion, it can be very difficult to detect that the and an unusual pattern of activity, and generate logs software has been modified. For example, if the goal of suspicious events. This response allows system of the intrusion was to gain unauthorized access administrators, control engineers and operators to utility data, the fact that another party is reading to apply solutions powered by security event confidential data might never be noticed. Even when management technology to quickly recognize and the intrusion does intentionally open a circuit breaker respond to events impacting security, compliance on a critical circuit or cause other damage, it might and operational efficiency. not be at all obvious that the false operation was due Responding to Intrusion The ‘three Rs’ of response to cyber intrusion are as evidence in court in the event the intruder is recording, reporting, and restoring – apprehended. However, due to the high frequency of SCADA communications, the low cost of substation Theoretically, it would be desirable to record all communications equipment, and the fact that data communications into and out of all substation substations are distant from corporate security staff, devices. If an intruder successfully attacks the it might be impractical to record all communications. system, the recordings could be used to determine System owners will probably defer any attempts what technique the intruder used to modify the to record substation data communications until system and then close that particular vulnerability. (a) storage media are developed that are fast, voluminous and inexpensive, or (b) SCADA-oriented Recording would be invaluable in helping identify intrusion detection systems are developed that can the intruder. Further, a recording made in a way filter out usual traffic and record only the deviant that is demonstrably inalterable can be admissible patterns. White paper | 11
  • 14. Substation Cyber Security But even if the communications sequence responsible for an intrusion is neither detected nor recorded when it occurs, it is essential that procedures be developed for the restoration of service after a cyber attack. It is extremely important that the utility maintain backups of the software of all programmable substation units and documentation of all IED standard parameters and settings. After the utility suspects an intrusion or determines that a particular programmable device has been compromised, the software should be reloaded from the secure backup. If the settings on an IED had been illicitly changed, the original settings must be restored. Unless the nature of the breach of security is known and can be repaired, the utility should seriously consider taking the device off line or otherwise making it inaccessible to prevent a future exploitation of the same vulnerability. White paper | 12
  • 15. Substation Cyber Security Addressing cyber security for the substation automation system Cyber security risks were inherited when open IT standards were adopted. Fortunately, this movement also inspired the development of cyber security mechanisms in a large number of enterprise environments to address these risks. Substation automation system providers are taking a systematic, global approach, continuously adapting to meet changing demand through standardization and proactive RD efforts. Standards activity addresses cyber security requirements both at the system level and the product level and includes – • IST SGIP-CSWG Smart Grid Interoperability Panel N – Cyber Security Working Group • ERC CIP Cyber Security regulation for North N Security mechanisms designed and developed American power utilities specifically for substation automation systems use proven technology to support advanced account • EC 62351 Data and Communications Security I management and detailed security audit trails in RTUs/IEDs and SCADA. Utilities should look for cyber • EEE PSRC/H13 Cyber Security Requirements for I security solutions that enable: Substation SUB/C10 Automation, Protection and Control Systems • ser account management – Supports user U authentication and authorization at the individual- • EEE 1686 IEEE Standard for Substation I user level. User authentication is required and Intelligent Electronic Devices (IEDs) Cyber Security authorization is enforced for all interactive access to Capabilities the device. • SA S99 Industrial Automation and Control System I • ser accounts – Allows full management of user U Security accounts, including creating, editing and deleting. User names and passwords can be configured Verified antivirus software protects station according to user‘s requirements. computers from attacks and viruses. Cyber security also can be improved by limiting the use of removable media in the station computers. White paper | 13
  • 16. Substation Cyber Security • Role-based access control – Enables each • External security clients – Sends security user account to be assigned a specific role, and events to external security log clients such user roles can be added, removed and changed as the Security Event Manager, which uses a as needed. monitoring and response device for visibility of real time security events. • assword complexity – Enforces password P policies with minimum password length, • ecurity events to control system – Sends S maximum password lifetime and use of security events and alarms via host protocol to lower case, upper case, numeric and special the control systems. User configures settings for characters. security alarms. • HTTPS support – Permits encrypted • VPN function – Offers one encrypted channel communication between the web browser and between the SCADA or RTU and the IPsec the RTU. A standard browser can be utilized Router on the user’s side. The VPN tunnel such as Internet Explorer or Firefox. In addition, provides confidentiality, integrity and authenticity. self-signed certificates, pre-installed at web A secure communication via public networks client, can be used. with fixed IP addresses is possible. The authentication is managed with pre-shared keys. • ocal logging – Creates audit trails (log files) L of all security-relevant user activities. Security events logged include user login, logout, change of parameters, configurations and updates of firmware. For each event, the date and time, user, event ID, outcome and source of event is logged. Access to the audit trail is available to authorized users only. White paper | 14
  • 17. Substation Cyber Security Conclusion The electric utility’s concern about cyber security of its substation automation systems is well founded. These systems are, in several ways, even more subject to intrusion than conventional computer systems. Yet, the utility has many options for preventing and detecting electronic intrusion from within its organization and from outside the corporate network. Substation automation system providers have identified cyber security as a key requirement and are designing and developing solutions, using proven technology, to provide advanced account management and detailed security audit trails for their network RTUs, IEDs and SCADA. White paper | 15
  • 18. ©2012 Schneider Electric. All rights reserved. Schneider Electric USA, Inc. 4701 Royal Vista Circle Fort Collins, CO 80528 Phone: -866-537-1091 1 + (34) 9-17-14-70-02 Fax: 1-970-223-5577 www.schneider-electric.com/us July 2012