Smart grids is an added communication capabilities and intelligence to traditional grids,smart grids are enabled by Intelligent sensors and actuators, Extended data management system,Expanded two way communication between utility operation system facilities and customers,Network security ,National integration ,Self healing and adaptive –Improve distribution and transmission system operation,Allow customers freedom to purchase power based on dynamic pricing ,Improved quality of power-less wastage ,Integration of large variety of generation options.
We have seen the more complex and critical infrastructure the more vulnerable they are. From the Year of 1994 we have seen lots of incidents where SmartGrid were Hacked the latest and booming incident was Stuxnet Worm which targeted Nuclear Power System of Iran and Worldwide.There are different types of Attacks we will see. Security needed for Smart Grid.
5. What‟s a “Smart Grid?”
Smart Grid is a developing Network of new
Technologies, equipment, and controls working
together to respond immediately to our 21st
Century demand for electricity.
Technology Used
Integrated Communication
Sensing
Smart Meters
Phasor Measurement Units
Advanced Components
Advanced Control
Decision Support System
Smart Power Generation
9. Another View – Smart Grid
Communications Network
Sensors Regulatory Policy
and and Rule- making
Grid Control Enhanced
Plug In Electric Flexibility & Control Congestion
Hybrid Vehicles Management
Guided By…
Distributed
And Renewable
Energy
Energy
SGCN Results… Efficiency
Demand
Response
Supported By…
Data, Analytics,
and Information
Smart Meters and
Communications Security
Open and
Ubiquitous
New Communication
Devices Voltage
and
Systems Stability
Generation Custom
Applications Enterprise
Integration
10. Evolution of Electrical Utility Risks
PAST PRESENT NEAR FUTURE
HARD-WIRED CONTROL SCADA / RF ENABLED SMART GRID / RF PERVASIVE
Most controls are “hard Intense financial Control inside-the-home of all
wired” AND require pressure to reduce appliances
manual intervention staffing; hence more Wide use of 802.x, ZigBee, X10
“remote” RF methodologies
Lesser public
availability of RF Computerization and RF Uncertain Software Provenance,
devices control common in all Packaged Code and Offshore
industries Development Zero-Day Attacks
Little capability for
damage to or financial Project implementation Increased organized crime/
benefit from RF attacks excellence not always terrorist focus
followed by outstanding
Cost-plus charging – “If security operations Potential for damage to, and
we need it, we‟ll do it! If “net” theft by, every customer
we can‟t do it, we‟ll buy SCADA hacking can
it!” cause Revenue/Risk Asymmetry for
„ “wholesale” damage each customer
Clear regulatory and to neighborhoods and Transition to IP and Windows
financial landscape equipment “Monoculture” for RF devices
Uncertain regulatory, Increased public and regulatory
audit, and liability Scrutiny
landscape
12. Overview of Cyber Security – Threats
Admin Operator
Perform
SQL
Admin
ARP Scan
EXEC
Opens Email
Send e-mail
with Malware
with malware
Acct Operator
Internet
4. 1. Hacker sends anan ARP (Address
Hacker performs e-mail with malware
Resolution Protocol) Scan Master
2.E-mail recipient opens the e-mail and the
DB
5. Once the Slaveinstalled quietlyfound, hacker
malware gets Database is
3. Using the information command
sends an SQL EXEC that malware Slave Database
gets, hacker is able to take control of the e-
6. Performs another ARP Scan RTU
mail recipient‟s PC!
7. Takes control of RTU
Example from 2006 SANS SCADA Security Summit, INL
13. Overview of Cyber Security – Threats
Cyber
Penetration
Attacker Communications
Controls the
Performs Network
(WAN)
Head End
Remote
AMCC
Attacker Disconnect
(Advanced Metering
Control Computer) Communications
Network
(WAN) Retailers
3rd Parties
AMI WAN AMI WAN AMI WAN
Data Management
Systems
(MDM/R)
U N IV ER S IT Y
Example from AMRA
Webinar, Nov ’06
“The Active Attacker”
14. Cyber Security Challenges
The challenge is complex and continuously
changing
Legacy systems need to be protected
Number and geographic location of end points
Relationship to physical security
Systems are 7x24 and critical
The human element / social engineering
15. Cyber Solutions - Defense in Depth
Perimeter Protection
Firewall, IPS, VPN, AV
Host IDS, Host AV
DMZ
Physical Security
Interior Security
Firewall, IDS, VPN, AV
Host IDS, Host AV
IEEE P1711 (Serial Connections)
NAC
Scanning IDS Intrusion Detection System
IPS Intrusion Prevention System
Monitoring
DMZ DeMilitarized Zone
Management VPN Virtual Private Network (encrypted)
Processes AV Anti-Virus (anti-malware)
NAC Network Admission Control
17. Physical Layer Security
Natural Disasters
Snow Storms
Hurricanes
Solar Flares
Geomagnetic Storms
Earthquakes
Flooding
Volcanoes
Recognize that Location of the Smart
Grid Components Can Be Affected by
the Surrounding Environment
18. Physical Layer Security (2)
Steal the Meters – Sell the Devices
RESPONSE: METER “LAST
GASP” ALERTS WHEN
DISCONNECTED
19. Physical Layer Security (3)
Tamper with the Meter
Cause Meter to Stop Reading - Disconnect
Cause Meter to Mis-Read (or Reverse)
Inject Malware
Modify Encryption
Modify Authentication Mechanism
• July 2009 – Black Hat Conference
• IOActive, Seattle InfoSec Firm
• Proof of Concept – 24 Hours Caused 15,000 of 22,000
Home Smart Meters Taken Over by Malware/Worm
20. Physical & Cyber
Opening the Meter
Accessing Exposed Ports and Connectors
Intercept Data Between Microcontroller and Radio
Infrared Port Attack/Hack
21. Cyber Layer Security
The Biggest Opportunity for Trouble
“The Last Mile” Issues
Remember – Added Complexity Causes Concerns
22. “Last Mile”
Broadband Power Line
Systems
Power Line Carrier
Systems
Public Switched
Telephone Network
(PSTN)
Cat5/6 Network
Connection
Radio Frequency
WiMax
ZigBee
6LoWPAN
802.11x
Cellular
(CDMA/EVDO,
GSM, LTE)
23.
24. Cyber Attacks
Remember C I A
Confidentiality Attacks
Reading, “Sniffing” the data
Integrity Attacks
Changing the Data
Availability Attacks
Denial of Service – Prevent Use of Service
25. Confidentiality Attacks
Buffer Overflow
Inject Data that is too “Big” for the Meter/System
Predominantly Caused by Bad Software Development
Snooping / Sniffing
Reading / Capturing the Data between Meter and Collector and Vice Versa
Also Internal to Meter Between Microcontroller and Radio
A Reason for Encryption – “Cleartext is Bad”
Hacking the Encryption
Some Protocols Easy to Break
Causes – Weak Keys, Weak Protocols, Weak Initialization Vectors
Man-in-Middle Attack
“Bit Flipping” Attacks (Weak Integrity Functions)
Breaking Into Password Storage on Devices
“Race Condition” Exploits
A race condition is of interest to a hacker when the race condition
can be utilized to gain privileged system access.
26. Integrity Attacks
Key: Change the Data
Replay Attacks (Man-in-the-
Middle)
Why?
Change the Bill (Up or Down)
Modify Usage Data
Use Data for Fraud
Use as Alias
“Gee Officer, I wasn‟t home that night!”
27. Availability Attacks
Denial of Service (DoS) Attacks
Examples: Georgia Cyber War, Estonia Cyber War
Spoofing
Pretending You are Another Meter
Meter Authentication Weaknesses
Manipulate Meter to Collector
Or
Manipulate Collector to Meter
Name Resolution Attacks
Meter Name Cache Poisoning
Denial of Service Attacks Against DNS Servers
Reroute Meter Traffic to Another Meter or Collector or Network
Hold Ransom
Before Super Bowl?
Over a Community/Neighborhood?
Wartime Reserve
Chipset Backdoor “Pre-Attack” in Smart Meters
http://www.aclaratech.com/AclaraRF/PublishingI
mages/starsystem_th.jpg
29. Privacy Attacks (2)
Determine Lifestyles
Determine Best Time to Rob
Use Info to “Sell” Services (e.g., “I‟m here to fix your broken
refrigerator, Ma‟m!)
http://www.baystatetech.org/graphics/major-app.jpg
30. STORAGE ISSUES
A Paradigm Shift Microsoft Clip Art Online
www.smartgridnews.com
Today’s Environment The Future Smart Grid
Analog Meters or Simple Digital Meters “Smart” Digital Meters & “Smart”
Manually Read or Use “Drive By” Reading Sensors
Read Monthly (or Less Frequently) Automatic Reading
Read Every ~15 Minutes or More
Minimal Data Accumulation
Frequently
Simple Data Fields – KWH Used Since “Data Avalanche!” – Numerous Data
Last Reading Fields and Classes
www.smartgridnews.com
Circuit Breaker Relays – ENHayden
ENHayden - Used -- Used with
with Permission Permission
31. Storage Considerations
Costs for More Data Centers and Storage
Error Handling
Data Analytics and Business Intelligence Resources
Security of Data – Static and Dynamic…
Stored or in Transit
Privacy of Data – Consider EU Privacy Laws
Consumer Education Requirements
Auditing, Reporting, Regulatory Impacts
32. What To Do?
#1: DON‟T GIVE UP!
#2: DON‟T IGNORE THE THREATS!
#3: LEARN AND STUDY – DO THREAT MODELING
#4: INCLUDE SECURITY, IT, UTILITY OPERATIONS
IN PLANNING AND SOLUTION DEVELOPMENT
#5: WORK WITH SECURITY EXPERTS
& CONSULTANTS
#6: ASK HARD QUESTIONS
#7: BUILD DEFENSE-IN-DEPTH IN EVERY PHASE
OF
YOUR SMART GRID SOLUTION
#8: INCIDENT RESPONSE SET UP, PRACTICED
#9: STORAGE – PLAN, IDENTIFY CONTINGENCIES,
LOOK OUTSIDE THE BOX
#10: INCLUDE SECURITY EARLY, OFTEN