Abortion pills in Doha Qatar (+966572737505 ! Get Cytotec
How to protect energy distribution for millions of people against cyber attacks (real case)
1. How to protect energy
distribution for millions of
people against cyber attacks
Case study
Thiago Branquinho
CTO & Founder
TI Safe
2. Thiago Branquinho – CTO, TI Safe
Critical
infrastructures
defender
Biologist
Information
Systems
Auditor
FIFA World
CUP 2014
Planner
Maker
Sustainability
activist
Origamist
5. Intrinsic issues of Electrical Systems
Variable and seasonal
Consumption, with
increasing trend
Subject to contingencies
and emergencies
Faults and defects in
equipment
Faults and short circuits
Maneuvers and topology
changes
Changes in the
availability of the energy
matrix
Changes in consumption
Events and disturbances
of varying duration, of
scheduled or sudden
occurrence
(unpredictable)
Other numerous
technical, financial and
legal issues (operational
margins, economic
operation, contracts)
6. Automation to minimize issues
• Protection
• Command
• Control
• Measurement
• Supervision
These functions
have specific
requirements
(e.g. response
time)
Automation
becomes
crucial
7. Electric power processes digitalization
Generation
•Measurements, command,
control and protection
•Alarms and Event Logging
Supervision and monitoring of
equipment status
•Start, stop, synchronization of
generator sets
•Supervision and control of the
elevating substation
•Dispatch of the plant (joint or
individual control):
•active power
•voltage / reactive
•Automatic spillway operation
•Hydro-energy programming,
flood and flow forecasting
Transmission
•Measurements, command,
control and protection
•Alarms and Event Logging
Supervision and monitoring of
equipment status
•Load Forecasting and Selective
Cutting
•Power Flow Control
•State Estimators
•Contingency analysis (safety
analysis)
•Optimization of generation and
transmission
•Coordination of maintenance,
etc.
Distribution
•Command, control and
protection
•Measurements, billing and
billing
•Supervision and monitoring of
equipment and network status
•Engineering, planning and
network expansion
•Control of voltage and quality of
energy
•Load maneuvering and
rearrangement
•Coordination of maintenance,
location and defect repair
•Maintenance of network and
consumption database and
maps
•Customer service (links, support
and billing)
10. Electricity is the core of the critical infrastructure
Verner, Duane, Frederic Petit, and Kibaek Kim. “Incorporating Prioritization in Critical Infrastructure Security and Resilience Programs.”
Homeland Security Affairs 13, Article 7 (October 2017). https://www.hsaj.org/articles/14091
11. Who will be the next attacker?
http://energyskeptic.com/2014/terrorism-and-the-electric-power-grid/
12. In 2016 alone, the US Department of Homeland
Security Industrial Control Systems Cyber
Emergency Response Team responded to 290
incidents, including 63 in the critical
manufacturing sector, and 59 in the energy sector
More than one quarter of the incidents related to so-called
spear phishing attacks, which involve sending fraudulent
email in order to entice someone into disclosing confidential
information.
15. TI Safe’s ICS-SOC coverage
~40 million people
living on these
brazilian states
Map by Ricardo Marins Rosa - Own work, CC BY-SA 4.0,
httpscommons.wikimedia.orgwindex.phpcurid=58541820
16. TI Safe’s ICS-SOC (Industrial Control Systems – Security Operations Centre)
TI Safe's ICS-SOC integrates cyber
security functions with industrial
processes monitoring. It is a prepared
structure equipped to anticipate,
prevent, defend and respond to cyber
attacks against critical infrastructures.
Continuous
monitoring
Risk
managemtn
Cyber
intelligence
17. The focus is to predict
and prevent disruptive
incidents
Otherwise the infrastructure may not survive!
18. ICS-SOC main activities
Prevent Detect RespondPredict
Intelligence
The ICS-SOC expert
team with the support of
artificial intelligence
infers how the next
attacks will be and
establish measures to
prevent them in our
clients
cybersecurity
technologies protect the
environment and
provides occurrences
logs Non-compliances are
handled by the customer
in a manual or
automated manner
Good morning ladies and gentlemen!
I am Thiago Branquinho and I came here to present you how to protect energy distribution for millions of people against cyber attacks.
This lecture is based on our daily activities in our ICS-SOC at TI Safe
First, I would like to introduce myself. I am CTO of TI Safe.
In more than 20 years of work experience I did a lot of different things, as you can see here.
But today I am bringing my Critical Infrastructures Defender alter-ego.
Let’s start from the beggining.
I would like to bring you an overview of Electrical Power Systems
So, there are three main componentes: generation, transmission and distribution, until get to the end users for energy consumption.
These environments, by themselves, have a lot of intrinsic issues to be addressed.
For example, faults and defects in equipments, maneuvers to adapt to changes in the consumption profile and many other issues.
Thus, automation becomes crucial to minimize issues.
Functions as electric protection, command and control, measurement, and operational supervision have specific requirements to be addressed.
And only automation can save it.
Just to illustrate, I brought a non-exaustive list of activities usually automated on the electric power systems.
It is, definetely, a lot of digitalization.
But here comes an alert.
Since we have become higly dependent on automated systems, it is not possible to go back on non-digital fashion and live our normal life.
Thus, the affirmative: Digitalization without cybersecurity jeopardizes mankind.
And electricity is the core of the critical infrastructure. Almost everything depends on electric power nowadays. And everyone here in this room is plenty of sure that light will always shine when we flip the switch.
The point is... Who will be the next attacker? Can be anyone, including your brand new IoT device if misprogrammed.
We know that there are targetted attacks. But since the complexity of security tools is lowering down, anyone can become the next attacker.
As an expression of this, in 2016 the US Department of Homeland Security for Industrial Control Systems Cyber Emergency response Team responded to 290 incidentes, including 59 in the energy sector.
One quarter of the incidents involved fraudulent e-mail on spear phishing attacks.
So... How to protect the electrical power systems?
I would like to bring some reflection here...
If we create a direct analogy between Maslow’s hierarchy of human needs to the industry 4.0, we can include the top of the piramid the beautiful components that we all love to see. Integrated systems, 5G, 3D printers, artificial intelligence, robots, drones and anything else.
But we cannot forget that the basis of the piramid is the physiological needs and safety. It is exactly on the base where ICS cybersecurity resides.
So, if you consider stepping into the forth industrial revolution, I strongly recommend you to plug in security constrains prior to move forward.