Security in Smart Grid / IoT. Nenad Andrejević Comtrade Solutions Engineering
|
|
- Mabel Carpenter
- 8 years ago
- Views:
Transcription
1 Security in Smart Grid / IoT Nenad Andrejević Comtrade Solutions Engineering
2 Introduction Why is security important With so much of our lives connected to the Internet from our critical infrastructure and national security systems to our cars and bank accounts we know the urgency of addressing these new and growing cyber threats.
3 Traditional power grid The present infrastructure is overstrained and inter region bulk transfer is limited Cannot fully support the integration of renewable energy Low reliability of Power - Outage Fluctuating quality of Power Major source is fossil fuel Efficiency of Power transmission Almost zero customer participation Low Billing and collecting efficiency
4 Smart Grid v3 Decentralization of Generating resources Integration of all sources of energy, mainly renewable Continuous monitoring and feedback from the network Anticipation of faults and helps in fault prevention Establishes a two-way communication between the utilities and the consumers Reduces the stress on the power system infrastructure Reduces and shifts the peak demand Continuous self-learning
5
6
7 SECURITY THREATS TO THE ENERGY NETWORK CYBER-ATTACKS: MALWARE INJECTIONS, DENIAL OF SERVICE, REMOTE CONNECT / DISCONNECT COMMANDS ATTACKS ON PRIVACY REVENUE PROTECTION THE THEFT OF DATA AND ENERGY
8 Landscape of attack Oil pipeline explosion in Turkey 2008 Stuxnet Virus Ukraine Attack U.S. grid was successfully hacked 2015
9 Privacy concern #1
10 Privacy concern #2
11 Risk Levels More Secure UTILITY Back office HEAD END SYSTEM Collection system Highest Risk WAN Wide Area Network FAN Field Area Network HAN Home Area Network Least Secure Smart Meter Least Risk
12 Business Outcomes Distribution Automation EV Smart Charging Smart Payment Energy Efficiency Meter-to- Cash Revenue Assurance Renewables Integration Demand Response Outage Management Consumer Engagement More Secure DMS Utility Systems and Back Office Billing/ CIS OMS DRMS/ DLC SCADA Analytics» Transformer Load Management» Power Quality (Voltage/Outage)» Energy Diversion Detection» Energy Efficiency & Demand Response Highest Risk Head End System Security Manager Head-End MDM Cisco NMS Substation WAN Backhaul Network Options Least Secure Least Risk
13 Open Standards Application Layer Web Services, EXI, SOAP, RestFul,HTTPS/CoAP Metering IEC CIM, ANSI C12.22, DLMS/COSEM, SCADA IEC 61850, DNP3/IP, Modbus/TCP, DNS, NTP, IPfix/Netflow, SSH RADIUS, AAA, LDAP, SNMP, (RFC 6272 IP in Smart Grid) Transport Layer UDP/TCP Security (DTLS/TLS) Network Layer IPv6 RPL IPv6/IPv4 Addressing, Routing, Multicast, QoS, Security Mgmt 802.1x / EAP-TLS & IEEE i based Access Control Data Link Layer LLC M A C IEEE e MAC enhancements IEEE including FHSS 6LoWPAN (RFC 6282) IPv6 over Ethernet (RFC 2464) IEEE frame format IEEE Wi-Fi IEEE Ethernet IPv6 over PPP (RFC 5072) 2G, 3G, LTE Cellular IP or Ethernet Convergence SubL. IEEE WiMAX Physical Layer IEEE g 2.4GHz, 915, 868MHz DSSS, FSK, OFDM IEEE NB-PLC OFDM IEEE Wi-Fi 2.4, 5 GHz, Sub-GHz IEEE Ethernet UTP, FO 2G, 3G, LTE Cellular IEEE WiMAX 1.x, 3.xGHz
14 Smart Grid Key Attributes Standards and Conformance Standards are critical to enabling interoperable systems and components. Mature, robust standards are the foundation of mass markets for the millions of components that will have a role in the future smart grid. Standards enable innovation where thousands of companies may construct individual components.
15
16 IoT [ WIKIPEDIA ] The Internet of Things (IoT) is the network of physical objects or "things" embedded with electronics, software, sensors and connectivity to enable it to achieve greater value and service by exchanging data with the manufacturer, operator and/or other connected devices. [ OXFORD ] A proposed development of the Internet in which everyday objects have network connectivity, allowing them to send and receive data
17 Challenge of Securing the IoT Manufacturers, energy and transportation providers, and smart cities are gaining a competitive advantage by harnessing the Internet of Things (IoT). Connecting more things in more places creates new security challenges. Mitigating risk requires a combination of cybersecurity and physical security. The IoT is expected to grow to 50 billion by Each device is a potential entry point for a network attack by insiders, hackers, or criminals
18 How to process IoT is one of the new areas where the new innovative solutions are created every day, for business and eco systems. We still have no complete standard security measures. We use threat modeling to find out all relevant threats and risk model to find out best suite security European Union Agency for Network and Information Security Smart Grid Threat Landscape and Good Practice Guide NIST Cyber security framework for critical infrastructure OWASP Top 10 IoT
19 Top 10 IoT Vulnerabilities OWASP Top 10 IoT Vulnerabilities Project The OWASP Top 10 IoT Vulnerabilities are as follows: Rank I1 I2 I3 I4 I5 I6 I7 I8 I9 I10 Insecure Web Interface Title Insufficient Authentication/Authorization Insecure Network Services Lack of Transport Encryption/Integrity Verification Privacy Concerns Insecure Cloud Interface Insecure Mobile Interface Insufficient Security Configurability Insecure Software/Firmware Poor Physical Security 10/10 security systems accept /10 security systems with no lockout 10/10 security systems with enumeration SSH listeners with root/ access 6/10 web interfaces with XSS/SQLi 70% of devices not using encryption 8/10 collected personal information 9/10 had no two-factor options Unauthenticated video streaming Completely flawed software update systems
20 Why COMTRADE? Comtrade firmly believes that the best way to ensure reliable security for the entire smart grid /IoT is to integrate security directly into the design process. Our Security by Design methodology involves the security team working hand in hand with Comtrade architecture team to ensure its products are created with security in mind right from the start. Security is not an afterthought; it evolves with the product and needs to be continually developed.
21 COMTRADE SECURITY BY DESIGN METHODOLOGY The Security by Design methodology is a simple, iterative process. It was decided at Comtrade that in the manufacturing of applications for utilities and IoT An Iterative Approach 1. Assess the security vulnerabilities applicable to the system and all components 2. Conduct a risk evaluation with an impact analysis 3. Design defensive counter measures for mitigating impact 4. Perform penetration tests against each component and then the entire system 5. Iterate - if there are any gaps identified in step Pre poduction Production Secure by design
22 Conclusion Being knowledgeable about what can be achieved is one thing. The other is to reduce the impact. In cyber-security an environment with asymmetric approaches - this can be achieved through common effort and coordination.
23 Q&A That which depends on me, I can do; that which depends on the enemy cannot be certain. Therefore it is said that one may know how to win, but cannot necessarily do so (Sun Tzu).
24 Thanks for coming Have a nice day!
Alain Fiocco. Sr. Director CTO Office afiocco@cisco.com
Alain Fiocco Sr. Director CTO Office afiocco@cisco.com BILLIONS OF DEVICES The Internet of Things Is Already Here 50 40 50 Billion Smart Objects 30 20 10 0 Source: Cisco IBSG, 2011 Inflection Point 12.5
More informationSecuring the Internet of Things: Mapping Attack Surface Areas Using the OWASP IoT Top 10
SESSION ID: ASD-T10 Securing the Internet of Things: Mapping Attack Surface Areas Using the OWASP IoT Top 10 Daniel Miessler Security Research HP Fortify on Demand @danielmiessler HP Fortify on Demand
More informationZigBee IP Stack Overview Don Sturek Pacific Gas and Electric (PG&E) 2009 ZigBee Alliance. All rights reserved. 1
ZigBee IP Stack Overview Don Sturek Pacific Gas and Electric (PG&E) 1 Presenter Background Pacific Gas and Electric Company Northern and Central California Gas and Electric Utility Company (including San
More informationIoT & SCADA Cyber Security Services
IoT & SCADA Cyber Security Services RIOT SOLUTIONS PTY LTD P.O. Box 10087, Adelaide St Brisbane QLD 4000 BRISBANE HEAD OFFICE Level 4, 60 Edward St, Brisbane, QLD 4000 T: 1300 744 028 Email: sales@riotsolutions.com.au
More informationUnifying Smart Grid Communications using SIP
Unifying Smart Grid Communications using SIP Joe DiAdamo, P.Eng. Chief Technologist, Smart Grid Siemens Enterprise Communications Sept 1, 2009 One of, I think, the most important infrastructure projects
More informationSecurity by Design. Olivier Rochon Security Solutions Manager WHITEPAPER. knowledge to shape your future
Security by Design Olivier Rochon Security Solutions Manager WHITEPAPER knowledge to shape your future INTRODUCTION The evolution of smart meters and smart grids is not only changing the way we receive
More information1. Cyber Security. White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network
WP 1004HE Part 5 1. Cyber Security White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network Table of Contents 1. Cyber Security... 1 1.1 What
More informationFuture-proofing Your Utility: Interoperability In-house and Out An Intelligent Utility Reality Webcast
Future-proofing Your Utility: Interoperability In-house and Out An Intelligent Utility Reality Webcast 10/15 10/29 December 1, 2011 1/28 Join the conversation on Twitter using #IUWebcasts and follow Intelligent
More informationAutomotive Ethernet Security Testing. Alon Regev and Abhijit Lahiri
Automotive Ethernet Security Testing Alon Regev and Abhijit Lahiri 1 Automotive Network Security Cars are evolving Number of ECUs, sensors, and interconnects is growing Moving to Ethernet networks utilizing
More informationThe digital future for energy and utilities.
Digital transformation has changed the way you do business. The digital future for energy and utilities. Digital is reshaping the landscape in every industry, and the energy and utilities sectors are no
More informationHow Much Cyber Security is Enough?
How Much Cyber Security is Enough? Business Drivers of Cyber Security Common Challenges and Vulnerabilities Cyber Security Maturity Model Cyber Security Assessments September 30, 2010 Business in the Right
More informationSecurity by Design WHITE PAPER
Security by Design WHITE PAPER Trilliant helps leading utilities and energy retailers achieve their smart grid visions through the Trilliant Communications Platform, the only communications platform purpose-built
More informationSmart Substation Security
Smart Substation Security SmartSec Europe 2014 Amsterdam 29/01/2014 Agenda Context Elia Introduction to the substation environment in Elia Security design and measures in the substation Near and far future
More informationRisk Management, Equipment Protection, Monitoring and Incidence Response, Policy/Planning, and Access/Audit
Page 1 of 10 Events Partners Careers Contact Facebook Twitter LinkedIn Pike Research Search search... Home About Research Consulting Blog Newsroom Media My Pike Logout Overview Smart Energy Clean Transportation
More informationEuropean Network for Cyber Security
European Network for Cyber Security Cyber Security: a fundamental basis for Smart Grids Project Summary December 19, 2014 Introduction Smart grids are crucial to support the use of more sustainable energy
More informationEmerging SCADA and Security Solutions Presented by; Michael F. Graves, P.E. Chris Murphy, CISSP
Emerging SCADA and Security Solutions Presented by; Michael F. Graves, P.E. Chris Murphy, CISSP July 25, 2014 Topics Improved 4G Communications Mobile Devices Cyber Security Threats Cyber Security Guidance
More informationFloodgate Security Framework
Floodgate Security Framework Security Framework for Embedded Devices As cybercriminals are now targeting non -conventional electronic appliances such as battery chargers, mobile phones, smart meters and
More informationPROJECT BOEING SGS. Interim Technology Performance Report 3. Company Name: The Boeing Company. Contract ID: DE-OE0000191
Interim Techlogy Performance Report 3 PROJECT BOEING SGS Contract ID: DE-OE0000191 Project Type: Revision: V1 Company Name: The Boeing Company November 19, 2013 1 Interim Techlogy Performance Report 3
More informationIncluding Threat Actor Capability and Motivation in Risk Assessment for Smart Grids
CPSR-SG 2016: Joint International Workshop on Cyber-Physical Security and Resilience in Smart Grids, 12th April 2016, Vienna Security for smart Electricity GRIDs Including Threat Actor Capability and Motivation
More informationWhat is Really Needed to Secure the Internet of Things?
What is Really Needed to Secure the Internet of Things? By Alan Grau, Icon Labs alan.grau@iconlabs.com The Internet of Things (IoT) has become a ubiquitous term to describe the tens of billions of devices
More informationDefense-in-Depth Strategies for Secure, Open Remote Access to Control System Networks
Defense-in-Depth Strategies for Secure, Open Remote Access to Control System Networks A look at multi-vendor access strategies Joel Langill TÜV FSEng ID-1772/09, CEH, CPT, CCNA Security Consultant / Staff
More informationThe Smart Grid in 2010
The Smart Grid in 2010 New Energy Symposium The New York Academy of Sciences August 9th, 2010 David J. Leeds About Greentech Media / GTM Research Web-based publisher of information on the future technology
More informationTHE FUTURE OF SMART GRID COMMUNICATIONS
THE FUTURE OF SMART GRID COMMUNICATIONS KENNETH C. BUDKA CTO STRATEGIC INDUSTRIES MAY 2014 THE GRID OF THE FUTURE WIDE-SCALE DEPLOYMENT OF RENEWABLES INCREASED ENERGY EFFICIENCY PEAK POWER REDUCTION, DEMAND
More informationTUSKEGEE CYBER SECURITY PATH FORWARD
TUSKEGEE CYBER SECURITY PATH FORWARD Preface Tuskegee University is very aware of the ever-escalating cybersecurity threat, which consumes continually more of our societies resources to counter these threats,
More informationEC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led
EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led Certification: ENSA Exam 312-38 Course Description This course looks at the network security in defensive view.
More informationSecure Access Solutions for the Petroleum Industry. Secure. Easy. Protected. Access.
for the Petroleum Industry Secure. Easy. Protected. Access. Cybersecurity A Growing Concern for Oil Companies Oil and gas companies utilize Supervisory Control and Data Acquisition Systems (SCADA) to control
More informationSecurity Issues with Integrated Smart Buildings
Security Issues with Integrated Smart Buildings Jim Sinopoli, Managing Principal Smart Buildings, LLC The building automation industry is now at a point where we have legitimate and reasonable concern
More informationKASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES. www.kaspersky.com
KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES www.kaspersky.com EXPERT SERVICES Expert Services from Kaspersky Lab are exactly that the services of our in-house experts, many of them global
More informationGreat ideas, big data and little privacy? Bart Preneel iminds and COSIC KU Leuven
Great ideas, big data and little privacy? Bart Preneel iminds and COSIC KU Leuven 2 3 NSA calls the iphone users public 'zombies' who pay for their own surveillance 4 Snowden revelations NSA: Collect it
More informationHow To Protect Your Network From Attack
NextGen SCADA security Erwin Kooi Setting the stage This talk is not An introduction to SCADA security AIC versus CIA The latest blinky-lights SCADA security appliance How to use IT security in OT envrionments
More informationHow Secure is Your SCADA System?
How Secure is Your SCADA System? Charles Drobny GlobaLogix, Inc. Houston, TX, USA Our Industry is a Target 40% of cyber attacks on Critical Infrastructure targets are aimed at the Energy Industry The potential
More informationThe Internet of Things
The Internet of Things Powe re d by IPv6 Jeff Apcar Distinguished Services Engineer, Cisco Systems March 14 th 2014, ida IPv6 Conference IoT Definition ** A collection of things Cisco Confidential 2 IoE/IoT/M2M
More informationAMI security considerations
AMI security considerations Jeff McCullough Introduction Many electric utilities are deploying or planning to deploy smart grid technologies. For smart grid deployments, advanced metering infrastructure
More informationfuture data and infrastructure
White Paper Smart Grid Security: Preparing for the Standards-Based Future without Neglecting the Needs of Today Are you prepared for future data and infrastructure security challenges? Steve Chasko Principal
More informationThe Internet of Things Risks and Challenges
The Internet of Things Risks and Challenges Providing the insight that enables our customers to make informed business decisions. Antony Price 03rd March 2015 Contents Internet of Things - The next threat
More informationUPnP: The Discovery & Service Layer For The Internet of Things April 2015
UPnP: The Discovery & Service Layer For The Internet of Things April 2015 The First Chapter: The Connected Home In late 1999, the founding members of what would become the UPnP Forum started to put together
More informationRobert Malmgren. Smart Grid. Security Challenges - Legacy and Infrastructure Burdens
Robert Malmgren Smart Grid Security Challenges - Legacy and Infrastructure Burdens Short bio Robert Malmgren Independent consultant that have worked with utility companies regarding IT- and info sec since
More informationInternet of Things (IoT): Security Awareness. Sandra Liepkalns, CRISC sandra.liepkalns@netrus.com
Internet of Things (IoT): Security Awareness Sandra Liepkalns, CRISC sandra.liepkalns@netrus.com So What is the Internet of Things Network of physical objects embedded with: Electronics, software, sensors
More informationSeattle City Light Strategic Technology Presentation. Presentation to City Light Review Panel September 1, 2010
Seattle City Light Strategic Technology Presentation Presentation to City Light Review Panel September 1, 2010 Technology at City Light Mission: IT provides the hardware/software/networks/security/ services
More informationPKI: THE SECURITY SOLUTION FOR THE INTERNET OF THINGS
PKI: THE SECURITY SOLUTION FOR THE INTERNET OF THINGS TABLE OF CONTENTS 2 EXECUTIVE SUMMARY 3 THE EMERGENCE OF THE INTERNET OF THINGS 4 SECURITY RISKS IN NETWORKED DEVICES 6 PKI S FOUNDATION OF STRONG
More informationNetwork Infrastructure Considerations for Smart Grid Strategies By Jim Krachenfels, Marketing Manager, GarrettCom, Inc.
Network Infrastructure Considerations for Smart Grid Strategies By Jim Krachenfels, Marketing Manager, GarrettCom, Inc. The Smart Grid is having a decided impact on network infrastructure design and the
More informationCybersecurity Training
Standards Certification Education & Training Publishing Conferences & Exhibits Cybersecurity Training Safeguarding industrial automation and control systems www.isa.org/cybetrn Expert-led training with
More informationPROJECT BOEING SGS. Interim Technology Performance Report 1. Company Name: The Boeing Company. Contract ID: DE-OE0000191
Interim Techlogy Performance Report 1 PROJECT BOEING SGS Contract ID: DE-OE0000191 Project Type: Revision: V2 Company Name: The Boeing Company December 10, 2012 1 Interim Techlogy Performance Report 1
More informationACCESS MANAGEMENT FOR SMART HOME DEVICES
CONCEPT PAPER IDENTITY AND DRAFT ACCESS MANAGEMENT FOR SMART HOME DEVICES Bill Fisher National Cybersecurity Center of Excellence Sudhi Umarji The MITRE Corporation DRAFT June 2016 IoT-NCCoE@nist.gov The
More informationNational Cybersecurity Challenges and NIST. Donna F. Dodson Chief Cybersecurity Advisor ITL Associate Director for Cybersecurity
National Cybersecurity Challenges and NIST Donna F. Dodson Chief Cybersecurity Advisor ITL Associate Director for Cybersecurity Though no-one knows for sure, corporate America is believed to lose anything
More informationSCADA Security Training
SCADA Security Training 1-Day Course Outline Wellington, NZ 6 th November 2015 > Version 3.1 web: www.axenic.co.nz phone: +64 21 689998 page 1 of 6 Introduction Corporate Background Axenic Ltd Since 2009,
More informationCyber Security Health Test
ENERGY Cyber Security Health Test Robin Massink 20-05-2014 1 DNV GL 2013 2014 20-12-2013 SAFER, SMARTER, GREENER Cyber security issues facing the utility industry We are moving from IEC60870-5-101/ DNP3
More informationThe following chart provides the breakdown of exam as to the weight of each section of the exam.
Introduction The CWSP-205 exam, covering the 2015 objectives, will certify that the successful candidate understands the security weaknesses inherent in WLANs, the solutions available to address those
More informationThe Internet of Things (IoT) Opportunities and Risks
Session No. 744 The Internet of Things (IoT) Opportunities and Risks David Loomis, CSP Risk Specialist Chubb Group of Insurance Companies Brian Wohnsiedler, CSP Risk Specialist Chubb Group of Insurance
More informationInformation Security Services
Information Security Services Information Security In 2013, Symantec reported a 62% increase in data breaches over 2012. These data breaches had tremendous impacts on many companies, resulting in intellectual
More informationFuture of Electric Distribution Dialogue
Future of Electric Distribution Dialogue Webinar Series Session I: State of U.S. Electric Distribution July 11, 2012 2:00 3:30 p.m. EDT Session I: State of U.S. Electric Distribution 2:00 p.m. Opening
More informationRedefining MDM for a Smart Grid Enabled
Redefining MDM for a Smart Grid Enabled Enterprise Florida Power and Light Radha Swaminathan Director, AMI Information Technology, MDM and its future in a smart grid enabled enterprise A key component
More informationSecurity Testing. Vulnerability Assessment vs Penetration Testing. Gabriel Mihai Tanase, Director KPMG Romania. 29 October 2014
Security Testing Vulnerability Assessment vs Penetration Testing Gabriel Mihai Tanase, Director KPMG Romania 29 October 2014 Agenda What is? Vulnerability Assessment Penetration Testing Acting as Conclusion
More informationIT AUDIT WHO WE ARE. Current Trends and Top Risks of 2015 10/9/2015. Eric Vyverberg. Randy Armknecht. David Kupinski
IT AUDIT Current Trends and Top Risks of 2015 2 02 Eric Vyverberg WHO WE ARE David Kupinski Randy Armknecht Associate Director Internal Audit Protiviti 317.510.4661 eric.vyverberg@protiviti.com Managing
More informationMaking Sense of Internet of Things Protocols and Implementations
Making Sense of Internet of Things Protocols and Implementations Author: Kim Rowe, RoweBots Higher level protocols for Internet of Things have various features and offer different capabilities. Most of
More informationAgenda. Introduction to SCADA. Importance of SCADA security. Recommended steps
Agenda Introduction to SCADA Importance of SCADA security Recommended steps SCADA systems are usually highly complex and SCADA systems are used to control complex industries Yet.SCADA systems are actually
More informationSecurity Implications Associated with Mass Notification Systems
Security Implications Associated with Mass Notification Systems Overview Cyber infrastructure: Includes electronic information and communications systems and services and the information contained in these
More informationSPARKS Cybersecurity Technology and the NESCOR Failure Scenarios
SPARKS Cybersecurity Technology and the NESCOR Failure Scenarios Lucie Langer and Paul Smith firstname.lastname@ait.ac.at AIT Austrian Institute of Technology ComForEn Workshop Monday 29 th September,
More informationRuggedCom Solutions for
RuggedCom Solutions for NERC CIP Compliance Rev 20080401 Copyright RuggedCom Inc. 1 RuggedCom Solutions Hardware Ethernet Switches Routers Serial Server Media Converters Wireless Embedded Software Application
More informationFERPA: Data & Transport Security Best Practices
FERPA: Data & Transport Security Best Practices April 2013 Mike Tassey Privacy Technical Assistance Center FERPA and Data Security Unlike HIPAA and other similar federal regulations, FERPA does not require
More informationI. TODAY S UTILITY INFRASTRUCTURE vs. FUTURE USE CASES...1 II. MARKET & PLATFORM REQUIREMENTS...2
www.vitria.com TABLE OF CONTENTS I. TODAY S UTILITY INFRASTRUCTURE vs. FUTURE USE CASES...1 II. MARKET & PLATFORM REQUIREMENTS...2 III. COMPLEMENTING UTILITY IT ARCHITECTURES WITH THE VITRIA PLATFORM FOR
More informationCyber Security and Privacy - Program 183
Program Program Overview Cyber/physical security and data privacy have become critical priorities for electric utilities. The evolving electric sector is increasingly dependent on information technology
More informationEnergyAxis System: Security for the Smart Grid
Security for the Smart Grid 2010 by Elster All rights reserved. No part of this document may be reproduced, transmitted, processed or recorded by any means or form, electronic, mechanical, photographic
More informationHong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望
Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望 Agenda Information Security Trends Year 2014 in Review Outlook for 2015 Advice to the Public Hong Kong Computer Emergency Response Team Coordination
More informationJim Sheppard, Director of Business Processes CenterPoint Energy, Texas, USA
Jim Sheppard, Director of Business Processes CenterPoint Energy, Texas, USA About Us... Public company traded on the New York Stock Exchange (CNP) Headquartered in Houston, TX Operating 3 business segments
More informationINTEGRATING SUBSTATION IT AND OT DEVICE ACCESS AND MANAGEMENT
Utilities WHITE PAPER May 2013 INTEGRATING SUBSTATION IT AND OT DEVICE ACCESS AND MANAGEMENT Table of Contents Introduction...3 Problem Statement...4 Solution Requirements...5 Components of an Integrated
More informationInternet of Things Security Companion to the CIS Critical Security Controls (Version 6)
Internet of Things Security Companion to the CIS Critical Security Controls (Version 6) October 2015 Internet of Things Security Companion to the CIS Critical Security Controls (Ver. 6) Introduction...
More informationPanel Session: Lessons Learned in Smart Grid Cybersecurity
PNNL-SA-91587 Panel Session: Lessons Learned in Smart Grid Cybersecurity TCIPG Industry Workshop Jeff Dagle, PE Chief Electrical Engineer Advanced Power and Energy Systems Pacific Northwest National Laboratory
More informationNormen & Standards Industrie 4.0 IEEE Standards
Normen & Standards Industrie 4.0 IEEE Standards Stand: Oktober 2015 IEEE 1872 * IEEE 2015 IEEE Standard Ontologies for Robotics and Automation 1872-2015 IEEE 1232.3 * IEEE 1232.3- IEEE Guide for the Use
More informationSmart Grid and Cyber Challenges
Smart Grid and Cyber Challenges National Security Risks and Concerns of Smart Grid Stephen Spoonamore and Ronald L. Krutz, Ph.D., PE, CISSP, ISSEP This document surveys cybersecurity concerns associated
More informationThe Night the Lights went out in Vegas: Demystifying Smart Meter Networks. Barrett Weisshaar Garret Picchioni
The Night the Lights went out in Vegas: Demystifying Smart Meter Networks Barrett Weisshaar Garret Picchioni Overview What this Presentation is: Overview of Smart Meter & Smart Grid technology Detail network
More informationBachelor of Information Technology (Network Security)
Bachelor of Information Technology (Network Security) Course Structure Year 1: Level 100 Foundation knowledge subjects SEMESTER 1 SEMESTER 2 ITICT101A Fundamentals of Computer Organisation ITICT104A Internetworking
More informationCYBER SECURITY: PERILS AND OPPORTUNITIES
Emerging Technology Forum CYBER SECURITY: PERILS AND OPPORTUNITIES Dr. Dennis Martinez CTO - Harris RF Communications Division June 25, 2013 Cyber Security Addresses Two Key Objectives Protect Information
More informationCyber Security. Doug Houseman Doug@Enernex.com. Engineering Consulting Research. Modeling Simulation Security. The Practical Grid Visionaries TM
Cyber Security Engineering Consulting Research Modeling Simulation Security Doug Houseman Doug@Enernex.com The Practical Grid Visionaries TM Warnings The costs given are based on prior projects They may
More informationi-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors
March 25-27, 2014 Steven A. Kunsman i-pcgrid Workshop 2015 Cyber Security for Substation Automation The Jagged Line between Utility and Vendors ABB Inc. March 26, 2015 Slide 1 Cyber Security for Substation
More informationAdvanced Metering Infrastructure Security
Advanced Metering Infrastructure Security John Sawyer, Senior Security Analyst Don C. Weber, Senior Security Analyst InGuardians, Inc. 1 of 131 John Sawyer InGuardians, Inc. - Senior Security Analyst DarkReading.com
More informationThe Internet of Things (IoT) and Industrial Networks. Guy Denis gudenis@cisco.com Rockwell Automation Alliance Manager Europe 2015
The Internet of Things (IoT) and Industrial Networks Guy Denis gudenis@cisco.com Rockwell Automation Alliance Manager Europe 2015 Increasingly Everything will be interconnected 50 Billion Smart Objects
More informationHow NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements
How NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements I n t r o d u c t i o n The Payment Card Industry Data Security Standard (PCI DSS) was developed in 2004 by the PCI Security Standards
More informationCisco Fog Computing Solutions: Unleash the Power of the Internet of Things
White Paper Cisco Fog Computing Solutions: Unleash the Power of the Internet of Things Connect things. Analyze and act on the data they produce in milliseconds. Then send the right data to the cloud for
More informationCybersecurity Risk Assessment in Smart Grids
Cybersecurity Risk Assessment in Smart Grids Lucie Langer, Paul Smith, Thomas Hecht firstname.lastname@ait.ac.at AIT Austrian Institute of Technology ComForEn Symposium 2014 Sept 30, 2014 1 Risk Assessment:
More informationSmart Grid Security: A Look to the Future
Smart Grid Security: A Look to the Future SESSION ID: TECH-W03A Gib Sorebo Chief Cybersecurity Technologist Leidos @gibsorebo Overview Distributed Energy Plug-in Vehicles Evolving Threats: Market Manipulation,
More information[CEH]: Ethical Hacking and Countermeasures
[CEH]: Ethical Hacking and Countermeasures Length Audience(s) Delivery Method : 5 days : This course will significantly benefit security officers, auditors, security professionals, site administrators,
More informationSecuring Distribution Automation
Securing Distribution Automation Jacques Benoit, Cooper Power Systems Serge Gagnon, Hydro-Québec Luc Tétreault, Hydro-Québec Western Power Delivery Automation Conference Spokane, Washington April 2010
More information( Increased usage of IP addresses )
IPv6 Applications IPv6: Make Possible Internet of Things More Devices than people Smart phones Smart Tablets Traditional Internet desktops Data-enabled mobile phones Consumer appliances Embedded systems
More informationCyber Security Seminar KTH 2011-04-14
Cyber Security Seminar KTH 2011-04-14 Defending the Smart Grid erik.z.johansson@se.abb.com Appropriate Footer Information Here Table of content Business Drivers Compliance APT; Stuxnet and Night Dragon
More informationReducing Application Vulnerabilities by Security Engineering
Reducing Application Vulnerabilities by Security Engineering - Subash Newton Manager Projects (Non Functional Testing, PT CoE Group) 2008, Cognizant Technology Solutions. All Rights Reserved. The information
More informationNERC CIP Substation Cyber Security Update. John M Shaw Presentation to UTC Region 7 February 19, 2009 jshaw@garrettcom.com
NERC CIP Substation Cyber Security Update John M Shaw Presentation to UTC Region 7 February 19, 2009 jshaw@garrettcom.com It s February 19, 2009 132 project days left to compliance Do you know where (what)
More informationSecurity and the Internet of Things (IoT)
Security and the Internet of Things (IoT) Analysis and Recommendations for IoT Manufacturers and IT/Business Executives Wei (Weslay) Xu Tuck School of Business at Dartmouth 03/20/2015 High Level Description
More informationSmart Systems: the key enabling technology for future IoT
Smart Systems: the key enabling technology for future IoT Roberto Zafalon Technology Programmes, Director R&D and Public Affairs, Italy STMicroelectronics IoT Large Scale Pilots Brokerage Workshop London
More informationEnterprise Apps: Bypassing the Gatekeeper
Enterprise Apps: Bypassing the Gatekeeper By Avi Bashan and Ohad Bobrov Executive Summary The Apple App Store is a major part of the ios security paradigm, offering a central distribution process that
More informationIntroduction Chapter 1. Uses of Computer Networks
Introduction Chapter 1 Uses of Computer Networks Network Hardware Network Software Reference Models Example Networks Network Standardization Metric Units Revised: August 2011 Uses of Computer Networks
More informationINTELLIGENCE BY ZPRYME ZPRYME.COM SMARTGRIDRESEARCH.ORG 2013 ZPRYME RESEARCH & CONSULTING, LLC. ALL RIGHTS RESERVED.
cyber security SPONSORED BY INTELLIGENCE BY ZPRYME ZPRYME.COM SMARTGRIDRESEARCH.ORG 2013 ZPRYME RESEARCH & CONSULTING, LLC. ALL RIGHTS RESERVED. survey JANUARY 2013 Table of Contents Executive Summary...
More informationCyber Security :: Insights & Recommendations for Secure Operations. N-Dimension Solutions, Inc.
Cyber Security :: Insights & Recommendations for Secure Operations N-Dimension Solutions, Inc. Cyber Security Protection for Critical Infrastructure Assets Agenda: Cyber Landscape Cyber Threats to Your
More informationInternet of Things. Laurent Toutain. June 11, 2013. Caen () IPv6 opérateur June 11, 2013 1 / 14
Internet of Things Laurent Toutain June 11, 2013 Caen () IPv6 opérateur June 11, 2013 1 / 14 Internet of Things? Internet of Things Caen () IPv6 opérateur June 11, 2013 2 / 14 Internet of Things? Internet
More informationCybersecurity The role of Internal Audit
Cybersecurity The role of Internal Audit Cyber risk High on the agenda Audit committees and board members are seeing cybersecurity as a top risk, underscored by recent headlines and increased government
More informationSECURITY ANALYTICS & INTELLIGENCE FOR CRITICAL INFRASTRUCTURE
www.wipro.com SECURITY ANALYTICS & INTELLIGENCE FOR CRITICAL INFRASTRUCTURE Saritha Auti Practice Head Enterprise Security Solutions, Wipro Table of Contents 03... Executive Summary 04... Demystifying
More informationSCADA Security: Challenges and Solutions
SCADA Security: Challenges and Solutions June 2011 / White paper by Metin Ozturk, Philip Aubin Make the most of your energy Summary Executive Summary... p 2 Protecting Critical Infrastructure Includes
More informationSystem stability through cloud-enabled energy automation An essential building block for the digitalization of distribution networks
European Utility Week Vienna, November 3-5, 2015 System stability through cloud-enabled energy automation An essential building block for the digitalization of distribution networks Prof. Dr. Michael Weinhold,
More informationVPN. Date: 4/15/2004 By: Heena Patel Email:hpatel4@stevens-tech.edu
VPN Date: 4/15/2004 By: Heena Patel Email:hpatel4@stevens-tech.edu What is VPN? A VPN (virtual private network) is a private data network that uses public telecommunicating infrastructure (Internet), maintaining
More informationDMS - Breakthrough Technology for the Smart Grid
DMS - Breakthrough Technology for the Smart Grid The emerging smart grid is expected to address many of the current challenges in the electrical power industry. It is expected to make the electric grid
More information