System Stability through technology

Similar documents
Securing the Electric Grid with Common Cyber Security Services Jeff Gooding

Cyber Security and Privacy - Program 183

INTEGRATING SUBSTATION IT AND OT DEVICE ACCESS AND MANAGEMENT

Symphony Plus Cyber security for the power and water industries

IEEE-Northwest Energy Systems Symposium (NWESS)

1. Cyber Security. White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network

Document ID. Cyber security for substation automation products and systems

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

Utility-Scale Applications of Microgrids: Moving Beyond Pilots Cyber Security

Securing Distribution Automation

Redesigning automation network security

How Much Cyber Security is Enough?

future data and infrastructure

Secure Remote Substation Access Interest Group Part 3: Review of Top Challenges, CIPv5 mapping, and looking forward to 2014!

Steve Lusk Alex Amirnovin Tim Collins

SPARKS Cybersecurity Technology and the NESCOR Failure Scenarios

Challenges and Opportunities for Aligning the Power System Cybersecurity and Reliability Objectives

Risk Management, Equipment Protection, Monitoring and Incidence Response, Policy/Planning, and Access/Audit

Redefining MDM for a Smart Grid Enabled

Secure Machine to Machine Communication on the example of Smart Grids

THE FUTURE OF SMART GRID COMMUNICATIONS

Secure Networks for Process Control

Panel Session: Lessons Learned in Smart Grid Cybersecurity

How to Integrate NERC s Requirements in an Ongoing Automation and Integration Project Framework

EPICenter Network Management Software

2013 AWS Worldwide Public Sector Summit Washington, D.C.

How to Choose the Right Industrial Firewall: The Top 7 Considerations. Li Peng Product Manager

RUGGEDCOM CROSSBOW. Secure Access Management Solution. siemens.com/ruggedcom. Edition 10/2014. Brochure

THE RTOS AS THE ENGINE POWERING THE INTERNET OF THINGS

Cyber Security Seminar KTH

Secure Remote Substation Access Solutions

Flexible Plug & Play Smart grid cyber security design and framework. Tim Manandhar

Alliance Key Manager A Solution Brief for Technical Implementers

How To Improve Your Network Security

SecFlow Security Appliance Review

For Service Providers. Copyright 2010 EMC Corporation. All rights reserved.

HP Intelligent Management Center Standard Software Platform

This webinar brought to you by the Relion product family Advanced protection and control from ABB

IBM Tivoli Service Request Manager

RuggedCom Solutions for

Network Cyber Security. Presented by: Motty Anavi RFL Electronics

Threat-Centric Security for Service Providers

Vortex White Paper. Simplifying Real-time Information Integration in Industrial Internet of Things (IIoT) Control Systems

Cyber Security. Smart Grid

2) trusted network, resilient against large scale Denial of Service attacks

Enterprise Solution for Remote Desktop Services System Administration Server Management Server Management (Continued)...

Provide access control with innovative solutions from IBM.

An Introduction to SIEM & RSA envision (Security Information and Event Management) January, 2011

NERC CIP VERSION 5 COMPLIANCE

Microsoft Windows Server System White Paper

GOVERNMENT USE OF MOBILE TECHNOLOGY

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

How to Implement Enterprise SAML SSO

Dr. Raheem Beyah Georgia Tech. Cyber-Physical Modeling & Simulation for Situational Awareness (CYMSA)

cloud functionality: advantages and Disadvantages

Best Practices in ICS Security for System Operators. A Wurldtech White Paper

GE Measurement & Control. Top 10 Cyber Vulnerabilities for Control Systems

AFCEA Aberdeen Luncheon. Army Common Operating Environment (COE) Update. March 11, 2015

Cyber security measures in protection and control IEDs

SecureVue Product Brochure

Unifying Smart Grid Communications using SIP

NERC CIP Substation Cyber Security Update. John M Shaw Presentation to UTC Region 7 February 19, 2009 jshaw@garrettcom.com

William Hery Research Professor, Computer Science and Engineering NYU-Poly

McAfee Security Architectures for the Public Sector

SDN Software Defined Networks

QRadar SIEM 6.3 Datasheet

Executive Summary. Cybersecurity cannot be completely solved, and will remain a risk we must actively manage.

HP Intelligent Management Center Enterprise Software Platform

IBM Cognos TM1 on Cloud Solution scalability with rapid time to value

WHITE PAPER CYBER SECURITY AND ELECTRIC UTILITY COMMUNICATIONS WHAT NERC/CIP MEANS FOR YOUR MICROWAVE

How To Protect Your Network From Attack

Features Description Benefit AP-7131N support Adaptive AP Support for the AP7131N-GR and AP7131N- GRN

How To Achieve Pca Compliance With Redhat Enterprise Linux

PROPALMS TSE 6.0 March 2008

Smart Substation Security

RTS/X. Scalable Solution for Payment Processing Systems. Guiding Principles of the system architecture. Overview

Consulting International

How can the Future Internet enable Smart Energy?

Wireless and Mobile Technologies for Healthcare: Ensuring Privacy, Security, and Availability

Manage Utility IEDs Remotely while Complying with NERC CIP

Communication Security Measures for SCADA Systems

Address IT costs and streamline operations with IBM service desk and asset management.

Sikkerhet Network Protector SDN app Geir Åge Leirvik HP Networking

Odyssey Access Client FIPS Edition

API Management: Powered by SOA Software Dedicated Cloud

IBM WebSphere application integration software: A faster way to respond to new business-driven opportunities.

John M Shaw Presentation to UTC Region 7 February 19, 2009 jshaw@garrettcom.com

Security Control Standard

Department of Defense PKI Use Case/Experiences

Transcription:

System Stability through technology 1

Smart Grid Design Goals More increased capabilities More capabilities at the edge and enterprise, pervasive automation Better faster, more reliable & secure The electric grid is more resilient Dynamic control of all security elements allows the system to adapt to evolving threats Easier usability (convergence, unified control, visualization, information on demand) Tens of Millions of nodes are manageable Situational awareness Common Services allow for easier integration of new capabilities and technologies 2

Smart Grid System of Systems (SoS) Research Four evolutions of Smart Grid SoS Architectures Silos ESB Adapter-based Common Current-state Typical SI Approach DoD-style approach Standards based Internet-style 3

CCS Introduction Changing Landscape Increased attention from government, media, public New class of adversary and malicious threats Increase use of Communications and Automation on the grid Customer and 3 rd Party Interaction increasing Objectives Security needs to keep pace with increasing pace of technology adoption Security needs to be baked in to new procurements while addressing legacy environment (No device left behind) Security needs to comply with all regulations and relevant standards Adhere to common services architecture that reduces implementation and operational costs through reuse Solution CCS is a common service for securing applications and devices CCS focuses on securing all critical energy delivery operations CCS is the first open and standards based implementation which meets all objectives 4

CCS Technology Highlights The most advanced security system in the energy sector Next generation utility technologies DoD technology transfer Best practices from many sectors Modern SOA style architecture The most compliant security system NERC CIP Version X All Federal Processing Standards (DHS, FIPS) NIST Compliant (NISTIR, SP) A robust, scalable and dynamic security system Supports all Grid Applications Supports current and next generation networking (MPLS) Supports all major protocols used on the Grid Modular Construction 5

CCS Technology Highlights Easily Integrated into existing environment Supports existing control and IT investments (Directory Services, Enterprise PKI) 8 inflight advanced programs are relying on new services (e.g. ISGD, Phasor Measurement, SA3, C-RAS, etc.) Supports gradual evolution to full compliance over time Ease of Use AMI Security uses command line and requires vendor support CCS has next generation web based graphical user interface Enables a powerful and unified security operations center IEC has committed to align with CCS principles Hosted IEC TC 57 Security Meetings New Part to FERC reviewed/recommended 62351 GE and Subnet are deploying CCS compatible devices and discussion are underway with other major vendors 6

Operational View Control Center Central Services (Data Center) DMS Historian Substation 2 Substation Devices Gateway PMU Substation 3 Substation Devices ESC PMU A&V CCS IED AVVC IED AVVC ESC ESC ESC Substation 1 Substation Devices Communications Network Substation n PMU Gateway Substation Devices IED PDC AVVC Represents a device with CCS capabilities EPS Electrical Power System ECS EPS Cyber System ECSA ECS Application ECSC ECS Component ESC Edge Security Client PMU IED AVVC IED ECS ECSA ECSC 7

CCS Concepts: Advanced Visualization Easy to use, intuitive interface 8

CCS Concepts: Control Plane All Devices are centrally controlled Grid Operations Security Operations Grid Application with CCS Client CCS Services Application Security Credentials IP Network Security Control Plane (Red) IPSEC PE MPLS Core MPLS VLAN Data Planes (Grey) Security Control Plane (Red) Not accessible in MPLS Core PE IP Network Security Control Plane (Red) IPSEC Application Security Credentials 9

CCS Concepts: Groups Management of communities and groups CCS Services Security Operations Grid Operations GROUP 2 Control Plane Security Associations Grid Application GROUP 1 GROUP 3 10

Initial CCS Capabilities Authentication Public Key Infrastructure (PKI), Identity Management, Attribute Certificates (BoH) Authorization Centrally Managed and Configured Security Associations (SAs) Accounting Integrity Audit & Reporting (Alert, Syslog) Security Information and Event Management (SIEM) Integrity Management Authority (IMA) Trusted Network Connect Bill-of-Health Quality-of-Trust Source-based Data Labeling : Trusted, Questionable, Untrusted Peer-to-Peer Communication Dynamic Interactive GUI Peer-to-peer middleware using Data Distribution System (DDS) Use only for control plane Several vendors available including open source Accessed via Web Browser (Chrome 14, FireFox 7 and IE 10 in the future) Built-in Test and Peek-Poke Capabilities 11

GUI Icon Legend All Nodes in the security network are displayed as circles and quadrants represent quality of security attributes Status (Heartbeat) BoH (Integrity) QoT (Quality-of-Trust) Identity Certificate 12

To ensure proper operation, rigorous technology evaluation must take place in a controlled environment before smart grid technologies are deployed on the grid Situational Awareness Lab Communications & Computing Lab Power Systems Lab Distributed Energy Resources Lab Substation Automation Lab Distribution Automation Lab Home Area Network Lab Garage of the Future Lab 13

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information