Designing secure networks for substation automation and control systems



Similar documents
The President s Critical Infrastructure Protection Board. Office of Energy Assurance U.S. Department of Energy 202/

TABLE OF CONTENT. Page 2 of 9 INTERNET FIREWALL POLICY

SCADA SYSTEMS AND SECURITY WHITEPAPER

Payment Card Industry (PCI) Data Security Standard

Overview. Firewall Security. Perimeter Security Devices. Routers

Cyber Security Management for Utility Operations by Dennis K. Holstein (Opus Publishing) and Jose Diaz (Thales esecurity)

Security threats and network. Software firewall. Hardware firewall. Firewalls

Innovative Defense Strategies for Securing SCADA & Control Systems

CYBER SECURITY: SYSTEM SERVICES FOR THE SAFEGUARD OF DIGITAL SUBSTATION AUTOMATION SYSTEMS. Massimo Petrini (*), Emiliano Casale TERNA S.p.A.

What would you like to protect?

Network Security. Tampere Seminar 23rd October Overview Switch Security Firewalls Conclusion

SFWR ENG 4C03 Class Project Firewall Design Principals Arash Kamyab March 04, 2004

Module 8. Network Security. Version 2 CSE IIT, Kharagpur

Security Issues with Integrated Smart Buildings

CS 356 Lecture 19 and 20 Firewalls and Intrusion Prevention. Spring 2013

State of New Mexico Statewide Architectural Configuration Requirements. Title: Network Security Standard S-STD Effective Date: April 7, 2005

Dr. György Kálmán

Securing Modern Substations With an Open Standard Network Security Solution. Kevin Leech Schweitzer Engineering Laboratories, Inc.

1. Cyber Security. White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network

Cornerstones of Security

SEMANTIC SECURITY ANALYSIS OF SCADA NETWORKS TO DETECT MALICIOUS CONTROL COMMANDS IN POWER GRID

Firewalls. Securing Networks. Chapter 3 Part 1 of 4 CA M S Mehta, FCA

Firewall Architecture

INTERNET SECURITY: THE ROLE OF FIREWALL SYSTEM

Firewalls. CEN 448 Security and Internet Protocols Chapter 20 Firewalls

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

Basic Network Configuration

Understanding SCADA System Security Vulnerabilities

Firewalls. Ola Flygt Växjö University, Sweden Firewall Design Principles

SCADA/Business Network Separation: Securing an Integrated SCADA System

Agenda. Understanding of Firewall s definition and Categorization. Understanding of Firewall s Deployment Architectures

DATA SECURITY 1/12. Copyright Nokia Corporation All rights reserved. Ver. 1.0

Chapter 9 Firewalls and Intrusion Prevention Systems

Banking Security using Honeypot

SCADA System Security. ECE 478 Network Security Oregon State University March 7, 2005

JK0-022 CompTIA Academic/E2C Security+ Certification Exam CompTIA

Networking Basics for Automation Engineers

How To Protect Power System From Attack From A Power System (Power System) From A Fault Control System (Generator) From An Attack From An External Power System

By David G. Holmberg, Ph.D., Member ASHRAE

We will give some overview of firewalls. Figure 1 explains the position of a firewall. Figure 1: A Firewall

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

Firewall Design Principles Firewall Characteristics Types of Firewalls

SCADA Security Measures

SECURING AN INTEGRATED SCADA SYSTEM. Technical Paper April 2007

Chapter 20. Firewalls

Improving SCADA Control Systems Security with Software Vulnerability Analysis

Firewalls (IPTABLES)

AUDITOR GENERAL S REPORT. Protection of Critical Infrastructure Control Systems. Report 5 August 2005

Security Design.

ISACA rudens konference

Secure Networking for Critical Infrastructure Using Service-aware switches for Defense-in-Depth deployment

Overview - Using ADAMS With a Firewall

Overview - Using ADAMS With a Firewall

On the use of Honeypots for Detecting Cyber Attacks on Industrial Control Networks

Proxy Server, Network Address Translator, Firewall. Proxy Server

8. Firewall Design & Implementation

Information Security Assessment and Testing Services RFQ # Questions and Answers September 8, 2014

Introduction to Computer Networks and Data Communications

Cyber Security for SCADA/ICS Networks

CS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module

Endless possibilities

Network Security Administrator

Security for. Industrial. Automation. Considering the PROFINET Security Guideline

ICANWK406A Install, configure and test network security

SCADA and Security Are they Mutually Exclusive? Terry M. Draper, PE, PMP

PROFESSIONAL SECURITY SYSTEMS

PCI Security Scan Procedures. Version 1.0 December 2004

Firewalls. ITS335: IT Security. Sirindhorn International Institute of Technology Thammasat University ITS335. Firewalls. Characteristics.

Firewalls. Contents. ITS335: IT Security. Firewall Characteristics. Types of Firewalls. Firewall Locations. Summary

Network Technologies

Basics of Internet Security

White Paper. Cyber Security. Power Industry Locks Down. What s Inside:

GE Measurement & Control. Cyber Security for NEI 08-09

Security Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions

Top-Down Network Design

Fig : Packet Filtering

Deploying Firewalls Throughout Your Organization

Chapter 7. Firewalls

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 6 Network Security

NETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015

Designing a security policy to protect your automation solution

Com.X Router/Firewall Module. Use Cases. White Paper. Version 1.0, 21 May Far South Networks

Rajan R. Pant Controller Office of Controller of Certification Ministry of Science & Technology rajan@cca.gov.np

OPERATIONS CAPITAL. The Operations Capital program for the test years is divided into two categories:

Firewalls. Ingress Filtering. Ingress Filtering. Network Security. Firewalls. Access lists Ingress filtering. Egress filtering NAT

Network Virtualization Network Admission Control Deployment Guide

What is a Firewall? Computer Security. Firewalls. What is a Firewall? What is a Firewall?

Security issues in Voice over IP: A Review

Implementation of Virtual Local Area Network using network simulator

RuggedCom Solutions for

13 Ways Through A Firewall

Getting started. Creating a Web Server support application

12. Firewalls Content

Protecting Critical Infrastructure

CAISO Information Security Requirements for the Energy Communication Network (ECN)

Transcription:

Designing secure networks for substation automation and control systems Niculescu Eliodor Sorin, Rusta Constantin, Mircea Paul Mihai, Ruieneanu Liviu and Daianu Adrian Abstract Development of the energy systems and utilities (water, gas) and the process information related to them but also their interconnection with other equipments and information systems led to increasing the risk and vulnerability; thus occurring the access possibility to the command /control systems and data for an unauthorized persons that may influence the operational safety. It also results need to take measures to increase security systems by removing all data connections or linkages that are not necessary for the operative management of the energy system. This paper focuses on describes a possible solution to increase safety for better management as well as to obtain more precise information (accurate) about events that occur while also reducing the vulnerability of the systems. Keywords Network security planning, process information system, risk, safety data, SCADA systems. I. INTRODUCTION NFORMATION systems security process is a relatively new I IT technology, and was released as a result of the inherent diversification of communication in modern society based on efficiency and speed in decision making processes. E-mail services, web, data transfer, etc. is based on a sense of security often false, which can generate potential gains rapid access to information, but can cause major losses due to theft of data or insert false or misleading [1]. Command-control systems and automation in power systems are a special category of information process, which combined with the computer systems of the utilities (water, gas) are the backbone of technical civilization. Power systems are a special category of industrial systems with high sensitivity and can go in case of errors / mistakes in the states of partial or total unavailability (the blackout) as E. S. Niculescu, Romanian National Power Grid Company Transelectrica Co., SCADA and Substation Control Systems Dept. Currently is PhD student at the University of Craiova, Faculty of Electrical Engineering sniculescu@pasys.ro;eli.sorin@gmail.com C. Rusta, Romanian Hydro Power Company Hidroelectrica Co., SCADA and Industrial Systems Dept. (constantin.rusta@gmail.com). P. M. Mircea, University of Craiova, Faculty of Electrical Engineering, Decebal Boulevard, no.107, Craiova, Romania; mmircea@elth.ucv.ro. L. Ruieneanu is with the University of Craiova, Faculty of Electrical Engineering, Decebal Boulevard, no.107, Craiova, Romania: lruieneanu@elth.ucv.ro. A. Daianu, Romanian Hydro Service Power Company Hydroserv Co., Automation and Protection Relay Dept. (daianuadrian@gmail.com). having a strong impact on business and everyday life. Moreover, if the decommissioning of the source system has an "intruder" external or external cause, the impact is even greater because the entire basic infrastructure is compromised, and could thus make "scenarios" different from any geographic points of the world. If until few years ago these systems automation data network operated as "isolated" (self), new communications technologies have allowed their interconnection and implementation processes and telemanagement remote, which to some extent vulnerable security systems [3]. This integration of the local computer subsystems and motivation was to achieve high coverage networks (WAN Wide Area Network) to: faster data acquisition, low propagation delay information to post-factum analysis centers, increasing the time response, optimization of decision making and maintaining a close link to the center to coordinate with various sublevels of subordination (Company / Branches / Centers / Substations / Process). II. PROCESS INFORMATION SYSTEMS - BOUNDING ENERGY DOMAIN A. Definition. Features. Requirements Process Information Systems (PIS) is an information system as part of the collection, transmission, storage and processing is done using the elements or components of IT (Information Technology) [4], means that computers and modern communications, software specialized procedures and techniques plus trained personnel. In other words, PIS is that part of the information system, including acquisition, processing and automatic transmission of data and information within a macro information system [5]. Characteristics of information systems: there any system should have as a central database in real time (RTDB - Real Time Data Base), the stored data to be interrelated among themselves from internal and external sources; an information system must be authentic, accurate, and support presentation range from management level to another; a system must include a variety of mathematical models, technical, economic, eg, optimization models, simulation models, models of efficiency; ISBN: 978-1-61804-324-5 78

a system should be designed as a man-machine (HMI - Human Machine Interface) offering the possibility of an immediate and friendly interaction between user and system; a system must provide the highest possible degree of integration in two aspects: internal integration and external integration. Computer system requirements: To achieve systems that meet the required characteristics of systems is necessary to take into account the following requirements: a grounding system design to be made on grounds of economic efficiency; a direct participation in the design of management information system unit; ensuring a high technical level of the solutions adopted; a solution adopted in accordance with available resources and restrictions. Structuring of information systems requirements in the overall design stages: one on each level of the structure must ensure the uniqueness criterion for decomposition of the system; a structure made up later to allow the entire system by aggregating separate modules. B. SCADA Systems It was tried to delimit the scope of the above systems and their implementation to investigate how the National Power Grid System reacts. Thus, process control systems for power are known in literature as SCADA (Supervisory Control and Data Acquisition) systems. They are the "tools" based on the computers, which energy operators used to assist in controlling the operation of complex energy systems [2]. Base entire scaffold which contribute to the supervision, control and monitoring of electrical substation equipment and power networks is the control and data acquisition. The functions of SCADA Systems supervising and control of equipment or parts of the facility and power networks. an alarm to "recognition" of the system with inadequate state supervision of equipment and networks; post factum analysis maintain a running history of events in the surveillance; a graphical user interface (GUI - Graphical User Interface); a self-diagnostics for continuous monitoring of their functional parameters; planning and tracking a maintenance process. The architecture of control systems must comply with the requirements of open systems OSI - ISO (Open Systems Interconnection International Standard Organization). An open system provides opportunities that make applications such as: a system can be implemented from several suppliers of equipment; one can work with other applications made in open systems; to present a consistent style of interaction with the user; The more open open-concept system that brings in SCADA system design is the ability to distribute processing functions Fig.1 general architecture of a basic Substation Automation System ISBN: 978-1-61804-324-5 79

in various knots. Each node is functionally independent of the hardware resource. Dependence between nodes is variable, however the hardware must be provided as independent as possible, this way, and it can get the opportunity to expand further or replacement. Also, the independence of processing nodes used to minimize transmission of messages and data network load. Within the node redundancy increases availability and reduces the risk of loss and loss distribution functions for other nodes. A characteristic of open systems is that nodes can be located at any distance, distributed architecture becomes a necessity, and used as a support for local data communication networks (LAN Local Area Network) and remote (WAN Wide Area Network) made using standard procedures and interfaces [7]. In Fig.1 is presented the general architecture of a distributed SCADA system, the key is to connect various components through communication networks. C. The integration concept of distributed information systems If in the early stages, information systems at power station were isolated entities, and their only external connection is made only with the dispatch center (the serial protocols IEC 60870-5-101, invulnerable to attacks) [9], the integration of these new policies structures of complex computer systems using competitive communication protocols (based on TCP / IP) led to an increase in default and vulnerability. In order, to maximize technical and economic supervised process, the centralization of information and increase safety of National Power System were created regional information infrastructure (Control Center) which are able to download the complete information flow on all electric substations under the action of these centers. Thus, developing the concept of Wide Area SCADA (Fig. 2) which requires a full integration of these sub-control protections (SAS), in the compact and complex computer entity capable of providing a remote management of all facilities automation without the need for continuous operational tour [6]. To achieve this goal, it is necessary the use of communication protocols capable of managing the entire amount of exchange of information between control centers and the process itself. III. THE SAS SECURITY A. Network Security Planning In a computer network, there must be assurance that sensitive data is protected so that only authorized users have access to them [6]. The vulnerability of computer networks is manifested in two ways: modification or destruction of information (attack the physical integrity); a possibility of unauthorized use of information; Providing "safety data" stored in a computer network involves procedures for handling data that can not lead to the accidental distribution of their measures and / or duplication of important data to be restored if necessary. Having a secure computer network with access to data requires a user authentication procedure and / or differentiated authorization for certain resources. Any network should be protected against intentional or accidental damage. There are four major threats to the security of computer networks, as below: unauthorized access; electronic data alteration; data theft; on purpose or accidental damage. Is the responsibility of the network administrator to ensure a secure, reliable and ready to face the dangers above? It is believed that a computer system / computer network is safe(s) if all its operations are always carried out according to strictly defined rules, which results in a complete protection of entities, resources and operations. The list of threats is the defining security requirements. Once they are known that the rules should be developed to control all network operations. These operational rules are called "security services", and implementation services are by security protocols [6]. To define a secure computer network should be developed as follows: a list of security requirements; rules for protection and security. Fig. 2 wide area SCADA concept ISBN: 978-1-61804-324-5 80

B. Defining security policies In a computer network security model assumes the existence of three levels: a physical security; a logic of security levels; a secure connection. Establish security policies and provide general orientation guidelines for network administrators and users in case of unforeseen circumstances. The most important security policies are: prevention, authentication and training. IV. ISSUES TO BE TAKEN INTO ACCOUNT IN THE DESIGN PROCESS SYSTEMS RELATED NETWORKS A. Identify all existing connections to the SCADA Systems This entails a detailed analysis of network structure of the SCADA system for assessing risk and the need for all network connections. In this stage are assessed the following types of connections: Connecting to a SCADA computer network management of LAN, WAN (business networks); Connecting SCADA Systems to the Internet; Connecting to a SCADA Systems, the certain equipment including wireless connections via satellite; An existence of modems or other dial-up connections; An adjacent connection with partners, regulatory agencies, etc. B. Disconnect from the SCADA systems all unnecessary connections To ensure the highest degree of security of SCADA systems, recommended a "containment" of networks related to other adjacent networks or connections that are not related to the process. Any connection to / with another network introduces security risks, especially in if it creates a path or connection to the Internet. Although direct interconnection with other networks / subnets can allow efficient and convenient information exchange, risk of insecure connections vulnerable to process network is large, the optimum is why the "isolation" of the SCADA network. Can be used strategies such as using the "demilitarized zones" (DMZs De Militarized Zones), and virtual sharing of computer related applications regarding managerial and process applications, but all of them, must be designed and implemented properly to avoid placing an additional risk by an incorrect configuration. C. Evaluation and strengthening of securing all remaining connections to the SCADA system This goal involves conducting penetration testing or vulnerability of all remaining links to the SCADA network to be able to assess the security of these connections [5]. In this respect, it is essential that every entry point to be used to process network firewalls and detection systems "Intruder" (IDS - Intrusion Detection Systems). Physically, the firewall can be a simple PC, workstation, router or mainframe. From a logical standpoint, the firewall determines what information or services can be accessed from outside the network and who has the right to access these resources. The firewall is located in the internal network makes the junction with the external network, called the checkpoint area. The main functional components of a firewall: a packet filtering router; an application-level proxy gateway; a circuit-level gateway. Packet filtering router is a network that transmits packets based on filtering rules implemented rules that are based on security policy. If it is known the source or destination addresses, filtering rules on the router can accept or reject a packet depending on this information. Data packets have a destination other than the IP address of those servers will not be allowed into the network. Application-level control is achieved most often through a gate (gateway) or proxy server. The gateway must be properly installed proxy code for every application that wants to pass the gate. During the dialogue between a client and a server, the proxy server acts as the client and also becomes the target server or client. For the original client, proxy server functions in a transparent but is able to monitor and filter out certain commands or information. Proxy server is a dedicated server application running on the computer network that connects our world. Because customers can access a proxy server as the client software must be modified to support proxy connection and proxy server log on. D. Avoiding possible use of proprietary protocols in SCADA systems Some SCADA systems use (purely commercial reasons) proprietary protocols for communication between the terminals in the field" and servers; this is very risky because network security is often based solely on the security of these protocols obscure low. In addition, the developer of such protocols can provide communication interfaces to other producers of some of its protocol specifications thereby increasing the vulnerability of the network indirectly through attacks backdoors. E. Remove or disable unnecessary services SCADA servers built on open operating systems are easily exposed to attacks via the default network services. To reduce the risk of direct attack is recommended to remove or disable unused network services, this is particularly important when SCADA networks to interconnect with other ISBN: 978-1-61804-324-5 81

networks. An example of such a network service is "Remote maintenance, which should always be carried out only off and on the ground and only by authorized personnel in this regard. It is also recommended that access these systems to management / administration to make only a single external point of access and only the system administrator based on the company's internal regulations. V. CONCLUSION IT security mechanisms described above is a possible solution to achieve the perspective LANs process allowing better management of facilities, a more precise and accurate information on the events run, decrease the vulnerability of computer systems, high reliability and technology tends to occupy all the industries. REFERENCES [1] K.C. Claffey, Internet measurement: myths about Internet data http://www.caida.org/outreach/presentations/myths2002, CAIDA, UCSD [2] E.J. Byres, Network secures process control, InTech, Instrument Society of America, pp. 92-93, Oct. 1998. [3] Smith, T.; Hacker jailed for revenge sewage attacks, The Register, October 31, 2001, http://www.theregister.co.uk/content/4/22579.html [4] E.J. Byres and D. Hoffman; IT Security and the Plant Floor, InTech Magazine, Instrumentation Systems and Automation Society, Research Triangle Park, NC, p. 76, December 2002. [5] E.J. Byres; Designing Secure Networks for Process Control, IEEE Industry Applications Magazine, Institute of Electrical and Electronics Engineers, New York, Vol. 6, No. 5 p. 33-39, September/October 2000. [6] J.C. Netzel, Network Security Across Wide Area Networks & the Internet, IndComm 2003, Melbourne Australia, May 2003. [7] S. Kunsman and M. Braemdle; Cyber security for substation automation protection and controls systems, ABB Inc., 2011. [8] F.Hohlbaum, M.Braendle, F.Alvarez, Cyber security Practical considerations for implementing IEC 62351, PAC Conference 2010. [9] International Standard IEC 60870-5-101, Second edition 2003-02, Telecontrol equipment and systems Part 5-101: Transmission protocols Companion standard for basic telecontrol tasks. ISBN: 978-1-61804-324-5 82

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information