AURORA Vulnerability Background

Similar documents
Written Statement of Richard Dewey Executive Vice President New York Independent System Operator

RE: Experience with the Framework for Improving Critical Infrastructure Cybersecurity

Keeping the Lights On

NERC Alert System Overview

FERC, NERC and Emerging CIP Standards

Standard CIP 007 3a Cyber Security Systems Security Management

North American Electric Reliability Corporation: Critical Infrastructure Protection, Version 5 (NERC-CIP V5)

Standard CIP Cyber Security Systems Security Management

San Diego Gas & Electric Company FERC Order 717 Transmission Function Employee Job Descriptions June 4, Electric Grid Operations

San Diego Gas & Electric Company FERC Order 717 Transmission Function Employee Job Descriptions August 10, Electric Grid Operations

Utility-Scale Applications of Microgrids: Moving Beyond Pilots Cyber Security

NERC Cyber Security. Compliance Consulting. Services. HCL Governance, Risk & Compliance Practice

Best Practices in ICS Security for Device Manufacturers. A Wurldtech White Paper

Cyber Security Presentation. Ontario Energy Board Smart Grid Advisory Committee. Doug Westlund CEO, N-Dimension Solutions Inc.

Standard CIP 004 3a Cyber Security Personnel and Training

NERC CIP Compliance with Security Professional Services

Summary of CIP Version 5 Standards

Security Solutions to Meet NERC-CIP Requirements. Kevin Staggs, Honeywell Process Solutions

U.S. Department of Energy Office of Inspector General Office of Audits and Inspections

What are you trying to secure against Cyber Attack?

Cyber Security Compliance (NERC CIP V5)

JOINT EXPLANATORY STATEMENT TO ACCOMPANY THE CYBERSECURITY ACT OF 2015

PG&E Web Tool for Reporting Information Related to. NERC Reliability Requirement Compliance

NIST Cybersecurity Framework What It Means for Energy Companies

Notable Changes to NERC Reliability Standard CIP-005-5

Completed. Document Name. NERC CIP Requirements CIP-002 Critical Cyber Asset Identification R1 Critical Asset Identifaction Method

Securing the Electric Grid with Common Cyber Security Services Jeff Gooding

Addressing Dynamic Threats to the Electric Power Grid Through Resilience

What Risk Managers need to know about ICS Cyber Security

CIP Cyber Security Electronic Security Perimeter(s)

A MULTIFACETED CYBERSECURITY APPROACH TO SAFEGUARD YOUR OPERATIONS

Lessons Learned CIP Reliability Standards

Regulatory Compliance Management for Energy and Utilities

Alberta Reliability Standard Cyber Security System Security Management CIP-007-AB-5

STATEMENT OF SYLVIA BURNS CHIEF INFORMATION OFFICER U.S. DEPARTMENT OF THE INTERIOR BEFORE THE

Executive Summary. Cybersecurity cannot be completely solved, and will remain a risk we must actively manage.

CIP Supply Chain Risk Management (RM ) Statement of Jacob S. Olcott Vice President, BitSight Technologies January 28, 2016

Cybersecurity in a Mobile IP World

PREPARED DIRECT TESTIMONY OF SCOTT KING ON BEHALF OF SOUTHERN CALIFORNIA GAS COMPANY

April 8, Ms. Diane Honeycutt National Institute of Standards and Technology 100 Bureau Drive, Stop 8930 Gaithersburg, MD 20899

DHS, National Cyber Security Division Overview

Sempra Energy Utilities response Department of Commerce Inquiry on Cyber Security Incentives APR

LogRhythm and NERC CIP Compliance

CIP Cyber Security Configuration Change Management and Vulnerability Assessments

Top Ten Compliance Issues for Implementing the NERC CIP Reliability Standard

Energy Cybersecurity Regulatory Brief

CIP Cyber Security Configuration Change Management and Vulnerability Assessments

State Roles in Enhancing the Cybersecurity of Energy Systems and Infrastructure

NERC Cyber Security Standards

Performs the Federal coordination role for supporting the energy requirements associated with National Special Security Events.

ReliabilityFirst CIP Evidence List CIP-002 through CIP-009 are applicable to RC, BA, IA, TSP, TO, TOP, GO, GOP, LSE, NERC, & RE

Cyber Security and Privacy - Program 183

Securing the Grid. Marianne Swanson, NIST Also Moderator Akhlesh Kaushiva (AK), DOE Lisa Kaiser, DHS Leonard Chamberlin, FERC Brian Harrell, NERC

TRIPWIRE NERC SOLUTION SUITE

Compliance, audit, risk, security what s the difference and why do we need it?

Supporting our customers with NERC CIP compliance. James McQuiggan, CISSP

Resilient and Secure Solutions for the Water/Wastewater Industry

Down the SCADA (security) Rabbit Hole. Alberto Volpatto

U.S. Department of Energy Office of Inspector General Office of Audits and Inspections

Information Shield Solution Matrix for CIP Security Standards

Implementation Plan for Version 5 CIP Cyber Security Standards

GE Measurement & Control. Top 10 Cyber Vulnerabilities for Control Systems

Utility of the Future Virtual Event Series Monthly Virtual Studio Event Series for Utilities

Panel Session: Lessons Learned in Smart Grid Cybersecurity

JOHN H. STOUT PRESIDENT, MARINER CONSULTING SERVICES, INC LAKEWAY DRIVE TAYLOR LAKE VILLAGE, TEXAS

CIP Cyber Security Security Management Controls

Effective Use of Assessments for Cyber Security Risk Mitigation

New York State Energy Planning Board. Cyber Security and the Energy Infrastructure

Industrial Cyber Security 101. Mike Spear

Control Systems Security: Australian Government Activities. Dr. Jason Smith Asst. Director, Operations CERT Australia Attorney-General s Department

NERC CIP VERSION 5 COMPLIANCE

Meeting the Cybersecurity Standards of ANSI/ISA with Data Diodes

PHILADELPHIA GAS WORKS Information Security Assessment and Testing Services RFP#30198 Questions & Answers December 4, 2015

Help for the Developers of Control System Cyber Security Standards

Olav Mo, Cyber Security Manager Oil, Gas & Chemicals, CASE: Implementation of Cyber Security for Yara Glomfjord

Legislative Language

ENERGY SECTOR CYBERSECURITY FRAMEWORK IMPLEMENTATION GUIDANCE

TASK TDSP Web Portal Project Cyber Security Standards Best Practices

SCADA Security Training

Transcription:

AURORA Vulnerability Background Southern California Edison (SCE) September 2011-1-

Outline What is AURORA? Your Responsibility as a Customer Sectors Impacted by AURORA Review of Regulatory Agencies History of AURORA Current State of AURORA II Mitigation Efforts Currently Underway -2-

What is AURORA? Potential vulnerability in rotating equipment connected to the electric grid Equipment Potentially Impacted High Value rotating equipment such as Motors and Generators Vulnerable Protection Devices Digital Protection & Control Devices (DPCDs) such as relays & remote terminal units Vectors for Potential AURORA incident Cyber devices with electronic access to control DPCDs Communication paths to access DPCDs Extensive on-board control capability with little authentication or authorization capability Alerts & Advisories Alerts, advisories or other threat information for the AURORA vulnerability is issued by North American Electric Reliability Corporation (NERC) or Electricity Sector-Information Sharing and Analysis Center (ES-ISAC) The alert or advisory notice directs Southern California Edison s (SCE) actions or responses to the vulnerability -3-

Your Responsibility as a Customer Review this presentation to get a better understanding of an AURORA event and its impacts Evaluate your systems and facilities to determine if an AURORA vulnerability exists Contact SCE at aurora@sce.com if you have any questions, concerns or if you feel you may be vulnerable. -4-

Sectors Impacted by AURORA Source Document: http://www.dhs.gov/files/programs/gc_1189168948944.shtm -5-

Review of Regulatory Agencies Leading the Way in Electricity Here is a list of regulatory agencies that are involved with the AURORA vulnerability: Department of Homeland Security (DHS) - produced a video depicting a generator exploding in a test lab during a simulated cyber attack. Federal Energy Regulatory Commission (FERC) - the United States federal agency with jurisdiction over interstate electricity sales, wholesale electric rates, hydroelectric licensing, natural gas pricing, and oil pipeline rates. North American Electric Reliability Corporation (NERC) - falls under the FERC and the Department of Energy (DOE). NERC has been certified as the Electric Reliability Organization by FERC. NERC is the overall governing body who issues recommendations to industry on the AURORA vulnerabilities. Their recommendations provide sensitive and clarifying information regarding the nature of AURORA. Electric Sector Information Sharing and Analysis Center (ES-ISAC; Operated by NERC) - ES-ISAC Advisory was meant to address what was considered a very important vulnerability, yet the Advisory did not require identification of all equipment that could be affected as critical. It also referenced NERC CIP-002 which many utilities have used to exclude power plants from being defined as critical cyber assets. The Advisory also was sent to other industries in early September 2007. Source : http://community.controlglobal.com/content/subject-aurora%e2%80%a6 Western Electricity Coordinating Council (WECC) - NERC delegates authority to enforce reliability standards to eight regional Entities including WECC. SCE is within the WECC region. -6-

Review of Regulatory Agencies Leading the Way in Electricity Where is DHS? -7-

History of AURORA First NERC Advisory pertaining to the Aurora vulnerability was issued June 2007 (AURORA I) Focused on Cyber Access NERC Alert Recommendation issued October 2010 (AURORA II) Focused on Physical and Cyber Access NERC provided additional guidance to industry on the methodology used in the AURORA vulnerability analysis Guidance on potential remediation if AURORA vulnerability is found to exist Additional bibliographic material and security research documents Watch a demonstration of a simulated malicious exploit of the Aurora Vulnerability: http://www.youtube.com/watch?v=c2qd6xxbysk -8-

Current State of AURORA II Leading the Way in Electricity Congressional Activity Multiple bills in congress for Cyber Security in the Energy Sector Legislative actions to increase protected assets NERC Alert Recommendations Mandatory response from SCE to NERC every 6 months until mitigation is complete Additional documentation from NERC can be found at: http://www.nerc.com/fileuploads/file/pressreleases/pr_aurora _14_Oct_10.pdf -9-

Mitigation Efforts Currently Underway SCE is reviewing the overall recommendations and facility checklists from NERC and identifying any areas of concern. SCE is evaluating facilities that are owned by SCE for the presence of the AURORA vulnerability. SCE will take corrective action at facilities owned by SCE to remediate any discovered AURORA vulnerability. SCE recommends customers evaluate their systems and facilities for the AURORA vulnerability. Contact SCE at aurora@sce.com if you have any questions, concerns or if you feel you may be vulnerable. -10-

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information