Cyber Security of the Smart Grid



Similar documents
Design Document. Team Members: Tony Gedwillo James Parrott David Ryan. Faculty Advisor: Dr. Manimaran Govindarasu

SEMANTIC SECURITY ANALYSIS OF SCADA NETWORKS TO DETECT MALICIOUS CONTROL COMMANDS IN POWER GRID

Monitoring & Control of Small-scale Renewable Energy Sources

Power products and systems. Intelligent solutions for power distribution Zone concept

Testing Intelligent Device Communications in a Distributed System

IEEE TRANSACTIONS ON SMART GRID, VOL. 4, NO. 2, JUNE

SCADA System Overview

Manage Utility IEDs Remotely while Complying with NERC CIP

OPERATIONS CAPITAL. The Operations Capital program for the test years is divided into two categories:

Network Security Infrastructure Testing

Trusting the Data: Analytics and Visualization. Copyr i ght 2014 O SIs oft, LLC.

Application-oriented testing of line differential protection end to end in the field using the corresponding RelaySimTest template

ELECTRICAL ENGINEERING DESIGN CRITERIA APPENDIX F

SCADA Systems Automate Electrical Distribution

ABB North America. Substation Automation Systems Innovative solutions for reliable and optimized power delivery

Federal Wage System Job Grading Standards for Electric Power Controlling, Table of Contents

How To Protect Power System From Attack From A Power System (Power System) From A Fault Control System (Generator) From An Attack From An External Power System

Why Can t We Be Friends?

Redundant Serial-to-Ethernet Data Connections for Mission-critical Devices

IEC 61850: Communication Networks and Systems in Substations

White Paper. Convergence of Information and Operation Technologies (IT & OT) to Build a Successful Smart Grid

Architecting and Development of the SecureCyber: A SCADA Security platform Over Energy Smart Grid

Threat Modeling Framework for Electrical Distribution Scada Networks

Simple and secure monitoring

ADMS(Advanced Distribution Management System ) in Smart Grid

SICAM PAS - the Key to Success Power Automation compliant with IEC and your existing system

Design and Implementation of SCADA System Based Power Distribution for Primary Substation ( Monitoring System)

Hybrid Simulation von Kommunikationsnetzen für das Smart Grid

SCADA Controlled Multi-Step Automatic Controlled Capacitor Banks & Filter Banks

ATTACHMENT G. Network Operating Agreement

Vendor System Vulnerability Testing Test Plan

Vulnerabilities in SCADA and Critical Infrastructure Systems

Monitoring Underground Power Networks

Retailman POS Multi-location Setup

A Proposed Integration of Hierarchical Mobile IP based Networks in SCADA Systems

The PI System revolutionizes one utility s electric transmission & distribution power system data

Power Generator Switching for Power Engineers Inc. with. Distrix Software Defined Infrastructure. A Distrix Networks Case Study.

PSS SINCAL - Overview -

Reactive Power and Importance to Bulk Power System OAK RIDGE NATIONAL LABORATORY ENGINEERING SCIENCE & TECHNOLOGY DIVISION

Monitor Simply and Securely

Introduction To SCADA and Telemetry

Network Security Landscape

SCADA. The Heart of an Energy Management System. Presented by: Doug Van Slyke SCADA Specialist

NERC s goal with publishing lessons learned is to provide industry with technical and understandable information that assists them with maintaining

A MODERN DISTRIBUTION MANAGEMENT SYSTEM FOR REGIONAL ELECTRICITY COMPANIES

Web SCADA Employing Application Program Interface as Data Source

Dong-Joo Kang* Dong-Kyun Kang** Balho H. Kim***

NAVFAC EXWC Platform Information Technology (PIT) Cyber Security Initiatives

Wireless Communications for SCADA Systems Utilizing Mobile Nodes

Evolution of Control for the Smart Transmission Grid

Gunnar Björkman, ABB Mannheim. Smart Grids Security SICS Security Seminar in Kista on April 8, 2014

Cyber Security of the Power Grid

David Payne, P.E. Associate Director February 18, 2014

Understanding SCADA System Security Vulnerabilities

Using battery test equipment with asset management software. Megger is a registered trademark


SY system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users.

Network Enabled Battery Health Monitoring System

Intrusion Detection and Cyber Security Monitoring of SCADA and DCS Networks

APPLICATION CASE OF THE END-TO-END RELAY TESTING USING GPS-SYNCHRONIZED SECONDARY INJECTION IN COMMUNICATION BASED PROTECTION SCHEMES

OPC Redundancy Power of Prevention

High rate and Switched WiFi. WiFi QoS, Security 2G. WiFi a/b/g. PAN LAN Cellular MAN

Electricity for Free? The Dirty Underbelly of SCADA and Smart Meters

New Supervisory Control and Data Acquisition (SCADA) Based Fault Isolation System for Low Voltage Distribution Systems

IESO Supply Deliverability Guidelines

28 Networks and Communication Protocols

8/27/2015. Brad Schuette IT Manager City of Punta Gorda (941) Don t Wait Another Day

SPARKS Cybersecurity Technology and the NESCOR Failure Scenarios

SMART ENERGY. The only cloud that speeds up your. cloud services. broadband for smart grids. Last Mile Keeper

Mladen Kezunovic Texas A&M University

A Web Broker Architecture for Remote Access A simple and cost-effective way to remotely maintain and service industrial machinery worldwide

OIL PRESS 71.8 PSI FUEL. Cloud based, diagnostic, engine monitoring and reporting system.

Teleprotection Schemes and Equipment. James W. Ebrecht Young Power Equipment Scottsdale, AZ

Dr. György Kálmán

INTELLIGENT BUILDINGS BUS SYSTEMS, MyHOME. Ján Cigánek, Martin Janáček, Stanislav Števo

Application Note AP050001EN June VPN setup for the XV100

AutoLog ControlMan. Remote Monitoring & Controlling Service

APPLICATION NOTE. Increasing PV Hosting Capacity on LV Secondary Circuits with the Gridco System empower TM Solution

Industrial Requirements for a Converged Network

Energy Management System (EMS) 3.0 Implementation Overview for BRP Consultation. July 2015

Monitor electricity supply power network system

Internet-Accessible Power Monitoring & Control Systems

Electric utilities may vary in their application of end-to-end testing

EMTP STUDIES PERFORMED TO INSERT LONG AC CABLES IN THE FRENCH GRID

INTELLIGENT DISTRIBUTION NETWORK ANALYSIS AND INFORMATION ARCHITECTURE DESIGN

Using Tofino to control the spread of Stuxnet Malware

Power network telecommunication

For the purpose of setting up a home network, all you need to worry about are two major categories of components:

Cyber security measures in protection and control IEDs

NELSON VOLTAGE MONITOR INSTALLATION & PROGRAMMING MANUAL

HyperAccess Access Control System

Using the AVR microcontroller based web server

Efficient remote access to machines and plants with SIMATIC

The Advantages of an Integrated Factory Acceptance Test in an ICS Environment

SCADA System Security. ECE 478 Network Security Oregon State University March 7, 2005

Innovative Defense Strategies for Securing SCADA & Control Systems

Comprehensive Asset Performance Management. Power Transmission and Distribution

CYBER SECURITY: SYSTEM SERVICES FOR THE SAFEGUARD OF DIGITAL SUBSTATION AUTOMATION SYSTEMS. Massimo Petrini (*), Emiliano Casale TERNA S.p.A.

SOLARCARE SERIES PRODUCT AND APPLICATION GUIDE

J W Spencer School of Electrical Engineering, Electronics and Computer Science

Transcription:

Cyber Security of the Smart Grid Design Document May 12-21 11/4/11 Group Members John Majzner Daniel Kosac Kyle Slinger Jeremy Deberg Team Advisor Manimaran Govindarasu Graduate Students Adam Hahnad Siddharth Sridhar Aditya Ashok

Project Overview Problem Statement: As the world becomes more interconnected and communication is more necessary, a dire problem arises when a third party tries to disrupt this communication. There is a great deal of communication taken place between power companies and the power grid. Power companies use a SCADA system (Supervisory Control And Data Acquisition) to monitor and manage their infrastructure program. This SCADA system has become more prone to attacks in the last decade due to the advancement of technology. The project we were given consists of building a realistic SCADA system, emulating real world attacks on the system, and observing the results due to these attacks. Past Accomplishments: This project has been in progress for many previous semesters with different groups taking steps towards reaching the main goal. These groups that have come before have gotten the system up to a 9 bus system. This however, only includes 2 actual RTUs, and have the other 7 emulated through a virtual machine. There have been multiple security exercises run on the system that stress the basic functionality of the embedded security. By this it implies that the security located on the VPN and built in security to the different PC s is up to par. It also implies that the networking and routes are all setup correctly. Objectives: The first objective that we face is familiarizing ourselves with the system. This was a lot more complicated than anticipated. The conceptual outline of the system is very straightforward; however you must also take into account the embedded software, and the software that is used with the Siemens devices. The group needs to learn each piece of this software and how it communicates with each other. This also needs to be taken to a deeper level if the option of exploiting a software bug is to be used. The amount of options each piece of software has is more than what the project calls for, but in view of keeping the outcome as realistic as possible, the experiment must utilize the software that will be used in the field even if most of the options will never be used. The second objective will be to scale up the SCADA system. The projected size the experiment is to reach is a 30 bus system. However, already in the project this may be a stretch due to the equipment that is available to the group. The group would need to virtualize most of the buses that would be added and the computer hardware isn t there. A more precise objective would be to scale the system at a realistic ratio of buses and implement them successfully before trying to add anymore. The third objective will be to assault the SCADA system with different security exploits. This is an objective that will be extremely vague until the end of the experiment. As the attacks progress the group will adjust the different parameters to account for things they think are a weak spot in the SCADA system. However, different ideas of things to try are already in

progress. One such idea is to exploit the common electric company s worker s password. It has been documented that the pattern of passwords used by this class of worker are usually very insecure. Another approach that is being considered is the deep analysis of the packets that are used in the communication between the different system pieces. The group will look to see if there are patterns that exist when different activities are triggered, such as turning off a breaker. This packet will then be emulated and passed back at the system to try to exploit security weaknesses.

System Overview Overall: The system is a simulation of data being transmitted over hundreds of miles and seeing how power flow of a power grid will be affected as disruptions occur. Simulation of data and distance is ISEAGE. The power flow is monitored and simulated by the Power Factory and the substations. The Control Center is to make the system more realistic to an actual power system. The Attack box is how we will disrupt the system. ISEAGE: The Internet-Scale Event and Attack Generation Environment or ISEAGE is a network simulation for the real world. This system can emulate large scale events and attacks. ISEAGE is what hooks all of our systems together to simulate them being apart by miles while allowing each terminal to sit next to each other. Control Center: The Control Center uses the software from Siemens. This software is used in actual power grid control centers to monitor the status of the lines. From this terminal we can see if breakers are open or closed and be able to trip them. Power Factory: Power factory is the program that is used for creating the power grid simulation and collecting data. The power factory has the program that collects all the data received from OPC server and can be able to see if the system will not be stable. The dynamic power anayisis from Power Factory will also show how each generator and each load will receive power if something in the system changes. OPC: The OPC is the program that connects the Power Factory to the substations on the network. The OPC run in ISEAGE to allow communication of data from Power Factory to the substation. Then from the substation it can send and receive information from the control center. Relay Substations: The Relays are connected to a substation to allow the simulation to use real physical data to make the system more realistic. These Relays cost more money then the virtuals and take up more space, this is why we only have 2. The final goal is for every substation to have a relay to create a highly realistic system.

The Relay s Virtual Substations We can create substations without relays by making them virtual. These virtual substations run on a virtual machine making them very low cost and not take up much space. The conversion from virtual to relay should be a simple setup process and not require digital coding to work. We use the virtual stations so when we get the relays the setup will be fast and have the system fully operational to test. Attack Box: The mu attack box is a system that can generate common types of digital attacks. DDoS attacks and corrupted information is our primary focus. Activating this device while it is hooked up to a power grid will crash the system. Our ultimate goal is to have the box trying to crash the system and the grid working as if nothing was wrong.

System Concept

Design One of the primary goals of this project is to increase the complexity of the current power system simulation. The current system contains 9 buses, along with 3 generators, 3 simulated loads, 2 real substations, and 2 real loads. Our goal is to increase the number of buses to 30, along with many new generators and loads. The simulation software used is called Power Factory, and this software ties into the control center and the virtual machines using a server called OPC. Building a New Bus: There are several things that must be done in order to create a new bus. First, the bus along with any generators, loads, transformers, and transmission lines must be created in Power Factory. This allows all aspects of the system to be simulated in a wide variety of conditions. After the bus is created in Power Factory, a virtual machine must be created to facilitate the communication with the control center. The virtual machine is used to simulate the real-world communication environment with many nodes, data delay, and possible security holes. After the virtual machine is created, all of the breakers need to be mapped in the control center. This allows the breakers to be controlled remotely. Finally, the OPC server must be setup to allow communication between Power Factory, the virtual machines, and the control center. Steps to Adding a Bus Power Factory: Power Factory is a software environment that allows all forms of power system to be built, tested, and simulated. Many types of faults can be tested, and contingency analysis can be carried out to ensure a stable and healthy system. Power factory is also designed to be able to communicate with several other programs for a simulation closer to that of reality. Bus: A bus in the simulation in Power Factory corresponds to a real world substation. There are several breakers connected to each bus, and each breaker is connected to either a generator, load, transformer, or transmission line. The data associated with a bus includes voltage, current, and power flow. A bus is created by selecting either a single bar bus or a double bar bus. Most times, a single bar bus is used for the distribution system and double bar buses are used for a transmission system. The current simulation consists of a distribution system, so single bar buses will be created. After a bus is added, the desired machines, loads, transmission lines, and transformers must be connected. Generator: Generators are an essential component of any power system. A generator can be any

number of machines, solar systems, or storage systems such as batteries. In our system only synchronous machines are used as generators, so these will be added to some of the additional buses. After a generator is added a plant model must be created which contains all kinds of information about how the machine operates under a variety of conditions. This model contains a file with all of this information and must be updated with each additional generator. Lines: Transmission lines are used to transport power from the generator locations to the load locations. Each bus is connected to other bus(es) through transmission lines. These lines must be included in the model because they contain resistance, inductance, and capacitance. These values vary depending on which type of cable is used, and the physical distance between buses. Transmission lines of varying lengths will be used in our model because in a real world system, substations are spaced out at different distances. Load: Loads correspond to anything connected to a bus which consumes electrical energy. In the current system there are 2 real loads and several simulated loads. We will be adding additional simulated loads. These loads contain information about real and reactive power consumed, and many times are connected to a bus through a transmission line. Transformers: Transformers are devices that are used to change the voltage level between two buses. This is necessary because generators produce power at relatively low voltage, but a higher voltage is desired for transmission. Higher voltage transmission results in lower line losses. Any time there is a voltage difference between two buses, a transformer must be used to make the connection. OPC: The server that is used to communicate between the virtual machines, Power Factory, and the control center is called OPC. There are two components that must be added: server entries for the additional breakers and explorer entries for the same information. The OPC explorer contains information about the status of the breakers and the commands that have been sent from the control center. Virtual Machine: Virtual machines are created for each bus, and are an intermediate between the control center and the Power Factory simulated bus. The virtual machines define how the information is exchanged and contain address information for the OPC server. Control Center: The control center is used as an interface between the power system and the humans that are keeping it running correctly. Information about the status of the system is available at the control center, and alarms will go off if any problems are detected in the system. Breakers can also be controlled from the control center for fault clearance and other uses. Information for each new bus must be added to the control center for the system to remain functional.

Testing System

Documenting Results

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information