Cybersecurity Risk Assessment in Smart Grids



Similar documents
Smart grid security analysis

SPARKS Cybersecurity Technology and the NESCOR Failure Scenarios

Cyber Security and Privacy - Program 183

ICT SECURITY SECURE ICT SYSTEMS OF THE FUTURE

Utility-Scale Applications of Microgrids: Moving Beyond Pilots Cyber Security

Cybersecurity in the Utilities Sector Best Practices and Implementation 2014 Canadian Utilities IT & Telecom Conference September 24, 2014

Risk Management, Equipment Protection, Monitoring and Incidence Response, Policy/Planning, and Access/Audit

Smart Substation Security

Practical Risk Assessment Using a Cumulative Smart Grid Model

IoT & SCADA Cyber Security Services

National Institute of Standards and Technology Smart Grid Cybersecurity

IEEE-Northwest Energy Systems Symposium (NWESS)

C-DAX: A Cyber-Secure Data and Control Cloud for Power Grids

Including Threat Actor Capability and Motivation in Risk Assessment for Smart Grids

Dr. Raheem Beyah Georgia Tech. Cyber-Physical Modeling & Simulation for Situational Awareness (CYMSA)

THE FUTURE OF SMART GRID COMMUNICATIONS

Introduction to NISTIR 7628 Guidelines for Smart Grid Cyber Security

Intrusion Detection for SCADA Systems

EEI Business Continuity. Threat Scenario Project (TSP) April 4, EEI Threat Scenario Project

Software & Supply Chain Assurance: Mitigating Risks Attributable to Exploitable ICT / Software Products and Processes

future data and infrastructure

Building Blocks of a Cyber Resilience Program. Monika Josi monika.josi@safis.ch

Risk Management in Practice A Guide for the Electric Sector

SCADA Security Training

!! "# $%!& $!$ +) * ', -./01.//1233/ "4, -./01.//12223 *, 565

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

POLICIES TO MITIGATE CYBER RISK

Threat Modeling Framework for Electrical Distribution Scada Networks

Enabling the SmartGrid through Cloud Computing

ESKISP Conduct security testing, under supervision

Industrial Control Systems Security Guide

Models for Cyber Security Analysis

NAVFAC EXWC Platform Information Technology (PIT) Cyber Security Initiatives

Development of a Conceptual Reference Model for Micro Energy Grid

William Hery Research Professor, Computer Science and Engineering NYU-Poly

Appropriate security measures for smart grids

How To Manage Risk On A Scada System

NIST Cybersecurity Framework Manufacturing Implementation

What Risk Managers need to know about ICS Cyber Security

Security Risk Management For Health IT Systems and Networks

Frost & Sullivan s. Aerospace, Defence & Security Practice. Global Industrial Cyber Security Trends

Developing an Architectural Framework towards achieving Cyber Resiliency. Presented by Deepak Singh

IT Infrastructure Services. White Paper. Cyber Risk Mitigation for Smart Cities

Cloud security architecture

DATA, THE GATE TO A SMART ENERGY SYSTEM - views from the electricity industry

Smart Grid Cyber Security

ISO 27002:2013 Version Change Summary

Risk Management Guide for Information Technology Systems. NIST SP Overview

Steve Lusk Alex Amirnovin Tim Collins

SCADA System Overview

Information Security Team

IBM EXAM QUESTIONS & ANSWERS

Security Control Standard

NIST CYBERSECURITY FRAMEWORK COMPLIANCE WITH OBSERVEIT

Smart Grid Security. Recommendations for Europe and Member States. [Deliverable ]

How To Develop A Smart Grid In Elenia

ESKISP Manage security testing

Cyber security: Practical Utility Programs that Work

Executive Summary. Cybersecurity cannot be completely solved, and will remain a risk we must actively manage.

McAfee Security Architectures for the Public Sector

Cybersecurity Framework: Current Status and Next Steps

SmartGrids SRA Summary of Priorities for SmartGrids Research Topics

Cyberspace Situational Awarness in National Security System

Facilitated Self-Evaluation v1.0

Update On Smart Grid Cyber Security

NERC CIP VERSION 5 COMPLIANCE

Panel Session: Lessons Learned in Smart Grid Cybersecurity

Human Factors in Information Security

EU Threat Landscape Threat Analysis in Research ENISA Workshop Brussels 24th February 2015

Framework for Improving Critical Infrastructure Cybersecurity

Overview TECHIS Carry out risk assessment and management activities

PwC Cybersecurity Briefing

Information Technology Strategy

Future of Electric Distribution Dialogue

Security in Smart Grid / IoT. Nenad Andrejević Comtrade Solutions Engineering

STATEMENT OF PATRICIA HOFFMAN ACTING ASSISTANT SECRETARY FOR ELECTRICITY DELIVERY AND ENERGY RELIABILITY U.S. DEPARTMENT OF ENERGY BEFORE THE

Cyber Security :: Insights & Recommendations for Secure Operations. N-Dimension Solutions, Inc.

Securing Cyber-Physical Systems

BEST PRACTICES IN CYBER SUPPLY CHAIN RISK MANAGEMENT

Technical Security in Smart Metering Devices: A German Perspective S4 SCADA Security Scientific Symposium , Miami Beach FL / USA

Smart Grid Information Security

Robert Malmgren. Smart Grid. Security Challenges - Legacy and Infrastructure Burdens

How can the Future Internet enable Smart Energy?

Using the HITRUST CSF to Assess Cybersecurity Preparedness 1 of 6

8/27/2015. Brad Schuette IT Manager City of Punta Gorda (941) Don t Wait Another Day

IT ASSET MANAGEMENT Securing Assets for the Financial Services Sector

Which cybersecurity standard is most relevant for a water utility?

Risk and Security Assessment. Zbigniew Kalbarczyk

Transcription:

Cybersecurity Risk Assessment in Smart Grids Lucie Langer, Paul Smith, Thomas Hecht firstname.lastname@ait.ac.at AIT Austrian Institute of Technology ComForEn Symposium 2014 Sept 30, 2014 1

Risk Assessment: The Basics Risk assessment is concerned with understanding the probability of a cyber-attack and its impact risk = probability x impact Based on an understanding of threats and vulnerabilities For example, financial loss, damage to equipment, loss of power, The basis for prioritising how to mitigate threats and apply resources for cybersecurity 2

The Challenges We See We have identified five key challenges with carrying out a risk assessment for smart grid: 1. Managing safety and security risks 2. Analysing cyber-physical risks 3. Understanding risks to legacy systems 4. Complex organizational dependencies 5. Understanding cascading effects These are not unique to smart grid, but all exist, making risk assessment particularly challenging 3

Managing Safety and Security Risks Safety analysis methods are widely used in the energy domain Examples include HAZOP, fault-tree analysis, event-tree analysis, FMEA, STAMP/STPA, There are parallels in the security domain, e.g., attack trees Benefits can be had by performing security and safety co-analysis Reuse of results across analyses Ability to consistently prioritise different types of threats, i.e., attacks versus faults 4

Analysing Cyber-physical Risks The smart grid is a cyber-physical system Power system and ICT infrastructure is tightly coupled through SCADA and control systems Traditional IT security provides necessary tools but not sufficient to secure cyber-physical systems Need for tools and strategies to understand and mitigate attacks: Which threats should we care about? What impact can we expect from attacks? Which resources should we protect (more)? 5

Understanding Risks to Legacy Systems The smart grid will consist of legacy systems and new ICT components that implement advanced measurement and control functions It is often not clear what impact new components will have on legacy systems, and vice versa Legacy industrial control systems are known to be fragile to active security testing techniques Risk assessment method should account for these characteristics 6

Complex Organisational Boundaries In a liberalised European energy market there are many actors Energy Producers, Transmission and Distribution System Operators (TSOs and DSOs), and Energy Suppliers Others from the ICT sector are emerging as being important E.g., telecommunications operators and cloud providers Energy consumers become providers, potentially as part of virtual power providers A diverse and complex supply chain is emerging This complex web of dependencies can make risk assessment challenging 7

Understanding Cascading Effects The smart grid consists of a number of sub-systems that support an underlying grid infrastructure The failure of a sub-system could cascade into another This problem is closely related to cyber-physical impact analysis A pathological case: 1. A cyber-attack causes a failure in the energy grid, resulting in a blackout 2. ICT systems start to run on Uninterruptable Power Supply (UPS) 3. The UPS runs out before the grid has recovered 4. ICT systems fail 8

NESCOR (National Electric Sector Cybersecurity Organization Resource) Cyber Security Failure Scenarios Realistic events in which the failure to maintain C-I-A of cyber assets has a negative impact on the generation, transmission, and/or delivery of power Intended to be used by utilities for risk assessment, planning, training, security testing Organised in six categories (see NIST SP 1108): AMI: Advanced Metering Infrastructure DER: Distributed Energy Resources WAMPAC: Wide Area Monitoring, Protection, and Control ET: Electric Transportation DR: Demand Response DGM: Distribution Grid Management Ranking of impact and cost to adversary (scores 0.1; 1; 3 and 9) Risk = impact / cost 9

CEN-CENELEC-ETSI M/490 Smart Grid Information Security Perform risk assessment of information assets based on smart grid use cases Security Level (SGIS-SL) Risk Impact Level (SGIS-RIL) SGIS-SL = f(sgis-ril, p) 10

The (SG) 2 Risk Catalogue 1. Define threats based on IT Baseline Protection and Common Criteria 2. Apply to architecture model BSI Protection Profiles (SG) 2 threat catalogue 3. Rate probability and impact 4. Verify through security tests very low (1). medium (3). very high (5) 11

The (SG) 2 Risk Catalogue (cont.) Attacks on the WAN through smart grid gateway Attacks through remote maintenance access Cluster Threat to Smart Buildings E-Mobility Customer Premises Low Volt. Gen. Med. Volt. Gen. Grid Testpoints Primary Substation Secondary Substation Grid Operation Metering Threat Category Avg. Authentication & Authorisation Applied Security Mechanisms Integrity & Availability Internal & ext. Interfaces Confidentiality & Data Protection Maintenance of Equipment 3,50 4,00 3,00 6,00 6,00 6,25 5,25 8,25 7,00 5,00 5,43 9,50 4,15 7,50 6,40 4,60 4,70 5,05 5,90 7,05 3,00 5,79 2,71 4,46 4,69 4,00 3,13 3,07 3,64 4,72 3,97 4,50 3,89 2,67 3,50 6,33 6,67 4,00 3,33 5,00 4,00 5,83 2,33 4,37 5,67 4,67 4,67 8,67 4,33 4,00 3,67 5,63 7,50 3,75 5,25 4,43 3,50 4,60 3,75 4,15 3,31 3,94 5,33 5,83 3,60 4,24 Component Cluster Avg. 4,75 4,05 5,13 5,91 4,37 4,11 4,42 5,64 6,20 3,70 Privacy issues of customer production data 12

The SPARKS project 13

Cyber-physical Impact Analysis in SPARKS Analysing the potential physical impact of a cyber-attack via a hybrid simulation environment, based on existing tools 1. Power Distribution Simulators (GridLAB-D, etc.) Adapt power grid models from US network standards to European network standards Achieve a realistic model of the real environment and generate comparable results which are directly applicable to real European infrastructure 2. ICT network simulation tools Examples include ns-2, OMNeT++, 3. Real smart grid hardware Automation equipment (AIT SmartEST Lab) E.g., Secondary substation Smart meters 14

The SECCRIT Project EU-funded project, focusing on the security of high-assurance ICT services in the Cloud Exploring the challenges of risk assessment for Cloud Challenges include: Unclear and complex organisational boundaries A lack of transparency regarding how Cloud services are provisioned Solutions include a transparency enhancement framework to enable remote real-time cloud infrastructure monitoring Further details: https://seccrit.eu 15

The HyRiM Project EU-funded project investigating risk assessment for interconnected and interdependent utility networks Failures of one utility can result in cascading failures in others Project aims to develop quantitative methods to assess these risks Using complex-coupled network and decision theory-based analysis techniques to evaluate these risks Further details: https://hyrim.net 16

Questions? 17

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information