Smart Grid Security: A Look to the Future

Similar documents
Panel Session: Lessons Learned in Smart Grid Cybersecurity

The Importance of Cybersecurity Monitoring for Utilities

PROJECT BOEING SGS. Interim Technology Performance Report 3. Company Name: The Boeing Company. Contract ID: DE-OE

Synchronized real time data: a new foundation for the Electric Power Grid.

The introduction covers the recent changes is security threats and the effect those changes have on how we protect systems.

What is Really Needed to Secure the Internet of Things?

Seize the benefits of green energy and the smart grid

How To Protect Your Network From Attack

NSA/DHS Centers of Academic Excellence for Information Assurance/Cyber Defense

Cyber Infrastructure for the Smart Grid

Update On Smart Grid Cyber Security

AMI security considerations

future data and infrastructure

Smart Energy Consumption and the Smart Grid

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

Transactive Energy. A Sustainable Business and Regulatory Model for Electricity. Arizona Corporation Commission

Jim Sheppard, Director of Business Processes CenterPoint Energy, Texas, USA

Getting real about cyber threats: where are you headed?

Security Issues with Integrated Smart Buildings

Security within a development lifecycle. Enhancing product security through development process improvement

NIST Coordination and Acceleration of Smart Grid Standards. Tom Nelson National Institute of Standards and Technology 8 December, 2010

TLP WHITE. Denial of service attacks: what you need to know

Data Security Concerns for the Electric Grid

How To Protect Your Mobile From Attack From A Signalling Storm

Securing Distribution Automation

Preparing for Distributed Energy Resources

Presidential Summit Reveals Cybersecurity Concerns, Trends

Smart buildings in smart grids KNX City. Rafael Marculescu May 2013

White Paper. Convergence of Information and Operation Technologies (IT & OT) to Build a Successful Smart Grid

SEC STATEMENT OF POLICY ON MODERNIZATION OF ELECTRICITY GRID.

Demand Response Management System Smart systems for Consumer engagement By Vikram Gandotra Siemens Smart Grid

Cyber Watch. Written by Peter Buxbaum

Securing the Internet of Things WHITEPAPER

Incident Response 101: You ve been hacked, now what?

POLIWALL: AHEAD OF THE FIREWALL

COMMUNICATIONS SYSTEMS USED FOR ITS

10 Things Every Web Application Firewall Should Provide Share this ebook

Automotive Ethernet Security Testing. Alon Regev and Abhijit Lahiri

EY Cyber Security Hacktics Center of Excellence

FREQUENTLY ASKED QUESTIONS

FUNDAMENTALS OF CYBER SECURITY FOR NUCLEAR PLANTS

EEI Business Continuity. Threat Scenario Project (TSP) April 4, EEI Threat Scenario Project

STATEMENT OF PATRICIA HOFFMAN ACTING ASSISTANT SECRETARY FOR ELECTRICITY DELIVERY AND ENERGY RELIABILITY U.S. DEPARTMENT OF ENERGY BEFORE THE

Smart Grid America: Securing your network and customer data. Michael Assante Vice President and Chief Security Officer March 9, 2010

POLIWALL: AHEAD OF THE FIREWALL

DEVELOPING A CYBERSECURITY POLICY ARCHITECTURE

Top Ten Security and Privacy Challenges for Big Data and Smartgrids. Arnab Roy Fujitsu Laboratories of America

How To Use Icem

Multi-vendor Penetration Testing in the Advanced Metering Infrastructure: Future Challenges

The Changing Threat Surface in. Embedded Computing. Riley Repko. Vice President, Global Cyber Security Strategy

Contemporary Web Application Attacks. Ivan Pang Senior Consultant Edvance Limited

Cybersecurity: Protecting Your Business. March 11, 2015

Securing Smart Grid Implementation: Case study using IBM WebSphere DataPower Appliance

Cybersecurity Awareness. Part 1

Using Predictive Maintenance to Approach Zero Downtime

HOW TO PREVENT DDOS ATTACKS IN A SERVICE PROVIDER ENVIRONMENT

Frost & Sullivan s. Aerospace, Defence & Security Practice. Global Industrial Cyber Security Trends

Risk Management, Equipment Protection, Monitoring and Incidence Response, Policy/Planning, and Access/Audit

The IBM Solution Architecture for Energy and Utilities Framework

Agenda. Introduction to SCADA. Importance of SCADA security. Recommended steps

Energy & Environment Market Trends, Smart Technologies, New Fuels, Future Business Models and Growth Opportunities

TUSKEGEE CYBER SECURITY PATH FORWARD

Data Loss Prevention Program

Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model

Cybersecurity Global status update. Dr. Hamadoun I. Touré Secretary-General, ITU

Security Architecture: From Start to Sustainment. Tim Owen, Chief Engineer SMS DGI Cyber Security Conference June 2013

Digital Metering: a key enabling factor to foster RES development

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

Totally Wireless Video Security

NetVision. NetVision: Smart Energy Smart Grids and Smart Meters - Towards Smarter Energy Management. Solution Datasheet

Security in Smart Grid / IoT. Nenad Andrejević Comtrade Solutions Engineering

Medium voltage products. Technical guide Smart grids

Web application security Executive brief Managing a growing threat: an executive s guide to Web application security.

Cybersecurity. Are you prepared?

Information Security Services

SPARKS Cybersecurity Technology and the NESCOR Failure Scenarios

Storage Battery System Using Lithium ion Batteries

Rethinking Information Security for Advanced Threats. CEB Information Risk Leadership Council

Capabilities for Cybersecurity Resilience

Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0

The Analytics Value Chain Key to Delivering Value in IoT

Nokia Networks. security you can rely on

IBM Security Strategy

The State of the Electrical Grid in Washington State. Michael Pesin, PMP, P.E. Seattle City Light

Transcription:

Smart Grid Security: A Look to the Future SESSION ID: TECH-W03A Gib Sorebo Chief Cybersecurity Technologist Leidos @gibsorebo

Overview Distributed Energy Plug-in Vehicles Evolving Threats: Market Manipulation, Cascading Failure Modes 2

Distributed Generation: Cybersecurity Threats and Vulnerabilities Depends on a sophisticated communications infrastructure to be always available Needs instantaneous information on status of generation resource, particularly wind and solar Often widely dispersed from control centers and vulnerable to cable cuts and radio frequency interference May leverage public networks that are more vulnerable to infiltration or bandwidth limitations 3

Distributed Generation: Cybersecurity Threats and Vulnerabilities Integrity of Information is Critical Using complex algorithms, renewable resources such as solar and wind can be dispatchable Tampering with or errors in algorithms can lead to power outages when an expected power resource is not available Protection of the software supply chain will be critical 4

Distributed Generation: Cybersecurity Threats and Vulnerabilities Do-It-Yourself Generation People have been able to sell back power to utility for decades, but not at any scale Potential for manipulation of generation data or even intentional disruption of grid Analogous to BotNet networks; if malicious actors can control thousands of micro-generation sites, the consequences could be significant 5

Plug-In Vehicles: Grid to Vehicle Plug-in vehicles will require significant instrumentation and data reporting Utilities will need feedback from vehicles to predict demand Potential privacy concerns will need to be addressed Charging stations need trusted communications infrastructure and data reporting More monitoring of traditional grid components Communication with vehicle over home area network (HAN) needs higher level of protection 6

Plug-In Vehicles: Grid to Vehicle Public Charging and Roaming Payment systems for charging Should someone be able to roam and use their vehicle s identification number like cell phones or simply pay owner of facility without utility involved? Potential for fraud and privacy issues; tax collection 7

Plug-In Vehicles: Vehicle to Grid The Potential for Energy Storage Utilities can draw from potentially thousands of energy storage resources without having to pay for the capital costs Vehicle owners have option to sell back electricity during peak times and charge during low peak Requires vehicle owner to accurately predict driving habits and for battery technology to inform the utility of the available power in real time 8

Plug-In Vehicles: Vehicle to Grid Cybersecurity Challenges Similar to do-it-yourself generation; people can send false information to manipulate how much a utility thinks it is paying for Someone else s vehicle identifier could be stolen or hacker could manipulate whose power is used Potential for privacy issues Potential for malfunctioning vehicles to disrupt grid Need a mini balancing authority for vehicles and a reliable system for detecting abuse 9

Evolving Threats: Market Manipulation, Cascading Failure Modes NIST = National Institute of Standards and Technology 10

Evolving Threats: Market Manipulation Market Manipulation With distributed energy resources come exchanges to buy and sell energy Markets can be manipulated by obtaining generation capabilities and demand data before it is available to the general market Data can be manipulated to influence markets 11

Evolving Threats: Cascading Failure Modes Cascading Failure Modes We have limited information of the failure modes of many new and critical devices on the distribution and transmission side Can sensor feeds, at a high enough volume, overwhelm a system? Will automation and safety protocols lead to unintended consequences such as the Yuma, Arizona, incident; protection devices seek to prevent further damage but cause more Automated controls often need human sanity checks 12

Key Takeaways For Utilities Build your architecture to support cybersecurity for future innovation Assume manufacturers of consumer products won t build in adequate security When creating new markets, assume someone will look to exploit them Be prepared to operate in a world where you have less control For Residential and Business Customers Don t assume the utility can protect you from whatever you connect to the grid Demand that product vendors spell out how security is implemented Always have a manual override and analog gauges available 13

Questions? Thank You. Gib Sorebo Chief Cybersecurity Technologist tel: 703-676-0269 email: sorebog@leidos.com Available at the RSA Bookstore 14

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information