a. k. mishra
TRANSCRIPT
-
8/12/2019 A. K. MISHRA
1/19
LD&C_SCADA
Security
Smart Grid and Security
,
-
8/12/2019 A. K. MISHRA
2/19
LD&C_SCADA
Why Secure
Interoperability among six aspects of the electric
power industry
Power generation, transmission and distribution(all things that are physical)
Command, control and communications
sensing, collection,
analysis and
interpretation of all source operational data intoinformation, and
Transfer of such information to facilitate
commerce and safe and reliable operation of power systems;
Include such things as scheduling and dispatching thepower and control of the whole power system
If Man in middle, impact is slow/local/partial;
Everything auto, impact swift/widespread/total
-
8/12/2019 A. K. MISHRA
3/19
LD&C_SCADAIEEE POWER & ENERGY Magzine 2009
-
8/12/2019 A. K. MISHRA
4/19
LD&C_SCADA
STRUCTURE
o What need to be secured,
o How it can be secured
o Who will secure what and how
o Operational systems which can be facing
cyber vulnerability
o Security System requirement
o Security practices
o Security audit
o Continual Improvement perspective i.e. we
need to plan, build processes to do, check
effectiveness of the two and act for
improvement.
-
8/12/2019 A. K. MISHRA
5/19
LD&C_SCADA
SECURITY
Firewalls and security zoning Separation among application
SCADA/EMS
ISR
STOA
Scheduling
Metering and settlement
Web access
Corporate access
Competing Objective Maintaining Model/values exchange
Single sign on for users v/s individual
application v/s zonal boundaries
-
8/12/2019 A. K. MISHRA
6/19
LD&C_SCADA
To Secure
Malware
Careless Employees (Password robustness
etc)
Exploited vulnerabilities
Zero-day exploits
Application robustness against known
exploits such as buffers overflow/RPC
-
8/12/2019 A. K. MISHRA
7/19
LD&C_SCADA
SECURITY
Utility companiesCritical-infrastructure custodiansLikely targets of cyber terrorism
Government regulations
Historically
DCS/ SCADA/ EMS/ DMSProtected by proprietary technology
Isolated from enterprise IT
Cost and Skill Issues led to:
Standard operating systemsexposure of internet connectivity
Remote access
Has Exposed these networks to 21st-century cyber threats
-
8/12/2019 A. K. MISHRA
8/19
LD&C_SCADA
Approach
A holistic approach based on standards of goodpractices (e.g., ISO 27002)
to achieve and maintain compliance with the
regulations and applicable standards
Plan-Do-Check-Act
security gap analysis
risk based prioritization of remediation requirements
implementation of controls
periodic assessment of implemented controls
Implementing an information security management
system based upon standard to demonstrate high
standard of security
business partners,
customers, and
regulators
-
8/12/2019 A. K. MISHRA
9/19LD&C_SCADA
REGULATION
Discuss regulatory landscape CERC,
IT Act
List security implications for utilities
Recommended approach for compliance To achieve
To maintain
Evaluate The Rules
implications requirements
approach for compliance
-
8/12/2019 A. K. MISHRA
10/19LD&C_SCADA
Possible incident scenario
An employee has a company laptop on the internetat his home office, connected to the control
network through a VPN (Virtual Private Network)
A hacker from overseas infects the laptop with a
virus over the Internet
The virus then propagates over the VPN connectioninto the control network and infects another
Windows PC located right in the heart of the
control system
Is this just a hypothetical situation? It couldn't
happen to you? The bad news is that this is a realincident that actually happened to the water
supply system in Harrisburg, Pennsylvania in 2006
-
8/12/2019 A. K. MISHRA
11/19LD&C_SCADA
Communication
General IssuesComplacency
Not a concern since not attacked
Institute a security process/team building
exercise that includes consequence analysis/
ramifications of a successful security attack
Utility do not assess any value to the information
being communicated, except in the case of control
actions Unbundling may change this attitude???
Dial-Up Modem Usage
use of auto-answer modems is of concern
TCP/IP
increasing dependence on TCP/IP as a transport for
critical information ICCP; Exchange; schedule
-
8/12/2019 A. K. MISHRA
12/19LD&C_SCADA
Communicationcontd
Some information exchanged (e.g. schedule)is using the Internet instead ofIntranets. The trend may continue, sinceconnectivity options using the Internetrepresent a low cost option.
security threats
eavesdropping,
spoofing,
denial of service,
Replay
number of people/entities attached
Appropriate security measures should bedeployed based upon an appropriateconsequence analysis
-
8/12/2019 A. K. MISHRA
13/19LD&C_SCADA
Internet Connectivity
infrastructure connectivity point to theInternet needs to be isolated through a
screening router/firewall combination from
the rest of the corporate LAN/Intranet
personnel need to be assigned to audit/monitor this connectivity for any security
attacks that occur
Given sufficient audit trail, prosecution
of every attacker should be stronglyconsidered
-
8/12/2019 A. K. MISHRA
14/19LD&C_SCADA
FIREWALL
Firewall represent a valid security countermeasure typically validate a remote connection/ user to
use a given transport -TCP/IP or OSI
make application service requests - FTP, HTTP, RFC-1006, DNP
Limited to a set of well defined nodes/applications
However, once authenticated and connected,firewall is not sufficient to enforceaccess/service privileges to information on thedestination application
Internet applications e.g. FTP, Telnet - have theability to be configured for user authentication(usually passwords) upon which access privileges
(e.g. read, write, etc.) will be granted. However, protocols (e.g. DNP/870-5) are inadequate in
this regard
Active work is ongoing to address the issue ofauthentication and security within several protocolsby TC 57
-
8/12/2019 A. K. MISHRA
15/19LD&C_SCADA
Risks
consequence analysis is unique to each businessentity however Bypassing of controls/ controlsecurity can be rated as highest. Others include
Exposed Trading Functions - analysis of the typeof information conveyed anticipated financialdamages of a successful attack
ICCP - Analysis of the dependency on informationconveyed (Telemetry and calculated data from RLDCto SLDC etc.) by/to other control centers
Control Center to Substation Communication: The
disruption of a substation communication can cause
problem only if remotely controlledMetering: All revenue is based upon data acquired
through metering - this may not be an area ofconcern given alternate available and mode of datacommunication
-
8/12/2019 A. K. MISHRA
16/19
-
8/12/2019 A. K. MISHRA
17/19LD&C_SCADA
Control System
Control systems Distributed Control Systems (DCS),
Programmable Logic Controllers (PLC),
Supervisory Control and Data Acquisition
(SCADA),
Remote Terminal Units (RTUs),
Intelligent Electronic Devices (IEDs)
Designed to be highly reliable and
interoperable
proprietary operating systems in the
control systems often preclude the use of
existing Information Technology (IT)
security
-
8/12/2019 A. K. MISHRA
18/19LD&C_SCADA
Vulnerability
Vendors and utilities employ Remote access
dial-up modem
pc
facilitate maintenance and remote operations
cyber vulnerabilities can result in business-
related or safety/regulatory issues
IT security technology will help with known
Internet threats, but is not designed to secure
control systems
IT is responsible for cyber security but often
does not understand control systems
Control system suppliers understand control
systems, but they are not security experts
-
8/12/2019 A. K. MISHRA
19/19
Differences
IT security policies such as ISO-17799 do notaddress the unique needs of control systems
Remote access is important for the efficient
operation of control systems
vulnerability assessments and penetration testing
of T&D and generation control systems lead tosuccessful breach in obtaining unauthorized access
to SCADA and DCS
In the near term, control system security can be
enhanced by a combination of implementing cyber
security procedures and utilizing IT technologiesto protect from traditional IT threats