• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
The Stories We Could Tell: Lessons Learned From The Field
 

The Stories We Could Tell: Lessons Learned From The Field

on

  • 818 views

 

Statistics

Views

Total Views
818
Views on SlideShare
346
Embed Views
472

Actions

Likes
0
Downloads
1
Comments
0

1 Embed 472

http://www.energysec.org 472

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    The Stories We Could Tell: Lessons Learned From The Field The Stories We Could Tell: Lessons Learned From The Field Presentation Transcript

    • Smart Grid and Control Systems Tales from the field© 2011 EnerNex. All Rights Reserved. www.enernex.com
    • About me 2© 2011 EnerNex. All Rights Reserved. www.enernex.com
    • What is security? 3© 2011 EnerNex. All Rights Reserved. www.enernex.com
    • Why doesn’t this stuff work 4© 2011 EnerNex. All Rights Reserved. www.enernex.com
    • Smart Meters So what 5© 2011 EnerNex. All Rights Reserved. www.enernex.com
    • Other Smart Meters 6© 2011 EnerNex. All Rights Reserved. www.enernex.com
    • Metrology Data mtu Time power cost volts mtu Time power cost volts 1 4/30/2012 14:53 2.324 0.18 117.5 0 4/30/2012 14:53 4.529 0.35 117.6 1 4/30/2012 14:52 1.812 0.14 117.8 0 4/30/2012 14:52 3.88 0.3 117.9 1 4/30/2012 14:51 1.837 0.15 117.8 0 4/30/2012 14:51 3.799 0.3 117.8 1 4/30/2012 14:50 2.141 0.17 117.6 0 4/30/2012 14:50 4.322 0.34 117.5 1 4/30/2012 14:49 2.33 0.18 117.1 0 4/30/2012 14:49 5.951 0.46 117.2 1 4/30/2012 14:48 2.483 0.2 117.4 0 4/30/2012 14:48 6.007 0.47 117.4 1 4/30/2012 14:47 3.164 0.25 116.9 0 4/30/2012 14:47 7.008 0.55 116.9 1 4/30/2012 14:46 3.665 0.29 116.7 0 4/30/2012 14:46 8.064 0.63 116.7 1 4/30/2012 14:45 3.462 0.27 116.7 0 4/30/2012 14:45 8.13 0.63 116.8 1 4/30/2012 14:44 3.457 0.27 116.7 0 4/30/2012 14:44 7.562 0.59 116.8 1 4/30/2012 14:43 3.713 0.29 116.7 0 4/30/2012 14:43 7.631 0.59 116.7 1 4/30/2012 14:42 3.905 0.31 116.5 0 4/30/2012 14:42 8.145 0.63 116.6 1 4/30/2012 14:41 3.405 0.27 116.7 0 4/30/2012 14:41 7.862 0.61 116.8 1 4/30/2012 14:40 2.973 0.23 117.1 0 4/30/2012 14:40 6.566 0.51 117.2 1 4/30/2012 14:39 3.141 0.25 117.1 0 4/30/2012 14:39 5.955 0.46 117.2 1 4/30/2012 14:38 2.696 0.21 117.7 0 4/30/2012 14:38 5.647 0.44 117.7 1 4/30/2012 14:37 2.667 0.21 117.6 0 4/30/2012 14:37 5.588 0.44 117.7 1 4/30/2012 14:36 2.923 0.23 117.6 0 4/30/2012 14:36 5.679 0.44 117.6 1 4/30/2012 14:35 3.413 0.27 117.6 0 4/30/2012 14:35 6.045 0.47 117.6 7© 2011 EnerNex. All Rights Reserved. www.enernex.com
    • 24 Hours of Data 24 Hours Individual MTUK 9il 8ow 7a 6tt 5H 4o MTU 1u 3 MTU 2rs 2 1 0 Time 8 © 2011 EnerNex. All Rights Reserved. www.enernex.com
    • One Hour of Data Chart Title 8 K 7 i l 6 o w 5 a t 4 t 3 MTU 1 H MTU 2 o 2 u r 1 s 0 Time 9© 2011 EnerNex. All Rights Reserved. www.enernex.com
    • Physical Impacts 10© 2011 EnerNex. All Rights Reserved. www.enernex.com
    • Physical Impacts 11© 2011 EnerNex. All Rights Reserved. www.enernex.com
    • Physical Security Risks: Monitoring, Logging, and Retention© 2011 EnerNex. All Rights Reserved. www.enernex.com
    • Leave Behind© 2011 EnerNex. All Rights Reserved. www.enernex.com
    • 14 What to do? Place into power zone or substation Security screws Treat mobile devices like your wallet Dont advertise (labeling) Encrypt – bus, flash Alarms and logging (that work)© 2011 EnerNex. All Rights Reserved. www.enernex.com
    • Air Ga(s)p? 15© 2011 EnerNex. All Rights Reserved. www.enernex.com
    • 16© 2011 EnerNex. All Rights Reserved. www.enernex.com
    • What are these? 2099e1ff8a8119093e4dc144736cbe9b Fbd7e2ff9005c42e88b90724710903e2 00000000325108002a8ae5c6f24e1b604f06c793 0000000b1267800298c278c2c4a73471956e144 0000000067e18e009da7972f1fce966f80b8b09b 17© 2011 EnerNex. All Rights Reserved. www.enernex.com
    • Anything stand out? <$SYSTEM>=644256565E1E03221A – ;Framework Security File – ; – ;If you get locked out – ;Create a User in <vulnerable system> called “Redacted" – ;with a <vulnerable system> password of “Redacted" – ;add the following line below to the user section of this file – ;<$SYSTEM>=644256565E1E03221A – ;You can now logon as user <$SYSTEM> with a password of "mpco" – ;This block of comments should be removed for greater security – [Users] – Administrator=644256565E12172C1C1A061E1506081B0121 – Engineer=624A5E565E161D261C1A0A0813 – Technician=61465858111610291B1D0C04001A – Supervisor=65491C16151601371C07001F – Operator=61405E580A0316331400001F 18© 2011 EnerNex. All Rights Reserved. www.enernex.com
    • What is this? 64 42 56 56 5E 1E 03 22 1A M P C O 64 42 56 56 5E 12 17 2C 1C 1A 06 1E 15 06 08 1B 01 21 A D M I N I S T R A T O R 161D261C1A0A0813 1610291B1D0C04001A 1601371C07001F 0316331400001F 19© 2011 EnerNex. All Rights Reserved. www.enernex.com
    • Hope (help) I need your help: – IEEE (maybe an actual best practice?) – NESCOR – NIST-IR – ESC2M2 20© 2011 EnerNex. All Rights Reserved. www.enernex.com
    • The Solution 21© 2011 EnerNex. All Rights Reserved. www.enernex.com
    • Contact me Slade@EnerNex.com Twitter: @Slad3g LinkedIn: http://www.linkedin.com/in/mcgruff 22© 2011 EnerNex. All Rights Reserved. www.enernex.com