• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Smart Grid Security by Falgun Rathod
 

Smart Grid Security by Falgun Rathod

on

  • 1,688 views

Smart grids is an added communication capabilities and intelligence to traditional grids,smart grids are enabled by Intelligent sensors and actuators, Extended data management system,Expanded two way ...

Smart grids is an added communication capabilities and intelligence to traditional grids,smart grids are enabled by Intelligent sensors and actuators, Extended data management system,Expanded two way communication between utility operation system facilities and customers,Network security ,National integration ,Self healing and adaptive –Improve distribution and transmission system operation,Allow customers freedom to purchase power based on dynamic pricing ,Improved quality of power-less wastage ,Integration of large variety of generation options.

We have seen the more complex and critical infrastructure the more vulnerable they are. From the Year of 1994 we have seen lots of incidents where SmartGrid were Hacked the latest and booming incident was Stuxnet Worm which targeted Nuclear Power System of Iran and Worldwide.There are different types of Attacks we will see. Security needed for Smart Grid.

Statistics

Views

Total Views
1,688
Views on SlideShare
1,546
Embed Views
142

Actions

Likes
3
Downloads
78
Comments
0

12 Embeds 142

http://www.clubhack.tv 67
http://falgunrathod.blogspot.in 50
http://falgunrathod.blogspot.com 7
https://twitter.com 6
http://www.linkedin.com 3
https://www.linkedin.com 3
http://www.slashdocs.com 1
http://www.docseek.net 1
http://feeds.feedburner.com 1
http://www.docshut.com 1
http://falgunrathod.blogspot.nl 1
http://webcache.googleusercontent.com 1
More...

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Smart Grid Security by Falgun Rathod Smart Grid Security by Falgun Rathod Presentation Transcript

    • SMART GRIDSECURITY
    • Who am I ? Falgun Rathod A Security Researcher An Investigator Managing Director & Founder – Cyber Octet (P) Ltd. Co-Chairman – PR Group of Companies (Cyber Octet (P) Ltd. & Elecorev Technogies (P) Ltd.) (IT & Security) (Electronics & AI)
    • SCADA
    • Automated Metering Infra
    • What‟s a “Smart Grid?” Smart Grid is a developing Network of new Technologies, equipment, and controls working together to respond immediately to our 21st Century demand for electricity. Technology Used Integrated Communication Sensing Smart Meters Phasor Measurement Units Advanced Components Advanced Control Decision Support System Smart Power Generation
    • What‟s a “Smart Grid?”
    • SmartGrid
    • GAO Report – Released January 2011
    • Another View – Smart Grid Communications Network Sensors Regulatory Policy and and Rule- making Grid Control Enhanced Plug In Electric Flexibility & Control Congestion Hybrid Vehicles Management Guided By… DistributedAnd Renewable Energy Energy SGCN Results… Efficiency Demand Response Supported By… Data, Analytics, and Information Smart Meters and Communications Security Open and Ubiquitous New Communication Devices Voltage and Systems Stability Generation Custom Applications Enterprise Integration
    • Evolution of Electrical Utility Risks PAST PRESENT NEAR FUTURE HARD-WIRED CONTROL SCADA / RF ENABLED SMART GRID / RF PERVASIVE Most controls are “hard  Intense financial  Control inside-the-home of all wired” AND require pressure to reduce appliances manual intervention staffing; hence more  Wide use of 802.x, ZigBee, X10 “remote” RF methodologies Lesser public availability of RF  Computerization and RF  Uncertain Software Provenance, devices control common in all Packaged Code and Offshore industries Development Zero-Day Attacks Little capability for damage to or financial  Project implementation  Increased organized crime/ benefit from RF attacks excellence not always terrorist focus followed by outstanding Cost-plus charging – “If security operations  Potential for damage to, and we need it, we‟ll do it! If “net” theft by, every customer we can‟t do it, we‟ll buy  SCADA hacking can it!” cause  Revenue/Risk Asymmetry for „ “wholesale” damage each customer Clear regulatory and to neighborhoods and  Transition to IP and Windows financial landscape equipment “Monoculture” for RF devices  Uncertain regulatory,  Increased public and regulatory audit, and liability Scrutiny landscape
    • GRIDS can be Hacked :P
    • Overview of Cyber Security – Threats Admin Operator Perform SQL Admin ARP Scan EXEC Opens Email Send e-mail with Malware with malware Acct Operator Internet4. 1. Hacker sends anan ARP (Address Hacker performs e-mail with malware Resolution Protocol) Scan Master 2.E-mail recipient opens the e-mail and the DB5. Once the Slaveinstalled quietlyfound, hacker malware gets Database is 3. Using the information command sends an SQL EXEC that malware Slave Database gets, hacker is able to take control of the e-6. Performs another ARP Scan RTU mail recipient‟s PC!7. Takes control of RTU Example from 2006 SANS SCADA Security Summit, INL
    • Overview of Cyber Security – Threats Cyber Penetration Attacker Communications Controls the Performs Network (WAN) Head End Remote AMCCAttacker Disconnect (Advanced Metering Control Computer) Communications Network (WAN) Retailers 3rd Parties AMI WAN AMI WAN AMI WAN Data Management Systems (MDM/R) U N IV ER S IT Y Example from AMRA Webinar, Nov ’06 “The Active Attacker”
    • Cyber Security Challenges The challenge is complex and continuously changing Legacy systems need to be protected Number and geographic location of end points Relationship to physical security Systems are 7x24 and critical The human element / social engineering
    • Cyber Solutions - Defense in Depth Perimeter Protection  Firewall, IPS, VPN, AV  Host IDS, Host AV  DMZ  Physical Security Interior Security  Firewall, IDS, VPN, AV  Host IDS, Host AV  IEEE P1711 (Serial Connections)  NAC  Scanning IDS Intrusion Detection System IPS Intrusion Prevention System Monitoring DMZ DeMilitarized Zone Management VPN Virtual Private Network (encrypted) Processes AV Anti-Virus (anti-malware) NAC Network Admission Control
    • “LAYERS” OF CONCERN
    • Physical Layer Security Natural Disasters  Snow Storms  Hurricanes  Solar Flares  Geomagnetic Storms  Earthquakes  Flooding  Volcanoes Recognize that Location of the Smart Grid Components Can Be Affected by the Surrounding Environment
    • Physical Layer Security (2) Steal the Meters – Sell the Devices RESPONSE: METER “LAST GASP” ALERTS WHEN DISCONNECTED
    • Physical Layer Security (3) Tamper with the Meter  Cause Meter to Stop Reading - Disconnect  Cause Meter to Mis-Read (or Reverse)  Inject Malware  Modify Encryption  Modify Authentication Mechanism • July 2009 – Black Hat Conference • IOActive, Seattle InfoSec Firm • Proof of Concept – 24 Hours Caused 15,000 of 22,000 Home Smart Meters Taken Over by Malware/Worm
    • Physical & Cyber Opening the Meter  Accessing Exposed Ports and Connectors  Intercept Data Between Microcontroller and Radio Infrared Port Attack/Hack
    • Cyber Layer Security The Biggest Opportunity for Trouble “The Last Mile” Issues Remember – Added Complexity Causes Concerns
    • “Last Mile” Broadband Power Line Systems Power Line Carrier Systems Public Switched Telephone Network (PSTN) Cat5/6 Network Connection Radio Frequency  WiMax  ZigBee  6LoWPAN  802.11x  Cellular (CDMA/EVDO, GSM, LTE)
    • Cyber Attacks Remember C I A  Confidentiality Attacks  Reading, “Sniffing” the data  Integrity Attacks  Changing the Data  Availability Attacks  Denial of Service – Prevent Use of Service
    • Confidentiality Attacks Buffer Overflow  Inject Data that is too “Big” for the Meter/System  Predominantly Caused by Bad Software Development Snooping / Sniffing  Reading / Capturing the Data between Meter and Collector and Vice Versa  Also Internal to Meter Between Microcontroller and Radio  A Reason for Encryption – “Cleartext is Bad” Hacking the Encryption  Some Protocols Easy to Break  Causes – Weak Keys, Weak Protocols, Weak Initialization Vectors  Man-in-Middle Attack  “Bit Flipping” Attacks (Weak Integrity Functions) Breaking Into Password Storage on Devices “Race Condition” Exploits  A race condition is of interest to a hacker when the race condition can be utilized to gain privileged system access.
    • Integrity Attacks Key: Change the Data Replay Attacks (Man-in-the- Middle) Why?  Change the Bill (Up or Down)  Modify Usage Data  Use Data for Fraud  Use as Alias  “Gee Officer, I wasn‟t home that night!”
    • Availability Attacks Denial of Service (DoS) Attacks  Examples: Georgia Cyber War, Estonia Cyber War Spoofing  Pretending You are Another Meter Meter Authentication Weaknesses  Manipulate Meter to Collector Or  Manipulate Collector to Meter Name Resolution Attacks  Meter Name Cache Poisoning  Denial of Service Attacks Against DNS Servers  Reroute Meter Traffic to Another Meter or Collector or Network Hold Ransom  Before Super Bowl?  Over a Community/Neighborhood? Wartime Reserve  Chipset Backdoor “Pre-Attack” in Smart Meters http://www.aclaratech.com/AclaraRF/PublishingI mages/starsystem_th.jpg
    • Privacy Attacks http://www.dora.state.co.us/puc/DocketsDecisions/DocketFilings/09I-593EG/09I-593EG_Spring2009Report-SmartGridPrivacy.pdf
    • Privacy Attacks (2) Determine Lifestyles Determine Best Time to Rob Use Info to “Sell” Services (e.g., “I‟m here to fix your broken refrigerator, Ma‟m!) http://www.baystatetech.org/graphics/major-app.jpg
    • STORAGE ISSUES A Paradigm Shift Microsoft Clip Art Online www.smartgridnews.comToday’s Environment The Future Smart GridAnalog Meters or Simple Digital Meters “Smart” Digital Meters & “Smart”Manually Read or Use “Drive By” Reading SensorsRead Monthly (or Less Frequently) Automatic Reading Read Every ~15 Minutes or MoreMinimal Data Accumulation FrequentlySimple Data Fields – KWH Used Since “Data Avalanche!” – Numerous DataLast Reading Fields and Classes www.smartgridnews.com Circuit Breaker Relays – ENHayden ENHayden - Used -- Used with with Permission Permission
    • Storage ConsiderationsCosts for More Data Centers and StorageError HandlingData Analytics and Business Intelligence ResourcesSecurity of Data – Static and Dynamic…Stored or in TransitPrivacy of Data – Consider EU Privacy LawsConsumer Education RequirementsAuditing, Reporting, Regulatory Impacts
    • What To Do? #1: DON‟T GIVE UP! #2: DON‟T IGNORE THE THREATS! #3: LEARN AND STUDY – DO THREAT MODELING #4: INCLUDE SECURITY, IT, UTILITY OPERATIONS IN PLANNING AND SOLUTION DEVELOPMENT #5: WORK WITH SECURITY EXPERTS & CONSULTANTS #6: ASK HARD QUESTIONS #7: BUILD DEFENSE-IN-DEPTH IN EVERY PHASE OF YOUR SMART GRID SOLUTION #8: INCIDENT RESPONSE SET UP, PRACTICED #9: STORAGE – PLAN, IDENTIFY CONTINGENCIES, LOOK OUTSIDE THE BOX #10: INCLUDE SECURITY EARLY, OFTEN
    • QUESTIONS?
    • Thanks You can mail me on falgun911@gmail.com for related queries.