This presentation gives an introduction to security of smart grid and reviews the most important related guidelines like NISTIR 7628 and IEEE 2030. At the final section, it reviews the US cyber security program for the energy sector as a case study.
5. Why we need smart grid
3/10/201512:12PMSmartGridSecurity
5
Price of Electricity is Increasing
We need more generation capacity
We need a better monitoring and control
Energy usage is highly unbalanced over time
SmartPowerGrid
6. What is Smart Grid?
Short Answer :
Smart Grid = Power Grid + ICT
3/10/201512:12PMSmartGridSecurity
6
9. NIST Smart Grid Conceptual Model
3/10/201512:12PMSmartGridSecurity
9
At IEEE, the smart grid is seen as a large "System of Systems," where each NIST smart grid domain is expanded into three smart
grid foundational layers:
(i) The Power and Energy Layer,
(ii) The Communication Layer
(iii) The IT/Computer Layer.
Layers (ii) and (iii) are enabling infrastructure platforms of the Power and Energy Layer that makes the grid
"smarter."
10. Bulk Generation
3/10/201512:12PMSmartGridSecurity
10
• The Bulk Generation domain of the smart grid generates electricity from renewable and non-renewable energy sources
in bulk quantities.
• Energy that is stored for later distribution may also be included in this domain.
11. Distribution
3/10/201512:12PMSmartGridSecurity
11
• The Distribution domain distributes the electricity to and from the end customers in the smart grid.
• The distribution network connects the smart meters and all intelligent field devices, managing and controlling them
through a two-way wireless or wire line communications network.
• It may also connect to energy storage facilities and alternative distributed energy resources at the distribution level.
12. Customer
3/10/201512:12PMSmartGridSecurity
12
• The Customer domain of the smart grid is where the end-users of electricity (home, commercial/building and
industrial) are connected to the electric distribution network through the smart meters.
• The smart meters control and manage the flow of electricity to and from the customers and provide energy
information about energy usage and patterns.
• Each customer has a discrete domain comprised of electricity premise and two-way communications networks.
• A customer domain may also generate, store and manage the use of energy, as well as the connectivity with plug-in
vehicles.
13. Operations
3/10/201512:12PMSmartGridSecurity
13
• The Operations domain manages and controls the electricity flow of all other domains in the smart grid.
• It uses a two-way communications network to connect to substations, customer premises networks and other
intelligent field devices.
• It provides monitoring, reporting, controlling and supervision status and important process information and
decisions.
• Business intelligence processes gather data from the customer and network, and provide intelligence to support the
decision-making.
14. Markets
3/10/201512:12PMSmartGridSecurity
14
• The Markets domain operates and coordinates all the participants in electricity markets within the smart grid.
• It provides the market management, wholesaling, retailing and trading of energy services.
• The Markets domain interfaces with all other domains and makes sure they are coordinated in a competitive market
environment.
• It also handles energy information clearinghouse operations and information exchange with third-party service
providers.
• For example, roaming billing information for inter-utility plug-in-vehicles falls under this domain.
15. Service Provider
3/10/201512:12PMSmartGridSecurity
15
• The Service Provider domain of the smart grid handles all third-party operations among the domains.
• These might include web portals that provide energy efficiency management services to end-customers, data exchange
between the customer and the utilities regarding energy management, and regarding the electricity supplied to homes
and buildings.
• It may also manage other processes for the utilities, such as demand response programs, outage management and field
services.
22. 3/10/201512:12PMSmartGridSecurity
22
Interconnected
networks
Increased
number of entry
points and paths
Interconnected
systems
Increased private
data exposure and
risk when data is
aggregated
Increased use of
new technologies
introduce new
vulnerabilities
malicious
software/firmware
or compromised
hardware
Results in
malicious attack
Expansion of
collected data potential for compromise
of data confidentiality,
including the breach of
customer privacy
24. Security Requirements in SG
3/10/201512:12PMSmartGridSecurity
24
Incident Handling
Self-healing
To meet these requirements, every node
in the Smart Grid must have
at least basic cryptographic functions
time-criticality
security
balance communication efficiency and information security
25. Notice!!!!!
3/10/201512:12PMSmartGridSecurity
25
Smart Grid is a cyber-physical System
Cyber
Security
Breaches
Real
World
physical
Impacts
Physical
Security
Breaches
Cyber
Space
Incidents
Hybrid Cyber-Physical Solutions to :
Making Secure the Smart Grid
27. Challenges in Securing Smart Grid
3/10/201512:12PMSmartGridSecurity
27
Data and information security requirements
Large numbers of “smart” devices
Physical security and grid perimeter
Legacy and (in)secure communication protocols
Large number of stakeholders and synergies with other utilities
Lack of definition of the smart grid concept and of its security requirements
Lack of awareness among smart grid stakeholders
Security in the supply chain
Promote the exchange of information on risks, vulnerabilities and threats
International cooperation
32. Type 1
3/10/201512:12PMSmartGridSecurity
32
• This type of attacks affect the operation of generators.
• Turning off/on a generator can imbalance supply and demand.
• Ripple effect is usually a major problem in such cases.
• Although such attacks are complex and need resources:
• We need to highly protect access to power plants:
• Physical Access
• Cyber Access
• Any remote access should be controlled by firewalls:
33. Key use cases in distribution and transmission systems in the Smart Grid
3/10/201512:12PMSmartGridSecurity
33
Type 2
34. 3/10/201512:12PMSmartGridSecurity
34
Department of Homeland Security
released a report in July
2013 about GPS Systems vulnerabilities to
jamming attacks.
With invalid time-stamp, GPS data
is useless or misleading.
Attack to Network
Source Spoofing
Content Spoofing
Attack to Sensors
35. False Data Injection Attacks
3/10/201512:12PMSmartGridSecurity
35
• We need to do our best to protect sensor data.
• But what if an attack goes through?
• Solution: PMUs readings should add up!
• What you observe at different
locations should be consistent!
HybridCyber-PhysicalSolutionsto:
MakingSecuretheSmartGrid
• It is not enough to just hack PMU 1:
• PMUs 4 and 6 need to be hacked too.
• Or the attack will be detected!
Attacker’s Viewpoint: Attacker has limited resources.
Operator’s Viewpoint: Operator has limited resources.
Which one to protect or to attack to ?
36. Key use cases in the AMI and home-area networks
3/10/201512:12PMSmartGridSecurity
36
Type 3
37. 3/10/201512:12PMSmartGridSecurity
37
• A Type III attack affects the load sector.
• One of the standard Type III attacks is “load altering attack”.
• Load altering attack is an attack against demand response.
• Assume that a hacker compromises the price data:
• Sent to hundreds of thousands of ECS devices.
• A large number of users jump into the low price hour.
• This can cause a load spike at an already peak hour .
• Price signals have to be source authenticated.
• A sudden spike in load demand for 1 million users
• A sudden shot down of multiple generation units!
• It resembles Denial of Service attacks with botnets!
38. Comparison between the distribution and
transmission system and the AMI networks
3/10/201512:12PMSmartGridSecurity
38
Dos Attack Attack to Integrity
39. Attack Countermeasure to DoS Attack
3/10/201512:12PMSmartGridSecurity
39
At the physical or MAC layer
detector can measure the received signal
strength information (RSSI)
at every layer by identifying a significant increase of
packet transmission failures
at the early stage by proactively sending probing
packets
44. National Institute of Standards and Technology Role:
Coordination of Interoperability Standards in United States
• Department of Energy (DOE) lead agency for U.S. Government Smart Grid effort
$3.4 billion of ARRA-funded Smart Grid Investment Grants; R&D portfolio
Smart Grid Task Force – DOE, NIST, FERC, FCC, EPA, ITA, DHS, …
• NIST coordinates and accelerates development of standards by private sector SDOs
• Federal Energy Regulatory Commission initiates rulemaking when consensus
• State Public Utilities Commissions (California, Texas, Ohio, …)
… and more
… and more
International
Global Consortia
Regional/National
3/10/201512:12PMSmartGridSecurity
44
45. NIST Three Phase Plan for Smart Grid Interoperability
• NIST role
PHASE 1
Identify an initial set of
existing consensus
standards and develop
a roadmap to fill gaps
2009 2010
PHASE 2
Establish Smart Grid
Interoperability Panel (SGIP)
public-private forum with
governance for ongoing efforts
Smart Grid Interoperability Panel
established Nov 2009
PHASE 3
Conformity Framework
(includes Testing and
Certification)
NIST Interoperability Framework 1.0
Released Jan 2010
Summer 2009 workshops
Draft Framework Sept 2009
2012
NIST Interoperability Framework 2.0
Released Feb2012
2014
2013
industry-led incorporated non-profit
organization (SGIP.2)
3/10/201512:12PMSmartGridSecurity
45
46. NIST Framework and Roadmap,
Release 1.0
http://www.nist.gov/smartgrid/
Conceptual Model
• Revised version January 2010
Public comments reviewed
and addressed
• Smart Grid Vision / Model
• 75 key standards identified
IEC, IEEE, …
• 16 Priority Action Plans to
fill gaps
• Includes cyber security strategy
Companion document
NISTIR 7628
3/10/201512:12PMSmartGridSecurity
46
47. Accomplishments since NIST
Framework Release 2.0
• Smart Grid Interoperability Panel
The NIST-established SGIP has transitioned to an industry-led non-profit organization.
SGIP has grown to 194 members as of June 2014, providing > 50% of funding through member
dues.
• Regulatory Engagement and International Leadership
FERC and NARUC point to the NIST framework and SGIP process for guidance in the
coordination, development, and implementation of interoperability standards.
Numerous liaison/working relationships have been established with international organizations.
• Outcomes with Major Contributions from NIST
Multiple new or revised standards, including Open ADR 2.0, SEP2, IEEE 1547, NAESB REQ18,
and UL 1741 standards
SGIP EMIIWG report on electromagnetic compatibility issues Two documents—“Technology,
Measurement, and Standards Challenges for the Smart Grid” and “Strategic R&D Opportunities
for the Smart Grid”—resulting from an August 2012 workshop hosted by NIST and the
Renewable and Solar Energy Institute (RASEI)
NISTIR 7823 (AMI Smart Meter Upgradeability Test Framework)
Precision Time Protocol (IEEE 1588) Testbed, Dashboard, and Conformance Test Plan
Revision 1 of NISTIR-7628 (“Guidelines for Smart Grid Cybersecurity”), published in September
2014.
3/10/201512:12PMSmartGridSecurity
47
48. NIST Framework and Roadmap,
Release 3.0
• In Release 3.0, smart grids are viewed from the perspective of cyber-physical
systems (CPS)
hybridized systems that combine computer-based communication, control, and
command with physical equipment to yield improved performance, reliability,
resiliency, and user and producer awareness.
3/10/201512:12PMSmartGridSecurity
48
49. NISTIR 7628 Overview
• This three-volume report presents an analytical framework that organizations can
use to develop effective cyber security strategies tailored to their particular
combinations of Smart Grid-related characteristics, risks, and vulnerabilities.
• This initial version of the Guidelines was developed as a consensus document by
the Cyber Security Working Group (CSWG) of the Smart Grid Interoperability
Panel (SGIP).
3/10/201512:12PMSmartGridSecurity
49
50. NISTIR 7628 Volume I
• The first volume of the report describes the analytical approach, including the risk
assessment process, used to identify high-level security requirements.
• It also presents a high-level architecture followed by a logical interface architecture
used to identify and define categories of interfaces within and across the
seven Smart Grid domains.
• High-level security requirements for each of the 22 logical interface categories are
then described.
• The first volume concludes with a discussion of technical cryptographic and key
management issues across the scope of Smart Grid systems and devices.
3/10/201512:12PMSmartGridSecurity
50
56. SECURITY REQUIREMENTS EXAMPLE
• Each security requirement is allocated to one of three categories:
Governance, risk, and compliance (GRC) : Organizational Level
Common technical : are applicable to all of the logical interface
Unique technical : are allocated to one or more of the logical interface categories
3/10/201512:12PMSmartGridSecurity
56
57. NISTIR 7628 Volume II
• The second volume is focused on privacy issues within personal dwellings.
• It provides awareness and discussion of such topics as evolving Smart
Grid technologies and associated new types of information related to individuals,
groups of individuals, and their behavior within their premises and electric
vehicles; and whether these new types of information may contain privacy risks and
challenges that have not been legally tested yet.
• Additionally, the second volume provides recommendations, based on widely
accepted privacy principles, for entities that participate within the Smart Grid.
3/10/201512:12PMSmartGridSecurity
57
60. NISTIR 7628 Volume III
• The third volume is a compilation of supporting analyses and references used to develop
the high-level security requirements and other tools and resources presented in the first
two volumes.
• These include categories of vulnerabilities defined by the working group and a discussion
of the bottom-up security analysis that it conducted while developing the guidelines.
• A separate chapter distills research and development themes that are meant to present
paradigm changing directions in cyber security that will enable higher levels
of reliability and security for the Smart Grid as it continues to become more
technologically advanced.
• In addition, the third volume provides an overview of the process that
the CSWG developed to assess whether standards, identified through the NIST-led process
in support of Smart Grid interoperability, satisfy the high-level security requirements
included in the report.
3/10/201512:12PMSmartGridSecurity
60
62. CEN-CENELEC-ETSI Smart Grid
Coordination Group
• M/490 Standardization Mandate to European Standardization Organizations (ESOs), to
support European Smart Grid deployment.
• References:
ISO/IEC 27001:2005
ISO/IEC 27002:2005
IEC 62351-X : Power System Automation Protocol Security
NERC CIP V4 (US Standard)
NISTIR-7628 - 2010 (US Guidelines)
• It Contains :
SGIS essential requirements (Weighted triad CIA)
Security requirements and recommendations
On the implementations of security through European SG stability scenario.
SGIS Standardization
Defining SGIS Standard landscape and enhancing existing and making additional ones to integrate smart grid
needs
SGIS Toolbox
Smart Grid Use Case stakeholders and security needs
Risk consideration
In connecting Smart Grid critical infrastructures equipments to public networks
3/10/201512:12PMSmartGridSecurity
62
73. 3/10/201512:12PMSmartGridSecurity
73
P2030OverallGoals
1. Provide guidelines in understanding and defining smart grid
interoperability of the electric power system with end-use applications and
loads
2. Focus on integration of energy technology and information and
communications technology
3. Achieve seamless operation for electric generation, delivery, and end-use
benefits to permit two way power flow with communication and control
4. Address interconnection and intra-facing frameworks and strategies with
design definitions
5. Expand knowledge in grid architectural designs and operation to promote
a more reliable and flexible electric power system
6. Stimulate the development of a Body of IEEE 2030 smart grid standards
and or revise current standards applicable to smart grid body of
standards.
IEEE Guide for Smart Grid Interoperability of Energy Technology and Information
Technology Operation with the Electric Power System (EPS), End-Use Applications,
and Loads
74. 3/10/201512:12PMSmartGridSecurity
Slide
74
P2030ORGANIZATION
• TASK FORCE 1: Power Engineering Technology
• TASK FORCE 2: Information Technology
• TASK FORCE 3: Communications Technology
IEEE Guide for Smart Grid Interoperability of Energy Technology and Information
Technology Operation with the Electric Power System (EPS), End-Use Applications,
and Loads
79. Characteristics of smart grid
communications network connectivity
• Tier classes 1, 2, or 3 are defined by the level of assurance, minimum
latency, and impact on operations.
• Level of assurance is used to define the tier class priority hierarchy
3/10/201512:12PMSmartGridSecurity
79
81. Section IV
US Smart Grid Cybersecurity Program
3/10/201512:12PMSmartGridSecurity
81
82. Introduction
• in February 2013 the President signed Executive Order (EO) 13636: Improving
Critical Infrastructure Cybersecurity and released Presidential Policy Directive
(PPD)-21: Critical Infrastructure Security and Resilience, which aims to increase
the overall resilience of U.S. critical infrastructure.
• The Department of Homeland Security's Critical Infrastructure Cyber
Community C³ Voluntary Program helps align critical infrastructure owners and
operators with existing resources that will assist their efforts to adopt the
Cybersecurity Framework and manage their cyber risks. Learn more about the
C³ Voluntary Program by visiting: www.dhs.gov/ccubedvp.
• NIST released the first version of the Framework for Improving Critical
Infrastructure Cybersecurity on February 12, 2014. The Framework, created
through collaboration between industry and government, consists of standards,
guidelines, and practices to promote the protection of critical infrastructure.
• NIST is also pleased to issue a companion Roadmap that discusses NIST's next
steps with the Framework and identifies key areas of cybersecurity development,
alignment, and collaboration.
3/10/201512:12PMSmartGridSecurity
82
83. What does DoE due to NIST
Framework?
• The Energy Department is coordinating with the energy sector on
implementation of the NIST Cybersecurity Framework through the
electricity and oil and natural gas sector coordinating councils.
The Department will provide updates as consensus is reached on energy sector
implementation guidance for the Framework.
• The Department also plans to leverage the Cybersecurity Capability
Maturity Model (C2M2), to further facilitate the energy sector’s
implementation of the NIST Cybersecurity Framework.
3/10/201512:12PMSmartGridSecurity
83
84. Office of Electricity Delivery and Energy Reliability (OE)
• Addressing cybersecurity is critical to enhancing the security and reliability
of the nation’s electric grid.
• Ensuring a resilient electric grid is particularly important since it is
arguably the most complex and critical infrastructure that other sectors
depend upon to deliver essential services.
• Over the past two decades, the roles of electricity sector stakeholders have
shifted: generation, transmission, and delivery functions have been
separated into distinct markets; customers have become generators using
distributed generation technologies; and vendors have assumed new
responsibilities to provide advanced technologies and improve security.
These changes have created new responsibilities for all stakeholders in ensuring the
continued security and resilience of the electric power grid.
3/10/201512:12PMSmartGridSecurity
84
85. Administration’s strategic comprehensive approach
• The Office of Electricity Delivery and Energy Reliability (OE) supports it by:
Facilitating public-private partnerships to accelerate cybersecurity efforts for the
grid of the 21st century;
Supporting sector incident management and response; and Enhancing and
augmenting the cybersecurity workforce within the electric sector.
Funding research and development of advanced technology to create a secure and
resilient electricity infrastructure;
Supporting the development of cybersecurity standards to provide a baseline to
protect against known vulnerabilities;
Facilitating timely sharing of actionable and relevant threat information;
Advancing risk management strategies to improve decision making;
• OE works closely with the Department of Homeland Security, industry, and
other government agencies on an ongoing basis to reduce the risk of energy
disruptions due to cyber attack.
3/10/201512:12PMSmartGridSecurity
85
86. Cybersecurity Capability Maturity
Model (C2M2)
• The C2M2 helps organizations—regardless of size, type, or industry—evaluate, prioritize,
and improve their own cybersecurity capabilities.
• The model focuses on the implementation and management of cybersecurity practices
associated with the information technology (IT) and operational technology (OT) assets and
the environments in which they operate.
• The goal is to support ongoing development and measurement of cybersecurity capabilities
within any organization by:
Strengthening organizations’ cybersecurity capabilities;
Enabling organizations to effectively and consistently evaluate and benchmark their
cybersecurity capabilities;
Sharing knowledge, best practices, and relevant references across organizations as a means to
improve cybersecurity capabilities;
Enabling organizations to prioritize actions and investments to improve cybersecurity; and
Supporting adoption of the National Institute of Standards and Technology (NIST)
Cybersecurity Framework.
• The C2M2 program is comprised of three cybersecurity capability maturity models:
The Cybersecurity Capability Maturity Model (C2M2);
The Electricity Subsector Cybersecurity Capability Maturity Model (ES-C2M2); and
The Oil and Natural Gas Subsector Cybersecurity Capability Maturity Model (ONG-C2M2).
3/10/201512:12PMSmartGridSecurity
86
87. Electricity Subsector Cybersecurity
Capability Maturity Model (ES-C2M2)
• The ES-C2M2 includes the core C2M2 as well as additional reference
material and implementation guidance specifically tailored for the electricity
subsector.
• The ES-C2M2 comprises a maturity model, an evaluation tool, and DOE
facilitated self-evaluations.
Maturity model: cybersecurity practices, grouped into ten domains and arranged
according to maturity level.
Evaluation tool: allows organizations to evaluate their cybersecurity practices
against ES-C2M2 cybersecurity practices, determining score for each domain and
risk tolerance according to the desired scores.
Self-evaluation: Facilitators guide discussions, answer questions, and clarify
model concepts to increase the accuracy of an evaluation.
3/10/201512:12PMSmartGridSecurity
87
88. Energy Delivery Systems
Cybersecurity,
Why and How?
• Energy delivery systems are the backbone of the energy sector - a network of processes that
produce, transfer, and distribute energy and the interconnected electronic and communication
devices that monitor and control those processes.
• The CEDS program emphasizes collaboration among the government, industry, universities,
national laboratories, and end users to advance research and development in cybersecurity that is
tailored to the unique performance requirements, design and operational environment of energy
delivery systems.
• CEDS program activities fall under five project areas, guided by the Roadmap to Achieve
Energy Delivery Systems Cybersecurity. They are:
Build a Culture of Security. Through extensive training, education, and communication, cybersecurity “best
practices” are encouraged to be reflexive and expected among all stakeholders.
Assess and Monitor Risk. Develop tools to assist stakeholders in assessing their security posture to enable
them to accelerate their ability to mitigate potential risks.
Develop and Implement New Protective Measures to Reduce Risk. Through rigorous research,
development, and testing, system vulnerabilities are revealed and mitigation options are identified which has
led to hardened control systems.
Manage Incidents. Facilitate tools for stakeholders to improve cyber intrusion detection, remediation,
recovery, and restoration capabilities.
Sustain Security Improvements. Through active partnerships, stakeholders are engaged and collaborative
efforts and critical security information sharing is occurring.
• DOE is helping to address the critical security challenges of energy delivery systems
through a focused R&D effort and integrated planning.
3/10/201512:12PMSmartGridSecurity
88
89. R&D: National SCADA Test Bed
• Securing energy delivery systems is essential for protecting energy infrastructure. The
National Research Council identified "protecting energy distribution services by improving
the security of SCADA systems" as one of the 14 most important technical initiatives for
making the Nation safer across all critical infrastructures. In addition, the National
Strategy to Secure Cyberspace (2003) states that "securing DCS/SCADA is a national
priority."
• The National SCADA Test Bed (NSTB) provides frontier research development as well as a
core testing environment to help industry and government identify and correct
vulnerabilities in SCADA equipment and control systems within the energy sector.
• NSTB is a one-of-a-kind national resource that draws on the integrated expertise and
capabilities of the Argonne, Idaho, Lawrence Berkeley, Los Alamos, Oak Ridge, Pacific
Northwest, and Sandia National Laboratories.
• NSTB combines a network of the national labs' state-of-the-art operational system testing
facilities with expert research, development, analysis, and training to discover and adress
critical security vulnerabilities and threats the energy sector faces.
• NSTB offers more than 17 testing and research facilities, encompassing field-scale control
systems, 61 miles of 138 kV transmission lines, 7 substations, and advanced visualization
and modeling tools.
3/10/201512:12PMSmartGridSecurity
89
90. National SCADA Test Bed Key
Researches?
• Core and Frontier R&D projects being conducted by national laboratories that
comprise the NSTB include:
Los Alamos National Laboratory is researching quantum key distribution (QKD) to exchange cryptographic
keys that are then used in traditional algorithms to encrypt energy sector information, including smart grid
data. In December 2012, the lab successfully demonstrated QKD on the University of Illinois test bed in
collaboration with the CEDS-funded Trustworthy Cyber Infrastructure for the Power Grid (TCIPG) project.
Idaho National Laboratory is developing a methodology to allow energy sector stakeholders to analyze
technical, cybersecurity threat information and understand how those threats affect their overall
risk posture. The methodology provides a framework for analyzing technical security data and correlating that
data with threat patterns, allowing stakeholders to formulate an appropriate response to a given threat.
Sandia National Laboratories is investigating moving target defenses to better secure the energy sector against
attack by eliminating the class of adversaries that relies on known static addresses of critical infrastructure
network devices. This project is automatically reconfiguring network settings and randomizing
application communications dynamically to convert control systems into moving targets that
proactively defend themselves against attack.
Lawrence Berkeley National Laboratory is considering the physical limitations of devices to develop
specifications and enhanced monitoring techniques that can determine when a system does or is about to violate
a protocol, which may be the result of external or internal threats. This project is also researching methods of
delegating cyber and physical protection responsibilities to low level sensors and actuators.
Argonne National Laboratory supports efforts to develop and deploy control system standards, including the
International Electrotechnical Commission (IEC) 61850 substation automation standard and trustworthy
wireless standards through the Industrial Society of Automation (ISA) working groups. Argonne applies its oil
and natural gas industry subject-matter expertise in these and other NSTB efforts.
3/10/201512:12PMSmartGridSecurity
90
91. NSTB Laboratory-Led Projects
• Using Research Calls, mid-term research, development, and demonstrations lead
to next generation capabilities that are expected to become widely adopted for
enhancing the cybersecurity of communication and control systems used within
the energy sector.
• The Research Calls are a competitive solicitation among DOE’s national
laboratories, which encourages collaboration among multiple laboratories,
vendors, and asset owners.
• A Research Call conducted in 2012 included the following projects:
Pacific Northwest National Laboratory and projects partners are developing an
integrated suite of open source tools and techniques to identify compromise in the
hardware, firmware, and software components of energy delivery systems both before
commissioning and during period of service. The suite includes a range of stand-alone
tools that can be run locally to provide hardware supply chain assurances, to large-scale
high-performance computing services that can statistically analyze systems of systems to
identify potential concerns in critical infrastructure supply chains.
Oak Ridge National Laboratory and project partners are developing a Quantum
Key Distribution (QKD) capability for the energy sector. The solution decreases cost by
enhancing traditional QKD, allowing for multiple clients to communicate over a single
quantum channel using low-cost quantum modulators, called AQCESS (Accessible QKD
for Cost-Effective Secret Sharing) nodes.
3/10/201512:12PMSmartGridSecurity
91
92. Long-Term R&D: Academia-Led
Projects
• The Trustworthy Cyber Infrastructure for the Power Grid (TCIPG) project is a partnership of
professors, researchers, and students from the University of Illinois at Urbana-Champaign,
Dartmouth College, Cornell University, University of California at Davis, and Washington State
University.
TCIPG is developing technologies for a secure, real-time communication system; an automated cyber attack
response system; risk and security assessment tools; security validation; and smart grid applications including
wide-area control and monitoring, controllable load demand response, and the integration of plug-in hybrid
electric vehicles.
It is an expansion of the original TCIP project, a five-year effort begun in fall 2005 funded primarily by the
National Science Foundation, with support from DOE and DHS. As TCIP, the project developed a range of
hardware and software solutions, including a highly efficient technique for protecting message exchanges in
existing, already-deployed power systems and a strategy for managing complex security policies in large
networks that may have thousands of access rules.
• CEDS also supports The Software Engineering Institute (SEI), a federally funded R&D center at
Carnegie Mellon University.
SEI provides a unique set of interdisciplinary capabilities, expertise, and partnerships to conduct
frontier research and analysis.
SEI provides independent expertise in support of the CEDS mission by working in public-private partnership to
develop, pilot, implement and transition to the electricity sector improved software and systems engineering
practices.
Activities include: Supporting public-private efforts to develop security architecture and interoperability
guidelines for the electricity sector; Providing guidance in identifying and managing electricity sector risk; and
Transitioning other cybersecurity tools to the electricity sector.
3/10/201512:12PMSmartGridSecurity
92
93. Planning: Roadmap to Achieve
Energy Delivery Systems
Cybersecurity - 2011
• Asset owners and operators, government agencies, and other stakeholders are pursuing various
strategies to improve control systems security. To provide a unifying framework, DOE partnered
with industry, DHS, and Natural Resources Canada in 2005 to facilitate the development of the
Roadmap to Achieve Energy Delivery Systems Cybersecurity. DOE has used the Roadmap to
encourage industry, government, and academic collaboration to stimulate the creation of more
secure, next-generation control systems.
• The Energy Sector Control Systems Working Group (ESCSWG) updated this roadmap to build
upon the successes of the energy sector and address gaps created by the changing energy sector
landscape and advancing threat capabilities, and to emphasize a culture of security. As part of
the Obama Administration’s goals to enhance the security and reliability of the Nation’s
energy infrastructure, the U.S. Department of Energy released the 2011 Roadmap to Achieve
Energy Delivery Systems Cybersecurity that identifies the critical needs and priorities of the
energy sector and provides a path for improving security, reliability, and functionality of energy
delivery systems.
• The ESCSWG is a public-private partnership consisting of energy delivery systems cybersecurity
experts from government and industry that support the Electricity Sub-sector Coordination
Council, Oil and Natural Gas Sector Coordinating Council, and the Government Coordinating
Council for Energy under the Critical Infrastructure Partnership Advisory Council framework.
CEDS has co-chaired and supported the ESCSWG efforts since its formation in 2007.
• To enhance the Roadmap's effectiveness, the ESCSWG created the interactive energy Roadmap
(ieRoadmap), an online database where industry can share its R&D efforts for achieving
Roadmap goals, evaluate its progress, and discover collaborative opportunities for future projects.
3/10/201512:12PMSmartGridSecurity
93