Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Smart Grid and Control Systems                                                       Tales from the field© 2011 EnerNex. A...
About me                                                       2© 2011 EnerNex. All Rights Reserved. www.enernex.com
What is security?                                                       3© 2011 EnerNex. All Rights Reserved. www.enernex....
Why doesn’t this stuff work                                                       4© 2011 EnerNex. All Rights Reserved. ww...
Smart Meters      So what                                                       5© 2011 EnerNex. All Rights Reserved. www...
Other Smart Meters                                                       6© 2011 EnerNex. All Rights Reserved. www.enernex...
Metrology Data            mtu         Time                 power            cost          volts       mtu    Time         ...
24 Hours of Data                                                              24 Hours                                    ...
One Hour of Data                                                       Chart Title            8        K   7        i     ...
Physical Impacts                                                       10© 2011 EnerNex. All Rights Reserved. www.enernex....
Physical Impacts                                                       11© 2011 EnerNex. All Rights Reserved. www.enernex....
Physical Security Risks:      Monitoring, Logging, and Retention© 2011 EnerNex. All Rights Reserved. www.enernex.com
Leave Behind© 2011 EnerNex. All Rights Reserved. www.enernex.com
14      What to do?      Place into power zone or substation      Security screws      Treat mobile devices like your w...
Air Ga(s)p?                                                       15© 2011 EnerNex. All Rights Reserved. www.enernex.com
16© 2011 EnerNex. All Rights Reserved. www.enernex.com
What are these?      2099e1ff8a8119093e4dc144736cbe9b      Fbd7e2ff9005c42e88b90724710903e2      00000000325108002a8ae5...
Anything stand out?      <$SYSTEM>=644256565E1E03221A               – ;Framework Security File               –     ;     ...
What is this?      64 42 56 56 5E 1E 03 22 1A                     M P C O      64 42 56 56 5E 12 17 2C 1C 1A 06 1E 15 06 0...
Hope (help)      I need your help:        – IEEE (maybe an actual best practice?)        – NESCOR        – NIST-IR       ...
The Solution                                                       21© 2011 EnerNex. All Rights Reserved. www.enernex.com
Contact me      Slade@EnerNex.com      Twitter: @Slad3g      LinkedIn: http://www.linkedin.com/in/mcgruff              ...
Upcoming SlideShare
Loading in …5
×

The Stories We Could Tell: Lessons Learned From The Field

1,172 views

Published on

  • Be the first to comment

  • Be the first to like this

The Stories We Could Tell: Lessons Learned From The Field

  1. 1. Smart Grid and Control Systems Tales from the field© 2011 EnerNex. All Rights Reserved. www.enernex.com
  2. 2. About me 2© 2011 EnerNex. All Rights Reserved. www.enernex.com
  3. 3. What is security? 3© 2011 EnerNex. All Rights Reserved. www.enernex.com
  4. 4. Why doesn’t this stuff work 4© 2011 EnerNex. All Rights Reserved. www.enernex.com
  5. 5. Smart Meters So what 5© 2011 EnerNex. All Rights Reserved. www.enernex.com
  6. 6. Other Smart Meters 6© 2011 EnerNex. All Rights Reserved. www.enernex.com
  7. 7. Metrology Data mtu Time power cost volts mtu Time power cost volts 1 4/30/2012 14:53 2.324 0.18 117.5 0 4/30/2012 14:53 4.529 0.35 117.6 1 4/30/2012 14:52 1.812 0.14 117.8 0 4/30/2012 14:52 3.88 0.3 117.9 1 4/30/2012 14:51 1.837 0.15 117.8 0 4/30/2012 14:51 3.799 0.3 117.8 1 4/30/2012 14:50 2.141 0.17 117.6 0 4/30/2012 14:50 4.322 0.34 117.5 1 4/30/2012 14:49 2.33 0.18 117.1 0 4/30/2012 14:49 5.951 0.46 117.2 1 4/30/2012 14:48 2.483 0.2 117.4 0 4/30/2012 14:48 6.007 0.47 117.4 1 4/30/2012 14:47 3.164 0.25 116.9 0 4/30/2012 14:47 7.008 0.55 116.9 1 4/30/2012 14:46 3.665 0.29 116.7 0 4/30/2012 14:46 8.064 0.63 116.7 1 4/30/2012 14:45 3.462 0.27 116.7 0 4/30/2012 14:45 8.13 0.63 116.8 1 4/30/2012 14:44 3.457 0.27 116.7 0 4/30/2012 14:44 7.562 0.59 116.8 1 4/30/2012 14:43 3.713 0.29 116.7 0 4/30/2012 14:43 7.631 0.59 116.7 1 4/30/2012 14:42 3.905 0.31 116.5 0 4/30/2012 14:42 8.145 0.63 116.6 1 4/30/2012 14:41 3.405 0.27 116.7 0 4/30/2012 14:41 7.862 0.61 116.8 1 4/30/2012 14:40 2.973 0.23 117.1 0 4/30/2012 14:40 6.566 0.51 117.2 1 4/30/2012 14:39 3.141 0.25 117.1 0 4/30/2012 14:39 5.955 0.46 117.2 1 4/30/2012 14:38 2.696 0.21 117.7 0 4/30/2012 14:38 5.647 0.44 117.7 1 4/30/2012 14:37 2.667 0.21 117.6 0 4/30/2012 14:37 5.588 0.44 117.7 1 4/30/2012 14:36 2.923 0.23 117.6 0 4/30/2012 14:36 5.679 0.44 117.6 1 4/30/2012 14:35 3.413 0.27 117.6 0 4/30/2012 14:35 6.045 0.47 117.6 7© 2011 EnerNex. All Rights Reserved. www.enernex.com
  8. 8. 24 Hours of Data 24 Hours Individual MTUK 9il 8ow 7a 6tt 5H 4o MTU 1u 3 MTU 2rs 2 1 0 Time 8 © 2011 EnerNex. All Rights Reserved. www.enernex.com
  9. 9. One Hour of Data Chart Title 8 K 7 i l 6 o w 5 a t 4 t 3 MTU 1 H MTU 2 o 2 u r 1 s 0 Time 9© 2011 EnerNex. All Rights Reserved. www.enernex.com
  10. 10. Physical Impacts 10© 2011 EnerNex. All Rights Reserved. www.enernex.com
  11. 11. Physical Impacts 11© 2011 EnerNex. All Rights Reserved. www.enernex.com
  12. 12. Physical Security Risks: Monitoring, Logging, and Retention© 2011 EnerNex. All Rights Reserved. www.enernex.com
  13. 13. Leave Behind© 2011 EnerNex. All Rights Reserved. www.enernex.com
  14. 14. 14 What to do? Place into power zone or substation Security screws Treat mobile devices like your wallet Dont advertise (labeling) Encrypt – bus, flash Alarms and logging (that work)© 2011 EnerNex. All Rights Reserved. www.enernex.com
  15. 15. Air Ga(s)p? 15© 2011 EnerNex. All Rights Reserved. www.enernex.com
  16. 16. 16© 2011 EnerNex. All Rights Reserved. www.enernex.com
  17. 17. What are these? 2099e1ff8a8119093e4dc144736cbe9b Fbd7e2ff9005c42e88b90724710903e2 00000000325108002a8ae5c6f24e1b604f06c793 0000000b1267800298c278c2c4a73471956e144 0000000067e18e009da7972f1fce966f80b8b09b 17© 2011 EnerNex. All Rights Reserved. www.enernex.com
  18. 18. Anything stand out? <$SYSTEM>=644256565E1E03221A – ;Framework Security File – ; – ;If you get locked out – ;Create a User in <vulnerable system> called “Redacted" – ;with a <vulnerable system> password of “Redacted" – ;add the following line below to the user section of this file – ;<$SYSTEM>=644256565E1E03221A – ;You can now logon as user <$SYSTEM> with a password of "mpco" – ;This block of comments should be removed for greater security – [Users] – Administrator=644256565E12172C1C1A061E1506081B0121 – Engineer=624A5E565E161D261C1A0A0813 – Technician=61465858111610291B1D0C04001A – Supervisor=65491C16151601371C07001F – Operator=61405E580A0316331400001F 18© 2011 EnerNex. All Rights Reserved. www.enernex.com
  19. 19. What is this? 64 42 56 56 5E 1E 03 22 1A M P C O 64 42 56 56 5E 12 17 2C 1C 1A 06 1E 15 06 08 1B 01 21 A D M I N I S T R A T O R 161D261C1A0A0813 1610291B1D0C04001A 1601371C07001F 0316331400001F 19© 2011 EnerNex. All Rights Reserved. www.enernex.com
  20. 20. Hope (help) I need your help: – IEEE (maybe an actual best practice?) – NESCOR – NIST-IR – ESC2M2 20© 2011 EnerNex. All Rights Reserved. www.enernex.com
  21. 21. The Solution 21© 2011 EnerNex. All Rights Reserved. www.enernex.com
  22. 22. Contact me Slade@EnerNex.com Twitter: @Slad3g LinkedIn: http://www.linkedin.com/in/mcgruff 22© 2011 EnerNex. All Rights Reserved. www.enernex.com

×