SlideShare a Scribd company logo

IBM's end-to-end security for smart grids

IBM Energy & Utilties
IBM Energy & Utilties

http://www.ibm.com/smarterplanet/us/en/smart_grid/article/cyber_security.html?cmp=agus_cxosp2gridsec-20100426&cm=c&csr=endsecurity&cr=slideshare&ct=usbrb401&cm_mmc=agus_cxosp2gridsec-20100426-usbrb401-_-c-_-endsecurity-_-slideshare IBM End-to-End Smart Grid Security Involving IT Security and Enterprise Asset Management

Technology
1 of 16
Download to read offline
White paper September 2009 IBM end-to-end security for smart grids
IBM end-to-end security for smart grids Page 2 Introduction Contents The electric grid has been providing reliable electric energy for decades. Comprised of generating, transmission, and distribution equipment along with 2 Introduction its associated control systems and operating staff, the electric grid is vital to 3 Why we need a smart grid 4 Security for the smart grid the world. And when it fails, civilization comes to a standstill. 5 How can IBM address The grid infrastructure has been subjected to minimal maintenance-mode smart grid security? 6 Security for the utility investment for decades, and it needs to be overhauled. An aging workforce, business rising energy costs, globalization, environmental issues, and terrorism or mali- 6 Security for advanced cious abuse of these systems threaten the grid’s sustainability. Security con- metering data manage- cerns for these critical infrastructures in North America and Europe have ment systems recently been heightened.1 8 Security for SCADA networks Around the globe, the reliability of the grid is governed by various entities: 10 Supporting Critical government mandates and commissions, industry consortiums, and regulatory Infrastructure Protection bodies. In December 2008, the U.S. Department of Energy (DOE) published a standards 14 Conclusion report on the nation’s goal to transform its energy grid into a more intelligent, 15 For more information resilient, reliable, secure, self-balancing, and interactive network.2 In March 2009, the U.S. Federal Energy Regulatory Commission (FERC) pro- posed a policy statement and action plan that provides guidance for the devel- opment of a smarter grid for the nation’s electric transmission system. This plan focuses on the development of key standards to achieve interoperability of smart grid devices and systems.3 An IBM white paper published five years ago concurs with these views of DOE and FERC to build smart grids.4 The Council of the European Union recently adopted a Council Directive for the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.5 While EU member states are responsible for policies regarding the security of energy facilities in
IBM end-to-end security for smart grids Page 3 their territories, the European Commission for Energy is responsible for Highlights developing pan-EU critical infrastructure protection policies and recommen- dations.6 In the UK, the Centre for the Protection of National Infrastructure (CPNI) is the government authority that provides protective security advice to businesses and organizations across the national infrastructure.7 This paper focuses on the security aspects of protecting the electric grid. It discusses the end-to-end security needs and solutions at various points in the smart grid chain. Security solutions related to the North American Electric Reliability Corporation – Critical Infrastructure Protection (NERC-CIP) requirements are used as examples of best-practice methods for securing the grid. In addition, this paper addresses security for remote device monitoring, Supervisory Control And Data Acquisition (SCADA) systems, and the Advanced Meter Infrastructure (AMI). The paper then explains how IBM soft- ware, hardware and services can help you meet these regulations and security requirements. Why we need a smart grid A smart grid applies a set of diverse The concept of a smart grid is the application of a set of diverse digital tech- digital technologies to enhance the nologies that enhance the value chain of the electric power industry. These value chain of the electric power digital technologies, comprised of new devices and applications, some of industry, improving not only man- which are Internet Protocol (IP) enabled, will aid in the sharing of informa- agement of energy flow but also tion and coordination of management of the generation, transmission, and dis- information exchange and equip- tribution aspects of the infrastructure across distributed energy resources. ment operation. Grid modernization will overhaul the energy industry, creating better visu- alization and control for operators. The application of digital technologies can help reduce peak demand through dynamic optimization, reduce operations and maintenance costs, integrate renewable sources of energy, improve grid reliability, and make transmission and distribution more efficient. Such effi- ciencies can be established only with smart devices and applications that enable a finer level of visibility, control and automation.
IBM end-to-end security for smart grids Page 4 On the residential front, consumers can be given more options to control Highlights home appliances and to derive on-demand information to better understand and manage their consumption. We need a smart grid to manage not only energy flow but also information exchange and equipment operation. Regulations imposed by governments or industry consortiums oversee the development and enforcement of reliability standards and monitor the bulk-power systems. The stakeholders of the elec- trical grid include independent service operators (ISOs), remote transmission operators (RTOs), various utilities, and consumers. Security for the smart grid Security is a vital element of any technology related to sensitive assets, and new technological advancements force organizations to face new security con- cerns and risks. When devices like smart meters are made more secure, their business value increases because organizations can respond dynamically and with confidence to new market opportunities or changing conditions. This allows for improved efficiency, reduced costs, and improved continuity of serv- ices. Robust security for the grid can have a tremendous positive impact, as a lack of security directly threatens the safety of the public and all of those who are affected by grid failures. A digital infrastructure can be more As an example, there is a global effort to transform the electric grid to a flexible and dynamic, but it can also digital infrastructure. A fundamental move like this is considered necessary in introduce new security vulnerabili- order to keep up with energy and utility operational demands while maintain- ties that threaten the safe and effi- ing or improving the bottom line. A digital infrastructure can be more flexible cient functioning of the grid. and dynamic; however, such a network may expose the critical infrastructure to additional security concerns such as unapproved access and cyber attacks.
IBM end-to-end security for smart grids Page 5 A lack of adequate security in the energy industry could pose threats of serv- ice disruption, which can impede safe and efficient functioning of the system. Added layers of security controls, policies, and procedures are necessary to help protect and manage the grid. The best approach to securing smart grids is to identify and quantify the risks across the entire value chain, develop the appropriate policies and con- trols to manage these risks, deploy the policies and controls, and then perform systematic, periodic reviews, including vulnerability testing. How can IBM address smart grid security? IBM has been very successful in providing security consulting, design, build, and managed services solutions for critical infrastructure in a wide range of demanding industries, including defense, financial services, and energy and utilities. IBM security solutions are based on the IBM Security Framework (see Figure 1), which defines an end-to-end approach to developing, deploying and supporting security solutions across domains of people, networks, applica- tions, data, and the physical plant. Figure 1: IBM takes a holistic approach to security through the IBM Security Framework.
IBM end-to-end security for smart grids Page 6 IBM has the technology and expertise to deploy end-to-end security solutions Highlights for smart grid implementations, and is committed to providing security solu- tions within the context of regulatory standards. IBM has the technology and expert- ise to deploy end-to-end security Security for the utility business solutions for smart grid implemen- In-depth IT security design principles state that better security management is tations, and is committed to provid- achieved when an entity is protected by not just one layer or one component, ing security solutions within the but by multiple, diverse mechanisms. These and many other IT security prin- context of regulatory standards. ciples are addressed by global IT security standards ISO 27002:2005 and ISO 15408. They cover areas such as defense-in-depth principles, trusted and consistent identities, authentication and access control, information flow con- trol, encryption of sensitive data at-rest and in-transit, audit and compliance, and resiliency. All energy and utility organizations should leverage these prin- ciples for their corporate business and IT infrastructures. Business applications can pose a serious security threat when accessed by unauthorized users. Applications can produce unintended results with mal- formed input data. Thus, utility applications must be immune to issues such as suspicious demand-response bids from a home, a negative meter reading, or more subtle but seemingly valid scenarios. IBM can help utilities scan applications with security penetration testing for vulnerabilities before they are deployed and while they are in operation. Security for advanced metering data management systems IBM is working with utilities to implement smart meters as a core component of a new intelligent utility network infrastructure that uses digital technology. Many meter vendors have implemented their own protocols between the smart meter and the head-end collectors to comply with the security requirements
IBM end-to-end security for smart grids Page 7 released by the Advanced Metering Infrastructure (AMI-SEC) Task Force.8 Highlights These security requirements take into account security standards from organi- zations such as NERC, IEC, and National Institute of Standards and Technology (NIST). Advanced meter management from While the jurisdiction between smart meters and the head-end collectors IBM is a cornerstone of the often lies with the meter vendor of choice, the utility meter network data is IBM Intelligent Utility Network fed into different business processes and applications such as meter demand solution suite. management, enterprise asset management, financial management, customer support, and outage management. IBM has been working with utility companies to rapidly adopt a service-oriented architecture (SOA) approach for such business processes and applications. Advanced meter management from IBM is a cornerstone of the IBM Intelligent Utility Network solution suite.9 The IBM Solution Architecture for IBM has also developed the Solution Architecture for Energy (SAFE), a Energy (SAFE) framework enables framework which enables integration across the enterprise with grid and dis- the utility to build and extend new tribution management, finance and administration, customer management, services to customers easily and human resources, and procurement. As shown in Figure 2, the enterprise por- cost-effectively through the effi- tion of SAFE is based on SOA, which enables the utility to build and extend cient flow of information across the new services to customers easily and cost-effectively through the efficient flow enterprise. of information across the enterprise. This architecture is intended to provide business applications and services that can securely interoperate with business partners, suppliers, regulators, and utility customers while securely maintain- ing the confidentiality, integrity, and accountability of data exchanged, and that can also link to embedded and operational systems.
IBM end-to-end security for smart grids Page 8 Figure 2: The IBM Solution Architecture for Energy (SAFE) framework for utilities enables secure integration across the enterprise. Security for SCADA systems IBM recognizes that security for the smart grid goes beyond the business and IT domains. Conventional enterprise IT security measures must be adapted and extended into the industrial process control systems, which involve a myr- iad of proprietary interfaces, protocols, and heterogeneous devices spread over a large geographic and governance space. The challenge for smart grid secu- rity is that there are two distinct spaces that must be bridged securely. The business enterprise operations of the energy utility often engage in data sharing that relies on the Internet as well as corporate intranets and extranets. Existing programmable logic controllers, remote terminal units (RTUs), and SCADA systems may have been designed with security based on physical isolation. Some utilities are using corporate intranets or even the Internet to access devices on the control systems in order to increase produc- tivity and offer seamless connectivity. These approaches require thoughtful analysis because they may introduce new security vulnerabilities.
IBM end-to-end security for smart grids Page 9 Industrial control systems security typically involves securing two different computing systems and networks. First, the operator consoles and applications that use commercial operating systems must be secured. These consoles are typically protected by enterprise role-based access control and governed by business-driven policy. Second, the process equipment control systems that receive commands, measure data, and generate actions and events must be secured. These field devices were designed to reside in isolated process-control networks, with the assumption that only a few, trusted operators would have the ability to access them. IP-enabling this field equipment into intelligent electronic devices (IEDs) allows for seamless remote control but can make the control infra- structure more vulnerable. Proper network demarcation and protection of net- works with appropriate security controls is essential for robust smart grid security (see Figure 3). SCADA network TRANSMISSION AND Meter to concentrator systems SUBSTATION SYSTEM Generating station DISTRIBUTION SYSTEM Step-down Residential substation WIRELESS customer COMMUNICATIONS LINK Utility Commercial customer Concentrator Concentrator WIRELESS Substation remote COMMUNICATIONS LINK Advanced metering data monitoring equipment management system Utility communication link Figure 3: Robust smart grid security addresses security focus points all along the utility value chain.
IBM end-to-end security for smart grids Page 10 IBM participates in open security standards committees and embraces these Highlights standards to facilitate integration with industry-leading components, including integration with different end-point devices and with independent service ven- dors (ISVs) who are helping to create successful solutions. This is essential for SCADA security where there are several players that comprise the process control grid equipment. Remote device monitoring is the key to enhancing the reliability of the grid. The substations along the electricity supply chain contain many RTUs or IEDs. However, the monitored data from these substations can only be relied upon if the integrity of the data is assured by the security of the substation equipment. Currently, there is a need to perform case-by-case technical assessments of vendor products, studying the interfaces they expose and the protocols they use so that their security can be assured within the greater cyber security context. Security for such devices is being standardized accord- ing to the IEC/TS 62351 and 62443 standards. IBM’s IT security capabilities can be As more standardization occurs in smart grids, the process control networks used for remote device monitoring, can benefit from lessons learned from IT networks running business applica- along with enterprise asset tions. This allows for some Internet technologies to be applied for remote management software and grid device monitoring where applicable. Timing and deterministic properties have operations. to be evaluated so security does not disrupt the prime mission of these sys- tems. IBM’s IT security capabilities can be used for remote device monitoring, along with enterprise asset management software and grid operations. Supporting Critical Infrastructure Protection standards Most countries have developed mandatory reliability standards applicable to all energy-producing and transmitting utilities, like the NERC Critical Infrastructure Protection (CIP) standard in North America.10 One area of regu- latory reliability specifically addresses protecting electric grid bulk-power cyber assets.
IBM end-to-end security for smart grids Page 11 IBM can help utilities comply with critical infrastructure protection stan- Highlights dards like the ones listed in NERC CIP-001 through CIP-009 by applying security offerings at consulting, design, development, build, and operational IBM can help utilities comply with levels. Leveraging the IBM Security Framework infuses security into the critical infrastructure protection lifecycle of energy management software and the networking of field standards such as NERC-CIP by control devices. applying a range of industry- leading security solutions. Sabotage Reporting (CIP-001) – NERC provides directives and proce- dures for detection, recognition and reporting of sabotage events. It specifies procedures for communications to appropriate parties and local authorities. It expects security monitoring tools to provide near real-time notifications for reporting. IBM solutions enable the utility to continuously monitor security violations during operations, as well as detect out-of-compliance conditions. These products can even help track user activity for privileged users, includ- ing physical location, deterring insider attacks. Critical Cyber Asset Identification (CIP-002) – NERC has recognized the need for identification and documentation of critical cyber assets. Identifying these assets and their relationships helps lay the foundation for applying security principles within each asset’s function as well as communi- cations between the asset and other assets in the grid value chain. IBM can assist in building an integrated asset management solution. Security Management Controls (CIP-003) – This directive calls for responsible organizations to document and implement a cyber security policy to represent the company’s commitment to security and their ability to secure critical cyber assets. IBM can assist with a comprehensive cyber security solu- tion with functions like policy management, authentication and authorization
IBM end-to-end security for smart grids Page 12 of grid systems commands, protection and inspection of all XML traffic across Highlights network boundaries, management of keys used in encryption of data stored on tapes and disk, enablement of change management processes for configuration changes to cyber assets, comparison of activity logs against security policies, and provision of centralized identity, access, attestation and audit services. Personnel & Training (CIP-004) – With this directive, NERC defines the obligations of utility management to conduct thorough personnel risk assess- ments in accordance with federal, state, provincial, and local laws. All person- nel having authorized cyber access or authorized unescorted physical access to critical cyber assets as well as field assets must get access on a “need-to- know” basis. IBM solutions can help oversee the entire process of managing personnel risk assessments, including enrollment, proofing, and background checks as part of the identity vetting process. IBM also provides tools for man- aging learning/training programs. Electronic Security Perimeter (CIP-005) – According to NERC, the util- ity is responsible for ensuring that every critical cyber asset resides within an electronic security perimeter. This perimeter needs to be identified and all access points to it need to be identified, documented, and controlled. IBM solutions for intrusion and anomaly detection can not only protect IT networks from worms, malware and viruses, but also monitor traffic between intelligent field devices for signs of suspicious activity. IBM’s command and control center Physical Security of Critical Cyber Assets (CIP-006) – This directive solution provides advanced physi- defines the physical security of a critical cyber asset as being comprised of five cal security integration, enabling distinct elements: deterrence, detection, assessment, communications, and organizations to control, monitor and maintain disparate security systems and assets through a sin- gle interface.
IBM end-to-end security for smart grids Page 13 response. IBM’s command and control center solution provides advanced Highlights physical security integration, enabling organizations to control, monitor and maintain disparate security systems and assets through a single interface. Systems Security Management (CIP-007) – This item in the standard directs security management and testing procedures, patch management, account management, and vulnerability analysis. Organizations need to ensure that new cyber assets and significant changes to existing cyber assets within the electronic security perimeter do not adversely affect existing cyber security controls. IBM provides a comprehensive management suite that provides uniform patch management for heterogeneous platforms, change and configuration management, intrusion detection and analysis, authoring and enforcement of strict identity provisioning policies, vulnerability testing for applications, con- solidated logging, event correlation, dashboards for visualization, and escala- tion mechanisms. IBM’s service, incident, and prob- Incident Reporting and Response Planning (CIP-008) – This directive lem management capabilities help calls for the IT and process-control operations to develop and maintain a manage processes for security inci- cyber security incident response plan, documenting procedures to classify and dents with a well-documented, escalate events and report security incidents to authorities. IBM’s service, repeatable workflow. incident, and problem management capabilities help manage processes for security incidents with a well-documented, repeatable workflow. Recovery Plans for Critical Cyber Assets (CIP-009) – Standard CIP-009 ensures that recovery plans are put in place for critical cyber assets and that these plans follow established business continuity and disaster
IBM end-to-end security for smart grids Page 14 recovery techniques and practices. IBM’s asset management solutions enable Highlights services delivery and support processes for the most dynamic IT infrastruc- tures, ensuring business resilience and promoting faster recovery during IBM enables a holistic approach to failures. grid security, providing hardware, software, and services that build on Conclusion an integrated security framework to IBM’s holistic approach to grid security is about not only the comprehensive deliver comprehensive capabilities. set of capabilities listed above, but the ability to build on our common secu- rity framework, integrating and optimizing the built-in security features of IBM hardware, software and service offerings while providing a platform for other ISV security products as well (see Figure 4). Figure 4: The IBM Security Framework integrates IBM hardware, software, and services while providing a platform for other ISV security products.
IBM end-to-end security for smart grids Page 15 IBM provides a comprehensive set of products and consulting, design, deploy- ment, and managed service offerings to help comply with NERC-CIP security requirements and other industry regulations. IBM also has the expertise to implement the 21 steps recommended by the DOE for SCADA security.11 IBM has a proven track record in securing our nation’s most critical infra- structures including military, banking, stock markets, and utilities. IBM is unique in its ability to provide an unparalleled breadth and depth of technol- ogy, services, and scalability for proven, quantifiable results. For more information To learn more about how IBM solutions can help your organization meet security regulations and requirements, contact your IBM representative or IBM Business Partner, or visit: ibm.com/security and ibm.com/energy
© Copyright IBM Corporation 2009 IBM Corporation Software Group Route 100 Somers, NY 10589 U.S.A. Produced in the United States of America September 2009 All Rights Reserved IBM, the IBM logo, and ibm.com are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both. If these and other IBM trademarked terms are marked on their first occurrence in this information with a trademark symbol (® or ™), these symbols indicate U.S. registered or common law trademarks owned by IBM at the time this information was published. Such trademarks may also be registered or common law trademarks in other countries. A current list of 4 Callahan, Stephen J., “Rebuilding the grid,” IBM trademarks is available on the Web at IBM. April, 2004. www-935.ibm.com/services/ “Copyright and trademark information” at in/igs/pdf/ge510-3587-00f-rebuild-grid.pdf ibm.com/legal/copytrade.shtml The customer is responsible for ensuring 5 Council Directive 2008/114/EC, Official Journal compliance with legal requirements. It is the Other company, product and service names of the European Union. December 2008. customer’s sole responsibility to obtain advice of may be trademarks or service marks of others. http://eur-lex.europa.eu/LexUriServ/LexUriServ. competent legal counsel as to the identification do?uri=OJ:L:2008:345:0075:0082:EN:PDF References in this publication to IBM products and interpretation of any relevant laws and and services do not imply that IBM intends to 6 European Commission, Energy, Critical regulatory requirements that may affect the make them available in all countries in which Infrastructure Protection. http://ec.europa.eu/ customer’s business and any actions the IBM operates. energy/infrastructure/critical_en.htm customer may need to take to comply with such No part of this document may be reproduced or laws. IBM does not provide legal advice or 7 Centre for the Protection of National transmitted in any form without written represent or warrant that its services or Infrastructure. www.cpni.gov.uk permission from IBM Corporation. products will ensure that the customer is in 8 AMI System Security Requirements V1.01, Product data has been reviewed for accuracy compliance with any law or regulation. UCAIUG: AMI-SEC-ASAP. December 17, 2008. as of the date of initial publication. Product data 1 Gorman, Siobhan, “Electricity Grid in U.S. www.controlsystemsroadmap.net/pdfs/ is subject to change without notice. Any Penetrated by Spies,” The Wall Street Journal. AMI_System_Security_Requirements- statements regarding IBM’s future direction and April 8, 2009. http://online.wsj.com/ v1_01-1.pdf intent are subject to change or withdrawal article_email/SB123914805204099085- 9 “Smarter Grids for a Smarter Planet: IBM’s without notice, and represent goals and lMyQjAxMDI5MzA5ODEwNDg4Wj.html Intelligent Utility Network Solutions,” objectives only. 2 “Smart Grid: Enabler of the New Energy IBM. May 28, 2009. THE INFORMATION PROVIDED IN THIS Economy,” The Electricity Advisory https://www950.ibm.com/events/wwe/grp/ DOCUMENT IS DISTRIBUTED “AS IS” Committee of the U.S. Department of Energy. grp018.nsf/vLookupPDFs/T2_4_Smarter_Grids/ WITHOUT ANY WARRANTY, EITHER EXPRESS December 2008. Guido Bartels, IBM General $file/T2_4_Smarter_Grids.pdf OR IMPLIED. IBM EXPRESSLY DISCLAIMS Manager, Energy & Utilities Industry and 10 North American Electric Reliability Corporation, ANY WARRANTIES OF MERCHANTABILITY, Chairman, Gridwise Alliance, provided key Reliability Standards, Critical Infrastructure FITNESS FOR A PARTICULAR PURPOSE leadership for this paper. www.oe.energy.gov/ Protection (CIP). www.nerc.com/page.php? OR NON-INFRINGEMENT. IBM products DocumentsandMedia/final-smart-grid-report.pdf cid=2|20 are warranted according to the terms 3 “FERC accelerates Smart Grid development 11 “21 Steps to Improve Cyber Security of SCADA and conditions of the agreements with proposed policy, action plan,” Networks,” The President’s Critical Infrastructure (e.g. IBM Customer Agreement, Statement Federal Energy Regulatory Commission. Protection Board, U.S. Department of Energy. of Limited Warranty, International Program March 19, 2009. www.ferc.gov/news/ www.oe.netl.doe.gov/docs/prepare/ License Agreement, etc.) under which they news-releases/2009/2009-1/03-19-09.asp 21stepsbooklet.pdf are provided. TIW14041-USEN-00

Recommended

Thesis Body
Thesis BodyThesis Body
Thesis Bodyapoorvkhare
 
Security of the Electric Grid: It's more than just NERC CIP
Security of the Electric Grid: It's more than just NERC CIPSecurity of the Electric Grid: It's more than just NERC CIP
Security of the Electric Grid: It's more than just NERC CIPEnergySec
 
Security and smart grid what you need to know john chowdhury 2012 final
Security and smart grid what you need to know john chowdhury 2012 finalSecurity and smart grid what you need to know john chowdhury 2012 final
Security and smart grid what you need to know john chowdhury 2012 finalJohn Chowdhury
 
Converge IT Siemon
Converge IT SiemonConverge IT Siemon
Converge IT Siemonmattknowles
 
Smart grid implementation challenges in ghana
Smart grid implementation challenges in ghanaSmart grid implementation challenges in ghana
Smart grid implementation challenges in ghanaEmmanuel Attah Marfo
 
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...Leonardo ENERGY
 
Todays Mobile Cybersecurity
Todays Mobile CybersecurityTodays Mobile Cybersecurity
Todays Mobile CybersecurityVivastream
 
Smart ppts22222222222grid
Smart ppts22222222222gridSmart ppts22222222222grid
Smart ppts22222222222gridavvariharish
 

Recommended

Thesis Body
Thesis BodyThesis Body
Thesis Bodyapoorvkhare
 
Security of the Electric Grid: It's more than just NERC CIP
Security of the Electric Grid: It's more than just NERC CIPSecurity of the Electric Grid: It's more than just NERC CIP
Security of the Electric Grid: It's more than just NERC CIPEnergySec
 
Security and smart grid what you need to know john chowdhury 2012 final
Security and smart grid what you need to know john chowdhury 2012 finalSecurity and smart grid what you need to know john chowdhury 2012 final
Security and smart grid what you need to know john chowdhury 2012 finalJohn Chowdhury
 
Converge IT Siemon
Converge IT SiemonConverge IT Siemon
Converge IT Siemonmattknowles
 
Smart grid implementation challenges in ghana
Smart grid implementation challenges in ghanaSmart grid implementation challenges in ghana
Smart grid implementation challenges in ghanaEmmanuel Attah Marfo
 
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...Leonardo ENERGY
 
Todays Mobile Cybersecurity
Todays Mobile CybersecurityTodays Mobile Cybersecurity
Todays Mobile CybersecurityVivastream
 
Smart ppts22222222222grid
Smart ppts22222222222gridSmart ppts22222222222grid
Smart ppts22222222222gridavvariharish
 
Cybersecurity for Smart Grids: Technical Approaches to Provide Cybersecurity
Cybersecurity for Smart Grids: Technical Approaches to Provide CybersecurityCybersecurity for Smart Grids: Technical Approaches to Provide Cybersecurity
Cybersecurity for Smart Grids: Technical Approaches to Provide CybersecurityLeonardo ENERGY
 
Nreca kickoff meeting
Nreca kickoff meetingNreca kickoff meeting
Nreca kickoff meetingCharles "Chuck" Speicher Jr.
 
Cyber security in Smart grid system
Cyber security in Smart grid systemCyber security in Smart grid system
Cyber security in Smart grid systemamaljose949563
 
Cps sec sg sg2017 conf_iran
Cps sec sg sg2017 conf_iranCps sec sg sg2017 conf_iran
Cps sec sg sg2017 conf_iranAhmadreza Ghaznavi
 
Main report
Main reportMain report
Main reportmandarkatti29
 
Smart Grid Overvoltage Protection
Smart Grid Overvoltage ProtectionSmart Grid Overvoltage Protection
Smart Grid Overvoltage ProtectionMike Nager
 
IRJET-Comparative Study on Evolution of State of Art Practices on Smart Grid ...
IRJET-Comparative Study on Evolution of State of Art Practices on Smart Grid ...IRJET-Comparative Study on Evolution of State of Art Practices on Smart Grid ...
IRJET-Comparative Study on Evolution of State of Art Practices on Smart Grid ...IRJET Journal
 
Cybersecurity Considerations for Power Substation SCADA Systems Using IEC 618...
Cybersecurity Considerations for Power Substation SCADA Systems Using IEC 618...Cybersecurity Considerations for Power Substation SCADA Systems Using IEC 618...
Cybersecurity Considerations for Power Substation SCADA Systems Using IEC 618...Power System Operation
 
Smart grid security
Smart grid securitySmart grid security
Smart grid securityAhmadreza Ghaznavi
 
Cisco Connected Grid Solutions
Cisco Connected Grid SolutionsCisco Connected Grid Solutions
Cisco Connected Grid SolutionsAmos Simoes
 
Salsa20 based lightweight security scheme for smart meter communication in sm...
Salsa20 based lightweight security scheme for smart meter communication in sm...Salsa20 based lightweight security scheme for smart meter communication in sm...
Salsa20 based lightweight security scheme for smart meter communication in sm...TELKOMNIKA JOURNAL
 
Agile fractal grid 7-11-14
Agile fractal grid 7-11-14Agile fractal grid 7-11-14
Agile fractal grid 7-11-14Charles "Chuck" Speicher Jr.
 
CYBER SECURITY IN THE SMART GRID
CYBER SECURITY IN THE SMART GRIDCYBER SECURITY IN THE SMART GRID
CYBER SECURITY IN THE SMART GRIDSiva Sasthri
 
Dynamic lightning protection system
Dynamic lightning protection systemDynamic lightning protection system
Dynamic lightning protection systemRahul Goyal
 
Aa4101160164
Aa4101160164Aa4101160164
Aa4101160164IJERA Editor
 
Smart Grid Introduction
Smart Grid Introduction Smart Grid Introduction
Smart Grid Introduction Nilesh Dhage
 
Wide area network in smart grid kundan
Wide area network in smart grid kundanWide area network in smart grid kundan
Wide area network in smart grid kundanKundan Kumar
 
Medical grade network_campus
Medical grade network_campusMedical grade network_campus
Medical grade network_campusJonathan Dender
 
Infrastructure Solutions for Commercial Properties and Developers
Infrastructure Solutions for Commercial Properties and DevelopersInfrastructure Solutions for Commercial Properties and Developers
Infrastructure Solutions for Commercial Properties and DevelopersMestizo Enterprises
 
iDirect's solution for electric ulities
iDirect's solution for electric ulitiesiDirect's solution for electric ulities
iDirect's solution for electric ulitiesJoshua Cohen
 
The next smartgrid
The next smartgridThe next smartgrid
The next smartgridgoalseek
 
IBM Capabilities and Key Relationships
IBM Capabilities and Key RelationshipsIBM Capabilities and Key Relationships
IBM Capabilities and Key Relationshipsmczapata
 

More Related Content

What's hot

Cybersecurity for Smart Grids: Technical Approaches to Provide Cybersecurity
Cybersecurity for Smart Grids: Technical Approaches to Provide CybersecurityCybersecurity for Smart Grids: Technical Approaches to Provide Cybersecurity
Cybersecurity for Smart Grids: Technical Approaches to Provide CybersecurityLeonardo ENERGY
 
Cyber security in Smart grid system
Cyber security in Smart grid systemCyber security in Smart grid system
Cyber security in Smart grid systemamaljose949563
 
Smart Grid Overvoltage Protection
Smart Grid Overvoltage ProtectionSmart Grid Overvoltage Protection
Smart Grid Overvoltage ProtectionMike Nager
 
IRJET-Comparative Study on Evolution of State of Art Practices on Smart Grid ...
IRJET-Comparative Study on Evolution of State of Art Practices on Smart Grid ...IRJET-Comparative Study on Evolution of State of Art Practices on Smart Grid ...
IRJET-Comparative Study on Evolution of State of Art Practices on Smart Grid ...IRJET Journal
 
Cybersecurity Considerations for Power Substation SCADA Systems Using IEC 618...
Cybersecurity Considerations for Power Substation SCADA Systems Using IEC 618...Cybersecurity Considerations for Power Substation SCADA Systems Using IEC 618...
Cybersecurity Considerations for Power Substation SCADA Systems Using IEC 618...Power System Operation
 
Cisco Connected Grid Solutions
Cisco Connected Grid SolutionsCisco Connected Grid Solutions
Cisco Connected Grid SolutionsAmos Simoes
 
Salsa20 based lightweight security scheme for smart meter communication in sm...
Salsa20 based lightweight security scheme for smart meter communication in sm...Salsa20 based lightweight security scheme for smart meter communication in sm...
Salsa20 based lightweight security scheme for smart meter communication in sm...TELKOMNIKA JOURNAL
 
CYBER SECURITY IN THE SMART GRID
CYBER SECURITY IN THE SMART GRIDCYBER SECURITY IN THE SMART GRID
CYBER SECURITY IN THE SMART GRIDSiva Sasthri
 
Dynamic lightning protection system
Dynamic lightning protection systemDynamic lightning protection system
Dynamic lightning protection systemRahul Goyal
 
Smart Grid Introduction
Smart Grid Introduction Smart Grid Introduction
Smart Grid Introduction Nilesh Dhage
 
Wide area network in smart grid kundan
Wide area network in smart grid kundanWide area network in smart grid kundan
Wide area network in smart grid kundanKundan Kumar
 
Medical grade network_campus
Medical grade network_campusMedical grade network_campus
Medical grade network_campusJonathan Dender
 
Infrastructure Solutions for Commercial Properties and Developers
Infrastructure Solutions for Commercial Properties and DevelopersInfrastructure Solutions for Commercial Properties and Developers
Infrastructure Solutions for Commercial Properties and DevelopersMestizo Enterprises
 
iDirect's solution for electric ulities
iDirect's solution for electric ulitiesiDirect's solution for electric ulities
iDirect's solution for electric ulitiesJoshua Cohen
 

What's hot (20)

Cybersecurity for Smart Grids: Technical Approaches to Provide Cybersecurity
Cybersecurity for Smart Grids: Technical Approaches to Provide CybersecurityCybersecurity for Smart Grids: Technical Approaches to Provide Cybersecurity
Cybersecurity for Smart Grids: Technical Approaches to Provide Cybersecurity
 
Nreca kickoff meeting
Nreca kickoff meetingNreca kickoff meeting
Nreca kickoff meeting
 
Cyber security in Smart grid system
Cyber security in Smart grid systemCyber security in Smart grid system
Cyber security in Smart grid system
 
Cps sec sg sg2017 conf_iran
Cps sec sg sg2017 conf_iranCps sec sg sg2017 conf_iran
Cps sec sg sg2017 conf_iran
 
Main report
Main reportMain report
Main report
 
Smart Grid Overvoltage Protection
Smart Grid Overvoltage ProtectionSmart Grid Overvoltage Protection
Smart Grid Overvoltage Protection
 
IRJET-Comparative Study on Evolution of State of Art Practices on Smart Grid ...
IRJET-Comparative Study on Evolution of State of Art Practices on Smart Grid ...IRJET-Comparative Study on Evolution of State of Art Practices on Smart Grid ...
IRJET-Comparative Study on Evolution of State of Art Practices on Smart Grid ...
 
Cybersecurity Considerations for Power Substation SCADA Systems Using IEC 618...
Cybersecurity Considerations for Power Substation SCADA Systems Using IEC 618...Cybersecurity Considerations for Power Substation SCADA Systems Using IEC 618...
Cybersecurity Considerations for Power Substation SCADA Systems Using IEC 618...
 
Smart grid security
Smart grid securitySmart grid security
Smart grid security
 
Cisco Connected Grid Solutions
Cisco Connected Grid SolutionsCisco Connected Grid Solutions
Cisco Connected Grid Solutions
 
Salsa20 based lightweight security scheme for smart meter communication in sm...
Salsa20 based lightweight security scheme for smart meter communication in sm...Salsa20 based lightweight security scheme for smart meter communication in sm...
Salsa20 based lightweight security scheme for smart meter communication in sm...
 
Agile fractal grid 7-11-14
Agile fractal grid 7-11-14Agile fractal grid 7-11-14
Agile fractal grid 7-11-14
 
CYBER SECURITY IN THE SMART GRID
CYBER SECURITY IN THE SMART GRIDCYBER SECURITY IN THE SMART GRID
CYBER SECURITY IN THE SMART GRID
 
Dynamic lightning protection system
Dynamic lightning protection systemDynamic lightning protection system
Dynamic lightning protection system
 
Aa4101160164
Aa4101160164Aa4101160164
Aa4101160164
 
Smart Grid Introduction
Smart Grid Introduction Smart Grid Introduction
Smart Grid Introduction
 
Wide area network in smart grid kundan
Wide area network in smart grid kundanWide area network in smart grid kundan
Wide area network in smart grid kundan
 
Medical grade network_campus
Medical grade network_campusMedical grade network_campus
Medical grade network_campus
 
Infrastructure Solutions for Commercial Properties and Developers
Infrastructure Solutions for Commercial Properties and DevelopersInfrastructure Solutions for Commercial Properties and Developers
Infrastructure Solutions for Commercial Properties and Developers
 
iDirect's solution for electric ulities
iDirect's solution for electric ulitiesiDirect's solution for electric ulities
iDirect's solution for electric ulities
 

Viewers also liked

The next smartgrid
The next smartgridThe next smartgrid
The next smartgridgoalseek
 
IBM Capabilities and Key Relationships
IBM Capabilities and Key RelationshipsIBM Capabilities and Key Relationships
IBM Capabilities and Key Relationshipsmczapata
 
Paladin SmartGrid Marketing Plan Rev 04c
Paladin SmartGrid Marketing Plan Rev 04cPaladin SmartGrid Marketing Plan Rev 04c
Paladin SmartGrid Marketing Plan Rev 04cKen Wood
 
Rashik Parmar, President IBM Academy of Technology - Dubai Smart Cities Foru...
Rashik Parmar, President IBM Academy of Technology - Dubai Smart Cities Foru...Rashik Parmar, President IBM Academy of Technology - Dubai Smart Cities Foru...
Rashik Parmar, President IBM Academy of Technology - Dubai Smart Cities Foru...Mohammed Bin Rashid School of Government
 
Microgrid / Smartgrid Research Facility US Department of Energy, Energy Syste...
Microgrid / Smartgrid Research Facility US Department of Energy, Energy Syste...Microgrid / Smartgrid Research Facility US Department of Energy, Energy Syste...
Microgrid / Smartgrid Research Facility US Department of Energy, Energy Syste...AEI / Affiliated Engineers
 
From Big to Smart Data - Smart Data Innovation Lab Overview
From Big to Smart Data - Smart Data Innovation Lab OverviewFrom Big to Smart Data - Smart Data Innovation Lab Overview
From Big to Smart Data - Smart Data Innovation Lab OverviewPlamen Kiradjiev
 
Gov2020: A Peek into the Future of Government
Gov2020: A Peek into the Future of GovernmentGov2020: A Peek into the Future of Government
Gov2020: A Peek into the Future of GovernmentDeloitte United States
 
Smart City Concept Presentation (2001)
Smart City Concept Presentation (2001)Smart City Concept Presentation (2001)
Smart City Concept Presentation (2001)Nirvesh Sooful
 
Day 1 Session 2: IBM @ Selangor Smart City Intl Conference 2016
Day 1 Session 2: IBM @ Selangor Smart City Intl Conference 2016Day 1 Session 2: IBM @ Selangor Smart City Intl Conference 2016
Day 1 Session 2: IBM @ Selangor Smart City Intl Conference 2016sitecmy
 
Technology Smart City Opportunity - India
Technology Smart City Opportunity - IndiaTechnology Smart City Opportunity - India
Technology Smart City Opportunity - IndiaZinnov
 
Smart cities, sustainable cities, city branding and lean start up methodology...
Smart cities, sustainable cities, city branding and lean start up methodology...Smart cities, sustainable cities, city branding and lean start up methodology...
Smart cities, sustainable cities, city branding and lean start up methodology...SmartCitiesTeam
 
Smart Industry 4.0: IBM Watson IoT in de praktijk
Smart Industry 4.0: IBM Watson IoT in de praktijkSmart Industry 4.0: IBM Watson IoT in de praktijk
Smart Industry 4.0: IBM Watson IoT in de praktijkIoT Academy
 
Iot for smart city
Iot for smart cityIot for smart city
Iot for smart citysanalkumar k
 
Tech Trends 2017: The kinetic enterprise
Tech Trends 2017: The kinetic enterpriseTech Trends 2017: The kinetic enterprise
Tech Trends 2017: The kinetic enterpriseDeloitte United States
 
India smart city opportunity
India smart city opportunityIndia smart city opportunity
India smart city opportunityZinnov
 

Viewers also liked (18)

The next smartgrid
The next smartgridThe next smartgrid
The next smartgrid
 
IBM Capabilities and Key Relationships
IBM Capabilities and Key RelationshipsIBM Capabilities and Key Relationships
IBM Capabilities and Key Relationships
 
Paladin SmartGrid Marketing Plan Rev 04c
Paladin SmartGrid Marketing Plan Rev 04cPaladin SmartGrid Marketing Plan Rev 04c
Paladin SmartGrid Marketing Plan Rev 04c
 
Deloitte Workshop - Beyond BRIC
Deloitte Workshop - Beyond BRICDeloitte Workshop - Beyond BRIC
Deloitte Workshop - Beyond BRIC
 
Rashik Parmar, President IBM Academy of Technology - Dubai Smart Cities Foru...
Rashik Parmar, President IBM Academy of Technology - Dubai Smart Cities Foru...Rashik Parmar, President IBM Academy of Technology - Dubai Smart Cities Foru...
Rashik Parmar, President IBM Academy of Technology - Dubai Smart Cities Foru...
 
Microgrid / Smartgrid Research Facility US Department of Energy, Energy Syste...
Microgrid / Smartgrid Research Facility US Department of Energy, Energy Syste...Microgrid / Smartgrid Research Facility US Department of Energy, Energy Syste...
Microgrid / Smartgrid Research Facility US Department of Energy, Energy Syste...
 
Smartgrid
SmartgridSmartgrid
Smartgrid
 
G.E.T. Smart - Smart Grid: IBM Presentation
G.E.T. Smart - Smart Grid: IBM PresentationG.E.T. Smart - Smart Grid: IBM Presentation
G.E.T. Smart - Smart Grid: IBM Presentation
 
From Big to Smart Data - Smart Data Innovation Lab Overview
From Big to Smart Data - Smart Data Innovation Lab OverviewFrom Big to Smart Data - Smart Data Innovation Lab Overview
From Big to Smart Data - Smart Data Innovation Lab Overview
 
Gov2020: A Peek into the Future of Government
Gov2020: A Peek into the Future of GovernmentGov2020: A Peek into the Future of Government
Gov2020: A Peek into the Future of Government
 
Smart City Concept Presentation (2001)
Smart City Concept Presentation (2001)Smart City Concept Presentation (2001)
Smart City Concept Presentation (2001)
 
Day 1 Session 2: IBM @ Selangor Smart City Intl Conference 2016
Day 1 Session 2: IBM @ Selangor Smart City Intl Conference 2016Day 1 Session 2: IBM @ Selangor Smart City Intl Conference 2016
Day 1 Session 2: IBM @ Selangor Smart City Intl Conference 2016
 
Technology Smart City Opportunity - India
Technology Smart City Opportunity - IndiaTechnology Smart City Opportunity - India
Technology Smart City Opportunity - India
 
Smart cities, sustainable cities, city branding and lean start up methodology...
Smart cities, sustainable cities, city branding and lean start up methodology...Smart cities, sustainable cities, city branding and lean start up methodology...
Smart cities, sustainable cities, city branding and lean start up methodology...
 
Smart Industry 4.0: IBM Watson IoT in de praktijk
Smart Industry 4.0: IBM Watson IoT in de praktijkSmart Industry 4.0: IBM Watson IoT in de praktijk
Smart Industry 4.0: IBM Watson IoT in de praktijk
 
Iot for smart city
Iot for smart cityIot for smart city
Iot for smart city
 
Tech Trends 2017: The kinetic enterprise
Tech Trends 2017: The kinetic enterpriseTech Trends 2017: The kinetic enterprise
Tech Trends 2017: The kinetic enterprise
 
India smart city opportunity
India smart city opportunityIndia smart city opportunity
India smart city opportunity
 

Similar to IBM's end-to-end security for smart grids

Security for Smartgrid
Security for SmartgridSecurity for Smartgrid
Security for SmartgridGruene-it.org
 
SMART GRID – AN INTRODUCTION
SMART GRID – AN INTRODUCTIONSMART GRID – AN INTRODUCTION
SMART GRID – AN INTRODUCTIONIAEME Publication
 
SmartGrid System Report
SmartGrid System ReportSmartGrid System Report
SmartGrid System ReportGruene-it.org
 
Importance of Measurements in Smart Grid
Importance of Measurements in Smart GridImportance of Measurements in Smart Grid
Importance of Measurements in Smart GridIJERD Editor
 
Standards based security for energy utilities
Standards based security for energy utilitiesStandards based security for energy utilities
Standards based security for energy utilitiesNirmal Thaliyil
 
A_Review_of_Cybersecurity_in_Grid-Connected_Power_Electronics_Converters_Vuln...
A_Review_of_Cybersecurity_in_Grid-Connected_Power_Electronics_Converters_Vuln...A_Review_of_Cybersecurity_in_Grid-Connected_Power_Electronics_Converters_Vuln...
A_Review_of_Cybersecurity_in_Grid-Connected_Power_Electronics_Converters_Vuln...nilesh405711
 
Creating a Reliable and Secure Advanced Distribution Management System
Creating a Reliable and Secure Advanced Distribution Management SystemCreating a Reliable and Secure Advanced Distribution Management System
Creating a Reliable and Secure Advanced Distribution Management SystemSchneider Electric
 
Modeling and Simulation of the Communication Networks in.docx
Modeling and Simulation of the Communication Networks in.docxModeling and Simulation of the Communication Networks in.docx
Modeling and Simulation of the Communication Networks in.docxannandleola
 
Protection Scheme in Generation Network
Protection Scheme in Generation NetworkProtection Scheme in Generation Network
Protection Scheme in Generation NetworkIRJET Journal
 
Software defined network based smart grid communication
Software defined network based smart grid communicationSoftware defined network based smart grid communication
Software defined network based smart grid communicationHaider Tarish Haider
 
Smart Grid The Role of Electricity Infrastructure in Reducing Greenhouse Gas ...
Smart Grid The Role of Electricity Infrastructure in Reducing Greenhouse Gas ...Smart Grid The Role of Electricity Infrastructure in Reducing Greenhouse Gas ...
Smart Grid The Role of Electricity Infrastructure in Reducing Greenhouse Gas ...Gruene-it.org
 
SECURING FUTURE CONNECTIVITY: An Extensive Analysis on 5G Network Security
SECURING FUTURE CONNECTIVITY: An Extensive Analysis on 5G Network SecuritySECURING FUTURE CONNECTIVITY: An Extensive Analysis on 5G Network Security
SECURING FUTURE CONNECTIVITY: An Extensive Analysis on 5G Network SecurityIRJET Journal
 
Running head SMART GRID .docx
Running head SMART GRID .docxRunning head SMART GRID .docx
Running head SMART GRID .docxtodd521
 
White paper scada (2)
White paper scada (2)White paper scada (2)
White paper scada (2)Ivan Carmona
 
Dhana Raj Markandu: Control System Cybersecurity - Challenges in a New Energy...
Dhana Raj Markandu: Control System Cybersecurity - Challenges in a New Energy...Dhana Raj Markandu: Control System Cybersecurity - Challenges in a New Energy...
Dhana Raj Markandu: Control System Cybersecurity - Challenges in a New Energy...Dhana Raj Markandu
 
Smart Grid Technology Paper (SGT) SM54
Smart Grid Technology Paper (SGT) SM54Smart Grid Technology Paper (SGT) SM54
Smart Grid Technology Paper (SGT) SM54Subhash Mahla
 
Smart Grid Technology - The Future of Power Network: A Review
Smart Grid Technology - The Future of Power Network: A ReviewSmart Grid Technology - The Future of Power Network: A Review
Smart Grid Technology - The Future of Power Network: A ReviewIRJET Journal
 

Similar to IBM's end-to-end security for smart grids (20)

Security for Smartgrid
Security for SmartgridSecurity for Smartgrid
Security for Smartgrid
 
Agile Fractal Grid - 7-11-14
Agile Fractal Grid - 7-11-14Agile Fractal Grid - 7-11-14
Agile Fractal Grid - 7-11-14
 
SMART GRID – AN INTRODUCTION
SMART GRID – AN INTRODUCTIONSMART GRID – AN INTRODUCTION
SMART GRID – AN INTRODUCTION
 
SmartGrid System Report
SmartGrid System ReportSmartGrid System Report
SmartGrid System Report
 
Importance of Measurements in Smart Grid
Importance of Measurements in Smart GridImportance of Measurements in Smart Grid
Importance of Measurements in Smart Grid
 
Standards based security for energy utilities
Standards based security for energy utilitiesStandards based security for energy utilities
Standards based security for energy utilities
 
A_Review_of_Cybersecurity_in_Grid-Connected_Power_Electronics_Converters_Vuln...
A_Review_of_Cybersecurity_in_Grid-Connected_Power_Electronics_Converters_Vuln...A_Review_of_Cybersecurity_in_Grid-Connected_Power_Electronics_Converters_Vuln...
A_Review_of_Cybersecurity_in_Grid-Connected_Power_Electronics_Converters_Vuln...
 
Creating a Reliable and Secure Advanced Distribution Management System
Creating a Reliable and Secure Advanced Distribution Management SystemCreating a Reliable and Secure Advanced Distribution Management System
Creating a Reliable and Secure Advanced Distribution Management System
 
Modeling and Simulation of the Communication Networks in.docx
Modeling and Simulation of the Communication Networks in.docxModeling and Simulation of the Communication Networks in.docx
Modeling and Simulation of the Communication Networks in.docx
 
Protection Scheme in Generation Network
Protection Scheme in Generation NetworkProtection Scheme in Generation Network
Protection Scheme in Generation Network
 
Software defined network based smart grid communication
Software defined network based smart grid communicationSoftware defined network based smart grid communication
Software defined network based smart grid communication
 
Smart Grid The Role of Electricity Infrastructure in Reducing Greenhouse Gas ...
Smart Grid The Role of Electricity Infrastructure in Reducing Greenhouse Gas ...Smart Grid The Role of Electricity Infrastructure in Reducing Greenhouse Gas ...
Smart Grid The Role of Electricity Infrastructure in Reducing Greenhouse Gas ...
 
SECURING FUTURE CONNECTIVITY: An Extensive Analysis on 5G Network Security
SECURING FUTURE CONNECTIVITY: An Extensive Analysis on 5G Network SecuritySECURING FUTURE CONNECTIVITY: An Extensive Analysis on 5G Network Security
SECURING FUTURE CONNECTIVITY: An Extensive Analysis on 5G Network Security
 
Running head SMART GRID .docx
Running head SMART GRID .docxRunning head SMART GRID .docx
Running head SMART GRID .docx
 
Isde 5
Isde 5Isde 5
Isde 5
 
Transformer Smart Grid
Transformer Smart GridTransformer Smart Grid
Transformer Smart Grid
 
White paper scada (2)
White paper scada (2)White paper scada (2)
White paper scada (2)
 
Dhana Raj Markandu: Control System Cybersecurity - Challenges in a New Energy...
Dhana Raj Markandu: Control System Cybersecurity - Challenges in a New Energy...Dhana Raj Markandu: Control System Cybersecurity - Challenges in a New Energy...
Dhana Raj Markandu: Control System Cybersecurity - Challenges in a New Energy...
 
Smart Grid Technology Paper (SGT) SM54
Smart Grid Technology Paper (SGT) SM54Smart Grid Technology Paper (SGT) SM54
Smart Grid Technology Paper (SGT) SM54
 
Smart Grid Technology - The Future of Power Network: A Review
Smart Grid Technology - The Future of Power Network: A ReviewSmart Grid Technology - The Future of Power Network: A Review
Smart Grid Technology - The Future of Power Network: A Review
 

Recently uploaded

TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...itnewsafrica
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 

Recently uploaded (20)

TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 

IBM's end-to-end security for smart grids

  • 1. White paper September 2009 IBM end-to-end security for smart grids
  • 2. IBM end-to-end security for smart grids Page 2 Introduction Contents The electric grid has been providing reliable electric energy for decades. Comprised of generating, transmission, and distribution equipment along with 2 Introduction its associated control systems and operating staff, the electric grid is vital to 3 Why we need a smart grid 4 Security for the smart grid the world. And when it fails, civilization comes to a standstill. 5 How can IBM address The grid infrastructure has been subjected to minimal maintenance-mode smart grid security? 6 Security for the utility investment for decades, and it needs to be overhauled. An aging workforce, business rising energy costs, globalization, environmental issues, and terrorism or mali- 6 Security for advanced cious abuse of these systems threaten the grid’s sustainability. Security con- metering data manage- cerns for these critical infrastructures in North America and Europe have ment systems recently been heightened.1 8 Security for SCADA networks Around the globe, the reliability of the grid is governed by various entities: 10 Supporting Critical government mandates and commissions, industry consortiums, and regulatory Infrastructure Protection bodies. In December 2008, the U.S. Department of Energy (DOE) published a standards 14 Conclusion report on the nation’s goal to transform its energy grid into a more intelligent, 15 For more information resilient, reliable, secure, self-balancing, and interactive network.2 In March 2009, the U.S. Federal Energy Regulatory Commission (FERC) pro- posed a policy statement and action plan that provides guidance for the devel- opment of a smarter grid for the nation’s electric transmission system. This plan focuses on the development of key standards to achieve interoperability of smart grid devices and systems.3 An IBM white paper published five years ago concurs with these views of DOE and FERC to build smart grids.4 The Council of the European Union recently adopted a Council Directive for the identification and designation of European critical infrastructures and the assessment of the need to improve their protection.5 While EU member states are responsible for policies regarding the security of energy facilities in
  • 3. IBM end-to-end security for smart grids Page 3 their territories, the European Commission for Energy is responsible for Highlights developing pan-EU critical infrastructure protection policies and recommen- dations.6 In the UK, the Centre for the Protection of National Infrastructure (CPNI) is the government authority that provides protective security advice to businesses and organizations across the national infrastructure.7 This paper focuses on the security aspects of protecting the electric grid. It discusses the end-to-end security needs and solutions at various points in the smart grid chain. Security solutions related to the North American Electric Reliability Corporation – Critical Infrastructure Protection (NERC-CIP) requirements are used as examples of best-practice methods for securing the grid. In addition, this paper addresses security for remote device monitoring, Supervisory Control And Data Acquisition (SCADA) systems, and the Advanced Meter Infrastructure (AMI). The paper then explains how IBM soft- ware, hardware and services can help you meet these regulations and security requirements. Why we need a smart grid A smart grid applies a set of diverse The concept of a smart grid is the application of a set of diverse digital tech- digital technologies to enhance the nologies that enhance the value chain of the electric power industry. These value chain of the electric power digital technologies, comprised of new devices and applications, some of industry, improving not only man- which are Internet Protocol (IP) enabled, will aid in the sharing of informa- agement of energy flow but also tion and coordination of management of the generation, transmission, and dis- information exchange and equip- tribution aspects of the infrastructure across distributed energy resources. ment operation. Grid modernization will overhaul the energy industry, creating better visu- alization and control for operators. The application of digital technologies can help reduce peak demand through dynamic optimization, reduce operations and maintenance costs, integrate renewable sources of energy, improve grid reliability, and make transmission and distribution more efficient. Such effi- ciencies can be established only with smart devices and applications that enable a finer level of visibility, control and automation.
  • 4. IBM end-to-end security for smart grids Page 4 On the residential front, consumers can be given more options to control Highlights home appliances and to derive on-demand information to better understand and manage their consumption. We need a smart grid to manage not only energy flow but also information exchange and equipment operation. Regulations imposed by governments or industry consortiums oversee the development and enforcement of reliability standards and monitor the bulk-power systems. The stakeholders of the elec- trical grid include independent service operators (ISOs), remote transmission operators (RTOs), various utilities, and consumers. Security for the smart grid Security is a vital element of any technology related to sensitive assets, and new technological advancements force organizations to face new security con- cerns and risks. When devices like smart meters are made more secure, their business value increases because organizations can respond dynamically and with confidence to new market opportunities or changing conditions. This allows for improved efficiency, reduced costs, and improved continuity of serv- ices. Robust security for the grid can have a tremendous positive impact, as a lack of security directly threatens the safety of the public and all of those who are affected by grid failures. A digital infrastructure can be more As an example, there is a global effort to transform the electric grid to a flexible and dynamic, but it can also digital infrastructure. A fundamental move like this is considered necessary in introduce new security vulnerabili- order to keep up with energy and utility operational demands while maintain- ties that threaten the safe and effi- ing or improving the bottom line. A digital infrastructure can be more flexible cient functioning of the grid. and dynamic; however, such a network may expose the critical infrastructure to additional security concerns such as unapproved access and cyber attacks.
  • 5. IBM end-to-end security for smart grids Page 5 A lack of adequate security in the energy industry could pose threats of serv- ice disruption, which can impede safe and efficient functioning of the system. Added layers of security controls, policies, and procedures are necessary to help protect and manage the grid. The best approach to securing smart grids is to identify and quantify the risks across the entire value chain, develop the appropriate policies and con- trols to manage these risks, deploy the policies and controls, and then perform systematic, periodic reviews, including vulnerability testing. How can IBM address smart grid security? IBM has been very successful in providing security consulting, design, build, and managed services solutions for critical infrastructure in a wide range of demanding industries, including defense, financial services, and energy and utilities. IBM security solutions are based on the IBM Security Framework (see Figure 1), which defines an end-to-end approach to developing, deploying and supporting security solutions across domains of people, networks, applica- tions, data, and the physical plant. Figure 1: IBM takes a holistic approach to security through the IBM Security Framework.
  • 6. IBM end-to-end security for smart grids Page 6 IBM has the technology and expertise to deploy end-to-end security solutions Highlights for smart grid implementations, and is committed to providing security solu- tions within the context of regulatory standards. IBM has the technology and expert- ise to deploy end-to-end security Security for the utility business solutions for smart grid implemen- In-depth IT security design principles state that better security management is tations, and is committed to provid- achieved when an entity is protected by not just one layer or one component, ing security solutions within the but by multiple, diverse mechanisms. These and many other IT security prin- context of regulatory standards. ciples are addressed by global IT security standards ISO 27002:2005 and ISO 15408. They cover areas such as defense-in-depth principles, trusted and consistent identities, authentication and access control, information flow con- trol, encryption of sensitive data at-rest and in-transit, audit and compliance, and resiliency. All energy and utility organizations should leverage these prin- ciples for their corporate business and IT infrastructures. Business applications can pose a serious security threat when accessed by unauthorized users. Applications can produce unintended results with mal- formed input data. Thus, utility applications must be immune to issues such as suspicious demand-response bids from a home, a negative meter reading, or more subtle but seemingly valid scenarios. IBM can help utilities scan applications with security penetration testing for vulnerabilities before they are deployed and while they are in operation. Security for advanced metering data management systems IBM is working with utilities to implement smart meters as a core component of a new intelligent utility network infrastructure that uses digital technology. Many meter vendors have implemented their own protocols between the smart meter and the head-end collectors to comply with the security requirements
  • 7. IBM end-to-end security for smart grids Page 7 released by the Advanced Metering Infrastructure (AMI-SEC) Task Force.8 Highlights These security requirements take into account security standards from organi- zations such as NERC, IEC, and National Institute of Standards and Technology (NIST). Advanced meter management from While the jurisdiction between smart meters and the head-end collectors IBM is a cornerstone of the often lies with the meter vendor of choice, the utility meter network data is IBM Intelligent Utility Network fed into different business processes and applications such as meter demand solution suite. management, enterprise asset management, financial management, customer support, and outage management. IBM has been working with utility companies to rapidly adopt a service-oriented architecture (SOA) approach for such business processes and applications. Advanced meter management from IBM is a cornerstone of the IBM Intelligent Utility Network solution suite.9 The IBM Solution Architecture for IBM has also developed the Solution Architecture for Energy (SAFE), a Energy (SAFE) framework enables framework which enables integration across the enterprise with grid and dis- the utility to build and extend new tribution management, finance and administration, customer management, services to customers easily and human resources, and procurement. As shown in Figure 2, the enterprise por- cost-effectively through the effi- tion of SAFE is based on SOA, which enables the utility to build and extend cient flow of information across the new services to customers easily and cost-effectively through the efficient flow enterprise. of information across the enterprise. This architecture is intended to provide business applications and services that can securely interoperate with business partners, suppliers, regulators, and utility customers while securely maintain- ing the confidentiality, integrity, and accountability of data exchanged, and that can also link to embedded and operational systems.
  • 8. IBM end-to-end security for smart grids Page 8 Figure 2: The IBM Solution Architecture for Energy (SAFE) framework for utilities enables secure integration across the enterprise. Security for SCADA systems IBM recognizes that security for the smart grid goes beyond the business and IT domains. Conventional enterprise IT security measures must be adapted and extended into the industrial process control systems, which involve a myr- iad of proprietary interfaces, protocols, and heterogeneous devices spread over a large geographic and governance space. The challenge for smart grid secu- rity is that there are two distinct spaces that must be bridged securely. The business enterprise operations of the energy utility often engage in data sharing that relies on the Internet as well as corporate intranets and extranets. Existing programmable logic controllers, remote terminal units (RTUs), and SCADA systems may have been designed with security based on physical isolation. Some utilities are using corporate intranets or even the Internet to access devices on the control systems in order to increase produc- tivity and offer seamless connectivity. These approaches require thoughtful analysis because they may introduce new security vulnerabilities.
  • 9. IBM end-to-end security for smart grids Page 9 Industrial control systems security typically involves securing two different computing systems and networks. First, the operator consoles and applications that use commercial operating systems must be secured. These consoles are typically protected by enterprise role-based access control and governed by business-driven policy. Second, the process equipment control systems that receive commands, measure data, and generate actions and events must be secured. These field devices were designed to reside in isolated process-control networks, with the assumption that only a few, trusted operators would have the ability to access them. IP-enabling this field equipment into intelligent electronic devices (IEDs) allows for seamless remote control but can make the control infra- structure more vulnerable. Proper network demarcation and protection of net- works with appropriate security controls is essential for robust smart grid security (see Figure 3). SCADA network TRANSMISSION AND Meter to concentrator systems SUBSTATION SYSTEM Generating station DISTRIBUTION SYSTEM Step-down Residential substation WIRELESS customer COMMUNICATIONS LINK Utility Commercial customer Concentrator Concentrator WIRELESS Substation remote COMMUNICATIONS LINK Advanced metering data monitoring equipment management system Utility communication link Figure 3: Robust smart grid security addresses security focus points all along the utility value chain.
  • 10. IBM end-to-end security for smart grids Page 10 IBM participates in open security standards committees and embraces these Highlights standards to facilitate integration with industry-leading components, including integration with different end-point devices and with independent service ven- dors (ISVs) who are helping to create successful solutions. This is essential for SCADA security where there are several players that comprise the process control grid equipment. Remote device monitoring is the key to enhancing the reliability of the grid. The substations along the electricity supply chain contain many RTUs or IEDs. However, the monitored data from these substations can only be relied upon if the integrity of the data is assured by the security of the substation equipment. Currently, there is a need to perform case-by-case technical assessments of vendor products, studying the interfaces they expose and the protocols they use so that their security can be assured within the greater cyber security context. Security for such devices is being standardized accord- ing to the IEC/TS 62351 and 62443 standards. IBM’s IT security capabilities can be As more standardization occurs in smart grids, the process control networks used for remote device monitoring, can benefit from lessons learned from IT networks running business applica- along with enterprise asset tions. This allows for some Internet technologies to be applied for remote management software and grid device monitoring where applicable. Timing and deterministic properties have operations. to be evaluated so security does not disrupt the prime mission of these sys- tems. IBM’s IT security capabilities can be used for remote device monitoring, along with enterprise asset management software and grid operations. Supporting Critical Infrastructure Protection standards Most countries have developed mandatory reliability standards applicable to all energy-producing and transmitting utilities, like the NERC Critical Infrastructure Protection (CIP) standard in North America.10 One area of regu- latory reliability specifically addresses protecting electric grid bulk-power cyber assets.
  • 11. IBM end-to-end security for smart grids Page 11 IBM can help utilities comply with critical infrastructure protection stan- Highlights dards like the ones listed in NERC CIP-001 through CIP-009 by applying security offerings at consulting, design, development, build, and operational IBM can help utilities comply with levels. Leveraging the IBM Security Framework infuses security into the critical infrastructure protection lifecycle of energy management software and the networking of field standards such as NERC-CIP by control devices. applying a range of industry- leading security solutions. Sabotage Reporting (CIP-001) – NERC provides directives and proce- dures for detection, recognition and reporting of sabotage events. It specifies procedures for communications to appropriate parties and local authorities. It expects security monitoring tools to provide near real-time notifications for reporting. IBM solutions enable the utility to continuously monitor security violations during operations, as well as detect out-of-compliance conditions. These products can even help track user activity for privileged users, includ- ing physical location, deterring insider attacks. Critical Cyber Asset Identification (CIP-002) – NERC has recognized the need for identification and documentation of critical cyber assets. Identifying these assets and their relationships helps lay the foundation for applying security principles within each asset’s function as well as communi- cations between the asset and other assets in the grid value chain. IBM can assist in building an integrated asset management solution. Security Management Controls (CIP-003) – This directive calls for responsible organizations to document and implement a cyber security policy to represent the company’s commitment to security and their ability to secure critical cyber assets. IBM can assist with a comprehensive cyber security solu- tion with functions like policy management, authentication and authorization
  • 12. IBM end-to-end security for smart grids Page 12 of grid systems commands, protection and inspection of all XML traffic across Highlights network boundaries, management of keys used in encryption of data stored on tapes and disk, enablement of change management processes for configuration changes to cyber assets, comparison of activity logs against security policies, and provision of centralized identity, access, attestation and audit services. Personnel & Training (CIP-004) – With this directive, NERC defines the obligations of utility management to conduct thorough personnel risk assess- ments in accordance with federal, state, provincial, and local laws. All person- nel having authorized cyber access or authorized unescorted physical access to critical cyber assets as well as field assets must get access on a “need-to- know” basis. IBM solutions can help oversee the entire process of managing personnel risk assessments, including enrollment, proofing, and background checks as part of the identity vetting process. IBM also provides tools for man- aging learning/training programs. Electronic Security Perimeter (CIP-005) – According to NERC, the util- ity is responsible for ensuring that every critical cyber asset resides within an electronic security perimeter. This perimeter needs to be identified and all access points to it need to be identified, documented, and controlled. IBM solutions for intrusion and anomaly detection can not only protect IT networks from worms, malware and viruses, but also monitor traffic between intelligent field devices for signs of suspicious activity. IBM’s command and control center Physical Security of Critical Cyber Assets (CIP-006) – This directive solution provides advanced physi- defines the physical security of a critical cyber asset as being comprised of five cal security integration, enabling distinct elements: deterrence, detection, assessment, communications, and organizations to control, monitor and maintain disparate security systems and assets through a sin- gle interface.
  • 13. IBM end-to-end security for smart grids Page 13 response. IBM’s command and control center solution provides advanced Highlights physical security integration, enabling organizations to control, monitor and maintain disparate security systems and assets through a single interface. Systems Security Management (CIP-007) – This item in the standard directs security management and testing procedures, patch management, account management, and vulnerability analysis. Organizations need to ensure that new cyber assets and significant changes to existing cyber assets within the electronic security perimeter do not adversely affect existing cyber security controls. IBM provides a comprehensive management suite that provides uniform patch management for heterogeneous platforms, change and configuration management, intrusion detection and analysis, authoring and enforcement of strict identity provisioning policies, vulnerability testing for applications, con- solidated logging, event correlation, dashboards for visualization, and escala- tion mechanisms. IBM’s service, incident, and prob- Incident Reporting and Response Planning (CIP-008) – This directive lem management capabilities help calls for the IT and process-control operations to develop and maintain a manage processes for security inci- cyber security incident response plan, documenting procedures to classify and dents with a well-documented, escalate events and report security incidents to authorities. IBM’s service, repeatable workflow. incident, and problem management capabilities help manage processes for security incidents with a well-documented, repeatable workflow. Recovery Plans for Critical Cyber Assets (CIP-009) – Standard CIP-009 ensures that recovery plans are put in place for critical cyber assets and that these plans follow established business continuity and disaster
  • 14. IBM end-to-end security for smart grids Page 14 recovery techniques and practices. IBM’s asset management solutions enable Highlights services delivery and support processes for the most dynamic IT infrastruc- tures, ensuring business resilience and promoting faster recovery during IBM enables a holistic approach to failures. grid security, providing hardware, software, and services that build on Conclusion an integrated security framework to IBM’s holistic approach to grid security is about not only the comprehensive deliver comprehensive capabilities. set of capabilities listed above, but the ability to build on our common secu- rity framework, integrating and optimizing the built-in security features of IBM hardware, software and service offerings while providing a platform for other ISV security products as well (see Figure 4). Figure 4: The IBM Security Framework integrates IBM hardware, software, and services while providing a platform for other ISV security products.
  • 15. IBM end-to-end security for smart grids Page 15 IBM provides a comprehensive set of products and consulting, design, deploy- ment, and managed service offerings to help comply with NERC-CIP security requirements and other industry regulations. IBM also has the expertise to implement the 21 steps recommended by the DOE for SCADA security.11 IBM has a proven track record in securing our nation’s most critical infra- structures including military, banking, stock markets, and utilities. IBM is unique in its ability to provide an unparalleled breadth and depth of technol- ogy, services, and scalability for proven, quantifiable results. For more information To learn more about how IBM solutions can help your organization meet security regulations and requirements, contact your IBM representative or IBM Business Partner, or visit: ibm.com/security and ibm.com/energy
  • 16. © Copyright IBM Corporation 2009 IBM Corporation Software Group Route 100 Somers, NY 10589 U.S.A. Produced in the United States of America September 2009 All Rights Reserved IBM, the IBM logo, and ibm.com are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both. If these and other IBM trademarked terms are marked on their first occurrence in this information with a trademark symbol (® or ™), these symbols indicate U.S. registered or common law trademarks owned by IBM at the time this information was published. Such trademarks may also be registered or common law trademarks in other countries. A current list of 4 Callahan, Stephen J., “Rebuilding the grid,” IBM trademarks is available on the Web at IBM. April, 2004. www-935.ibm.com/services/ “Copyright and trademark information” at in/igs/pdf/ge510-3587-00f-rebuild-grid.pdf ibm.com/legal/copytrade.shtml The customer is responsible for ensuring 5 Council Directive 2008/114/EC, Official Journal compliance with legal requirements. It is the Other company, product and service names of the European Union. December 2008. customer’s sole responsibility to obtain advice of may be trademarks or service marks of others. http://eur-lex.europa.eu/LexUriServ/LexUriServ. competent legal counsel as to the identification do?uri=OJ:L:2008:345:0075:0082:EN:PDF References in this publication to IBM products and interpretation of any relevant laws and and services do not imply that IBM intends to 6 European Commission, Energy, Critical regulatory requirements that may affect the make them available in all countries in which Infrastructure Protection. http://ec.europa.eu/ customer’s business and any actions the IBM operates. energy/infrastructure/critical_en.htm customer may need to take to comply with such No part of this document may be reproduced or laws. IBM does not provide legal advice or 7 Centre for the Protection of National transmitted in any form without written represent or warrant that its services or Infrastructure. www.cpni.gov.uk permission from IBM Corporation. products will ensure that the customer is in 8 AMI System Security Requirements V1.01, Product data has been reviewed for accuracy compliance with any law or regulation. UCAIUG: AMI-SEC-ASAP. December 17, 2008. as of the date of initial publication. Product data 1 Gorman, Siobhan, “Electricity Grid in U.S. www.controlsystemsroadmap.net/pdfs/ is subject to change without notice. Any Penetrated by Spies,” The Wall Street Journal. AMI_System_Security_Requirements- statements regarding IBM’s future direction and April 8, 2009. http://online.wsj.com/ v1_01-1.pdf intent are subject to change or withdrawal article_email/SB123914805204099085- 9 “Smarter Grids for a Smarter Planet: IBM’s without notice, and represent goals and lMyQjAxMDI5MzA5ODEwNDg4Wj.html Intelligent Utility Network Solutions,” objectives only. 2 “Smart Grid: Enabler of the New Energy IBM. May 28, 2009. THE INFORMATION PROVIDED IN THIS Economy,” The Electricity Advisory https://www950.ibm.com/events/wwe/grp/ DOCUMENT IS DISTRIBUTED “AS IS” Committee of the U.S. Department of Energy. grp018.nsf/vLookupPDFs/T2_4_Smarter_Grids/ WITHOUT ANY WARRANTY, EITHER EXPRESS December 2008. Guido Bartels, IBM General $file/T2_4_Smarter_Grids.pdf OR IMPLIED. IBM EXPRESSLY DISCLAIMS Manager, Energy & Utilities Industry and 10 North American Electric Reliability Corporation, ANY WARRANTIES OF MERCHANTABILITY, Chairman, Gridwise Alliance, provided key Reliability Standards, Critical Infrastructure FITNESS FOR A PARTICULAR PURPOSE leadership for this paper. www.oe.energy.gov/ Protection (CIP). www.nerc.com/page.php? OR NON-INFRINGEMENT. IBM products DocumentsandMedia/final-smart-grid-report.pdf cid=2|20 are warranted according to the terms 3 “FERC accelerates Smart Grid development 11 “21 Steps to Improve Cyber Security of SCADA and conditions of the agreements with proposed policy, action plan,” Networks,” The President’s Critical Infrastructure (e.g. IBM Customer Agreement, Statement Federal Energy Regulatory Commission. Protection Board, U.S. Department of Energy. of Limited Warranty, International Program March 19, 2009. www.ferc.gov/news/ www.oe.netl.doe.gov/docs/prepare/ License Agreement, etc.) under which they news-releases/2009/2009-1/03-19-09.asp 21stepsbooklet.pdf are provided. TIW14041-USEN-00