SlideShare a Scribd company logo

IEEE PES GM 2017 Cybersecurity Panel Talk

N
Nathan Wallace, PhD, PE

This document provides an overview of Nathan Wallace's background and experience in power engineering and cybersecurity. It discusses some of the challenges in implementing cybersecurity for power systems, including identifying critical cyber assets, determining responsibilities between IT and OT departments, and addressing compliance needs versus best practices. It also outlines major hurdles to improving cybersecurity such as overclassification of information, viewing it only as an IT issue or in defending only against threats. The document advocates for an engineering-based approach and standardization to help drive the field forward.

Engineering
1 of 25
Download to read offline
Nathan Wallace, PhD, CSSA n.wallace.us@ieee.org Twi1er: @NathanSWallace 1 Staff Engineer Dir. Cyber Opera;ons
Personal Background Volunteering: EE Intern EE Intern Associate Engineer Research Assistant Visi;ng Lecturer Staff Engineer Dir. Cyber Opera;ons Drafting Relay Settings T&D Protection Cybersecurity Researcher Digital Forensics Examiner Math & Engineering Relay & RTU Design & Commissioning Risk Assessments Cybersecurity Design & Integration 2
3 Disclaimer •  Statements and opinions are my own which may or may not reflect that of my current employer. •  Statements are based on generalized observations of the industry and do not represent any particular entity or asset owner. •  Seek professional engineering assistance and vendor support prior to implementing or developing any of the capabilities discussed.
4 RISK Two Infrastructures ResidenAal Industrial Commercial Genera;on Transmission Distribu;on •  Physical •  Cyber Control Center DistribuAon Control Center RTOs/ISO
5 Assets What devices need to be protected? CommunicaAon ComputaAonal What has and/or ability and is used to ensure the safe, reliable, and con,nuous genera;on, transmission and delivery of electricity? Cybersecurity Implementation Challenge: How to maintain the Confidentiality, Integrity, and Availability of power system cyber assets? IEEE Std C37.240TM-2014, IEEE Standard Cybersecurity Requirements for Substation Automation, Protection, and Control Systems. •  Must not impede access and operation during legitimate activities. •  Must be technically, economically, and operationally feasible. Each protective measure
6 Assets Cyber Assets Programmable electronic devices, including the hardware, soOware, and data, in those devices. I/O cards Network cards CPU, RAM, Physical Ports User ApplicaAons (EMS, HMI, FTP, Apache, etc.) Device ApplicaAons (Protocol Parsers/Converters) ApplicaAon Programming Interface (API) SoXware Libraries and Tools SeZngs and ConfiguraAon Files Stored Binary and Analog Values Sequence of Events & DFR Logs Usernames, Password Hashes, IP Tables
7 Assets •  What hardware is common across all devices? Engr, Tech, Operator Imported Applica;ons Library Vendor Applica;ons PAM Access/Login HMI Apache iproute2 Firewall pyPAM HTTP •  Do vendors write their own code? •  What 3rd Party soOware libraries & applica;ons are being used? Linux Kernel 19.5 million lines of code FUN-FACT
8 Power System Cybersecurity Implementa;on Who’s Responsibility is it? IT Dept. OT Dept. t -  SoXware to determine how power flows and when breakers open/closes -  Apache, Telnet, SSH, MySQL, FTP, LDAP, Embedded Linux, Windows, etc. -  Virtual power plants and protecAon relays, soXware defined networking -  SCADA in the cloud Present
9 OT Dept. VS => Adversarial Relationship Example 1: Annual Funding IT Dept. IT Manager Engineering ManagerNew Cyber Compliance Manager & Dept. Legal Team, Training, Audit Specialists No Change Power System Cybersecurity Implementa;on Who’s Responsibility is it? More Personnel and Resources Present
Present 10 Cri;cal Cyber Assets Compliance HIGH MEDIUM LOW 15% 85% Protected Grid Cyber Security PROTECTED GRID? Cyber Assets (For US 80-90% grid’s cyber assets are out of scope for NERC-CIP) Source: Cybersecurity and the Evolving Role of State Regulation: How it Impacts the California Public Utilities Commission, California’s PUC Policy Paper Cybersecurity Implementation
11 Present VS Mostly Policy Standards Mostly Technical Standards and Best Practices US: NERC-CIP
12 IT Dept. OT Dept. VS => Adversarial Relationship Example 2: Implementation a) Securing laptops used by field personnel. Power System Cybersecurity Implementa;on Who’s Responsibility is it? Engineer “My company’s IT department has no idea I use this laptop… I wouldn’t be able to do my job if they did.” b) Securing edge devices (RTUs, relays, reclosers, etc.) Engineer Settings/Configurations Power P&C logic Cyber P&C logicIT Dept.? Present
13 Present Cybersecurity Design Implementation Entity’s 1st Audit v3 Audit revealed over half of the system’s firewalls were misconfigured. •  Typically the current approach is to use network firewalls and call it a day. •  Cybersecurity is an afterthought that ends up being “bolted on” only for compliance. 3 General Types of Firewall Packet Filtering | ApplicaAon-Proxy Gateway | Stateful InspecAon •  Some can be bypassed by spoofing network layer data •  All are based on soXware CVE-2016-**** The password-sync feature on [firewall vendor’s] switches sets an SNMP community to the same string as the administrator password, which allows remote attackers to obtain sensitive information by sniffing network.
14 What drives cybersecurity in the industry today? Compliance What will drive cybersecurity in the industry tomorrow? Hopefully, engineering and best practices. Goal Cyber Security Present
Future 15 Cyber Infrastructure (Computation & Communication) Protection and Control of the Modernized Grid Physical Infrastructure (Flow of Power) Inputs: Currents, Voltages, Impedance, Status (open,close, lockout) Output: Open/Close Bkr, +/- Vars, Inputs: Topology, traffic flows, deep packet inspection, communication state, state of physical power system Output: NOTHING!
Future 16 What will drive cybersecurity in the industry tomorrow? Hopefully, engineering and best practices. American Engineers' Council for Professional Development defines Engineering as: "The creative application of scientific principles to design or develop …." Major Hurdles Power System Cybersecurity & Cyber Resiliency Hurdle 1: Labeling of everything as Restricted, Classified, or Sensitive Requires Verifiable Evidence & Repeatable Tests Administrator 1.  Joe 2.  Alice Example Compliance/Legal depts. stops engineer from discussing what works and what doesn’t at technical industry conference. Negative Side Effects •  Industry slow to advance and therefore slow to defend. •  Engineers are not aware of solutions/approaches resulting in the assumption that security is not feasible. •  Approach is really security through obscurity.
Future 17 What will drive cybersecurity in the industry tomorrow? Hopefully, engineering and best practices. Major Hurdles Hurdle 2: Viewing cybersecurity as only defending against malicious actors. Power System Cybersecurity & Cyber Resiliency Recall Cybersecurity: “The facet of reliability that relates to the degree of certainty that a cyber device or system will not operate incorrectly.” *** *** *** *** -2015 Firmware Update Summary: Corrected an issue where the meter restarted or stopped opera;ng during file transfers in the presence of a saturated network CVE-2013-**** DNP3 vulnerability causes a denial of service (driver crash and process restart) via a oddly crafted DNP3 TCP packet. State Machines Testing all states (known and unknown) QA Challenge Inputs, process, memory
Future 18 What will drive cybersecurity in the industry tomorrow? Hopefully, engineering and best practices. Major Hurdles Hurdle 3: Viewing power system cybersecurity as only an IT issue for the IT dept. Power System Cybersecurity & Cyber Resiliency Operations Design Implementation Maintenance Implementation Cyber Risk Assessment Requires input from power system engineers and an understanding of how each device is fundamentally being used to control and/or monitor. Examples •  Testing changes prior to field installations •  Applying patches/updates in energized systems •  Does device support cyber feature? •  Same logic and vendor software used for relay P&C is used for cyber •  Cybersecurity checkout & commissioning •  What is considered normal in the control system application? •  Real-time cyber-physical system event modeling and contingency analysis
Future 19 RISK = (Threat) x (Probability) x (Impact) Example: Alter soXware on Smart Inverter Probability Impact Cyber Source: h1p://acesolar.co.uk/services/solar-pv-panels/ •  Cloud based management •  Code on device to detect faults •  Regulates energy flows Commercial or Residential •  Installed in untrusted network •  Who is responsible for cybersecurity •  Security issues associated with communicaAng back up to connected grid.
Future 20 RISK = (Threat) x (Probability) x (Impact) Example: Spoofing of GPS data to PMU ~ ~ Probability Impact Cyber ? PMU A PMU A θ1 θ2 θi
Future 21 RISK = (Threat) x (Probability) x (Impact) Example: State EsAmaAon A1ack, Spoofing State Variables Probability Impact Cyber ? ? Remote SCADA or Local Automation Injected Readings
Future 22 What will drive cybersecurity in the industry tomorrow? Hopefully, engineering and best practices. Major Hurdles Hurdle 4: Documenting IED & System level cybersecurity capabilities Power System Cybersecurity & Cyber Resiliency Relay Design Engineer Relay Settings Engineer Cyber Design Engineer Cyber Settings Engineer •  Design protective relaying functions based on operational requirements and equipment ratings •  Design protective cyber functions based on operational requirements and capabilities of devices •  Programming of relaying and other devices based on relay design specification •  Programming of relaying and other devices based on cyber design specification
Future 23 What will drive cybersecurity in the industry tomorrow? Hopefully, engineering and best practices. Major Hurdles Hurdle 4: Documenting IED & System level cybersecurity capabilities Power System Cybersecurity & Cyber Resiliency Relay Design Engineer Cyber Design Engineer Relay Operational One-Line Cyber Operational One-Line ANSI /IEEE Standard C37.2 Standard for Electrical Power System Device Function Numbers, Acronyms, and Contact Designations IEEE Standard ***** for Electrical Power System Cyber Device Function Numbers, Acronyms, and Contact Designations 21 - Distance Relay 27 – Undervoltage Relay 32 – Directional Relay 50 – Instantaneous Relay 51 – AC Time Overcurrent Relay 52 – AC Circuit Breaker 59 – Overvoltage Relay 64 – Ground Detector Relay 87 – Differential Protective Relay c48 – Firewall Type: Application Gateway c49 – AAA Server c50 – Role based access control c51 – Report cyber events to master c52 – Cyber-event concentrator (RTU) c53 – Cyber-event converter, (e.g. DNP -> Syslog) (RTU) c54 – Log cyber-events locally c56 - Antivirus c57 – Enable host firewall c58 – Intrusion detection c59 – Intrusion prevention c60 – Web access c61 – Application whitelisting c62 – Email alerts c63 – Network DoS detection c90 – CPU & RAM Differential over Δt w/o protection event c100 - Cyber lockout, revoke all remote control Common c64 – Network encryption c65 – HD encryption c66 – HTTPS c67 – SSH c68 – Telent c69 – Active port detection c70 – NSM/IDS with Protocol DPI EXAMPLE Maybe one day…?
Future 24 What will drive cybersecurity in the industry tomorrow? Hopefully, engineering and best practices. Major Hurdles Hurdle 4: Documenting IED & System level cybersecurity capabilities Power System Cybersecurity & Cyber Resiliency Cyber Design Engineer Cyber Operational One-Line c50 – Role based access control c51 – Report cyber events to master c52 – Cyber-event concentrator (RTU) c53 – Cyber-event converter, (e.g. DNP -> Syslog) (RTU) c54 – Log cyber-events locally c56 - Antivirus c57 – Enable host firewall c58 – Intrusion detection c59 – Intrusion prevention c60 – Web access c61 – Application whitelisting c62 – Email alerts c63 – Network DoS detection c90 – CPU & RAM spike over Δt w/o protection event c100 - Cyber lockout, revoke all remote control Potential Benefits •  Universally understood •  Procurement: can the device do c** •  (Scoping, Designing, Commissioning) •  Multiple vendors, contractors, integrators •  Maintenance •  What devices require signature updates •  Identify failed cyber component •  Incident Response •  What devices saw the event •  What devices recorded the event •  What devices were impacted •  What device failed to alarm or take action •  Saves time and money •  Prevents extended operational downtime c64 – Network encryption c65 – HD encryption c66 – HTTPS c67 – SSH c68 – Telent c69 – Active port detection c70 – NSM/IDS with Protocol DPI
25 Safety Nathan Wallace, PhD, CSSA n.wallace.us@ieee.org Twi1er: @NathanSWallace Questions? Thank You Reliability

Recommended

Power System Cybersecurity: Barriers and Challenges
Power System Cybersecurity: Barriers and Challenges Power System Cybersecurity: Barriers and Challenges
Power System Cybersecurity: Barriers and Challenges Nathan Wallace, PhD, PE
 
Power System Cybersecurity: Threats, Challenges, and Barriers
Power System Cybersecurity: Threats, Challenges, and Barriers Power System Cybersecurity: Threats, Challenges, and Barriers
Power System Cybersecurity: Threats, Challenges, and Barriers Nathan Wallace, PhD, PE
 
Lessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy SectorLessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy SectorEnergySec
 
IEC and cyber security (June 2018)
IEC and cyber security (June 2018)IEC and cyber security (June 2018)
IEC and cyber security (June 2018)International Electrotechnical Commission (IEC)
 
Webinar - Reducing the Risk of a Cyber Attack on Utilities
Webinar - Reducing the Risk of a Cyber Attack on UtilitiesWebinar - Reducing the Risk of a Cyber Attack on Utilities
Webinar - Reducing the Risk of a Cyber Attack on UtilitiesWPICPE
 
Security Updates Matter: Exploitation for Beginners
Security Updates Matter: Exploitation for BeginnersSecurity Updates Matter: Exploitation for Beginners
Security Updates Matter: Exploitation for BeginnersEnergySec
 
From Air Gap to Air Control
From Air Gap to Air ControlFrom Air Gap to Air Control
From Air Gap to Air ControlEnergySec
 
Compromising Industrial Facilities From 40 Miles Away
Compromising Industrial Facilities From 40 Miles AwayCompromising Industrial Facilities From 40 Miles Away
Compromising Industrial Facilities From 40 Miles AwayEnergySec
 

Recommended

Power System Cybersecurity: Barriers and Challenges
Power System Cybersecurity: Barriers and Challenges Power System Cybersecurity: Barriers and Challenges
Power System Cybersecurity: Barriers and Challenges Nathan Wallace, PhD, PE
 
Power System Cybersecurity: Threats, Challenges, and Barriers
Power System Cybersecurity: Threats, Challenges, and Barriers Power System Cybersecurity: Threats, Challenges, and Barriers
Power System Cybersecurity: Threats, Challenges, and Barriers Nathan Wallace, PhD, PE
 
Lessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy SectorLessons Learned for a Behavior-Based IDS in the Energy Sector
Lessons Learned for a Behavior-Based IDS in the Energy SectorEnergySec
 
IEC and cyber security (June 2018)
IEC and cyber security (June 2018)IEC and cyber security (June 2018)
IEC and cyber security (June 2018)International Electrotechnical Commission (IEC)
 
Webinar - Reducing the Risk of a Cyber Attack on Utilities
Webinar - Reducing the Risk of a Cyber Attack on UtilitiesWebinar - Reducing the Risk of a Cyber Attack on Utilities
Webinar - Reducing the Risk of a Cyber Attack on UtilitiesWPICPE
 
Security Updates Matter: Exploitation for Beginners
Security Updates Matter: Exploitation for BeginnersSecurity Updates Matter: Exploitation for Beginners
Security Updates Matter: Exploitation for BeginnersEnergySec
 
From Air Gap to Air Control
From Air Gap to Air ControlFrom Air Gap to Air Control
From Air Gap to Air ControlEnergySec
 
Compromising Industrial Facilities From 40 Miles Away
Compromising Industrial Facilities From 40 Miles AwayCompromising Industrial Facilities From 40 Miles Away
Compromising Industrial Facilities From 40 Miles AwayEnergySec
 
Integrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of StandardsIntegrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of StandardsJim Gilsinn
 
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020Jiunn-Jer Sun
 
Third Party Security Testing for Advanced Metering Infrastructure Program
Third Party Security Testing for Advanced Metering Infrastructure ProgramThird Party Security Testing for Advanced Metering Infrastructure Program
Third Party Security Testing for Advanced Metering Infrastructure ProgramEnergySec
 
ISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToJim Gilsinn
 
DHS ICS Security Presentation
DHS ICS Security PresentationDHS ICS Security Presentation
DHS ICS Security Presentationguest85a34f
 
Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...
Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...
Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...EnergySec
 
An Approach to Closing the Gaps between Physical, Process Control, and Cybers...
An Approach to Closing the Gaps between Physical, Process Control, and Cybers...An Approach to Closing the Gaps between Physical, Process Control, and Cybers...
An Approach to Closing the Gaps between Physical, Process Control, and Cybers...EnergySec
 
Protecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksProtecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksMaurice Dawson
 
Embedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DeviceEmbedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DevicePriyanka Aash
 
Consequence Informed Cyber Security
Consequence Informed Cyber Security Consequence Informed Cyber Security
Consequence Informed Cyber Security Dragos, Inc.
 
Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...
Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...
Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...AVEVA
 
AEE Cybersecurity for the IOT in Facility Energy Distribution Slides
AEE Cybersecurity for the IOT in Facility Energy Distribution SlidesAEE Cybersecurity for the IOT in Facility Energy Distribution Slides
AEE Cybersecurity for the IOT in Facility Energy Distribution SlidesAndy Taylor
 
Cybersecurity for modern industrial systems
Cybersecurity for modern industrial systemsCybersecurity for modern industrial systems
Cybersecurity for modern industrial systemsItex Solutions
 
Review of network diagram
Review of network diagramReview of network diagram
Review of network diagramSyed Ubaid Ali Jafri
 
Using a Cognitive Analytic Approach to Enhance Cybersecurity on Oil and Gas O...
Using a Cognitive Analytic Approach to Enhance Cybersecurity on Oil and Gas O...Using a Cognitive Analytic Approach to Enhance Cybersecurity on Oil and Gas O...
Using a Cognitive Analytic Approach to Enhance Cybersecurity on Oil and Gas O...SparkCognition
 
RSA: Security Analytics Architecture for APT
RSA: Security Analytics Architecture for APTRSA: Security Analytics Architecture for APT
RSA: Security Analytics Architecture for APTLee Wei Yeong
 
Security in embedded systems
Security in embedded systemsSecurity in embedded systems
Security in embedded systemsRaghav S
 
Standards based security for energy utilities
Standards based security for energy utilitiesStandards based security for energy utilities
Standards based security for energy utilitiesNirmal Thaliyil
 
Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14James Nesbitt
 
The Subversive Six: Hidden Risk Points in ICS
The Subversive Six: Hidden Risk Points in ICSThe Subversive Six: Hidden Risk Points in ICS
The Subversive Six: Hidden Risk Points in ICSTripwire
 
White paper scada (2)
White paper scada (2)White paper scada (2)
White paper scada (2)Ivan Carmona
 
Investigation, Design and Implementation of a Secure
Investigation, Design and Implementation of a SecureInvestigation, Design and Implementation of a Secure
Investigation, Design and Implementation of a SecureFiras Alsayied
 

More Related Content

What's hot

Integrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of StandardsIntegrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of StandardsJim Gilsinn
 
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020Jiunn-Jer Sun
 
Third Party Security Testing for Advanced Metering Infrastructure Program
Third Party Security Testing for Advanced Metering Infrastructure ProgramThird Party Security Testing for Advanced Metering Infrastructure Program
Third Party Security Testing for Advanced Metering Infrastructure ProgramEnergySec
 
ISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToJim Gilsinn
 
DHS ICS Security Presentation
DHS ICS Security PresentationDHS ICS Security Presentation
DHS ICS Security Presentationguest85a34f
 
Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...
Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...
Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...EnergySec
 
An Approach to Closing the Gaps between Physical, Process Control, and Cybers...
An Approach to Closing the Gaps between Physical, Process Control, and Cybers...An Approach to Closing the Gaps between Physical, Process Control, and Cybers...
An Approach to Closing the Gaps between Physical, Process Control, and Cybers...EnergySec
 
Protecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksProtecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksMaurice Dawson
 
Embedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DeviceEmbedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DevicePriyanka Aash
 
Consequence Informed Cyber Security
Consequence Informed Cyber Security Consequence Informed Cyber Security
Consequence Informed Cyber Security Dragos, Inc.
 
Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...
Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...
Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...AVEVA
 
AEE Cybersecurity for the IOT in Facility Energy Distribution Slides
AEE Cybersecurity for the IOT in Facility Energy Distribution SlidesAEE Cybersecurity for the IOT in Facility Energy Distribution Slides
AEE Cybersecurity for the IOT in Facility Energy Distribution SlidesAndy Taylor
 
Cybersecurity for modern industrial systems
Cybersecurity for modern industrial systemsCybersecurity for modern industrial systems
Cybersecurity for modern industrial systemsItex Solutions
 
Using a Cognitive Analytic Approach to Enhance Cybersecurity on Oil and Gas O...
Using a Cognitive Analytic Approach to Enhance Cybersecurity on Oil and Gas O...Using a Cognitive Analytic Approach to Enhance Cybersecurity on Oil and Gas O...
Using a Cognitive Analytic Approach to Enhance Cybersecurity on Oil and Gas O...SparkCognition
 
RSA: Security Analytics Architecture for APT
RSA: Security Analytics Architecture for APTRSA: Security Analytics Architecture for APT
RSA: Security Analytics Architecture for APTLee Wei Yeong
 
Security in embedded systems
Security in embedded systemsSecurity in embedded systems
Security in embedded systemsRaghav S
 
Standards based security for energy utilities
Standards based security for energy utilitiesStandards based security for energy utilities
Standards based security for energy utilitiesNirmal Thaliyil
 
Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14James Nesbitt
 
The Subversive Six: Hidden Risk Points in ICS
The Subversive Six: Hidden Risk Points in ICSThe Subversive Six: Hidden Risk Points in ICS
The Subversive Six: Hidden Risk Points in ICSTripwire
 

What's hot (20)

Integrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of StandardsIntegrating the Alphabet Soup of Standards
Integrating the Alphabet Soup of Standards
 
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
 
Third Party Security Testing for Advanced Metering Infrastructure Program
Third Party Security Testing for Advanced Metering Infrastructure ProgramThird Party Security Testing for Advanced Metering Infrastructure Program
Third Party Security Testing for Advanced Metering Infrastructure Program
 
ISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How ToISA/IEC 62443: Intro and How To
ISA/IEC 62443: Intro and How To
 
DHS ICS Security Presentation
DHS ICS Security PresentationDHS ICS Security Presentation
DHS ICS Security Presentation
 
Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...
Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...
Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...
 
An Approach to Closing the Gaps between Physical, Process Control, and Cybers...
An Approach to Closing the Gaps between Physical, Process Control, and Cybers...An Approach to Closing the Gaps between Physical, Process Control, and Cybers...
An Approach to Closing the Gaps between Physical, Process Control, and Cybers...
 
Protecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber AttacksProtecting Infrastructure from Cyber Attacks
Protecting Infrastructure from Cyber Attacks
 
Embedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure DeviceEmbedded Systems Security: Building a More Secure Device
Embedded Systems Security: Building a More Secure Device
 
Consequence Informed Cyber Security
Consequence Informed Cyber Security Consequence Informed Cyber Security
Consequence Informed Cyber Security
 
Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...
Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...
Recent Cybersecurity Concerns and How to Protect SCADA/HMI Applications Prese...
 
AEE Cybersecurity for the IOT in Facility Energy Distribution Slides
AEE Cybersecurity for the IOT in Facility Energy Distribution SlidesAEE Cybersecurity for the IOT in Facility Energy Distribution Slides
AEE Cybersecurity for the IOT in Facility Energy Distribution Slides
 
Cybersecurity for modern industrial systems
Cybersecurity for modern industrial systemsCybersecurity for modern industrial systems
Cybersecurity for modern industrial systems
 
Review of network diagram
Review of network diagramReview of network diagram
Review of network diagram
 
Using a Cognitive Analytic Approach to Enhance Cybersecurity on Oil and Gas O...
Using a Cognitive Analytic Approach to Enhance Cybersecurity on Oil and Gas O...Using a Cognitive Analytic Approach to Enhance Cybersecurity on Oil and Gas O...
Using a Cognitive Analytic Approach to Enhance Cybersecurity on Oil and Gas O...
 
RSA: Security Analytics Architecture for APT
RSA: Security Analytics Architecture for APTRSA: Security Analytics Architecture for APT
RSA: Security Analytics Architecture for APT
 
Security in embedded systems
Security in embedded systemsSecurity in embedded systems
Security in embedded systems
 
Standards based security for energy utilities
Standards based security for energy utilitiesStandards based security for energy utilities
Standards based security for energy utilities
 
Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14Industrial Control Security USA Sacramento California Oct 13/14
Industrial Control Security USA Sacramento California Oct 13/14
 
The Subversive Six: Hidden Risk Points in ICS
The Subversive Six: Hidden Risk Points in ICSThe Subversive Six: Hidden Risk Points in ICS
The Subversive Six: Hidden Risk Points in ICS
 

Similar to IEEE PES GM 2017 Cybersecurity Panel Talk

White paper scada (2)
White paper scada (2)White paper scada (2)
White paper scada (2)Ivan Carmona
 
Investigation, Design and Implementation of a Secure
Investigation, Design and Implementation of a SecureInvestigation, Design and Implementation of a Secure
Investigation, Design and Implementation of a SecureFiras Alsayied
 
The Not So Smart Grid
The Not So Smart GridThe Not So Smart Grid
The Not So Smart Gridgueste0b5fe
 
III SEM MCA-Module 4 -Ch2.pdf- Securing IoT
III SEM MCA-Module 4 -Ch2.pdf- Securing IoTIII SEM MCA-Module 4 -Ch2.pdf- Securing IoT
III SEM MCA-Module 4 -Ch2.pdf- Securing IoTRAJESHWARI M
 
Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Yokogawa1
 
Smart Grid Cyber Security
Smart Grid Cyber SecuritySmart Grid Cyber Security
Smart Grid Cyber SecurityJAZEEL K T
 
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)TI Safe
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)Ahmad Haghighi
 
BreakingPoint от Ixia
BreakingPoint от IxiaBreakingPoint от Ixia
BreakingPoint от IxiaBAKOTECH
 
All about Firewalls ,IPS IDS and the era of UTM in a nutshell
All about Firewalls ,IPS IDS and the era of UTM in a nutshellAll about Firewalls ,IPS IDS and the era of UTM in a nutshell
All about Firewalls ,IPS IDS and the era of UTM in a nutshellHishan Shouketh
 
Cyber Resilient Systems Representative Solutions for Trustworthy Systems
Cyber Resilient Systems Representative Solutions for Trustworthy SystemsCyber Resilient Systems Representative Solutions for Trustworthy Systems
Cyber Resilient Systems Representative Solutions for Trustworthy SystemsAgence du Numérique (AdN)
 
Industrial IOT and Security
Industrial IOT and SecurityIndustrial IOT and Security
Industrial IOT and SecurityKapil Sabharwal
 
IOT & Security in Industrial Systems.
IOT & Security in Industrial Systems.IOT & Security in Industrial Systems.
IOT & Security in Industrial Systems.Kapil Sabharwal
 
Cyber Security in Substation Automation (IEC 61850)
Cyber Security in Substation Automation (IEC 61850)Cyber Security in Substation Automation (IEC 61850)
Cyber Security in Substation Automation (IEC 61850)Nikandrov Maxim
 

Similar to IEEE PES GM 2017 Cybersecurity Panel Talk (20)

White paper scada (2)
White paper scada (2)White paper scada (2)
White paper scada (2)
 
Investigation, Design and Implementation of a Secure
Investigation, Design and Implementation of a SecureInvestigation, Design and Implementation of a Secure
Investigation, Design and Implementation of a Secure
 
The Not So Smart Grid
The Not So Smart GridThe Not So Smart Grid
The Not So Smart Grid
 
The Not So Smart Grid
The Not So Smart GridThe Not So Smart Grid
The Not So Smart Grid
 
Agile Fractal Grid - 7-11-14
Agile Fractal Grid - 7-11-14Agile Fractal Grid - 7-11-14
Agile Fractal Grid - 7-11-14
 
Agile fractal grid 7-11-14
Agile fractal grid 7-11-14Agile fractal grid 7-11-14
Agile fractal grid 7-11-14
 
III SEM MCA-Module 4 -Ch2.pdf- Securing IoT
III SEM MCA-Module 4 -Ch2.pdf- Securing IoTIII SEM MCA-Module 4 -Ch2.pdf- Securing IoT
III SEM MCA-Module 4 -Ch2.pdf- Securing IoT
 
Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443
 
Smart Grid Cyber Security
Smart Grid Cyber SecuritySmart Grid Cyber Security
Smart Grid Cyber Security
 
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)
 
Design of network
Design of networkDesign of network
Design of network
 
BreakingPoint от Ixia
BreakingPoint от IxiaBreakingPoint от Ixia
BreakingPoint от Ixia
 
3.3_Cyber Security R&D for Microgrids_Stamp_EPRI/SNL Microgrid
3.3_Cyber Security R&D for Microgrids_Stamp_EPRI/SNL Microgrid3.3_Cyber Security R&D for Microgrids_Stamp_EPRI/SNL Microgrid
3.3_Cyber Security R&D for Microgrids_Stamp_EPRI/SNL Microgrid
 
All about Firewalls ,IPS IDS and the era of UTM in a nutshell
All about Firewalls ,IPS IDS and the era of UTM in a nutshellAll about Firewalls ,IPS IDS and the era of UTM in a nutshell
All about Firewalls ,IPS IDS and the era of UTM in a nutshell
 
Cyber Resilient Systems Representative Solutions for Trustworthy Systems
Cyber Resilient Systems Representative Solutions for Trustworthy SystemsCyber Resilient Systems Representative Solutions for Trustworthy Systems
Cyber Resilient Systems Representative Solutions for Trustworthy Systems
 
Industrial IOT and Security
Industrial IOT and SecurityIndustrial IOT and Security
Industrial IOT and Security
 
IOT & Security in Industrial Systems.
IOT & Security in Industrial Systems.IOT & Security in Industrial Systems.
IOT & Security in Industrial Systems.
 
Cyber Security in Substation Automation (IEC 61850)
Cyber Security in Substation Automation (IEC 61850)Cyber Security in Substation Automation (IEC 61850)
Cyber Security in Substation Automation (IEC 61850)
 
ICS security
ICS securityICS security
ICS security
 

Recently uploaded

VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130Suhani Kapoor
 
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).pptssuser5c9d4b1
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Call Girls in Nagpur High Profile
 
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICSHARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICSRajkumarAkumalla
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )Tsuyoshi Horigome
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingrknatarajan
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...Soham Mondal
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escortsranjana rawat
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSSIVASHANKAR N
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxupamatechverse
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performancesivaprakash250
 
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130Suhani Kapoor
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxAsutosh Ranjan
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Dr.Costas Sachpazis
 
Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingrakeshbaidya232001
 
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Christo Ananth
 

Recently uploaded (20)

VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
 
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
 
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINEDJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
 
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICSHARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
 
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Meera Call 7001035870 Meet With Nagpur Escorts
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptx
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performance
 
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptx
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
 
Porous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writingPorous Ceramics seminar and technical writing
Porous Ceramics seminar and technical writing
 
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
 
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
 

IEEE PES GM 2017 Cybersecurity Panel Talk

  • 2. Personal Background Volunteering: EE Intern EE Intern Associate Engineer Research Assistant Visi;ng Lecturer Staff Engineer Dir. Cyber Opera;ons Drafting Relay Settings T&D Protection Cybersecurity Researcher Digital Forensics Examiner Math & Engineering Relay & RTU Design & Commissioning Risk Assessments Cybersecurity Design & Integration 2
  • 3. 3 Disclaimer •  Statements and opinions are my own which may or may not reflect that of my current employer. •  Statements are based on generalized observations of the industry and do not represent any particular entity or asset owner. •  Seek professional engineering assistance and vendor support prior to implementing or developing any of the capabilities discussed.
  • 4. 4 RISK Two Infrastructures ResidenAal Industrial Commercial Genera;on Transmission Distribu;on •  Physical •  Cyber Control Center DistribuAon Control Center RTOs/ISO
  • 5. 5 Assets What devices need to be protected? CommunicaAon ComputaAonal What has and/or ability and is used to ensure the safe, reliable, and con,nuous genera;on, transmission and delivery of electricity? Cybersecurity Implementation Challenge: How to maintain the Confidentiality, Integrity, and Availability of power system cyber assets? IEEE Std C37.240TM-2014, IEEE Standard Cybersecurity Requirements for Substation Automation, Protection, and Control Systems. •  Must not impede access and operation during legitimate activities. •  Must be technically, economically, and operationally feasible. Each protective measure
  • 7. 7 Assets •  What hardware is common across all devices? Engr, Tech, Operator Imported Applica;ons Library Vendor Applica;ons PAM Access/Login HMI Apache iproute2 Firewall pyPAM HTTP •  Do vendors write their own code? •  What 3rd Party soOware libraries & applica;ons are being used? Linux Kernel 19.5 million lines of code FUN-FACT
  • 8. 8 Power System Cybersecurity Implementa;on Who’s Responsibility is it? IT Dept. OT Dept. t -  SoXware to determine how power flows and when breakers open/closes -  Apache, Telnet, SSH, MySQL, FTP, LDAP, Embedded Linux, Windows, etc. -  Virtual power plants and protecAon relays, soXware defined networking -  SCADA in the cloud Present
  • 9. 9 OT Dept. VS => Adversarial Relationship Example 1: Annual Funding IT Dept. IT Manager Engineering ManagerNew Cyber Compliance Manager & Dept. Legal Team, Training, Audit Specialists No Change Power System Cybersecurity Implementa;on Who’s Responsibility is it? More Personnel and Resources Present
  • 10. Present 10 Cri;cal Cyber Assets Compliance HIGH MEDIUM LOW 15% 85% Protected Grid Cyber Security PROTECTED GRID? Cyber Assets (For US 80-90% grid’s cyber assets are out of scope for NERC-CIP) Source: Cybersecurity and the Evolving Role of State Regulation: How it Impacts the California Public Utilities Commission, California’s PUC Policy Paper Cybersecurity Implementation
  • 12. 12 IT Dept. OT Dept. VS => Adversarial Relationship Example 2: Implementation a) Securing laptops used by field personnel. Power System Cybersecurity Implementa;on Who’s Responsibility is it? Engineer “My company’s IT department has no idea I use this laptop… I wouldn’t be able to do my job if they did.” b) Securing edge devices (RTUs, relays, reclosers, etc.) Engineer Settings/Configurations Power P&C logic Cyber P&C logicIT Dept.? Present
  • 13. 13 Present Cybersecurity Design Implementation Entity’s 1st Audit v3 Audit revealed over half of the system’s firewalls were misconfigured. •  Typically the current approach is to use network firewalls and call it a day. •  Cybersecurity is an afterthought that ends up being “bolted on” only for compliance. 3 General Types of Firewall Packet Filtering | ApplicaAon-Proxy Gateway | Stateful InspecAon •  Some can be bypassed by spoofing network layer data •  All are based on soXware CVE-2016-**** The password-sync feature on [firewall vendor’s] switches sets an SNMP community to the same string as the administrator password, which allows remote attackers to obtain sensitive information by sniffing network.
  • 14. 14 What drives cybersecurity in the industry today? Compliance What will drive cybersecurity in the industry tomorrow? Hopefully, engineering and best practices. Goal Cyber Security Present
  • 15. Future 15 Cyber Infrastructure (Computation & Communication) Protection and Control of the Modernized Grid Physical Infrastructure (Flow of Power) Inputs: Currents, Voltages, Impedance, Status (open,close, lockout) Output: Open/Close Bkr, +/- Vars, Inputs: Topology, traffic flows, deep packet inspection, communication state, state of physical power system Output: NOTHING!
  • 16. Future 16 What will drive cybersecurity in the industry tomorrow? Hopefully, engineering and best practices. American Engineers' Council for Professional Development defines Engineering as: "The creative application of scientific principles to design or develop …." Major Hurdles Power System Cybersecurity & Cyber Resiliency Hurdle 1: Labeling of everything as Restricted, Classified, or Sensitive Requires Verifiable Evidence & Repeatable Tests Administrator 1.  Joe 2.  Alice Example Compliance/Legal depts. stops engineer from discussing what works and what doesn’t at technical industry conference. Negative Side Effects •  Industry slow to advance and therefore slow to defend. •  Engineers are not aware of solutions/approaches resulting in the assumption that security is not feasible. •  Approach is really security through obscurity.
  • 17. Future 17 What will drive cybersecurity in the industry tomorrow? Hopefully, engineering and best practices. Major Hurdles Hurdle 2: Viewing cybersecurity as only defending against malicious actors. Power System Cybersecurity & Cyber Resiliency Recall Cybersecurity: “The facet of reliability that relates to the degree of certainty that a cyber device or system will not operate incorrectly.” *** *** *** *** -2015 Firmware Update Summary: Corrected an issue where the meter restarted or stopped opera;ng during file transfers in the presence of a saturated network CVE-2013-**** DNP3 vulnerability causes a denial of service (driver crash and process restart) via a oddly crafted DNP3 TCP packet. State Machines Testing all states (known and unknown) QA Challenge Inputs, process, memory
  • 18. Future 18 What will drive cybersecurity in the industry tomorrow? Hopefully, engineering and best practices. Major Hurdles Hurdle 3: Viewing power system cybersecurity as only an IT issue for the IT dept. Power System Cybersecurity & Cyber Resiliency Operations Design Implementation Maintenance Implementation Cyber Risk Assessment Requires input from power system engineers and an understanding of how each device is fundamentally being used to control and/or monitor. Examples •  Testing changes prior to field installations •  Applying patches/updates in energized systems •  Does device support cyber feature? •  Same logic and vendor software used for relay P&C is used for cyber •  Cybersecurity checkout & commissioning •  What is considered normal in the control system application? •  Real-time cyber-physical system event modeling and contingency analysis
  • 19. Future 19 RISK = (Threat) x (Probability) x (Impact) Example: Alter soXware on Smart Inverter Probability Impact Cyber Source: h1p://acesolar.co.uk/services/solar-pv-panels/ •  Cloud based management •  Code on device to detect faults •  Regulates energy flows Commercial or Residential •  Installed in untrusted network •  Who is responsible for cybersecurity •  Security issues associated with communicaAng back up to connected grid.
  • 22. Future 22 What will drive cybersecurity in the industry tomorrow? Hopefully, engineering and best practices. Major Hurdles Hurdle 4: Documenting IED & System level cybersecurity capabilities Power System Cybersecurity & Cyber Resiliency Relay Design Engineer Relay Settings Engineer Cyber Design Engineer Cyber Settings Engineer •  Design protective relaying functions based on operational requirements and equipment ratings •  Design protective cyber functions based on operational requirements and capabilities of devices •  Programming of relaying and other devices based on relay design specification •  Programming of relaying and other devices based on cyber design specification
  • 23. Future 23 What will drive cybersecurity in the industry tomorrow? Hopefully, engineering and best practices. Major Hurdles Hurdle 4: Documenting IED & System level cybersecurity capabilities Power System Cybersecurity & Cyber Resiliency Relay Design Engineer Cyber Design Engineer Relay Operational One-Line Cyber Operational One-Line ANSI /IEEE Standard C37.2 Standard for Electrical Power System Device Function Numbers, Acronyms, and Contact Designations IEEE Standard ***** for Electrical Power System Cyber Device Function Numbers, Acronyms, and Contact Designations 21 - Distance Relay 27 – Undervoltage Relay 32 – Directional Relay 50 – Instantaneous Relay 51 – AC Time Overcurrent Relay 52 – AC Circuit Breaker 59 – Overvoltage Relay 64 – Ground Detector Relay 87 – Differential Protective Relay c48 – Firewall Type: Application Gateway c49 – AAA Server c50 – Role based access control c51 – Report cyber events to master c52 – Cyber-event concentrator (RTU) c53 – Cyber-event converter, (e.g. DNP -> Syslog) (RTU) c54 – Log cyber-events locally c56 - Antivirus c57 – Enable host firewall c58 – Intrusion detection c59 – Intrusion prevention c60 – Web access c61 – Application whitelisting c62 – Email alerts c63 – Network DoS detection c90 – CPU & RAM Differential over Δt w/o protection event c100 - Cyber lockout, revoke all remote control Common c64 – Network encryption c65 – HD encryption c66 – HTTPS c67 – SSH c68 – Telent c69 – Active port detection c70 – NSM/IDS with Protocol DPI EXAMPLE Maybe one day…?
  • 24. Future 24 What will drive cybersecurity in the industry tomorrow? Hopefully, engineering and best practices. Major Hurdles Hurdle 4: Documenting IED & System level cybersecurity capabilities Power System Cybersecurity & Cyber Resiliency Cyber Design Engineer Cyber Operational One-Line c50 – Role based access control c51 – Report cyber events to master c52 – Cyber-event concentrator (RTU) c53 – Cyber-event converter, (e.g. DNP -> Syslog) (RTU) c54 – Log cyber-events locally c56 - Antivirus c57 – Enable host firewall c58 – Intrusion detection c59 – Intrusion prevention c60 – Web access c61 – Application whitelisting c62 – Email alerts c63 – Network DoS detection c90 – CPU & RAM spike over Δt w/o protection event c100 - Cyber lockout, revoke all remote control Potential Benefits •  Universally understood •  Procurement: can the device do c** •  (Scoping, Designing, Commissioning) •  Multiple vendors, contractors, integrators •  Maintenance •  What devices require signature updates •  Identify failed cyber component •  Incident Response •  What devices saw the event •  What devices recorded the event •  What devices were impacted •  What device failed to alarm or take action •  Saves time and money •  Prevents extended operational downtime c64 – Network encryption c65 – HD encryption c66 – HTTPS c67 – SSH c68 – Telent c69 – Active port detection c70 – NSM/IDS with Protocol DPI