Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Defending a decentralized grid: Talking an energy revolution from OMNETRIC Group

17 views

Published on

New processes for DER management require integration and open systems

Published in: Business
  • Be the first to comment

  • Be the first to like this

Defending a decentralized grid: Talking an energy revolution from OMNETRIC Group

  1. 1. Copyright ©2018 OMNETRIC. All rights reserved. OMNETRIC Unrestricted Information. Talking an energy revolution:Defending a decentralized grid
  2. 2. DER: Dispatchable and non-dispatchable resources on the grid, including demand response, distributed generation (solar, CHP, wind), electric vehicles, and storage technology. Energy efficiency and micro grids can also be considered to be DERs Harnessing the value of distributed energy resources Copyright ©2018 OMNETRIC. All rights reserved. OMNETRIC Unrestricted Information. Core distributed energy resource management
  3. 3. Integrating diverse energy systems into the main grid challenges operations and existing solutions Grid stability and reliability is under pressure Copyright ©2018 OMNETRIC. All rights reserved. OMNETRIC Unrestricted Information. Offshore wind parks Bidirectional power flow Unidirectional power flow Hydrogen storage Biogas CHP Small industrial gas turbine Pumped storage power plant Private solar Smart street Lighting Electrical vehicles Diesel generator Storage solutions Large scale PV plant Storage solutions
  4. 4. The security challenge isreal... Changing solutions Smart metering Demand response Micro-grids Distributed energy GIS integration EV and battery IT / OT integration Changing riskenvironment Ease of attacks Critical infrastructure attacks Ukraine, Aramco and many more Easily available tools Global attacks Pervasive technology Changing approach to cybersecurity Industry regulations (NIS, GDPR, SEC, BDEW,NERC- CIP) Customer requirements Contract liabilities Increased security testing Copyright ©2018 OMNETRIC. All rights reserved. OMNETRIC Unrestricted Information.
  5. 5. Our approach Understand threats and vulnerabilities Analyze risk Implementc ontrols to mitigaterisk Copyright ©2018 OMNETRIC. All rights reserved. OMNETRIC Unrestricted Information.
  6. 6. Understand threats and vulnerabilities We need to build defences aroundthecoresystemand technology that buildon the product securityfeatures These defencesinclude technical, process and organizational measures By implementing these defences, we provide all-round protection of the solution Copyright ©2018 OMNETRIC. All rights reserved. OMNETRIC Unrestricted Information.
  7. 7. Analyzerisks There is a riskthat A nation state breaches the core DERMS system via a softwarevulnerability A nation state breaches the core DERMS system via a softwarevulnerability A researcher obtains andcompromises a DERMSdevice A script-kiddie finds avulnerability A criminal breaches the communications network A network point iscompromised Resulting in They could use control of DERMS devices to disrupt the local grid or cause damage They could obtain the privatekeys for communicating with DERMSdevices They can inject commands into the core DERMS system via thenetwork Which allows them tosteal a copy ofthe DERMS database Which allows them tosteal a copy ofthe DERMS database A denial of serviceattack could interruptcommunications Likelihood M M M L M M Impact H M H M H H Copyright ©2018 OMNETRIC. All rights reserved. OMNETRIC Unrestricted Information.
  8. 8. Implement controls to mitigate risk: example1 There is a risk that A researcher obtains andcompromises a DERMSdevice So … There is little we can do to prevent a researcher obtaining thedevice but by selecting field equipment with good security measures we can make them more difficult tocompromise. Examples include ensuring no back- doors, being able to update software remotely and protected storage of encryption keys.Select manufacturers who can showthat they take securityseriously. Resulting in They can inject commands into the core DERMS system via thenetwork So … We can never be sure that a device can’t be breached so we should protect our core servers as if they were connected to an untrusted network such as theinternet. Next generation firewalls, intrusion detection and networksegmentation are all sensiblecontrols. Likelihood M NewLikelihood L Impact H NewImpact M Copyright ©2018 OMNETRIC. All rights reserved. OMNETRIC Unrestricted Information.
  9. 9. Implement controls to mitigate risk: example2 There is a riskthat A nation state breaches the core DERMS system via a softwarevulnerability So … We could reduce the likelihood by ensuring that servers are patched against known softwarevulnerabilities. So wecould Implement regular vulnerability scans to detect new-found vulnerabilities Implement a vulnerability management process that allows us to prioritise the important patches and mitigate risks when patches cannot be quicklyapplied Resulting in They could use control of DERMS devices to disrupt the local grid or cause damage So … We could improve our ability to detect and stop malicious activity Implement security monitoring that detects when unusual activity takes place, such as disconnectingdevices or making large scale changes Implement a monitoring processso if an issue is detected the right people are alerted and can take action to s top the attackquickly Likelihood M NewLikelihood L Impact H NewImpact M Copyright ©2018 OMNETRIC. All rights reserved. OMNETRIC Unrestricted Information.
  10. 10. OMNETRIC For more information contact: request@omnetric.com Copyright ©2018 OMNETRIC. All rights reserved. OMNETRIC Unrestricted Information. OMNETRIC is dedicated to helping energy providers reap the benefits of the digital energy system by integrating their energy operations with IT to support their business goals. Our global team of engineering, IT, security and data experts brings extensive industry experience to help customers discover and exploit data intelligence to capitalize on industry change, and realize new business models. Helping customers since 2014, we are an inventive, technology services company. For more, visit www.omnetric.com. OMNETRIC is a Siemens company.

×