2. ► Smart Grid Overview
► The Problem
► Challenges
► Solutions
OVERVIEW
3. ► IP Networking of the Electrical
Power Network
► Substations, distribution network, transmission
networks, smart meters, homes/businesses
► Worldwide Investment
► Biggest upgrade to electrical power infrastructure in many years
► $3.4B of US Stimulus funds toward electric grid projects
► Clear Return on Investment
► Real time measurement of power consumption allowing better
coupling of generation to usage
► Remote adds/disconnects, meter reading, etc.
WHAT IS THE SMART GRID?
5. ► Networking Power Production
and Distribution Infrastructure
► NERC-CIP – Federal Critical Infrastructure protection
► IEC 61850 – How do you network Infrastructure
► IEEE 1613 – Environmental requirements for
Substations
► Smart Meters
► Allow real time power measurement and
remote disconnect / reconnect
► Home / Corporate Networks
► Gateway to electric power devices inside home
or corporation
SMART GRID COMPONENTS
7. ► It’s obvious that we want a secure
Smart Grid
► Who wants hackers to
turn off the power?
► The attacks are evolving faster
than the current security solutions
► Energy companies and traditional
electrical equipment vendors are not
exactly security experts
THE PROBLEM
8. ► The problem is similar to what enterprises face today
► But the consequences of an attack are much greater
► Internet attacks where credit cards are
stolen or corporate data is compromised
are troublesome
► But they don’t cause people to die
► Attacks on the power infrastructure
have consequences ranging from
► Turning off the power
► Disruption of traffic and transportation systems
► Killing people by turning off life support in hospitals
THE PROBLEM (continued)
9. 41% of
Incidents
reported and
investigated in
2012 were
Energy related
(82 out of 198)
US DHS INDUSTRIAL
CONTROL SYSTEMS
CERT 2012 REPORT
( http://www.us-cert.gov/control_systems/pdf/ICS-CERT_Monthly_Monitor_Oct-Dec2012.pdf )
12. ► Hard Exterior, Soft Interior model
► Firewalls around the edges
► VPNs between devices and management/data centers
► This isn’t adequate
CURRENT SMART GRID
SECURITY
13. ► USB is a very common attack vector
► STUXNET was initially spread by infected
USB sticks
► Connection to the Internet isn’t the only
attack vector
USB STICK ATTACKS
14. ► Remote control of
High Voltage
Switches
► Talking to one vendor
at a power tradeshow
► “we use passwords to
secure the access”
► That’s going to
work…
WiFi CONTROLLED
SWITCHES
15. ► ICSA-12-354-01—RUGGEDCOM
► Hard-coded RSA SSL private key identified in RuggedCom’s
Rugged Operating System (ROS).
► ICSA-12-243-01 GARRETTCOM
► The Magnum MNS-6K Management Software uses an
undocumented hard-coded password
► ICSA-12-214-01 SIEMENS
► Siemens Synco OZW devices are shipped with a default
password protecting administrative functions
EQUIPMENT WITH DEFAULT
ACCESS
17. ► Hard Exterior / Soft Interior model is not adequate
► Attacks will come from the inside
► Broad and dynamic security measures are needed
► Malware detection
► IPS to inspect control protocols
► Anti-Bot software
► Antivirus and Anti-Malware on all control computers
► Dedicated and general purpose
► Maybe using Windows (especially XP) for controllers isn’t a good
idea
► Frequent updates of software and signatures is critical
► Security awareness of staff needs to be improved
WHAT NEEDS TO BE DONE
18. ► The Smart Grid is the IP
Networking of the
electrical power network
► Current approaches to
Smart Grid security are
not adequate
► Broad and dynamic
security measures are
needed
SUMMARY
