Power station monitoring and cyber security


Published on

Published in: Technology, Business
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Power station monitoring and cyber security

  1. 1. Improving Power PlantMonitoringAn essential step in improvingpower plant efficiency andoperational performance
  2. 2. Trends for Equipment MonitoringFor over a decade a wide range of equipment inpower plants have been connected to specialistmaintenance engineers at equipment suppliers bythe Internet and other communication networks.Monitoring equipment located throughout the plantis linked to the power plant’s operating systems -continually monitoring the performance and statusof the equipment.
  3. 3. Extract from GE Brochure ofPower Plant MonitoringWhen equipment starts to deviate from normaland efficient operating parameters a warning willbe displayed in the power plant’s control room –and in many cases an email or other alertcontaining data is dispatched to the appropriatemaintenance staff [who may be working with theequipment suppliers].The maintenance engineers and equipmentsuppliers could be based in different countries orother global regions.
  4. 4. These alerts could prompt immediate action andmaintenance – which could avoid an unplannedoutage of the equipment [and possibly the whileplant].These new systems have led toimprovements in plant operational efficiencyand performance – and should be consideredas an essential component of a clean coaltechnology strategy.
  5. 5. Monitoring and IT Systems evolveNew and evolving networks and software canallow far greater degrees of integration of:• Plant databases,• Real-time equipment operating performancedata,• Enterprise social networks (including onlinechats and/or voice mail on desktop and mobilesystems],• As well as many other bespoke features (suchas specialist Apps).
  6. 6. An example of these new evolving systems isChatter – developed by the IT companySalesforce.comThese interactive systems can allow significantimprovements in plant efficiency and operatingperformance.Chatter and other similar systems are beingrapidly adopted by many thousands of companieseach year.But linking all these features via the Internet alsocreates a new potential threat for power plant andgrid system operators – Cyber Security.
  7. 7. Cyber SecurityA key issue for all powerplants and grid systems
  8. 8. Hackers at work?Hackers can be based inany country. They canhave several goals –such as causingmalicious damage tocomputer systems or theyattempt to steal valuableintellectual property [IP].Are your plant andnetworks vulnerable toa cyber attack?
  9. 9. A computer virus attacked a turbine controlsystem at a US power company when atechnician unknowingly inserted an infected USBcomputer drive into the network, keeping a plantoff-line for three weeks, according to a reportposted on a US government website.The [US] Department of Homeland Security[DHS] report did not identify the plant but saidcriminal software, which is used to conductfinancial crimes such as identity theft, was behindthe incident.It was introduced by an employee of a third-party contractor that does business with theutility, according to the agency.October 2012 US PowerPlant Incident
  10. 10. The DHS reported the incident on itswebsite, which occurred in October 2012 - alongwith a second incident which involved a moresophisticated virus.This report was released to coincide with a high-profile cyber crime conference held in Miami [S4]to review emerging threats against powerplants, water utilities and critical infrastructure.In addition to not identifying the plants, the DHSdeclined to say where they are located.The report did not say who the DHS believedwas behind the sophisticated virus or if it wascapable of sabotage.The DHS uses the term "sophisticated" todescribe a wide variety of malicious softwarethat is designed to do things besides commitroutine cyber-crimes. They include virusescapable of espionage and sabotage.
  11. 11. It is worth noting that the infamous Stuxnet viruswas delivered to its target in Iran via a USB drive.Attackers use that technique to place malicioussoftware on computer systems that are "airgapped" or cut off from the public Internet.
  12. 12. Antiquated Softwareand Aging SystemsRecent surveys have also highlighted the factthat many critical infrastructure control systemsrun on Windows XP and Windows 2000 -operating systems that were designed more thana decade ago.Some Internet-linked equipment still has nocyber protection at all.Many systems still have "auto run" features –which are enabled by default. This makes theman easy target for infection - because malicioussoftware loads as soon as a USB is plugged intothe system unless operators have changed thatsetting.
  13. 13. ShodanThe search engine Shodan [Sentient Hyper-Optimized Data Access Network] has beendeveloped to identify a huge range of deviseslinked to the web and their vulnerabilitySee: http://www.shodanhq.com/
  14. 14. US To Take More ActionPress Release from:[US] Federal Energy Regulatory Commissionhttps://www.ferc.gov/FERC Proposes to Adopt New Cyber SecurityStandards18th April 2013The Federal Energy Regulatory Commission(FERC) moved to strengthen the cybersecurity of the bulk electric system today witha proposed rule that would extend the scopeof the systems that are protected by cybersecurity standards.The proposal, submitted in January 2013 by theNorth American Electric Reliability Corporation(NERC), constitutes version 5 of the CriticalInfrastructure Protection Reliability Standards, orCIP standards. The proposal is intended toimprove the security posture of responsibleentities and represents an improvement in theCIP standards.
  15. 15. The proposal includes 12 requirements withnew cyber security controls that addressElectronic Security Perimeters, Systems SecurityManagement, Incident Reporting and ResponsePlanning, Recovery Plans for BES CyberSystems, and Configuration ChangeManagement and Vulnerability Assessments.It also would use a new, tiered approach toidentifying and classifying bulk electric systemcyber assets that is a step toward applying CIPprotections more comprehensively to betterassure protection of the bulk electric system.The Commission is seeking comment on certainlanguage in the proposed CIP version 5Standards to alleviate concerns regarding thepotential ambiguity and, ultimately, enforceabilityof the proposed Standards.NERC is the FERC-certified Electric ReliabilityOrganization for the bulk electric system.Comments on the proposed rule are due 60 daysafter publication in the Federal Register.
  16. 16. Are your power plants andnetworks safe?