 Dr. Vivek Chandra, Head IT vivekchandra123@gmail.com Dr. Ashok Kumar Tiwari, EE (RAPDRP)ashokktiwari@gmail.comMPPKVVCL ...
S.No.Particulars1 East Discom in MP as a typical Indian Power DistributionUtility & prevailing IT systems prior to R-APDRP...
3© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
 MP East Discom wasformed after theunbundling oferstwhile MP StateElectricity Board inJuly’02.4© vivek chandra and ashok ...
The major applications deployed included: Consumer Bill Generation System Financial Accounting System Stores Management...
6© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
S.No.Name ofApplicationArchitecture OfficewheredeployedNo. oflocations.1. Billing System (HT) Distributed RAO 6 Nos.2. Bil...
8© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
 Power Sector in the country suffers a loss of over 35% onaccount of AT&C losses. To curtail these losses R-APDRP scheme...
Establishment of IT Infrastructure for determination ofbaseline data of AT&C losses.Reduction of AT&C lossesFocus on syste...
11© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
 Creation of Centralized Consumer Care Centre. Setup of Data Centre at Jabalpur. Setup of a Centralized Control Centre ...
 Considering thelimited modulescoverage under R-APDRP the Companydecided to procure thesame through ERP .  It was decide...
Particulars R-APDRP ERP1. Extent 27 towns havingpopulation above30,000.All offices up to distribution Centres i.e500+ loca...
3. Network Architecture Post R-APDRP& ERP15© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
16© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
 DMZ stands for "demilitarized zone“. The purpose of a DMZ is to add an additional layer ofsecurity to an organizations ...
 The VPN Users who have been provided thefirewall authentication (VPN username andpassword) can access the entire MPLS ne...
19© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
Proxy: A proxy takes requests from aninternal network and forwards them to theInternet To keep machines behind itanonymous...
21© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
22© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
23© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
24© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
25© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
 Creation of sizable amount of IT Infrastructure. Built of great amount of data. Convergence of GIS, AMR , SCADA and CC...
27© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
 Introduction of malicious code such as viruses,Trojan horses, and worms. Interception and tampering of data. Denial of...
5. Security Measures adopted atvarious levels.29© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
30PhysicalSecurityFire &SmokeRedundant PowerSupplyData BackupClosed CircuitCamerasSmokeDetectorsRedundant Power Supply SAN...
 Network virtualization is a method of combining theavailable resources in a network by splitting up theavailable bandwid...
 Identity Access Management Blocking use of CD Drives and Pen Drives Anti-virus software is installed and enabled on al...
 Role based Access Control. Audit trail and Real time Monitoring Logs. Administrator and operator logs. Communication ...
 Internet access is given to users who have legitimateneed. Following kind of access can be provided to usersto restrict ...
6. Conclusion.35© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
 As technology advances, so does the associatedthreats and risks. There is no panacea against all potential threats. It...
37© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
Upcoming SlideShare
Loading in …5
×

Information Security in Electrical Power Distribution

1,068 views

Published on

Published in: Education, Technology, Business
  • Be the first to comment

Information Security in Electrical Power Distribution

  1. 1.  Dr. Vivek Chandra, Head IT vivekchandra123@gmail.com Dr. Ashok Kumar Tiwari, EE (RAPDRP)ashokktiwari@gmail.comMPPKVVCL Jabalpur1© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  2. 2. S.No.Particulars1 East Discom in MP as a typical Indian Power DistributionUtility & prevailing IT systems prior to R-APDRP.2 Launch of R-APDRP & ERP in the Discom.3 Network Architecture Post R-APDRP & ERP4 Vulnerability of the new system and Potential Threats toSecurity.5 Security Measures adopted at various levels.6 Conclusion2© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  3. 3. 3© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  4. 4.  MP East Discom wasformed after theunbundling oferstwhile MP StateElectricity Board inJuly’02.4© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  5. 5. The major applications deployed included: Consumer Bill Generation System Financial Accounting System Stores Management System Payroll System.5© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  6. 6. 6© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  7. 7. S.No.Name ofApplicationArchitecture OfficewheredeployedNo. oflocations.1. Billing System (HT) Distributed RAO 6 Nos.2. Billing System (LT) Distributed Circle/Dn 29 Nos.3. StoresManagementSystemDistributed Area Stores 5 Nos.4. FinancialAccounting SystemDistributed RAO 6 Nos.5. Payroll System Distributed RAO 6 Nos.7© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  8. 8. 8© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  9. 9.  Power Sector in the country suffers a loss of over 35% onaccount of AT&C losses. To curtail these losses R-APDRP scheme was launched byGoI to reform Distribution Sector during XITHplan. The scheme intends to cover urban areas i.e. towns and citieswith population above 30,000 (10,000 in case of specialcategory states).Projects under the scheme is in Two Parts. Part-A covered IT applications in distribution sector Part-B covered System improvement, strengtheningand augmentation etc.9© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  10. 10. Establishment of IT Infrastructure for determination ofbaseline data of AT&C losses.Reduction of AT&C lossesFocus on system reliability and customer satisfactionAchieve operational efficiency through IT enablement10© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  11. 11. 11© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  12. 12.  Creation of Centralized Consumer Care Centre. Setup of Data Centre at Jabalpur. Setup of a Centralized Control Centre at Jabalpur. Setup of Data Recovery Centre at Bhopal. All offices located in select 27 towns connectedthrough MPLS network .12© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  13. 13.  Considering thelimited modulescoverage under R-APDRP the Companydecided to procure thesame through ERP .  It was decided toimplement the solutionacross all offices upthe level ofDistribution Centres. The Project has beenlaunched in 2011.R-APDRP ERP1 Metering, Billing &CollectionProcurement &MaterialManagement2 MaintenanceManagementProject Systems3 AssetManagementHuman ResourceManagement4 Email Solution FinancialAccounting13© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  14. 14. Particulars R-APDRP ERP1. Extent 27 towns havingpopulation above30,000.All offices up to distribution Centres i.e500+ locations.2. Connectivitythrough MPLSThrough MPLSNetwork only(Primary as well assecondary)Through MPLS Network3. ConnectivityThroughInternetNot provisioned Yes, The VPN Users(Around 500 No.who have been provided the firewallauthentication (VPN username andpassword) shall be able to access theentire MPLS network. Normal Internetusers shall access the applicationthrough Reverse Proxy.14© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  15. 15. 3. Network Architecture Post R-APDRP& ERP15© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  16. 16. 16© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  17. 17.  DMZ stands for "demilitarized zone“. The purpose of a DMZ is to add an additional layer ofsecurity to an organizations local area network (LAN). An external attacker only has access to equipment inthe DMZ, rather than any other part of the network. A DMZ configuration typically provides security fromexternal attacks.17© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  18. 18.  The VPN Users who have been provided thefirewall authentication (VPN username andpassword) can access the entire MPLS network. Normal Internet users shall access the applicationthrough Reverse Proxy. Reverse proxy fetchesthe information from internal network. These usersshall require login and passwords of application.As per requirements only some forms/reports areexposed to internet.18© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  19. 19. 19© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  20. 20. Proxy: A proxy takes requests from aninternal network and forwards them to theInternet To keep machines behind itanonymous, mainly for Security.Reverse Proxy receives requests fromthe Internet and forwards them to servers inthe internal network. This is for Security ofInternal Network.20© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  21. 21. 21© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  22. 22. 22© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  23. 23. 23© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  24. 24. 24© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  25. 25. 25© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  26. 26.  Creation of sizable amount of IT Infrastructure. Built of great amount of data. Convergence of GIS, AMR , SCADA and CCC networks to asingle network. Creation of numerous interface points between heterogeneousnetworks which could prove potential weak links. Creation of a very large Intranet exposed to internet.26© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  27. 27. 27© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  28. 28.  Introduction of malicious code such as viruses,Trojan horses, and worms. Interception and tampering of data. Denial of service attacks. Web hacking. SQL Injection. Input Validation attacks.28© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  29. 29. 5. Security Measures adopted atvarious levels.29© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  30. 30. 30PhysicalSecurityFire &SmokeRedundant PowerSupplyData BackupClosed CircuitCamerasSmokeDetectorsRedundant Power Supply SAN StoragePermanent SecurityGuardsFireExtinguishersBackup power consists ofpower from two feeders,battery banks, and dieselgeneratorsTape LibraryUse of IdentityAccess CardsWater LeakageDetectorsTo prevent single points offailure, all elements of theelectrical systems, includingbackup systems, are typicallyfully duplicated.Replication ofData at SAN inData RecoverySite.Use of BiometricDevices like FingerPrint Recognition© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  31. 31.  Network virtualization is a method of combining theavailable resources in a network by splitting up theavailable bandwidth into channels. Each resource is independent from the other andeach of which can be assigned (or reassigned) to aparticular server or device in real time. Each channel is independently secured. Every subscriber has shared access to all theresources on the network from a single computer.31© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  32. 32.  Identity Access Management Blocking use of CD Drives and Pen Drives Anti-virus software is installed and enabled on allworkstations. Anti-virus definition are updated through Antivirusserver at Data Centre rather than individualmachine getting updated through internet.32© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  33. 33.  Role based Access Control. Audit trail and Real time Monitoring Logs. Administrator and operator logs. Communication through Asymmetric/ symmetrickey Cryptography Role Based Access Control Single Sign-on functionality33© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  34. 34.  Internet access is given to users who have legitimateneed. Following kind of access can be provided to usersto restrict misuse of internet: Use of Web Filter for Filtration of undesired web content. Throttling of bandwidth (to restrict the download speed) Use of Spam Filter for blocking of junk mails.34© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  35. 35. 6. Conclusion.35© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  36. 36.  As technology advances, so does the associatedthreats and risks. There is no panacea against all potential threats. It is for the utility to identify the treats, prioritizethem and identify the mitigation actions accordingto the risk involved and its affordability.36© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur
  37. 37. 37© vivek chandra and ashok kumartiwari MPPKVVCL Jabalpur

×