Smart grids is an added communication capabilities and intelligence to traditional grids,smart grids are enabled by Intelligent sensors and actuators, Extended data management system,Expanded two way communication between utility operation system facilities and customers,Network security ,National integration ,Self healing and adaptive –Improve distribution and transmission system operation,Allow customers freedom to purchase power based on dynamic pricing ,Improved quality of power-less wastage ,Integration of large variety of generation options.
We have seen the more complex and critical infrastructure the more vulnerable they are. From the Year of 1994 we have seen lots of incidents where SmartGrid were Hacked the latest and booming incident was Stuxnet Worm which targeted Nuclear Power System of Iran and Worldwide.There are different types of Attacks we will see. Security needed for Smart Grid.
What‟s a “Smart Grid?” Smart Grid is a developing Network of new Technologies, equipment, and controls working together to respond immediately to our 21st Century demand for electricity. Technology Used Integrated Communication Sensing Smart Meters Phasor Measurement Units Advanced Components Advanced Control Decision Support System Smart Power Generation
Another View – Smart Grid Communications Network Sensors Regulatory Policy and and Rule- making Grid Control Enhanced Plug In Electric Flexibility & Control Congestion Hybrid Vehicles Management Guided By… DistributedAnd Renewable Energy Energy SGCN Results… Efficiency Demand Response Supported By… Data, Analytics, and Information Smart Meters and Communications Security Open and Ubiquitous New Communication Devices Voltage and Systems Stability Generation Custom Applications Enterprise Integration
Evolution of Electrical Utility Risks PAST PRESENT NEAR FUTURE HARD-WIRED CONTROL SCADA / RF ENABLED SMART GRID / RF PERVASIVE Most controls are “hard Intense financial Control inside-the-home of all wired” AND require pressure to reduce appliances manual intervention staffing; hence more Wide use of 802.x, ZigBee, X10 “remote” RF methodologies Lesser public availability of RF Computerization and RF Uncertain Software Provenance, devices control common in all Packaged Code and Offshore industries Development Zero-Day Attacks Little capability for damage to or financial Project implementation Increased organized crime/ benefit from RF attacks excellence not always terrorist focus followed by outstanding Cost-plus charging – “If security operations Potential for damage to, and we need it, we‟ll do it! If “net” theft by, every customer we can‟t do it, we‟ll buy SCADA hacking can it!” cause Revenue/Risk Asymmetry for „ “wholesale” damage each customer Clear regulatory and to neighborhoods and Transition to IP and Windows financial landscape equipment “Monoculture” for RF devices Uncertain regulatory, Increased public and regulatory audit, and liability Scrutiny landscape
Overview of Cyber Security – Threats Admin Operator Perform SQL Admin ARP Scan EXEC Opens Email Send e-mail with Malware with malware Acct Operator Internet4. 1. Hacker sends anan ARP (Address Hacker performs e-mail with malware Resolution Protocol) Scan Master 2.E-mail recipient opens the e-mail and the DB5. Once the Slaveinstalled quietlyfound, hacker malware gets Database is 3. Using the information command sends an SQL EXEC that malware Slave Database gets, hacker is able to take control of the e-6. Performs another ARP Scan RTU mail recipient‟s PC!7. Takes control of RTU Example from 2006 SANS SCADA Security Summit, INL
Overview of Cyber Security – Threats Cyber Penetration Attacker Communications Controls the Performs Network (WAN) Head End Remote AMCCAttacker Disconnect (Advanced Metering Control Computer) Communications Network (WAN) Retailers 3rd Parties AMI WAN AMI WAN AMI WAN Data Management Systems (MDM/R) U N IV ER S IT Y Example from AMRA Webinar, Nov ’06 “The Active Attacker”
Cyber Security Challenges The challenge is complex and continuously changing Legacy systems need to be protected Number and geographic location of end points Relationship to physical security Systems are 7x24 and critical The human element / social engineering
Cyber Solutions - Defense in Depth Perimeter Protection Firewall, IPS, VPN, AV Host IDS, Host AV DMZ Physical Security Interior Security Firewall, IDS, VPN, AV Host IDS, Host AV IEEE P1711 (Serial Connections) NAC Scanning IDS Intrusion Detection System IPS Intrusion Prevention System Monitoring DMZ DeMilitarized Zone Management VPN Virtual Private Network (encrypted) Processes AV Anti-Virus (anti-malware) NAC Network Admission Control
Physical Layer Security Natural Disasters Snow Storms Hurricanes Solar Flares Geomagnetic Storms Earthquakes Flooding Volcanoes Recognize that Location of the Smart Grid Components Can Be Affected by the Surrounding Environment
Physical Layer Security (2) Steal the Meters – Sell the Devices RESPONSE: METER “LAST GASP” ALERTS WHEN DISCONNECTED
Physical Layer Security (3) Tamper with the Meter Cause Meter to Stop Reading - Disconnect Cause Meter to Mis-Read (or Reverse) Inject Malware Modify Encryption Modify Authentication Mechanism • July 2009 – Black Hat Conference • IOActive, Seattle InfoSec Firm • Proof of Concept – 24 Hours Caused 15,000 of 22,000 Home Smart Meters Taken Over by Malware/Worm
Physical & Cyber Opening the Meter Accessing Exposed Ports and Connectors Intercept Data Between Microcontroller and Radio Infrared Port Attack/Hack
Cyber Layer Security The Biggest Opportunity for Trouble “The Last Mile” Issues Remember – Added Complexity Causes Concerns
“Last Mile” Broadband Power Line Systems Power Line Carrier Systems Public Switched Telephone Network (PSTN) Cat5/6 Network Connection Radio Frequency WiMax ZigBee 6LoWPAN 802.11x Cellular (CDMA/EVDO, GSM, LTE)
Cyber Attacks Remember C I A Confidentiality Attacks Reading, “Sniffing” the data Integrity Attacks Changing the Data Availability Attacks Denial of Service – Prevent Use of Service
Confidentiality Attacks Buffer Overflow Inject Data that is too “Big” for the Meter/System Predominantly Caused by Bad Software Development Snooping / Sniffing Reading / Capturing the Data between Meter and Collector and Vice Versa Also Internal to Meter Between Microcontroller and Radio A Reason for Encryption – “Cleartext is Bad” Hacking the Encryption Some Protocols Easy to Break Causes – Weak Keys, Weak Protocols, Weak Initialization Vectors Man-in-Middle Attack “Bit Flipping” Attacks (Weak Integrity Functions) Breaking Into Password Storage on Devices “Race Condition” Exploits A race condition is of interest to a hacker when the race condition can be utilized to gain privileged system access.
Integrity Attacks Key: Change the Data Replay Attacks (Man-in-the- Middle) Why? Change the Bill (Up or Down) Modify Usage Data Use Data for Fraud Use as Alias “Gee Officer, I wasn‟t home that night!”
Availability Attacks Denial of Service (DoS) Attacks Examples: Georgia Cyber War, Estonia Cyber War Spoofing Pretending You are Another Meter Meter Authentication Weaknesses Manipulate Meter to Collector Or Manipulate Collector to Meter Name Resolution Attacks Meter Name Cache Poisoning Denial of Service Attacks Against DNS Servers Reroute Meter Traffic to Another Meter or Collector or Network Hold Ransom Before Super Bowl? Over a Community/Neighborhood? Wartime Reserve Chipset Backdoor “Pre-Attack” in Smart Meters http://www.aclaratech.com/AclaraRF/PublishingI mages/starsystem_th.jpg
Privacy Attacks (2) Determine Lifestyles Determine Best Time to Rob Use Info to “Sell” Services (e.g., “I‟m here to fix your broken refrigerator, Ma‟m!) http://www.baystatetech.org/graphics/major-app.jpg
STORAGE ISSUES A Paradigm Shift Microsoft Clip Art Online www.smartgridnews.comToday’s Environment The Future Smart GridAnalog Meters or Simple Digital Meters “Smart” Digital Meters & “Smart”Manually Read or Use “Drive By” Reading SensorsRead Monthly (or Less Frequently) Automatic Reading Read Every ~15 Minutes or MoreMinimal Data Accumulation FrequentlySimple Data Fields – KWH Used Since “Data Avalanche!” – Numerous DataLast Reading Fields and Classes www.smartgridnews.com Circuit Breaker Relays – ENHayden ENHayden - Used -- Used with with Permission Permission
Storage ConsiderationsCosts for More Data Centers and StorageError HandlingData Analytics and Business Intelligence ResourcesSecurity of Data – Static and Dynamic…Stored or in TransitPrivacy of Data – Consider EU Privacy LawsConsumer Education RequirementsAuditing, Reporting, Regulatory Impacts
What To Do? #1: DON‟T GIVE UP! #2: DON‟T IGNORE THE THREATS! #3: LEARN AND STUDY – DO THREAT MODELING #4: INCLUDE SECURITY, IT, UTILITY OPERATIONS IN PLANNING AND SOLUTION DEVELOPMENT #5: WORK WITH SECURITY EXPERTS & CONSULTANTS #6: ASK HARD QUESTIONS #7: BUILD DEFENSE-IN-DEPTH IN EVERY PHASE OF YOUR SMART GRID SOLUTION #8: INCIDENT RESPONSE SET UP, PRACTICED #9: STORAGE – PLAN, IDENTIFY CONTINGENCIES, LOOK OUTSIDE THE BOX #10: INCLUDE SECURITY EARLY, OFTEN