SlideShare a Scribd company logo

Next Generation Scada Developing Advanced Security Monitoring & Threat Detection to deliver Cyber Resilience in OT Environments

Download as PPTX, PDF
Power System Operation
Power System Operation

This document discusses developing advanced security monitoring and threat detection for cyber resilience in operational technology (OT) environments. It outlines RSE's applied research on cyber security assessments for the electro-energetic sector. Topics covered include cyber challenges to the energy transition, European regulations, industrial control system cyber security analyses using security tools, advanced probabilistic models for anomaly detection and attack forecasting, and experimental platforms for security monitoring, anomaly detection and recovery. Machine learning and deep learning techniques are discussed for application to anomaly detection in OT environments.

Engineering
1 of 39
Threat Detection Developing Advanced Security Monitoring & Threat Detection to deliver Cyber Resilience in OT Environments
About RSE Applied research on the electro-energetic sector, experimental activities including Cyber Security experimental assessment January 2020, Berlin, Germany
Table of contents January 2020, Berlin, Germany • Cyber challenges to the energy transition • European Regulations • ICS cyber security analyses with state of art tools • Advanced probabilistic models for anomaly detection and attack forecast • Experimental platform for security monitoring, anomaly detection and recovery • Application of machine/deep learning to cyber anomaly detection
Cyber challenges to the energy transition The number of known attack groups increased from 140 in 2018 to 155 in 2019.6 [WEC] January 2020, Berlin, Germany
Attack to Ukrainian Grid - details • E‐ISAC | Analysis of the Cyber Attack on the Ukrainian Power Grid | March 18, 2016 January 2020, Berlin, Germany
NIS Directive EU 2016/1148 CHAPTER IV SECURITY OF THE NETWORK AND INFORMATION SYSTEMS OF OPERATORS OF ESSENTIAL SERVICES Article 14 Security requirements and incident notification 1.Member States shall ensure that operators of essential services take appropriate and proportionate technical and organisational measures to manage the risks posed to the security of network and information systems which they use in their operations. 2.Member States shall ensure that operators of essential services take appropriate measures to prevent and minimise the impact of incidents affecting the security of the network and information systems used for the provision of such essential services, with a view to ensuring the continuity of those services. 3.Member States shall ensure that operators of essential services notify, without undue delay, the competent authority or the CSIRT of incidents having a significant impact on the continuity of the essential services they provide. Notifications shall include information enabling the competent authority or the CSIRT to determine any cross-border impact of the incident. Notification shall not make the notifying party subject to increased liability.
Network Code on Cybersecurity [Euopean Commission, Smart Grid Task Force, Expert Group 2] January 2020, Berlin, Germany
Power System Resilience - Definition CIGRE WG C4.47 Reference Paper January 2020, Berlin, Germany
NIST Cyber Security Framework January 2020, Berlin, Germany
NIST Cyber Security Framework (cont.) • Functions and categories January 2020, Berlin, Germany
RSE Cyber Security Framework Research and InnovationFoundations Experiments ICT Simulators Power Simulators Standards Regulations Analysis methodologi es AI Algorithms Technologies January 2020, Berlin, Germany
RSE Cyber Security Framework (cont.) January 2020, Berlin, Germany
ICS cyber security analyses Field Network Corporate Network Control Network DMZ Network NIST 800-82 January 2020, Berlin, Germany
SecuriCAD based methodology • SecuriCAD tool by Foreseeti (SE) allows the evaluation of the TTC indicator (Time To Compromise); TTC represents the expected time an attacker would take to compromise every single asset in the modelled ICT infrastructure • Each asset on the model has specific attack steps associate with it that can be exploited to control the component, this is dependent on the type of asset and the values of the configured parameters • Pre-determined attack steps • Pre-defined attack step probability • Graphical interface
SecuriCAD architecture Field Network Corporate Network Control Network DMZ Network January 2020, Berlin, Germany
Attack path Attack graph Imperfect defenses SecuriCAD Attack Graph
Measure Success % in 10 days Success % in 20 days Success % in 50 days Δ% Vs Base line 10 days Δ% Vs Baseline 20 days Δ% Vs Baseline 50 days Firewall off 25% 38% 58% 19% 28% 36% Baseline (fw on) 6% 10% 22% - - - Baseline + Protocol security 5% 8% 21% -1% -2% -1% Baseline + Protocol sec + IDS 4% 7% 18% -2% -3% -4% Baseline + Protocol sec + IDS+IPS 3% 7% 20% -3% -3% -2% Baseline + Protocol sec + IDS+IPS + AC sec (no default pw) 2% 4% 12% -4% -6% -10% SecuriCAD Analyses
Probabilistic graphical models Bayesian Networks • based on real world knowledge and parameters • oriented to the power system • predictive and diagnostic analysis • for planning, assessment, detection, forecasting January 2020, Berlin, Germany
Analysis types planning • security measures • monitoring sensors setup detection • early detection of intrusions assessment • effectiveness of security measures • effectiveness of monitoring system forecasting • adversarial moves
20 Adversarial Tactics Techniques and Common Knowledge https://attack.mitre.org/
https://attack.mitre.org/ Attack process
Threat Detection Report 2019 - Red Canary ATT&CK technique leverage
Attack process to power control infrastructure Field Network Corporate Network Control Network DMZ Network Power Control Area Attack Graph IT Area Attack Graph 23
Methodological approach Attack Graph 24 Bayesian Network IT techniques • MITRE ATT&CK - scores based on attack groups, software, references OT techniques • US ICS-CERT Vulnerability Advisories - CVSS scores Analytics • events whose observation is significant to the security analyst • MITRE CAR + power domain specific
Predictive/Diagnostic Analysis 25 Detection: Importance of monitoring system security Planning /Assessment: Network specific risk assessment for defence planning Planning/ Assessment : Relevance of analytics in the planning of the monitoring system D. Cerotti, D. Codetta-Raiteri, L. Egidi, R. Terruggia, G. Dondossola, «Analysis and Detection of Cyber Attack Processes targeting Smart Grids», 2019 IEEE PES Innovative Smart Grid Technologies Europe (ISGT-Europe), September2019
Attack Emulation Detection tools Scenarios Demonstration & Evaluation Anomaly Detection Experiments January 2020, Berlin, Germany
Analysis and Correlation Detection of anomalies Alert Prevention/ Recovery SNMP Syslog Evidence Monitoring values Logs Collection January 2020, Berlin, Germany Detection and Response Process
Traditional IT detection • Transport layer • Information flow Context specific detection • Application level detection Syntactic vs semantic analysis Indicators Machine learning & Big Data approach Detection @ different layers January 2020, Berlin, Germany
RSE Power Control System Resilience Testing PCS-ResTest Lab January 2020, Berlin, Germany
Monitoring integrated platform RSE integrated platform supports IEC 62351 application examples January 2020, Berlin, Germany
Remediation Vulnerability & Threat Real Time Monitoring Event Analysis Threat intelligence January 2020, Berlin, Germany
Emerging platforms/applications Devices/algorithms/services January 2020, Berlin, Germany
NextGen Cyber Security Analyses New technologies = more cyber security opportunities January 2020, Berlin, Germany
Supervised • Expert-> Labelling -> Analysis -> Prediction Log/event analysis Selection of algorithm is based on the problem statement ‘’bad’’ ‘’good’’ ‘’good’’ Unsupervised • Clustering algorithms January 2020, Berlin, Germany Machine learning for anomaly detection
AI Machine learning Deep learning Deep learning • Multi layer • High level features from raw data • Artificial neural networks • “non linear” decision boundaries • Supervised, unsupervised or semi- supervised type of problems Bayesian belief networks • Inference and learning in Bayesian networks • Describe a multivariate distribution representing the relations between evidences and system status Machine Learning approach Anomaly detection Monitoring Evidences Logs
• Studies related to cyber anomalies/attack processes to power-digital infrastructures including IoT/Fog/Cloud platforms • Monitoring & Logging of IT/OT indicators • Attack emulations to power-digital infrastructures including IoT/Fog/Cloud platforms • Cyber anomaly detection with Machine and Deep Learning AI techniques applied to anomaly detection
• Simulation of power control schemes • Attack emulations • Cyber anomaly monitoring, detection, visualization, recovery (MDVR) platforms • Integration of IT/OT MDVR platforms in power control simulations • Evaluation of cyber resilient scenarios Resilience of Cyber-Power Systems
References 1. World Energy Council, “Cyber challenges to the energy transition”, 2019 2. E‐ISAC | Analysis of the Cyber Attack on the Ukrainian Power Grid | March 18, 2016 3. NIST Cybersecurity Framework Version 1.1, April 2018, https://www.nist.gov/cyberframework/framework 4. Smart Grid Task Force-Expert Group 2-Cybersecurity , «Recommendations to the European Commission for the Implementation of Sector-Specific Rules for Cybersecurity Aspects of Cross- Border Electricity Flows, on Common Minimum Requirements, Planning, Monitoring, Reporting and Crisis Management,» 2019 5. R. Terruggia, G. Dondossola, M. Ekstedt, “Cyber security analysis of Web-of-Cells energy architectures”, 5th International Symposium for ICS and SCADA Cyber Security Research 2018, Hamburg, August 2018 6. G. Dondossola, R. Terruggia, “Amonitoring architecture for smart grid cyber security”, Cigré Science and Engineering, February 2018 7. D. Cerotti, D. Codetta-Raiteri, L. Egidi, R. Terruggia, G. Dondossola, «Analysis and Detection of Cyber Attack Processes targeting Smart Grids», 2019 IEEE PES Innovative Smart Grid Technologies Europe (ISGT-Europe), September 2019 38
Thank you!

Recommended

Cybersecurity for Smart Grids: Technical Approaches to Provide Cybersecurity
Cybersecurity for Smart Grids: Technical Approaches to Provide CybersecurityCybersecurity for Smart Grids: Technical Approaches to Provide Cybersecurity
Cybersecurity for Smart Grids: Technical Approaches to Provide Cybersecurity
Leonardo ENERGY
 
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Leonardo ENERGY
 
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
Dale Butler
 
European smart grid cyber and scada security
European smart grid cyber and scada securityEuropean smart grid cyber and scada security
European smart grid cyber and scada security
Yulia Rotar
 
CYBER SECURITY IN THE SMART GRID
CYBER SECURITY IN THE SMART GRIDCYBER SECURITY IN THE SMART GRID
CYBER SECURITY IN THE SMART GRID
Siva Sasthri
 
Standards based security for energy utilities
Standards based security for energy utilitiesStandards based security for energy utilities
Standards based security for energy utilities
Nirmal Thaliyil
 
Cyber security of smart grid communication: Risk analysis and experimental te...
Cyber security of smart grid communication: Risk analysis and experimental te...Cyber security of smart grid communication: Risk analysis and experimental te...
Cyber security of smart grid communication: Risk analysis and experimental te...
sidhota
 
Third Party Security Testing for Advanced Metering Infrastructure Program
Third Party Security Testing for Advanced Metering Infrastructure ProgramThird Party Security Testing for Advanced Metering Infrastructure Program
Third Party Security Testing for Advanced Metering Infrastructure Program
EnergySec
 

Recommended

Cybersecurity for Smart Grids: Technical Approaches to Provide Cybersecurity
Cybersecurity for Smart Grids: Technical Approaches to Provide CybersecurityCybersecurity for Smart Grids: Technical Approaches to Provide Cybersecurity
Cybersecurity for Smart Grids: Technical Approaches to Provide Cybersecurity
Leonardo ENERGY
 
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Cybersecurity for Smart Grids: Vulnerabilities and Strategies to Provide Cybe...
Leonardo ENERGY
 
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
SMi Group's 4th annual European Smart Grid Cyber and SCADA Security conferenc...
Dale Butler
 
European smart grid cyber and scada security
European smart grid cyber and scada securityEuropean smart grid cyber and scada security
European smart grid cyber and scada security
Yulia Rotar
 
CYBER SECURITY IN THE SMART GRID
CYBER SECURITY IN THE SMART GRIDCYBER SECURITY IN THE SMART GRID
CYBER SECURITY IN THE SMART GRID
Siva Sasthri
 
Standards based security for energy utilities
Standards based security for energy utilitiesStandards based security for energy utilities
Standards based security for energy utilities
Nirmal Thaliyil
 
Cyber security of smart grid communication: Risk analysis and experimental te...
Cyber security of smart grid communication: Risk analysis and experimental te...Cyber security of smart grid communication: Risk analysis and experimental te...
Cyber security of smart grid communication: Risk analysis and experimental te...
sidhota
 
Third Party Security Testing for Advanced Metering Infrastructure Program
Third Party Security Testing for Advanced Metering Infrastructure ProgramThird Party Security Testing for Advanced Metering Infrastructure Program
Third Party Security Testing for Advanced Metering Infrastructure Program
EnergySec
 
Cyber security for smart grid
Cyber security for smart grid Cyber security for smart grid
Cyber security for smart grid
Krithika Muthusubramanian
 
Виталий Трахтенберг (Израиль), MER Group. Кейс по кибер-расследованию для одн...
Виталий Трахтенберг (Израиль), MER Group. Кейс по кибер-расследованию для одн...Виталий Трахтенберг (Израиль), MER Group. Кейс по кибер-расследованию для одн...
Виталий Трахтенберг (Израиль), MER Group. Кейс по кибер-расследованию для одн...
KazHackStan
 
Cyber security in power sector
Cyber security in power sectorCyber security in power sector
Cyber security in power sector
P K Agarwal
 
Smart Grid Security by Falgun Rathod
Smart Grid Security by Falgun RathodSmart Grid Security by Falgun Rathod
Smart Grid Security by Falgun Rathod
ClubHack
 
Smart Grid Security - Attack & Defense
Smart Grid Security - Attack & Defense Smart Grid Security - Attack & Defense
Smart Grid Security - Attack & Defense
NESslides
 
Le attività di RSE nell'ambito della cyber security nelle smart grid (Luciano...
Le attività di RSE nell'ambito della cyber security nelle smart grid (Luciano...Le attività di RSE nell'ambito della cyber security nelle smart grid (Luciano...
Le attività di RSE nell'ambito della cyber security nelle smart grid (Luciano...
Sardegna Ricerche
 
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...University of Southern California
 
Practical analysis of the cybersecurity of European smart grids
Practical analysis of the cybersecurity of European smart gridsPractical analysis of the cybersecurity of European smart grids
Practical analysis of the cybersecurity of European smart grids
Sergey Gordeychik
 
Cyber-Defensive Architecture for Networked Industrial Control Systems
Cyber-Defensive Architecture for Networked Industrial Control SystemsCyber-Defensive Architecture for Networked Industrial Control Systems
Cyber-Defensive Architecture for Networked Industrial Control Systems
IJEACS
 
Secure Decisions - Cyber Security Sensemaking
Secure Decisions - Cyber Security SensemakingSecure Decisions - Cyber Security Sensemaking
Secure Decisions - Cyber Security SensemakingAnita D'Amico
 
IRJET- A Study on: Wireless Sensing Network (WSN) Gas Leakage Detection S...
IRJET- A Study on: Wireless Sensing Network (WSN) Gas Leakage Detection S...IRJET- A Study on: Wireless Sensing Network (WSN) Gas Leakage Detection S...
IRJET- A Study on: Wireless Sensing Network (WSN) Gas Leakage Detection S...
IRJET Journal
 
Hazardex 2018 when safety met security
Hazardex 2018 when safety met securityHazardex 2018 when safety met security
Hazardex 2018 when safety met security
Rob Turner
 
Analytics for Smart Grid Cyber security
Analytics for Smart Grid Cyber securityAnalytics for Smart Grid Cyber security
Analytics for Smart Grid Cyber security
Boston Global Forum
 
Dr Dev Kambhampati | Electric Utilities Situational Awareness
Dr Dev Kambhampati | Electric Utilities Situational AwarenessDr Dev Kambhampati | Electric Utilities Situational Awareness
Dr Dev Kambhampati | Electric Utilities Situational Awareness
Dr Dev Kambhampati
 
Presentation1 160729072733
Presentation1 160729072733Presentation1 160729072733
Presentation1 160729072733
SIVA SASTHRI
 
Ijscs
IjscsIjscs
Ijscs
ijfcst journal
 
13th International Conference on Network Security & Applications (CNSA 2020)
13th International Conference on Network Security & Applications (CNSA 2020)13th International Conference on Network Security & Applications (CNSA 2020)
13th International Conference on Network Security & Applications (CNSA 2020)
pijans
 
Call for papers - 13th International Conference on Network Security & Appli...
Call for papers - 13th International Conference on Network Security & Appli...Call for papers - 13th International Conference on Network Security & Appli...
Call for papers - 13th International Conference on Network Security & Appli...
IJNSA Journal
 
13th International Conference on Network Security & Applications (CNSA 2020)
13th International Conference on Network Security & Applications (CNSA 2020)13th International Conference on Network Security & Applications (CNSA 2020)
13th International Conference on Network Security & Applications (CNSA 2020)
IJNSA Journal
 
Smart grid chinedu opara(m00560830)
Smart grid chinedu opara(m00560830)Smart grid chinedu opara(m00560830)
Smart grid chinedu opara(m00560830)
Chinedu Opara
 
Helping Utilities with Cybersecurity Preparedness: The C2M2
Helping Utilities with Cybersecurity Preparedness: The C2M2Helping Utilities with Cybersecurity Preparedness: The C2M2
Helping Utilities with Cybersecurity Preparedness: The C2M2
Smart Grid Interoperability Panel
 
NIST Guide- Situational Awareness for Electric Utilities
NIST Guide- Situational Awareness for Electric UtilitiesNIST Guide- Situational Awareness for Electric Utilities
NIST Guide- Situational Awareness for Electric Utilities
Dr Dev Kambhampati
 

More Related Content

What's hot

Cyber security for smart grid
Cyber security for smart grid Cyber security for smart grid
Cyber security for smart grid
Krithika Muthusubramanian
 
Виталий Трахтенберг (Израиль), MER Group. Кейс по кибер-расследованию для одн...
Виталий Трахтенберг (Израиль), MER Group. Кейс по кибер-расследованию для одн...Виталий Трахтенберг (Израиль), MER Group. Кейс по кибер-расследованию для одн...
Виталий Трахтенберг (Израиль), MER Group. Кейс по кибер-расследованию для одн...
KazHackStan
 
Cyber security in power sector
Cyber security in power sectorCyber security in power sector
Cyber security in power sector
P K Agarwal
 
Smart Grid Security by Falgun Rathod
Smart Grid Security by Falgun RathodSmart Grid Security by Falgun Rathod
Smart Grid Security by Falgun Rathod
ClubHack
 
Smart Grid Security - Attack & Defense
Smart Grid Security - Attack & Defense Smart Grid Security - Attack & Defense
Smart Grid Security - Attack & Defense
NESslides
 
Le attività di RSE nell'ambito della cyber security nelle smart grid (Luciano...
Le attività di RSE nell'ambito della cyber security nelle smart grid (Luciano...Le attività di RSE nell'ambito della cyber security nelle smart grid (Luciano...
Le attività di RSE nell'ambito della cyber security nelle smart grid (Luciano...
Sardegna Ricerche
 
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...University of Southern California
 
Practical analysis of the cybersecurity of European smart grids
Practical analysis of the cybersecurity of European smart gridsPractical analysis of the cybersecurity of European smart grids
Practical analysis of the cybersecurity of European smart grids
Sergey Gordeychik
 
Cyber-Defensive Architecture for Networked Industrial Control Systems
Cyber-Defensive Architecture for Networked Industrial Control SystemsCyber-Defensive Architecture for Networked Industrial Control Systems
Cyber-Defensive Architecture for Networked Industrial Control Systems
IJEACS
 
Secure Decisions - Cyber Security Sensemaking
Secure Decisions - Cyber Security SensemakingSecure Decisions - Cyber Security Sensemaking
Secure Decisions - Cyber Security SensemakingAnita D'Amico
 
IRJET- A Study on: Wireless Sensing Network (WSN) Gas Leakage Detection S...
IRJET- A Study on: Wireless Sensing Network (WSN) Gas Leakage Detection S...IRJET- A Study on: Wireless Sensing Network (WSN) Gas Leakage Detection S...
IRJET- A Study on: Wireless Sensing Network (WSN) Gas Leakage Detection S...
IRJET Journal
 
Hazardex 2018 when safety met security
Hazardex 2018 when safety met securityHazardex 2018 when safety met security
Hazardex 2018 when safety met security
Rob Turner
 
Analytics for Smart Grid Cyber security
Analytics for Smart Grid Cyber securityAnalytics for Smart Grid Cyber security
Analytics for Smart Grid Cyber security
Boston Global Forum
 
Dr Dev Kambhampati | Electric Utilities Situational Awareness
Dr Dev Kambhampati | Electric Utilities Situational AwarenessDr Dev Kambhampati | Electric Utilities Situational Awareness
Dr Dev Kambhampati | Electric Utilities Situational Awareness
Dr Dev Kambhampati
 
Presentation1 160729072733
Presentation1 160729072733Presentation1 160729072733
Presentation1 160729072733
SIVA SASTHRI
 
Ijscs
IjscsIjscs
Ijscs
ijfcst journal
 
13th International Conference on Network Security & Applications (CNSA 2020)
13th International Conference on Network Security & Applications (CNSA 2020)13th International Conference on Network Security & Applications (CNSA 2020)
13th International Conference on Network Security & Applications (CNSA 2020)
pijans
 
Call for papers - 13th International Conference on Network Security & Appli...
Call for papers - 13th International Conference on Network Security & Appli...Call for papers - 13th International Conference on Network Security & Appli...
Call for papers - 13th International Conference on Network Security & Appli...
IJNSA Journal
 
13th International Conference on Network Security & Applications (CNSA 2020)
13th International Conference on Network Security & Applications (CNSA 2020)13th International Conference on Network Security & Applications (CNSA 2020)
13th International Conference on Network Security & Applications (CNSA 2020)
IJNSA Journal
 
Smart grid chinedu opara(m00560830)
Smart grid chinedu opara(m00560830)Smart grid chinedu opara(m00560830)
Smart grid chinedu opara(m00560830)
Chinedu Opara
 

What's hot (20)

Cyber security for smart grid
Cyber security for smart grid Cyber security for smart grid
Cyber security for smart grid
 
Виталий Трахтенберг (Израиль), MER Group. Кейс по кибер-расследованию для одн...
Виталий Трахтенберг (Израиль), MER Group. Кейс по кибер-расследованию для одн...Виталий Трахтенберг (Израиль), MER Group. Кейс по кибер-расследованию для одн...
Виталий Трахтенберг (Израиль), MER Group. Кейс по кибер-расследованию для одн...
 
Cyber security in power sector
Cyber security in power sectorCyber security in power sector
Cyber security in power sector
 
Smart Grid Security by Falgun Rathod
Smart Grid Security by Falgun RathodSmart Grid Security by Falgun Rathod
Smart Grid Security by Falgun Rathod
 
Smart Grid Security - Attack & Defense
Smart Grid Security - Attack & Defense Smart Grid Security - Attack & Defense
Smart Grid Security - Attack & Defense
 
Le attività di RSE nell'ambito della cyber security nelle smart grid (Luciano...
Le attività di RSE nell'ambito della cyber security nelle smart grid (Luciano...Le attività di RSE nell'ambito della cyber security nelle smart grid (Luciano...
Le attività di RSE nell'ambito della cyber security nelle smart grid (Luciano...
 
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...
Cyber security for the smart grid, Clifford Neuman, Information Sciences Inst...
 
Practical analysis of the cybersecurity of European smart grids
Practical analysis of the cybersecurity of European smart gridsPractical analysis of the cybersecurity of European smart grids
Practical analysis of the cybersecurity of European smart grids
 
Cyber-Defensive Architecture for Networked Industrial Control Systems
Cyber-Defensive Architecture for Networked Industrial Control SystemsCyber-Defensive Architecture for Networked Industrial Control Systems
Cyber-Defensive Architecture for Networked Industrial Control Systems
 
Secure Decisions - Cyber Security Sensemaking
Secure Decisions - Cyber Security SensemakingSecure Decisions - Cyber Security Sensemaking
Secure Decisions - Cyber Security Sensemaking
 
IRJET- A Study on: Wireless Sensing Network (WSN) Gas Leakage Detection S...
IRJET- A Study on: Wireless Sensing Network (WSN) Gas Leakage Detection S...IRJET- A Study on: Wireless Sensing Network (WSN) Gas Leakage Detection S...
IRJET- A Study on: Wireless Sensing Network (WSN) Gas Leakage Detection S...
 
Hazardex 2018 when safety met security
Hazardex 2018 when safety met securityHazardex 2018 when safety met security
Hazardex 2018 when safety met security
 
Analytics for Smart Grid Cyber security
Analytics for Smart Grid Cyber securityAnalytics for Smart Grid Cyber security
Analytics for Smart Grid Cyber security
 
Dr Dev Kambhampati | Electric Utilities Situational Awareness
Dr Dev Kambhampati | Electric Utilities Situational AwarenessDr Dev Kambhampati | Electric Utilities Situational Awareness
Dr Dev Kambhampati | Electric Utilities Situational Awareness
 
Presentation1 160729072733
Presentation1 160729072733Presentation1 160729072733
Presentation1 160729072733
 
Ijscs
IjscsIjscs
Ijscs
 
13th International Conference on Network Security & Applications (CNSA 2020)
13th International Conference on Network Security & Applications (CNSA 2020)13th International Conference on Network Security & Applications (CNSA 2020)
13th International Conference on Network Security & Applications (CNSA 2020)
 
Call for papers - 13th International Conference on Network Security & Appli...
Call for papers - 13th International Conference on Network Security & Appli...Call for papers - 13th International Conference on Network Security & Appli...
Call for papers - 13th International Conference on Network Security & Appli...
 
13th International Conference on Network Security & Applications (CNSA 2020)
13th International Conference on Network Security & Applications (CNSA 2020)13th International Conference on Network Security & Applications (CNSA 2020)
13th International Conference on Network Security & Applications (CNSA 2020)
 
Smart grid chinedu opara(m00560830)
Smart grid chinedu opara(m00560830)Smart grid chinedu opara(m00560830)
Smart grid chinedu opara(m00560830)
 

Similar to Next Generation Scada Developing Advanced Security Monitoring & Threat Detection to deliver Cyber Resilience in OT Environments

Helping Utilities with Cybersecurity Preparedness: The C2M2
Helping Utilities with Cybersecurity Preparedness: The C2M2Helping Utilities with Cybersecurity Preparedness: The C2M2
Helping Utilities with Cybersecurity Preparedness: The C2M2
Smart Grid Interoperability Panel
 
NIST Guide- Situational Awareness for Electric Utilities
NIST Guide- Situational Awareness for Electric UtilitiesNIST Guide- Situational Awareness for Electric Utilities
NIST Guide- Situational Awareness for Electric Utilities
Dr Dev Kambhampati
 
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
TelecomValley
 
Cyber Security in Substation Automation (IEC 61850)
Cyber Security in Substation Automation (IEC 61850)Cyber Security in Substation Automation (IEC 61850)
Cyber Security in Substation Automation (IEC 61850)Nikandrov Maxim
 
IRJET - Detection of False Data Injection Attacks using K-Means Clusterin...
IRJET - Detection of False Data Injection Attacks using K-Means Clusterin...IRJET - Detection of False Data Injection Attacks using K-Means Clusterin...
IRJET - Detection of False Data Injection Attacks using K-Means Clusterin...
IRJET Journal
 
Irjet v7 i3475
Irjet v7 i3475Irjet v7 i3475
Irjet v7 i3475
aissmsblogs
 
Cyber security in Smart grid system
Cyber security in Smart grid systemCyber security in Smart grid system
Cyber security in Smart grid system
amaljose949563
 
IBMS IN HIGH RISE BUILDINGS (HVAC AND LIGHTING) COST OPTIMIZATION
IBMS IN HIGH RISE BUILDINGS (HVAC AND LIGHTING) COST OPTIMIZATIONIBMS IN HIGH RISE BUILDINGS (HVAC AND LIGHTING) COST OPTIMIZATION
IBMS IN HIGH RISE BUILDINGS (HVAC AND LIGHTING) COST OPTIMIZATION
IRJET Journal
 
Securing Critical Infrastructures with a cybersecurity digital twin
Securing Critical Infrastructures with a cybersecurity digital twin Securing Critical Infrastructures with a cybersecurity digital twin
Securing Critical Infrastructures with a cybersecurity digital twin
Massimiliano Masi
 
Power Plants Security Webinar Presentation
Power Plants Security Webinar PresentationPower Plants Security Webinar Presentation
Power Plants Security Webinar Presentation
Certrec
 
Opening Keynote - Cybersecurity Summit 2018
Opening Keynote - Cybersecurity Summit 2018Opening Keynote - Cybersecurity Summit 2018
Opening Keynote - Cybersecurity Summit 2018
aztechcouncil
 
[GITSN] wireless data security system
[GITSN] wireless data security system[GITSN] wireless data security system
[GITSN] wireless data security system
운상 조
 
Utilization of Encryption for Security in SCADA Networks
Utilization of Encryption for Security in SCADA NetworksUtilization of Encryption for Security in SCADA Networks
Utilization of Encryption for Security in SCADA Networks
International Journal of Engineering Inventions www.ijeijournal.com
 
Irv Badr: Managing Risk Safety and Security Compliance
Irv Badr: Managing Risk Safety and Security Compliance Irv Badr: Managing Risk Safety and Security Compliance
Irv Badr: Managing Risk Safety and Security Compliance
EnergyTech2015
 
International Journal of Wireless Networks Systems (IJWNS)
International Journal of Wireless Networks Systems (IJWNS)International Journal of Wireless Networks Systems (IJWNS)
International Journal of Wireless Networks Systems (IJWNS)
ijfcst journal
 
IEEE PES GM 2017 Cybersecurity Panel Talk
IEEE PES GM 2017 Cybersecurity Panel TalkIEEE PES GM 2017 Cybersecurity Panel Talk
IEEE PES GM 2017 Cybersecurity Panel Talk
Nathan Wallace, PhD, PE
 
Encryption Security in SCADA Networks
Encryption Security in SCADA NetworksEncryption Security in SCADA Networks
Encryption Security in SCADA Networks
IJRES Journal
 
Threats to AI-Driven Industry 4.O From Neural Backdoors.pdf
Threats to AI-Driven Industry 4.O From Neural Backdoors.pdfThreats to AI-Driven Industry 4.O From Neural Backdoors.pdf
Threats to AI-Driven Industry 4.O From Neural Backdoors.pdf
PentaTech
 
International Journal of Information Security and Applications(IJISA)
International Journal of Information Security and Applications(IJISA) International Journal of Information Security and Applications(IJISA)
International Journal of Information Security and Applications(IJISA)
MiajackB
 

Similar to Next Generation Scada Developing Advanced Security Monitoring & Threat Detection to deliver Cyber Resilience in OT Environments (20)

Helping Utilities with Cybersecurity Preparedness: The C2M2
Helping Utilities with Cybersecurity Preparedness: The C2M2Helping Utilities with Cybersecurity Preparedness: The C2M2
Helping Utilities with Cybersecurity Preparedness: The C2M2
 
NIST Guide- Situational Awareness for Electric Utilities
NIST Guide- Situational Awareness for Electric UtilitiesNIST Guide- Situational Awareness for Electric Utilities
NIST Guide- Situational Awareness for Electric Utilities
 
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
Cyber-menaces et cyber-préjudices : regards croisés par Gilles DESOBLIN & Red...
 
Cyber Security in Substation Automation (IEC 61850)
Cyber Security in Substation Automation (IEC 61850)Cyber Security in Substation Automation (IEC 61850)
Cyber Security in Substation Automation (IEC 61850)
 
02 ibm security for smart grids
02 ibm security for smart grids02 ibm security for smart grids
02 ibm security for smart grids
 
IRJET - Detection of False Data Injection Attacks using K-Means Clusterin...
IRJET - Detection of False Data Injection Attacks using K-Means Clusterin...IRJET - Detection of False Data Injection Attacks using K-Means Clusterin...
IRJET - Detection of False Data Injection Attacks using K-Means Clusterin...
 
Irjet v7 i3475
Irjet v7 i3475Irjet v7 i3475
Irjet v7 i3475
 
Cyber security in Smart grid system
Cyber security in Smart grid systemCyber security in Smart grid system
Cyber security in Smart grid system
 
IBMS IN HIGH RISE BUILDINGS (HVAC AND LIGHTING) COST OPTIMIZATION
IBMS IN HIGH RISE BUILDINGS (HVAC AND LIGHTING) COST OPTIMIZATIONIBMS IN HIGH RISE BUILDINGS (HVAC AND LIGHTING) COST OPTIMIZATION
IBMS IN HIGH RISE BUILDINGS (HVAC AND LIGHTING) COST OPTIMIZATION
 
Securing Critical Infrastructures with a cybersecurity digital twin
Securing Critical Infrastructures with a cybersecurity digital twin Securing Critical Infrastructures with a cybersecurity digital twin
Securing Critical Infrastructures with a cybersecurity digital twin
 
Power Plants Security Webinar Presentation
Power Plants Security Webinar PresentationPower Plants Security Webinar Presentation
Power Plants Security Webinar Presentation
 
Opening Keynote - Cybersecurity Summit 2018
Opening Keynote - Cybersecurity Summit 2018Opening Keynote - Cybersecurity Summit 2018
Opening Keynote - Cybersecurity Summit 2018
 
[GITSN] wireless data security system
[GITSN] wireless data security system[GITSN] wireless data security system
[GITSN] wireless data security system
 
Utilization of Encryption for Security in SCADA Networks
Utilization of Encryption for Security in SCADA NetworksUtilization of Encryption for Security in SCADA Networks
Utilization of Encryption for Security in SCADA Networks
 
Irv Badr: Managing Risk Safety and Security Compliance
Irv Badr: Managing Risk Safety and Security Compliance Irv Badr: Managing Risk Safety and Security Compliance
Irv Badr: Managing Risk Safety and Security Compliance
 
International Journal of Wireless Networks Systems (IJWNS)
International Journal of Wireless Networks Systems (IJWNS)International Journal of Wireless Networks Systems (IJWNS)
International Journal of Wireless Networks Systems (IJWNS)
 
IEEE PES GM 2017 Cybersecurity Panel Talk
IEEE PES GM 2017 Cybersecurity Panel TalkIEEE PES GM 2017 Cybersecurity Panel Talk
IEEE PES GM 2017 Cybersecurity Panel Talk
 
Encryption Security in SCADA Networks
Encryption Security in SCADA NetworksEncryption Security in SCADA Networks
Encryption Security in SCADA Networks
 
Threats to AI-Driven Industry 4.O From Neural Backdoors.pdf
Threats to AI-Driven Industry 4.O From Neural Backdoors.pdfThreats to AI-Driven Industry 4.O From Neural Backdoors.pdf
Threats to AI-Driven Industry 4.O From Neural Backdoors.pdf
 
International Journal of Information Security and Applications(IJISA)
International Journal of Information Security and Applications(IJISA) International Journal of Information Security and Applications(IJISA)
International Journal of Information Security and Applications(IJISA)
 

More from Power System Operation

ENERGY TRANSITION OUTLOOK 2021
ENERGY TRANSITION OUTLOOK 2021ENERGY TRANSITION OUTLOOK 2021
ENERGY TRANSITION OUTLOOK 2021
Power System Operation
 
Thermography test of electrical panels
Thermography test of electrical panelsThermography test of electrical panels
Thermography test of electrical panels
Power System Operation
 
What does peak shaving mean
What does peak shaving meanWhat does peak shaving mean
What does peak shaving mean
Power System Operation
 
What's short circuit level
What's short circuit levelWhat's short circuit level
What's short circuit level
Power System Operation
 
Power System Restoration Guide
Power System Restoration Guide Power System Restoration Guide
Power System Restoration Guide
Power System Operation
 
Big Data Analytics for Power Grid Operations
Big Data Analytics for Power Grid OperationsBig Data Analytics for Power Grid Operations
Big Data Analytics for Power Grid Operations
Power System Operation
 
SPS to RAS Special Protection Scheme Remedial Action Scheme
SPS to RAS Special Protection Scheme Remedial Action SchemeSPS to RAS Special Protection Scheme Remedial Action Scheme
SPS to RAS Special Protection Scheme Remedial Action Scheme
Power System Operation
 
Substation Neutral Earthing
Substation Neutral EarthingSubstation Neutral Earthing
Substation Neutral Earthing
Power System Operation
 
SVC PLUS Frequency Stabilizer Frequency and voltage support for dynamic grid...
SVC PLUS Frequency Stabilizer Frequency and voltage support for dynamic grid...SVC PLUS Frequency Stabilizer Frequency and voltage support for dynamic grid...
SVC PLUS Frequency Stabilizer Frequency and voltage support for dynamic grid...
Power System Operation
 
Principles & Testing Methods Of Earth Ground Resistance
Principles & Testing Methods Of Earth Ground ResistancePrinciples & Testing Methods Of Earth Ground Resistance
Principles & Testing Methods Of Earth Ground Resistance
Power System Operation
 
Gas Insulated Switchgear? Gas-Insulated High-Voltage Switchgear (GIS)
Gas Insulated Switchgear? Gas-Insulated High-Voltage Switchgear (GIS)Gas Insulated Switchgear? Gas-Insulated High-Voltage Switchgear (GIS)
Gas Insulated Switchgear? Gas-Insulated High-Voltage Switchgear (GIS)
Power System Operation
 
Electrical Transmission Tower Types - Design & Parts
Electrical Transmission Tower Types - Design & PartsElectrical Transmission Tower Types - Design & Parts
Electrical Transmission Tower Types - Design & Parts
Power System Operation
 
What is load management
What is load managementWhat is load management
What is load management
Power System Operation
 
What does merit order mean
What does merit order meanWhat does merit order mean
What does merit order mean
Power System Operation
 
What are Balancing Services ?
What are Balancing Services ?What are Balancing Services ?
What are Balancing Services ?
Power System Operation
 
The Need for Enhanced Power System Modelling Techniques & Simulation Tools
The Need for Enhanced Power System Modelling Techniques & Simulation Tools The Need for Enhanced Power System Modelling Techniques & Simulation Tools
The Need for Enhanced Power System Modelling Techniques & Simulation Tools
Power System Operation
 
Power Quality Trends in the Transition to Carbon-Free Electrical Energy System
Power Quality Trends in the Transition to Carbon-Free Electrical Energy SystemPower Quality Trends in the Transition to Carbon-Free Electrical Energy System
Power Quality Trends in the Transition to Carbon-Free Electrical Energy System
Power System Operation
 
Power Purchase Agreement PPA
Power Purchase Agreement PPA Power Purchase Agreement PPA
Power Purchase Agreement PPA
Power System Operation
 
Harmonic study and analysis
Harmonic study and analysisHarmonic study and analysis
Harmonic study and analysis
Power System Operation
 
What is leakage current testing
What is leakage current testingWhat is leakage current testing
What is leakage current testing
Power System Operation
 

More from Power System Operation (20)

ENERGY TRANSITION OUTLOOK 2021
ENERGY TRANSITION OUTLOOK 2021ENERGY TRANSITION OUTLOOK 2021
ENERGY TRANSITION OUTLOOK 2021
 
Thermography test of electrical panels
Thermography test of electrical panelsThermography test of electrical panels
Thermography test of electrical panels
 
What does peak shaving mean
What does peak shaving meanWhat does peak shaving mean
What does peak shaving mean
 
What's short circuit level
What's short circuit levelWhat's short circuit level
What's short circuit level
 
Power System Restoration Guide
Power System Restoration Guide Power System Restoration Guide
Power System Restoration Guide
 
Big Data Analytics for Power Grid Operations
Big Data Analytics for Power Grid OperationsBig Data Analytics for Power Grid Operations
Big Data Analytics for Power Grid Operations
 
SPS to RAS Special Protection Scheme Remedial Action Scheme
SPS to RAS Special Protection Scheme Remedial Action SchemeSPS to RAS Special Protection Scheme Remedial Action Scheme
SPS to RAS Special Protection Scheme Remedial Action Scheme
 
Substation Neutral Earthing
Substation Neutral EarthingSubstation Neutral Earthing
Substation Neutral Earthing
 
SVC PLUS Frequency Stabilizer Frequency and voltage support for dynamic grid...
SVC PLUS Frequency Stabilizer Frequency and voltage support for dynamic grid...SVC PLUS Frequency Stabilizer Frequency and voltage support for dynamic grid...
SVC PLUS Frequency Stabilizer Frequency and voltage support for dynamic grid...
 
Principles & Testing Methods Of Earth Ground Resistance
Principles & Testing Methods Of Earth Ground ResistancePrinciples & Testing Methods Of Earth Ground Resistance
Principles & Testing Methods Of Earth Ground Resistance
 
Gas Insulated Switchgear? Gas-Insulated High-Voltage Switchgear (GIS)
Gas Insulated Switchgear? Gas-Insulated High-Voltage Switchgear (GIS)Gas Insulated Switchgear? Gas-Insulated High-Voltage Switchgear (GIS)
Gas Insulated Switchgear? Gas-Insulated High-Voltage Switchgear (GIS)
 
Electrical Transmission Tower Types - Design & Parts
Electrical Transmission Tower Types - Design & PartsElectrical Transmission Tower Types - Design & Parts
Electrical Transmission Tower Types - Design & Parts
 
What is load management
What is load managementWhat is load management
What is load management
 
What does merit order mean
What does merit order meanWhat does merit order mean
What does merit order mean
 
What are Balancing Services ?
What are Balancing Services ?What are Balancing Services ?
What are Balancing Services ?
 
The Need for Enhanced Power System Modelling Techniques & Simulation Tools
The Need for Enhanced Power System Modelling Techniques & Simulation Tools The Need for Enhanced Power System Modelling Techniques & Simulation Tools
The Need for Enhanced Power System Modelling Techniques & Simulation Tools
 
Power Quality Trends in the Transition to Carbon-Free Electrical Energy System
Power Quality Trends in the Transition to Carbon-Free Electrical Energy SystemPower Quality Trends in the Transition to Carbon-Free Electrical Energy System
Power Quality Trends in the Transition to Carbon-Free Electrical Energy System
 
Power Purchase Agreement PPA
Power Purchase Agreement PPA Power Purchase Agreement PPA
Power Purchase Agreement PPA
 
Harmonic study and analysis
Harmonic study and analysisHarmonic study and analysis
Harmonic study and analysis
 
What is leakage current testing
What is leakage current testingWhat is leakage current testing
What is leakage current testing
 

Recently uploaded

一比一原版(UMich毕业证)密歇根大学|安娜堡分校毕业证成绩单专业办理
一比一原版(UMich毕业证)密歇根大学|安娜堡分校毕业证成绩单专业办理一比一原版(UMich毕业证)密歇根大学|安娜堡分校毕业证成绩单专业办理
一比一原版(UMich毕业证)密歇根大学|安娜堡分校毕业证成绩单专业办理
zwunae
 
Self-Control of Emotions by Slidesgo.pptx
Self-Control of Emotions by Slidesgo.pptxSelf-Control of Emotions by Slidesgo.pptx
Self-Control of Emotions by Slidesgo.pptx
iemerc2024
 
Unbalanced Three Phase Systems and circuits.pptx
Unbalanced Three Phase Systems and circuits.pptxUnbalanced Three Phase Systems and circuits.pptx
Unbalanced Three Phase Systems and circuits.pptx
ChristineTorrepenida1
 
Building Electrical System Design & Installation
Building Electrical System Design & InstallationBuilding Electrical System Design & Installation
Building Electrical System Design & Installation
symbo111
 
Water billing management system project report.pdf
Water billing management system project report.pdfWater billing management system project report.pdf
Water billing management system project report.pdf
Kamal Acharya
 
Understanding Inductive Bias in Machine Learning
Understanding Inductive Bias in Machine LearningUnderstanding Inductive Bias in Machine Learning
Understanding Inductive Bias in Machine Learning
SUTEJAS
 
哪里办理(csu毕业证书)查尔斯特大学毕业证硕士学历原版一模一样
哪里办理(csu毕业证书)查尔斯特大学毕业证硕士学历原版一模一样哪里办理(csu毕业证书)查尔斯特大学毕业证硕士学历原版一模一样
哪里办理(csu毕业证书)查尔斯特大学毕业证硕士学历原版一模一样
insn4465
 
Planning Of Procurement o different goods and services
Planning Of Procurement o different goods and servicesPlanning Of Procurement o different goods and services
Planning Of Procurement o different goods and services
JoytuBarua2
 
Harnessing WebAssembly for Real-time Stateless Streaming Pipelines
Harnessing WebAssembly for Real-time Stateless Streaming PipelinesHarnessing WebAssembly for Real-time Stateless Streaming Pipelines
Harnessing WebAssembly for Real-time Stateless Streaming Pipelines
Christina Lin
 
spirit beverages ppt without graphics.pptx
spirit beverages ppt without graphics.pptxspirit beverages ppt without graphics.pptx
spirit beverages ppt without graphics.pptx
Madan Karki
 
BPV-GUI-01-Guide-for-ASME-Review-Teams-(General)-10-10-2023.pdf
BPV-GUI-01-Guide-for-ASME-Review-Teams-(General)-10-10-2023.pdfBPV-GUI-01-Guide-for-ASME-Review-Teams-(General)-10-10-2023.pdf
BPV-GUI-01-Guide-for-ASME-Review-Teams-(General)-10-10-2023.pdf
MIGUELANGEL966976
 
Online aptitude test management system project report.pdf
Online aptitude test management system project report.pdfOnline aptitude test management system project report.pdf
Online aptitude test management system project report.pdf
Kamal Acharya
 
Literature Review Basics and Understanding Reference Management.pptx
Literature Review Basics and Understanding Reference Management.pptxLiterature Review Basics and Understanding Reference Management.pptx
Literature Review Basics and Understanding Reference Management.pptx
Dr Ramhari Poudyal
 
digital fundamental by Thomas L.floydl.pdf
digital fundamental by Thomas L.floydl.pdfdigital fundamental by Thomas L.floydl.pdf
digital fundamental by Thomas L.floydl.pdf
drwaing
 
一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单专业办理
一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单专业办理一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单专业办理
一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单专业办理
zwunae
 
Technical Drawings introduction to drawing of prisms
Technical Drawings introduction to drawing of prismsTechnical Drawings introduction to drawing of prisms
Technical Drawings introduction to drawing of prisms
heavyhaig
 
PPT on GRP pipes manufacturing and testing
PPT on GRP pipes manufacturing and testingPPT on GRP pipes manufacturing and testing
PPT on GRP pipes manufacturing and testing
anoopmanoharan2
 
DfMAy 2024 - key insights and contributions
DfMAy 2024 - key insights and contributionsDfMAy 2024 - key insights and contributions
DfMAy 2024 - key insights and contributions
gestioneergodomus
 
TOP 10 B TECH COLLEGES IN JAIPUR 2024.pptx
TOP 10 B TECH COLLEGES IN JAIPUR 2024.pptxTOP 10 B TECH COLLEGES IN JAIPUR 2024.pptx
TOP 10 B TECH COLLEGES IN JAIPUR 2024.pptx
nikitacareer3
 
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&BDesign and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Sreedhar Chowdam
 

Recently uploaded (20)

一比一原版(UMich毕业证)密歇根大学|安娜堡分校毕业证成绩单专业办理
一比一原版(UMich毕业证)密歇根大学|安娜堡分校毕业证成绩单专业办理一比一原版(UMich毕业证)密歇根大学|安娜堡分校毕业证成绩单专业办理
一比一原版(UMich毕业证)密歇根大学|安娜堡分校毕业证成绩单专业办理
 
Self-Control of Emotions by Slidesgo.pptx
Self-Control of Emotions by Slidesgo.pptxSelf-Control of Emotions by Slidesgo.pptx
Self-Control of Emotions by Slidesgo.pptx
 
Unbalanced Three Phase Systems and circuits.pptx
Unbalanced Three Phase Systems and circuits.pptxUnbalanced Three Phase Systems and circuits.pptx
Unbalanced Three Phase Systems and circuits.pptx
 
Building Electrical System Design & Installation
Building Electrical System Design & InstallationBuilding Electrical System Design & Installation
Building Electrical System Design & Installation
 
Water billing management system project report.pdf
Water billing management system project report.pdfWater billing management system project report.pdf
Water billing management system project report.pdf
 
Understanding Inductive Bias in Machine Learning
Understanding Inductive Bias in Machine LearningUnderstanding Inductive Bias in Machine Learning
Understanding Inductive Bias in Machine Learning
 
哪里办理(csu毕业证书)查尔斯特大学毕业证硕士学历原版一模一样
哪里办理(csu毕业证书)查尔斯特大学毕业证硕士学历原版一模一样哪里办理(csu毕业证书)查尔斯特大学毕业证硕士学历原版一模一样
哪里办理(csu毕业证书)查尔斯特大学毕业证硕士学历原版一模一样
 
Planning Of Procurement o different goods and services
Planning Of Procurement o different goods and servicesPlanning Of Procurement o different goods and services
Planning Of Procurement o different goods and services
 
Harnessing WebAssembly for Real-time Stateless Streaming Pipelines
Harnessing WebAssembly for Real-time Stateless Streaming PipelinesHarnessing WebAssembly for Real-time Stateless Streaming Pipelines
Harnessing WebAssembly for Real-time Stateless Streaming Pipelines
 
spirit beverages ppt without graphics.pptx
spirit beverages ppt without graphics.pptxspirit beverages ppt without graphics.pptx
spirit beverages ppt without graphics.pptx
 
BPV-GUI-01-Guide-for-ASME-Review-Teams-(General)-10-10-2023.pdf
BPV-GUI-01-Guide-for-ASME-Review-Teams-(General)-10-10-2023.pdfBPV-GUI-01-Guide-for-ASME-Review-Teams-(General)-10-10-2023.pdf
BPV-GUI-01-Guide-for-ASME-Review-Teams-(General)-10-10-2023.pdf
 
Online aptitude test management system project report.pdf
Online aptitude test management system project report.pdfOnline aptitude test management system project report.pdf
Online aptitude test management system project report.pdf
 
Literature Review Basics and Understanding Reference Management.pptx
Literature Review Basics and Understanding Reference Management.pptxLiterature Review Basics and Understanding Reference Management.pptx
Literature Review Basics and Understanding Reference Management.pptx
 
digital fundamental by Thomas L.floydl.pdf
digital fundamental by Thomas L.floydl.pdfdigital fundamental by Thomas L.floydl.pdf
digital fundamental by Thomas L.floydl.pdf
 
一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单专业办理
一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单专业办理一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单专业办理
一比一原版(IIT毕业证)伊利诺伊理工大学毕业证成绩单专业办理
 
Technical Drawings introduction to drawing of prisms
Technical Drawings introduction to drawing of prismsTechnical Drawings introduction to drawing of prisms
Technical Drawings introduction to drawing of prisms
 
PPT on GRP pipes manufacturing and testing
PPT on GRP pipes manufacturing and testingPPT on GRP pipes manufacturing and testing
PPT on GRP pipes manufacturing and testing
 
DfMAy 2024 - key insights and contributions
DfMAy 2024 - key insights and contributionsDfMAy 2024 - key insights and contributions
DfMAy 2024 - key insights and contributions
 
TOP 10 B TECH COLLEGES IN JAIPUR 2024.pptx
TOP 10 B TECH COLLEGES IN JAIPUR 2024.pptxTOP 10 B TECH COLLEGES IN JAIPUR 2024.pptx
TOP 10 B TECH COLLEGES IN JAIPUR 2024.pptx
 
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&BDesign and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
 

Next Generation Scada Developing Advanced Security Monitoring & Threat Detection to deliver Cyber Resilience in OT Environments

  • 1. Threat Detection Developing Advanced Security Monitoring & Threat Detection to deliver Cyber Resilience in OT Environments
  • 2. About RSE Applied research on the electro-energetic sector, experimental activities including Cyber Security experimental assessment January 2020, Berlin, Germany
  • 3. Table of contents January 2020, Berlin, Germany • Cyber challenges to the energy transition • European Regulations • ICS cyber security analyses with state of art tools • Advanced probabilistic models for anomaly detection and attack forecast • Experimental platform for security monitoring, anomaly detection and recovery • Application of machine/deep learning to cyber anomaly detection
  • 4. Cyber challenges to the energy transition The number of known attack groups increased from 140 in 2018 to 155 in 2019.6 [WEC] January 2020, Berlin, Germany
  • 5. Attack to Ukrainian Grid - details • E‐ISAC | Analysis of the Cyber Attack on the Ukrainian Power Grid | March 18, 2016 January 2020, Berlin, Germany
  • 6. NIS Directive EU 2016/1148 CHAPTER IV SECURITY OF THE NETWORK AND INFORMATION SYSTEMS OF OPERATORS OF ESSENTIAL SERVICES Article 14 Security requirements and incident notification 1.Member States shall ensure that operators of essential services take appropriate and proportionate technical and organisational measures to manage the risks posed to the security of network and information systems which they use in their operations. 2.Member States shall ensure that operators of essential services take appropriate measures to prevent and minimise the impact of incidents affecting the security of the network and information systems used for the provision of such essential services, with a view to ensuring the continuity of those services. 3.Member States shall ensure that operators of essential services notify, without undue delay, the competent authority or the CSIRT of incidents having a significant impact on the continuity of the essential services they provide. Notifications shall include information enabling the competent authority or the CSIRT to determine any cross-border impact of the incident. Notification shall not make the notifying party subject to increased liability.
  • 7. Network Code on Cybersecurity [Euopean Commission, Smart Grid Task Force, Expert Group 2] January 2020, Berlin, Germany
  • 8. Power System Resilience - Definition CIGRE WG C4.47 Reference Paper January 2020, Berlin, Germany
  • 9. NIST Cyber Security Framework January 2020, Berlin, Germany
  • 10. NIST Cyber Security Framework (cont.) • Functions and categories January 2020, Berlin, Germany
  • 11. RSE Cyber Security Framework Research and InnovationFoundations Experiments ICT Simulators Power Simulators Standards Regulations Analysis methodologi es AI Algorithms Technologies January 2020, Berlin, Germany
  • 12. RSE Cyber Security Framework (cont.) January 2020, Berlin, Germany
  • 13. ICS cyber security analyses Field Network Corporate Network Control Network DMZ Network NIST 800-82 January 2020, Berlin, Germany
  • 14. SecuriCAD based methodology • SecuriCAD tool by Foreseeti (SE) allows the evaluation of the TTC indicator (Time To Compromise); TTC represents the expected time an attacker would take to compromise every single asset in the modelled ICT infrastructure • Each asset on the model has specific attack steps associate with it that can be exploited to control the component, this is dependent on the type of asset and the values of the configured parameters • Pre-determined attack steps • Pre-defined attack step probability • Graphical interface
  • 16. Attack path Attack graph Imperfect defenses SecuriCAD Attack Graph
  • 17. Measure Success % in 10 days Success % in 20 days Success % in 50 days Δ% Vs Base line 10 days Δ% Vs Baseline 20 days Δ% Vs Baseline 50 days Firewall off 25% 38% 58% 19% 28% 36% Baseline (fw on) 6% 10% 22% - - - Baseline + Protocol security 5% 8% 21% -1% -2% -1% Baseline + Protocol sec + IDS 4% 7% 18% -2% -3% -4% Baseline + Protocol sec + IDS+IPS 3% 7% 20% -3% -3% -2% Baseline + Protocol sec + IDS+IPS + AC sec (no default pw) 2% 4% 12% -4% -6% -10% SecuriCAD Analyses
  • 18. Probabilistic graphical models Bayesian Networks • based on real world knowledge and parameters • oriented to the power system • predictive and diagnostic analysis • for planning, assessment, detection, forecasting January 2020, Berlin, Germany
  • 19. Analysis types planning • security measures • monitoring sensors setup detection • early detection of intrusions assessment • effectiveness of security measures • effectiveness of monitoring system forecasting • adversarial moves
  • 20. 20 Adversarial Tactics Techniques and Common Knowledge https://attack.mitre.org/
  • 22. Threat Detection Report 2019 - Red Canary ATT&CK technique leverage
  • 23. Attack process to power control infrastructure Field Network Corporate Network Control Network DMZ Network Power Control Area Attack Graph IT Area Attack Graph 23
  • 24. Methodological approach Attack Graph 24 Bayesian Network IT techniques • MITRE ATT&CK - scores based on attack groups, software, references OT techniques • US ICS-CERT Vulnerability Advisories - CVSS scores Analytics • events whose observation is significant to the security analyst • MITRE CAR + power domain specific
  • 25. Predictive/Diagnostic Analysis 25 Detection: Importance of monitoring system security Planning /Assessment: Network specific risk assessment for defence planning Planning/ Assessment : Relevance of analytics in the planning of the monitoring system D. Cerotti, D. Codetta-Raiteri, L. Egidi, R. Terruggia, G. Dondossola, «Analysis and Detection of Cyber Attack Processes targeting Smart Grids», 2019 IEEE PES Innovative Smart Grid Technologies Europe (ISGT-Europe), September2019
  • 26. Attack Emulation Detection tools Scenarios Demonstration & Evaluation Anomaly Detection Experiments January 2020, Berlin, Germany
  • 27. Analysis and Correlation Detection of anomalies Alert Prevention/ Recovery SNMP Syslog Evidence Monitoring values Logs Collection January 2020, Berlin, Germany Detection and Response Process
  • 28. Traditional IT detection • Transport layer • Information flow Context specific detection • Application level detection Syntactic vs semantic analysis Indicators Machine learning & Big Data approach Detection @ different layers January 2020, Berlin, Germany
  • 29. RSE Power Control System Resilience Testing PCS-ResTest Lab January 2020, Berlin, Germany
  • 30. Monitoring integrated platform RSE integrated platform supports IEC 62351 application examples January 2020, Berlin, Germany
  • 31. Remediation Vulnerability & Threat Real Time Monitoring Event Analysis Threat intelligence January 2020, Berlin, Germany
  • 33. NextGen Cyber Security Analyses New technologies = more cyber security opportunities January 2020, Berlin, Germany
  • 34. Supervised • Expert-> Labelling -> Analysis -> Prediction Log/event analysis Selection of algorithm is based on the problem statement ‘’bad’’ ‘’good’’ ‘’good’’ Unsupervised • Clustering algorithms January 2020, Berlin, Germany Machine learning for anomaly detection
  • 35. AI Machine learning Deep learning Deep learning • Multi layer • High level features from raw data • Artificial neural networks • “non linear” decision boundaries • Supervised, unsupervised or semi- supervised type of problems Bayesian belief networks • Inference and learning in Bayesian networks • Describe a multivariate distribution representing the relations between evidences and system status Machine Learning approach Anomaly detection Monitoring Evidences Logs
  • 36. • Studies related to cyber anomalies/attack processes to power-digital infrastructures including IoT/Fog/Cloud platforms • Monitoring & Logging of IT/OT indicators • Attack emulations to power-digital infrastructures including IoT/Fog/Cloud platforms • Cyber anomaly detection with Machine and Deep Learning AI techniques applied to anomaly detection
  • 37. • Simulation of power control schemes • Attack emulations • Cyber anomaly monitoring, detection, visualization, recovery (MDVR) platforms • Integration of IT/OT MDVR platforms in power control simulations • Evaluation of cyber resilient scenarios Resilience of Cyber-Power Systems
  • 38. References 1. World Energy Council, “Cyber challenges to the energy transition”, 2019 2. E‐ISAC | Analysis of the Cyber Attack on the Ukrainian Power Grid | March 18, 2016 3. NIST Cybersecurity Framework Version 1.1, April 2018, https://www.nist.gov/cyberframework/framework 4. Smart Grid Task Force-Expert Group 2-Cybersecurity , «Recommendations to the European Commission for the Implementation of Sector-Specific Rules for Cybersecurity Aspects of Cross- Border Electricity Flows, on Common Minimum Requirements, Planning, Monitoring, Reporting and Crisis Management,» 2019 5. R. Terruggia, G. Dondossola, M. Ekstedt, “Cyber security analysis of Web-of-Cells energy architectures”, 5th International Symposium for ICS and SCADA Cyber Security Research 2018, Hamburg, August 2018 6. G. Dondossola, R. Terruggia, “Amonitoring architecture for smart grid cyber security”, Cigré Science and Engineering, February 2018 7. D. Cerotti, D. Codetta-Raiteri, L. Egidi, R. Terruggia, G. Dondossola, «Analysis and Detection of Cyber Attack Processes targeting Smart Grids», 2019 IEEE PES Innovative Smart Grid Technologies Europe (ISGT-Europe), September 2019 38