SlideShare a Scribd company logo

Secured Communication Infrastructure for Substation Automation

Nirmal Thaliyil
Nirmal Thaliyil

Gridtech 2019 presentation on infrastructure cyber security requirments for substation network

Technology
1 of 7
SECURED COMMUNICATION INFRASTRUCTURE 1
• NERC CIP v5 Critical Infrastructure Protection • IEEE 1686 functions and features to be provided in IEDs to accommodate CIP • IEC62351 power system data and communication security • IETF standard for communication (eg: TLS, SSH) Security Objectives 2Copyright © Kalkitech / ASE. All rights reserved. Manage MonitorProtect • Confidentiality and integrity – Engineering data – SCADA data • Defends against – Intrusion – Man in the middle – Denial of service attacks • Improve availability • Centralized • Authorization • Authentication • Accounting • Logs • Alarms • Events
Security Standard Coverage 3
Cybersecurity Best Practices 4 Response • Network management service • Remote key and certificate management process • Patching, backup and recovery Detection •Audit trail •Security events and alarm logging •Analysis tools Protection •Hardening •Edge firewall •Authentication •digital signature & access control •Data encryption •Validation
Enhanced Device Security • Secured device access • Controlling communication ports • Encrypting of communication link and data • Controlling firmware and configuration update • Authenticating device access (RBAC) • Logging of security alarms and events 5
Secure Substation Architecture 6
Thank You ! 7

Recommended

Unsafe Harbor - Tailoring Encryption to Meet HIPAA and Safe Harbor
Unsafe Harbor - Tailoring Encryption to Meet HIPAA and Safe HarborUnsafe Harbor - Tailoring Encryption to Meet HIPAA and Safe Harbor
Unsafe Harbor - Tailoring Encryption to Meet HIPAA and Safe Harbor
Ray Potter
 
Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)
Joan Figueras Tugas
 
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEMNetwork Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Jim Gilsinn
 
Ics presentation
Ics presentationIcs presentation
Ics presentation
🖥 Chad Hunter
 
Secure remote device access
Secure remote device access Secure remote device access
Secure remote device access
Nirmal Thaliyil
 
Industrial Control System Security Overview
Industrial Control System Security OverviewIndustrial Control System Security Overview
Industrial Control System Security Overview
pgmaynard
 
Cloak your critical industrial control systems before they get hacked
Cloak your critical industrial control systems before they get hackedCloak your critical industrial control systems before they get hacked
Cloak your critical industrial control systems before they get hacked
Tempered
 
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkNist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing Framework
MarcoAfzali
 

Recommended

Unsafe Harbor - Tailoring Encryption to Meet HIPAA and Safe Harbor
Unsafe Harbor - Tailoring Encryption to Meet HIPAA and Safe HarborUnsafe Harbor - Tailoring Encryption to Meet HIPAA and Safe Harbor
Unsafe Harbor - Tailoring Encryption to Meet HIPAA and Safe Harbor
Ray Potter
 
Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)
Joan Figueras Tugas
 
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEMNetwork Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Jim Gilsinn
 
Ics presentation
Ics presentationIcs presentation
Ics presentation
🖥 Chad Hunter
 
Secure remote device access
Secure remote device access Secure remote device access
Secure remote device access
Nirmal Thaliyil
 
Industrial Control System Security Overview
Industrial Control System Security OverviewIndustrial Control System Security Overview
Industrial Control System Security Overview
pgmaynard
 
Cloak your critical industrial control systems before they get hacked
Cloak your critical industrial control systems before they get hackedCloak your critical industrial control systems before they get hacked
Cloak your critical industrial control systems before they get hacked
Tempered
 
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkNist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing Framework
MarcoAfzali
 
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
Eran Goldstein
 
Pci Req
Pci ReqPci Req
Pci Req
Namrata Arora
 
Robust Cyber Security for Power Utilities
Robust Cyber Security for Power UtilitiesRobust Cyber Security for Power Utilities
Robust Cyber Security for Power Utilities
Nir Cohen
 
Ia15 network situation awareness Lumeta Europe
Ia15 network situation awareness Lumeta EuropeIa15 network situation awareness Lumeta Europe
Ia15 network situation awareness Lumeta Europe
Bryan Munro-Smith
 
Scada security presentation by Stephen Miller
Scada security presentation by Stephen MillerScada security presentation by Stephen Miller
Scada security presentation by Stephen Miller
AVEVA
 
CSIRS ICS BCS 2.2
CSIRS ICS BCS 2.2CSIRS ICS BCS 2.2
CSIRS ICS BCS 2.2David Spinks
 
Hacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityHacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS security
Chris Sistrunk
 
CyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoTCyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoT
Creekside Marketing Group, LLC
 
DTS Solution - Software Defined Security v1.0
DTS Solution - Software Defined Security v1.0DTS Solution - Software Defined Security v1.0
DTS Solution - Software Defined Security v1.0Shah Sheikh
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Jim Gilsinn
 
Guide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_securityGuide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_security
Deepakraj Sahu
 
SCADA Security Presentation
SCADA Security PresentationSCADA Security Presentation
SCADA Security Presentation
Filip Maertens
 
Severa technical overview
Severa technical overviewSevera technical overview
Severa technical overviewSevera PSA
 
Security Landscape Presentation
Security Landscape PresentationSecurity Landscape Presentation
Security Landscape Presentation
Doug McTighe
 
Introduction to ICS/SCADA security
Introduction to ICS/SCADA securityIntroduction to ICS/SCADA security
Introduction to ICS/SCADA security
Cysinfo Cyber Security Community
 
The journey to ICS - Extended
The journey to ICS - Extended The journey to ICS - Extended
The journey to ICS - Extended
Larry Vandenaweele
 
The Future of ICS Security Products
The Future of ICS Security ProductsThe Future of ICS Security Products
The Future of ICS Security Products
Digital Bond
 
IEC and cyber security (June 2018)
IEC and cyber security (June 2018)IEC and cyber security (June 2018)
IEC and cyber security (June 2018)
International Electrotechnical Commission (IEC)
 
UniQ-ID Identity and Access Management
UniQ-ID Identity and Access ManagementUniQ-ID Identity and Access Management
UniQ-ID Identity and Access Management
Frans Bolk
 
Managing 4,000 devices across 20+ remote sites on a single console
Managing 4,000 devices across 20+ remote sites on a single consoleManaging 4,000 devices across 20+ remote sites on a single console
Managing 4,000 devices across 20+ remote sites on a single console
ManageEngine, Zoho Corporation
 
Nozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks SCADAguardian - Data-SheetNozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks
 
Understanding IT Network Security for Wireless and Wired Measurement Applicat...
Understanding IT Network Security for Wireless and Wired Measurement Applicat...Understanding IT Network Security for Wireless and Wired Measurement Applicat...
Understanding IT Network Security for Wireless and Wired Measurement Applicat...
cmstiernberg
 

More Related Content

What's hot

2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
Eran Goldstein
 
Pci Req
Pci ReqPci Req
Pci Req
Namrata Arora
 
Robust Cyber Security for Power Utilities
Robust Cyber Security for Power UtilitiesRobust Cyber Security for Power Utilities
Robust Cyber Security for Power Utilities
Nir Cohen
 
Ia15 network situation awareness Lumeta Europe
Ia15 network situation awareness Lumeta EuropeIa15 network situation awareness Lumeta Europe
Ia15 network situation awareness Lumeta Europe
Bryan Munro-Smith
 
Scada security presentation by Stephen Miller
Scada security presentation by Stephen MillerScada security presentation by Stephen Miller
Scada security presentation by Stephen Miller
AVEVA
 
Hacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityHacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS security
Chris Sistrunk
 
CyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoTCyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoT
Creekside Marketing Group, LLC
 
DTS Solution - Software Defined Security v1.0
DTS Solution - Software Defined Security v1.0DTS Solution - Software Defined Security v1.0
DTS Solution - Software Defined Security v1.0Shah Sheikh
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Jim Gilsinn
 
Guide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_securityGuide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_security
Deepakraj Sahu
 
SCADA Security Presentation
SCADA Security PresentationSCADA Security Presentation
SCADA Security Presentation
Filip Maertens
 
Severa technical overview
Severa technical overviewSevera technical overview
Severa technical overviewSevera PSA
 
Security Landscape Presentation
Security Landscape PresentationSecurity Landscape Presentation
Security Landscape Presentation
Doug McTighe
 
Introduction to ICS/SCADA security
Introduction to ICS/SCADA securityIntroduction to ICS/SCADA security
Introduction to ICS/SCADA security
Cysinfo Cyber Security Community
 
The journey to ICS - Extended
The journey to ICS - Extended The journey to ICS - Extended
The journey to ICS - Extended
Larry Vandenaweele
 
The Future of ICS Security Products
The Future of ICS Security ProductsThe Future of ICS Security Products
The Future of ICS Security Products
Digital Bond
 
IEC and cyber security (June 2018)
IEC and cyber security (June 2018)IEC and cyber security (June 2018)
IEC and cyber security (June 2018)
International Electrotechnical Commission (IEC)
 
UniQ-ID Identity and Access Management
UniQ-ID Identity and Access ManagementUniQ-ID Identity and Access Management
UniQ-ID Identity and Access Management
Frans Bolk
 
Managing 4,000 devices across 20+ remote sites on a single console
Managing 4,000 devices across 20+ remote sites on a single consoleManaging 4,000 devices across 20+ remote sites on a single console
Managing 4,000 devices across 20+ remote sites on a single console
ManageEngine, Zoho Corporation
 

What's hot (20)

2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
2016 Top 10 Critical Infrastructures and SCADA/ICS Cyber Security Vulnerabili...
 
Pci Req
Pci ReqPci Req
Pci Req
 
Robust Cyber Security for Power Utilities
Robust Cyber Security for Power UtilitiesRobust Cyber Security for Power Utilities
Robust Cyber Security for Power Utilities
 
Ia15 network situation awareness Lumeta Europe
Ia15 network situation awareness Lumeta EuropeIa15 network situation awareness Lumeta Europe
Ia15 network situation awareness Lumeta Europe
 
Scada security presentation by Stephen Miller
Scada security presentation by Stephen MillerScada security presentation by Stephen Miller
Scada security presentation by Stephen Miller
 
CSIRS ICS BCS 2.2
CSIRS ICS BCS 2.2CSIRS ICS BCS 2.2
CSIRS ICS BCS 2.2
 
Hacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS securityHacker Halted 2016 - How to get into ICS security
Hacker Halted 2016 - How to get into ICS security
 
CyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoTCyberSecurity Best Practices for the IIoT
CyberSecurity Best Practices for the IIoT
 
DTS Solution - Software Defined Security v1.0
DTS Solution - Software Defined Security v1.0DTS Solution - Software Defined Security v1.0
DTS Solution - Software Defined Security v1.0
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
 
Guide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_securityGuide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_security
 
SCADA Security Presentation
SCADA Security PresentationSCADA Security Presentation
SCADA Security Presentation
 
Severa technical overview
Severa technical overviewSevera technical overview
Severa technical overview
 
Security Landscape Presentation
Security Landscape PresentationSecurity Landscape Presentation
Security Landscape Presentation
 
Introduction to ICS/SCADA security
Introduction to ICS/SCADA securityIntroduction to ICS/SCADA security
Introduction to ICS/SCADA security
 
The journey to ICS - Extended
The journey to ICS - Extended The journey to ICS - Extended
The journey to ICS - Extended
 
The Future of ICS Security Products
The Future of ICS Security ProductsThe Future of ICS Security Products
The Future of ICS Security Products
 
IEC and cyber security (June 2018)
IEC and cyber security (June 2018)IEC and cyber security (June 2018)
IEC and cyber security (June 2018)
 
UniQ-ID Identity and Access Management
UniQ-ID Identity and Access ManagementUniQ-ID Identity and Access Management
UniQ-ID Identity and Access Management
 
Managing 4,000 devices across 20+ remote sites on a single console
Managing 4,000 devices across 20+ remote sites on a single consoleManaging 4,000 devices across 20+ remote sites on a single console
Managing 4,000 devices across 20+ remote sites on a single console
 

Similar to Secured Communication Infrastructure for Substation Automation

Nozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks SCADAguardian - Data-SheetNozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks
 
Understanding IT Network Security for Wireless and Wired Measurement Applicat...
Understanding IT Network Security for Wireless and Wired Measurement Applicat...Understanding IT Network Security for Wireless and Wired Measurement Applicat...
Understanding IT Network Security for Wireless and Wired Measurement Applicat...
cmstiernberg
 
SFScon19 - Francesco La Spina -7 Steps to Industry 40
SFScon19 - Francesco La Spina -7 Steps to Industry 40SFScon19 - Francesco La Spina -7 Steps to Industry 40
SFScon19 - Francesco La Spina -7 Steps to Industry 40
South Tyrol Free Software Conference
 
Wireless Security Best Practices for Remote Monitoring Applications
Wireless Security Best Practices for Remote Monitoring ApplicationsWireless Security Best Practices for Remote Monitoring Applications
Wireless Security Best Practices for Remote Monitoring Applications
cmstiernberg
 
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
Jiunn-Jer Sun
 
Secure IOT Gateway
Secure IOT GatewaySecure IOT Gateway
Secure IOT Gateway
LF Events
 
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
Waqas Ahmed Nawaz
 
Internet of Things Architecture / Topology
Internet of Things Architecture / TopologyInternet of Things Architecture / Topology
Internet of Things Architecture / Topology
NEEVEE Technologies
 
Design Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security GuidelinesDesign Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security Guidelines
Inductive Automation
 
Design Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security GuidelinesDesign Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security Guidelines
Inductive Automation
 
Cisco Connect 2018 Thailand - Security automation and programmability mr. kho...
Cisco Connect 2018 Thailand - Security automation and programmability mr. kho...Cisco Connect 2018 Thailand - Security automation and programmability mr. kho...
Cisco Connect 2018 Thailand - Security automation and programmability mr. kho...
NetworkCollaborators
 
Cisco Connect 2018 Thailand - Telco service provider network analytics
Cisco Connect 2018 Thailand - Telco service provider network analytics Cisco Connect 2018 Thailand - Telco service provider network analytics
Cisco Connect 2018 Thailand - Telco service provider network analytics
NetworkCollaborators
 
ITN6_Instructor_Materials_Chapter11.pdf
ITN6_Instructor_Materials_Chapter11.pdfITN6_Instructor_Materials_Chapter11.pdf
ITN6_Instructor_Materials_Chapter11.pdf
ThangDang53
 
Dncybersecurity
DncybersecurityDncybersecurity
Dncybersecurity
Anne Starr
 
Securing your telco cloud
Securing your telco cloud Securing your telco cloud
Securing your telco cloud
OPNFV
 
Open and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the RiskOpen and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the Risk
Inductive Automation
 
Open and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the RiskOpen and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the Risk
Inductive Automation
 
RISC-V 30946 manuel_offenberg_v3_notes
RISC-V 30946 manuel_offenberg_v3_notesRISC-V 30946 manuel_offenberg_v3_notes
RISC-V 30946 manuel_offenberg_v3_notes
RISC-V International
 
Data trustworthiness at the edge
Data trustworthiness at the edgeData trustworthiness at the edge
Data trustworthiness at the edge
RISC-V International
 
Week 09_Cyber security u.pdf
Week 09_Cyber security u.pdfWeek 09_Cyber security u.pdf
Week 09_Cyber security u.pdf
dhanywahyudi17
 

Similar to Secured Communication Infrastructure for Substation Automation (20)

Nozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks SCADAguardian - Data-SheetNozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks SCADAguardian - Data-Sheet
 
Understanding IT Network Security for Wireless and Wired Measurement Applicat...
Understanding IT Network Security for Wireless and Wired Measurement Applicat...Understanding IT Network Security for Wireless and Wired Measurement Applicat...
Understanding IT Network Security for Wireless and Wired Measurement Applicat...
 
SFScon19 - Francesco La Spina -7 Steps to Industry 40
SFScon19 - Francesco La Spina -7 Steps to Industry 40SFScon19 - Francesco La Spina -7 Steps to Industry 40
SFScon19 - Francesco La Spina -7 Steps to Industry 40
 
Wireless Security Best Practices for Remote Monitoring Applications
Wireless Security Best Practices for Remote Monitoring ApplicationsWireless Security Best Practices for Remote Monitoring Applications
Wireless Security Best Practices for Remote Monitoring Applications
 
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020
 
Secure IOT Gateway
Secure IOT GatewaySecure IOT Gateway
Secure IOT Gateway
 
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
CCNA (R & S) Module 01 - Introduction to Networks - Chapter 11
 
Internet of Things Architecture / Topology
Internet of Things Architecture / TopologyInternet of Things Architecture / Topology
Internet of Things Architecture / Topology
 
Design Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security GuidelinesDesign Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security Guidelines
 
Design Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security GuidelinesDesign Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security Guidelines
 
Cisco Connect 2018 Thailand - Security automation and programmability mr. kho...
Cisco Connect 2018 Thailand - Security automation and programmability mr. kho...Cisco Connect 2018 Thailand - Security automation and programmability mr. kho...
Cisco Connect 2018 Thailand - Security automation and programmability mr. kho...
 
Cisco Connect 2018 Thailand - Telco service provider network analytics
Cisco Connect 2018 Thailand - Telco service provider network analytics Cisco Connect 2018 Thailand - Telco service provider network analytics
Cisco Connect 2018 Thailand - Telco service provider network analytics
 
ITN6_Instructor_Materials_Chapter11.pdf
ITN6_Instructor_Materials_Chapter11.pdfITN6_Instructor_Materials_Chapter11.pdf
ITN6_Instructor_Materials_Chapter11.pdf
 
Dncybersecurity
DncybersecurityDncybersecurity
Dncybersecurity
 
Securing your telco cloud
Securing your telco cloud Securing your telco cloud
Securing your telco cloud
 
Open and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the RiskOpen and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the Risk
 
Open and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the RiskOpen and Secure SCADA: Efficient and Economical Control, Without the Risk
Open and Secure SCADA: Efficient and Economical Control, Without the Risk
 
RISC-V 30946 manuel_offenberg_v3_notes
RISC-V 30946 manuel_offenberg_v3_notesRISC-V 30946 manuel_offenberg_v3_notes
RISC-V 30946 manuel_offenberg_v3_notes
 
Data trustworthiness at the edge
Data trustworthiness at the edgeData trustworthiness at the edge
Data trustworthiness at the edge
 
Week 09_Cyber security u.pdf
Week 09_Cyber security u.pdfWeek 09_Cyber security u.pdf
Week 09_Cyber security u.pdf
 

More from Nirmal Thaliyil

Remote management and data access of solar pv systems
Remote management and data access of solar pv systemsRemote management and data access of solar pv systems
Remote management and data access of solar pv systems
Nirmal Thaliyil
 
Cloud based dlms cosem metering head end
Cloud based dlms cosem metering head endCloud based dlms cosem metering head end
Cloud based dlms cosem metering head end
Nirmal Thaliyil
 
Monitoring MV& LV Distribution assets using LoRaWAN
Monitoring MV& LV Distribution assets using LoRaWANMonitoring MV& LV Distribution assets using LoRaWAN
Monitoring MV& LV Distribution assets using LoRaWAN
Nirmal Thaliyil
 
Enabling utility protocols in Edge gateways
Enabling utility protocols in Edge gatewaysEnabling utility protocols in Edge gateways
Enabling utility protocols in Edge gateways
Nirmal Thaliyil
 
Standards based security for energy utilities
Standards based security for energy utilitiesStandards based security for energy utilities
Standards based security for energy utilities
Nirmal Thaliyil
 
Ami system using dlms
Ami system using dlmsAmi system using dlms
Ami system using dlms
Nirmal Thaliyil
 
Distribution Automation based on IEC61850
Distribution Automation based on IEC61850Distribution Automation based on IEC61850
Distribution Automation based on IEC61850
Nirmal Thaliyil
 

More from Nirmal Thaliyil (7)

Remote management and data access of solar pv systems
Remote management and data access of solar pv systemsRemote management and data access of solar pv systems
Remote management and data access of solar pv systems
 
Cloud based dlms cosem metering head end
Cloud based dlms cosem metering head endCloud based dlms cosem metering head end
Cloud based dlms cosem metering head end
 
Monitoring MV& LV Distribution assets using LoRaWAN
Monitoring MV& LV Distribution assets using LoRaWANMonitoring MV& LV Distribution assets using LoRaWAN
Monitoring MV& LV Distribution assets using LoRaWAN
 
Enabling utility protocols in Edge gateways
Enabling utility protocols in Edge gatewaysEnabling utility protocols in Edge gateways
Enabling utility protocols in Edge gateways
 
Standards based security for energy utilities
Standards based security for energy utilitiesStandards based security for energy utilities
Standards based security for energy utilities
 
Ami system using dlms
Ami system using dlmsAmi system using dlms
Ami system using dlms
 
Distribution Automation based on IEC61850
Distribution Automation based on IEC61850Distribution Automation based on IEC61850
Distribution Automation based on IEC61850
 

Recently uploaded

Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
OnBoard
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
g2nightmarescribd
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Inflectra
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 

Recently uploaded (20)

Leading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdfLeading Change strategies and insights for effective change management pdf 1.pdf
Leading Change strategies and insights for effective change management pdf 1.pdf
 
Generating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using SmithyGenerating a custom Ruby SDK for your web service or Rails API using Smithy
Generating a custom Ruby SDK for your web service or Rails API using Smithy
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 

Secured Communication Infrastructure for Substation Automation

  • 2. • NERC CIP v5 Critical Infrastructure Protection • IEEE 1686 functions and features to be provided in IEDs to accommodate CIP • IEC62351 power system data and communication security • IETF standard for communication (eg: TLS, SSH) Security Objectives 2Copyright © Kalkitech / ASE. All rights reserved. Manage MonitorProtect • Confidentiality and integrity – Engineering data – SCADA data • Defends against – Intrusion – Man in the middle – Denial of service attacks • Improve availability • Centralized • Authorization • Authentication • Accounting • Logs • Alarms • Events
  • 4. Cybersecurity Best Practices 4 Response • Network management service • Remote key and certificate management process • Patching, backup and recovery Detection •Audit trail •Security events and alarm logging •Analysis tools Protection •Hardening •Edge firewall •Authentication •digital signature & access control •Data encryption •Validation
  • 5. Enhanced Device Security • Secured device access • Controlling communication ports • Encrypting of communication link and data • Controlling firmware and configuration update • Authenticating device access (RBAC) • Logging of security alarms and events 5