Post on 19-Dec-2015
Securing Smart GridSecuring Smart Grid
C. Edward ChowUniversity of Colorado at Colorado
Springs
C. Edward ChowUniversity of Colorado at Colorado
Springs
Smart Grid Education Workshop / Chow 25/29/2009
Outline of the TalkOutline of the Talk
Security in Smart GridPhysical Security ChallengesCyber Security Challenges
Related Education Programs at UCCS Survey Results on Certificate Program in Power and Energy being developed by UCCS-Colorado Springs Utilities (CSU )
Security in Smart GridPhysical Security ChallengesCyber Security Challenges
Related Education Programs at UCCS Survey Results on Certificate Program in Power and Energy being developed by UCCS-Colorado Springs Utilities (CSU )
Smart Grid Education Workshop / Chow 3
Wall Street Journal 4/8/2009 Wall Street Journal 4/8/2009
5/29/2009
Smart Grid Education Workshop / Chow 4
Russia Disrupt CNN Interview with Georgia President
Russia Disrupt CNN Interview with Georgia President"When Russia invaded Georgia last year, it
simultaneously launched a cyber war. A multi-faceted cyber attack began against the Georgian infrastructure and key government web sites. The attack included Distributed Denial of Service (DDoS)Attacks, Defacing of Web Sites , Infecting and Disabling VoIP phone system. Even CNN's interview with Georgian President MikHail Saakashvili got interrupted and delayed.”
“Many industries are also gravitating towards reducing the cost of physical security using IPTV and voice over IP (VoIP) to remotely monitor premises.” --- Juniper Network on Secure SCADA
"When Russia invaded Georgia last year, it simultaneously launched a cyber war. A multi-faceted cyber attack began against the Georgian infrastructure and key government web sites. The attack included Distributed Denial of Service (DDoS)Attacks, Defacing of Web Sites , Infecting and Disabling VoIP phone system. Even CNN's interview with Georgian President MikHail Saakashvili got interrupted and delayed.”
“Many industries are also gravitating towards reducing the cost of physical security using IPTV and voice over IP (VoIP) to remotely monitor premises.” --- Juniper Network on Secure SCADA
5/29/2009
Smart Grid Education Workshop / Chow 5
Vision of Smart Secure Grid (SSG)Vision of Smart Secure Grid (SSG)Page 12 of Jeff Harrell & Ron Sega CSU 3_10_2009
Smart Grid Workshop presentation:Energy Security in the 21st Century requires a new, environmentally responsible national energy system A new Smart Secure Grid architecture will enable:
Increased use of renewable (clean energy options), Demand-side management (greater efficiency),
And enhanced Infrastructure SecurityTo date, most Smart Grid projects have been Utility-centric and heavily focused on AMI and Demand ManagementOur region is well positioned to lead this charge and develop a comprehensive model for the nation
Page 12 of Jeff Harrell & Ron Sega CSU 3_10_2009 Smart Grid Workshop presentation:Energy Security in the 21st Century requires a new, environmentally responsible national energy system A new Smart Secure Grid architecture will enable:
Increased use of renewable (clean energy options), Demand-side management (greater efficiency),
And enhanced Infrastructure SecurityTo date, most Smart Grid projects have been Utility-centric and heavily focused on AMI and Demand ManagementOur region is well positioned to lead this charge and develop a comprehensive model for the nation
5/29/2009
Smart Grid Education Workshop / Chow 6
Infrastructure Security in SSGInfrastructure Security in SSGPhysical Security Challenges
Vast area for perimeter defenseFew spares for EHV equipment,...
Opportunities for new surveillance/protection systems
Cyber Security ChallengesOld communication infrastructureNew/numerous power sources (potential threats)SCADA/Distributed Control System (DCS) were not designed with cyber security requirements in mind,…
Opportunities for new secure architectures/techniques
Physical Security ChallengesVast area for perimeter defenseFew spares for EHV equipment,...
Opportunities for new surveillance/protection systems
Cyber Security ChallengesOld communication infrastructureNew/numerous power sources (potential threats)SCADA/Distributed Control System (DCS) were not designed with cyber security requirements in mind,…
Opportunities for new secure architectures/techniques5/29/2009
Smart Grid Education Workshop / Chow 7
Physical Security Challenges
Physical Security Challenges Vast
perimeter security (100,000 miles? Of transmission lines) to monitor and defend!
Vast perimeter security (100,000 miles? Of transmission lines) to monitor and defend!
5/29/2009 Page 3 of Hareell_Sega 3_10_2009 presentation
Smart Grid Education Workshop / Chow 8
Physical Security SolutionsPhysical Security SolutionsAdaptive High Dynamic Range Imaging C2FUSE: Command and Control Fusion INSPECCT: Inexpensive Spectrometer Color Camera Technology GPS-Based Tracking System for Trauma Patients Intelligent Imaging System NCIIA: National Collegiate Inventors and Innovators Alliance Network Security NSF Privacy: NSF STTR on Privacy Enhanced Biometrics ONR FAMME: ONR Facial Analysis in the Moving Maritime Environment Privacy Enhanced Camera Projective Biometric Invariants
Revocable Biometrics with Robust Distance Metrics SEE Port: Surveillance and Enemy Evaluation with PTZ and Omni-directional Reconnaissance Technology
See research projects http://vast.uccs.edu/
Adaptive High Dynamic Range Imaging C2FUSE: Command and Control Fusion INSPECCT: Inexpensive Spectrometer Color Camera Technology GPS-Based Tracking System for Trauma Patients Intelligent Imaging System NCIIA: National Collegiate Inventors and Innovators Alliance Network Security NSF Privacy: NSF STTR on Privacy Enhanced Biometrics ONR FAMME: ONR Facial Analysis in the Moving Maritime Environment Privacy Enhanced Camera Projective Biometric Invariants
Revocable Biometrics with Robust Distance Metrics SEE Port: Surveillance and Enemy Evaluation with PTZ and Omni-directional Reconnaissance Technology
See research projects http://vast.uccs.edu/5/29/2009
Smart Grid Education Workshop / Chow 9
Cyber Security ChallengesCyber Security Challengeswww.juniper.net/us/en/local/pdf/whitepapers/2000276-en.pdf Juniper Network White PaperArchitecture for Secure SCADA and Distributed Control System Networks
DHS identifies industrial control system networks for critical infrastructures of electric … as one of the most vulnerable targets for the security of the United States.Contrary to popular belief, many modern industrial control systems use common operating systems, protocols and networking stacks, making them vulnerable to worms, viruses, and application level attacks
www.juniper.net/us/en/local/pdf/whitepapers/2000276-en.pdf Juniper Network White PaperArchitecture for Secure SCADA and Distributed Control System Networks
DHS identifies industrial control system networks for critical infrastructures of electric … as one of the most vulnerable targets for the security of the United States.Contrary to popular belief, many modern industrial control systems use common operating systems, protocols and networking stacks, making them vulnerable to worms, viruses, and application level attacks 5/29/2009
Smart Grid Education Workshop / Chow 10
Securing Control NetworksSecuring Control Networks
5/29/2009
Smart Grid Education Workshop / Chow 11
Cyber Security ChallengesCyber Security ChallengesKey Management System for SCADA/DCS Support unicast[Sandia], broadcast[Choi08], multicast [Lee09], concast?Authentication in Disaster/Power Outage Recovery SituationOne solution: Biotope based Biometric Authentication SystemIntrusion Detection/Mitigation How we deal with Insider Attacks and Distributed Denial of Services Attacks
Key Management System for SCADA/DCS Support unicast[Sandia], broadcast[Choi08], multicast [Lee09], concast?Authentication in Disaster/Power Outage Recovery SituationOne solution: Biotope based Biometric Authentication SystemIntrusion Detection/Mitigation How we deal with Insider Attacks and Distributed Denial of Services Attacks
5/29/2009
Smart Grid Education Workshop / Chow 12
Related Cyber Security Research ProjectsRelated Cyber Security Research Projects
Biotope/Biometric Infrastructure --- DODSecure Collective Network Defense ---AFOSR
Secure DNS with Indirect Routing against DDoSMultipath Indirect Routing
Multi-tier QoS Server Systems --- NSFAccelerated Learning through Game Technologies: Defense against Insider Attacks --- AFRL-SBIRKey Management System for Secure Storage Systems --- joint research project with HP
Biotope/Biometric Infrastructure --- DODSecure Collective Network Defense ---AFOSR
Secure DNS with Indirect Routing against DDoSMultipath Indirect Routing
Multi-tier QoS Server Systems --- NSFAccelerated Learning through Game Technologies: Defense against Insider Attacks --- AFRL-SBIRKey Management System for Secure Storage Systems --- joint research project with HP
5/29/2009
Smart Grid Education Workshop / Chow 13
SSG Related Curriculum @ UCCSSSG Related Curriculum @ UCCS
Master of Engineering in Information Assurance Ph.D. in Engineering with Emphasis on SecurityIA Certificate ProgramBattery Control Curriculum(funded by DOE through U. Michigan)UCCS- CSU need based power engineering course (offered since 2006)Power and Energy Certificate Program (being planned)
Master of Engineering in Information Assurance Ph.D. in Engineering with Emphasis on SecurityIA Certificate ProgramBattery Control Curriculum(funded by DOE through U. Michigan)UCCS- CSU need based power engineering course (offered since 2006)Power and Energy Certificate Program (being planned)
5/29/2009
Smart Grid Education Workshop / Chow 14
Power Curriculum @UCCSPower Curriculum @UCCSECE 3910-3, Power Systems I, Offered in Spring Semester
Basic concepts and analytical methods in three-phase electric power systems: single-phase equivalent models; per-unit system of calculations; power, apparent power, and energy; basic properties of power systems elements; short-circuit current; voltage drop; and losses. Includes lectures and demonstrations.
ECE 4910-3, Power Systems II, Offered in Fall Semester
An expansion of topics covered in the first course in Power Systems. Covers transmission lines, power flow analysis, generation dispatch and the dynamic behavior of machines and power systems during abnormal conditions.
ECE 4160-4 Power and Energy. Planned for future offerings.
Magnetic Circuits and materials, transformers, electromechanical energy conversion principles, introduction to rotating machines, poly phase induction machines, synchronous machines, DC machines, stepper motors, laboratory experiments on transformers, synchronous motors, induction motors, steeper motors, motor control circuits.
ECE 3910-3, Power Systems I, Offered in Spring Semester
Basic concepts and analytical methods in three-phase electric power systems: single-phase equivalent models; per-unit system of calculations; power, apparent power, and energy; basic properties of power systems elements; short-circuit current; voltage drop; and losses. Includes lectures and demonstrations.
ECE 4910-3, Power Systems II, Offered in Fall Semester
An expansion of topics covered in the first course in Power Systems. Covers transmission lines, power flow analysis, generation dispatch and the dynamic behavior of machines and power systems during abnormal conditions.
ECE 4160-4 Power and Energy. Planned for future offerings.
Magnetic Circuits and materials, transformers, electromechanical energy conversion principles, introduction to rotating machines, poly phase induction machines, synchronous machines, DC machines, stepper motors, laboratory experiments on transformers, synchronous motors, induction motors, steeper motors, motor control circuits.
5/29/2009
Smart Grid Education Workshop / Chow 15
Survey on Certificate Program in Power and EnergySurvey on Certificate Program in Power and Energy
May 2009 @ Denver MREL ConferenceMay 2009 @ Denver MREL Conference
5/29/2009
Smart Grid Education Workshop / Chow 16
Survey ResultsSurvey ResultsSusan Lovejoy: “With 19 respondents total, the questionnaire results are not conclusive... except that there does seem to be interest for courses. Smart Grid is near the top of the list, however, Power Systems Analysis is most important to the utilities. Also, interesting to note that of the 19 respondents, there are 26 potential online students (no potential on-campus students).” Energy economics and electricity market is most important to the consultants.
Susan Lovejoy: “With 19 respondents total, the questionnaire results are not conclusive... except that there does seem to be interest for courses. Smart Grid is near the top of the list, however, Power Systems Analysis is most important to the utilities. Also, interesting to note that of the 19 respondents, there are 26 potential online students (no potential on-campus students).” Energy economics and electricity market is most important to the consultants.
5/29/2009
Smart Grid Education Workshop / Chow 17
Survey CommentsSurvey Comments“Students must have strong theory in power basics.”“Trying to implement the latest stuff like Smart Grid without power can be disastrous.....”
"no one wants a 20 year old graduate telling them what they think smart grid should do"
“Students must have strong theory in power basics.”“Trying to implement the latest stuff like Smart Grid without power can be disastrous.....”
"no one wants a 20 year old graduate telling them what they think smart grid should do"
5/29/2009