Project co-funded by the European Commission within the 7th Framework Program (Grant Agreement No....

project co-funded by the European Commission within the 7th Framework Program (Grant Agreement No. 619682)

Business Convergence WS#2Smart Grid Technologies and Project Use Cases

Embedding Security SoftwareSébastien Breton, Airbus Defence & Space CyberSecurity


Forewords

Be reminded that there are two cultures: For IT People, security means cybersecurity For ICS people, security means safety and

reliability

In electric systems, safety and reliability are of paramount importance, and any cyber security measures should not jeopardize power system operations!

IT: Information TechnologyICS: Industrial Control System

Embedding Security Software


Outline

Introduction Cybersecurity context: today’s grid Cybersecurity concepts

Defence-in-depth Incident handling Critical elements

Cyber-physical attacks Preventing the hack

Can your smart grid system survive from a cyber attack?

Conclusion



Introduction

Cybersecurity must be considered as a whole system approach

Security requirements to be implemented in a given system must be drawn from a security risk analysis, which, in the specific field of smart grid systems, must take into account not only cyber risks and physical risks, but combined cyber-physical risks, so as to deter cyber-physical threats



Cyber Security Context: today’s grid

Blackouts, reported in several cities since 2000 (Northeast, Florida, etc.), could have been caused by cyber-attacks against the electric grid

U.S. Department of Homeland Security investigated over 200 serious cyber-attacks against critical infrastructure during the first half of 2013 Electric grid targeted in over half of these attacks

Blackhat: Pentesting Smart Grid and SCADA with SamuraiSTFU



Defence-in-depth

Setting up a cybersecurity strategy, based on a layered approach, to mitigate the risk:


Prevention• Continuous actions and measures put in

place to reduce the risk of threats• E.g.: Patch management process, software

updates, security by design

Detection• Approaches to identify anomalous

behaviours and discover intrusion• E.g.: Intrusion detection system, traffic

inspection

Response• Emergency operation plans and incident

mitigation activities (short term actions)• E.g.: Containing a cyber attack, modifying

firewall filtering rules

Recovery• Reconstitution of smart grid operations• E.g.: Remediation activities

BUILDINGBLOCKS


Critical elements

The cybersecurity strategy should consider the following critical elements as being all necessary for each prevention, detection, response, recovery building blocks:

TECHNOLOGY

PROCESS

PEOPLE



Critical elements applied to prevention (Example)P

EO

PL

E • CYBER SECURITY AWARENESS

• TRAINING (SECURE CODING)

PR

OC

ES

S • TRUSTED SUPPLY CHAIN

• PATCH VALIDATION

TE

CH

NO

LO

GY • UP-TO-DATE

ALGORITHM• STANDARD



Cyber-physical attacks

Cyber-physical attacks (also called blended attacks) cause a greater impact and/or different consequences than a cyber or physical attack could cause individually

To address the enhanced impacts, risks and vulnerabilities for both cyber and physical attacks must be considered

Can your smart grid system survive from a cyber attack?



Common control system vulnerabilities and weaknesses


Software / Product Security Weaknesses

• Improper input validation

• Poor code quality• Permissions,

privileges and access controls

• Improper authentication

• Insufficient verification of data authenticity

• Cryptographic issues• Credentials

management• Configuration and

maintenance

Configuration weaknesses

• Permissions, privileges and access controls

• Improper authentication

• Credentials management

• Security configuration and maintenance

• Planning, policy, procedures

• Audit and accountability configuration

Network security weaknesses

• Common network design weaknesses

• Weak firewall rules• Network component

configuration (Implementation) vulnerabilities

• Audit and accountability

Source: Cyber–Physical System Security for the Electric Power Grid , Proceedings of the IEEE | Vol. 100, No. 1, January 2012


Embedding security software

Large scale key management and cryptographic algorithm Integrity of the software is not simply checking a CRC « signature » It must rely on cryptographic signature, which implies managing secret

elements (cryptographic keys). It is the only way to truly authenticate the software editor

Don’t implement your own cryptographic algorithm. You’ll fail! Secure communications

Must be based on standard protocols with a given cryptograhic key size Managing technological obsolescence… !

Authentication of remote critical controls Protection against eavesdropping (encrypt!) Get your software product independently assessed or pentested

And of course, it is all about human people: Provide relevant training (secure coding…)



Conclusion

To address new security challenges, cyber security needs to be integrated with system theory to guarantee resilience of the grid

MAS²STERING shall provide: Cross domain (power/electrical to cyber/digital) security event

detection (SIEM), analysis and response Secure communications in regards of the privacy concerns Role-based access control (RBAC) to authenticate, authorize

and grant access to the smart grid system



Backup slides



Bibliography

NIST 7628 - Guidelines for Smart Grid Cybersecurity Volume 1 – Smart Grid Cybersecurity Strategy, Architecture, and

High-Level Requirementsines for Smart Grid Cybersecurity Volume 2 – Privacy and the Smart Grid Volume 3 – Supportive Analyses and References

SANS Institute The Incident Handlers Handbook

The CERT Division Secure coding

OWASP


Project co-funded by the European Commission within the 7th Framework Program (Grant Agreement No....

Documents

Transcript of Project co-funded by the European Commission within the 7th Framework Program (Grant Agreement No....