• No results found

An Open Source SCADA Toolkit

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "An Open Source SCADA Toolkit"

Copied!
14
0
0

Loading.... (view fulltext now)

Download now ( 14 Page )

Full text

(1)

An Open Source SCADA Toolkit

Stanley A. Klein

Open Secure Energy Control Systems, LLC (301) 565­4025

(2)

     Open Secure Energy Control Systems, LLC.    Open Source Secure SCADA Toolkit

Agenda

● Project focus and approach ● Relevant features of IEC­61850 ● Toolkit overview (architecture, applications, security  features, and development sequence) ● Issues in open source development and use ● Lessons learned ● Sources of further information

(3)

     Open Secure Energy Control Systems, LLC.    Open Source Secure SCADA Toolkit

Project Focus and Approach

● Exploit opportunity for electric utility cost, operational,  and security improvements provided by new IEC­61850  standard for substation automation/SCADA  ● Develop 61850 toolkit for secure SCADA infrastructure ● Address electric power industry­specific security issues ● Leverage leading edge open source technologies

(4)

     Open Secure Energy Control Systems, LLC.    Open Source Secure SCADA Toolkit

Relevant features of IEC­61850

● Object model layered over standard communications ● Named objects replace numbered points ● Standard LAN infrastructure replaces point­to­point  wiring ● Substation Configuration Language (SCL) ● Substation components represented by standardized  objects ● Plug and play component discovery ● Standard encryption technology support (WG draft)

(5)

     Open Secure Energy Control Systems, LLC.    Open Source Secure SCADA Toolkit

Toolkit Architecture Concepts

● Build around web services SOAP engine as core ● Expand on existing 61850 use of XML technology ● Extend easily to external interfaces (e.g., CIM)  ● Support role­based access control ● Instantiate object model based on SCL configuration ● Translate to MMS and other protocols Support usual SCADA functionality

(6)

     Open Secure Energy Control Systems, LLC.    Open Source Secure SCADA Toolkit

Examples of Open Source Leverage

● Screen GUI tools and SVG diagram tools ● SOAP engine and related tools ● Programming languages – GNU C/C++ and Python ● Security tools (Security Enhanced Linux, encryption  applications and network protocols, firewall, IDS) ● PSAT ● Numerous other miscellaneous tools and libraries

(7)

     Open Secure Energy Control Systems, LLC.    Open Source Secure SCADA Toolkit

OSECS Toolkit Technical Contributions

● Software for naming substation objects ● User GUI for form and one­line­diagram status  display/control of substation equipment ● SCADA master server Web Services engine ● Server substation model and proxies ● Open Source implementation of MMS protocol ● Configuration and integration of numerous other tools

(8)

     Open Secure Energy Control Systems, LLC.    Open Source Secure SCADA Toolkit

Toolkit Intended Applications

● Management tool for 61850 Substation Config Language ● Workstation for equipment maintenance or substation HMI ● Starter or enhanced SCADA for small utilities ● Control system for distributed generation facilities ● Substation and control center security appliances  (application firewalls and access control gateways) ● Power System Attack Warning System workstation

(9)

     Open Secure Energy Control Systems, LLC.    Open Source Secure SCADA Toolkit

Toolkit Security Function Examples

● Secure OS restricts data flows and contains intrusions ● Role based access control of SCADA objects ● Network encryption and network firewalls ● External data can be "pushed"  ● Programmed verification of static settings (e.g., relays) ● Shift­change GUI allows user login without disruption ● Security violation data collection (intrusion detection)

(10)

     Open Secure Energy Control Systems, LLC.    Open Source Secure SCADA Toolkit

Toolkit Development Sequence

● SCL Management Tool ­  Statically instantiate all objects; support name generation  ● Tree Browser ­ Tree display only; Dynamic; Communication with devices ● SCADA/Control Center ­ Basic:  Dynamic diagrams/forms display selected objects ­ Enhanced:  Persistent storage; Pre­defined procedures ● PSAWS   ­ Collect and analyze security violation reports against pre­ analyzed conditions

(11)

     Open Secure Energy Control Systems, LLC.    Open Source Secure SCADA Toolkit

Issues in Open Source Development

● Need to assess scope and activity of user/maintainer  community to avoid dead­end software ● License types and impacts ­ Academic (BSD, MIT) – Can be incorporated into proprietary  software.  No impact on business model or architecture. ­ Reciprocal non­GPL (LGPL, MPL, Artistic, others) – Business  model must focus on support and ancillary services ­ Reciprocal GPL – Must integrate as “independent works”  (via 

(12)

     Open Secure Energy Control Systems, LLC.    Open Source Secure SCADA Toolkit

Open Source Packaging

● Distribution methods ­ Source (e.g., script files, repository access) ­ Binary and source Tar files (with possible build issues) ­ Binary and source RPM and Deb packages ­ Yum and Apt­get installs ● Dependency issues ­ Availability ­ Version compatibility ­ System management compatibility

(13)

     Open Secure Energy Control Systems, LLC.    Open Source Secure SCADA Toolkit

Lessons Learned

● 61850 is less mature than originally anticipated (IEC vs  IETF) ● Naming convention definition (especially standardized  naming) is an issue for electric utilities ● Security policies are difficult for utilities to express

(14)

     Open Secure Energy Control Systems, LLC.    Open Source Secure SCADA Toolkit

For More Information

● On the toolkit:  http://www.osecs.com ● On open source licensing:  http://www.opensource.org  or http://www.fsf.org ● On available open source components and tools:  ­ http://freshmeat.net  ­ http://cheeseshop.python.org/  (Python repository) ­ http://www.pythonware.com/daily/ (Python project news links) ­ Sourceforge.net (not easy to search) ­ General search engines (e.g., Google)

References

Download now ( PDF - 14 Page - 547.78 KB )

Related documents

Village Groups Forum. Tuesday 13 January 2015

 Since April 2014, change of use and some associated physical works from a small shop or professional/financial services (exemptions apply) to residential use subject to

Bias of selection on human copy-number variants

In summary, whereas evidence is scarce that human SNPs have contributed frequently to adaptive evolution [12,46,51], in human CNVs the increased densities of all genes, and

Body Mass Index and Weight Loss in Overweight and Obese Korean Women: The Mediating Role of Body Weight Perception

Therefore, the pur- poses of this study are to systematically assess the relationships among BMI, weight perception, and weight loss efforts in a nationally representative sample

Automated data integration for developmental biological research

Therefore, data integration cannot replace genetic screens for predicting gene function and interactions because genetic screens provide unbiased coverage of the genome: genes can

FRENCH POLYNESIA. Navigation and Commerce Issue GREEN 10C BLACK 15C 20C GRAY YEL. GRN. RED 25C 30C 35C 40C 45C 50C CARMINE 75C 1FR BROWN

Colonial Arts Exhibition Issue 1937..

Control, relational signalling and trust building in an inter-firm relationship: field study reflections

Drawing on the theoretical stock of literature on contracting, controlling, trust and relational signalling in inter-firm relationships, we try to provide theoretical

Project Management Methodologies in SaaS Deployment Projects

Three process characteristics that are adding complexity to the deployment are existing integrations between clients’ other systems, various configuration options, and a

Financial policy and stabilization : the case of Russia

Keywords: Financial policy, financial mechanism, fiscal policy, federal budget, inflation, balance, fiscal consolidation, tax revenues, budget-forming taxes, economic