• No results found

Information and IT Security for Power System Operation

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Information and IT Security for Power System Operation"

Copied!
22
0
0

Loading.... (view fulltext now)

Download now ( 22 Page )

Full text

(1)

Information and IT Security

for

Power System Operation

Göran Ericsson and Kun Zhu

(2)

Agenda

• Introduction of Svenska Kraftnät - Swedish National Grid Company

• R&D activities in Sweden

- Collaboration between SvK, KTH and FOI(Swedish Denfence Research Agency)

- Viking project

• Conclusion

(3)

3

(4)

Missions (in brief)

• Provide transmission of power on the national grid level in compliance with security, efficiency and environmental requirements

• To perform the system operator function for electricity and natural gas cost-efficiently

• To promote an open Swedish, Nordic and European market for

electricity and natural gas

• To ensure a robust nationwide supply of electricity

(5)

Research Collaboration within Sweden

• Vulnerability scanning

- Detection and false alarms - Remediation

• Reflections from a Cyber Defense Exercise

- How reliable is the Common Vulnerability Scoring System?

- Expert assessment of the probability of successful remote code execution attacks

- How good are experts and different prediction models?

(6)

Vulnerability Scanning

• Purpose: to identify and evaluate possible vulnerabilities of the IT systems based vulnerability scanning tools

(7)

Vulnerability Scanning Project

• How does it work?

• Network scanning

• Vulnerability scanning

• Vulnerability analysis

Scanner

Hello, what services and operating systems are you guys running?

I am 172.18.1.3, Windows XP SP2, unpatched, with file sharing and remote desktop enabled

(8)

Vulnerability Scanning Project

• How does it work?

• Network scanning

• Vulnerability scanning

• Vulnerability analysis

Scanner Hmm.. XP SP2 without patches… There are 17 vulnerabilitites that are applicable.

(9)

Vulnerability Scanning Project

• How does it work?

• Network scanning

• Vulnerability scanning

• Vulnerability analysis

Scanner

Do you have default

passwords or any other silly configuration flaws?

My password is ”password”, it is handy as no one forgets it!

(10)

Vulnerability Scanning Project

• How does it work?

• Network scanning

• Vulnerability scanning

• Vulnerability analysis

(11)

Vulnerability Scanning Project

0 10 20 30 40 50 60 70 80 90 100 0 10 20 30 40 50 60 70 80 90 100 % Detect ion % False Alarm Unauthenticated scans Nessus Qualys NeXpose SAINT McAfee AVDS Patchlink scan 0 10 20 30 40 50 60 70 80 90 100 0 10 20 30 40 50 60 70 80 90 100 % Detect ion % False Alarm Authenticated scans Nessus Qualys NeXpose SAINT McAfee AVDS Patchlink scan

(12)

Vulnerability Scanning Project

0 10 20 30 40 50 60 70 80 90 100 0 10 20 30 40 50 60 70 80 90 100 % Remedi a tio n % Detection Unauthenticated scans Nessus Qualys NeXpose SAINT McAfee AVDS Patchlink scan 0 10 20 30 40 50 60 70 80 90 100 0 10 20 30 40 50 60 70 80 90 100 % Remedi a tio n % Detection Authenticated scans Nessus Qualys NeXpose SAINT McAfee AVDS Patchlink scan

• Automated security scanning needs to be complemeted through other efforts…

5884 pages

report …

(13)

Presentation for EPCC 2011, 2011-05-25

(14)

Cyber Denfense Exercise

Does the vulnerability level of a system affect

the time needed to compromise the system?

Vulnerabilities can be measured through the

Common Vulnerability Scoring System (CVSS)

- Scale from 0 – 10

• 15 system-level vulnerability metrics are tested to see if any metric displayed a relation to the time needed to compromise the systems

- Drawn from literature (9 metrics) and models used by the industry (6 metrics).

(15)

Cyber Denfense Exercise

• TTC: Time from start of attack (measured through the first alarm from the intrusion detection system Snort) until successful

compromise of that host.

Snort t1 = 1400.3 sec

t2 = 3000.2 sec TTC = t2 – t1

(16)

Research in cyber security so far…

Cyber Defense Exercise

• Statistics for the best model…

(17)

Research in cyber security so far…

Cyber Defense Exercise

• A more detailed security estimation model is needed!

(18)

H. Holm, M. Ekstedt and D. Andersson “Empirical

analysis of system-level vulnerability metrics through

actual attacks” submitted to IEEE Trans on

Dependable and Secure Computing.

(19)

Viking Project

• VIKING stands for Vital Infrastructure, Networks, Information and Control Systems Management

• EU financed Framework 7 Collaborative STREP Project and is part of themes 4, ICT, and 10, Security.

• Between 2008-11-01 and 2011-10-31

• To investigate the vulnerability of SCADA systems and the cost of cyber attacks on society

• A consortium of industrial and academic partners - KTH, Stockholm - ETH, Zurich - University of Maryland - E.ON - ABB - Astron Informatics - MML www.vikingproject.eu

(20)

VIKING

From security requirements

to societal costs

Attack

SCADA system

Power network

Societal cost

Attack Inventory System Architecture Vulnerability Models

SCADA functionality manipulation: State Estimator, AGC

Virtual city/citizen simulator

Virtual T&D network simulator

(21)

Cyber-security from SvK perspective

• It is of paramount importance to take security into consideration in the procurement phase of new system for power grid operation and control

- Architecture: is the system are composed by different zones with security concerns?

- Security mechanism

- Authorization: third party access

• The same security concern should be shared with other critical infrastructures in society, such as water, gas and transportations.

(22)

Questions?

Presentation for EPCC 2011, 2011-05-25

goran.ericsson@svk.se

zhu.kun@ics.kth.se

References

Download now ( PDF - 22 Page - 1.19 MB )

Related documents

A Bluetooth Scatternet for the Khepera Robot

With the used Bluetooth sticks, a up to three slaves can be connected to a master and a maximum data rate of 86 kb/s is achievable from slave to master and 9 kb/s from master to

3. Policies for renewable energies/biomass in India

 Section 3 (1), Government of India (GoI) shall, from time to time, prepare the National Electricity Policy and Tariff Policy, in consultation with the State Governments for

ACCIDENT ANALYSIS AND BARRIER FUNCTIONS

In this usage of the barrier concept, the lack of a barrier corresponds completely to the notion of a preventive barrier as it is generally used, whereas the lack of resources in

How to Choose a Dissertation Topic

• US Share Prices (Yahoo Finance) • Daily Data (Yahoo. Finance) • Interest Rates (Federal Reserve, Bank of England) • US Commodity Spot Prices (Datastream)

Horizontal cooperations between logistics service providers : motives, structure, performance

(1996), “Airline industry strategic alliances: marketing and policy implications”, International Journal of Physical Distribution & Logistics. Management

Bayesian Analysis of Continuous Time Models of the Australian Short Rate

The alternative models are nested in a general single-factor diffusion process for the short rate, with each alternative model indexed by the level effect parameter for the

Firms Dynamics, Bankruptcy Laws and Total Factor Productivity

The results of the model explain the features of the Japanese economy, as both the productivity shock and the credit market shock cause a fall in the price of land, and an