Synchrophasor Security Practices John Stewart, Tennessee Valley Authority Thomas Maufer, Mu Dynamics, Inc. Rhett Smith, Chris Anderson, and Eren Ersonmez, Schweitzer Engineering Laboratories, Inc. Presented by Tommy Morris February 22, 2011

Current Power System Situational Awareness • SCADA measurements every 2-15 seconds • Measurement Asynchronous • Complex algorithms used to estimate state of power system • PMUs offer – – – –

30-240 measurements/second Synchronized measurements (100 ns accuracy via GPS) Real time situational awareness Less complex algorithms

Cyber Threat • PMU’s require new/more communication channels • Potential of cyber intrusion • Paper offers: – Best practices for mitigating cybersecurity risks

Synchrophasor Applications Real time applications w/control actions - Special Integrity Protection Schemes (SIPS) •Identify undamped oscillations and take automatic action before system collapse •Voltage stability by automatic control ofstatic VAR compensator (SVC)

•What is effect on these algorithms if MITM pollutes data? •What is effect on these algorithms if DOS makes data unavailable?

C37.118 Message Frames

(Header not commonly used)

Did we Fuzz all of these?

CIP • Synchrophasors not critical day • Increasing trend using synchrophasors in protection, operations, and planning • Synchrophasors will be critical in the future.

Best Practices • Electronic Security Perimeter • Minimize number of electronic access points • Place PMU multiple layers deep in the subnetwork (separate substation VLAN for PMU). • Firewalls with white list (deny-by-default) • PDC provides a security layer – Users access PDC not PMUs – Security upgrades occur at PDC rather than a PMUs

Best Practices, cont’d • C37.118 leaves security to higher layers • Implement IPSEC on substation gateway device • Short reference to connecting PMU’s to PDC via EIA-232 (RS-232). RS-232 is no routable protocol so often preferred for security. Not sure if RS-232 can handle the bandwidth requirements for a single PMU?

UDP Secure • Unidirectional Secure Streaming (PMU->PDC) • Command frames disable • PMU ignores client state, just streams continuously to a predefined location. • Firewall rules simpler – One way – Hide PMU’s IP address (no one needs to know)

• Add VPN for confidentiality and integrity

Remote Access • Avoid it. or • Use secure tunnel (SSH).

Other ports and services • Close them if not needed. – Required by NERC CIP

Non-ESP • • • •

Protect the network not in an ESP Treat this connection as un-trusted. Recommend encryption at any layer. Watch out for DOS.

Latency Measurements • Latency from VPN devices is tolerable for small number of VPN tunnels – i.e. substation with just a few PMU

• Latency increases as more VPN tunnels are added. – Not recommended for use in control center where many tunnels may be required.

• No data on what is acceptable for different applications.

VPN + Firewall Test • Demonstrated Zenmap tool effectiveness – can find devices when firewall disabled – Cannot find device when firewall enabled

• Demonstrated MITM attack – ARP Cache poisoning – Capture, monitor, and replay data

• Demonstrated VPN effectiveness – Without tunnel replay accepted at client – With tunnel replay rejected

Synchrophasor Security Practices

Feb 22, 2011 - PMU's require new/more communication channels. • Potential of cyber intrusion. • Paper offers: – Best practices for mitigating cybersecurity ...

438KB Sizes 0 Downloads 403 Views

Recommend Documents

Synchrophasor Security Practices
I. INTRODUCTION. Synchrophasor technology can be summarized as marking .... synchronous optical networks (SONETs), wireless links, and so on. There are ...

G Suite security best practices
Tip: On the 2-Step Verification page, you can print a one-time passcode that allows you to sign in when you're away from your phone. It's quicker than entering a verification code. You can also choose to use a Security Key . You insert it into your c

BGP Security Best Practices - Federal Communications Commission
FINAL Report – BGP Security Best Practices ..... servers hosting web or email applications; home user machines; VoIP (Voice over Internet .... Working Group 10:.

BGP Security Best Practices - Federal Communications Commission
Company. Rodney Joffe – Co-Chair. Neustar, Inc. Rod Rasmussen – Co-Chair .... software and/or hardware deployments; WG4 is geared toward items that ... then drove development of the initial documentation of issues and ...... work in light of rece

Read Information Security: Principles and Practices
Jun 14, 2014 - Read Information Security: Principles and Practices (2nd. Edition) ... information security in all 10 domains ... increasingly rigorous compliance.

PDF Information Security: Principles and Practices
ebook Information Security: Principles and Practices (2nd Edition) ..... Practices (2nd Edition) (Certification/Training) ,kindle cloud Information Security: Principles ...

SaaS Security Best Practices: Minimizing Risk in the Cloud - Media15
Aug 7, 2015 - To minimize risk in the cloud, we have established the following best ..... are accessed by the appropriate users in the appropriate computing.

Comparing Expert and Non-Expert Security Practices - Usenix
Jul 24, 2015 - Security practices that experts follow and consider good security advice for .... the survey via their social media accounts. About 80% of partic-.

Practices in and reflections on development, security ... -
Panelists. Ambassador Mr. S.E.M. Sékou Kassé, Ambassador for Mali to the UN (TBC). Ms. Oulie Keita, Director of Programs of Freedom House, Board member of. Wanep Mali. Mr. Moussa Bambara Project Management and Conflict Management. Specialist at Gov

ReadPDF Information Security: Principles and Practices
Modern Computer Security, in One Book Clearly explains all facets of information ... security, from cloud services to mobile applications, “Bring. Your Own Device ...

Comparing Expert and Non-Expert Security Practices - Usenix
Jul 24, 2015 - actually be followed and design campaigns to improve security ed- ucation. .... the survey via their social media accounts. About 80% of partic-.