IllinoisSecurity Lab

Critical Infrastructure Protectionfor Power

Carl A. Gunter

University of Illinois

IllinoisSecurity Lab

2

TCIP Center

• NSF/DHS/DOE CyberTrust Center scale activity: Trusted Cyber Infrastructure for Power (TCIP)

• Lead UIUC, other participants include Cornell, Dartmouth, and Washington State University

• C. A. Gunter, B. Sanders (PI), D. Bakken, A. Bose, R. Campbell, G. Gross, C. Hauser, H. Khurana, R. Iyer, Z. Kalbarczyk, K. Nahrstedt, D. Nicol , T. Overbye, P. Sauer, S. Smith, R. Thomas, V. Welch, M. Winslett

IllinoisSecurity Lab

3

Power Grid

• Features– Critical to many other

systems– Safety-critical real-time

control of energy– Multiple administrative

domains– Increasing

dependence on computer control

– Limited attention to security in legacy systems

• Similar systems– Oil and gas SCADA

systems– Air traffic control

system– International financial

system– Inter-domain routing

system (BGP)

IllinoisSecurity Lab

4

Present Infrastructure

ControlArea

Coordinator

- 1000’s of RTU/IEDs- Monitor and control generation and transmission equipment

10’s of control areas feed data to coordinator

- State estimator creates model from RTU/IED data

- Peer coordinators may exchange information for broad model- Degree of sharing may change over time

Photos courtesy of John D. McDonald, KEMA Inc.

IllinoisSecurity Lab

5

US Grid Infrastructure

Edison Electric Institute 03

CAISO

RTO WEST

ERCOT

MISO

TVA

GRID FLORIDA

GRID SOUTH

PJM

NYSO

ISO-NE

Public/Private Internet

Control Center (EMS)

LAN

Control Center (EMS)

LAN

Dedicated Links M/W, Fiber, Dialup, Leased Lines, etc)

Dedicated Links M/W, Fiber, Dialup, Leased Lines, etc)

RTU

IEDs

Sensors

Dedicated Links M/W, Fiber, Dialup, Leased Lines, etc)

Dedicated Links M/W, Fiber, Dialup, Leased Lines, etc)

Level 0(Sensors and actuators)

Level 1(IED)

Level 2(Substation)

Level 3 (Enterprise)

Vendor Operator

Switched Ethernet LAN

Trust Negotiation

QoSMgnt

QoSMgnt

Secure and Timely Data Collection, Aggregation, and Monitoring

Secure TunableHardware

Secure InformationDistribution

AAA Control

Person Person

IllinoisSecurity Lab

7

Grid Communication Protocols

ISO A ISO B

CCA.A

CCA.B

CCB.A

CCB.B

SSA.A.A

SSA.A.B

SSA.A.C

SSA.B.A

SSA.B.B

SSA.B.C

IED#1

IED#2

SSB.A.A

SSB.A.B

SSB.A.C

SSB.B.A

SSB.B.B

SSB.B.C

6

8

2

3 3

1: ISO, CC: ICCP2: ISO, ISO: ICCP3: CC, CC: ICCP4: CC, SS: DNP/61850/UCA5: ISO, SS: DNP/61850/UCA6: Seam tie line7: SS, IED: DNP/61850/UCA8: Tie line

ISO: Independent system operatorCC: Control centerSS: SubstationIED: Intelligent electronic device

IllinoisSecurity Lab

8IntelliGrid Environments

IllinoisSecurity Lab

9

Secure and ReliableComputing Base

Architecture

Technical challenges motivated by domain specific problems in

Ubiquitous exposed infrastructure

Real-time data monitoring and control

Wide area information coordination and information sharing

Must be addressed bydeveloping science in

Trustworthy infrastructure for data collection and control

Wide-Area Trustworthy Information Exchange

Quantitative Validation

IllinoisSecurity Lab

10

Sample Research Questions

• Should the power grid use the Internet?

• How can we unify power grid simulations and Internet simulations?

• What are the risks associated with new power grid elements such as networked meters?

IllinoisSecurity Lab

11

Pervasive Metering

• Advanced power meters on the brink of broad deployment

• No good threat assessments currently exist• Corrupt customers, energy service providers, terrorists,

and other external agents all highly motivated to attack pervasive meters– Terrorists: Remotely disconnect customers– Service providers: Profile customer loads with high resolution– Customers: Steal electricity

• Interesting characteristics: Ownership of the meter and its data shared between service provider and customer

• Potential security architectures applicable to other networked systems– Likely to make use of cutting-edge technologies like trusted

platform modules, virtualization, and remote attestation