Integrated On-Line Risk Prediction: Think Globally and Act ...
Transcript of Integrated On-Line Risk Prediction: Think Globally and Act ...
Integrated On-Line Risk Prediction:
Think Globally and Act Locally
Dr. Chiara Foglietta, [email protected]
Final Workshop
Rome, December 16th, 2014
Power Grid Operating States
Normal State
Restorative
State
Emergency
State
Secure or
Insecure
Violated
Operational
Limits
Blackouts
• Natural calamities
• Component failures
• Protection and control failures
• Faults
• Human errors
• Inadequate security margin
• Gaming in the market
• Missing or uncertain information
• Sabotage or cyber-intrusion
Vulnerability Sources for Power Grids
• Natural calamities
• Component failures
• Protection and control failures
• Faults
• Human errors
• Inadequate security margin
• Gaming in the market
• Missing or uncertain information
• Sabotage or cyber-intrusion
Vulnerability Sources for Power Grids
Blackouts will occur again in the future
• Our power grid is too complex to make it
fail-safe!
The challenge is:
• To prevent the cascading, uncontrolled
spread of an initiating blackout!
• To restore power to affected customers
ASAP!
The Reality
IRP & Detection Layer & Secure Mediation GW
SCADA
Detection Layer
IRP
Honeypot
& IDS
REMOTE IRP
SMGW
FUSION OF ALL
RISK ALERTS
SMGW
FROM HOLISTIC ASSESSMENT TO COMBINED IMPACT EVALUATION
COMBINED
IMPACT
EVALUATION
(CISIA)
EXTENDED
Situation
Assessment
RISK
LEVEL
SCADA
Operator
SECURITY
Operator
NATIONAL
CONTROL
ROOM
(CERT)
OTHER CIs
OPERATIVE LEVEL
TRANSLATION
CYBER
DETECTION
CYBER
DETECTION
CYBER
DETECTION
SCADA HMI
REMOTE IRP
NATIONAL
CERT
Cyber-
Physical
inferences
Reductionistic decomposition for
cascading effects evaluation Holistic
estimation
THE MIXED HOLISTIC-REDUCTIONISTIC MODELLING PERSPECTIVE
Intra-Inter-
Infrastructure
homogeneous layer
capturing
interdependencies
Expressions of both
holistic and
reductionistic
models
Behaviours
(physical or logical
or political) not
emerging from
Reductionistic layer
Increase the situational awareness
of the operator including
information and data that usually
are missing
Integrated Risk Prediction Aim
SMART Industrial Control Systems
Standard ICS
SMART ICS
Process optimization
Monitor and manage information on all levels
Identify the optimal response strategies in
case of attack or contingency
Perform (or suggest to the operator)
automatic reactions at global level
Coordinate automatic reactions at local level
Smart Extension and Smart RTU
Smart RTU
From/to other SE or IDS
The Smart Extension is an application level commands’ filter device, inserted
in the SCADA communication channel. If the risk level of a cyber attack is
increased, the Smart Extension may block inputs to the RTU (or reduce the
accepted input messages to a minimum), in order to maintain a safe state.
From/to
SCADA
control
PLANT RTU Smart
Extension
Smart Ecosystem and Cluster Awareness
SCADA
Smart Control
Smart
Extension
Smart
Extension
Smart
Extension
Smart Cluster
Detection Layer
IRP
Local IDS &
Honeypot
Put intelligence and logic
reasoning at the RTU level
increasing the reaction strategies
in event of cyber attacks
Smart RTU Extension Aim
• Refine the model of the power grid beyond the topology
analysis and the load shedding procedures.
• Refine the model of the telecommunication network beyond
the “connectivity” model.
• Integrate other CIs in CISIA software such as water
distribution network and gas pipelines.
• Integrate other sources of data into the Integrated Risk
Prediction
• Connect the Smart RTU to the Integrated Risk Prediction
• Standardize rules and countermeasures for the Smart RTU.
Conclusions and Ongoing Works