North American Bulk Power System: The Challenges Ahead

1
North American Bulk Power System The Challenges
Ahead

• Tim Roxey
• Manager Critical Infrastructure Protection
• September 2nd, 2009

2
An underpinning infrastructure
Access to sufficient and cheap energy fuels our
modern economies and sustains our growing cities

• In modern society electric power is a first
  among equals compared to all other
  infrastructures

• The bulk power system
• 164,000 Miles of Transmission lines
• 150 BPS Control Centers
• 16,756 Generators (5,253 Plants) 948,446
  Megawatts (net summer capacity)
• 3,028 Fossil Plants
• 64 Nuclear Plants
• 1,422 Hydro Facilities
• 714 Renewable
• - Over 5,900 Electric organizations with 131
  million customers

Highly complex and interconnected energy
infrastructure
3
The Electric Grid
4
The Power Grid BPS (Today)
Transmission 164,000 miles 5 of average
customer monthly bill Employs XX people nationwide
Distribution Over 1,000,000 miles 30 of average
customer monthly bill Employs XX people nationwide
Generation 5,253 plants 65 of average customer
monthly bill Employs XX people nationwide
Bulk Power System
Transmission
5
Power system components
Bulk Power System
6
Access Points Numerous and Diverse
U.S. Department of Homeland Security
7
Emerging

• Structure of Grid
• Micro-generation home based dispatched thru
  metering
• Portable generation vehicles
• Variable generation -
• Aggregated Impacts
• Cyber versus physical world events
• N -1 or N - 10,000 or N - N
• Supply Chain vulnerabilities
• AMT or AMI

8
FERC Proposed Policy Statement, 3/19/09
9
FERC Proposed Policy Statement, 3/19/09
NIST
NASPINet
NERC CIP

IEC-61850
IEEE
AMI-SEC
W3C

SAE Standards (PHEV)
HAN (various)
10
Current Issues in Smart Grid Cyber Security

• Need to protect Time of Use (TOU) data and access
  from non-authorized users
• Need to protect meters from being abused as
  control channel into grid operations
• Need to protect future two-way communications for
  meter activity
• Need to ensure future control capability is secure

11
Smart Grid Characteristics ,Technology Security

• Self-healing
• Empowers and incorporates the consumer
• Resilient to physical and cyber attacks
• Provides power quality needed by 21st century
  users
• Accommodates a wide variety of generation options
• Fully enables maturing electricity markets
• Optimizes assets

Physical and Logical Security

12
Conclusion - Control system specific concerns

• Build security in dont add it on
• Need agreed upon testing practices
• Ensure interoperability
• Need for flexible architecture and designs to
  correct unknown challenges more easily in the
  future.... avoid legacy problems
• Need to communicate and educate so buyer and
  supplier have common expectations
• Need to improve the standards so compliance does
  not limit technology progression
• New technology should be provided with test and
  development kits or systems for security
  testing.Protect the vulnerability researcher
• System functions should be prioritized. Protect
  Resiliency
• Number one stop inherent machine to machine
  trust. Trust should be explicitly defined

13
Smart Grid Security Components

• Cyber security policy and procedures
• Security policy
• Standard operating procedures (OPSEC)
• Guidelines
• Cyber security Planning
• Strategic planning
• Tactical planning
• Architecture and technology
• Network segmentation
• Tightly controlled communication
• Identity and access management
• Threat management
• Vulnerability management
• Services
• Certification and Accreditation
• Risk and Security Measurements
• Security KPI and KRI
• Real time Security Dashboard

Smart Grid Security
Security Measurements
Policy
Planning
Management Technology
Services
Cyber Security Framework
14
Smart Grid Security Strategy

• Enterprise Defense-in-Depth Strategy
• Security Assessments
• Asset Management
• Network Application security
• Education and Awareness Program