Title: North American Bulk Power System: The Challenges Ahead
1North American Bulk Power System The Challenges
Ahead
- Tim Roxey
- Manager Critical Infrastructure Protection
- September 2nd, 2009
2An underpinning infrastructure
Access to sufficient and cheap energy fuels our
modern economies and sustains our growing cities
- In modern society electric power is a first
among equals compared to all other
infrastructures
- The bulk power system
- 164,000 Miles of Transmission lines
- 150 BPS Control Centers
- 16,756 Generators (5,253 Plants) 948,446
Megawatts (net summer capacity) - 3,028 Fossil Plants
- 64 Nuclear Plants
- 1,422 Hydro Facilities
- 714 Renewable
- - Over 5,900 Electric organizations with 131
million customers
Highly complex and interconnected energy
infrastructure
3The Electric Grid
4The Power Grid BPS (Today)
Transmission 164,000 miles 5 of average
customer monthly bill Employs XX people nationwide
Distribution Over 1,000,000 miles 30 of average
customer monthly bill Employs XX people nationwide
Generation 5,253 plants 65 of average customer
monthly bill Employs XX people nationwide
Bulk Power System
Transmission
5Power system components
Bulk Power System
6Access Points Numerous and Diverse
U.S. Department of Homeland Security
7Emerging
- Structure of Grid
- Micro-generation home based dispatched thru
metering - Portable generation vehicles
- Variable generation -
- Aggregated Impacts
- Cyber versus physical world events
- N -1 or N - 10,000 or N - N
- Supply Chain vulnerabilities
- AMT or AMI
8FERC Proposed Policy Statement, 3/19/09
9FERC Proposed Policy Statement, 3/19/09
NIST
NASPINet
NERC CIP
IEC-61850
IEEE
AMI-SEC
W3C
SAE Standards (PHEV)
HAN (various)
10Current Issues in Smart Grid Cyber Security
- Need to protect Time of Use (TOU) data and access
from non-authorized users - Need to protect meters from being abused as
control channel into grid operations - Need to protect future two-way communications for
meter activity - Need to ensure future control capability is secure
11Smart Grid Characteristics ,Technology Security
- Self-healing
- Empowers and incorporates the consumer
- Resilient to physical and cyber attacks
- Provides power quality needed by 21st century
users - Accommodates a wide variety of generation options
- Fully enables maturing electricity markets
- Optimizes assets
Physical and Logical Security
12Conclusion - Control system specific concerns
- Build security in dont add it on
- Need agreed upon testing practices
- Ensure interoperability
- Need for flexible architecture and designs to
correct unknown challenges more easily in the
future.... avoid legacy problems - Need to communicate and educate so buyer and
supplier have common expectations - Need to improve the standards so compliance does
not limit technology progression - New technology should be provided with test and
development kits or systems for security
testing.Protect the vulnerability researcher - System functions should be prioritized. Protect
Resiliency - Number one stop inherent machine to machine
trust. Trust should be explicitly defined
13Smart Grid Security Components
- Cyber security policy and procedures
- Security policy
- Standard operating procedures (OPSEC)
- Guidelines
- Cyber security Planning
- Strategic planning
- Tactical planning
- Architecture and technology
- Network segmentation
- Tightly controlled communication
- Identity and access management
- Threat management
- Vulnerability management
- Services
- Certification and Accreditation
- Risk and Security Measurements
- Security KPI and KRI
- Real time Security Dashboard
Smart Grid Security
Security Measurements
Policy
Planning
Management Technology
Services
Cyber Security Framework
14Smart Grid Security Strategy
- Enterprise Defense-in-Depth Strategy
- Security Assessments
- Asset Management
- Network Application security
- Education and Awareness Program