Himanshu Khurana, University of Illinois - PowerPoint PPT Presentation

1 / 34
About This Presentation
Title:

Himanshu Khurana, University of Illinois

Description:

GPS clock synchronized; Fast data rate 30 samples/sec. Phasor Measurement Unit (PMU) ... network congestion, shaping network traffic and managing priorities ... – PowerPoint PPT presentation

Number of Views:136
Avg rating:3.0/5.0
Slides: 35
Provided by: hima1
Learn more at: http://www.sigsac.org
Category:

less

Transcript and Presenter's Notes

Title: Himanshu Khurana, University of Illinois


1
Trustworthy Wide Area Measurement Systems
  • Presented by
  • Himanshu Khurana, University of Illinois
  • ACM CCS 2009 Tutorial on Cyber Security for the
    Power Grid

2
Outline
  • Wide area transmission systems
  • August 2003 blackout
  • Analysis and recommendations
  • North American SynchrPhasor Initiative (NASPI)
  • NASPInet Wide Area Network
  • Challenges distributed networking, quality of
    service, cyber security

3
Background Power Grid Control Center Networks
and Applications
Control Communication Architecture
From a presentation by D. Whitehead,
Communication and Control in Power Systems,
tcip summer school, June, 2008
4
Background Power Grid Control Center Networks
and Applications
Control centers
5
Whos in charge?
  • Federal Energy Regulatory Commission (FERC)
  • North American Electric Reliability Corp.
    (NERC)
  • State legislatures
  • Regional reliability councils
  • ISOs and RTOs
  • State commerce commissions
  • Control area operators

6
NERC Regions
7
Balancing Authorities (Control Areas)
8
Current Control Strategy and Hierarchy
  • Control Strategy
  • Control Hierarchy
  • Centralized Control Center (Balancing Area)
  • Open loop control
  • Telemetry through SCADA
  • Polls data 2 seconds
  • Local control (Power plants, Substations)
  • Feedback control
  • Protection
  • Balancing Authorities (BAs)
  • Real-time generation, load and interchange
    balance
  • Reliability Coordinators (RCs)
  • Wide area coordination and reliability

9
NERC Interconnections
10
Independent System OperatorsRegional
Transmission Operations
11
Major North American Blackouts
Date Location Load Interrupted
November 9, 1965 Northeast 20,000 MW
July 13, 1977 New York 6,000 MW
December 22, 1982 West Coast 12,350 MW
January 17, 1994 California 7,500 MW
December 14, 1994 Wyoming, Idaho 9,336 MW
July 2, 1996 Wyoming, Idaho 11,743 MW
August 10, 1996 Western Interconnection 30,489 MW
June 25, 1998 Midwest 950 MW
August 14, 2003 Northeast 61,800 MW
12
Blackout of August 14, 2003
Credit Jeff Dagle
13
August 14, 2003 Blackout Investigation
Review performance of plants and assess
possibility of damage.
Determine if failures were caused with malicious
intent.
Investigate the cascading electrical failure.
  • Phase I
  • Investigate the outage to determine its causes
    and why it was not contained
  • Interim report released November 19, 2003
  • Phase II
  • Develop recommendations to reduce the possibility
    of future outages and minimize the scope of any
    that occur
  • Final report released April 5, 2004

Credit Jeff Dagle
14
Blackout Root Causes
  • Situational Awareness lack of effective
  • contingency analysis capability
  • procedures to ensure operators were aware of the
    status of critical monitoring tools
  • procedures to test monitoring tools after repairs
  • monitoring tools after alarm system failed
  • Vegetation management
  • Reliability Coordinator Diagnostics
  • Lack of wide area visibility, monitoring,
    coordination

15
Select Blackout Report Recommendations
  • Use better real-time tools for grid monitoring
    and operation
  • Establish physical and cyber-security
    capabilities

16
Wide Area Situational Awareness
  • A FERC/NIST Priority Area
  • Monitoring and display of power system components
    and performance across interconnections and wide
    geographic areas in real time
  • Enable understanding, optimized management,
    performance, prevent/respond to problem
  • Other relevant priorities
  • Cyber Security Measures to ensure the
    confidentiality, integrity and availability of
    the electronic information communication systems,
    necessary for the management and protection of
    the Smart Grids energy, information technology,
    and telecommunications these infrastructures
  • Network Communications Encompassing public and
    non-public networks, the Smart Grid will require
    implementation and maintenance of appropriate
    security and access controls tailored to the
    networking and communication requirements of
    different applications, actors and domains

17
Wide Area Measurement System
  • A Wide Area Measurement System (WAMS) is crucial
    for the Grid
  • One very promising data source for WAMS
    Synchrophasors
  • GPS clock synchronized Fast data rate gt 30
    samples/sec
  • Phasor Measurement Unit (PMU)
  • Future applications will rely on large number of
    PMUs envisioned across Grid (gt100k)
  • WAMS Design and Deployment underway North
    American Synchrophasor Initiative -
    (www.naspi.org)
  • Collaboration - DOE, NERC, Utilities, Vendors,
    Consultants and Researchers
  • NASPInet distributed, wide-area network

18
PMUs and Synchrophasors
  • Traditional SCADA data since the 1960s
  • Voltage Current Magnitudes
  • Frequency
  • Every 2-4 seconds
  • Future data from Phasor Measurement Units (PMUs)
  • Voltage current phase angles
  • Rate of change of frequency
  • Time synchronized using GPS and 30 - 120 times
    per second

19
Why do Phase Angles Matter?
Wide-area visibility could have helped prevent
August 14, 2003 Northeast blackout
20
Why do Phase Angles Matter?
Entergy and Hurricane Gustav -- a separate
electrical island formed on Sept 1, 2008,
identified with phasor data Island kept intact
and resynchronized 33 hours later
Source Entergy
21
Phasor Application Taxonomy
22
PMU Applications and Deployment
Source Chakrabarti, Kyriakides, Bi, Cai and
Terzija, Measurements Get Together, IEEE Power
Energy, January-February 2009
23
Source NASPI
24
Current Architecture for PMU Data Sharing
Secure Network
Apps
Source NASPI
25
Envisioned PMU Data Flow in NASPInet
26
Opportunities and Challenges
  • Opportunities
  • Important applications emerging that require data
    sharing
  • Research into new applications needed
  • Smart Grid Investment Program to fund deployment
    of 800 PMUs nation-wide
  • Challenges in data sharing
  • Distributed network for data delivery
  • Tradeoffs between operational, regulatory and
    business aspects
  • Challenges in realizing NASPInet
  • Distributed wide-area network design
  • Network management
  • Quality of Service and real-time delivery
  • Cyber security
  • Progress on these topics made in recently
    released NASPInet specification document (Quanta
    Technologies)

27
Wide Area Networking
Source NASPInet Specification
28
Network Management
  • Network management functions
  • Performance
  • Configuration
  • Accounting
  • Fault management
  • Security management
  • Need for appropriate services in NASPInet and
    means to coordinate between organizations

29
Quality of Service
  • QoS goals per data flow are to minimize latency,
    delay, jitter, loss, error
  • Overall QoS goals are to support dedicated
    bandwidth, resource provisioning and allocation,
    avoiding and managing network congestion, shaping
    network traffic and managing priorities
  • A suggested approach class-based QOS

30
Cyber Security
  • Authentication and Integrity
  • Essential to ensure reliable and trustworthy
    decisions
  • Tools cryptographic protocols leveraging digital
    signatures, HMACs, etc.
  • Challenges efficiency, supporting one-to-many
    data exchanges
  • Availability
  • Essential due to the critical nature of
    underlying power system
  • Specific requirements may vary by application
    classes
  • Tools redundancy, security monitoring, attack
    detection and response, fail-safe design
  • Challenges scalability and cost-effective design
  • Confidentiality
  • Needed to provide data privacy
  • Tools encryption protocols, access control
  • Challenges efficiency for streaming data,
    supporting one-to-many data exchanges

31
Cyber Security
  • Key Management
  • Distribution and management of key material and
    credentials
  • Revocation
  • Tools Public Key Infrastructure, on-line
    credential distribution/verification services
  • Challenges scalability, trust establishment
  • Monitoring and compliance
  • Intrusion detection and response services
  • Future regulations may apply e.g., NERC CIP
  • Tools IDS, firewalls, etc.
  • Challenges multi-organization coordination

32
Authentication Protocols for Power Grid
  • Authentication is a widely recognized problem for
    power grid.
  • Currently, there is a focus on developing
    authentication protocols e.g., DNP3 Secure
    Authentication and IECs 62351-5.
  • Designing security protocols is hard and
    error-prone
  • Literature has many examples of security
    protocols that were considered secure but were
    broken later

Protocols Attacks Cause/Vulnerability
Authentication Protocol by Woo Lam Impersonation attacks Lack of explicit names
STS by Diffie, Oorschot Wiener Impersonation attacks Change in environmental conditions
Kerberos V4 by Steve Clifford Replay attacks Incorrect use of timestamps
TMN by Tatebayashi, Matsuzaki, Newman Oracle attacks Information flow
33
Design Principles for Power Grid
Cyber-Infrastructure Authentication Protocols
Principle Attacks Mitigated Applicability to Power Grid Authentication Protocols
Explicit Names Impersonation attacks. Need for explicit names for each entity in power grid.
Unique Encoding Interleaving and parsing ambiguity attacks. Insufficiency of legacy protocols to build security on them due to no protocol identifiers in them.
Explicit Trust Assumptions Prevents errors due to unclear or ambiguous trust assumptions Need to clearly state all trusted entities in power grid protocols and the extent of trust in them.
Use of Timestamps Prevents replay attacks. Need for high granularity for time synchronization.
Protocol Boundaries Prevents incorrect function of protocol in its environment. Need for thorough analysis of the power grid environment.
Release of Secrets Prevents blinding attacks and compromise of old keys. Need to ensure that compromise of some remote devices should not compromise large number of keys.
Explicit Security Parameters Prevents errors due to exceeding the limitations of cryptographic primitives. Reduction in maintenance overhead by explicitly mentioning security parameters in remote devices.
34
Questions?
  • hkhurana_at_illinois.edu
Write a Comment
User Comments (0)
About PowerShow.com