563.3 Critical Infrastructure Protection - PowerPoint PPT Presentation

Loading...

PPT – 563.3 Critical Infrastructure Protection PowerPoint presentation | free to download - id: 3c6df8-MjhmY



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

563.3 Critical Infrastructure Protection

Description:

563.3 Critical Infrastructure Protection Carl A. Gunter University of Illinois Fall 2007 * * * * * * * On August 14, 2003, large portions of the Midwest and Northeast ... – PowerPoint PPT presentation

Number of Views:63
Avg rating:3.0/5.0
Slides: 46
Provided by: csUiucEd9
Learn more at: http://www.cs.uiuc.edu
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: 563.3 Critical Infrastructure Protection


1
563.3 Critical Infrastructure Protection
  • Carl A. Gunter
  • University of Illinois
  • Fall 2007

2
Outline
  • Complex systems
  • Threats to critical infrastructure
  • The power grid
  • Secure Intelligent Electronic Devices (SIEDs)

3
Outline
  • Complex systems
  • Threats to critical infrastructure
  • The power grid
  • Secure Intelligent Electronic Devices (SIEDs)

4
Examples of Systems
  • Transportation
  • Financial
  • Energy
  • Human health
  • Agricultural health
  • Communication
  • Cities and fixed infrastructure

5
Presidential Decision Directive 63
  • Critical infrastructures are those physical and
    cyber-based systems essential to the minimum
    operations of the economy and government. They
    include, but are not limited to,
    telecommunications, energy, banking and finance,
    transportation, water systems and emergency
    services, both governmental and private.

PDD 63 98
6
Interdependence
  • Many of the nation's critical infrastructures
    have historically been physically and logically
    separate systems that had little interdependence.
    As a result of advances in information
    technology and the necessity of improved
    efficiency, however, these infrastructures have
    become increasingly automated and interlinked.
  • These same advances have created new
    vulnerabilities to equipment failure, human
    error, weather and other natural causes, and
    physical and cyber attacks. Addressing these
    vulnerabilities will necessarily require
    flexible, evolutionary approaches that span both
    the public and private sectors, and protect both
    domestic and international security.

7
(No Transcript)
8
Dependency on Network-Based Systems
  • Key conclusions form NAIC report
  • Dependency on network-based systems is pervasive
    across all sectors. Critical components of our
    national infrastructure rely on a variety of
    network-based systems.
  • Each critical sector surveyed identified
    dependency on one or two sectors.
  • The answer to the question are we ranking our
    critical infrastructures as to their
    vulnerability to cyber attacks is multi-faceted.
    The degree that any sector is vulnerable is
    dependent upon a number of characteristics type
    of attack, scope of impact, time of attack,
    duration of outage.
  • Sound business continuity practices, as well as
    information technology and cyber security best
    practices, provide some protection.

NIAC 04
9
Outline
  • Complex systems
  • Threats to critical infrastructure
  • The power grid
  • Secure Intelligent Electronic Devices (SIEDs)

10
For Want of a Nail
For want of a nail the shoe was lost.For want of
a shoe the horse was lost.For want of a horse
the rider was lost.For want of a rider the
battle was lost.For want of a battle the kingdom
was lost.And all for the want of a horseshoe
nail.
11
Identifying Vulnerabilities
  • Secure the mechanisms of the Internet
  • Improve security and reliability of key
    protocols IP, DNS, BGP.
  • Routing address verification, management.
  • Management
  • Foster trusted DCS and SCADA systems.
  • Reduce and remediate software vulnerabilities
  • Understand infrastructure interdependency and
    improve physical security of cyber systems and
    telecommunications

National Strategy to Secure Cyberspace 03
12
Impact Assessment
NIAC 04
13
Attacks on the Internet
  • Mar 99 Melissa Virus
  • infected 1.2 million machines and cost 80M
  • Feb 00 DoS attack
  • shut down Yahoo, Amazon, ETrade, eBay, CNN.com
  • Yahoo costs alone estimated at 116K
  • Jul 01 Code Red and Sep 01 Nimda
  • Code Red infected 359K computers in less than 14
    hours
  • Estimated 3B lost world-wide because of these
    two worms

CSTB 03 IT for Counterterrorism
14
Executive Order
  • The information technology revolution has changed
    the way business is transacted, government
    operates, and national defense is conducted.
  • Those three functions now depend on an
    interdependent network of critical information
    infrastructures.
  • The protection program authorized by this order
    shall consist of continuous efforts to secure
    information systems for critical infrastructure,
    including emergency preparedness communications,
    and the physical assets that support such
    systems.
  • Protection of these systems is essential to the
    telecommunications, energy, financial services,
    manufacturing, water, transportation, health
    care, and emergency services sectors.

Executive Order on Critical Infrastructure
Protection 2001
15
Research Plans
  • Many groups have proposed agendas for research
    related to CIP
  • Case study 2004 National Critical Infrastructure
    Protection RD Plan by DHS
  • Three strategic goals
  • National Common Operating Picture (NCOP)
  • Next-Generation architecture with designed-in
    security
  • Resilient, self-diagnosing, self-healing systems
  • Eight themes to contribute to the strategic goals

16
(No Transcript)
17
(No Transcript)
18
(No Transcript)
19
Outline
  • Complex systems
  • Threats to critical infrastructure
  • The power grid
  • Secure Intelligent Electronic Devices (SIEDs)

20
Basic Structure of the Electric Grid
21
Objectives of Operation
  • Balance power generation and demand continuously
  • Balance reactive power supply and demand to
    maintain scheduled voltages
  • Monitor flows over transmission lines and other
    facilities to ensure that thermal (heating)
    limits are not exceeded
  • Keep the system in a stable condition

22
Objectives of Operation (Cont)
  • Operate the system so that it remains in a
    reliable condition even if a contingency occurs,
    such as the loss of a key generator or
    transmission facility (the N-1 criterion)
  • Plan, design, and maintain the system to operate
    reliably
  • Prepare for emergencies

23
Interconnectivity
Edison Electric Institute 03
24
The 2003 Blackout
  • Started August 14 around 4pm and lasted about 4
    days
  • 50 million people were affected
  • Total costs were estimated at more than 5 billion
    US dollars
  • Computer failures involved but not sole cause

25
Control Systems, Computers, and Digital Networks
  • Control systems are replacing electro-mechanical
    devices with networked computers
  • Improved flexibility, reduced cost
  • Trend in power distribution network Advanced
    Meter Infrastructure (AMI)
  • Trend in power substations Intelligent
    Electronic Devices (IEDs) and Supervisory Control
    and Data Acquisition (SCADA)

26
IntelliGrid Environments
27
Outline
  • Complex systems
  • Threats to critical infrastructure
  • The power grid
  • Secure Intelligent Electronic Devices (SIEDs)

28
Networked Computers in Aircraft
  • Current design isolates aircraft and provides two
    semi-isolated subsystems, one for control and one
    for entertainment
  • Next generation will link entertainment network
    to Internet
  • Future link the control system to the enterprise
    network.

Nick Multari Boeing/FAA
29
Generations of Networked Computers in Aircraft
No Computers
No Computers
Computer Control
30
Tradeoffs in Security and Performance
  • Benefits
  • Monitor airline health
  • Update onboard information
  • Update parts
  • Drawbacks
  • Enterprise network is typically attached to the
    Internet so the airplane control system may have
    broad exposure to attack
  • Design issues about connecting devices that work
    in real-time to the Internet

31
Networked Computers in Power Substations
Scott Mix NERC/Kema
32
Power Substation Comm (Under Development)
33
Secure IEDs (SIEDs)
  • A SIED is an IED that has sufficient security
    capabilities to be on the Internet
  • Some (most?) IEDs currently produced are designed
    to handle some exposure
  • Many experts fear this exposure advocate
    isolating IEDs or hiding them behind a perimeter
  • This latter approach has many drawbacks
  • Sacrifices potential defense in depth
  • Mediated access increases complexity
  • Access control decisions complicated
  • SIEDs provide greatest defense and flexibility

34
SIED Project
  • Use stock platforms Unix, Vista
  • Use stock security protocols and software
    whenever possible SSL, IPsec, etc.
  • Take account of the special demands on SIEDs
    within the IEC 61850 architecture

35
IEC 61850 Vision
  • IEC 61850 offers an interoperation foundation for
    power substations
  • Anticipated benefits
  • Savings in configuration, setup, and maintenance
  • New functions not possible with hard wires
  • Reduced equipment costs by sharing

36
SIED Network Design Strategy
37
Core Design Challenge
No security / networking design has demonstrated
this contrasting combination of features
Authenticated Reliable Authorized Encrypted
Seconds and Megabits
Authenticated Reliable
38
IEC61850 Protocol Stack
ACSI Core Services
SMV
GOOSE
MMS (ISO/IEC 9506)
Application
ISO Presentation (ISO 9576)ASN.1 (ISO/IEC
8824/8825)
Presentation
ISO Session (ISO 8327)
Session
Transport
ISO Transport (ISO/IEC 8073)Transport Class 0
ISO Adapter (RFC 1006)
TLS (RFC 2246)
TCP (RFC 793)
IP (RFC 791)ARP (RFC 826)
Network
Data Link
Logical Link Control (ISO 8802), 802-3 Ethertype
Media Access Control (ISO 8803)
39
Experimental IEC61850 Protocol Stack
SMV
GOOSE
ACSI Core Services
Application
Web Services
Presentation
XML/SOAP
Transport
HTTP
TLS (RFC 2246)
IPsec
IPsec
TCP (RFC 793)
UDP
UDP
IP (RFC 791)ARP (RFC 826)
Network
IP
IP
Data Link
Logical Link Control (ISO 8802), 802-3 Ethertype
Media Access Control (ISO 8803)
40
Secure and Reliable LAN Multicast
Security Hub
1. SIED sets up tunnel to MR and negotiates
session keys 2. SIED sends message to hub using
its session key 3. Hub multicasts it to intended
recipients using their session keys
Zhang Grier Gunter King
41
Target Demonstration
  • 100 SIEDs on a 1Gbps LAN
  • lt4ms for substation multicast with typical
    substation traffic
  • 500 Kbps and 25ms for technical support to SIEDs
    under no attack
  • Gateway provides no protections except throttling
  • Under full attack from Internet, internal
    substation operations are unaffected

42
Physical Architecture
43
Preliminary Test Results
44
Summary on SIEDs
  • Control systems that exploit the Internet are
    likely in the future
  • Secure end systems will be able to make the most
    of this development
  • SIEDs are a potentially feasible concept for
    power substations
  • Learn more about the SIED Project at
  • http//seclab.uiuc.edu/sied

45
Conclusions
  • Critical infrastructure protection is challenged
    by the increasing interdependence and automation
    of systems
  • A diverse range of measures are required to
    provide suitable protection
  • The power grid is a good case study in CIP and is
    important in its own right
  • Secure IEDs can improve the protection level
    while aiding convenience
About PowerShow.com