Security for Power System Operations

 

  • NIST Cyber Security Working Group (CSWG): Support for Smart Grid Cyber Security Working Group (CSWG) in the development of the NISTIR 7628, covering cyber security strategy, high level security requirements, security architecture and diagrams, privacy, logical interface categories, and other security issues.

  • Distribution System Security Guidelines for EPRI: to identify the security requirements, and to describe the different security technologies and procedures that utilities could utilize for meeting those requirements, based on NIST/EPRI FERC4+2 diagrams, the NIST CSWG efforts, and the NIST Catalog of Control System Security.

  • AMI and HAN Cyber Security Requirements for EPRI: to develop the security requirements and methodology for utilities to utilize for developing implementation-specific security requirements, based on NIST/EPRI FERC4+2 diagrams, the NIST CSWG efforts, and the NIST Catalog of Control System Security.

  • As Convenor of IEC TC57 WG15 on Security for Power System Operations, have led the development of security standards for utility operations protocols, including ICCP, IEC 61850, and DNP. In addition, the development of Network and System Management data objects for power system operations, to help ensure security and reliability of end-to-end systems. These security standards, most of which have just been approved by the international committees, consist of IEC 62351: Data and Communication Security – Part 1: Introduction, Part 2: Glossary, Part 3: Profiles Including TCP/IP, Part 4: Profiles Including MMS, Part 5: Security for IEC 60870-5 and Derivatives (i.e. DNP3), Part 6: Security for IEC 61850 Profiles, and Part 7: Security Through Network and System Management. New security efforts will include security requirements for wireless communications as well as additional profiles of protocols used in the power system industry.

  • As Chair of IEEE PES PSCC Security WG, am heading the development for the IEEE of Recommended Practices, educational material, and other information related to the assessment of information security risks in power system operations.

  • Assessment of Substation Physical Security Measures within Substations, EPRI 1011752, March 2006. The need for physical security of substations is becoming more urgent as power systems are operated closer to their limits, as information systems become increasingly important to power system operations, and as sophisticated substation equipment becomes more vulnerable to physical threats due not only to deliberate attacks but also to inadvertent mistakes, failures, and natural catastrophes. This requirement for physical security affects all substation assets to one degree or another. The key is the tradeoff between the costs (monetary and some reduced efficiency) of implementing security measures and the probabilistic benefits associated with avoided costs (monetary, social, political, and legal).

  • Security Risk Assessment and Mitigation Procedure for TVA Operational Information Assets, March 2005.  Cyber security has undoubtedly become a major issue for almost all electric utilities. This is partly due to the competitive environment, where crucial information (gathered legally or illegally) can translate into millions of dollars, but mainly due to the increased vulnerability brought about by the integration of networking technologies within the systems and equipment used on the power system.  It is particularly true for the United States that a loss of electrical power for any extended time and over a large area can have serious consequences for the economy, for the safety of people, and for the legal and financial status of the utilities affected. PowerWAN will be a vital part of TVA’s future. Physical infrastructure alone is not enough to meet the challenge. To be successful, sound security policy, risk assessment practices, and mitigation procedures must be developed. These requirements were analyzed and discussed in the report.

  • Scoping Study on Security Processes and Impacts, July 2003, EPRI 057144. The primary objective of this Scoping Study was the assessment of the financial and societal costs of implementing security measures. Financial costs include the costs for developing security policies and implementing security countermeasure technologies. Societal costs include the impact of security policies and technologies on the efficiency of personnel and systems.

  • Security Enhancements for Utility Information Architectures, August, 2002, EPRI EP-P10074. Cyber security has become a major issue in utilities due partly to the increased vulnerability of utilities as they network their computer systems and power system equipment; and partly due to the competitive environment where crucial information (gathered legally or illegally) can translate into millions of dollars. A number of technology solutions have been proposed for improving the security of the communications protocols used in power system operations, mostly based on encryption which does have an impact on performance. These solutions go a long way to increasing the information security. However, they are not the complete story – for end-to-end security beyond the protocols, additional types of security are needed. The objectives of this project was to assess the impact on performance of the security measures being proposed for the common protocols used for digital control of power system equipment, and to determine what additional security measures outside the domain of protocols may be needed for complete end-to-end security.

  • Security Primer on communication network security requirements for utility T&D operations. The primary focus of this work was to describe the potential areas of vulnerability of utility SCADA systems, substation automation, and other power system operational automation.