stronger, smarter, more secure and resilient cyber-physical power grid congressional research and...
TRANSCRIPT
Stronger, Smarter, More Secure and Resilient Cyber-Physical Power Grid
Congressional Research and Development Caucus B-369 Rayburn House Office Building, Washington, DC
Friday, May 15, 2015, Noon– 1:30pm
Dr. S. Massoud Amin*– Chairman, IEEE Smart Grid– ASME Energy Pubic Policy Task Force– Chairman, Board of Directors, Texas Reliability Entity (TexasRE)– Board of Directors, Midwest Reliability Organization (MRO)– Director, & Endowed Chair, Technological Leadership Institute; Professor of Electrical & Computer Engineering, University Distinguished Teaching Professor; Univ. of Minnesota
* Support from EPRI, NSF, ORNL, Honeywell and SNL is gratefully acknowledged.
Electric Power Infrastructure: Interdependencies, Security, and Resilience
Presidential Policy Directive 21: “Energy and communications infrastructure especially critical because of their enabling functions across all critical infrastructure areas”
DOE: “A resilient electric grid… is arguably the most complex and critical infrastructure.”
The vast networks of electrification are the greatest engineering achievement of the 20th century
– U.S. National Academy of Engineering
Adaptive Infrastructures
The Smart Infrastructure for a Digital Society
Excellent Power System Reliability
Exceptional PowerQuality
IntegratedCommunications
A Secure Energy Infrastructure
A Complex Set ofInterconnected Webs:
Security is Fundamental
Adaptive Infrastructures
Threat Evolution: Malicious Code
Hours
Time
Weeks or months
Days
Minutes
Seconds
Class IIHuman response: difficult/impossibleAutomated response: possible
Early 1990s Mid 1990s Late 1990s 2000 2003
Class IIIHuman response: impossibleAutomated response: unlikelyProactive blocking: possible
Co
nta
gio
n T
ime
fram
e
File Viruses
Macro Viruses
e-mail Worms
Blended Threats
“Warhol” Threats
“Flash” Threats
Class I Human response: possible
source: Massoud Amin, EPRI, January 27, 1998
Adaptive Infrastructures
Critical System Dynamics and Resilience CapabilitiesVariability and uncertainty are inherent in complex networked interdependent socio-technological systems
A system of systems view is necessary to measure, monitor, understand and manage complex work.Necessary to understand “normal”
• Anticipation of disruptive events
• Look-ahead simulation capability
• Fast isolation and sectionalization
• Adaptive islanding
• Self-healing and restoration
re·sil·ience, noun, 1824: The capability of a strained body to recover its size and shape after deformation caused especially by compressive stress; An ability to recover from or adjust easily to misfortune or change
Resilience enables “Robustness”: A system, organism or design may be said to be "robust" if it is capable of coping well with variations
(internal or external and sometimes unpredictable) in its operating environment with minimal damage, alteration or loss of functionality.
Adaptive Infrastructures
September 11, 2001 Tragedies
Adaptive Infrastructures
Infrastructure Security
We are “Bullet Proof”
“The Sky is Falling”The Truth
Source: EPRI Infrastructure Security Initiative (ISI) and Enterprise Information Security (EIS) ProgramMassoud Amin, EPRI, September 27, 2001
Adaptive Infrastructures
Infrastructure Security: The Threat
• Electric power systems constitute the fundamental infrastructure of modern society and therefore an inviting target for three kinds of terrorist attacks:
• Attacks upon the system– Power system itself is
primary target with ripple effect throughout society
• Attacks by the system– Population is the actual
target, using parts of the power system as a weapon
• Attack through the system– Utility networks
provide the conduit for attacks on broad range of targets
Source: EPRI Infrastructure Security Initiative (ISI) and Enterprise Information Security (EIS) ProgramMassoud Amin, EPRI, September 27, 2001
Adaptive Infrastructures
Steps Toward Ensuring Security
• EPRI’s Electricity Infrastructure Security Assessment considers six broad areas:
– System-Wide Vulnerability Assessment
– Grid Security– Cyber and Communications
Threats– Distribution System, Disaster
Mitigation & Recovery– Generation/Environment– Power Markets
Source: EPRI Infrastructure Security Initiative (ISI) and Enterprise Information Security (EIS) ProgramMassoud Amin, EPRI, September 27, 2001
Adaptive Infrastructures
ISI Areas: Addressing System Vulnerability to Various Attack Modes, Reducing Their Impact, and Rapid Recovery
• Strategic Spare Parts Inventory: Reducing recovery time from terrorist attack or natural disaster by providing spare parts of existing equipment and by developing standardized “recovery transformers” with multiple voltage taps
• Vulnerability Assessment (VA): Determining the impact of potential terrorist attacks on power system components throughout the end-to-end electricity supply chain
• “Red Team” Attacks: Launch mock assaults on the computer and information networks of selected utility systems, probing for weaknesses in a manner similar to the FAA’s Red Team efforts
• Secure Communications: Scoping study to determine how to develop a secure, private communications network for the electric power industry, as an alternative to Internet-based systems
Source: EPRI Infrastructure Security Initiative (ISI) and Enterprise Information Security (EIS) ProgramMassoud Amin, EPRI, October 8, 2001
Adaptive Infrastructures
What can be Done? Vulnerability Assessment
Profile Threats(Determine Intent & Capabilities)
Develop Attack
Scenarios*
Assess Vulnerabilities to each Attack
Apply War GamingTheory
Assess Risks(probability ofsuccessful attack x impact)
Identify Likely Targets
DevelopCounter-measures
*Evolving spectra of targets and modes of attack
Source: EPRI Infrastructure Security Initiative (ISI) and Enterprise Information Security (EIS) ProgramMassoud Amin, EPRI, September 27, 2001
Smart Grid InterdependenciesSecurity, Efficiency, and Resilience
The National Plan for Research and Development In Support of Critical Infrastructure ProtectionThe area of self-healing
infrastructure was recommended in 2005 by the White House Office of Science and Technology Policy (OSTP) and the U.S. Department of Homeland Security (DHS) as one of three thrust areas for the National Plan for research and development in support of Critical Infrastructure Protection (CIP)
Technology development, transition and Implementation: … the really hard part
2. Transmission Grid
3. “Smart” Self-Healing Grid
4. Electricity Market Grid
5. Ownership/Investor Grid
6. Regulatory Grid
1. Customers Grid
Demand/ResponseReliableDelivery
EconomicDispatch
FACTSControl
Self-Healing
Investment Signals
Standard Market Design
© 2003 KEE Intl.
Seven Dynamically Interacting GridsSeven Dynamically Interacting GridsSeven Dynamically Interacting GridsRev 2.2
7. Economy Grid
Natural Gas Prices
2. Transmission Grid
3. “Smart” Self-Healing Grid
4. Electricity Market Grid
5. Ownership/Investor Grid
6. Regulatory Grid
1. Customers Grid
Demand/ResponseReliableDelivery
EconomicDispatch
FACTSControl
Self-Healing
Investment Signals
Standard Market Design
© 2003 KEE Intl.
Seven Dynamically Interacting GridsSeven Dynamically Interacting GridsSeven Dynamically Interacting GridsRev 2.2
7. Economy Grid
Natural Gas Prices
• Steps in STEM-based R&D to enable secure, efficient, resilient and adaptive infrastructure
• Markets and Policy framework, implementation, and evaluation
• Wind-tunnel testing of designs, markets and policy
• Making the business case for the opportunity
• Decision Support Dashboard: Have a plan …
Regional Cooperation:
Hybrid Networks
Centralized & Microgrids
Local/Nearby… Regional/National
International/Faraway
Decentralized Centralized
Possible Transitional and Hybridization Options in a Wide Range of Assessed Scenarios: Short- and Long-term Strategies, Decision Pathways, ROI, Economic and Societal Objectives, Policies, and Disruptions (including dollars, watts, GHG emissions, risks/benefits – private and public)
Depending on assessments noted herein, we: • Modernize, Retrofit, and Hybridize
Legacy Infrastructure• Leap-Frog for Isolated Localities or
for Clean Slate Designs
Local Microgrids
InternationalCooperation:
Primarily Large
Centralized Generation
Over the next five years, smart microgrids will play a growing role in meeting local demand, enhancing reliability and ensuring local control of electricity. Emerging developments and challenges the smart grid community must address:
For a brief overview and some details on microgrids, and this transition, please see:http://smartgrid.ieee.org/search?searchword=Microgrids&category=smart_grid&x=0&y=0
Examples of SG Technologies & Systems
New Challenges for a Smart GridNeed to integrate:
– Large-scale stochastic (uncertain) renewable generation
– Electric energy storage– Distributed generation – Plug-in hybrid electric vehicles– Demand response (smart meters), AMI, Data
Analytics, …
Need to deploy and integrate:– New Synchronized measurement technologies– New sensors– New System Integrity Protection Schemes (SIPS)
Critical Security Controls
Paradigm Shift – Data at MN Valley Coop
Before smart meters– Monthly read– 480,000 data points per year
After smart meters – 15-60 minute kWh– Peak demand – Voltage– Power interruptions– 480,000,000 data points per year
Battery Powered1B Water Meters1B Gas Meters
Industry Needs to Connect 50 Billion Devices by 2020An unsolved problem costing billions per year in wasted resources requires radically improved wireless performance and lower cost
Courtesy of On-Ramp Wireless, Inc. All rights reserved.
UndergroundMillions of miles of Pipelines & Circuits
In Vaults100M meters
Indoors1B sensors
Security needs
Physical Security– Transmission Equipment – System Security: Preventing system
impact and Protecting critical substations
– Standards
Cyber Security
Security: What should we be trying to protect
Fuel Supply and Generation AssetsTransmission and DistributionControls and CommunicationsOther Assets
Security: What issues impede Protection
Inability to share informationIncreased cost of securityWidely dispersed assetsWidely dispersed owners and operatorsFinding training and empowering security personnel
• Commercial off-the-shelf (COTS) controls and communications
• Siting constraints• Long lead-time
equipment• Availability of
restoration funds• R&D focused on
vulnerabilities
Electrical-Gas Interdependency
There has been a proliferation of natural gas This has resulted in a shift to use gas for generation, especially as older plants using other fuels are retiredPipeline capacities are an issue during cold weather New England governors and other parties are bringing forward creative ideas to make long-term commitments to build new capacity Additional gas pipeline capacity, accompanied by supply
contracts, is required to meet the growing demand for natural gas for power generation
Recommendations – Security, Privacy, and Resilience 1 (4)
Facilitate, encourage, or mandate that secure sensing, “defense in depth,” fast reconfiguration and self-healing be built into the infrastructure.Continue developing regional planning of a more redundant and less vulnerable transmission gridContinue developing operational tools to more accurately forecast the availability of natural gas supply for generators and improve unit commitment decisions
Recommendations – Security, Privacy, and Resilience 2 (4)
Mandate consumer data privacy and security for AMI systems to provide protection against personal profiling, real-time remote surveillance, identity theft and home invasions, activity censorship and decisions based on inaccurate data
Support alternatives for Utilities that wish to eliminate the use of wireless telecom networks and the public Internet to decrease grid vulnerabilities– Include options for utilities to obtain private
spectrum at a reasonable costs
Recommendations – Security, Privacy, and Resilience 3 (4)
Improve the sharing of intelligence and threat information and analysis to develop proactive protection strategies, – Includes development of coordinated hierarchical
threat coordination centers – at local, regional and national levels
– May require either more security clearances issued to electric sector individuals or treatment of some intelligence and threat information and analysis as sensitive business information, rather than as classified information
Recommendations – Security, Privacy, and Resilience 4 (4)
Speed up the development and enforcement of cyber security standards, compliance requirements and their adoption. Facilitate and encourage design of security from the start and include it in standardsDesign communications and controls systems for more limited failures including better EMP withstand capabilitiesIncrease investment in the grid and in R&D areas that assure the security of the cyber infrastructure (algorithms, protocols, chip-level & application-level)
Recommendations – Markets and Policy 1 (2) Use the National Institute of Standards and
Technology Smart Grid Collaboration or the NARUC Smart Grid Collaborative as models to bridge the jurisdictional gap between the federal and the state regulatory organizations on issues such as technology upgrades and system security
More transparent, participatory and collaborative discussion among federal and state agencies, transmission and distribution asset owners, regional transmission operators and independent system operators and their members and supporting research to improve understanding of mutual impacts, interactions and benefits
Recommendations – Markets and Policy 2 (2)
Continue working at a federal level on better coordination of electricity and gas markets to mitigate potential new reliability issues due to increasing reliance on gas generation
Update the wholesale market design to reflect the speed at which a generator can increase or decrease the amount of generation needed to complement variable resources
Recommendations1. Facilitate, encourage, or mandate that secure sensing, “defense in depth,” fast
reconfiguration and self-healing be built into the infrastructure2. Mandate security for the Advanced Metering Infrastructure, providing protection
against Personal Profiling, guarantee consumer Data Privacy, Real-time Remote Surveillance, Identity Theft and Home Invasions, Activity Censorship, and Decisions Based on Inaccurate Data
3. Wireless and the public Internet increase vulnerability and thus should be avoided4. Bridge the jurisdictional gap between Federal/NERC and the state commissions on
cyber security 5. Electric generation, transmission, distribution, and consumption need to be safe,
reliable, and economical in their own right. Asset owners should be required to practice due diligence in securing their infrastructure as a cost of doing business
6. Develop coordinated hierarchical threat coordination centers – at local, regional, and national levels – that proactively assess precursors and counter cyber attacks
7. Speed up the development and enforcement of cyber security standards, compliance requirements and their adoption. Facilitate and encourage design of security in from the start and include it in standards
8. Increase investment in the grid and in R&D areas that assure the security of the cyber infrastructure (algorithms, protocols, chip-level and application-level security)
9. Develop methods, such as self-organizing micro-grids, to facilitate grid segmentation that limits the effects of cyber and physical attacks
Energy Infrastructure, Economics, Efficiency, Environment, Secure Communications and Adaptive Dynamic Systems
Adaptive Systems (self-healing)
Economics
EfficiencyIncentives
Private Good
Electric Power
ReliabilityPublic Good
Complex, highly nonlinear infrastructure Evolving markets, rules and designs
“if you measure it you manage it if you price it you manage it even better”… Technologies, Designs, Policies, Options, Risks/Valuation
“Prices to Devices”
Society (including Policy & Environment)
IEEE Smart Grid http://smartgrid.ieee.org
Summary Recommendations
Support holistic, integrated approach in simultaneously managing fleet of assets to best achieve optimal cost-effective solutions addressing the following: – Aging infrastructure– Grid hardening (including weather-related
events, physical vulnerability, and cyber-physical security)
– System reliability
Urgently address managing new Smart Grid assets such as advanced metering infrastructure (AMI) and intelligent electronic devices