UCAIug Smart Grid Security Face-To-Face Meeting July

UCAIug: Smart Grid Security Face-To-Face Meeting – July 2009 @ AEP Utili. Sec Working Group AMI-SEC Task Force Utili. Sec WG Chair: Darren Reece Highfill darren@sakersystems. com

AMI Security Ecosystem The Grid Field Tech Dispatcher System Operator AMI System ISO Meter Data Manager Customer Rep Energy Trader Customer Vendors & Third Parties

Field Elements Issues • Limited or no control over physical access • Wide range of logical access control • Resource constrained devices • Large quantity of devices Requirements • Device Identity • Data Integrity • Customer Privacy Considerations • Intelligence? (How much? ) • Filtering?

Field Elements Network Management • Ad-hoc Structure or Predefined (Prescriptive)? • Integrity, Availability of Provisioning Mechanism Authentication Mechanism • End-to-End or Step-by-Step? • Bi-Directional (“Two-Way”) • Pre-Shared or Public Key? • Customer Devices Countermeasures • Role-Based Access Control • Least Privilege, Need-To-Know • Unpredictable Credentials • Intrusion Detection • Tamper Detection

? Data Concentrator • At a substation? Somewhere in the field? • Who owns the property? Is there a fence? • Does it use wireless technology? • What kind of access controls are implemented?

? Data Concentrator • How many homes are served? What is peak load? • More than 300 MW (~100, 000 homes? ) NERC CIP? • How does it authenticate / get authorized to the Data Center Aggregator?

Operations Center System Management Console • Data Availability, Integrity • Filtered View – No Financial Data • Time Sensitive (Freshness) Field Communications • Data Integrity • Temporal Privilege • Strict Procedures • Detailed Accounting Meter Data Management System • Data Integrity, Confidentiality • Multiple Interfaces, Heterogeneous Constraints

Public Interface Website • Data Confidentiality • Public (General Info) and Private (Customer) Views • Consumer Portal Best Practices (e. g. : Financial Services) Customer Representative • Data Confidentiality, Integrity • Filtered View – Billing Related Revenue • Data Integrity, Confidentiality • Non-Repudiation

Demand-Response Energy Trader • Regulated Relationship Availability & Control • Data Confidentiality, Integrity • Negotiated “Contract” • Similarities to Dealing with an External Entity Vendors & Third Parties External Entities • Data Confidentiality • Contractual Agreement • Least Privilege, Need-To-Know

Smart Grid Landscape

Utili. Sec Working Group • Motivation: – Part of a utility-led, electric power industry community effort (UCAIug) to define a common set of requirements for the procurement of new technologies • Status: – Suite of 4 deliverables completed in 2008 • • AMI Security Risk Assessment AMI System Security Requirements (incorporates Architectural Description) AMI Security Component Catalog AMI Security Implementation Guide – AMI System Security Requirements document ratified December, 2008 (“ 1. 0”) • Current Participation: – 200+ Subscribers to Listserv across 8 countries and 4 continents – More than a dozen major North American utilities actively engaged – Broad mix of utilities, vendors, government, and academia

NIST CSCTG • NIST chartered in EISA 2007 with development of Interoperability Framework for the smart grid – Formed a series of Domain Expert Working Groups (DEWGs) to engage industry – 2 face-to-face meetings in DC in past couple months • NIST Cyber Security Coordination Task Group (CSCTG) – Cyber security focus for Interoperability Framework development

Issues Addressed: NIST CSCTG • Led by Annabelle Lee, NIST • Focusing on high-level requirements for securing the smart grid across all stakeholders – Utilities, Grid Operators, Regulators, Consumers, Third Parties • Two active sub-groups – “Bottom-up” – Vulnerability Analysis

Issues Addressed: Utili. Sec • Chartered with developing – Detailed requirements – Best practices guidance for utilities procuring, implementing, and deploying smart grid technology • Technology-specific, but vendor-agnostic guidance • Feed and accelerate SDO work (IEC, IEEE, etc. )

Utili. Sec • UCAIug Open Smart Grid (Open. SG) Subcommittee Utili. Sec Working Group • Encompasses the AMI-SEC Task Force – (previously under Utility. AMI) • Following on and expanding work done by AMI-SEC – AMI System Security Requirements (“AMI-SEC SSR”) published as “ 1. 0” in December 2008

Working Group Responsibilities • • • Provide a charter Submit a project schedule and a monthly status report Schedule meetings (in person or electronic) Structure sub-working groups or ad-hoc groups as necessary Seek Open. SG approval for – Formal Document Release – Charter approval – Approval of task force and lower level chairs Working Group Constitution

Organization & Communications • Information exchange – Intra-organizational • Issue hand-off form • Cross-representation – Inter-organizational • Participation • Outreach • Charter (1 slide PPT)

Utili. Sec Charter • Chartered with developing detailed security and assurance requirements and security best practices guidance for organizations throughout the lifecycle of smart grid technology • Technology-specific, but vendor-agnostic guidance • Feed and accelerate SDO work (IEC, IEEE, etc. )

AMI-SEC Task Force • AMI-SEC is concerned with securing AMI system elements. – Contextual Definition: “…those measures that protect and defend AMI information and systems by assuring their ability to operate and perform in their intended manner in the face of malicious actions. ” • Purpose – Produce technical specification • Used by utilities to assess and procure • Used by Open. AMI – part of AMI/DR Reference Design – Determine baseline level of detail • Prescriptive in nature • Compliant products will have known functionality and robustness

Implementation Guide

Leveraging ASAP into Utili. Sec

ASAP-SG: Summary • Project Description: – Utility-driven, public-private collaborative project to develop system-level security requirements for smart grid technology • Needs Addressed: – Utilities: specification in RFP – Vendors: reference in build process – Government: assurance of infrastructure security – Commissions: protection of public interests • Approach: – Architectural team produce material Architectural team – Usability Analysis team assess effectiveness Usability Analysis team – NIST, Utili. Sec review, approve NIST, Utili. Sec • Deliverables: – Strategy & Guiding Principles white paper – Security Profile Blueprint – 3 Security Profiles: AMI, ADE, Communications – Usability Analysis Schedule: Jun 09 – Dec 09 Budget: $3 M ($1. 5 M Utilities + $1. 5 M DOE) Performers: Utilities, Ener. Nex, Inguardians, SEI, ORNL Partners: DOE Release Path: NIST, UCAIug Contacts: Bobby Brown bobby@enernex. com Darren Highfill darren@sakersystems. com

ASAP-SG • Public-private collaborative project – DOE, NIST, & utilities • Purposes: – Support the activities of the NIST CSCTG – Accelerate the work of the Utili. Sec WG • Participants: – Utilities, regulators, vendors, consultants, national laboratories, & academia

Technical Coordination with NIST

Smart Grid Security Profile Blueprint • Understandable and user-friendly framework, set of tools, and methodology • Derive and apply smart grid domain-specific security profiles • Delineates: – Repeatable security risk assessment methodology – High-level Smart Grid policy set – Smart Grid policy to a domain requirement mapping process – Application security profile development process

Security Profiles • Prescriptive, actionable guidance for how to build-in and implement security for smart grid functionality • Tailored to a set of specific smart grid functions, such as – Advanced Metering Infrastructure – Automated Data Exchange – Network Topology – Outage Management – Etc.

Questions? darren@sakersystems. com Utili. Sec Collaboration Site http: //osgug. ucaiug. org/utilisec