cyber physical system security - iowa state...
TRANSCRIPT
Cyber Physical System Security
Manimaran Govindarasu
Dept. of Electrical and Computer Engineering
Iowa State University
S2ERC Industry Outreach Workshop
Outline
• Background
• CPS Security Research
• CPS Security Testbed
• Conclusion
Cyber Physical System Security 7/10/14 2
Smart Grid: A Cyber-Physical System
Cyber Physical System Security
Source: NIST Framework and Roadmap for Smart Grid Interoperability Standards, Release 2.0, February 2012
7/10/14 3
Cyber Threats Critical Infrastructures
Cyber Physical System Security
Cyber-Based Attacks
Protocol Attacks
Intrusions Malware Network Infr. Attacks
Denial of Service (DoS)
[General Accounting Office, CIP Reports, 2004 to 2010]; [NSA “Perfect Citizen”, 2010]: Recognizes that critical infrastructures are vulnerable to cyber attacks from numerous sources, including hostile governments, terrorist groups, disgruntled employees, and other malicious intruders.
Insider Threats
7/10/14 5
Stuxnet malware (July 2010)
Cyber Physical System Security
Initial Delivery (via USB)
Corporate LAN infected
Reporting to attack control server
Connect to substations
Deliver attack payload to PLC
Affect Uranium enrichment
Possible Attack Path
Lessons Learned
• Took 1 year to discover
• > 100,000 machines infected
• Professionally written code
• Infected PLCs appear to function normally
Future Requirements
• Active network monitoring
• Behavior and reputation based access
control lists
• Anomaly detection
• Insider threat mitigation
• Target – Industrial control systems
• Modifies code on PLCs in Uranium enrichment facilities
• Alters the speed of centrifuges used for Uranium enrichment
7/10/14 6
Cyber Vulnerabilities (trend)
In fiscal year 2012, 198 cyber incidents reported. Energy sector attacks 41% of the total incidents.
Source: http://www.ics-cert.us-cert.gov/pdf/ICS-CERT_Monthly_Monitor_Oct-Dec2012.pdf
7/10/14 7 Cyber Physical System Security
Smart Grid Security = Info + Infra + Appln. Security
Information Security Infrastructure Security Applications Security
N
E
E
D
S
Information Protection
Confidentiality
Integrity
Availability
Authentication
Non-repudiation
Infrastructure protection
Routers
DNS servers
Links
Internet protocols
Service availability
Generation Control
Transmission Control
Distribution Automation
Sys. Monitoring & Protection
Real-Time Energy Markets
Energy Management System
M
E
A
N
S
Encryption/Decryption
Digital signature
Message Auth.Codes
Public Key Infrastructure
Firewalls
IDS/IPS
Authentication Protocols
Secure Protocols
Secure Servers
IPSEC, DNSSEC
Attack-Resilient WAMPAC
Model-based Algorithms
- Anomaly detection
- Intrusion Tolerance
Risk modeling and mitigation
Secure EMS and automations
Cyber Physical System Security
Transform: Fault-Resilient Grid of today TO Attack-Resilient of Grid of future
7/10/14 9
Risk modeling and mitigation
Mitigation of Coordinated Attacks
Offline: Risk Modeling and Mitigation
Online: Alert Correlation and Mitigation
Cyber System Definition (Topology, Security)
Power System Definition (Control, Protection)
Cyber System Modeling (Petri Nets)
Power System Modeling (DIgSILENT, PSSE)
Attack Probability Impact
Offline Mitigation
Attack Template
if risk > threshold
E.g. - Modify settings, Add security
E.g. - Increase transmission capacity
risk
Approach 1: Risk Modeling and Mitigation
7/10/14 10 Cyber Physical System Security
Risk = Threat x Vulnerability x Impacts
Evaluating – Impact Estimation
g
•Coordinated Attack Groups-
Gen + Gen
Gen + Trans
Trans + Trans
• Optimal power flow simulation
• = load shedding for OPF solution
g
Results
g = 363 MW
g = 163 MW
g = 110 MW
Attacker can control: Space: where to attack? Time: when to attack?
Cyber Physical System Security 7/10/14 11
NSF Project: M. Govindarasu (ISU) & C.C. Liu (WSU)
WAMPAC – A high level view
Power system
PMU Relays Protection elements
VAR control elements
(SVC,FACTS)
WAMPAC Control Center EMS applications (SE, AGC), Protection Schemes, Alarms
Wide Area Network
Plant
Sensors Actuators
Delay
Controller
Cyber attack points
7/10/14 12 Cyber Physical System Security
Cyber-Physical Control in Power Grid
Cyber Physical System Security 7/10/14 13
S. Sridhar, A. Hahn, and M. Govindarasu, “CPS Security for Power Grid”, Proc. IEEE, Jan. 2012
Control Systems Attack Model
Cyber Physical System Security
Yu-Hu. Huang, Alvaro A. Cardenas, S. Amin, S-Z. Lin, H-Y. Tsai, and S. Sastry, “Understanding the Physical and Economic Consequences of Attacks on Control Systems,” International Journal of Critical Infrastructure Protection, 2(3):72-83, October 2009.
• Data integrity
• Replay
• Denial of service
• De-synchronization and timing-based
Machine/ Device
Actuators
Analyses & Computation
Control Center
Sensors
Physical System
Data Acquisition
Remote/Local Control
ui(t) yi(t)
Types of Attacks Generic Control System Model
7/10/14 14
Automatic Generation Control (AGC)
Cyber Physical System Security
AGC Features
• Maintains frequency at 60 Hz
• Supply = Demand
• Maintain power exchange at scheduled value
• Ensures economic generation
Figure from NERC Technical Document: Balancing and Frequency Control, Jan 2011
7/10/14 15
Why need CPS Security Testbed
Cyber Physical System Security
1 • Vulnerability Research
2 • Impact Analysis
3 • Mitigation Research
4 • Cyber-Physical Metrics
5 • Data and Model Development
6 • Security Validation
7 • Interoperability
8 • Cyber Forensics
9 • Operator Training
7/10/14 17
PowerCyber CPS SecurityTestbed
Cyber Physical System Security
Information/Control
Layer
Physical Layer
Communication Layer Cyber
attacks
EMS, SAS, RTUs, IEDs
Routing infrastructure, Network protocols, Routers, Firewalls
Power System Simulators (RTDS, Power factory)
Defenses
Aditya Ashok, Adam Hahn, and Manimaran Govindarasu, “A cyber-physical security testbed for smart grid: system architecture and studies”, Proceedings of the Cyber Security and Information Intelligence Research (CSIIRW '11).
7/10/14 18
Visualization
USC/ISI DETER Testbed
ISU PowerCyber Testbed
CPS Testbed Federation Architecture
7/10/14 Cyber Physical System Security 22
Research Challenges/Opportunities
7/10/14 Cyber Physical System Security 24
1
•Fundamental paradigm to transform “fault-resilient grid of today into an attack-resilient grid of the future” taking into account both natural and man-made extreme events.
2
•Pragmatic risk modeling and mitigation framework accounting evolving, uncertain nature of threats (APTs and HILFs), cyber-physical interdependencies, and cascading failures.
3
• Security architectures and algorithms to achieve security, privacy, and resiliency in wide-area monitoring, protection, and control of the power grid.
1
•Development of a national-scale high-fidelity, federated CPS testbed – with remote and open access – to accelerate the pace of innovation, R&D, education, and workforce development
2
• CPS Cloud architecture, algorithms, and services for resource allocation and control of federated resources to support large-scale, high-fidelity CPS experimentations
3
•A open and shared experimental infrastructure for cross cutting CPS sectors (e.g., power system, oil and natural gas, transportation)
Security and Resiliency
Federated CPS Infrastructures & Testbeds
CONCLUSIONS Cyber security of critical infrastructures is important for national security and economic well-being
• CPS Security = Info Sec + Infra Sec + Application Security • Defense against HILF events (e.g., stealth coordinated cyber attack)
• Risk Assessment and Mitigation should be a continuous process
• Attack-Resiliency needs to be built into CPS systems
• Tesbed-baseds are important for security R&D&E
• Transform: Fault-Resilient CPS systems Attack-Resilient CPS systems
• Industry-University Collaboration & International Collaboration needed
Cyber Physical System Security 7/10/14 25
THANK YOU … Acknowledgements • Funding:
• U.S. National Science Foundation (NSF) • U.S. NSF IU/CRC Power Engr. Research Center (PSERC) • Iowa State Univ., Electric Power Research Center (EPRC)
• Researchers:
• Collaborators: Prof. Chen-Ching Liu, Washington State University (WSU) Prof. Doug Jacobson & Venkat Ajjarapu, Iowa State University (ISU) Terry Benzel, USC/ISI Dr. Adam Hahn, MITRE; Dr. C. W. Ten, Michigan Tech.
• Students: S. Sridhar, Aditya Ashok (ISU) Junho Hong (WSU), Alexandru Ștefanov (UC Dublin)
• Professional:
• IEEE PES - PSACE CAMS Cyber Security Task Force
Cyber Physical System Security 7/10/14 26