Название: Building an Effective Security Program for Distributed Energy Resources and Systems
Автор: Mariana Hentea
Издательство: John Wiley & Sons Limited
Жанр: Физика
isbn: 9781119070436
isbn:
Open systems view.
2.3.2 Advancing Cybersecurity and Privacy Design
Progress in cybersecurity for DER applications depends on achieved more quantitative and more visually understanding of the performance of the DER communications and control components, data and information characteristics, cyber infrastructure, business objectives, application requirements, security architecture design principles, data traffic patterns, vulnerabilities, and threats. Therefore, it is necessary to build cybersecurity and privacy by design into all DER systems and processes from the beginning. This saves on system life cycle development costs and protects organizations from expensive system modifications to meet the evolving threats.
Security by design and privacy by design are not new buzzwords; they are old principles to be applied by developers during development cycle. Security cannot be added to any system or application associated with power grid as an afterthought. There is a need to start from scratch, at the very beginning of any system development or technology integration, and consider privacy and security requirements in all design, test, and implementation criteria. Strategic consideration of these issues can make a huge difference in the confidence and protection that the overall system provides. This is necessary whether the design effort is focusing on DER applications, silicon chips, DER components, network components, end‐user devices, architecture, or the system as whole.
2.3.2.1 Understanding Interdependencies
Information technologies contribute to raising the interdependency between the operation of the power grid (including generation, transmission, and distribution) and the operation of the wholesale electricity market. The electric market and the power system become more closely tight every day. The operation of one depends on the continuous and reliable operation of the other. In addition, the vulnerability of the power system is not mainly a matter of electric system or physical system, but is more a matter of cybersecurity. Attacks (such as attacks upon the power system, attacks by the power system, and attacks through power system) to the Smart Grid infrastructures could bring huge damages on the economy and public safety.
Control systems such as SCADA are highly interconnected with IT systems within electric industry and with external infrastructures and economic sectors. Historically, control system security meant locating and identifying problems in a closed‐loop system; now unauthorized intrusion or attacks are evolving issues that have to be addressed.
The interdependencies are manifested at different levels. Security dependencies can occur and have all sorts of side effects. Risk assessment and management in large‐scale systems such as smart power grid requires an understanding of how and to what degree the systems are interdependent. Instances of interdependencies with other infrastructures are reported in [Amin 2003].
The smart power grid infrastructure is characterized by interdependencies (physical, cyber, geographical, and logical) and complexity (collections of interacting components). Cyber interdependencies are a result of the pervasive computerization and automation of infrastructures. There is a need for developing tools and techniques that allow a critical infrastructure such as the power grid to self‐heal in response to threats, failures, natural disasters, or other perturbations. Also, other scenarios have to be considered. For example, there is a cascading effect due to interdependencies of electric infrastructure with other infrastructures such as gas, telecommunications, transportation, financial, etc.
2.3.2.2 Open Systems
The SCADA obscurity approach used in SCADA systems is debatable; it has proven that it does not work anymore. Even to this day, many SCADA systems are perceived as either invulnerable to cyber attacks or uninteresting to potential hackers (security by obscurity principle). The obscurity principle implies use of concealment for a design, implementation, etc. to provide security. A system relying on the security through obscurity principle may have theoretical or actual security vulnerabilities, but its owners or designers believe that the flaws are not known and that attackers are unlikely to find them. If the strength of the program's security depends on the ignorance of the user, a knowledgeable user can defeat that security mechanism.
The principle of open design states that the security of a mechanism should not depend on the secrecy of its design or implementation [Bishop 2005]. Designers and implementers of security must not depend on secrecy of the details of their design and implementation to ensure security. A methodology based on economic analysis of the obscurity principle and open systems paradigm for determining when obscurity does not help security (there is no security through obscurity) and when the open paradigm affects security (loose lips sink ships) is described in [Swire 2004]. The proposed model provides a systematic way to identify the costs and benefits of disclosure for security.
Another example is the home area network (HAN), which is enabled by open and interoperable standards. The use of open and interoperable standards is key to accessibility, availability, innovation, and widespread adoption. Standards provide:
Cybersecurity that protects systems and data.
Interoperable components that protect investments in technology and enable growth in the HAN ecosystem.
Competition among consumer products companies, which drives down costs while increasing choices for consumers.
Reduced maintenance and support costs caused by proprietary solutions.
A common understanding of information exchange.
Interoperability of DERs with HAN is key to advancing Smart Grid applications. For purposes of the HAN specifications, a DER is a HAN device with functionality that measures and communicates its full energy production. DERs generate electricity, which may provide for all or a portion of the premises' electrical needs. A DER may be interconnected to the utility electric distribution system, and any net energy flowing on to the electric grid may be recorded in a separate channel on the AMI meter. Additional information about AMI components and open Smart Grid can be found in [UCAIUG], [NETL 2008].
The DER production may also be managed by an EMS that optimizes the premises energy consumption. Also, open standards are key enablers for the success of the IoT, as it is for any kind of M2M communication.
One crucial aspect is how to protect privacy in open systems. Personal privacy can also be compromised when information is disclosed in open systems. Solutions require analysis of several factors. Compelling goals such as accountability, economic growth, free speech, and privacy should be included in any overall decision about whether to disclose information [Swire 2004].
In addition, a designer has to consider regulations on privacy policy, corporate responsibility, and user trust because compliance is required by several committees (e.g. UN Human Rights Watch Group). A committee established in the United States in August 2013 has the task to review policies and regulations on Intelligence and Communications Technologies to support commitment to privacy and civil liberties and maintain the public trust in the United States.
2.4 Smart Grid Cybersecurity: A Perspective on Comprehensive Characterization
Two major views of Smart Grid security include cybersecurity and physical security [P2030 2011], [DOE 2015a]. Although there are differences on these views, there are common aspects and many interdependencies between these views that require a unified view of security. Another perspective is that power grid information security and protection has aspects of both ICS and IT systems. Although both ICS and IT systems require information security services СКАЧАТЬ