Index

“3 × 3”

“3 × 3” cyber security model, 118121
back-office systems, 120
generation, transmission, distribution and metering systems, 120121
generation, transmission, and metering embedded devices, 121

A

Advanced Metering Infrastructure (AMI), 12, 4750
compromise of, 4950
smart meter, 48
Advanced network monitoring, 133134
data loss prevention (DLP), 134
network behavior and anomaly detection (NBAD) tools, 133134
network forensics tool, 134
Anti-virus, 129
Application whitelisting, 126127, 129
Article 29 Working Party opinion, 92

B

Back-office systems, 120
BP Energy Outlook, 2
Bring Your Own Device (BYOD), 149
Browser Exploit Against SSL/TLS (BEAST), 36

C

Canadian Electricity Association, 3
Chain, in Smart Grid supply chain, 156158
Change control, 129
CO2 emission reduction
electric vehicles, support for, 8
greater efficiency, 56
integration of renewable technologies, 67
reduction in need of new power plant, 78
smarter appliances, 89
Compensating network security controls, 132133
application content inspection, 132
industrial protocol filters, 132
intrusion detection systems, 132
intrusion prevention systems, 132
transport layer security, 132133
Consumer appliances, 89
Control zone protection, 129130
application whitelisting, 129
anti-virus, 129
controlling configurations and system changes, 129
change control, 129
host data loss prevention (DLP), 129130
host intrusion detection systems/host intrusion prevention systems (HIDS/HIPS), 129
event logging, 130
Cyber attack methods
attacking generation facilities, 8283
blended attacks, 7781
human-machine interface (HMI) popping, 77
man-in-the-middle (MITM) attack, 7576
replay attacks, 7677
secure protocols, 8384
setting phasors to kill, 8182
Cyber security
future considerations, 166168
future countermeasures, 168171
point security versus secure framework, 170171
tools to develop, 169170
Cyber Security Strategy of the United Kingdom, 147

D

Database Activity Monitoring or “DAM”, 136
Denial-of-service attack, 5960
Department of Energy Office of Electricity Delivery and Energy Reliability (DOE-OE), 170

E

Electric Power Research Institute (EPRI), 5
Electric Reliability Council of Texas, 34
Electrical generation
burner and steam generation processes, 2930
“clean” or “green” energy systems, 22
exploiting the controllers, 2730
fuel delivery processes, 29
generation system architecture, 2326
manipulation, 2829
nuclear generation system, 23
security concerns and recommendations, 2632
types of, 1923
wind turbines, 22
build new plants for power, 7
raw materials, 8
renewable energy source, 6
source of, 6
Energy Retailers Association of Australia, 9
European Wind Energy Association (EWEA), 6
Event logging, 130

F

Federal Energy Regulatory Commission (FERC), 56
Field zone protection, 126129
application whitelisting, 126127
exceptions to rules, 128
real-time operating systems (RTOS), 128129
Firewalls, 132133

G

Grid resilience, 35
baseload generating units, 4
intermediate units, 4
peak demands, 34
peaking units, 4
power outage, 45
significant risks, 4

H

Hacking Smart Grid
denial of service, 5960
devices-specific vulnerabilities, 6869
identifying target, 6267
inherent vulnerabilities, in industrial protocols, 7072
interconnectedness, 64
leveraging automation systems for enumeration, 67
leveraging know vulnerabilities, 6970
manipulation of service, 6062
motive, 5862
Scanning transmission and distribution infrastructure, 6567
targeting major cyber security, 6465
theft of information, 5859
vulnerability, 6773
Heritage Foundation, 45
Host data loss prevention (DLP), 129130
Host intrusion detection systems/host intrusion prevention systems (HIDS/HIPS), 129
House of Commons Trade and Industry Committee, 3

I

ICS-CERT, 167
Strategy for Securing Control Systems, 167168
objectives, 168
IEC 60870-6, 155
IEC 61850, 54, 155
IEC 61968, 154
IEC 61970, 154
IEC 62351, 54, 155
IEEE 2030-2011 Smart Grid power system, 108109
IEEE C37.118, 5354
Independent Pricing and Regulatory Tribunal (IPART), 9
In-home systems, 50
International Atomic Energy Agency, 2
IPsec Encapsulating Security Protocol (ESP), 117
ISA-62443, 101102, 109114
for multi-plant zone separation, 110
and Smart Grids, 109
Windows-based devices, 109111
“zone and conduit”, 109, 110
ISA-SP99, 109114

M

Man-in-the-middle (MITM) attack, 7576
McAfee Critical Infrastructure, 114
business networks (Enterprise), 114
unique environments, 114
Metering, 47
Microgrids, 5051

N

National Institute of Standards and Technology (NIST), 89
Netwitness Investigator or Solera Networks’ DeepSee, 134
Network DLP, 136
NISTIR 7628, 101
Nitol botnet, 149
Nonintrusive Appliance Load Monitoring (NALM), 89

O

“Operation b70”, 149

P

Phasor measurement units, 1112
Privacy concerns with Smart Grid
avoiding loss of trust and reputation, 9596
avoiding unnecessary costs, 95
consumer appliances, 89
consumer benefits, 88
customer’s energy records from power companies, 8990
identifying and managing risks, 9597
inadequate solutions, 95
informing organization’s communications strategy, 96
meeting and exceeding legal requirements, 96
personal data, 8798
privacy impact assessment, 9598
privacy risk, 8898
smart meters, 88
thermal imaging, 90
Protocols, 5254

S

SCADA network, 115
Ethernet and TCP/IP, 115
Scanning transmission, 6567
Secure protocols, 8384
Securing supply chain
risks in, 148
Security control
advanced network monitoring, 133134
common technology-based methods, 126
compensating network security controls, 132133
control zone protection, 129130
establishing boundaries and zone separation, 130134
field zone protection, 126129
implementation of, 125
monitoring, 139141
protecting data and applications, 134138
service zone protection and back office systems, 130
Shamoon (W32.DistTrack), 141142
“situational awareness,” 138–141
type of data to be protected, 137
Security information and event management systems (SIEM), 136
Service zone protection, 130
Shamoon (W32.DistTrack), 141142
Simplified Smart Grid reference model, 121122
Smart Grid
accessing without safeguards, 87
adoption of electric vehicles, 8
Advanced Metering Infrastructure (AMI), 12
alternative world, 162163
challenge of making predictions, 161163
charging stations for electric vehicles, 97
consumer benefits, 9
Data Protection Authority, 96
definitions, 2
energy demands, 23
environmental performance, 59
grid resilience, 35
managing peak demand, 10
operational efficiencies, 911
phasor measurement units, 1112
potential exclusion, of communities, 12
privacy concerns, 87
processing personal data, 96
proportionality, 166
renting, 13
smarter appliances, 89
substation automation, 11
transformation, 2
transparency, 164166
understandings, 1
values of personal data, 163166
Smart Grid Australia, 34, 13
Smart Grid Coordination Group (SGCG), 104107
Smart Grids architecture model (SGAM) framework, 104107
Smart Grid cyber security models, 101, 103104
“3 × 3” cyber security model, 118121
anomaly detection products, 117
challenges in diversity and interconnectedness, 111
communication, 111113
gateway systems, 111
mapping security requirements, 114121
multiple segment systems, 113
process control network, 116
Smart Grid Coordination Group (SGCG), 104107
Standardization Mandate M/490, 104107
Smart Grid network architecture, 17
bulk and distributed generation architectures, 1932
data manipulation, 3132
distribution architecture, 4347
generation system architecture, 2326
IEC 61850, 54
IEC 62351, 54
IEEE C37.118, 5354
network attacks, 3031
protocols, 5254
transmission and distribution architecture, 3247
ZigBee, 54
Smart Grid supply chain, 149158
the chain, 156158
in communications providers, 151152
contractually explicit, 155
in end customer, 151
guidance, 155
high transparency, 150151
in grid operator, 150151
ICT provider, 152153
in installation companies, 152
mandatory standards, 155
medium transparency, 151153
in retail, 152
standardization bodies, 153156
@2legislation authorities, 155
Smart meter, 48, 88
compromise of, 49
Socket, 12
Standardization Mandate M/490, 104107
System interdependencies, 5152

T

Thermal imaging, 90
Transmission architecture, 3247
functions, 34
SCADA systems and substation automation, 3439
Transmission SCADA systems (T-SCADA), 34
direct attack vectors, 4041
distribution field devices, 4647
distribution SCADA/DMS, 4446
field controllers and automated field devices, 4647
line monitoring systems, 4142
line protection systems, 41
phasor data concentrator, 40
phasor measurement, 3941
possible exploitation of, 36
redefining inputs and outputs, 38
reliability and safety, 38
synchrophasors, 40
transformers, 4243
wide–area communication infrastructure, compromise of, 3638

U

United Nations, 2
US Cyberspace Policy Review, 147
US Generation III+ (GEN III+) nuclear power plan, 78

Z

ZigBee, 54
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset