The Future of Electric Power in the United States (2021) / Chapter Skim
Currently Skimming:
6 Creating a More Secure and Resilient Power System
6 Creating a More Secure and Resilient Power System
Pages 213-268
The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.
From page 213... ...
However, the more the grid uses digital communication technologies, the greater the risk of cyberattacks. This chapter summarizes the current state of cybersecurity of the electric power system and describes a vision for the future of grid cyber resilience.
|
From page 214... ...
Line crews are regularly dispatched from unaffected utilities to provide extra manpower and repair 1 The National Academies reports Enhancing the Resilience of the Nation's Electricity System (2017) , Analytic Research Foundations for the Next-Generation Electric Grid (2016)
|
From page 215... ...
Mutual assistance and preparedness tactics have also been successfully extended to critical equipment; for example, the industry has increased its reserve inventories of high-voltage transformers. While there has been some progress on improving the physical security of the grid, the system will continue to be vulnerable to physical attacks.
|
From page 216... ...
For an EMP attack, primary vulnerabilities were associated with the E1 pulse, which would impact electronic control equipment in substations, and many other critical infrastructures, including all telecommunications, computers, and other
|
From page 217... ...
While stressing the importance of continued attention to physical security, which is too easily overlooked, the balance of this chapter focuses on cyber risks in part because physical risks have been covered in such detail in other National Academies reports. Cyber threats are increasing as the tactics used by adversaries evolve and the dramatic transformations occurring on the grid, including the accelerating reliance on digital technologies, create new vulnerabilities.
|
From page 218... ...
Cybersecurity Challenges Presented by the Evolving Grid The increasing dependence of grid operations on a cyber infrastructure, with varied ICT components for sensing, communication, computation, and actuation, resulted in a power grid that is a cyber-physical system. The current grid is monitored by connected sensors recording physical changes, and the sensor data is telemetered using ICT for analytics and subsequent control decisions, and decisions are telemetered to end points that take physical actions to protect or operate the system.
|
From page 219... ...
Finding 6.3: There are unique challenges in addressing cybersecurity risks for industrial control systems as compared to the cybersecurity risks faced by more general information technology systems. Finding 6.4: Cybersecurity standards and industry investment focuses more heavily on developing preven tion capabilities instead of detection, response and recovery.
|
From page 220... ...
The first formal federal recognition of the critical risk that cyber threats pose to the electric grid came in Critical Foundations: Protecting America's Infrastructure (PCCIP, 1997) , a report submitted by the President's
|
From page 221... ...
with more than 80 members from the private sector and federal, state and local, tribal, and territorial governments. The RPWG is developing the Resilient Power Guidelines, which will be used to support EMP mitigation planning and pilots.
|
From page 222... ...
OT and ICT on-premises Increased use of cloud services by vendors for some utility functions is shifting the market and limiting availability of on-premises solutions and options that enable more utility control over cybersecurity practices. Domestic supply chain as the primary source of Increasing reliance on international supply chains creating cybersecurity concerns about physical and cyber assets used in the grid risks such as malicious implanted hardware, software, and/or firmware elements.
|
From page 223... ...
Cybersecurity as the focus Increased attention to data privacy concerns in addition to data security concerns as more consumer data is involved in utility transactions and potentially grid operations. BOX 6.3 Classes of Threat Agents Cybersecurity attacks are not a new issue and are launched by threat agents with different goals.
|
From page 224... ...
established a national policy for critical infrastructure protection from physical and cyber threats, and assigned DOE responsibility for the electric grid, and oil and natural gas infrastructure cybersecurity. The electricity industry documented the significant work that should be done to secure the grid's cyber infrastructure as early as 2006 (Energetics, 2006)
|
From page 225... ...
electric grid. Two examples of attacks impacting control systems have also occurred in the U.S, confirming that cybersecurity attacks on ICS are not limited to international utility victims.
|
From page 226... ...
The CIP standards review process can consume a considerable amount of voluntary time provided by utility staff. The electric grid is the only critical infrastructure that is required to comply with mandatory federal cybersecurity standards, and the CIP standards have been used as a model in other industries and in other countries.
|
From page 227... ...
. The E-ISAC organizes and leads GridEx, a distributed play grid exercise that simulates a cyber and physical attack on the North American electric grid and other critical infrastructures.
|
From page 228... ...
In reality, the strong dependence of grid reliability and resiliency on other critical infrastructures, and the dramatic increase in stakeholders that could impact grid reliability means grid cybersecurity and cyber resiliency now relies on the cybersecurity practices of many more entities than just the utilities. Currently, there are no directories listing all of the stakeholders that could influence the cybersecurity and cyber resiliency of grid operations.
|
From page 229... ...
These two reports provide a different perspective on industry challenges to meeting compliance with the CIP standards. Neither study was intended to provide a global assessment of the current state of grid cybersecurity, particularly when the CIP standards are only applicable to the bulk power system (generation and transmission)
|
From page 230... ...
A resilient grid will also include a well-trained workforce that reinforces a cybersecurity culture within their organization, utilizes effective information sharing mechanisms, embraces novel response methods and modifies response skills as the threats evolve. And it will include cybersecurity and resilience metrics or processes that can be used to validate the effectiveness of different cyber resilience approaches, and understand trade-offs, risks and costs associated with different approaches.
|
From page 231... ...
Because of this, it is important not to let "perfect be the enemy of the good" and assume that unless you can make the entire grid cyber infrastructure resilient, you have failed to improve the grid's cyber resilience. With this understanding in mind, the remainder of this chapter focuses on specific strategies that can be used to improve the resilience of the grid, rather than a specific application of those strategies to specific grid systems or architectures, since those systems and architectures will change in unknowable ways over time.
|
From page 232... ...
. Cognitive biases also impact decisions on how to respond to cybersecurity incidents.
|
From page 233... ...
Potential health and safety impacts are primary reasons why the management of the electric grid has adopted a risk averse attitude. Human factors and human-centered design can also be used to improve cybersecurity training programs vendors create for new security tools.
|
From page 234... ...
234 THE FUTURE OF ELECTRIC POWER IN THE UNITED STATES TABLE 6.3 Cognitive Biases That Could Affect How an Operator Interprets Data About and Responds to a Cyber Incident Bias Category Bias Description Information integration, Selective perception The active screening out of information that is not thought to be salient or communication, and important (e.g., website banner blindness)
|
From page 235... ...
Although safety has been a number-one concern from the earliest development of the electric grid, the transformation from a compliance culture to a safety culture has taken decades of continuous focused efforts. An analogous culture of security and resilience has not yet developed within the grid or other critical infrastructures.
|
From page 236... ...
In brief, attackers can exploit information-sharing transactions of defenders but not vice versa." Reaching Human Limits in Complexity In the workshop on grid cybersecurity and cyber resiliency that the committee ran in November 2019, participants suggested that we are reaching the limits of human understandability in some of our grid systems. It is an increasing challenge for most utilities to accurately enumerate everything in their systems: physical assets, data, configurations, connectivity, software/hardware/firmware versions, communication links, among many other elements.
|
From page 237... ...
Many insider threats are created by employees who unintentionally take an action that opens up the utility to a security risk as a result of a social engineering attack, a misconfiguration error, or other human errors. By definition, a person must have authorized access to be an insider threat.
|
From page 238... ...
There will be no one cybersecurity solution that will fit all utilities, let alone all stakeholders in the electric grid. Below are some key topics affecting processes that will be important to address in the future grid to achieve cyber resilience: motivating cybersecurity investments; cybersecurity information sharing; impact of market forces and supply chain on cybersecurity; administrative overlaps, interdependencies and national security; cybersecurity insurance; and cybersecurity standards, guidelines, and frameworks.
|
From page 239... ...
. According to Joe McClelland, Director of the FERC Office of Energy Infrastructure Security, one of the motivations for cybersecurity investment is a clear understanding of the cyber threats facing the energy sector.
|
From page 240... ...
In the Unclassified Joint Report on the Implementation of the Cybersecurity Information Sharing Act of 2015 by the Office of the Inspector General of the Intelligence Community, the authors concluded that within the federal agencies there had been improved sharing of cyber threat indicators and defensive measures from 2017 to 2019, and that efforts were under way to expand information accessibility. The report identified four barriers that hindered sharing of cyber threat indicators and defensive measures: • Restrictive security classifications limit cyber threat information from being widely shared.
|
From page 241... ...
, the Electricity Information Sharing and Analysis Center (E-ISAC) , and the electric industry to identify new legislative authority needed for obtaining early warnings associated with self-reporting security conditions that may potentially disrupt the electric power grid.
|
From page 242... ...
Finding 6.9: In an increasingly diverse vendor ecosystem, lack of full control of supply chain critical com ponents and technologies is a growing concern for grid cybersecurity. Recommendation 6.6: Congress should give regulatory authority to the Department of Homeland Secu rity (DHS)
|
From page 243... ...
The stronger the interdependent connection between grid reliability and other infrastructures, the more important it is that those stakeholders manage their cybersecurity risks. For example, the natural gas sector, and in particular, the natural gas interstate transmission and local distribution infrastructure is an important contributor to electric grid reliability.
|
From page 244... ...
While owners and operators of the electric grid are on the front lines defending against ongoing nation state and criminal attackers who have an intent to compromise the integrity of the grid or its business operations, the business case for addressing cyber threats often does not provide sufficient motivation to secure assets at the level that addresses the risks to national defense (NRC, 2014)
|
From page 245... ...
was formally assigned responsibility for the electric grid, and oil and natural gas infrastructure cybersecurity. 2003 Homeland Security Superseded PPD-63, assigning DOE as the Sector Specific Agency (SSA)
|
From page 246... ...
Cybersecurity Standards, Guidelines, and Frameworks As attention to grid cybersecurity increases, there has been an increase in cybersecurity standards, guidelines and frameworks. Many organizations are creating cybersecurity standards, including federal and state agencies and governments; manufacturers and vendors; certification and testing companies; professional organizations; international and domestic standards development organizations; and the broader security community.
|
From page 247... ...
. The NERC CIP standards are a prescriptive standard, as opposed to a performance-based standard, and are one of the most widely recognized cybersecurity standards impacting the grid.
|
From page 248... ...
The grid of the future is likely to have a much broader range of stakeholders that could impact grid cybersecurity and reliability, including the distribution infrastructure; commercial product developers and vendors, such as solar, wind, energy storage and other distributed energy and IoT manufacturers; the broader electric grid supply chain; aggregators; integrators; communications carriers; government entities that collect and manage utility cybersecurity data; and the end-of-the-line prosumers who invest in grid connected devices that rely on ICT.
|
From page 249... ...
It focuses on the implementation and management of cybersecurity practices associated with data, and IT and OT assets and the environments in which they operate. The model can be used to: • Strengthen an organization's cybersecurity capabilities; • Enable organizations to effectively and consistently evaluate and benchmark cybersecurity capabilities; • Share knowledge, best practices, and relevant references across organizations as a means to improve cybersecurity capabilities; and • Enable organizations to prioritize actions and investments to improve cybersecurity capabilities.
|
From page 250... ...
7628 Rev. 1: Guidelines for Smart Grid Cybersecurity, a three-volume report that presents an analytical framework for organizations to develop cybersecurity strategies for smart grid-related characteristics, risks, and vulnerabilities (Smart Grid Interoperability Panel-Smart Grid Cybersecurity Committee, 2014; Stouffer et al., 2015)
|
From page 251... ...
More sophisticated cybersecurity deployments have emerged in the ensuing years. A summary of best practices to deploy security technology associated with these systems was prepared in 2014 by the Smart Grid Cybersecurity Committee, part of the Smart Grid Interoperability Panel.
|
From page 252... ...
Design Principles for Cyber Resilience Design principles associated with technology architecture provide a valuable tool for defining and understanding the many complex interactions existing in present and future grids. Grid architecture's primary uses are to help manage complexity and risk; assist in communication among stakeholders around a shared vision of the future grid; identify and remove barriers and defining essential limits; identifying gaps in theory, technology, organization, regulation; and providing a framework for complex grid-related development activities.
|
From page 253... ...
. Such enhancements in this design principle would also allow for more effective red-teaming exercises, where a specialized team takes an adversarial approach to simulate an attack using realistic tools and techniques to gain access, and the ability to more comprehensively test ICT cybersecurity measures.
|
From page 254... ...
The trend for grid operations to be increasingly dependent on new sources of digitally communicated data will not change. These data sources are likely to provide benefits in efforts to detect cybersecurity events and incidents, but there may be a trade-off because these data source may require increased attention to IT-centric data security issues and also data privacy issues, particularly regarding energy usage and meter data, that will need to be addressed.
|
From page 255... ...
To conceptually interpret these alerts about the protected system, different types of information need to be correlated including but not limited to information related to the cyber and physical systems, information about vulnerabilities, information about the security tools and algorithms, and alerts generated by these tools. An important goal for alert correlation is to formally define the alert correlation framework with respect to the fusion and response techniques that are developed, in order to reduce false alerts, detect high-level patterns of attacks, increase the meaning of incidents, and predict the future steps of attacks by leveraging causal reasoning.
|
From page 256... ...
. A DOE grid modernization project launched in 2019 is exploring black start system recovery after simulated physical or cyber incidents on a small island with an isolated grid, and distributed energy resources and storage (DOE, 2019)
|
From page 257... ...
The majority of research funding for grid cybersecurity has been provided by DOE as the lead sector specific agency, with additional funding from DHS, NSF, DoD, DARPA, and NIST in related areas that often support and/or supplement DOE's research agenda. Electric grid owners and operators have agreements that facilitate sharing information about threats and defenses before, during and after incursions occur, and many peer organizations have agreements for mutual aid in the event of an attack.
|
From page 258... ...
There is an urgent need to enhance information sharing initiatives, and develop, implement, and find appropriate ways to pay for the needed protections.
|
From page 259... ...
2018. "Electric Grid Cybersecurity." September 4, R45312, by R
|
From page 260... ...
2010. "Smart Grid Privacy via Anonymization of Smart Metering Data." In IEEE Interna tional Conference on Smart Grid Communications.
|
From page 261... ...
2016. "Strategies, Protections, and Mitigations for the Electric Grid from Electromagnetic Pulse Effects." INL/EXT-15-35582.
|
From page 262... ...
2018. A review of standards with cybersecurity requirements for smart grid.
|
From page 263... ...
2014. "Guidelines for Smart Grid Cybersecurity." Interagency Report 7628 Rev.
|
From page 264... ...
Smart Grid Interoperability Panel-Smart Grid Cybersecurity Committee.
|
From page 265... ...
CREATING A MORE SECURE AND RESILIENT POWER SYSTEM 265 ANNEX 6.A: CYBERSECURITY JURISTICTIONS, CAPABILITY BASELINES, AND STANDARDS TABLE 6.A.1 Congressional Committees with Jurisdiction over Cybersecurity Key Subcommittees Addressing Congressional Committee or Caucus Cybersecurity Topics Relevant Agencies Senate -- Commerce, Science, and Subcommittee on Communications, Department of Commerce Transportation Technology, Innovation, and the Internet Department of Defense Subcommittee on Manufacturing, Trade, and Department of Energy Consumer Protection Department of Homeland Security Subcommittee on Security Department of Transportation Federal Communications Commission Transportation Security Administration Senate -- Homeland Security and Permanent Subcommittee on Investigations Central Intelligence Agency Governmental Affairs Department of Defense Department of Homeland Security National Security Agency Senate -- Energy and Natural Resources Subcommittee on Energy Department of Energy Department of the Interior House -- Homeland Security Subcommittee on Cybersecurity, Central Intelligence Agency Infrastructure Protection, and Innovation Department of Defense Department of Homeland Security National Security Agency House -- Energy and Commerce Subcommittee on Communications and Department of Commerce Technology Department of Energy Subcommittee on Consumer Protection and Federal Communications Commission Commerce Subcommittee on Energy House -- Permanent Select Committee Strategic Technologies and Advanced Central Intelligence Agency on Intelligence Research Subcommittee Department of Defense Counterterrorism, Counterintelligence, and Department of Homeland Security Counterproliferation (C3) Subcommittee National Security Agency Intelligence Modernization and Readiness Subcommittee Defense Intelligence and Warfighter Support Subcommittee House -- Oversight and Reform Subcommittee on Economic and Consumer Department of Commerce Policy Department of Defense Subcommittee on Government Operations Department of Homeland Security Subcommittee on National Security General Services Administration House -- Science, Space and Technology Subcommittee on Energy Department of Defense Subcommittee on Research and Technology Department of Energy House -- Transportation and Infrastructure Subcommittee on Aviation Department of Defense Subcommittee on Coast Guard and Maritime Department of Energy Transportation Department of Homeland Security Subcommittee on Economic Development, Department of Transportation Public Buildings, and Emergency General Services Administration Management Transportation Security Administration Subcommittee on Railroads, Pipelines, and Hazardous Materials Congressional Cybersecurity Caucus Department of Defense Department of Homeland Security
|
From page 266... ...
Smith, 2020, IoT Device Cybersecurity Capability Core Baseline, NIST IR 8259A, Gaithersburg, MD: National Institute of Standards and Technology, https://doi.org/10.6028/NIST.IR.8259a.
|
From page 267... ...
SP 800-53 Revision 4: Recom mended Security Controls for Federal Information Systems and Organizations • NISTIR 7628 Revision 1: Guidelines for Smart Grid Cyberse curity • NIST Framework for Improving Critical Infrastructure Cyber security (NIST Cybersecurity Framework) https://www.nist.gov/ Institute of Electrical and Electronics Engineers (IEEE)
|
From page 268... ...
Launched the Open Security Alliance in 2019 to develop and promote sets of open-source common content, code, tooling, patterns and practices to maximize interoperabil ity and the sharing of data among cybersecurity tools. https://www.oasis-open.org/ SunSpec Alliance Alliance of stakeholders to specify de facto standards -- information models, data formats, communication protocols, system interfaces, best practices and other artifacts -- that enable solar PV and energy stor age Distributed Energy power plants to interoperate transparently with system components, software applications, financial systems, and the Smart Grid.
|
Key Terms
This material may be derived from roughly machine-read images, and so is provided only to facilitate research.
More
information on Chapter Skim is available.