Upload
hackit-ukraine
View
133
Download
4
Embed Size (px)
Citation preview
Smart Grids are for
Dumb People
Over 40% of 2012 incidents were energy related as documented by DHS. The risks of a smart grid are undoubtedly higher than traditional systems security problems. - Robert Hinden
2015 cyber attack on Ukranian infrastructure leaves a quarter million people without power in dead of winter
International Bankers are pushing countries such as Ukraine to commit to investing in increased vulnerability of
critical infrastructure that can endanger millions of lives!
DISTRIBUTED RENEWABLES DON’T FIX THE PROBLEM
Resources such as wind and solar are highly variable in output and require compensation by FACTS and natural gas turbine backup.
FLEXIBLE AC TRANSMISSION
SYSTEMSCompensation opens up the grid to instabilities!
• Actuated Systems• Switched Impedance • Synchronous Condenser or
STATCOM• Stabilization • Power Flow Control• Phase Shift Transformer• Tap Changing Transformer• Dispatchable Generators
Wind causes severe frequency fluctuations both above and below 60 Hz as higher variability causes inadvertent energy exchange.
We are observing the gradual destabilization of the critical infrastructure that allows developed nations to have high standards of living.
We must return our grids to hydro, coal, and nuclear power.
3 Kinds of Attacks- Spoofing sensor data- Denial of service- Control Reconfiguration
Suppliers of PMUsSchweitzer Engineering LabsRelab Software - Arbiter Systems - GE Multilin - ABB - Siemens
Identifying Phase Measurement Units
Current Transformer(3 phase)
Potential Transformer (2 Phase)
US Deployment of PMUs (publically available information)
It is so easy to spoof the unauthenticated input of GPS systems, that it is used to hack PokeMon Go.
1.Identify local or regional PMUs
2.Determine required GPS spoofer power & deployment
3.Synchronize spoofer network to GPS satellite4.Begin broadcasting without tripping PLL5.Shift phase synchronization clocks as required
(1 degree per 46.1 us timeshift)
Frequency-Domain Analysis of Electromechanical Disturbances in Electric Power SystemsS. Mohapatra, H. Zhu, T.J. Overbye
Causing phase angle disturbances of ~25 degrees regionally would trigger significant contingent actions by smart grid systems.
What about the other attacks??- In general, the vast majority of SCADA based grid control
systems were not designed with security in mind. - Access points are ubiquitous. Once you are in the master-
slave network you can map and attack!
PROTOCOL PORTMODBUS 502DNP 19999DNP3 (IEEE815-2012) 20000FIELDBUS 1089-91ETHERNET/IP 2222ETHERCAT 34980PROFINET 34962-64GOOSE 102