Applied Cyber Security and the Smart Grid: Implementing Security Controls into the Modern Power Infrastructure
By Eric D. Knapp and Raj Samani
5/5
()
About this ebook
Many people think of the Smart Grid as a power distribution group built on advanced smart metering—but that’s just one aspect of a much larger and more complex system. The "Smart Grid" requires new technologies throughout energy generation, transmission and distribution, and even the homes and businesses being served by the grid. This also represents new information paths between these new systems and services, all of which represents risk, requiring a more thorough approach to where and how cyber security controls are implemented.
This insight provides a detailed architecture of the entire Smart Grid, with recommended cyber security measures for everything from the supply chain to the consumer.
- Discover the potential of the Smart Grid
- Learn in depth about its systems
- See its vulnerabilities and how best to protect it
Eric D. Knapp
Eric Knapp is a globally recognized expert in industrial control systems cyber security and continues to drive the adoption of new security technology to promote safer and more reliable automation infrastructures. He first specialized in ICS cyber security while at Nitrosecurity, where he focused on threats against these environments. He was later responsible for the development and implementation of end-to-end ICS cyber security solutions for McAfee in his role as Global Director for Critical Infrastructure Markets. He is currently Director of Strategic Alliances for Wurldtech Security Technologies, where he continues to promote the advancement of embedded security technology to better protect SCADA, ICS and other connected, real-time devices. In addition to his work in information security, he is an award-winning author of fiction. He studied at the University of New Hampshire and the University of London.
Related to Applied Cyber Security and the Smart Grid
Related ebooks
Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems Rating: 0 out of 5 stars0 ratingsIndustrial Network Security, Second Edition Rating: 3 out of 5 stars3/5Securing the Cloud: Cloud Computer Security Techniques and Tactics Rating: 5 out of 5 stars5/5Securing the Internet of Things Rating: 5 out of 5 stars5/5Framework for SCADA Cybersecurity Rating: 5 out of 5 stars5/5Smart Grid Security: Innovative Solutions for a Modernized Grid Rating: 0 out of 5 stars0 ratingsIndustrial Automation and Control System Security Principles Rating: 4 out of 5 stars4/5Practical Industrial Cybersecurity: ICS, Industry 4.0, and IIoT Rating: 0 out of 5 stars0 ratingsNIST Cybersecurity Framework: A pocket guide Rating: 0 out of 5 stars0 ratingsApplied Network Security Rating: 0 out of 5 stars0 ratingsHardware Security: A Hands-on Learning Approach Rating: 0 out of 5 stars0 ratingsDesigning and Building Security Operations Center Rating: 3 out of 5 stars3/5Cyber Security: Essential principles to secure your organisation Rating: 0 out of 5 stars0 ratingsSeven Deadliest Network Attacks Rating: 3 out of 5 stars3/5Cellular Internet of Things: Technologies, Standards, and Performance Rating: 5 out of 5 stars5/5Embedded Systems Security: Practical Methods for Safe and Secure Software and Systems Development Rating: 5 out of 5 stars5/5Wireshark Network Security Rating: 3 out of 5 stars3/5Enterprise Security: A Data-Centric Approach to Securing the Enterprise Rating: 0 out of 5 stars0 ratingsWireless Networks for Industrial Automation, Fourth Edition Rating: 0 out of 5 stars0 ratingsSmart Cities Cybersecurity and Privacy Rating: 5 out of 5 stars5/5The Cybersecurity Mindset: Cultivating a Culture of Vigilance Rating: 0 out of 5 stars0 ratingsThe Cyber Security Handbook – Prepare for, respond to and recover from cyber attacks Rating: 0 out of 5 stars0 ratingsApplication of Big Data for National Security: A Practitioner’s Guide to Emerging Technologies Rating: 0 out of 5 stars0 ratingsSecuring Critical Infrastructures Rating: 0 out of 5 stars0 ratingsCommunication and Network Security: CISSP, #4 Rating: 0 out of 5 stars0 ratingsSecurity Technology Convergence Insights Rating: 0 out of 5 stars0 ratingsPractical Internet of Things Security Rating: 0 out of 5 stars0 ratings
Security For You
Make Your Smartphone 007 Smart Rating: 4 out of 5 stars4/5Mike Meyers CompTIA Security+ Certification Passport, Sixth Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5Cybersecurity For Dummies Rating: 4 out of 5 stars4/5IAPP CIPP / US Certified Information Privacy Professional Study Guide Rating: 0 out of 5 stars0 ratingsPractical Lock Picking: A Physical Penetration Tester's Training Guide Rating: 5 out of 5 stars5/5CompTIA Security+ Study Guide: Exam SY0-601 Rating: 5 out of 5 stars5/5Hacking For Dummies Rating: 4 out of 5 stars4/5Hacking : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Ethical Hacking Rating: 5 out of 5 stars5/5How to Become Anonymous, Secure and Free Online Rating: 5 out of 5 stars5/5CompTIA Network+ Review Guide: Exam N10-008 Rating: 0 out of 5 stars0 ratingsCodes and Ciphers - A History of Cryptography Rating: 4 out of 5 stars4/5How I Rob Banks: And Other Such Places Rating: 0 out of 5 stars0 ratingsSocial Engineering: The Science of Human Hacking Rating: 3 out of 5 stars3/5Ethical Hacking 101 - How to conduct professional pentestings in 21 days or less!: How to hack, #1 Rating: 5 out of 5 stars5/5Hands on Hacking: Become an Expert at Next Gen Penetration Testing and Purple Teaming Rating: 3 out of 5 stars3/5Remote/WebCam Notarization : Basic Understanding Rating: 3 out of 5 stars3/5CompTIA Network+ Certification Guide (Exam N10-008): Unleash your full potential as a Network Administrator (English Edition) Rating: 0 out of 5 stars0 ratingsWireless Hacking 101 Rating: 4 out of 5 stars4/5The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers Rating: 4 out of 5 stars4/5Cybersecurity: The Beginner's Guide: A comprehensive guide to getting started in cybersecurity Rating: 5 out of 5 stars5/5How to Hack Like a Pornstar Rating: 5 out of 5 stars5/5Tor and the Dark Art of Anonymity Rating: 5 out of 5 stars5/5Ultimate Guide for Being Anonymous: Hacking the Planet, #4 Rating: 5 out of 5 stars5/5The Cyber Attack Survival Manual: Tools for Surviving Everything from Identity Theft to the Digital Apocalypse Rating: 0 out of 5 stars0 ratingsNetwork+ Study Guide & Practice Exams Rating: 4 out of 5 stars4/5Mike Meyers' CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5
Reviews for Applied Cyber Security and the Smart Grid
1 rating0 reviews
Book preview
Applied Cyber Security and the Smart Grid - Eric D. Knapp
Research
Introduction
Buzzword bingo
• Book overview and key learning points
• Book audience
• Diagrams and figures
• The Smart Grid
• What’s in the book
• What’s NOT in the book
Book overview and key learning points
Cyber security is big business today. Smart Grid is big business today. Therefore let’s put the two together and write a book? Well, surely there will be some individuals that may make that assumption as to the motivation behind the publication of this book. The real motivation behind the development of this book is because this is a very real issue, and the failure to address the cyber security risk within the Grid may have serious repercussions for every single one of us.
Our intention of course is not to use FUD (Fear, Uncertainty, Doubt) as the business case for implementing cyber security measures to protect the Grid. However, there are potentially some very alarming ramifications should such measures fail to be implemented. This was highlighted with recent reports of stranded passengers on trains, traffic lights no longer working, and electric crematoriums shutting down with half-burnt bodies–only a small subset of the implications following recent power outages experienced at the end of July 2012 for almost 700 million Indian citizens.¹ This is of course refers to one of the world’s worst power blackouts, which affected 20 of the 28 Indian states. Almost three weeks after the failure of three of country’s five electricity grids, the government provided a report to investigate the cause of the failure.
Included in the report was a section that focused on cyber security, which stated that Grid disturbance could not have been caused by a cyber attack.
It does however acknowledge that the Grid could be impacted by cyber attacks in the future. The recognition of such an impact being caused by a cyber attack was also discussed in the United States, where at the same time the U.S. Cybersecurity Act was being debated:
"All one needs to do is look at what is going on in India today. There are no cyber problems there that I am aware of, but one-half of the country of India is without electricity today²" Senator Harry Reid, the Senate Majority Leader, said.
All of which leads us to the evolution to the modern grid, a world in which devices that are owned by end customers, Grid operators, and a multitude of other third parties are interconnected. Such devices have the potential of impacting the integrity and availability of the broader Grid unless appropriate controls are in place. Equally, the grid will process an unprecedented wealth of personal data, and so when we consider the potential security considerations of the Smart Grid, we must not lose sight of the privacy risks. To be clear, this is not an either or discussion. In other words, it is not a question of security or privacy, but the development of a Grid that considers both the security and privacy issues and implements controls to mitigate any risks.
Before the Smart Grid becomes ubiquitous, we have an opportunity to address these concerns by building controls into the design of such implementations. Unlike the world of cloud computing that is inundated with a plethora of standards resulting in confusion among customers and providers, operators have the opportunity to come out of recent disasters and provide confidence to their customers in their ability to provide a safe and secure service.
Book audience
As with the previous book, Industrial Network Security: Securing Critical Infrastructure Networks for Smart Grid, SCADA, and Other Industrial Control Systems, by one of this book’s authors, the goal here is to educate on concepts with just the right level of detail—enough to satisfy the more technical reader while keeping things simple enough to ensure that the important general concepts and ideas are not lost to those who are new to cyber security, the Grid, or