SlideShare une entreprise Scribd logo

Power station monitoring and cyber security

Thames Global Consultants
Thames Global Consultants
TechnologieBusiness
1  sur  16
Improving Power Plant Monitoring An essential step in improving power plant efficiency and operational performance
Trends for Equipment Monitoring For over a decade a wide range of equipment in power plants have been connected to specialist maintenance engineers at equipment suppliers by the Internet and other communication networks. Monitoring equipment located throughout the plant is linked to the power plant’s operating systems - continually monitoring the performance and status of the equipment.
Extract from GE Brochure of Power Plant Monitoring When equipment starts to deviate from normal and efficient operating parameters a warning will be displayed in the power plant’s control room – and in many cases an email or other alert containing data is dispatched to the appropriate maintenance staff [who may be working with the equipment suppliers]. The maintenance engineers and equipment suppliers could be based in different countries or other global regions.
These alerts could prompt immediate action and maintenance – which could avoid an unplanned outage of the equipment [and possibly the while plant]. These new systems have led to improvements in plant operational efficiency and performance – and should be considered as an essential component of a clean coal technology strategy.
Monitoring and IT Systems evolve New and evolving networks and software can allow far greater degrees of integration of: • Plant databases, • Real-time equipment operating performance data, • Enterprise social networks (including online chats and/or voice mail on desktop and mobile systems], • As well as many other bespoke features (such as specialist Apps).
An example of these new evolving systems is Chatter – developed by the IT company Salesforce.com These interactive systems can allow significant improvements in plant efficiency and operating performance. Chatter and other similar systems are being rapidly adopted by many thousands of companies each year. But linking all these features via the Internet also creates a new potential threat for power plant and grid system operators – Cyber Security.
Cyber Security A key issue for all power plants and grid systems
Hackers at work? Hackers can be based in any country. They can have several goals – such as causing malicious damage to computer systems or they attempt to steal valuable intellectual property [IP]. Are your plant and networks vulnerable to a cyber attack?
A computer virus attacked a turbine control system at a US power company when a technician unknowingly inserted an infected USB computer drive into the network, keeping a plant off-line for three weeks, according to a report posted on a US government website. The [US] Department of Homeland Security [DHS] report did not identify the plant but said criminal software, which is used to conduct financial crimes such as identity theft, was behind the incident. It was introduced by an employee of a third- party contractor that does business with the utility, according to the agency. October 2012 US Power Plant Incident
The DHS reported the incident on its website, which occurred in October 2012 - along with a second incident which involved a more sophisticated virus. This report was released to coincide with a high- profile cyber crime conference held in Miami [S4] to review emerging threats against power plants, water utilities and critical infrastructure. In addition to not identifying the plants, the DHS declined to say where they are located. The report did not say who the DHS believed was behind the sophisticated virus or if it was capable of sabotage. The DHS uses the term "sophisticated" to describe a wide variety of malicious software that is designed to do things besides commit routine cyber-crimes. They include viruses capable of espionage and sabotage.
It is worth noting that the infamous Stuxnet virus was delivered to its target in Iran via a USB drive. Attackers use that technique to place malicious software on computer systems that are "air gapped" or cut off from the public Internet.
Antiquated Software and Aging Systems Recent surveys have also highlighted the fact that many critical infrastructure control systems run on Windows XP and Windows 2000 - operating systems that were designed more than a decade ago. Some Internet-linked equipment still has no cyber protection at all. Many systems still have "auto run" features – which are enabled by default. This makes them an easy target for infection - because malicious software loads as soon as a USB is plugged into the system unless operators have changed that setting.
Shodan The search engine Shodan [Sentient Hyper- Optimized Data Access Network] has been developed to identify a huge range of devises linked to the web and their vulnerability See: http://www.shodanhq.com/
US To Take More Action Press Release from: [US] Federal Energy Regulatory Commission https://www.ferc.gov/ FERC Proposes to Adopt New Cyber Security Standards 18th April 2013 The Federal Energy Regulatory Commission (FERC) moved to strengthen the cyber security of the bulk electric system today with a proposed rule that would extend the scope of the systems that are protected by cyber security standards. The proposal, submitted in January 2013 by the North American Electric Reliability Corporation (NERC), constitutes version 5 of the Critical Infrastructure Protection Reliability Standards, or CIP standards. The proposal is intended to improve the security posture of responsible entities and represents an improvement in the CIP standards.
The proposal includes 12 requirements with new cyber security controls that address Electronic Security Perimeters, Systems Security Management, Incident Reporting and Response Planning, Recovery Plans for BES Cyber Systems, and Configuration Change Management and Vulnerability Assessments. It also would use a new, tiered approach to identifying and classifying bulk electric system cyber assets that is a step toward applying CIP protections more comprehensively to better assure protection of the bulk electric system. The Commission is seeking comment on certain language in the proposed CIP version 5 Standards to alleviate concerns regarding the potential ambiguity and, ultimately, enforceability of the proposed Standards. NERC is the FERC-certified Electric Reliability Organization for the bulk electric system. Comments on the proposed rule are due 60 days after publication in the Federal Register.
Are your power plants and networks safe?

Recommandé

Utilization of Encryption for Security in SCADA Networks
Utilization of Encryption for Security in SCADA NetworksUtilization of Encryption for Security in SCADA Networks
Utilization of Encryption for Security in SCADA NetworksInternational Journal of Engineering Inventions www.ijeijournal.com
 
Viewfinity Application Control and Monitoring 2015
Viewfinity Application Control and Monitoring 2015Viewfinity Application Control and Monitoring 2015
Viewfinity Application Control and Monitoring 2015Joseph Iannelli
 
Medical Device Cybersecurity : A Regulatory Perspective
Medical Device Cybersecurity : A Regulatory PerspectiveMedical Device Cybersecurity : A Regulatory Perspective
Medical Device Cybersecurity : A Regulatory PerspectiveJon Lendrum
 
IoT Threat Intel - Steppa
IoT Threat Intel - SteppaIoT Threat Intel - Steppa
IoT Threat Intel - SteppaSteppa Cyber Security
 
Critical Infrastructure Protection against targeted attacks on cyber-physical...
Critical Infrastructure Protection against targeted attacks on cyber-physical...Critical Infrastructure Protection against targeted attacks on cyber-physical...
Critical Infrastructure Protection against targeted attacks on cyber-physical...Enrique Martin
 
New technologies security threats (Brussels 2014)
New technologies security threats (Brussels 2014)New technologies security threats (Brussels 2014)
New technologies security threats (Brussels 2014)Alexey Kachalin
 
World best web apps security and Active detection of malicious link
World best web apps security and Active detection of malicious linkWorld best web apps security and Active detection of malicious link
World best web apps security and Active detection of malicious link임채호 박사님
 
CYBER THREAT ASSESSMENT
CYBER THREAT ASSESSMENTCYBER THREAT ASSESSMENT
CYBER THREAT ASSESSMENTLan & Wan Solutions
 

Recommandé

Utilization of Encryption for Security in SCADA Networks
Utilization of Encryption for Security in SCADA NetworksUtilization of Encryption for Security in SCADA Networks
Utilization of Encryption for Security in SCADA NetworksInternational Journal of Engineering Inventions www.ijeijournal.com
 
Viewfinity Application Control and Monitoring 2015
Viewfinity Application Control and Monitoring 2015Viewfinity Application Control and Monitoring 2015
Viewfinity Application Control and Monitoring 2015Joseph Iannelli
 
Medical Device Cybersecurity : A Regulatory Perspective
Medical Device Cybersecurity : A Regulatory PerspectiveMedical Device Cybersecurity : A Regulatory Perspective
Medical Device Cybersecurity : A Regulatory PerspectiveJon Lendrum
 
IoT Threat Intel - Steppa
IoT Threat Intel - SteppaIoT Threat Intel - Steppa
IoT Threat Intel - SteppaSteppa Cyber Security
 
Critical Infrastructure Protection against targeted attacks on cyber-physical...
Critical Infrastructure Protection against targeted attacks on cyber-physical...Critical Infrastructure Protection against targeted attacks on cyber-physical...
Critical Infrastructure Protection against targeted attacks on cyber-physical...Enrique Martin
 
New technologies security threats (Brussels 2014)
New technologies security threats (Brussels 2014)New technologies security threats (Brussels 2014)
New technologies security threats (Brussels 2014)Alexey Kachalin
 
World best web apps security and Active detection of malicious link
World best web apps security and Active detection of malicious linkWorld best web apps security and Active detection of malicious link
World best web apps security and Active detection of malicious link임채호 박사님
 
CYBER THREAT ASSESSMENT
CYBER THREAT ASSESSMENTCYBER THREAT ASSESSMENT
CYBER THREAT ASSESSMENTLan & Wan Solutions
 
Application security Best Practices Framework
Application security Best Practices FrameworkApplication security Best Practices Framework
Application security Best Practices FrameworkSujata Raskar
 
WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)
WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)
WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)ChristopherAntonius
 
Managing System Security
Managing System SecurityManaging System Security
Managing System SecurityPIREH
 
Wireless security trends
Wireless security trendsWireless security trends
Wireless security trendsAshmar Kalangottil
 
20170112 Working Group Assessment Mandate Presentation DRAFT V1[2]
20170112 Working Group Assessment Mandate Presentation DRAFT V1[2]20170112 Working Group Assessment Mandate Presentation DRAFT V1[2]
20170112 Working Group Assessment Mandate Presentation DRAFT V1[2]Walter Richard Sweeney
 
Securing Industrial Control Systems
Securing Industrial Control SystemsSecuring Industrial Control Systems
Securing Industrial Control SystemsEric Andresen
 
Security Issues in SCADA based Industrial Control Systems
Security Issues in SCADA based Industrial Control Systems Security Issues in SCADA based Industrial Control Systems
Security Issues in SCADA based Industrial Control Systems aswanthmrajeev112
 
386sum08ch8
386sum08ch8386sum08ch8
386sum08ch8virtualmemory
 
Securing information systems
Securing information systemsSecuring information systems
Securing information systemsProf. Othman Alsalloum
 
Analytics for Smart Grid Cyber security
Analytics for Smart Grid Cyber securityAnalytics for Smart Grid Cyber security
Analytics for Smart Grid Cyber securityBoston Global Forum
 
IRJET-Managing Security of Systems by Data Collection
IRJET-Managing Security of Systems by Data CollectionIRJET-Managing Security of Systems by Data Collection
IRJET-Managing Security of Systems by Data CollectionIRJET Journal
 
Healthcare_Security_White_Paper
Healthcare_Security_White_PaperHealthcare_Security_White_Paper
Healthcare_Security_White_PaperJames Maudlin
 
YUDU - Managing a Breach (LDSC Cyber Themed Evening)
YUDU - Managing a Breach (LDSC Cyber Themed Evening)YUDU - Managing a Breach (LDSC Cyber Themed Evening)
YUDU - Managing a Breach (LDSC Cyber Themed Evening)Tom Lejava
 
Back to the Office: Privacy and Security Solutions to Compliance Issues for 2...
Back to the Office: Privacy and Security Solutions to Compliance Issues for 2...Back to the Office: Privacy and Security Solutions to Compliance Issues for 2...
Back to the Office: Privacy and Security Solutions to Compliance Issues for 2...Aggregage
 
Presentation1 160729072733
Presentation1 160729072733Presentation1 160729072733
Presentation1 160729072733SIVA SASTHRI
 
Indexing Building Evaluation Criteria
Indexing Building Evaluation CriteriaIndexing Building Evaluation Criteria
Indexing Building Evaluation CriteriaIJERA Editor
 
Securing Industrial Control Systems - CornCON II: The Wrath Of Corn
Securing Industrial Control Systems - CornCON II: The Wrath Of CornSecuring Industrial Control Systems - CornCON II: The Wrath Of Corn
Securing Industrial Control Systems - CornCON II: The Wrath Of CornEric Andresen
 
Security and Control Issues in Information System
Security and Control Issues in Information SystemSecurity and Control Issues in Information System
Security and Control Issues in Information SystemDaryl Conson
 
SGSB Webcast 4: Smart Grid Security Standards in Mid 2010
SGSB Webcast 4: Smart Grid Security Standards in Mid 2010SGSB Webcast 4: Smart Grid Security Standards in Mid 2010
SGSB Webcast 4: Smart Grid Security Standards in Mid 2010Andy Bochman
 
SeaCat: and SDN End-to-end Application Containment ArchitecTure
SeaCat: and SDN End-to-end Application Containment ArchitecTureSeaCat: and SDN End-to-end Application Containment ArchitecTure
SeaCat: and SDN End-to-end Application Containment ArchitecTureUS-Ignite
 
Zigbee based parameter monitoring and controlling system for induction machine
Zigbee based parameter monitoring and controlling system for induction machineZigbee based parameter monitoring and controlling system for induction machine
Zigbee based parameter monitoring and controlling system for induction machineNaqeeb Ullah Kakar
 
Power plant parameters monitoring & controlling using x beezig bee
Power plant parameters monitoring & controlling using x beezig beePower plant parameters monitoring & controlling using x beezig bee
Power plant parameters monitoring & controlling using x beezig beePvrtechnologies Nellore
 

Contenu connexe

Tendances

Application security Best Practices Framework
Application security Best Practices FrameworkApplication security Best Practices Framework
Application security Best Practices FrameworkSujata Raskar
 
WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)
WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)
WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)ChristopherAntonius
 
Managing System Security
Managing System SecurityManaging System Security
Managing System SecurityPIREH
 
20170112 Working Group Assessment Mandate Presentation DRAFT V1[2]
20170112 Working Group Assessment Mandate Presentation DRAFT V1[2]20170112 Working Group Assessment Mandate Presentation DRAFT V1[2]
20170112 Working Group Assessment Mandate Presentation DRAFT V1[2]Walter Richard Sweeney
 
Securing Industrial Control Systems
Securing Industrial Control SystemsSecuring Industrial Control Systems
Securing Industrial Control SystemsEric Andresen
 
Security Issues in SCADA based Industrial Control Systems
Security Issues in SCADA based Industrial Control Systems Security Issues in SCADA based Industrial Control Systems
Security Issues in SCADA based Industrial Control Systems aswanthmrajeev112
 
Analytics for Smart Grid Cyber security
Analytics for Smart Grid Cyber securityAnalytics for Smart Grid Cyber security
Analytics for Smart Grid Cyber securityBoston Global Forum
 
IRJET-Managing Security of Systems by Data Collection
IRJET-Managing Security of Systems by Data CollectionIRJET-Managing Security of Systems by Data Collection
IRJET-Managing Security of Systems by Data CollectionIRJET Journal
 
Healthcare_Security_White_Paper
Healthcare_Security_White_PaperHealthcare_Security_White_Paper
Healthcare_Security_White_PaperJames Maudlin
 
YUDU - Managing a Breach (LDSC Cyber Themed Evening)
YUDU - Managing a Breach (LDSC Cyber Themed Evening)YUDU - Managing a Breach (LDSC Cyber Themed Evening)
YUDU - Managing a Breach (LDSC Cyber Themed Evening)Tom Lejava
 
Back to the Office: Privacy and Security Solutions to Compliance Issues for 2...
Back to the Office: Privacy and Security Solutions to Compliance Issues for 2...Back to the Office: Privacy and Security Solutions to Compliance Issues for 2...
Back to the Office: Privacy and Security Solutions to Compliance Issues for 2...Aggregage
 
Presentation1 160729072733
Presentation1 160729072733Presentation1 160729072733
Presentation1 160729072733SIVA SASTHRI
 
Indexing Building Evaluation Criteria
Indexing Building Evaluation CriteriaIndexing Building Evaluation Criteria
Indexing Building Evaluation CriteriaIJERA Editor
 
Securing Industrial Control Systems - CornCON II: The Wrath Of Corn
Securing Industrial Control Systems - CornCON II: The Wrath Of CornSecuring Industrial Control Systems - CornCON II: The Wrath Of Corn
Securing Industrial Control Systems - CornCON II: The Wrath Of CornEric Andresen
 
Security and Control Issues in Information System
Security and Control Issues in Information SystemSecurity and Control Issues in Information System
Security and Control Issues in Information SystemDaryl Conson
 
SGSB Webcast 4: Smart Grid Security Standards in Mid 2010
SGSB Webcast 4: Smart Grid Security Standards in Mid 2010SGSB Webcast 4: Smart Grid Security Standards in Mid 2010
SGSB Webcast 4: Smart Grid Security Standards in Mid 2010Andy Bochman
 
SeaCat: and SDN End-to-end Application Containment ArchitecTure
SeaCat: and SDN End-to-end Application Containment ArchitecTureSeaCat: and SDN End-to-end Application Containment ArchitecTure
SeaCat: and SDN End-to-end Application Containment ArchitecTureUS-Ignite
 

Tendances (20)

Application security Best Practices Framework
Application security Best Practices FrameworkApplication security Best Practices Framework
Application security Best Practices Framework
 
WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)
WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)
WHAT IS SOFTWARE ENGINEERING (CYBERSECURITY)
 
Managing System Security
Managing System SecurityManaging System Security
Managing System Security
 
Wireless security trends
Wireless security trendsWireless security trends
Wireless security trends
 
20170112 Working Group Assessment Mandate Presentation DRAFT V1[2]
20170112 Working Group Assessment Mandate Presentation DRAFT V1[2]20170112 Working Group Assessment Mandate Presentation DRAFT V1[2]
20170112 Working Group Assessment Mandate Presentation DRAFT V1[2]
 
Securing Industrial Control Systems
Securing Industrial Control SystemsSecuring Industrial Control Systems
Securing Industrial Control Systems
 
Security Issues in SCADA based Industrial Control Systems
Security Issues in SCADA based Industrial Control Systems Security Issues in SCADA based Industrial Control Systems
Security Issues in SCADA based Industrial Control Systems
 
386sum08ch8
386sum08ch8386sum08ch8
386sum08ch8
 
Securing information systems
Securing information systemsSecuring information systems
Securing information systems
 
Analytics for Smart Grid Cyber security
Analytics for Smart Grid Cyber securityAnalytics for Smart Grid Cyber security
Analytics for Smart Grid Cyber security
 
IRJET-Managing Security of Systems by Data Collection
IRJET-Managing Security of Systems by Data CollectionIRJET-Managing Security of Systems by Data Collection
IRJET-Managing Security of Systems by Data Collection
 
Healthcare_Security_White_Paper
Healthcare_Security_White_PaperHealthcare_Security_White_Paper
Healthcare_Security_White_Paper
 
YUDU - Managing a Breach (LDSC Cyber Themed Evening)
YUDU - Managing a Breach (LDSC Cyber Themed Evening)YUDU - Managing a Breach (LDSC Cyber Themed Evening)
YUDU - Managing a Breach (LDSC Cyber Themed Evening)
 
Back to the Office: Privacy and Security Solutions to Compliance Issues for 2...
Back to the Office: Privacy and Security Solutions to Compliance Issues for 2...Back to the Office: Privacy and Security Solutions to Compliance Issues for 2...
Back to the Office: Privacy and Security Solutions to Compliance Issues for 2...
 
Presentation1 160729072733
Presentation1 160729072733Presentation1 160729072733
Presentation1 160729072733
 
Indexing Building Evaluation Criteria
Indexing Building Evaluation CriteriaIndexing Building Evaluation Criteria
Indexing Building Evaluation Criteria
 
Securing Industrial Control Systems - CornCON II: The Wrath Of Corn
Securing Industrial Control Systems - CornCON II: The Wrath Of CornSecuring Industrial Control Systems - CornCON II: The Wrath Of Corn
Securing Industrial Control Systems - CornCON II: The Wrath Of Corn
 
Security and Control Issues in Information System
Security and Control Issues in Information SystemSecurity and Control Issues in Information System
Security and Control Issues in Information System
 
SGSB Webcast 4: Smart Grid Security Standards in Mid 2010
SGSB Webcast 4: Smart Grid Security Standards in Mid 2010SGSB Webcast 4: Smart Grid Security Standards in Mid 2010
SGSB Webcast 4: Smart Grid Security Standards in Mid 2010
 
SeaCat: and SDN End-to-end Application Containment ArchitecTure
SeaCat: and SDN End-to-end Application Containment ArchitecTureSeaCat: and SDN End-to-end Application Containment ArchitecTure
SeaCat: and SDN End-to-end Application Containment ArchitecTure
 

En vedette

Zigbee based parameter monitoring and controlling system for induction machine
Zigbee based parameter monitoring and controlling system for induction machineZigbee based parameter monitoring and controlling system for induction machine
Zigbee based parameter monitoring and controlling system for induction machineNaqeeb Ullah Kakar
 
Power plant parameters monitoring & controlling using x beezig bee
Power plant parameters monitoring & controlling using x beezig beePower plant parameters monitoring & controlling using x beezig bee
Power plant parameters monitoring & controlling using x beezig beePvrtechnologies Nellore
 
Bi directional speed control of dc motor and stepper motor through mat lab us...
Bi directional speed control of dc motor and stepper motor through mat lab us...Bi directional speed control of dc motor and stepper motor through mat lab us...
Bi directional speed control of dc motor and stepper motor through mat lab us...eSAT Journals
 
Improving Power Plant Performance & Safety-David Orme, Ranger Steel Inc.
Improving Power Plant Performance & Safety-David Orme, Ranger Steel Inc. Improving Power Plant Performance & Safety-David Orme, Ranger Steel Inc.
Improving Power Plant Performance & Safety-David Orme, Ranger Steel Inc. Energy Network marcus evans
 
Nokia_Sub-station_Automation_White_Paper_EN
Nokia_Sub-station_Automation_White_Paper_ENNokia_Sub-station_Automation_White_Paper_EN
Nokia_Sub-station_Automation_White_Paper_ENJuan Boggiano
 
Presentation on electrical and automation system of cgl plant (CRM-2) JSW KR.
Presentation on electrical and automation system of cgl plant (CRM-2) JSW KR.Presentation on electrical and automation system of cgl plant (CRM-2) JSW KR.
Presentation on electrical and automation system of cgl plant (CRM-2) JSW KR.neeraj mishra
 
Voltage & frequency monitoring through lcd
Voltage & frequency monitoring through lcdVoltage & frequency monitoring through lcd
Voltage & frequency monitoring through lcdHariKishore Karanapu
 
Power Plant Performance Monitoring and Trend Analysis
Power Plant Performance Monitoring and Trend AnalysisPower Plant Performance Monitoring and Trend Analysis
Power Plant Performance Monitoring and Trend AnalysisMd. Moynul Islam
 
Substation monitoring1
Substation monitoring1Substation monitoring1
Substation monitoring1buckky
 
Using Kittiwake Oil Test Center in Oil Analysis Laboratory
Using Kittiwake Oil Test Center in Oil Analysis LaboratoryUsing Kittiwake Oil Test Center in Oil Analysis Laboratory
Using Kittiwake Oil Test Center in Oil Analysis LaboratoryMd. Moynul Islam
 
BHELreport
BHELreportBHELreport
BHELreportVinay R
 
Automation- Metering, Sub Station & Industrial Automation
Automation- Metering, Sub Station & Industrial AutomationAutomation- Metering, Sub Station & Industrial Automation
Automation- Metering, Sub Station & Industrial AutomationEPC Solutions LLP
 
Power system automation
Power system automationPower system automation
Power system automationGuider Lee
 
SCADA PROJECTS ABSTRACT-Scada for power station substation monitoring and aut...
SCADA PROJECTS ABSTRACT-Scada for power station substation monitoring and aut...SCADA PROJECTS ABSTRACT-Scada for power station substation monitoring and aut...
SCADA PROJECTS ABSTRACT-Scada for power station substation monitoring and aut...ASHOKKUMAR RAMAR
 
slide on stepper motor
slide on stepper motorslide on stepper motor
slide on stepper motorSamikshya Kar
 
Steper Motor Control Through Wireless
Steper Motor Control Through WirelessSteper Motor Control Through Wireless
Steper Motor Control Through WirelessPawan Bahuguna
 
AUTOMATIC IRRIGATION SYSTEM USING ARDUINO UNO
AUTOMATIC IRRIGATION SYSTEM USING ARDUINO UNOAUTOMATIC IRRIGATION SYSTEM USING ARDUINO UNO
AUTOMATIC IRRIGATION SYSTEM USING ARDUINO UNORizki Verdian
 
automatic plant irrigation using aurdino and gsm technology
automatic plant irrigation using aurdino and gsm technologyautomatic plant irrigation using aurdino and gsm technology
automatic plant irrigation using aurdino and gsm technologythamil arasan
 

En vedette (20)

Zigbee based parameter monitoring and controlling system for induction machine
Zigbee based parameter monitoring and controlling system for induction machineZigbee based parameter monitoring and controlling system for induction machine
Zigbee based parameter monitoring and controlling system for induction machine
 
Power plant parameters monitoring & controlling using x beezig bee
Power plant parameters monitoring & controlling using x beezig beePower plant parameters monitoring & controlling using x beezig bee
Power plant parameters monitoring & controlling using x beezig bee
 
Bi directional speed control of dc motor and stepper motor through mat lab us...
Bi directional speed control of dc motor and stepper motor through mat lab us...Bi directional speed control of dc motor and stepper motor through mat lab us...
Bi directional speed control of dc motor and stepper motor through mat lab us...
 
Improving Power Plant Performance & Safety-David Orme, Ranger Steel Inc.
Improving Power Plant Performance & Safety-David Orme, Ranger Steel Inc. Improving Power Plant Performance & Safety-David Orme, Ranger Steel Inc.
Improving Power Plant Performance & Safety-David Orme, Ranger Steel Inc.
 
Nokia_Sub-station_Automation_White_Paper_EN
Nokia_Sub-station_Automation_White_Paper_ENNokia_Sub-station_Automation_White_Paper_EN
Nokia_Sub-station_Automation_White_Paper_EN
 
Presentation on electrical and automation system of cgl plant (CRM-2) JSW KR.
Presentation on electrical and automation system of cgl plant (CRM-2) JSW KR.Presentation on electrical and automation system of cgl plant (CRM-2) JSW KR.
Presentation on electrical and automation system of cgl plant (CRM-2) JSW KR.
 
Voltage & frequency monitoring through lcd
Voltage & frequency monitoring through lcdVoltage & frequency monitoring through lcd
Voltage & frequency monitoring through lcd
 
Power Plant Performance Monitoring and Trend Analysis
Power Plant Performance Monitoring and Trend AnalysisPower Plant Performance Monitoring and Trend Analysis
Power Plant Performance Monitoring and Trend Analysis
 
Substation monitoring1
Substation monitoring1Substation monitoring1
Substation monitoring1
 
Using Kittiwake Oil Test Center in Oil Analysis Laboratory
Using Kittiwake Oil Test Center in Oil Analysis LaboratoryUsing Kittiwake Oil Test Center in Oil Analysis Laboratory
Using Kittiwake Oil Test Center in Oil Analysis Laboratory
 
BHELreport
BHELreportBHELreport
BHELreport
 
Automation- Metering, Sub Station & Industrial Automation
Automation- Metering, Sub Station & Industrial AutomationAutomation- Metering, Sub Station & Industrial Automation
Automation- Metering, Sub Station & Industrial Automation
 
Power system automation
Power system automationPower system automation
Power system automation
 
SCADA PROJECTS ABSTRACT-Scada for power station substation monitoring and aut...
SCADA PROJECTS ABSTRACT-Scada for power station substation monitoring and aut...SCADA PROJECTS ABSTRACT-Scada for power station substation monitoring and aut...
SCADA PROJECTS ABSTRACT-Scada for power station substation monitoring and aut...
 
Stepper motor
Stepper motorStepper motor
Stepper motor
 
Stepper motor
Stepper motorStepper motor
Stepper motor
 
slide on stepper motor
slide on stepper motorslide on stepper motor
slide on stepper motor
 
Steper Motor Control Through Wireless
Steper Motor Control Through WirelessSteper Motor Control Through Wireless
Steper Motor Control Through Wireless
 
AUTOMATIC IRRIGATION SYSTEM USING ARDUINO UNO
AUTOMATIC IRRIGATION SYSTEM USING ARDUINO UNOAUTOMATIC IRRIGATION SYSTEM USING ARDUINO UNO
AUTOMATIC IRRIGATION SYSTEM USING ARDUINO UNO
 
automatic plant irrigation using aurdino and gsm technology
automatic plant irrigation using aurdino and gsm technologyautomatic plant irrigation using aurdino and gsm technology
automatic plant irrigation using aurdino and gsm technology
 

Similaire à Power station monitoring and cyber security

Standards based security for energy utilities
Standards based security for energy utilitiesStandards based security for energy utilities
Standards based security for energy utilitiesNirmal Thaliyil
 
Encryption Security in SCADA Networks
Encryption Security in SCADA NetworksEncryption Security in SCADA Networks
Encryption Security in SCADA NetworksIJRES Journal
 
How Test Labs Reduce Cyber Security Threats to Industrial Control Systemse cy...
How Test Labs Reduce Cyber Security Threats to Industrial Control Systemse cy...How Test Labs Reduce Cyber Security Threats to Industrial Control Systemse cy...
How Test Labs Reduce Cyber Security Threats to Industrial Control Systemse cy...Schneider Electric
 
Cyber security white paper final PMD 12_28_16
Cyber security white paper final PMD 12_28_16Cyber security white paper final PMD 12_28_16
Cyber security white paper final PMD 12_28_16Dave Darnell
 
Include at least 250 words in your posting and at least 250 words in
Include at least 250 words in your posting and at least 250 words inInclude at least 250 words in your posting and at least 250 words in
Include at least 250 words in your posting and at least 250 words inmaribethy2y
 
Practical analysis of the cybersecurity of European smart grids
Practical analysis of the cybersecurity of European smart gridsPractical analysis of the cybersecurity of European smart grids
Practical analysis of the cybersecurity of European smart gridsSergey Gordeychik
 
Powering up the shocking truth about cyber security in the energy industry - ...
Powering up the shocking truth about cyber security in the energy industry - ...Powering up the shocking truth about cyber security in the energy industry - ...
Powering up the shocking truth about cyber security in the energy industry - ...online Marketing
 
Cyber-Defensive Architecture for Networked Industrial Control Systems
Cyber-Defensive Architecture for Networked Industrial Control SystemsCyber-Defensive Architecture for Networked Industrial Control Systems
Cyber-Defensive Architecture for Networked Industrial Control SystemsIJEACS
 
Understanding Cybersecurity in Medical Devices and Applications
Understanding Cybersecurity in Medical Devices and ApplicationsUnderstanding Cybersecurity in Medical Devices and Applications
Understanding Cybersecurity in Medical Devices and ApplicationsEMMAIntl
 
Internet of Things Security - Trust in the supply chain
Internet of Things Security - Trust in the supply chainInternet of Things Security - Trust in the supply chain
Internet of Things Security - Trust in the supply chainDuncan Purves
 
Computer Network Security
Computer Network SecurityComputer Network Security
Computer Network SecuritySachithra Gayan
 
Capstone Team Report -The Vicious Circle of Smart Grid Security
Capstone Team Report -The Vicious Circle of Smart Grid SecurityCapstone Team Report -The Vicious Circle of Smart Grid Security
Capstone Team Report -The Vicious Circle of Smart Grid Securityreuben_mathew
 
Cybersecurity Presentation at WVONGA spring meeting 2018
Cybersecurity Presentation at WVONGA spring meeting 2018Cybersecurity Presentation at WVONGA spring meeting 2018
Cybersecurity Presentation at WVONGA spring meeting 2018Jack Shaffer
 
Dr Dev Kambhampati | Electric Utilities Situational Awareness
Dr Dev Kambhampati | Electric Utilities Situational AwarenessDr Dev Kambhampati | Electric Utilities Situational Awareness
Dr Dev Kambhampati | Electric Utilities Situational AwarenessDr Dev Kambhampati
 
NIST Guide- Situational Awareness for Electric Utilities
NIST Guide- Situational Awareness for Electric UtilitiesNIST Guide- Situational Awareness for Electric Utilities
NIST Guide- Situational Awareness for Electric UtilitiesDr Dev Kambhampati
 
Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices IJECEIAES
 
Is Your Network Ready for the Age of IoT?
Is Your Network Ready for the Age of IoT?Is Your Network Ready for the Age of IoT?
Is Your Network Ready for the Age of IoT?GENIANS, INC.
 
DHS ICS Security Presentation
DHS ICS Security PresentationDHS ICS Security Presentation
DHS ICS Security Presentationguest85a34f
 
Webhook Support for Alert Policies
Webhook Support for Alert PoliciesWebhook Support for Alert Policies
Webhook Support for Alert PoliciesIRJET Journal
 

Similaire à Power station monitoring and cyber security (20)

Standards based security for energy utilities
Standards based security for energy utilitiesStandards based security for energy utilities
Standards based security for energy utilities
 
Encryption Security in SCADA Networks
Encryption Security in SCADA NetworksEncryption Security in SCADA Networks
Encryption Security in SCADA Networks
 
How Test Labs Reduce Cyber Security Threats to Industrial Control Systemse cy...
How Test Labs Reduce Cyber Security Threats to Industrial Control Systemse cy...How Test Labs Reduce Cyber Security Threats to Industrial Control Systemse cy...
How Test Labs Reduce Cyber Security Threats to Industrial Control Systemse cy...
 
Cyber security white paper final PMD 12_28_16
Cyber security white paper final PMD 12_28_16Cyber security white paper final PMD 12_28_16
Cyber security white paper final PMD 12_28_16
 
Include at least 250 words in your posting and at least 250 words in
Include at least 250 words in your posting and at least 250 words inInclude at least 250 words in your posting and at least 250 words in
Include at least 250 words in your posting and at least 250 words in
 
Practical analysis of the cybersecurity of European smart grids
Practical analysis of the cybersecurity of European smart gridsPractical analysis of the cybersecurity of European smart grids
Practical analysis of the cybersecurity of European smart grids
 
Powering up the shocking truth about cyber security in the energy industry - ...
Powering up the shocking truth about cyber security in the energy industry - ...Powering up the shocking truth about cyber security in the energy industry - ...
Powering up the shocking truth about cyber security in the energy industry - ...
 
N018138696
N018138696N018138696
N018138696
 
Cyber-Defensive Architecture for Networked Industrial Control Systems
Cyber-Defensive Architecture for Networked Industrial Control SystemsCyber-Defensive Architecture for Networked Industrial Control Systems
Cyber-Defensive Architecture for Networked Industrial Control Systems
 
Understanding Cybersecurity in Medical Devices and Applications
Understanding Cybersecurity in Medical Devices and ApplicationsUnderstanding Cybersecurity in Medical Devices and Applications
Understanding Cybersecurity in Medical Devices and Applications
 
Internet of Things Security - Trust in the supply chain
Internet of Things Security - Trust in the supply chainInternet of Things Security - Trust in the supply chain
Internet of Things Security - Trust in the supply chain
 
Computer Network Security
Computer Network SecurityComputer Network Security
Computer Network Security
 
Capstone Team Report -The Vicious Circle of Smart Grid Security
Capstone Team Report -The Vicious Circle of Smart Grid SecurityCapstone Team Report -The Vicious Circle of Smart Grid Security
Capstone Team Report -The Vicious Circle of Smart Grid Security
 
Cybersecurity Presentation at WVONGA spring meeting 2018
Cybersecurity Presentation at WVONGA spring meeting 2018Cybersecurity Presentation at WVONGA spring meeting 2018
Cybersecurity Presentation at WVONGA spring meeting 2018
 
Dr Dev Kambhampati | Electric Utilities Situational Awareness
Dr Dev Kambhampati | Electric Utilities Situational AwarenessDr Dev Kambhampati | Electric Utilities Situational Awareness
Dr Dev Kambhampati | Electric Utilities Situational Awareness
 
NIST Guide- Situational Awareness for Electric Utilities
NIST Guide- Situational Awareness for Electric UtilitiesNIST Guide- Situational Awareness for Electric Utilities
NIST Guide- Situational Awareness for Electric Utilities
 
Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices Augmentation of a SCADA based firewall against foreign hacking devices
Augmentation of a SCADA based firewall against foreign hacking devices
 
Is Your Network Ready for the Age of IoT?
Is Your Network Ready for the Age of IoT?Is Your Network Ready for the Age of IoT?
Is Your Network Ready for the Age of IoT?
 
DHS ICS Security Presentation
DHS ICS Security PresentationDHS ICS Security Presentation
DHS ICS Security Presentation
 
Webhook Support for Alert Policies
Webhook Support for Alert PoliciesWebhook Support for Alert Policies
Webhook Support for Alert Policies
 

Dernier

[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontologyjohnbeverley2021
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 

Dernier (20)

[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 

Power station monitoring and cyber security

  • 1. Improving Power Plant Monitoring An essential step in improving power plant efficiency and operational performance
  • 2. Trends for Equipment Monitoring For over a decade a wide range of equipment in power plants have been connected to specialist maintenance engineers at equipment suppliers by the Internet and other communication networks. Monitoring equipment located throughout the plant is linked to the power plant’s operating systems - continually monitoring the performance and status of the equipment.
  • 3. Extract from GE Brochure of Power Plant Monitoring When equipment starts to deviate from normal and efficient operating parameters a warning will be displayed in the power plant’s control room – and in many cases an email or other alert containing data is dispatched to the appropriate maintenance staff [who may be working with the equipment suppliers]. The maintenance engineers and equipment suppliers could be based in different countries or other global regions.
  • 4. These alerts could prompt immediate action and maintenance – which could avoid an unplanned outage of the equipment [and possibly the while plant]. These new systems have led to improvements in plant operational efficiency and performance – and should be considered as an essential component of a clean coal technology strategy.
  • 5. Monitoring and IT Systems evolve New and evolving networks and software can allow far greater degrees of integration of: • Plant databases, • Real-time equipment operating performance data, • Enterprise social networks (including online chats and/or voice mail on desktop and mobile systems], • As well as many other bespoke features (such as specialist Apps).
  • 6. An example of these new evolving systems is Chatter – developed by the IT company Salesforce.com These interactive systems can allow significant improvements in plant efficiency and operating performance. Chatter and other similar systems are being rapidly adopted by many thousands of companies each year. But linking all these features via the Internet also creates a new potential threat for power plant and grid system operators – Cyber Security.
  • 7. Cyber Security A key issue for all power plants and grid systems
  • 8. Hackers at work? Hackers can be based in any country. They can have several goals – such as causing malicious damage to computer systems or they attempt to steal valuable intellectual property [IP]. Are your plant and networks vulnerable to a cyber attack?
  • 9. A computer virus attacked a turbine control system at a US power company when a technician unknowingly inserted an infected USB computer drive into the network, keeping a plant off-line for three weeks, according to a report posted on a US government website. The [US] Department of Homeland Security [DHS] report did not identify the plant but said criminal software, which is used to conduct financial crimes such as identity theft, was behind the incident. It was introduced by an employee of a third- party contractor that does business with the utility, according to the agency. October 2012 US Power Plant Incident
  • 10. The DHS reported the incident on its website, which occurred in October 2012 - along with a second incident which involved a more sophisticated virus. This report was released to coincide with a high- profile cyber crime conference held in Miami [S4] to review emerging threats against power plants, water utilities and critical infrastructure. In addition to not identifying the plants, the DHS declined to say where they are located. The report did not say who the DHS believed was behind the sophisticated virus or if it was capable of sabotage. The DHS uses the term "sophisticated" to describe a wide variety of malicious software that is designed to do things besides commit routine cyber-crimes. They include viruses capable of espionage and sabotage.
  • 11. It is worth noting that the infamous Stuxnet virus was delivered to its target in Iran via a USB drive. Attackers use that technique to place malicious software on computer systems that are "air gapped" or cut off from the public Internet.
  • 12. Antiquated Software and Aging Systems Recent surveys have also highlighted the fact that many critical infrastructure control systems run on Windows XP and Windows 2000 - operating systems that were designed more than a decade ago. Some Internet-linked equipment still has no cyber protection at all. Many systems still have "auto run" features – which are enabled by default. This makes them an easy target for infection - because malicious software loads as soon as a USB is plugged into the system unless operators have changed that setting.
  • 13. Shodan The search engine Shodan [Sentient Hyper- Optimized Data Access Network] has been developed to identify a huge range of devises linked to the web and their vulnerability See: http://www.shodanhq.com/
  • 14. US To Take More Action Press Release from: [US] Federal Energy Regulatory Commission https://www.ferc.gov/ FERC Proposes to Adopt New Cyber Security Standards 18th April 2013 The Federal Energy Regulatory Commission (FERC) moved to strengthen the cyber security of the bulk electric system today with a proposed rule that would extend the scope of the systems that are protected by cyber security standards. The proposal, submitted in January 2013 by the North American Electric Reliability Corporation (NERC), constitutes version 5 of the Critical Infrastructure Protection Reliability Standards, or CIP standards. The proposal is intended to improve the security posture of responsible entities and represents an improvement in the CIP standards.
  • 15. The proposal includes 12 requirements with new cyber security controls that address Electronic Security Perimeters, Systems Security Management, Incident Reporting and Response Planning, Recovery Plans for BES Cyber Systems, and Configuration Change Management and Vulnerability Assessments. It also would use a new, tiered approach to identifying and classifying bulk electric system cyber assets that is a step toward applying CIP protections more comprehensively to better assure protection of the bulk electric system. The Commission is seeking comment on certain language in the proposed CIP version 5 Standards to alleviate concerns regarding the potential ambiguity and, ultimately, enforceability of the proposed Standards. NERC is the FERC-certified Electric Reliability Organization for the bulk electric system. Comments on the proposed rule are due 60 days after publication in the Federal Register.
  • 16. Are your power plants and networks safe?