Cyber Attacks on Control Systems: Evaluating the Real Risk
An Interactive Workshop on an Innovative Approach
To Managing Your Cyber Risk
June 24, 2008
Albuquerque, New Mexico

Contact Bob Pollock (e-mail: ) for more information or to reserve your spot

Main Page
Agenda
Conference Hotel
Pictures
Posters
Presentations

Can you defend your cyber security decisions?

Control system owner/operators have called for a comprehensive approach to risk management that identifies the most urgent cyber vulnerabilities, attack consequences, and mitigation technologies so they can make defensible security investments. Sandia National Laboratories’ integrated risk management framework is a suite of tools being developed to enable users to proactively identify and address cyber vulnerabilities and assess risk before attacks occur.

Brian Stinar Demo'ing the VCSE

During this workshop, Sandia will exhibit a realistic scenario simulating a cyber attack that results in regional under-frequency load shedding. Participants will identify the most important impacts and assess mitigation measures that could prevent them. By evaluating risk using Sandia’s threat-to-consequence analysis framework (symbolically depicted below), participants will learn how the integrated tools could help them identify the most serious vulnerabilities in their own systems and apply security resources where they’re most effective.


Why participate?

Attendees will have the opportunity to help validate these tools by providing feedback throughout the workshop. Participants can identify gaps and application opportunities for these tools to help ensure their concerns are addressed in the ongoing critical infrastructure risk analysis.

These tools offer an integrated approach to threat discovery, impact analysis, consequence modeling, and vulnerability mitigation that will allow system operators to build a solid risk reduction strategy and create a business case for cyber security improvements.

Who should attend?

The workshop is directed toward a broad audience, including:
  • Asset owners from the electric, oil, and natural gas sectors
  • Control systems engineers
  • System operators
  • Information and security officers
  • Cyber security vendors
  • Cyber security experts from government, industry, and academia

Imagine…

that you’re the operations chief for an electric power independent system operator. One morning before work, you hear on the news that power in your area is seriously disrupted. Transport, communication, and finance systems are struggling. The problems began with a cyber attack on the regional Energy Management System—which is your responsibility.

Your phone begins ringing. It’s your CEO: “You’re on your way in, I hope. How bad is it? A message from your office says two newspapers and a TV station have called for interviews. You know the natural gas and water utilities will be contacting you shortly, along with FERC, DHS, and the regional reliability council. You’re momentarily reassured when your system administrator calls to tell you that “the EMS is up and we should be in the clear,” but that’s when you notice the traffic ahead of you is at a standstill—the traffic signals are out.

Is your system at risk for a scenario like this?

The workshop will take you through the scenario and offer a threat-to-consequence analysis of a potential attack. Sandia is building these tools to give system operators a firm grasp of security operations and their effectiveness.

Benefits

Participants in the Threat-to-Consequence workshop will:

· Learn about an approach to prioritizing vulnerabilities that provides guidance on which to address first

· Discover why some vulnerabilities are less serious than others

· Participate in analysis of a realistic scenario simulating regional load shedding caused by cyber attack and see effects, estimate impact, and assess consequences

· Watch demonstrations of tools that offer a wide and prioritized view of risk

· Witness devices that support OPSAID — and learn how to use this technology to secure legacy systems in the energy sector

· Engage other PCS stakeholders


Threat-to-Consequence Framework Tools

· Threat Discovery Tool — This analysis tool finds, from open sources, evidence that adversaries are interested in particular vulnerabilities and capable of attacking.
· Virtual Control System Environment (VSCE) — Given a plausible threat, this modeling tool simulates the control system environment and demonstrates attack and mitigation mechanisms without risking disruption to critical operations.
· Impact Analysis — Provides estimates of what an attack will do to an electric power system and characterizes and quantifies the resulting physical failures and electrical outages.
· Consequence Modeling — This capability uses stakeholder input, simulation, and analysis to determine the cascading consequences of a physical impact.
· Open PCS Architecture for Interoperable Design (OPSAID) — OPSAID-compliant devices support advanced cybersecurity protocols and interoperate with one another, regardless of the manufacturer.
· National SCADA Test Bed (NSTB) Support — This DOE-funded test bed offers a relevant testing environment for cyber security projects and a wide range of vendor hardware and software applications.



Roadmap Goals Addressed By Sandia Tools
The Sandia risk management tools directly address several industry priorities identified in the Roadmap to Secure Control Systems in the Energy Sector (http://www.controlsystemsroadmap.net) including:
· An environment for sharing information about real-world attacks and events
· A risk matrix that balances threat, vulnerability, and consequence
· Cyber attack and response simulators
· Risk assessment tools that include vulnerability assessment methodologies, frameworks for prioritizing control measures, and cost justification tools

Key Presentations
Presentations and demonstrations will be given by representatives from Sandia National Laboratories and industry members:

· Keynote Address: Progress in Securing Energy Sector Control Systems (Kevin Kolevar, Assistant DOE Secretary for Electricity Delivery and Energy Reliability)
· How the NSTB Fits into the U.S. Government’s Overall Plan (Hank Kenchington, DOE, NSTB Program Manager)
· Using the Threat-to-Consequence Framework to Mitigate Infrastructure Risk (Laurence Phillips, Sandia)
· The Scenario: One Command to Force Under-Frequency Load Shedding (Dennis Holstein and John Tengdin, OPUS Publishing)
· The Threat: Graph-Based Threat Concept Formation and Analysis (Dr. Rich Colbaugh, Institute for Complex Additive Systems Analysis)
· Local Effects: Demonstrations of PCS Cyber Attack and Mitigation Effects (Greg Conrad, Sandia)
· Impact and Consequence: Cyber Attack Impacts on Power Utilities and Their Customers (Dr.Jason Stamp, Sandia)




Sponsored by Hosted by