SCADA/EMS security assessments and autonomous remedies

Summary form only given. This research addresses the study of SCADA system security in the context of the energy management system (EMS) for which the SCADA system provides vital data. We examine how compromised SCADA data might avoid detection by the state estimator, consider the impact of maliciously-modified SCADA data values on EMS functions, explain how the nature of compromised data reveals the likely intent of the alteration, what other EMS and/or SCADA components might have been compromised in order to produce or facilitate that altered data, and assess the impact of such compromises on power grid, SCADA, and EMS functions. Identified vulnerabilities are also assessed in terms of whether or not they are detected or obviated by existing EMS procedures. If not, we consider the effort required to provide such protections: could existing EMS procedures be slightly modified in order to address these identified risks and vulnerabilities, or is a completely new vulnerability detection and protection mechanism warranted? Finally, we introduce techniques and ideas that we are developing and evaluating by which components of EMS and SCADA systems can autonomously and robustly cooperate in order to detect, locate and determine the full extent of compromises in a SCADA system, and autonomously remediate - for example, through isolation - the affected components, within an appropriate time frame, and in a way that minimizes negative impact on the function and power system security of the electrical grid. While our assessments and techniques are not exhaustive for all SCADA/EMS functions and variants, we provide guidelines and examples by which power utility companies and control centers can provide their own self-assessments and gradually apply solutions, and ideas that vendors can incorporate into innovative devices for the future Smart Grid.