Price: $2,599.00

Length: 3 Days
Print Friendly, PDF & Email

Smart Grid Cybersecurity Training

The Smart Grid is one of the most significant applications of the Internet of Things (IoT).

Smart Grid systems are critical infrastructures that have complex architectures and critical devices. Unfortunately, the Smart Grid system may be vulnerable to cyber-attacks. It contains communication systems that can lead to national security deficits, disruption of public order, loss of life or large-scale economic damage when the confidentiality, integrity, or availability of the communication is broken down.

Cybersecurity professionals report four types of attacks to expect by the time the national Smart Grid is completed around 2035:

  • Device attack — aims to compromise (control) a grid device. It is often the initial step of a sophisticated attack, in which the compromised device will be used to launch further attacks such as data attacks and network availability attacks toward the smart grid or perform malicious physical actuation.
  • Data attack — attempts to adversarially insert, alter, or delete data or control commands in the network traffic so as to mislead the smart grid to make wrong decisions/actions.
  • Privacy attack — tries to learn/infer users’ private information by analyzing electricity usage data. In smart grid, electricity usage information is collected multiple times per hour by smart meters so as to obtain fine-grained information about the grid status and improve grid operation efficiency. The detailed information may easily reveal customers’ physical activities.
  • Network availability attack — takes place in the form of denial of service (DoS). Its objectives are to use up or overwhelm the communication and computational resources of the smart grid, resulting in delay or failure of data communication.

According to Electric Power Research Institute, cybersecurity of the system is one of the biggest issue of the Smart Grid. There are different agencies and organizations like IEEE Power & Energy Society (PES), IEC Smart Grid Standardization, National Institute of Standards and Technology (NIST) are involve and help in standardization and regulation for the smart grid.

Some of the promising ongoing research in different domains of security for smart grids include: Privacy-preserving smart metering with multiple data consumers, Ortho code privacy mechanism in Smart Grid using ring communication architecture and Security Threat Model.

Smart Grid Cybersecurity Training Course by Tonex

Smart Grid Cybersecurity Training course will cover the important aspects of cybersecurity in smart grids. The training consists of detailed information about smart power systems, recent technologies toward the smart grids, potential threats and vulnerabilities in smart grids and security assessment in smart grids in order to advance the knowledge of audience about the cybersecurity in smart grids. Upon the completion of the training, you will learn how to prevent the threats at the first hand. Moreover, you will be trained to identify the potential threats in smart grids, how to detect the threats in smart grid components such as SCADA systems, customer side, transmission and distribution levels.

Smart Grid Cybersecurity training course simply addresses the modern transmission and distribution system reliability and efficiency, how the generation plants can be faced with threats and necessity of secure electricity infrastructure. By taking this course, you will learn the digital information technology and control which will result in a high efficiency smart grid technology. Moreover, the cybersecurity problem will be formulated in smart grids and communication issues will be introduced. After introducing the threats, a proper action should be designed in response to a threat or recovery actions after a threat. This course will also help you to understand the concept of risk in smart grids, and effect of cascading failure in security, concept of actors, interactions between actors, security in communications and loss of integrity. The audience will also learn about:

  • Loss of confidentiality
  • Loss of availability in smart grids
  • Security modes in smart grid domains
  • Security in transmission level
  • Operation level security mode
  • Distribution SCADA
  • Distributed generation management
  • Outage management
  • Wide area measurement systems
  • Bulk storage management
  • ISO operation
  • Energy market
  • Wholesale market
  • Retail energy provider
  • Customer energy management
  • Generation and storage security

Finally, the Smart Grid Cybersecurity training course will introduce concept of high level security in smart grid which includes the introduction to security requirements, access control, accountability of smart grids, security assessments, configuration managements, incident response, media protection, personnel security, risk management, SCADA security management, and electric vehicle security. By the end of the training, you will be able to fully understand the security concepts in smart grids.

Fundamentals of Cyber Threat Hunting Training by Tonex

Audience

Smart Grid Cybersecurity training is a 3-day course designed for:

  • All individuals who need to understand the concept of security in smart grids.
  • Power utility engineers working on smart grid technology
  • Test engineers who need to learn the security issues in power grids
  • Power traders to understand the smart grid security systems.
  • Independent system operator personnel.
  • Faculty members from academic institutes who want to teach the smart grid security course.
  • Investors and contractors who plan to make investments in smart grids and renewable energy industry.
  • Professionals in other energy industries.
  • Electric utility personnel who recently started career in power systems or having new job responsibilities.
  • Technicians, operators, and maintenance personnel who are or will be working on smart grid related projects
  • Managers, accountants, and executives of smart grid industry.
  • Scientist or non-electrical engineers involved in smart grid related projects or proposals.

Training Objectives

Upon completion of the Smart Grid Cybersecurity training course, the attendees are able to:

  • Understand the smart grid components
  • Describe the trend toward smart grid technologies
  • Explain the necessity of security in smart grids
  • Understand the threats in smart grids
  • Explain the communication problems in smart grids
  • Understand the main components of cyber secured power grid
  • Initiate the cybersecurity analysis for designed smart grid
  • Understand the cascading failures in smart grids and consequences of risks
  • Set the boundaries for security architectures in smart grids
  • Differentiate the security issues in transmission, distribution and generation plants in smart grids
  • Understand the different energy management systems in different levels of smart grids
  • Explain the security assessment and incident response in smart grids
  • Describe the security concepts in SCADA systems, demand response, electric vehicle and metering infrastructures

Training Outline

The Smart Grid Cybersecurity training course consists of the following lessons, which can be revised and tailored to the client’s need.

Smart Grid Technology

  • What is the smart grid?
  • What are the main components of a smart grid
  • Renewable energy sources in smart grid
  • Effect of electric vehicles and energy storage
  • Wind farms
  • Solar panels
  • Definition of cyber
  • Five layers of cyber world
  • Why security of smart grid?
  • Vulnerabilities of smart grids
  • Security concepts in smart grids

Modernism In Electric Transmission And Distribution Systems

  • Reliability of distribution systems
  • Physical components of a grid
  • Generation plants
  • Transmission and distribution lines
  • Communication systems in smart grids
  • Meters (AC or DC)
  • Loads
  • Secure electricity infrastructure
  • Future demand growth effect
  • Concept of smart grids
  • Digital information technology
  • Digital control idea
  • High efficiency smart grid technologies
  • Dynamic optimization of smart grid operation
  • Concept of cyber security in smart grids
  • Automation and communication issues
  • Supporting the customers
  • Communications in smart grids
  • Recording, processing and exchanging data
  • Cascading failure example
  • Internet hacker attacks
  • Blackouts

Cybersecurity Context; Traditional Grid Security versus Smart Grid

  • One Way versus Two-Way Communications
  • Centralized and Distributed Generation Impact
  • Implementation of Sensors
  • Manual monitoring versus Self-Monitoring
  • Single Point of Failure and Self-Healing
  • Limited Control and Pervasive Control
  • CO2 Emission and Clean Energy Application
  • Smart Grid Concepts
  • Smart Grid Interoperability panel (SGIP)
  • Smart Grid Cybersecurity Committee (SGCC)
  • Information Technology Laboratory (ITL)
  • Advanced Metering Infrastructure Security (AMI)
  • New Challenging Threats in Smart Grids
  • Cybersecurity Standards for Smart Grids
  • Secure Content Automation Protocol (SCAP)
  • IEEE 1588
  • Security Architecture in Smart Grids

Reported Vulnerabilities of Smart Grids

  • Eavesdropping
  • Traffic Analysis
  • EM/RF Interception
  • Indiscretions by Personnel
  • Media Scavenging
  • Intercept/Alter
  • Repudiation
  • Masquerade
  • Bypassing Controls
  • Authorization Violation
  • Physical Intrusion
  • Man-in-the-Middle
  • Integrity violation
  • Theft
  • Virus/Worms
  • Trojan Horses
  • Trapdoor
  • Service Spoofing
  • Resource Exhaustion
  • Integrity Violations
  • Stolen/Altered
  • Insider Attacks
  • Cheating customers 

Smart Grid Architecture Model (SGAM)

  • Component Layer
  • Communication Layer
  • Information Layer
  • Function Layer
  • Business Layer
  • Generation Domain
  • Transmission Domain
  • Distribution Domain
  • Customer Domain
  • Intelligent Energy Management (IEM)
  • Smart Web Grids
  • Smart Low Voltage Girds
  • Smart Metering Rollout (AMIS) 

Information Assurance in Smart Grids

  • Confidentiality
  • Integrity
  • Availability
  • Accountability
  • Security concepts and smart grids 

Advanced Metering Infrastructure and Security Issues

  • Smart Meters
  • Customer Gateway
  • AMI Communication Network
  • AMI Head End
  • AMI Security Threats
  • Listening Issue
  • Modification
  • Interactions
  • Malicious code Planted in the System
  • Denial of Service
  • Insider Attacks
  • Unauthorized Access

Demand Response Security Concerns

  • Confidentiality of Demand Response
  • Authentication
  • Data Integrity
  • Accountability
  • Availability
  • Automated Demand Response security
  • Communication Infrastructure in Automated Demand Response
  • Open ADR and security concerns
  • Demand Response Automation Server
  • Demand Response for Residential Sites and Security Issues
  • Possible Attacks in Demand Response Events 

Smart Grid Domain Security

  • IEEE Standards for Smart Grid Security
  • IEEE 802.11
  • IEEE 802.15.4
  • IEEE 802.16 
  • Bluetooth and BLE/BT5.0
  • ZigBee
  • Z-Wave
  • Gateway Component
  • Wireless Neighborhood Area Network (WNAN)
  • Home Area Network (HAN)

Risk Assessment in Smart Grids

  • Safety Management
  • Cyber-Physical Risk Identification Step
  • Understanding Risks to Legacy Systems
  • Complex Organizational Dependencies
  • Cascading Effect
  • Fault-Tree Analysis
  • Event-Tree Analysis
  • FMEA
  • STAMP
  • HAZOP
  • Smart Grid Information Security (SGIS)
  • SGIS Risk Impact Level (SGIS-RIL) 

Security Architecture of Smart Grids

  • Hierarchical Security Architecture of Smart Grids
  • Management Layer
  • Supervisory Layer
  • Network Layer
  • Communication Layer
  • Control Layer
  • Physical Layer
  • Typical SCADA Network Levels
  • Conceptual Control System with Layering
  • Robust and Resilient Control
  • Secure Network Routing in Smart Grids
  • Management of Information Security
  • User Patching 

Smart Grid Conformity Testing

  • Certifying Smart Grid Components and Systems
  • Conformity Assessment
  • Relevant Standards in Conformity Testing
  • ISO 17025
  • ISO 9001
  • ISO Guide 65
  • Qualitative Approach
  • Categorical Approach
  • Quantitative 

SCADA System Security

  • Introduction to SCADA
  • Security Issues in SCADA
  • Public Information Availability
  • Platform Vulnerabilities
  • Network Configuration Vulnerabilities
  • Network Perimeter Vulnerabilities
  • DNP3 Threats

Plug-in Electric Vehicle (PEV) Security Issues

  • Introduction to PEV Security
  • Privacy of movement
  • Secure payment
  • Smart Metering
  • Critical Infrastructure and Physical Security
  • Communication issues in PEVs 

Generic Security Issues

  • Authentication and Authorizing Users
  • Maintenance Personnel to Smart Meters
  • Authentication and Authorized Users to outdoor field equipment
  • Serial SCADA Communications security
  • Protection of Routing Protocols
  • Insecure Firmware Updates
  • Side Channel Attacks
  • Key Management and Public Key Infrastructure
  • Patch Management

Components of A Cyber Secured Smart Grid

  • Prevention of threats
  • Identifying potential threats
  • Denial of service attacks
  • Detection of threats
  • Response to threats
  • Recovery from threats
  • Systematic documentation of vulnerabilities
  • Concept of risk in smart grid security
  • Cascading failures
  • Physical consequences of a risk
  • Assessing and quantifying the risks (Risk assessment)
  • Setting boundaries for security architecture
  • Concept of actors
  • Secure communication flows between actors
  • Interaction between actors in smart grids
  • Loss of confidentiality
  • Loss of integrity
  • Loss of availability

Cybersecurity Mode Level of a Smart Grid Domain

  • Transmission level
  • Measurement units
  • Transmission RTU
  • Operation
  • Distribution SCADA
  • Distributed generation management
  • Transmission engineering
  • Outage management system
  • Customer portals
  • Transmission SCADA
  • Wide area measurement systems
  • Energy management systems (EMS)
  • Bulk storage management
  • ISO operations
  • Metering
  • Bulk generation
  • Plant control
  • Marketing
  • Energy market
  • Wholesale market
  • Service providers
  • Pricing system
  • Retail energy provider
  • Third parties
  • Energy service providers
  • Customers

Customer Energy Management

  • Appliances and equipment
  • Meters
  • Electric vehicles
  • Generation and storages

High Level Cybersecurity Requirements

  • Objectives of cybersecurity
  • Confidentiality, integrity and availability impacts
  • Impact levels
  • Security requirements
  • Access control
  • Awareness and training
  • Audit and accountability
  • Security assessment
  • Configuration management
  • Incident response
  • Identification and management
  • Media protection
  • Smart grid development and maintenance
  • Personnel security
  • Environmental security
  • Security planning
  • Risk management
  • Smart grid information system security
  • Communication security
  • Security of metering infrastructures
  • Security of electric vehicles
  • Security of demand response
  • Security of SCADA systems

Hands-On, Workshops and Group Activities

  • Labs
  • Workshops
  • Group Activities 

Sample Workshops and Labs for Smart Grid Cybersecurity Training

  • Vulnerability Analysis in SCADA and Automation Systems of Power Grid
  • Quantifying the Impact of Successful Cyber Attacks on Power System Operation
  • Risk Modeling due to Cyber Attacks
  • Mitigation of Risks and Intrusion Detection Algorithms
  • Testbed and Validation with Power System Simulator
  • Smart Grid Modeling Demo in Power System Simulators

 

Smart Grid Cybersecurity Training

Request More Information

Please enter contact information followed by your questions, comments and/or request(s):
  • Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.

    * Indicates required fields

  • This field is for validation purposes and should be left unchanged.

Request More Information

  • Please complete the following form and a Tonex Training Specialist will contact you as soon as is possible.

    * Indicates required fields

  • This field is for validation purposes and should be left unchanged.