SMART GRID DEVICES SECURITY CERTIFICATION ESMIG meeting, Brussels, 26 March 2015 SMART GRID DEVICES SECURITY CERTIFICATION Konstantinos Moulinos Information Security Expert ENISA
ENISA activities Mobilising Communities Policy Implementation Recommendations Mobilising Communities Think Tank Recommendations// deliverables.. Link to the enisa website Community Building Art 14 Requests Financial ISACs NIS Platform Cyber Security Coordination Group Legislation Hands on Cyber exercises CERT training Hands on
Workshop on certification of smart grid components 27th of June 2012, Brussels. In cooperation with EC-DG CONNECT. Around 60 participants from different domains. ENISA Study on SG security, 2012. 10 Recommendations “Both the EC and the MS competent authorities should promote the development of security certification schemes for components, products and organisational security.”
Aim and Objectives of the workshop Follow up the recommendation of the study. Support the MS in better understanding the challenges of the security certification process. Contribute in the harmonization of different certification policies. Invite MS to present their national certification schemes and private sector to present their views on the matter. Debate about the possible steps to take, at national and EU level, to speed up the secure introduction of Smart Grids.
Key findings (1/2) Need for a certification scheme for SG security personnel. Need a certification scheme for the whole grid, not only for the components. Development of minimum security requirements (protection profiles) for other than Smart meters SG devices. New SG security certification schemes are on the way.
Key findings (2/2) Need to assess the criticality of the different SG parts and apply different assurance techniques based on the criticality. M490: a promising initiative towards market harmonization and interoperability. Focus on the whole life-cycle not only on the product itself Product development process Expected security quality level Functionality Implementation and deployment of the systems Operational process.
Characteristics of the future certification scheme Mandatory. Harmonization. One unified security profile. Not a single certifying authority. Easy to be adopted by the MS. Deal with the patch management problem. Once certified not extra certification needed across Europe. Take into account the existing technologies. In line with the standardization efforts in the SG area.
Not focus only on the smart meters Conclusions (1/2) Certification is only a part of the process for secure systems development. Not focus only on the smart meters Protection profiles for the rest elements of SG Only a part of the SG i.e windmills, e-cars etc. A single interoperable standard Geographically: European Cross sector: SG are parts of CII and there is a need for such a standard Competition: One standard does not mean one technical solution.
More information sharing on vulnerabilities. Incentives for Conclusions (2/2) More information sharing on vulnerabilities. Incentives for A more reasonable legal framework Doing more than is needed. If one standard is developed then the throughput must be satisfactory enough to keep all vendors capable of competing at the same level. Compliance does not mean security.
Actions Create a SG Certification WG in existing European structures. Maintain the Security testers / certifiers/certification frameworks database up to date. Create protection profiles for all SG components.
Report on Certification of components (2014) Objectives Perform a desktop research. Identify the gaps between different certification schemes. Produce technical advice, recommendations and good practices for certification in smart grid security. Provide recommendations on how to develop new or improve existing approaches to a pan European harmonised smart grid security certification. In collaboration with EC
Working method Desk research regarding cyber security certification Existing standards National approaches Qualitative analysis of cyber security certification schemes Requirements by a future approach Gaps and lessons learnt Recommendations and roadmap development Discussion of approach with stakeholders Draft report for comments Addressing of comments with stakeholders Workshop for discussion of main topics Final report
Desk research Separation between certification schemes and other information Articles and investigations Security and/or smart grid standards and schemes Smart grid related security services Current stocktaking lists the following additional sources and initiatives eligible for investigation Further analysis to select schemes for qualitative analysis: 8 out of 19 certification schemes were selected
Certification meta-scheme Based on ISO 17067
Detailed scheme analysis
Discussions with stakeholders Stakeholders included: SISEC members ESMIG is represented Selected members of the ENISA contact list Certification authorities: ANSSI, BSI, CESG, FMV, … Associations: EURELECTRIC, ESMIG, T&D Europe Standardization initiatives: M/490 SG –CG/SGISWG, DKE VDE DIN Private sector: Alstom, ULL, EDF R&D DKE Deutsche Kommission Elektrotechnik Elektronik Informationstechnik im DIN und VDE
How is it currently applied in EU France – CSPN and common criteria, ISO 27002 Germany – common criteria EAL4+, DIN 27001 Netherlands – common criteria EAL2, ISO27001 United Kingdom – CPA, ISO27001, IASME SOG-IS MRA and EA (European cooperation for Accreditation ) No legislation, only Germany is going to mandate ISO27001 Different requirements and designs per country No public-private participation in half of the countries Conclusion: there is no harmonisation, different methods, schemes and different levels of security per country
Key findings Only a few member states defined security requirements Not clear view of the amount of publicly known cyber incidents Focus on HAN and Grid end applications Diversity in the production process of the requirements Public private collaboration CC de facto standard Lack of harmonisation
The supply chain view of the smart grid
What to certify: SGAM, lifecycle and chain of trust
What is available: SG-AM/SG-IS usage
Scheme implementation
Roadmap
What is this report about? -A proposal for a steering working group/ task force -A proposal for a certification framework (chain of trust) -A proposal for using an existing reference model (SGAM) -A mapping between different certification standards and the SGAM layers -A recommendation to reuse existing mechanisms -Roadmap to implement the framework IS NOT -A proposal for a new certification scheme -A recommendation for the use of any particular standard
Key recommendations Appoint a EU steering committee to coordinate smart grid certification activities (EC)* Provide guidance and a reference model to implement a chain of trust (SC) Use of the currently available standards and schemes, and accommodating, better coordinating and harmonising national approaches (SC) Promote international recognition of schemes (EC) Promote validation that is commensurate with the risk appetite involved in each use case (SC) Use national profiles as detailed specifications of international standards to cover the specific national use cases and nationally supported test and certification methods (MS) Use technical committees in collaboration with the European energy associations to create European profiles (EC) *EC: European Commission, SC: Steering Committee, MS: Member States
Open issues – Next Steps Assessment of financial costs of the min security measures Identification of incentives for investments on security Identification of good practices for ICS-SCADA/Smart Grids incident reporting Certification of smart grid components and systems Definition of EU baseline security requirements A roadmap for more harmonized national certification approaches Certification of smart grid cyber security skills Incident response capability for smart grids and relationships to existing national ICS-CERT/Gov CERTs Inject smart grids into NIS platform Bring competent authorities on board
DRAFT
Thank you! Konstantinos.Moulinos@enisa.europa.eu