The future of the U.S. energy grid is at a crossroads. Energy gridsand power distribution systems face a number of daunting challenges. One of the most critical is the ability to respond to changing variables in real-time.Meanwhile, the energy industry is often slow to implement newtechnology that optimizes energy consumption and bolsters the powergrid from electronic intrusion.
Energy generation, supply, consumption, distribution and security posenumerous high-tech challenges. Every change in these components requiresthe execution of sophisticated analytics to predict the downstream orupstream impact and the required actions to re-balance the network. Inaddition, the ever-increasing number of nodes on the energy network provide newpotential security holes, which need to be monitored and managed.
“It is critical that any legislation to secure the electric gridinclude proper identity assurance. This will ensure that evensuccessful hackers/intruders are curtailed at every access point andan audit trail created should an intrusion occur. Identity assurancelimits access and accessibility, and the standards already exist,” DominicFedronic, CTO of ActivIdentity and chairperson of the GlobalPlatformGovernment Task Force (GTF), told TechNewsWorld
At least some of what Fedronic called for may be in the works. Last month, theNorth American Electric Reliability Corporation’s (NERC) independentboard of trustees approved eight revised cybersecuritystandards for the North American bulk power system.
This action represents the completion of the first phase of the NERC’s cybersecurity standards revision work plan, which was launched in July 2008.Work continues on phase two of the revision plan, with newstandards already under development, according to the NERC.
The standards comprise some 40 good housekeeping requirements designed to lay a solid foundation of security practices. Ifproperly implemented, the energy industry will develop thecapabilities needed to secure critical infrastructure from cybersecurity threats, according to the NERC. Roughly half of those requirements were modified toclarify or strengthen the standards in this initial phase.
These revisions begin to address the concerns the Federal EnergyRegulatory Commission (FERC) raised in its Order No. 706, according tothe NERC. That order conditionallyapproved the standards currently in effect.
Organizations that violate the standards can be fined up to US$1 millionper day per violation in the U.S., with other enforcement provisionsin place throughout much of Canada. Audits for compliance with 13requirements in the cybersecurity standards currently in effect willbegin on July 1, 2009.
“The approval of these revisions is evidence that NERC’sindustry-driven standards development process is producing results,with the aim of developing a strong foundation for the cybersecurityof the electric grid,” said Michael Assante, vice president and chiefsecurity officer at the NERC.
More to Come
The NERC expects to act on the revisions for phase two in early 2010,according to Assante.
However, he cautioned that these standards are not designed to addressspecific, imminent cybersecurity threats. For that, directlegislative action is needed.
“We firmly believe carefully crafted emergency authority is needed atthe government level to address this gap,” he said.
All Not Happy
However, critics say the NERC’s action in revising the standards for grid cyber-protection maybe falling short. It will take more stringent action to make the energy grids moredependable and secure, according to their arguments.
“Just as all critical infrastructure government systems are subjectedto best practice security hardening, the energy grid cannot be anexception. Hardening includes securing network access with firewalls,applying intrusion detection, protecting critical applications withstrong authentication and TLS (transport layer securit), equipping personnel with FIPS 201 PIVcredentials and requiring strong authentication through VPNs for anyremote access,” ActivIdentity’s Fedronic said.
The NERC’s revisions are falling short, agreed JT Keating,vice president of marketing for security firm CoreTrace. Critical Infrastructure Protection (CIP) requirements are drivingutilities’ implementation of alternative solutions, like applicationwhitelisting, designed to stop malware and prevent unapproved applications installed by employeesand contractors, he explained.
“Despite months of work, the only notable change to these particularCIPs was a slightly expanded definition of which assets need to beprotected against malware. Fundamentally, the CIPs need to be changedto reflect their actual purpose, preventing the execution of anyunauthorized code, rather than prescribing specific technologies — especially technologiesthat are completely inconsistent with the operational realities ofenergy management systems and distributed control systems that are thecore of the critical infrastructure,” Keating told TechNewsWorld.
With much of the energy industry relying on the Internet, concern has been raised about the potential for security exploitation, especially considering the popularity of active (and sometimes vulnerability-ridden) content on Web sites.
“There was not much active content five years ago. The Internetcarried not much more than simple HTML and Java coding. Today that istoo boring.Today any browser can bring down active content. This is the biggestthreat today,” Jay Chaudhry, CEO of cloud security firm Zscaler, toldTechNewsWorld.
The concern isn’t so much with the security or lack thereof with Microsoft Windows so much as the vulnerability of the browser, he explained. The energygrid is threaded across the Internet. Workers access this gridfrom within physical plants as well as remotely, making a commonsecurity bridge.
“The browser has become the new OS for desktops. They are morepowerful and can do so much more. That combination is very deadly,”said Chaudhry.
He likened using the Internet to using a kitchenknife — it’s a good tool when used right and a dangerous weapon when used wrong, he said.
The entire system needs better authentication to regulate those wholog onto the systems that regulate the grid, according to Chaudhry. Power grid management programs are old and in many cases need to be upgraded, he noted.
“This is a tough job. Upgrading is often delayed due to complacencyand complexity,” said Chaudhry.
Some security firms focus on products to provide a single accesscontrol point. Others preach the benefits of multiple access.
Single control is both good and bad, Chaudhry believes. Nothing iswrong with multiple control agencies; what is more important isknowing who is running on the grid and managing it and whether the badguy is being spotted, he argued.
“The problem is multifaceted. The industry needs to figure out whereto start. Not much is being done yet,” he said.
Smart Grid Mentality
Energy grid engineers are looking ahead to transition into a type of infrastructure known as a “smart grid” — in other words, a power grid that not only delivers energy but also communicates data to both users and operators.
One problem a smart grid addresses is the need tooptimize traditional energy sources and integrate new sources ofenergy from new suppliers like wind generators, water dams, etc., according toJohn Morrell, vice president of product marketing at Aleri. Hiscompany develops complex event processing (CEP) technology solutions.
“Companies are looking to create a smarter energy grid. This is a realinteresting area. With today’s economy, people are going in witheconomic stimulus funds. The problems that need fixing can take two tofour years to solve,” Morrell told TechNewsWorld.
Infrastructure issues include smart metering technology. These newtypes of meters are gradually being installed at customer locations. However,the huge volume of data they generate largely goesunused by many companies, he explained.
For instance, many energy companies aren’t currently convinced about how reliablethe data is and haven’t determined how to use it. The data about all of the dynamics associated with energy distribution and consumption flows like water from a fire hose.
“Even basic business issues such as overcharging or underchargingcustomers can occur due to lack of familiarity with the newtechnology,” he said.
What It Does
Smart meters could give energy users the ability to reduce their consumptionmore reliably and provide more dependable billing cycles.Customers that agree to these opt-in programs could get much betterenergy rates. Energy companies could send alerts to heavy consumers.This would help consumers monitor the causes of excessive consumption,according to Morrell.
“Another benefit is the cost effectiveness. There won’t be a need toread meters every other month. This technology is out there. Companiesare learning how to use it,” he said.
Locking Up the Grid
The smart grid requires that both production and distribution centersbe secured. End-user end-points must be ultimately as secure as anyother access point in the grid, according to Fedronic.
Secure terminals will have to be created. It makes sense to equipthese terminal points with certified security chips that can operatecryptographic algorithms, he noted.
“With secure terminals using certified security chips and operatingcryptographic algorithms, cybersecurity easily moves to immediatecapabilities of analysis, isolation and elimination. Today, throughstrong authentication methodologies of varied types, users or machinescan be suspended in action and access shut down in seconds at thefirst alert to any inconsistency or any pre-set parameters,” Fedronicexplained.
Electricity grids rely today on complex telecommunication networks to monitor the flow of power, grid stability, electricity frequency, power outages etc. This is very true for long-distance, high voltage transmission networks (like >110kV) but much less true for distribution, lower voltage networks and not true at all for the "last mile" (ie from a sub-station to your home or business).
The concept of smart grids pushes the monitoring and control capability to the distribution networks and possibly the last mile network. This would indeed empower electricity companies (transmission system operators, distribution system operators, retailers, but also power generating companies) to better understand power usage, detect outage or instability and cope with local power generation (small photovoltaic solar panels, wind turbines on top of roofs etc).
This increased requirements on telecommunication systems is a tremedeous challenge for power companies, as the telecoms networks will become larger and even more complex than before. The amount of systems to monitor and control will increase exponentially and IT systems will need a serious upgrade. Rolling-out such networks will take time, efforts and telecoms expertise.
Making electricity meters talk to a central database will be another challenge as technologies and economics are hard to stack up (expensive to roll-out, who pays for it, what kind of financial return is there, what kind of technology can be used to make it as cheap as possible?).
Regarding security, there is no need to open these networks to the public. Broadband over powerline is outdated and not as efficient as other technologies in use today or planned (either over the air or fixed networks).
I agree with Jack – this is a dauting challenge, it will take time to sorth out. Better start now.
I agree that access points need to be secure, but believe the nation’s infrastructure should run on a physically isolated network. There should be NO connection between the ‘infrastructure grid’ and the public networks.
In addition, each ‘smart grid’ (pipelines, electric, dams, etc.) should be separated on the physical net using ‘VPN’ or similar technology to minimize the risk of a breach of one service grid giving access to all.
I would suggest that this could be operated by the Federal government on the same basis as other ‘public’ use facilities such as the Interstate Highway system and placed under the control of the new ‘cyber security czar’. The ‘czar’ would both establish and maintain the physical net and establish standards for using it.
There would have to be a law/regulation requiring use of this net or, if justified, demonstration that any facility not connected to the net had NO connection to public networks for any control functions including messaging related to operations.
If we need to allow Canadian entities (they are part of the power grid currently) into the net, there should be requirements that they meet or exceed the US security standards.
In a world of bin Laden’s and Russian hackers (insert here nationality of choice) the physical isolation of these networks seems a minimum rational choice.