By Eric Marks, PricewaterhouseCoopers
Security: We’re Not in Kansas AnymoreBuildings Infrastructure -- Security
The first step in safeguarding our critical infrastructures is to identify system vulnerabilities. Although SCADA (Supervisory Control and Data Acquisition) systems have been used for a decade to monitor and control critical equipment at...
The first step in safeguarding our critical infrastructures is to identify system vulnerabilities. Although SCADA (Supervisory Control and Data Acquisition) systems have been used for a decade to monitor and control critical equipment at manufacturing facilities, power companies, water treatment plants and even for building automation, there really has never been a sharp focus on security, nor much acknowledgement of the vulnerabilities of such systems until recently.
Yet today there are lots of reasons to require protection from the threats that exist in cyberspace.
Embedded System Vulnerabilities
Cambashi analyst Christine Easterfield predicts that “with the growth of embedded software – in every new control system, device and industrial machine – there is a potential vulnerability at each interface. And with more interconnection, often using the Internet, for remote monitoring and business system integration, the risk of malware attack gets more real and more serious.” Easterfield continues, “But this is just one dimension – you need to consider operational procedures, staff, and other factors. For example, staff need to be trained in secure practices and made aware of the risks to which they may expose critical systems.”
Critical SCADA systems such as in oil and gas, nuclear, energy or any mission critical application are typically configured in a master/slave architecture to achieve fault tolerance. For instance, PcVue designed its SCADA to run in a distributed architecture of several stations, including redundant ones. Its redundancy mechanisms include such capabilities as load balancing and hot, warm or cold standby redundancy methods. This capability allows the operator not only to be able to handle the redundancy of the real-time, alarm and historical data of a distributed application, but also to manage the redundancy of the communication with the devices and of the physical network.
“We see the use of these redundancy mechanisms for applications requesting a high availability and security of the data and as part of a disaster recovery strategy,” says Emmanuel Ecochard, General Manager at PcVue. “As an example we can mention Iberdrola, one of the world’s largest utilities and leading player in the global renewable energy sector, that uses tens of pairs of redundant PcVue stations to manage, monitor, control, distribute and archive hundreds of thousands of data points from wind farms across the U.S.”
According to Kyle Zeronik, Blue Pillar’s vice president of information technology, it is critical to secure the SCADA from top to bottom. “It is important to safeguard critical power infrastructures right down to securing the messaging within the architecture to limit the conversations to only the devices with appropriate credentials and authorizations. We find it prudent to manage site-site communication including Internet security and encrypted messages transmitted over secure channels.”
It has become apparent that SCADA networks provide greater efficiency. They are widely used because they enable the collection and analysis of data and control of equipment such as pumps and valves from remote locations, and they have been initially developed from inception with capabilities to seamlessly integrate with numerous equipment and systems.
But although SCADA networks were also designed to maximize functionality, very little attention was paid to security. While the performance, reliability, flexibility and safety of distributed control/SCADA systems are robust, too often the security of these systems is weak. Cambashi’s Easterfield sums it up by saying “critical infrastructure architectures must handle all the issues – from embedded software vulnerability to elimination of domino-effect failures.”
Creating secure micro-grids
Micro-grids are campus-based, integrated portfolios of distributed critical power resources, managed as a dispatchable nodal network which is responsive to economic, grid instability and on-site power reliability issues. The control automation concepts used in the microgrid reflect those used in the grid, though the implementation differs fundamentally, as it is based on fully distributed control algorithms, in contrast with the centralized SCADA control of the utility grid. No matter how you look at it, security vulnerabilities remain present and will continue to be a concern when automating and remotely monitoring assets and equipment.
“In terms of addressing security and deploying micro-grids, the automation system should allow the end-user to manage emergencies, historically analyze the responses, and automate monthly testing regimes, which is considered the number one defence against being ill-prepared for any unforeseen events,” says Zeronik.
The exponentially growing cyber security threats and attacks, including the increasing sophistication of malware, will continue to impact the security of critical infrastructure, industrial control systems, and SCADA control systems.
Also with the Internet and World Wide Web technologies, SCADA systems have been increasingly integrated with ERPs and business systems, which compounds the threat of cyber-attacks.
As technology advances, so do system vulnerabilities. There is no way to completely safeguard ourselves from attacks and malfunctions which is why preparing a robust contingency plan will go a long way to preserving our critical assets.cce
Eric Marks is the industry practice leader for PricewaterhouseCoopers and previously worked with Deloitte Consulting, IBM Global Business Services, and Cambridge Technology Partners. Marks has a bachelor of mathematics in computer science from the University of Waterloo, and an MBA from the Wharton School of the University of Pennsylvania.