Smart Grid Security
The lure of the Smart Grid appears irresistible. If Smart Grids can realize their full potential then consumers, utilities, nations, and even the earth itself will benefit. Unfortunately, as with nearly any new technology, the focus has been on getting Smart Grids up and running, often with little consideration for Cyber Security. Even worse, many experts appear to believe that IT networks and Industrial Control Systems have the same Cyber Security issues and can be secured with the same countermeasures – they cannot.
Smart Grid discussions are dominated by Smart Metering, but there is far more to it than that. Intelligent transmission, automated distribution, and creative use of substations can improve utility efficiency as well. DTS Solution can work with you to report and identify a number of key issues that require attention if Smart Grids are to become and remain secure.
One central issue is that many Industrial Control Systems have seemed secure simply by being isolated from IT networks. The Stuxnet attacks demonstrated that USB memory sticks give attackers a convenient workaround for that lack of connectivity. The other critical market issue is that IT and Operations groups at utilities must collaborate effectively. It is common knowledge that IT and Operations do not understand each other, nor in many cases do they trust one another. This is a cultural barrier to success for a Smart Grid deployment.
Smart meter deployment continues to pick up speed in nearly all regions of the world; however, as with all information technologies introduced in the past 50 years, cyber security was at first overlooked in the rush to create a working device. Now, utilities, governments, systems integrators, device manufacturers, and nearly everyone else involved realize that smart meters and their surrounding networks can be attacked, and that cyber security measures are necessary to protect the meters and their environment.
A recent analysis done illustrates the end-to-end protection of private and commercial usage data is impossible. Home area networks (HANs), commercial building networks, and utility networks all perform well in terms of keeping data encrypted within their domains. However, these domains terminate at the smart meter, and the only way for data to pass from one network to the other is for the smart meter to decrypt the data from one side and re-encrypt it on the other. Consequently, the data are, for a short while, unencrypted on the meter and could be successfully eavesdropped.
DTS Solution can work with your organization to provide risk mitigating technology and assurance services in the following Smart Grid domains;
- Legacy Control Systems: Transmission, Distribution, and Substations security risks
- Access Control risks
- Smart Metering Infrastructure and security risks
- Home Area Network (HAN) security risks
- Communications and Operational risks
- Operational change management services
- Human Resources risks
- Security Incident Response Framework