Nearly every month we get additional information about cyberthreats to our electrical grid. Last month the Department of Homeland Security reported that hackers were able to breach a large number of utility networks thought to be secure. This certainly is a concern for all utility systems, but it raises particular issues for owners of digital substations designed to enhance communications, interoperability and automation. GE made a presentation available to T&D World from Anca Cioraca, GE’s lead for Grid Automation products, that helps utilities analyze their cyber security challenges and draw upon available cybersecurity guidelines and regulations to become more fully prepared for today’s challenges.
Cioraca recommends use of the National Security Agency’s (NSA) Security Robustness Index that attaches a value to the importance of the data to be protected and the levels of threat that may exist. The robustness determination is then used to derive a Strength of Mechanism (SML) level appropriate for the needed defense to expected attacks. According to Cioraca, all vendor-supplied software and hardware should have an SML designation.
Today’s smart grid involves many open networks and standardized protocols. The latest reported breaches resulted from the use of stolen vendor credentials, similar to the Ukrainian distribution power outage in 2015. Utilities have been working for a number of years to implement the NERC Critical Infrastructure Protection (CIP) standards. Mechanisms for compliance of importance to utilities include IEC 62351 for Power System Data and Communication Security and potentially also the IETF standards for communications. Cioraca believes that IEC 62443 relating to the security of industrial control systems, including design guidance and technical requirements, also will be of increasing importance for the certification of suppliers and equipment.
GE is one of a number of companies with digital substation cyber security offerings. Their programs include secure designs, security validation testing, vulnerability management, and built in preventative, detection and response capabilities. GE believes cybersecurity will be an ongoing journey as detection and defense advances to counter increasingly sophisticated attacks.