Cyber Threats to the Nation’s Electric Power Grid – The Need For New, Improved Standards
Smart building technology presents a tremendous opportunity to manage energy: generation; supply; demand; and redirection. Additionally, it provides the supply side vendors unique and cost-effective opportunities to balance the electric power grid and allows for additional roles and revenue streams associated with business-to-business electricity trading logistics and transaction settlement.
Low-cost smart devices have been pervasive for many years. Without the appropriate standards and controls, they pose a significant risk to their resident building, but more importantly, as the technology is continuing to spread, they pose a current threat to our Nation’s electric power grid.
Industrial Control Systems are particularly vulnerable as they: connect to our Nation’s critical infrastructure; represent a high-value target with life safety implications, and carry legacy components that were not engineered with cyber threats in mind. The electric grid current state carries additional complexity: requirements for 24×7 resiliency; decades-old technology and insecure protocols; and poorly made or foreign-manufactured components with inherent vulnerabilities and intentionally engineered back-doors.
This insecure state exists today and presents a significant national weakness in the face of potential international cyber warfare. This could allow attacks with catastrophic results, causing wide-spread, long-term power failures across the Nation and potentially un-recoverable damage, costing lives. Insecure devices proliferation and connection to the electric grid is inevitable and unstoppable. A new approach for ownership, standards, and certification is required immediately.
The underpinnings for controls are well-founded in existing standards documents:
• NIST SP 800-37 Risk Management Frameworks for Information Systems and Organizations
• NIST SP 800-53 Security and Privacy Controls for Federal Information Systems and Organizations
• NIST SP 800-82 Guide to Industrial Control Systems (ICS) Security
• ITAR International Traffic in Arms Regulations
There are significant gaps associated with emerging grid-connected smart device scenarios, for which standards will be required and best practices will need to emerge. Although not an exhaustive list, these are the highest priority:
• Electronic chip design, manufacturing, testing, and certification.
• Chain of custody for all aspects of hardware and software development and certification.
• Strict requirements for hardware and software functionality specifications, to ensure built-for-purpose components, inbound connection management, and functionality whitelisting.
• Secure communications among smart devices, within smart buildings, and electric grid connection.
• Hardware and software development, production, installation, and operations protection from un-friendly nation state-sponsored built-in vulnerabilities or reverse engineering.
• Building, network, and electric grid strategic segmentation to contain compromises and prevent them from causing catastrophic damage.
• Predictive and heuristic models to identify anomalous behavior and automation to take corrective action.
• Ongoing, real-time monitoring, testing, and certification programs for all components.
• Operational security cradle-to-grave guidelines, including equipment and information disposition and destruction.
• Detailed access controls to eliminate highly privileged account requirements and ensure all access to controls and information is governed through application interfaces.
BOSS has leveraged the underpinning standards that are available and has begun defining and implementing new, necessary standards and controls to manage the threat. It is BOSS’s goal to work with the right partner in the DoD to continue the work already started and complete the necessary tasks for securing the Nation’s electric power grid from unwanted intrusions, unintentional vulnerabilities, and catastrophic failures.