Managing the grid has never been more challenging because it’s no longer enough to simply provide reliable electrical power. Today’s utilities must balance the need for smarter solutions and grid automation with the increased cybersecurity threats that come with connectivity and intelligence. At the highest level, recent security breaches have demonstrated three basic things:
- Cybersecurity threats continue to evolve
- Companies need to think about cybersecurity as an integral part of product lifecycles so that assets are less vulnerable to attacks
- Establishing rigorous standards, testing and methodologies to reduce risk is critical
These concerns are nothing new; utilities and equipment manufacturers have long recognized the importance and potential impacts of cybersecurity threats.
As utilities implement innovative connected technologies, they’re challenging suppliers to provide substantial cybersecurity assurance against emerging cyber threats. Although both the utility and manufacturer share responsibility when it comes to creating a secure grid, product cybersecurity should be an integral consideration much like product quality, with strict protocols placed on the people, processes and technologies at every phase of product creation.
Establishing Rigorous Engineering Standards
We know that the electric grid is a complex web spun from the equipment produced by many different manufacturers. If each manufacturer has a different view of what makes a networked device cyber secure, then utilities would have a hard time being confident in the security of their systems – and this complex web could ultimately fail. The idea is to make sure each strand of the web, or all of the components within the power system, meet the same high standards.
Creating the framework for a robust, consistent cybersecurity approach will help reduce risk while ensuring that all system components meet the same established industry standards. This can be achieved via independent, third-party verification that offers peace of mind and less product uncertainty.
In the summer of 2017, UL published general requirements for cybersecurity: UL 2900 Standard for Software Cybersecurity for Network-Connectable Products. These guidelines include processes to test devices for security vulnerabilities, software weaknesses and malware. UL also established a Data Acceptance Program (DAP) for cybersecurity. With this program, organizations can demonstrate that their labs adhere to aspects of the cybersecurity standards – building further proof of defense against emerging cyber threats.
By adhering to UL’s new standards and processes, manufacturers can help utilities build trust in network connected technologies by demonstrating that the technologies adhere to consistent and measurable cybersecurity criteria. This process also provides tangible proof that technologies are designed to be cyber secure.
Source: Eaton
Defense-in-Depth
No method is completely secure. A “defense-in-depth” mechanism that is effective today may not be effective tomorrow because the ways and means of cyberattacks constantly change.
From inception through to deployment and maintenance, the modern manufacturer needs to instill cybersecurity best practices via training, threat modeling, requirements analysis, implementation, verification and ongoing support. Likewise, customers need to make periodic vulnerability and security assessments of deployed solutions on their sites.
It only takes a single security breach to impact safety, lifecycle costs and your reputation. Cybersecurity threats must be met proactively with a system-wide defensive approach specific to organizational needs. When selecting suppliers, it its critical to ensure they have a robust process for designing secure products.
When working with equipment manufacturers to support security throughout all phases of the device lifecycle process, the following approach is recommended:
- Understand product requirements
Collect important background information from product teams to initially classify the product, whether the product to be built is a sensor, actuator, field device or system.
- Learn how it’s built
Review the architecture of the products in order to identify physical interfaces, protocols, data flows, deployment context and access scenarios. This can help set the stage for discovering where risks may hide.
- See where the risk may lie
Methodically examine every facet of the design and create threat models to identify conceivable cybersecurity issues that may be a concern in the customer environment. With findings in hand, you can then finalize cybersecurity requirements.
- Work to remove risk
Apply secure-by-design principals by ensuring cybersecurity is embedded in each phase of development – such as design, code reviews and product assessments – and correctly applied. Align findings with your framework requirements to confirm that you’re meeting the product’s cybersecurity goals. You should then document secure hardening and deployment guidelines according to industry best practices.
- Confirm security
Validate requirements and findings from product assessments in order to help developers identify and fix any bugs discovered before developing a process to address any future vulnerabilities discovered in the field.
Closing Thoughts
It is essential to recognize that cybersecurity, even when designed into technology, is dependent on how solutions are applied as threats continue to evolve. For example, the blame cannot be placed upon a smartphone provider if you failed to download the latest update or security patches. Similarly, the way a customer applies technology and updates determines the cybersecurity of the product.
As threats evolve, the industry needs collaboration to identify where risk may lie, develop solutions to remove risk and ensure updates are applied to products regularly. An important part of the process is making sure that customers are aware of those updates and have trained resources to take advantage of the latest technologies and best practices available.
For manufacturers, a proactive and consistent enterprise-wide approach to cybersecurity will help utility customers gain confidence that digital solutions meet rigorous testing standards to support the highest level of defense against emerging cyber threats. Likewise, utilities need to continue to work closely with manufacturers to ensure we’re building a connected grid that is not only more intelligent, reliable and sustainable – but also more secure than ever before.
As director of the Cybersecurity Center of Excellence for Eaton, Max Wandera provides leadership and oversight in the strategic planning, development and assessment of Eaton products. He is responsible for the Secure Product Development Lifecycle Policy and compliance; including the research, design, development and implementation of security technologies for products, systems and software applications. His role works cross-functionally with corporate officers, business and functional leaders. Wandera acts as the voice of Eaton on product cybersecurity matters, interfacing with various government entities including the Department of Homeland Security, customers, industry forums and other industrial control security organizations.
