The systems that control electric power generation and distribution are ones we rarely see, but are crucial to much of our day-to-day lives. Traditionally, these systems have been small in number with relatively few locations, such as network operation centers, generating plants and substations. They were isolated from public networks and relatively easy to secure. It was possible to physically secure the locations with fences and locked doors and the isolation allowed virtual locks and fences to be easily added.
But smart grid technology is changing all of this. With smart meters, smart thermostats and appliances, utility companies would like to network all of the data and provide tools to the consumer for monitoring and managing their home energy consumption. This requires the deployment of a large number of intelligent devices to monitor and control the distribution networks. Depending on the location, these devices may be physically accessible and may also be more accessible digitally through the utility or public network. As the touch points into the utility network become more numerous, the requirements for heightened cybersecurity become a necessity. Cybercrime costs the global economy $400 billion to $575 billion a year and $100 billion in the United States alone, according to a report from security software maker McAfee (now part of Intel Corporation).
Critical infrastructure such as the power grid has to be protected against malicious viruses or malware such as Stuxnet, which was unlike any other virus or worm that came before. Rather than simply hijacking computers or stealing information from them, it caused physical destruction of equipment that the systems controlled, in this case, a PLC.
To protect against these types of threats, systems in the Smart Grid network need to support multiple levels of security, which means technology that can:
- authenticate the software running on the system,
- detect tampering and take preventive action,
- run encryption to ensure all communication links are secure,
- detect and prevent denial of service attacks,
- and provide redundancy for fault tolerance.
A secure operating system is not sufficient to provide the protection needed. Having dedicated hardware to enforce security policies is critical to ensure a system can be trusted. Fortunately, the technology needed to support these security mechanisms is readily available and is supported by today’s multicore processors, with a combination of both dedicated hardware for performance and software for flexibility needed to meet various system power and performance requirements. Most of the devices also support Secure Boot as well as run time protection. IPSec, as well as link layer encryption using MACSEC, are common in multicore processors to deliver high performance hardware encryption for end-to-end security.
While multicore-based systems help equipment makers protect their systems against cybercrime, additional system and network level precautions should also be taken to further reduce the risk. IT departments must be proactive in installing firewall appliances and delivering the appropriate software updates to block potential network attacks. As the need for security is at an all-time high, these security tactics are crucial in protecting critical infrastructure against viruses or malware. Without these tactics in place, cybercrime could become more than the $575 billion issue security software vendor McAfee claims it is.