SCADA and Smart Grid Security Considerations
Hentea (2008) discusses the evolution and security issue escalation of SCADA and the Smart Grid due in large part to the advent of the internet and rise in terrorist threats. Additionally, the introduction of new protocols, LAN/WAN architectures, and new technologies such as encryption and information assurance applications on the shared network(s) raise new sets of security concerns.
The increased functionality of SCADA and the Smart Grid architecture leads to control systems that are escalating in complexity and have become time critical, embedded, fault tolerant, distributed, intelligent, large, open sourced, and heterogeneous, all which pose their own program vulnerabilities. Ranked high on the list of government concerns are threats against SCADA systems. Unfortunately, mostly due to the complexities involved and resources required, the threats are too often trivialized and most organizations are slow to implement enhanced security measures to combat these threats. Key requirement areas for addressing these threats are critical path protection, strong safety policies, procedures, knowledge management, and system development skills that place security architecture at the forefront of requirements.
In considering potential risks in the act of collecting data from distributed access points using wireless radio frequency technology, “The very nature of Radio Frequency (RF) technology makes Wireless LANs (WLANs) open to a variety of unique attacks. Most of these RF-related attacks begin as exploits of Layer 1 (Physical – PHY) and Layer 2 (Media Access Control – MAC) of the 802.11 specification, and then build into a wide array of more advanced assaults, including Denial of Service (DOS) attacks. In Intelligent Jamming, the jammer jams physical layer of WLAN by generating continuous high power noise in the vicinity of wireless receiver nodes” (Jha, Kumar & Dalal, 2010).
Figure 4: Internet and SCADA Systems Architecture (Source: Gervasi, 2010)
To combat some of these risks, Teixeira, Dán, Sandberg, and Johansson (2010) discuss the need for the use of litmus and metrics in the form of state estimators commonly used in power networks to detect problems and optimize power flows. These are usually located in central control centers and receive significant data measurements sent over unencrypted communication channels, making cyber security an important issue. Bad data detection (BDD) schemes exist as energy management systems (EMSs) state estimation algorithms to detect outliers and inconsistencies in the data, and are based on high measurement redundancy. While these methods may detect a basic cyber-attack, additional security considerations should be implemented to deter an intelligent attacker intent on gaining access and control of a SCADA system directly or through one of the Smart Grid devices.
Integration into the Internet Figure. 4 provides a delivery medium available to most consumers, and can provide advantages in the form of control, distribution, and communication. The Internet utilizes Hybrid fiber-cable (HFC), digital subscriber line (DSL), broadband over power lines (BPL), wireless (Wi-Fi and WiMAX), fiber, satellite, and utilizes wholly-owned and operated networks and third-party networks where feasible and cost effective.
SCADA also creates a number of additional security issues since the electrical power network is a critical infrastructure. Without Internet connectivity, SCADA already contends with security issues, and additional methods of penetration via the internet make it more vulnerable. There are a number of common security issues with SCADA:
- A lack of concern about security and authentication in the design, deployment, and operation of existing Control System networks
- The belief that SCADA systems have the benefit of security through obscurity, through the use of specialized protocols and proprietary interfaces
- The belief that SCADA networks are secure because they are purportedly physically secured
- The belief that SCADA networks are secure because they are supposedly disconnected from the Internet
- IP Performance Overhead of Control Systems connected to the Internet
Among the suggestions to further enhance SCADA and Internet security, Gervasi (2010) offers a “Crossed-Crypto Scheme” for securing communications. “There are major types of encryptions in cryptography: the symmetric encryption and the asymmetric encryption. From the two major types of encryptions we can say that Asymmetric encryption provides more functionality than symmetric encryption, at the expense of speed and hardware cost.” The scheme integrates into the communication of the SCADA master and SCADA assets wherein the plain text data transmits using the AES algorithm for encryption, then encrypts the AES key using ECC. The cipher text of the message and the cipher text of the key are then sent to the SCADA assets, also encrypted using ECC techniques. “The cipher text of the message digest is decrypted using ECC technique to obtain the message digest sent by the SCADA Master. This value is compared with the computed message digest. If both of them are equal, the message is accepted; otherwise it is rejected.”
Chauvenet and others also consider enhancements to the communication stack for power-line communication (PLC) based on and the adaption of the IEEE802.15.4 standard protocol, which is constrained by the low-power, lossy, and low data-rate context of power-line transceiver using pulse modulation, using open standards using IPv6 at the network level with the 6LoWPAN adaption (Chauvenet, Tourancheau, Genon-Catalot, Goudet, and Pouillot,2010). In their paper, they posit that “this allows for a full network layer stack and results in efficient routing in our low power, low data-rate and lossy network context” and cross compare their posit with other available communication solutions.
Other standards and maturity models are being developed to address the growing security concerns for the evolving energy distribution models (Fries, Hof, & Seewald, 2010) such as security enhancements to the IEC61850, which is a standardized communication services and standardized data model for communication in energy automation. Therein lies the challenge. The number of standards, recommendations, requirements, and frameworks that are evolving in the attempt to address the growing security challenges for securing SCADA and the Smart Grid is not trivial. Further, each utility, depending on the services the utility provides, are subject to many of these standards, each prescribing recommendations that are redundant across standards. Wading through multiple sources of these in an effort to be thorough is daunting, resource intensive, and a moving target that requires policies and procedures to ensure all recommendations are vetted against both existing assets and any new assets. Ensuring that the risks, many as unknown and potentially pervasive, are not trivialized and rationalized away is a challenge.