The Obama administration is setting aside $54 billion to modernize the national electronic grid infrastructure, which presents a number of opportunities for security solution providers. The goal of what's being called the Smart Grid plan is to bring the communications power and flexibility of IP networks to the management of the electricity supplier's network.
With this initiative, the approximately 3,000 power companies in the United States would be able to automatically shift resources within the power grid according to consumption requirements, leading to more efficient and reliable power allocations. The modernization effort for Smart Grid would involve extensive modernization of security technology and processes to be successful. Solution providers specializing in security technologies or in the utilities vertical will have to expand their knowledge base to be successful.
The command and control infrastructure of the national grid is a substantially risk adverse environment -- any disruption in the supply of electricity directly affects people's lives. For this reason, IT loathes modifying any elements of the technical infrastructure, unless it is absolutely necessary. This leads to an environment of command and control systems that become aged legacy systems simply because of the incentive not to jeopardize continuous uptime by changing anything that is working. However, amid the news that foreign attackers penetrated the U.S. electrical grid by planting programs that may manipulate or disrupt its operations, efforts to update the grid may gain new momentum, and as a result the channel should be ready to react quickly.
The Smart Grid security strategy will need to accommodate functionality that is unique to national utilities where reliability and safety is far more important than competitive features.
Here are some ways that solution providers can prepare to work with the Smart Grid:
- Implement a thorough pre- and post-deployment testing regimen for software and hardware systems. The mission-critical systems of Smart Grid need to be as secure as possible. Since they will be infrequently changed, all deployed systems should run through the gauntlet of automated source code reviews, rigorous pen testing/fuzzing/black box testing of executables, and continual scanning for deviations from approved configurations. It is imperative for solution providers to ensure the SmartGrid systems are as secure as possible before deployment.
- Resolve the risk tradeoffs between deploying patches that can destabilize control systems and leave exploitable open security vulnerabilities. The window of vulnerability is a sensitive balancing act that must be managed. Assume that a mistake will be made, a patch will cause problems or a vulnerability will be exploited, and have a reaction plan that keeps IT in control of the power grid.
- Plan for multiple fallback positions in case disaster strikes. This is a challenge with legacy systems that evolve in the Smart Grid architecture. Virtualization can help with rapid provisioning of known healthy images, and to dynamically move systems to uninfected operating environments and hypervisors. Stop-gap limits should also be implemented to ensure that penetrated systems don't tip the dominos that can take down the entire power grid.
- Segment networks to keep attacks and intruders away. One way to prevent security incidents is to remove as many variables as possible from the operating environment. The segmentation of networks may be the one good lesson from Payment Card Industry Data Security Standard (PCI DSS) that can be applied to Smart Grid. Isolating the infrastructure, the management plane for command and control operations, and back office processing is a best practice that can keep SmartGrid in a predictable state.
It is widely assumed that the Blaster worm residing in management systems contributed to the huge Northeast blackout of 2003, at least to the extent that the management systems became ineffective in controlling the grid. That incident should serve as a case study that the Smart Grid security teams should use as a practical benchmark in evaluating approaches.
Large financial processing networks and solution provider networks, both critical to our national technical infrastructure, have proven to be resilient against malicious attacks. The security architects and solution providers for Smart Grid would do well to capitalize on those experiences and apply that knowledge to securing our national power grid.
How? For starters, selling individual security products will do Smart Grid and solution providers a disservice, as disparate technologies lacking big-picture integration will not ensure the comprehensive, system-wide security that is needed. Instead, be prepared to leverage consulting and security infrastructure building experience gleaned from years of assisting customers. This will ensure the project has a centralized management system, and won't require the micromanagement of separate technologies spread across the country.
The bottom line is that solution providers need to be able to deliver security for Smart Grid nationwide. The project will require broader, non-traditional security concepts -- such as virtualization and cloud computing -- rather than smaller piecemeal technologies. That way, when something goes wrong -- and in the security realm, it's not a matter of if, but when -- the system will not be as difficult to repair and manage, both in the short and long term.