|
|
| Fig. 1: Example of a SCADA schematic (Source: Wikimedia Commons ) |
In the energy sector, much of the critical machinery and infrastructure that handle the analysis and control of essential utilities such as electricity, oil and gas pipelines, water distribution etc. is run by supervisory control and data acquisition systems (SCADA) systems. The use of these systems first became widespread in the 1960s as industrial equipment became more and more complicated. Initially the SCADA software actually had no form of supervisory control, but were instead built mostly for passive monitoring purpose. [1] They were designed to be easy to use, robust, and open security was never a prime concern. [2] In recent years, there has been a large stimulus to increase the automation and supervisory control aspects of SCADA systems. Because of this massive update process, SCADA software now involves extremely complex networking and a combination of legacy and modern technology. Most SCADA systems today, at the minimum will contain components such as supervisory computers, remote terminal units (RTU), programmable logic controllers, communication infrastructure, and human-machine interfaces. [3] An example of a SCADA schematic is shown in Fig. 1. All of this technology has been created in order to manage the complex systems that have developed within the US power grid, and as distributed renewable energy sources start to play a larger role, the complexity of these control systems will no doubt increase further.
The increased complexity of the aforementioned SCADA systems in the US has resulted in unforeseen serious vulnerabilities that could threaten the core industrial infrastructure in the US. Furthermore, because the primary owners of these systems are investor-owned utility companies, they prioritize low costs and other needs over security. [4] Currently in the United States, investor-owned businesses run close to 90% of critical infrastructure. [5] Because of this fact, much of the cybersecurity related to SCADA systems, is implemented by individual corporations that manage a specific project. For example, the publicly traded company PG&E supplies electricity to almost all of Northern California and the company American Water Works has distribution centers in several states across the US. Many other companies like these exist, all managing core utilities and as one can see by looking at the current valuations, many of them are in the billions of dollars. Like for any other publicly traded company, the primary objective for these utility companies is to appease investors by maximizing efficiency and profit. As Ronald Krutz says in his book on securing SCADA systems, it is for this reason that security simply is not a priority unless there is a visible immediate threat to the business. [4]
This lack of oversight and care for security within many energy companies has not only just been a cause for concern, but has actually resulted in serious vulnerabilities within SCADA systems. In 2013, a research study found that over 25 urgent vulnerabilities in industrial SCADA software existed across many industries. [6] Specifically these vulnerabilities stemmed from poorly constructed devices used for serial and network communications between servers and substations. This study speaks to the larger issue mentioned in the introduction- the increased automation and supervisory control of SCADA systems has led to complex networking that is in turn extremely vulnerable. To clarify this point, we can consider many systems that have already been exploited. For example, in 2003, the MS SQL Slammer worm was able to disable the entire safety monitoring network for the Ohio-Besse nuclear powerplant for over five hours. [7] In addition, the Stuxnet worm, which targeted industrial programmable logic controllers, was able to compromise almost one fifth of all of Iran's nuclear power plants. [8]
Another major issue with securing SCADA systems that manage our power grid is authentication. Many of these systems are connected to large networks that are hard to monitor. As said in a recent paper analyzing SCADA security threats, "with the growth of mobile computing, wireless networks are set up to give operators access to the SCADA network on the move. These wireless networks are again configured for convenience and may have weak passwords and poor or no encryption". [9] As a result, the only way to stop intruders from using this open network model to their advantage is to implement stronger methods for authentication such that only authorized people have access to the critical processes and communications.
Given the many issues outlined above regarding security of the systems that control much of the critical energy infrastructure in the US, it is worth thinking briefly about possible changes that can be made to protect against future vulnerabilities. Specifically, one immediate course of action would be to expand the role of the government in monitoring the cybersecurity of these systems. Work along these lines is already being implemented within the Obama Administration. For example, this administration has implemented NERC-CIP requirements that are enforced by the North American Electric Reliability Corporation. [10] It has been seen that in the electricity power industry, the new NERC-CIP requirements, which specify comprehensive security requirements for all industrial control systems, have been very effective in improving the state of such systems. Fines reaching up to $1 million dollars a day for violations have deterred companies from reducing security measures because of lower costs. Nevertheless, these relatively new standards only apply to the electricity sector and are still extremely hard to enforce efficiently. [10] As a result, we can take the results of this security standards implementation and extrapolate to see the wide benefits such a system could have if we were to establish cross-industry regulations that were enforced. There are many changes that can and should be made. However ultimately, the cybersecurity issues we face regarding the energy grid and SCADA systems in the US must start to become a part of daily discussion if we want to avoid catastrophic damages in the future.
© Nikhil Parthasarathy. The author grants permission to copy, distribute and display this work in unaltered form, with attribution to the author, for noncommercial purposes only. All other rights, including commercial rights, are reserved to the author.
[1] E. Hayden, M. Assante, T. Conway, "An Abbreviated History of Automation and Industrial Controls Systems and Cybersecurity, SANS Institute", August 2014.
[2] W. Boyes, Ed., Instrumentation Reference Book, 4th Ed. (Butterworth-Heinemann, 2009).
[3] R. Carlson, "High-Security SCADA LDRD Final Report," Sandia National Laboratory, SAND2002-0729, April 2002.
[4] R. L. Krutz Securing SCADA Systems (Wiley, 2006).
[5] K. Stouffer et al., "Guide to Industrial Control Systems (ICS) Security," U.S. National Institute of Standards and Technology, NIST Special Publication 800-82, May 2015.
[6] A. Hern, "US Power Plants 'Vulnerable to Hacking'," The Guardian, 17 Oct 13.
[7] B. Kesler, "The Vulnerability of Nuclear Facilities to Cyber Attack," Strategic Insights 10, 15 (2011).
[8] W. Broad, J. Markoff, and D. Sanger "Israeli Test on Worm Called Crucial in Iran Nuclear Delay," New York Times, 15 Jan 11.
[9] M. Robinson, "The SCADA Threat Landscape," in International Symposium for ICS and Scada Cyber Security Research, ed. by H. Janicke and K. Jones (BCS Learning and Development, 2013), p. 30.
[10] C. Humphreys. "Cyber Security For the Bulk Electric System Strong and Growing," Natural Gas and Electricity, 29, No 2, 1 (2012).
