Designing Security Into the Smart Grid

Today’s leading security experts believe the next catastrophic electrical failure may have more to do with Father Time than Mother Nature. Why? During recent decades, the focus of energy innovation has been to modernize energy distribution and make it safer, cleaner, more efficient, less costly, and open to more alternative forms of production—all viable goals.

These goals are being achieved by adding intelligent devices to the grid and connecting them via the Internet and to other operational systems, thus enabling utilities to gain greater operational control. This is one industry actively engaging in Internet of Things for efficiencies. However, over the course of time, this effort to automate and integrate previously disparate and largely proprietary systems has produced a grid that is far more vulnerable than ever before.

Here are three key contributors to this vulnerability:

  • Outdated systems – An estimated 70 percent of the existing energy grid is more than 30 years old. Security has largely been an afterthought while connecting these aging systems to the Internet.
  • Automation – Moving systems from manual processes to ones that are Internet-connected gave energy grid operators real-time information while allowing administrators to telecommute and field workers to manage and program systems from remote locations. However, linking industrial control systems (ICS) and system control and data acquisition (SCADA) eliminated built-in system security air gaps, making them accessible to the outside world through the Internet.
  • Interconnection of embedded systems – The third and perhaps most alarming cause of vulnerability is the proliferation and increasing interconnection of embedded software and devices directing the flow of energy. More and more of these devices are being built with off-the-shelf rather than proprietary software, making them increasingly generic, in need of patching, and vulnerable. As such, embedded systems are the prime targets of intruders seeking to control or disrupt the delivery of energy.

Building security intelligence into the smart grid is a necessary step to ensure efficient and reliable electrical service delivery. Bringing intelligent systems, Internet of Things, and getting them to work together well isn’t an easy task. For manufacturers looking for a way to offer more secure products, Intel’s Intelligent Systems Framework (ISF) provides a blueprint for hardware, operating systems, and tools that simplifies the delivery of interoperable solutions. It defines a comprehensive, layered security solution that better protects against future risks as security is a key element to Intelligent Systems. McAfee supports this framework through our Embedded Security for Industrial Control Solutions and extensive support for the manufacturers, grid operators and energy distribution companies.

Leave a Comment

17 − 4 =