Confidentiality. Integrity. Availability. These three supreme goals of information system security apply across all industries. So its no surprise that the benchmarks of smart grid security are:
How can utilities be confident that these goals have been accomplished and that their Advanced Metering Infrastructure (AMI) systems are protected?
Perhaps the key to assuring long-term AMI security lies more in asking the right questions than in seeking particular answers.
Three important questions every utility should ask themselves
1. What are you protecting?
Precisely what needs protecting depends largely on whom you ask. Energy consumers want to know that personally identifiable information is used only by authorized agents for authorized purposes. Technology providers want to secure intellectual property and trade secrets. Regulatory agencies are focused on protecting the bulk electric system and safeguarding the integrity of billing data. Utilities want to know that only authorized agents have access to system components and data.
Its important that a utilitys views on security are in synch with those of their vendors so that system components needing the most protection get the care and attention required.
2. From what (or whom) does it need protection?
Both the value of the object being protected and the sophistication of the threat dictate the degreeand costof required security. Utilities should discuss expected smart grid threat levels with their vendors so that the right types and levels of protection are put into place.
3. What policies, procedures and/or practices are in place for utility employees?
The best technology in the world can be undermined by avoidable human error. Utilities should ask themselves if training is adequate, policies are enforced and employees are part of the security solution and NOT part of the problem.
Seven critical questions utilities should ask their vendors
1. What security measures does your system employ?
Dont settle for vague or imprecise answersreputable vendors will be able to provide clear, detailed answers. Furthermore, dont accept the excuse that the security measures are proprietary and thus secret. In todays world, it is not a secret algorithm, but a secret key, that ensures security.
2. How do you know that your system is secure?
When it comes to the smart grid, security should be understood as a nonlinear continuum of postures. This, of course, makes it tricky to determine whether a system is sufficiently secure. Look for evidence of testing, design validation and quality assurance that instills confidence that security isnt just a buzzword but an integral facet of the delivered system.
3. Has your system been evaluated by third parties?
Security evaluation can discover issues that would only occur when devices are in operation. It is important that third-party evaluations become more comparable and consistent over time, leading to the need to have industry standards for security evaluations. This consistency will enable security certifications instead of security audits.
4. How would you react if a new threat were discovered tomorrow?
Ask your technology providers if theyve considered potential future threats and how theyre working to stay one step ahead of them. Also ask how they inform their customers of new threats.
5. Are you using encryption?
The simple acceptable answer to this question is yes. Note, however, that not every communication link or storage medium requires encryption, and different uses often dictate different encryption mechanisms. Consequently, it is far better to determine where and why encryption is usedand where it isntthan to simply prescribe one mechanism for all parts of a system.
6. How do you store passwords and encryption keys?
Most new systems employ encryption keys, passwords or both. To preserve the integrity of the system, these must be carefully stored and securely accessed. This means passwords and encryption keys should not be easily extracted from the system, especially by remote means. It also means that technology providers shouldnt ship devices with factory default passwords that must be re-set by the utility.
7. How do you manage encryption keys?
While the complex mathematics involved in data encryption is well understood, how to manage all of these keys is not. The reason is simple: logistics. Imagine a utility that has two million devices in one territory, each of which needs a unique encryption key and pairs of which must be able to communicate with each other. Devising a system for distributing these keys, preventing duplication, changing them and revoking them is extremely complex and difficult. However, its also critical, so be sure to ask vendors how they are managing encryption keys. If the answer is detailed and thorough, youre in good hands. If its short and simple, look deeper.
Ensuring smart grid security is a complex and difficult process, and so is evaluating a vendors security measures. Start with the questions above. They can help ensure that you finish with the confidentiality, integrity and availability that are the essential attributes of a secure AMI solutionand a smart utility.
View all SMART GRID Bulletins click here