Twelve utilities across the United States and Australia have formed a consortium with ABB to privately fund advanced research and testing on securing supervisory control and data acquisition (SCADA) systems. The research and testing is being conducted by control system engineers and cyber researchers at the U.S. Department of Energy's (DOE) state-of-the-art Idaho National Laboratory (INL).

ABB was the first SCADA vendor to partner with the DOE's Office of Electricity Delivery and Energy Reliability through its National SCADA Test Bed program at INL. Work began in 2003 to perform cyber-security assessments for ABB's Network Manager SCADA/energy management system (EMS) product. Results from that initiative led to many security upgrades and improvements.

From there, the DOE and INL grew interested in getting utilities involved, notes Phil Beekman, EMS security coordinator in ABB's Network Management unit. INL was willing to do more research and testing, but requested that funding be provided, in part, from utilities. ABB and a small group of its EMS customers approached all the other EMS customers last fall at an ABB User Group meeting to see if they would be interested in working with INL on testing of the Network Manager system.

Twelve utilities agreed to form and help fund the consortium, including: Austin Energy, Detroit Edison, Indianapolis Power & Light Co., ITCTransmission, Kansas City Power & Light (KCP&L), LCRA, the New York Independent System Operator (NYISO), Snowy Hydro Ltd. and Tri-State G&T Association. ABB is supplying all of the hardware, software and installation needed for the testing, which will be completed this year.

The members view the consortium as a great value. “Funding by multiple utilities makes this critically important research affordable for all of us,” explains Stephen Diebold, manager real-time systems at KCP&L and the consortium chairman.

“NYISO expects to benefit from the technical and financial synergies provided by the consortium,” notes Brian Hurysz, NYISO's IT supervisor of grid operations products. “This is a very cost-effective way for New York's rate payers to get the benefit of the research being performed.”

According to Barry Allen, a SCADA/EMS analyst with Austin Energy, his utility was finding it hard to convince vendors — not only SCADA/EMS system vendors, but also vendors providing peripheral equipment vital to SCADA/EMS systems — that cyber security needed to be addressed in their products. “We very quickly learned that alone we would never be able to sway vendors to re-evaluate their products, which were entrenched in legacy utility systems,” says Allen. “We saw the consortium as a way to entice vendors to sit up and take notice, since they now had several paying customers with detailed and focused needs being delivered to them for presentation to their respective research and development departments.”

The consortium has been prioritizing a wish list of security tests they'd like INL to conduct this year. Although the list hasn't been finalized, there's a real possibility the consortium will decide to have some peripheral products from other vendors tested for security. For the first test, INL is verifying that all the known vulnerabilities found in previous tests have been mitigated in Network Manager 3, the latest version.

“The [members] are having complete say in what gets tested,” explains ABB's Beekman. “They will communicate all along the process with INL to try to find out if something looks interesting or some issue comes up and what [INL] can do in the way of mitigation immediately, and all kinds of other information that they wouldn't normally be able to get to.”

Consortium members aren't the only ones who'll benefit from the testing. According to KCP&L's Diebold, every utility that has the Network Manager system will get a much more secure system — hardened and tested — and that is good for the North American grid. If one utility isn't secure, that puts all utilities at risk, says Diebold.

This testing, says Hurysz, “will benefit the entire industry, beyond just ABB products, as the research INL performs can be applied to other vendor systems. The NYISO recognizes that it can learn through collaboration and benefit from discussion of issues in the consortium forum.”

A consortium of this nature is very much needed in the industry, its members believe. “I can envision the growth of other consortiums once this is more widely known to exist within the industry,” Austin Energy's Allen adds.

One group has already taken note. At the 2008 SANS SCADA Summit held in January, SANS Chairman Alan Paller named the ABB Consortium as a recipient of a 2007 National Security Leadership Award. “The consortium demonstrates that government doesn't have to pay for all the testing of control systems, that industry recognizes its responsibility in protecting the critical infrastructure and is willing to step up and provide the needed funding to ensure systems are as secure as possible,” said Paller when presenting the award. “The consortium offers a model that many other control system vendors and their user groups will follow.”