Denim Group, an IT consultancy that develops secure software and helps organizations assess and mitigate risks with their existing software, is advising utility companies of significant security and privacy risks as they transition to smart grid technologies. With advanced meters and smart grid technologies being deployed, Internet attacks, malware, and privacy breaches have become a bigger risk if the appropriate defenses are not engineered into the system from inception. Far-reaching scenarios involving power to homes being shut down were once remote but have now become feasible.
“It will be difficult to put the genie back in the bottle when smart grid technologies are deployed,” said John Dickson, principal of Denim Group. “Advanced meters are Internet-based network computing devices, with many of the inherent security challenges of traditional network security. There are significant security and privacy implications that we hope are being taken into consideration - protecting these systems shouldn’t be an afterthought. While the cost of prevention is low, the cost of remediation can be extraordinary. The principles we’ve learned from designing and building secure systems and software apply to these smart grid technologies as well and should be rigorously followed.”
“Public utility commissions have the unique opportunity to determine the security and integrity of the security metering system,” added Ravi Sandhu, executive director of The University of Texas at San Antonio’s Institute for Cyber Security. “Historically, the stand-alone, proprietary nature of the mechanical metering system provided a level of security but limited options for expanded utility and flexibility. Networking these systems requires all parties to re-think the security impact on closed networks and their ecosystems. The integrity of the system network must be maintained and the privacy of the consumers’ data must remain confidential.”
Dickson advises utility companies to consider the following key strategies when deploying smart grid technologies. Dickson has also testified at the Texas Public Utilities Commission on public grid policies.
- Don’t take on blind faith what hardware vendors communicate about the security of their devices. Ask smart grid technologies suppliers rigorous questions about what 3rd party testing they’ve done.
- Build an architecture that implements a defense in depth strategy. Avoid classic single point of failure design flaws that create a “crunchy on the outside, chewy on the inside” security model.
- Trust, but verify. Conduct rigorous, recurring 3rd party audits. These audits should follow an agreed-upon format, and focus on the smart grid system from the perspective of an attacker. Testing should be driven for purely compliance purposes, and should emphasize technical aspects throughout. Finally, as technology evolves, ensure that auditing evolves with it.
- Conduct detailed threat modeling when new functionality is added to the system. Threat models should provide system designers feedback to build more secure systems.
- Understand the impact of who can access these systems, such as administrators, auditors, producers, and customers and precisely what access they have. Put technical controls in place to ensure that these different players cannot access each other's private data.
Denim Group is currently working with several public and private initiatives to help certain utility companies address, and mitigate vulnerability issues associated with smart grid and other technologies and have performed assessments of numerous public utilities. Service providers are encouraged to implement the recommendations as earlier in the design process as possible to have a great affect on the security of the smart grid.
