Part #3 – Third in a series on Smart Grids

By Jim Tiller, Vice President, Security Professional Services, North America, BT Global Services

Will power and the devices that consume it be managed more closely by a system that includes information networking and Internet technologies?  If so, an entirely new set of challenges will be introduced as well as risks and threats to the utility environment. 

The utility infrastructure is old and aging, lending credence to the renewal Smart Grid (SG) represents.  However, old also means predictable, an attribute not typically associated with the Internet and the threats surrounding it.  In this light, even if SG used, without modification, existing network security technologies, it does not guarantee meaningful security as a result. 

In very simple terms, when it comes to the role of traditional networking and the Internet in SG, there are three basic parts:

• The meter, a control system that is part of the meter – this interacts with the information system and devices within and outside the building;
• The management system, usually including an Internet accessible web-based application that enables the meter.  The meter will typically use 900MHz 802.11 for long-range regional communications with access points in the area, providing a network interface, such as to the Internet and other traditional back-haul communications.  However, most scenarios simply connect to the Internet via firewalls and the like, and employ a VPN.  Then there is the 2.4-2.483GHz or 950-956 802.15.4 (a.k.a. Zigbee) low power, low-bandwidth wireless network that reaches up to 100 meters, used to interface with the devices within the home or building;
• And finally, multiple antennas that support the interface and interaction between the networks and the management system. 

Information from other control systems (i.e., houses and devices in them) is fed into the management system, where residents can log in and perform various tasks over the Internet.  Of course, far more information is passed to the utility company and used by a number of power management systems to leverage the information to accurately control distribution.  This expands beyond distribution control to the house to the devices, which are now Zigbee-enabled.  Moreover, the determination of power management does not always have to go back to the utility provider.  Based on SG-enabled systems in the area, changes can be employed locally and automatically.

Strangely, all electric utility information should be of interest to the security community, given that wireless has had its fair share of security issues and that Zigbee introduces a new element. 

Unlike wireless in Starbucks, Zigbee is a control-based technology — which means it can directly influence the state of a device.  For example, assume you have a Zigbee-enabled thermostat and HVAC.  Using Zigbee, these can be changed and in some ways without your knowledge, such as redirecting airflow in the house or changing the temperature.  Joshua Wright provided a compelling presentation on Zigbee security and even used an example of door locks that can be controlled by a system remotely or online.  In this scenario, when a fire is detected, all the doors of your house are automatically unlocked, or you can lock your doors from your mobile device. 

Sounds pretty interesting, but if you can do it, the power company can do it, too, or the computer can decide to do it for you. 

The problem Zigbee suffers from is nothing new to the security industry, but utilities are keen to use it because it’s light-weight, simple, and requires very little power – perfect for SG applications. 

Today’s Zigbee manages keys by either being pre-installed or provided over-the-air.  In one sense, this is a security positive because keys can be installed and validated by the vendor during production. 

What this means is that SG is essentially introducing traditional, IP-based networking and all this implies – to an environment that has been historically isolated.  This is most evident in the introduction of the Internet and web-based applications that can be accessed to review information and make changes to your power consumption. 

Given the vastness of application-level vulnerabilities on the Internet, we can assume these systems will suffer from similar challenges and face the same threats.  Putting aside nuances of different solutions and implementation practices — at the end of the day, your microwave is connected to the Internet.  Yes, an over simplification to say the least, but you can trace information and traffic from one to the other. 

While this may seem somewhat trivial — after all, you’re not expecting your microwave to launch a terrorist attack — the interconnectivity of seemingly benign devices by a traditionally non-security focused industry should be cause for concern.  Not only are we interconnecting devices in our homes that can be controlled, but there are now far fewer layers between the Internet and the utility infrastructure and your home.  And that is something we need to think seriously about.

See the other posts in the Smart Grid series:

Part #1 — Will the future of Smart Grids include smart security?

Part #2 — Proven Security Practices for Smart Grid Security