Information Security Blog

SynchroPhasor Security And The Path of Least Resistance

SynchroPhasor Security And The Path of Least Resistance

13 Flares

13 Flares


×

SynchroPhasor-PMUSynchroPhasor systems will provide a revolutionary new view of power systems operations by providing accurate real-time, time-aligned measurements from across the grid; allowing higher levels of load control, power quality, and power reliability.  The SynchroPhasor function is typically handled by a phasor measurement unit (PMU), although it may also be implemented in other devices such as a relay or digital fault recorder (DFR). The SynchroPhasor system architecture is relatively straightforward and uses a binary messaging format for SynchroPhasor streaming based on IEEE C37.118.

Securing this feed and the feeds of other devices, such as, PLC (Programmable Logic Controller), DFR (Digital Fault Recorder) and relays, is a priority for the industry.  This is especially important as many of these units were conceived 20+ years ago when cyber threats were not yet a notable concern.  Too often we find that the same focus is not applied to the security of this data when it crosses over to the “conventional” LAN, where the data sent from the PMUs (Phasor Measurement Unit) and PDCs (Phasor Data Concentrator) is consolidated, stored, processed, and utilized by the user community.

This concern is particularly relevant as it is the path of least resistance (e.g., the path that requires the least amount of specialized (utility) knowledge).  The population of curious/malicious individuals that have the knowledge to garner access to this data off a Windows server or from an Oracle database dwarfs the population who has the knowledge to access the same data off a Digital Fault Recorder in a substation. Further, in the substation, the information is in its raw C37.118 stream format measuring the voltage and current of one location where in the data center the information is consolidated across many locations and presented in a more holistic, intelligible, and actionable format.  The value to a malicious individual is further enhanced as moving forward the logic to direct an operator/dispatcher to make control decisions (e.g. close/open breakers) will be provided by the applications that analyze the data.

The knowledge differences are exacerbated by the fact that the number of vulnerabilities, and the information and tools available to exploit these vulnerabilities, is notably higher for conventional IT systems than it is for specialized energy devices (e.g., a Digital Fault Recorder). This makes the control center of utility companies and RTO/ISO companies a prime target for attackers looking to gain inside knowledge or to destroy information.

A compromised control center could result in an operator making key decisions based on erroneous information, with potentially catastrophic impact including equipment damage, outages, and ultimately loss of life.  Accordingly, it is imperative that Smart Grid security be constructed in a comprehensive/holistic manner.  While due diligence relating to SynchroPhasor security is important it is at least equally important to ensure that supporting information technology infrastructure supporting key IT assets such as the  RTDMS (Real Time Dynamics Monitoring System) are fully considered.

I slept better when an attacker needed substation equipment knowledge to be of concern…

0


Is ISO 27001 Right for (Y)our Organization?

iso-27001-webinar

Thinking about ISO 27001 Certification? View our free On-Demand ISO 27001 Webinar

  • How to deal with increasing threats
  • How to manage multiple regulatory requirements
  • How to handle client requests for attestation
  • To validate that significant changes did not have unanticipated results

Free Download: A Best Practices Guide to Database Security

database security roadmap

Because data is only as secure as the systems & processes it relies on – a holistic approach to data security is essential. This roadmap is not meant to be exhaustive but rather to stimulate the necessary thought process to put you on the path to good data security.

Download: Information Security Attestation Guide

Information Security GuideA Best-Practices Guide to Information Security Attestation

Download our proven Information Security Guide to simplify the process of protecting your data, proving you’re secure and growing your business.

Best Practices for Firing A Network Security Administrator

Firing A Network Security AdministratorWant to know how to fire a Network Admin? Need to know what precautions to take? Firing any employee can be a stressful event. Firing one who has significant knowledge of and privileged access to your Information Technology/Security infrastructure is even more stressful, as the risks are so notable.

Free Whitepaper: Stop Wasting Money on Penetration Testing

penetration-testing-whitepaper

Penetration Testing is most frequently performed to:

  • Substantiate the net effectiveness of a mature control environment
  • Prove to a third party that an environment is secure/trustworthy
  • Quickly assess the security of a less mature control environment (in a sense a technical risk assessment)
  • To validate that significant changes did not have unanticipated results

Free Download: ISO 27001 Vendor Selection Toolkit

“ISOOur ISO 27001 Toolkit will help you to select an ISO 27001 consulting firm.
  • Review the Issues Critical to Your Environment
  • "Vet" Vendor Qualifications
  • Compare the Top 3 Vendors
  • Sample RFP Included

Free Whitepaper: Five Best Practices for SIEM

siem-whitepaper

The promise of SIEM is the consolidation of all relevant Security Event Logs from disparate sources into a single unified and normalized data store.

Free Download: ISO 27001 Implementation Roadmap

ISO 27001 RoadmapHave no fear – our “roadmap” will guide you, step by step, through the entire ISO 27001 process.

Getting to ISO 27001 certification is a process made up of things you already know – and things you may already be doing!

About the Author:

John Verry (CISA, 27001 Certified Lead Auditor, CCSE, CRISC) is Pivot Point's resident "Security Sherpa". He is lucky enough to spend most of his day helping clients develop a road map to address security, compliance, and attestation requirements.

Add a Comment

13 Flares Twitter 4 Facebook 0 Google+ 1 Pin It Share 1 LinkedIn 6 Reddit 0 StumbleUpon 1 Email -- 13 Flares ×