Beyond Firewalls: Protecting the Grid from Cyber Attacks
November 9, 2012—
The power grid is a high-voltage target for America’s adversaries in this era of cyberwarfare. In partnership with Waterfall Security Solutions, Michigan Technological University’s Chee-Wooi Ten wants to better protect it so utility companies can fully engage in the information age.
At issue are electrical substations, which serve as intersections in the nation’s power system. Because they play such a key role in our infrastructure, substations could be attractive targets for cyberterrorists, extortionists, hacktivists and other n’er-do-wells. Thus, power companies remain reluctant to fully implement electronic control systems because they could compromise security.
“This is a controversial issue for most utilities,” said Ten, an assistant professor of electrical and computer engineering. “If the substation network is compromised, the grid will be vulnerable. If hackers know what they are doing, that could result in a major blackout.“
With perfect security, companies could use Internet Protocol, or IP, communications to manage electronic control systems, which would be faster and more efficient. However, IP has a disadvantage: hackers are notoriously resourceful at breaking into IP networks, even when they are protected by firewalls.
However, a new security product called a Unidirectional Security Gateway could put up an impermeable barrier between hackers and electrical substations, Ten says. Unlike conventional firewalls, which allow information to flow both ways, the Unidirectional Security Gateway is a one-way street, to deter hackers attempting to send illicit commands into a protected network.
Waterfall Security Solutions, the Israel-based company that markets Unidirectional Security Gateway, has given Ten a $24,000 donation plus hardware and software valued at more than $210,000 to develop a secure framework for electric substations. Waterfall is the leading provider of Unidirectional Security Gateways for industrial control networks and critical infrastructures. Its products are deployed in utilities and critical national infrastructures throughout North America, Europe, Asia and Israel.
Ten is working with government agencies, power companies and vendors that provide the products used to strengthen substations’ cybersecurity framework. By collaborating with all the stakeholders, he aims to transform the energy industry by improving efficiency, reliability and security, both in the power grid and cyberspace.
“No single vendor can do everything; it has to be synergistic,” he says. “I think this will be a transformative effort.”
Michigan Technological University (www.mtu.edu) is a leading public research university developing new technologies and preparing students to create the future for a prosperous and sustainable world. Michigan Tech offers more than 120 undergraduate and graduate degree programs in engineering; forest resources; computing; technology; business; economics; natural, physical and environmental sciences; arts; humanities; and social sciences.