The electric power grid is critical infrastructure that is a vital resource for every business, government and individual. Constant, stable electrical power is a fundamental component of everyday life, the economy and national. The power industry, like all competitive industries, is under increasing pressure to provide information access throughout the enterprise, including the control systems. The enormous growth of process interconnectivity has given automation systems new means to share and distribute information, but with added functionality comes added risk. Maintaining the security and system integrity of data communications is extremely important, particularly for the crucial systems of the electric power grid. As a prominent connectivity standard, the OPC communications standard must also be considered as an integral part of the overall security setup. Implementing OPC security is key to ensuring that only the right people have the access they need to ensure the lights stay on for everyone.
The fact that a constant supply of electricity is vital to so many aspects of our daily lives raises the question ‘What if something happens to it.’ Incidents such as the 2003 Northeast Blackout that affected much of the northeastern United States and parts of Ontario and the Western European blackout in 2006, highlighted how vulnerable these systems can be and the consequences of system failure. The possibility of such occurrences put added weight to the importance of control system communications and OPC security.
This situation is further influenced by changes in the power industry. For example, in the United States, the unbundling of the power generation function from the power delivery and retail functions, plus deregulation of the power generation market have driven power plant owners and operators to reduce costs and improve operation efficiency, partly through the gathering of real-time production data. The need for better access to real-time data means there are more communication channels connecting the control systems to higher levels of the enterprise. Such connections provide corporate decision makes with critical real-time information that allows them to make better decisions during times of peak power demand, monitor plant capacity and ultimately maximize revenue.
Knowledge is Power
OPC is used extensively in industrial automation and the power industry. Standardized OPC communication provides many advantages and allows access to more data for more applications. However, this added knowledge can be a double edged sword. With added data access comes more risk. Since OPC allows open access to a host of proprietary protocols, it becomes a natural focus for security concerns. As with many interface standards or protocols used within the process industry, the classic OPC specifications do not mandate security. Instead these protocols rely on operating system-based security, such as Windows and DCOM security, which is no longer considered sufficient for current installations. Insecure OPC communications can be a serious liability to continuing safe and efficient operation of a power facility. How can the power industry gain the needed benefits of tighter system integration without leaving the critical infrastructure more vulnerable?
Turn up the Power
The good news is that is it is possible to ensure that OPC architectures are both open and secure. The electrical industry can have the power of standardization with the security of a solid implementation. While the base classic OPC specifications themselves do not mandate any security beyond that supplied by the Microsoft operation system, end users do have some choices when it comes to installing products with higher security features. Both the OPC Security 1.0 specification and the OPC Unified Architecture (OPC UA) specifications provide features that ensure only permitted users have access to the control system. As with any good IT security plan, the OPC communications would be one of multiple layers of protection types or a ‘defense in depth’ approach. In the event one part of the system is compromised, the rest remains secure. These layers might include physical systems, firewalls, intrusion detection systems and business- to-process layer controls. OPC-specific security measures include OPC architecture security, DCOM configuration and security-aware OPC products. For OPC UA architectures, the specification’s inherent application and transport security measures and certificate handling would build on existing OPC security implementations.
Keeping the Lights On
The OPC Security 1.0 specification that applies to classic OPC installations uses the Windows operating system security, so it integrates easily with existing IT security frameworks. It also supports logins from other non-Windows security systems. Users can then provide per-user-per-tag level security on options such as browsing controls, designation of read-only items and restriction of the ability to add new items. The OPC UA specifications are designed for service based architectures which offer a wide array of configuration options such as what cryptography algorithms are used. In order to ensure plug-and-play interoperability with OPC UA products, yet still offer some flexibility, OPC UA defines several security options from which to choose. An OPC UA client looking to connect to a server can negotiate which security option to use, and there is a default 128-bit cryptography connection method that every OPC UA product must implement. These security options not only raise the bar on security for OPC UA applications, but can be layered onto classic OPC architectures that have implemented OPC security.
Clearly the goal of maintaining and enhancing power system reliability has driven increased security requirements. In some countries these are being formalized as regulatory requirements in the form of wide-ranging cybersecurity specifications. Products that implement the OPC security specifications will play a major role in securing the communication systems and helping to keep the lights on.