There is still a lack of cyber resiliency of the electric grid

Feb. 28, 2018

October 10, 2016, I wrote a blog: “The NERC CIPs continue to expose the grid to significant cyber vulnerabilities even after the Ukrainian hack” This was because NERC, DOE, and DHS had effectively ignored the 2015 attack as it was against the distribution system. Ironically, two months later, the second Ukrainian cyberattack was against the transmission system. In both cases, the attack was step 1 of the 2 steps of Aurora. Enclosed are examples of what is not happening.

October 10, 2016, I wrote a blog: “The NERC CIPs continue to expose the grid to significant cyber vulnerabilities even after the Ukrainian hack” - https://www.controlglobal.com/blogs/unfettered/the-nerc-cips-continue-to-expose-the-grid-to-significant-cyber-vulnerabilities-even-after-the-ukrainian-hack/. This was because NERC, DOE, and DHS had effectively ignored the 2015 attack as it was against the distribution system. Ironically, two months later, the second Ukrainian cyberattack was against the transmission system. In both cases, the attack was step 1 of the 2 steps of Aurora. So what has happened in the interim to make the grid more cyber resilient?

- There is still no security in any Purdue Reference Model Level 0,1 device (process sensors, actuators, or drives). These devices are out-of-scope for NERC CIP. ISA99 has initiated a working group to address this issue, yet there is almost no electric utility participation in this effort. Iran is aware of this deficiency.

- There is a lack of monitoring of these devices before they become Ethernet packets to determine if the input to the ICS/SCADA network and associated network monitoring is uncompromised AND correct.

-  Utilities are still not adequately addressing Aurora despite the Aurora information having been declassified. At the 2016 ICS Cyber Security Conference, a demonstration was given of hacking an Aurora hardware mitigation device (SEL751A) and effectively turning into an Aurora initiation device.

-  A utility lost all relay communications to almost 400 high voltage relays and SCADA was not aware of the loss of relay communications.

Where is the cyber resiliency of the electric grid?

Joe Weiss

Sponsored Recommendations

Make Effortless HMI and PLC Modifications from Anywhere

The tiny EZminiWiFi is a godsend for the plant maintenance engineers who need to make a minor modification to the HMI program or, for that matter, the PLC program. It's very easy...

The Benefits of Using American-Made Automation Products

Discover the benefits of American-made automation products, including stable pricing, faster delivery, and innovative features tailored to real-world applications. With superior...

50 Years of Automation Innovation and What to Expect Next

Over the past 50 years, the automation technology landscape has changed dramatically, but many of the underlying industry needs remain unchanged. To learn more about what’s changed...

Manufacturing Marvels Highlights Why EZAutomation Is a Force to Be Reckoned With

Watch EZAutomation's recent feature on the popular FOX Network series "Manufacturing Marvels" and discover what makes them a force to be reckoned with in industrial automation...