Growing up on the East Coast, I have been through a number of major power outages that certainly affected my day-to-day activities, however, that was back in the 60’s and 70’s when I didn’t have electronic leashes. Now that I live on the West Coast, and have more systems and devices in my house than a small data center, power outages are very painful. In the United States alone, there were over 20 major power outages within the last decade. What if these outages became more frequent and lasted longer? What would that do to your routine and business climate?
Every day in North America approximately 3,300 electricity providers deliver juice to 147 million customers so they can live a normal 21st century life. And, over the course of a year these providers generate 4,100,000,000-megawatt hours of power for your house, your work, your electric car and your Apple devices. Astounding!
All that bulk power is used as it is generated on the grid, in real-time, in a power grid that is considered “the most complex machine in the world.” But really the North American grid is made up of four separate grids: The eastern and western interconnections, and of course Quebec and Texas each need their own (really?).
Generation, transmission and distribution systems make up this complex machine, and Industrial Control Systems (ICS) make it work. As I mentioned in my previous blog, ICS are highly vulnerable to cyber attack. In order to address cyber security in the NA power grid, two major efforts have been underway.
The first effort is the North American Electric Reliability Corporation (NERC), a not-for-profit international regulatory authority whose mission is to assure the reliability of the bulk power system in North America. NERC has created the Critical Infrastructure Protection (CIP) standards to define and audit cyber security requirements for power systems in the North American grid.
The second effort comes from the DoE, which has released the Roadmap to Achieve Energy Delivery Systems Cybersecurity. The report outlines a strategic framework over the next decade among industry, vendors, academia and government stakeholders to design, install, operate, and maintain a resilient energy delivery system capable of surviving a cyber incident while sustaining critical functions. This document specifies new protective measures to reduce risk such as:
- Scalable access control for all energy delivery system devices available
- Next-generation, interoperable, and upgradeable solutions for secure serial and routable communications between devices at all levels of energy delivery system networks implemented
- Self-configuring energy delivery system network architectures widely available
- Capabilities that enable security solutions to continue operation during a cyber attack available as upgrades and built-in to new security solutions
- Next-generation, interoperable, and upgradeable solutions for secure wireless communications between devices at all levels of energy delivery system networks implemented
The Tempered Network solution can meet the roadmap goals for Energy utilities today. Through cloaking, segmentation and orchestration we have the ability to meet and exceed these requirements.
Just helping to keep the lights on. Now I can get back to my home datacenter upgrade with quiet confidence!