Burns & McDonnell

Risk Profiles Emerge as LTE Devices Go in on Utility Networks

Written by Brian Rutherford | September 3, 2020

By now, nearly every utility is investing in grid modernization. The forces driving these upgrades are well-known — ranging from distributed generation and renewable energy sources to smart chargers for electric vehicles, not to mention demand for improved safety and reliability.

For utilities to properly monitor and control their increasingly sophisticated distribution networks, additional investments are required in secure telecommunications infrastructure. This is resulting in a massive and rapid build-out of endpoint devices providing wireless communication links back to the utility’s network.

Long-term evolution (LTE) technologies provide broadband, wide coverage and low-latency wireless solutions. This enables new levels of flexible, expeditious deployment over a utility’s operating region. Now, with the addition of private LTE (PLTE) networks, utilities can gain increased control, cost certainty and better wireless communication link security.

Utility network security is paramount. Utilities are operating complex networks using solutions such as internet protocol security (IPSec) and virtual private networks (VPNs) to enforce rules and maintain security. This demand for security pairs nicely with PLTE. The wireless link of an LTE system is one of the most secure wireless links available. The data transmitted on these radios is encrypted and that — along with robust firewalls and physical and network security — may have been sufficient in the past. Unfortunately, the encryption only applies to the communications link, not the physical device. The devices themselves are still vulnerable.

A growing risk facing utilities are the new cybersecurity threats arising from the hundreds of thousands of devices that will be installed at the far reaches of their system, not in control buildings behind locked doors or within substations protected by locked gates and tall fences. These radios are easily accessible and vulnerable to tampering by persons ranging from bad actors who truly wish to disrupt power systems to curious individuals who may just want to know if it is possible to “hack” into a utility system.

Without devices secured at the fundamental component level, networks are vulnerable. For example, networks are unable to detect when a bad actor momentarily powers down a device, removes a few screws and internally adds malicious components before powering the device back up. All this can be accomplished without touching the SIM card or moving the device more than a few feet. At that point, the network is immediately compromised.

Modern devices are small and lightweight, providing nearly unlimited installation flexibility. Tens of thousands have already been installed on poles and other utility equipment, and the number will undoubtedly swell into the millions as grid modernization programs gain momentum. Each of these new vulnerable devices provides opportunity for compromise.

The solution is for the industry to begin collaborating with vendor partners so that all new devices employ secure-boot with functionality that attests it is a trusted resource — in other words, not tampered with — before it links to the network. This secure boot, enabled by components such as trusted platform modules, is the core element of trusted devices.

The process would begin when the device begins to power up, proceeding through a verification protocol that confirms all operating components are uncompromised. When the boot process is complete, the device powers on completely and connects with the network automatically. If the device has been compromised at any time, whether en route from the factory or even after installation, it would simply power off, thus sending a signal to control system operators that the device is not functioning correctly and needs to be checked.

This secure-boot functionality enables other related and equally important priorities, including more efficient processes and better quality control. The basic challenge for nearly every utility is the overwhelming demand for new devices on the network. The task of device deployment at the rate required can be overwhelming. Improved processes are essential for faster deployment to the field and better transparency into how the network is performing, while also mitigating all-important and newly emerging cyber risks.

Calls for industry action over threats that may not have yet materialized are easy to ignore. But the threats to device security are real and the steps toward mitigation are relatively easy. It simply takes a concerted collaborative effort by the industry’s three primary stakeholders — regulators, utilities and original equipment manufacturers — to work together under a consistent set of agreed-upon principles to address this challenge.

 

Utilities have recently gained access to portions of the radio spectrum that will improve grid controls.