Advice for Automated Substations
Jane Alexander | February 16, 2018
Connected automation systems are making utilities and industry more efficient, more productive, and more economic, but they are also introducing new challenges to those organizations. In a recent online article, Frank Hohlbaum of ABB (Cary, NC, new.abb.com), suggested several questions that substation managers should ask themselves regarding their cybersecurity policies. He also touched on ways to address any problems that might surface in their responses. Hohlbaum’s questions and advice for dealing with various issues associated with them are summed up here.
BACKUP AND RECOVERY
Q: Does the substation operation have a recent backup of its automation system? If the worst does happen, and cyber attack or natural disaster strikes, then the security of an off-site backup will make recovery much easier.
Q: Is the substation’s automation system protected against malware? These systems can be equipped with industry-standard malware- and intrusion-protection solutions such as anti-virus protection and application whitelisting.
Q: Is the network’s firewall configured properly? Firewalls can protect the perimeter of a network, and a well-designed security policy will separate the network into distinct, controlled zones, protected by internal firewalls to ensure that a compromised server doesn’t mean compromising the entire network.
SECURITY UPDATES & HARDENING
Q: Is the substation’s automation system up to date? It’s not just the anti-virus software that needs updating. Modern operating systems and embedded software often need to be patched to defend against emerging threats. Efficient patch management is an essential part of any security policy, but one that’s often neglected.
SECURITY ASSESSMENT & MONITORING
Q: Who is regularly assessing and monitoring the substation’s automation system? Assessment and monitoring services for system software, system hardware, and communication networks are fundamental in order to keep these types of systems
Hohlbaum concluded by noting that any system can be compromised. For best results and a consistent security level, components, such as patch management and virus protection, should be applied and regularly updated. Cybersecurity will always be a challenge on a global scale. No single solution can keep increasingly interconnected systems secure. Leading companies work with sites to create a defense-in-depth approach where multiple security layers detect and deter threats—if, where, and when they may arise. EP
Frank Hohlbaum is a product manager for cybersecurity within ABB’s (Cary, NC) Substation Automation business. Learn more about the issues and network-management solutions discussed in this article here.