Energy

Energy is a dynamic sector, enriched with new services, new infrastructures, new business challenges.
Provided its sensitive impact on the economy, that industry deserves special care,
with respect to security, and requires support for accompagnying its transformation.

Implementing a modern gris requires to understand the possible attacks and the possible defense in that special context. Let’s see what are the actors and material that Trusted Labs can help securing.

Energy grid transformation

That energy field is facing those days some interesting challenges. Increased energy demand, unpredictable generation from renewable sources, volatile energy costs, distributed energy generation, electric vehicles and environmental concerns are coming together to change the nature of the energy grid. The introduction of the internet of things is having an impact on how energy companies wish to monitor and also manage energy demand and supply.

 

The energy industry has taken this opportunity, to upgrade their ideal infrastructure and is getting connected. Within this context, we are seeing smart metering infrastructures being deployed on a much larger scale. “The 10 largest national deployments worldwide are expected to add 500 million new smart meters by 2020, approximately tripling the 2012 global installed base, and the locus of growth shifting from North America to Europe, then Latin America and Asia” (in Accenture report).

 

In addition to smart meters, there are a number of additional application that do enable monitoring, billing and delivery of energy towards plants, public infrastructure and citizen house. The safety of this infrastructure is required for a stable economy.

The grid features

Smart grid target is reliability, survivability and responsiveness of the grid. Thus, smart grid infrastructure provides billing and metering applications, plus essential information about the health and status of the grid. This is a way to answer to current challenges, optimize local grid efficiency, predict power outages before they occur and rapidly restore service. In the end, it improves energy efficiency by continuously adapting production and consumption, improving the traditional functions of demand/response.

 

And it optimize costs and improve service by enabling a better system of maintenance; assets are monitored more thoroughly and the infrastructure is also upgradable. Depending on the features set, the smart meter may also notify the utility of a power outage or allow the utility to remotely switch energy services on or off. Last but not least, the end-user can monitor their consumption more precisely. But how to move towards this ideal grid while maintaining safety?

The grid and the possible attacks

The energy industry used to work in closed loop, with a legacy of minimum-security protocols, software architectures and has the obligation of being “always on”. These constraints should be taken into account while going toward modern grid. As a reminder, energy grids connectivity implies two categories of risks: i) Threats to the critical infrastructures, with safety implications for the public and ii) Privacy concerns for end-users. The numerous devices and sensors, connected and interacting can be submitted to attacks from various threat agents such as: corporations, cybercriminals, employees, hacktivists, nation states, natural disasters, terrorists and cyber fighters.

 

Attacks themselves can be of various forms, depending on the capabilities and objectives of the entity attacker, some of them are:

 

Exploitation of design and implementation flaws that could be separated in two subcategories :

  • Denial of services attack, which would aim to remotely reduce or remove functionality of the smart meter: examples include disabling remote data collection, cut power distribution.
  • Remote code execution, giving the attacker partial or total control of the meter. Leveraging manufacturer debug or configuration interfaces to gain remote or local control of the meter. Physical attacks on the meter that would allow access to the device firmware and stored data through analysis of nonvolatile memory components. Retrieval of firmware through debug interfaces or non-volatile storage that would lead to manufacturer IP compromising, and facilitate the vulnerability research leading to exploitation of implementation flaws. Advanced side channel techniques (fault injection, EM/power analysis), aiming to retrieve security material or unlock restricted access.

Leveraging manufacturer debug or configuration interfaces to gain remote or local control of the meter.

 

Physical attacks on the meter that would allow access to the device firmware and stored data through analysis of nonvolatile memory components.

 

Retrieval of firmware through debug interfaces or non-volatile storage that would lead to manufacturer IP compromising, and facilitate the vulnerability research leading to exploitation of implementation flaws.

 

Advanced side channel techniques (fault injection, EM/power analysis), aiming to retrieve security material or unlock restricted access.

Securing a smart grid

To address those issues, utilities and device manufacturers need to work together and build security by design, at the very start of every connected solution project. Trusted labs has helped various utilities and device manufacturers to build secure connected solutions. Based on our know-how, the approach we recommend is to include security actions at each step of the project, design, deployment, in the field.

 

Let’s see why and how :

 

In order to mitigate these risk, it is important to integrate security from the beginning of a development or project, in order to integrate security functionalities that counter software/hardware attacks.

 

The system should be secure by design, rather than added as an afterthought. It is also critical to monitor on a regular basis security risks and new vulnerabilities that systems over time become exposed to and adapt security accordingly. If a solution is already implemented by the customer, we can evaluate the security risk the solution or architecture is exposed to. Trusted Labs has been working with different customer profiles such as (Transmission System operators (TSO), Distribution System operators (DSO), Programmable Logic Controller (PLC) or meter manufacturer).

 

Trusted Labs’ goal is to offer a turnkey solution for its customers to help them manage the security of their smart energy products from the design phase to the implementation.

 

Trusted Labs offers risk analysis of the device environment by establishing with the developer a list of assets to be protected, threats related to its usage, and security functions that are needed to ensure a secure operation.

 

This risk analysis is the input of the second step of the collaboration: security recommendations adapted to the product are issued by Trusted Labs to ensure that the threats identified are properly covered. This document is used by the customer development team as a checklist through project progress.

 

At the end of the development phase, Trusted Labs performs a security penetration testing of the device, in relation with the security guidelines, to ensure that the recommendations have all been implemented and the security of the product complies to its documentation.

Certification and audit

In this sensitive case of energy, working on security is important, but being able to certify the level of trust is a must. Trusted Labs can perform security evaluations to address many of the aspects of smart grid security: from site security audits to code review, including hands-on penetration testing of components such as PLCs or smart meters. We have a long experience in accompanying national agencies or industry groups to create certification schemes, including:

Execution of dozens of security evaluations under the CSPN scheme.

 

Collaborative work on application notes for certification scheme application on smart metering products.