Efficient Plant February 2018 - 32
BACKUP AND RECOVERY
Any system, no matter how many precautions are taken, can be compromised, be it
through cyber attacks or natural disasters. Automated substations are no exception.
CONNECTED AUTOMATION SYSTEMS are making utilities and
industry more efficient, more productive, and more economic, but they are
also introducing new challenges to those organizations. In a recent online
article, Frank Hohlbaum of ABB (Cary, NC, new.abb.com), suggested several questions that substation managers should ask themselves regarding their
cybersecurity policies. He also touched on ways to address any problems
that might surface in their responses. Hohlbaum's questions and advice for
dealing with various issues associated with them are summed up here.
- Jane Alexander, Managing Editor
Frank Hohlbaum is a product manager for cybersecurity
within ABB's (Cary, NC) Substation Automation business. Learn more about the
issues and network-management solutions discussed in this article at
Q: Does the substation operation have a recent backup of its
automation system? If the worst does happen, and cyber attack or natural disaster strikes, then the security of an off-site
backup will make recovery much easier.
Q: Is the substation's automation system protected
against malware? These systems can be equipped with industry-standard malware- and intrusion-protection solutions
such as anti-virus protection and application whitelisting.
Q: Is the network's firewall configured properly? Firewalls
can protect the perimeter of a network, and a well-designed
security policy will separate the network into distinct, controlled zones, protected by internal firewalls to ensure that a
compromised server doesn't mean compromising
the entire network.
SECURITY UPDATES & HARDENING
Q: Is the substation's automation system up to date? It's not
just the anti-virus software that needs updating. Modern
operating systems and embedded software often need to be
patched to defend against emerging threats. Efficient patch
management is an essential part of any security policy, but
one that's often neglected.
SECURITY ASSESSMENT & MONITORING
Q: Who is regularly assessing and monitoring the substation's
automation system? Assessment and monitoring services for
system software, system hardware, and communication networks are fundamental in order to keep these types of systems
Hohlbaum concluded by noting that any system can be
compromised. For best results and a consistent security level,
components, such as patch management and virus protection,
should be applied and regularly updated. Cybersecurity will
always be a challenge on a global scale. No single solution can
keep increasingly interconnected systems secure. Leading companies work with sites to create a defense-in-depth approach
where multiple security layers detect and deter threats-if,
where, and when they may arise. EP