Tightening the Net
Co-ops innovate to secure members’ digital data
Amidst continuing cyber threats from crafty computer hackers, electric cooperatives are mounting sturdy defenses to safeguard members’ digital data and ensure reliable power delivery.
Utilities are bulking up cyber security with tools from the Cooperative Research Network (CRN), the research arm of the Arlington, Va.-based National Rural Electric Cooperative Association (NRECA). CRN’s Guide to Developing a Risk Mitigation and Cyber Security Plan and supporting documents, released in 2011 with funding support from the U.S. Department of Energy (DOE), helps utilities of all types develop a process to shore up cyber defenses.
Three innovations promise to advance cyber security efforts: pattern recognition software, an update of CRN’s revolutionary Guide, and securing data.
Cyber Cooperation
Most home and business computer networks use a firewall— a virtual barrier or hardware—to protect linked computers from hackers, viruses, and other virtual invaders. Utilities use firewalls to secure systems, too. But sophisticated cyber threats make firewalls an aging technology.
“Firewalls are less able to provide the level of security we require,” shares CRN Program Manager Maurice Martin. “We want to make sure that our co-ops have the tools they need to work securely.”
To meet the challenge, CRN’s developing a way to replace firewalls with a security tool that monitors computer network traffic. The system memorizes the normal pattern of operation. When the system detects an abnormal pattern (a possible intrusion), it sounds an alarm.
A DOE grant of $3.6 million, with an additional $1.1 million from CRN and partner Honeywell Corp., funds the research. Allies such as Pacific Northwest National Laboratories, Carnegie Mellon University, and Cigital Inc. will work with CRN to develop the cyber security tool.
“We’ll combine high-level functionality with an easy-to-use platform,” predicts Craig Miller, chief scientist at CRN. “The system will simplify cyber security management for small utilities with limited resources.”
Evolving Guidance
CRN’s Guide to Developing a Risk Mitigation and Cyber Security Plan and accompanying template help utilities of all sizes craft a cyber-security plan. The cooperatively-developed resources, free for any utility, have been downloaded more than 8,000 times. Large and small utilities across America and in countries as far away as India and Italy use the Guide.
“The content and ideas were important to share,” explains Martin. The Guide and tools were developed as part of a $68 million DOE smart grid grant three years ago.
But responding to emerging cyber threats is not a one-time effort. It requires constant education, awareness, and vigilance. New resources—products, services, and educational tools—are on the way. Expected early this year, an updated Guide will work in harmony with new cyber security initiatives from the DOE.
Securing Data
Threats to security—online and to the power grid—are real. Hackers take pride in undermining computer systems and finding a system’s Achilles’ heel. But thanks to innovative cloud computing, utilities are discovering ways to work together to strengthen co-op security and upgrade IT architecture.
“NRECA turned to the Science Applications International Corp. (SAIC) for its solid understanding of the smart grid marketplace and how new technologies can be used to benefit the consumer member at the end of the line,” explains Martin.
That project aims to shore up technologies that capture, store, and secure data and information. Once completed, this work will benefit both co-ops and their members. SAIC is producing a series of reports to help utilities fully implement the smart grid. The reports will evaluate IT developments (cloud computing, new types of databases, and more) with an eye toward how such developments can support the co-ops and even solve their needs. The goal? SAIC will map out an “IT architecture” to explain how the tools fit together to maximize reliability, customer service, and cyber security.
All utilities are vulnerable to digital invasions. But a continually evolving set of cyber security resources and innovations should help keep co-ops and their members a step ahead of the “bad guys.”
Sources: Cooperative Research Network
B. Denise Hawkins writes on consumer and cooperative affairs for the National Rural Electric Cooperative Association, the Arlington, Va.-based service arm of the nation’s 900-plus consumer-owned, not-for-profit electric cooperatives. Megan McKoy-Noe contributed to this article.