Utility assets have traditionally been secured by proprietary communications links whose security depends on physical access control and operational obscurity. Yet renewables, especially those located behind the meter, are often connected via the public Internet.
In Part 1, we detailed the need for utilities to move beyond perimeter-based security approaches to ensure reliability and security in the future. For modern machine-based energy networks it makes more sense to employ an identity-based security strategy of trusting no one until authenticated. This approach is called a “Zero Trust Architecture” (ZTA), whose underlying meaning is not trusting anyone until they prove their identity.
5-Steps of Zero Trust
A Zero Trust Architecture (ZTA) aims to minimize the blast radius in the case of a cyber intrusion by implementing strict security measures. Traditional methods, such as network segmentation and multi-factor authentication, can be difficult to implement and may not provide complete protection.
To implement ZTA, the following five steps must be followed:
- Every entity (person, computing device, or software application) must have a provable identity.
- Every communication flow must be irrevocably tied to the entity that generated it.
- There must be an authority that defines a set of rules for who can communicate with whom.
- The rules must be securely delivered to all parties on the network.
- The rules must be checked and enforced at every possible node that handles that flow.
While modern computing and cryptographic algorithms address the first requirement of a provable identity, key generation and storage together with certificate distribution must be handled consistently and securely. In addition, the remaining steps of tying that identity to communications flows and enforcing a meaningful set of rules in a practical technology-based solution for industrial operational technology (OT) networks, remains a challenge. Most IT-developed approaches to ZTA fall short in addressing these challenges.
Zero Trust for Energy OT Networks
Operant uses a data-centric approach to encrypt, authenticate, and validate each and every data packet. This ensures comprehensive security for all data transmissions, regardless of network structure and addresses the five critical steps of Zero-Trust as illustrated in the below Diagram.
In the data-centric approach, every network entity has a lightweight transport agent that uniformly provides a communications architecture that enforces zero trust on each and every network packet. Instead of configuring complex and abstract systems, the customer can develop network identities and trust policies using the names and identities they are familiar with from their business context.
Example - Utility Control of Distributed Energy Resources
Utility communications protocols, such as Modbus and DNP3, have limited cybersecurity capabilities and rely on additional standards such as IEC 62351 to add security. This results in patchwork solutions that are difficult to administer and can never be extended to support DERs outside the utilities’ direct control.
Operant's data-centric solution simplifies the system and provides new capabilities for DER utility integration such as:
- End-to-end security over any channel, including the public internet.
- Integrated key distribution, including the ability to issue revocable keys with limited authority or time.
- Multiple stakeholder policies to be defined, each containing numerous trust rules, and securely distribute them to all entities.
As the number of connected devices deployed into energy networks grows exponentially, so does the volume and sophistication of targeted cyber-attacks. Hence, the only viable option is to adopt a Zero Trust Architecture. Network administrators should be aware that Zero Trust is not a one-size-fits-all solution, particularly when trying to blanket-deploy technologies developed for human-centric IT networks into machine-centric OT networks. Instead, it is far easier, more secure, and more cost efficient to source solutions, which have been developed, tested, and recommended specifically for OT use cases.