3 Cybersecurity Steps to Reduce Threats to your Electrical System

 3 Cybersecurity Steps to Reduce Threats to your Electrical System

When anyone mentions cybersecurity, you may automatically think they are referring to IT systems. That is because protecting IT networks – and their associated personal, financial, and other proprietary data – has been the responsibility of IT professionals for an exceptionally long time. But what about your operational technology (OT) infrastructures? Are they also at risk from cyberattacks? How can you protect them? In this post, we’ll discuss these questions, and three specific recommendations for protecting your electrical systems.

The electricity subsector cybersecurity Risk Management Process (RMP) guideline was developed by the Department of Energy (DOE), in collaboration with the National Institute of Standards and Technology (NIST) and the North American Electric Reliability Corporation (NERC).

OT Cyberattacks: An Increasing Threat

The Ponemon Institute emphatically states that, “Cyberattacks are relentless and continuous against OT environments.” In a survey of over 700 organizations from six countries they found that 50 percent had experienced a cyberattack against their OT infrastructure within the last two years that resulted in downtime. For large and critical operations, this can be devastating.

All you need to do is follow the news to see frequent examples of such attacks. For example, in early 2021, the fast action of a technician narrowly avoided the risk of thousands of people being poisoned due to a hacker gaining access to a Florida city’s water treatment plant. Going back a few years, a breach that came through the HVAC system caused international retailer Target to have 40 million credit and debit card accounts compromised, costing them $290 million.

 

The latter example is just one of many that show why building systems are now widely recognized as OT attack targets. The evolution toward smarter buildings is causing an explosion in the numbers of connected devices – already an estimated 200+ million in commercial buildings alone. With more devices comes more data that needs to be protected, but for facility and business management teams to extract the maximum value, data must be aggregated and shared across OT and IT systems.

This OT/IT interconnection means that a cyberattack on an OT system can:

·        Compromise operational safety or the health of building occupants

·        Impact productivity by taking down production lines or other equipment and processes; more about the relationship between Cybersecurity and Productivity.

·        Ultimately cause an IT threat by passing malware or a virus from the OT to IT infrastructure

The Attack Surface is Now Larger

Essentially, connected OT infrastructures have increased the ‘attack surface’ for hackers and, in many cases, have acted as an organization’s Achilles heel. Clearly, it is not enough anymore to focus attention only on protecting IT and data systems integrity. All organizations must ensure strong OT cybersecurity is in place.

But what OT systems are we talking about? Depending on your type of operation, these can include industrial automation systems (e.g. SCADA) and smart building systems like a building management system (BMS), building security, lighting systems, and the energy and power management system (EPMS) overseeing your facility’s electrical distribution. Navigant Research notes, “Cybersecurity issues are expected to grow in tandem with the digital transformation of real estate through intelligent building technologies.”

In this post, we will consider cybersecurity specifically for your EPMS and electrical distribution system. However, these recommendations and practices equally apply to other OT systems.

Connected Power Means Greater Vulnerability

Energy and power management systems are helping organizations boost efficiency and sustainability, optimize operating costs, maximize uptime, and get better performance and longevity from electrical assets. When combined with BMS, an EPMS can also help make the work environment healthier and more productive for occupants.

Enabling these EPMS benefits is a connected network of smart metering, analysis, control, and protection devices that share data continuously with onsite and/or cloud-based EPMS applications. The application provides extensive monitoring and analytics while providing mobile access to data and alerts to all facility stakeholders. Connection to the cloud also opens the door to expert power and asset advisory support that can augment a facility’s onsite team with 24/7 monitoring, predictive maintenance, energy management, and other services.

All these onsite, cloud, and mobile connections offer a potential target and entry for hackers so you can read our facility managers guide to building systems and cybersecurity.

 

Securing Your Electrical System: A Holistic Approach

A hacker only needs to find one ‘hole’ in one system, at one point of time, to be successful. What you need is a holistic approach to ensure that all potential vulnerabilities are secured. For new buildings, cybersecurity best practices should be a part of the design of all OT systems. For existing buildings, cybersecurity should be addressed when OT systems are starting to be digitized. For both scenarios, the following are three key considerations:

1. Seek Specialized, Expert Assistance

The priorities for IT systems are confidentiality, integrity, and availability. For OT, the top priorities are safety, resilience, and confidentiality. This means that OT security upgrades or problems need to be addressed in a different way from IT, with careful planning and procedures. For these reasons, you need to choose a cybersecurity partner who has proper OT experience, to help you comply with all relevant cybersecurity standards and best practices.

OT systems also use different communication protocols compared to IT systems, such as BACNet, Modbus, etc. If you had your IT team attempt to perform OT security system scans, those scanning tools might cause serious conflicts, risking an OT system shutdown.

Cyberthreats are also constantly evolving, so you should seek a partner who offers ongoing OT monitoring services, updates, system maintenance, and incident response. All of these should be available remotely.

2. Put the Right Controls in Place

An OT cybersecurity specialist will help audit your EPMS and electrical systems to assess the current vulnerabilities and risks, including the gaps in any procedures and protocols.

You and the specialist must determine how secure your electrical system needs to be. The IEC 62443 standard helps protect IoT-enabled OT systems by defining seven foundational requirements (e.g. access control, use control, availability, response, etc.), each of which are designated a security level. Increased security levels offer greater protection against more sophisticated attacks. Your cybersecurity partner will help you determine the level of security you need for each requirement.

An example of one technique for securing networked systems is to break up systems into ‘zones,’ with each secured individually. OT will be separated from IT, and within OT there may be further segregation. A special ‘demilitarized’ zone is typically included, which is a perimeter subnetwork that sits between the public and private networks for an added layer of security. This makes it harder for hackers to find a way in from one system or zone to another. Where required, connections between networks are provided by specially secured data ‘conduits.’

Your electrical system should also be physically secured, with no access by unauthorized personnel. This same strategy applies to EPMS communications network security by means of controlled, multi-tiered permission-based access.

3. Train your Staff

Many cyberattacks are successful because employees have caused unintended errors. It is important that your people become aware of, and vigilant against, cyberthreats. This includes giving your operations team specialized OT cybersecurity training.

This training will typically include multiple steps, including training all individuals to spot social engineering cues, such as phishing attempts or attempts to access protected areas using pretexting (i.e. someone pretending to be a vendor to gain access). This will also include establishing protocols around the use of passwords, multi-factor authorization, policies around WiFi access (e.g., guest network that remains isolated from OT networks), regular auditing of user accounts and permissions, etc.

While the horizontal cybersecurity framework provides a solid basis, specific characteristics of the energy sector such as the need for fast reaction, risks of cascading effects and the need to combine new digital technology with older technologies necessitate specific legislation.

Thanks to Felix Ramos & Khaled Fakhuri to write this article.

System Integrators Start with IIoT

System Integrators Start with IIoT Now 

“Companies whose investment processes demand quantification of market sizes and financial returns before they can enter a market get paralyzed or make serious mistakes when faced with disruptive technologies” Clayton M Christensen – The Innovator’s Dilemma. The excerpt above sums up what I believe may be happening in the system integration space with regards Industrial IoT (IIoT) implementation and will be the subject that I seek to address in this post.

An IoT system integrator is a qualified business that offers companies consulting services, training and solutions to setup and maintain all aspects of IoT (Internet of Things), from hardware to software. There are a lot of system integrators who are IIoT savvy, but most are filled with skepticism and they still see it as a hype. So they eagerly wait on the side-lines for the wave to pass or to adopt the technology next year or the year after when the hype has died down. Another reason could be that they do not yet fully comprehend the opportunities afforded by IIoT. Whatever reason they may have for dragging their feet, the reality is that those who fail to act quickly will be forced to share the plant floor with new competition.

But here is the kicker, there is a new breed of integrators crossing over from the commercial sector. The ones that specialise in smart devices. They are willing and ready to move into manufacturing and industry in general. However, automation systems integrators are well positioned to fill the gap now more than ever, because in most businesses the acquisitions of IoT solutions has shifted from being handled by the IT department to operations. And due to an existing relationship between operations and system integrators they happen to speak the same language and it will therefore be easy for systems integrators to liaise with IIoT vendors and quickly step in to fill the void. Consequently, with investment in the knowledge of embedded systems, wireless applications, front-end and back-end solutions they can provide an entire chain on IIoT and in turn offer efficient systems to the user. Creating a win win situation.

Nowadays, almost all automation devices are being shipped IP and cloud ready. The challenge though, as i have personally experienced, is that IIoT vendors are still emphasising on locking in market share. Making it difficult to aggregate all the information from different sensors and devices onto a single platform as opposed to using separate cloud components for each device or sensor. But then again this also presents itself as an opportunity for the IIoT savvy system integrator to act as a differentiator by providing solutions that make it easy to move data between systems, unlocking all the value for their customers.

The idea is simple. The data that is already being used within automation systems for operation happens to contain a wealth of useful information for running the business more effectively in areas such as energy consumption, asset utilisation, supply chain management and predictive maintenance to name a few. Its not just connecting to the PLC and exchanging data, its something more. Its about the system integrators getting involved as the needed experts on big data, connectivity and cloud computing etc. Because no one, not even the vendors have as much knowledge as system integrators on the businesses these IIoT systems are being sold to.

A master systems integrator provides a single (core) user interface to monitor and manage every aspect of a facility. This gives owners a competitive edge in today's sophisticated market. Master systems integrators also install and manage the systems that make your building run.

In conclusion, Its only a matter of time before non-automation companies come down into the manufacturing space and I envisage it getting a little bit crowded. What action can be taken? System integrators need to start building their skills in applying these technologies and incorporating fresh ideas.

ASi-5 – high data bandwidth for demanding applications

Machine data, process data and diagnostic data - today, machines and systems generate huge amounts of data. But only a fraction of this data necessarily belongs in the higher-level PLC. In order to successfully implement Industry 4.0 projects, the majority of the data needs to be processed and analyzed in IT. Coordinated interaction is only possible when all devices in the cyber-physical system communicate with each other.

 

A powerful data shuttle such as ASi-5 is needed. The new ASi generation offers a high data bandwidth and short cycle times. This makes it easy to integrate the smart sensors like IO-Link that are so important for Industry 4.0.

 

Our modern ASi-5/ASi-3 gateways also play an important role. They have two independent interfaces - for OPC UA and a fieldbus - which allow the respective data to be transferred directly to IT or the control. The gateways also act as a link between field devices and higher-level IT systems, collecting valuable diagnostic data that usefully supplements the device data from the field.

 

Since more connectivity increases cyber risks, we rely on encrypted communication and authentication. Thanks to field update capability, the ASi-5/ASi-3 gateways also meet future security requirements.

DDC in BMS System

 DDC or Direct Digital Controller in BMS System

What is DDC ?

To understand the DDC, we need to know a little bit of history about what was the things before the DDC invention and why it was invented? So that we can have a broader view of the primary purpose of DDCs.

The Programmable Logic Controller or PLC used to control and monitor the Process mainly in the industry like automobile and other manufacturing factories.

Richard Morley invented PLC in 1968 to fulfil the primary needs of control and protect the production capacity of machines and manufacturing lines in the industry, and this PLC used initially was in the area of transfer lines in automotive plants.

Due to these PLC or Programmable logic controllers were designed and invented mainly for controlling and monitoring or automating the productions in the industry.

But when it comes to buildings, this PLC cannot fulfil the exact needs in terms of tenants comfort, environmentally green or can say effective management system for buildings. And still, we can use PLC for Building automation whereas it will be an excessive investment and different performance.

So here DDC or direct digital controller invented in order the process and automated the building equipment needs almost which PLC can do with minimal investment from installation to engineering.

What is the Main Difference between PLC and DDC?

What is DDC or Direct Digital Controller?

In a nutshell, DDC is a controller which use the analogue or digital signals from various devices of a field sensor and actuators and then process and control the system based on the programme written inside the controllers and has the capability to sends the information to another controller or DDC.

Basic Features of DDC

·       DDC or Direct digital controller usually has the followings features

·       The Analogue Inputs is to monitors the fields sensors values.

·       Digital Inputs to monitors the on/off status from switches/contactors.

·       The analogue output is to control the field actuators devices.
Digital Output is to control relay or provide low voltages.

·       DDC must have internal ROM/RAM to store control logic and sensor values.

·       It must have networking protocols inbuilt to transfer the data between the devices.

·       Modern DDC controller should have the capability to implement BACnet protocols for communication.

Note that there are various DDC controllers available in the market from the different manufacturer and those DDCs are available with a variety of function and features based on the specific needs like controller has all inputs/outputs like Analog inputs, Digital input, analogue output and digital output and some controller has only digital/analogue inputs.

Let us see below DDC Controller

·       Eleven 10-bit universal inputs whereas we connect either analogue input or digital input using a jumper select, eight binary outputs, and eight analogue outputs.

·       Terminal 23,24 used to connect other DDC controller to communicate between devices through BACnet over MSTP.

·       It has non-volatile memory used to store program and work independently.

·       It has the 24vdc used to give power for field devices.

Now Let us see how DDC used to control the BMS System,

Consider the followings scenario which we need to control and monitor through above DDC.

Let us say in Building, we need to control Pump control and control filling sequence through DDC whereas we have 2 Booster pumpS, one is for filling the water tank and other is to pump the water to buildings purpose to tenants like toilet etc.

This two-pump motor is controlled through the pump control panel by manually and it should work automatically based on the following sequence 

·       Pump-1 should run if the water level below the high level and stops once above the high level.

·       Pump-2 should run if the pressure on the supply line lesser than the defines let us say 2.5bar.

·       Pump-2 Should not run if water lesser than the lower level switch even pressure lesser than defined.

So based on the above sequence we will have following parameters to monitor and control

·       Booster pump-1 Run status from control panel-Binary Input

·       Booster pump-1 Run command from control panel-Binary output

·       Booster pump-2 Run status from control panel-Binary Input

·       Booster pump-2 Run command from control panel-Binary output

·       Water Low-Level status-Binary Input

·       Water High-Level status-Binary input

·       Liquid pressure on supply line-Analog Input

Let us connect the above points in DDC Controllers as follows

BP-1 Run sts- IN-1

BP-2 Run sts- IN-2

Low-Level Sts- IN-3

High-Level Sts-IN-4

Liquid Pressure-IN-5

BP-1 Run Command-BO-0

Bp-2 Run Command-BO-1

 

Logic will be as follows to execute the above sequence

 

If IN4==1        ##(means lesser than high-level status)

then

BP1=1             ##(On Pump)

else                 ##(means above than high-level status)    

BP1=0             ##(Off-Pump)

endif

 

If (IN5<2.5 and IN4==1)    ##( if pressure lesser than 2.5bar and water above the low-level sts)

then BP2=1     ##(on Pump)

else

BP2=0             ##(Off-Pump)

endif

 

Note that this program may change for each vendor controllers.

Not only this small sequence but also DDC can execute complex and critical sequence in BMS System for HVAC.