Countering industrial cyberthreats with secure, standards-based, licensed wireless networks

Over the past few years, cyber threats aimed at a number of critical infrastructure targets have drawn our attention to the security of mission critical networks. These threats have included power grids in Ukraine and Ireland, U.S. energy companies and nuclear power plants, and most recently, at an electric utility on the West Coast where a distributed denial-of-service (DDoS) attack overwhelmed grid network systems with false Web traffic.

This was the first documented digital attack known to have compromised electrical grid operations in the United States due to a moderately basic hack and showed us how the potential for far more significant disruption is a legitimate concern to industry professionals and consumers alike.

In fact, a recent study conducted by the Ponemon Institute on behalf of IBM found that a large majority of organizations surveyed are still unprepared to properly respond to cybersecurity threats, with 77% of respondents admitting they do not have a cybersecurity incident response plan applied across the enterprise. As cyberthreats, including DDoS continue to emerge, utilities require new approaches to adapt to the vulnerabilities of their networks as they expand and adopt mission critical Internet of Things (MC-IoT) devices and applications.

What are the options?

Most of the critical infrastructure in the US, including the electric power grids, natural gas and water pipelines, and commercial railroads, is owned and operated by the private sector and regulated by the public sector. The public and private relationship in operating and protecting critical infrastructure requires a strong working partnership incorporating a robust premeditated security strategy of public and private sector partnering.

Utilities typically own and operate their own private, licensed, wireless networks and private land mobile radio systems (PLMR) to offer secure communications to centralized generation stations, substations, switches, and more on the electric grid, which has created a high level of reliability.

Most utilities have managed to keep their SCADA systems secure and functional using these privately owned networks, however, cyber activity, improved device intelligence and a significant increase in the demand for condition monitoring of systems are all pushing increased data demands on these networks – and these existing networks were not designed to handle the increased data throughput demands.

This rapid increase of intelligence and distributed energy resources (DER) has left mission critical industries in need of more secure, reliable and scalable network options, capable of handling increased and scalable data throughputs. Mission Critical operators are challenged to modernize without nationwide licensed spectrum that is large enough to utilize standard technologies capable of managing increased data traffic.

The need for a standardized solution

As the grid is becoming increasingly intelligent with sensors collecting an extensive amount of data at the edge, spectrum, in turn, becomes limited for operators to increase the capacity and security of their networks. Many recent initiatives by the FCC have reduced the amount of exclusive or non-commercial use of licensed spectrum to the benefit of consumer networks.

This shift has increased the challenges confronted by mission critical industrial users. Furthermore, purchasing spectrum at auction can cost many millions of dollars, making it difficult for utilities to economically modernize securely with standardized, secure and widely available technologies.

Utilities are very conscious of the security and reliability requirements of their networks which is why they’ve opted to continue leveraging licensed spectrum. However, until recently there has not been a wireless standard capable of handling increased data traffic in the narrow spectrum that utilities already own.

In late 2017, a new wireless standard was ratified and published by the Institute of Electrical and Electronics Engineers (IEEE). IEEE 802.16s was a grassroots effort launched by electric utilities who were looking for a standard technology that could be used in the narrower channel bands they have access to, typically purchased on the secondary market or licensed by area from the FCC. This includes the upper 700 MHz A band, AMTS spectrum between 217 – 219 MHz, the NPCS band at 900 MHz and the 1.4 GHz band. The standard supports multimegabit data speeds and long range using relatively narrow channel sizes between 100 kHz and 1.25 MHz.

The throughput and range are the “sweet spot” for MC-IoT applications. Furthermore, the standard requires the use of time division duplexing (TDD) which is a highly efficient protocol for networks that have asymmetric data flow. Utility networks are typically upstream centric networks with data transmitting back from the remote asset to the tower and then to the central office.

The 802.16s, like all good IEEE standards, continues to evolve with improved processing and software capabilities. New technologies, built on the standard, are being introduced with enhanced capabilities including new narrower channel sizes for longer range at lower transmit power and non-adjacent channel aggregation. These networks are capable of supporting increased data traffic without impacting existing system use of adjacent channels.

Furthermore, with more and more data being required to be transmitted from field devices, the incorporation of intelligence and processing at the edge will help reduce the amount of data that has to be transmitted. Additionally, security applications can also be hosted and executed at the edge, thereby preventing any malicious data or unauthorized device connecting to the network. An edge processing capability also allows options for more autonomous local control of edge devices in the event of a network not being available.

As more intelligence and vulnerable access points are incorporated into the power grid, utilities will require constant network upgrades that enhance security, reliability, and availability. With this narrowband channel standard, utilities are able to more effectively secure and control mission critical applications within the grid. By connecting MC-IoT technologies over a private and secure network, cyber threats which threaten network continuity are significantly minimized and uninterrupted operations are secured.