Data Encryption for Substations

Encryption has become standard practice in other verticals that depend on online data transfers, such as online banking and shopping.

01/15/2013


The consulting-specifying engineer should be familiar with encryption schemes for all devices connected to the substation. Encryption has become standard practice in other verticals that depend on online data transfers, such as online banking and shopping. In fact, due to the ease with which encryption can be accomplished and the low cost of the semiconductors that enable it, encryption will become a universal expectation. So it is today with power.

The substation owner and/or utility involved may be presented with an operational liability if encryption isn’t applied to data generated by sensors and controls. The use of “clear text” is simply too risky. (That operational liability could well become a legal one if operational data was breached by a malevolent actor and used to damage property or inflict harm on human life.) The encryption of information output from or to intelligent electronic devices (IEDs) or traveling between them falls under IEEE 1711™ “Trial-Use Standard for a Cryptographic Protocol for Cyber Security of Substation Serial Links.”

Encryption, fundamentally, is a cyber security issue. Encryption is applied specifically to avoid the unauthorized access to data, which could thwart an intentional attack or protect against the unintended consequences of mistakes made by authorized personnel.

Be aware, however, that encryption of data adds “overhead,” or latency, to its transmission over the substation communication network.

And the CSE should be aware of technical solutions which are available, such as the encryption of data on serial links, such as RS-232 and RS-485 communication channels. These are non-network channels are commonly used for remote access to a substation by operations engineers or the interconnected utility tapping into the SCADA system and/or an energy management system (EMS). (IEEE 1711 provides cryptographic protocols for the addition of cyber security on serial links.)

Today we’re seeing a vast number of these communication links on the grid for protective relays and remote monitoring systems, via a “bump in the wire” retrofit, rather than the impractical swap-out of existing IEDs for the sole purpose of adding encryption to heighten security.    

This works in the following manner: unencrypted data is sent from a device out a serial port where that “bump in the wire” really is a box that applies encryption. Another such “bump”/box is placed at the recipient’s end to decrypt the data.

This application is particularly useful when communications must use public infrastructure such as a leased line from a local telco or a radio system – whenever the client does not have complete control over both ends of the data exchange.

Whenever two of anything – in this case, “boxes” – are involved, multiple vendors are likely, and those boxes must play well together. The U.S. Department of Energy has completed work on a three-year project, which ended last fall, known as the Lemnos Interoperability Security Program. Lemnos sought to define a set of configuration parameters to ensure a standard approach for the encryption and decryption of networked data by different devices. (Lemnos also provides an interoperability and testing framework for other security protocols.) 

Various IEEE groups are now considering Lemnos’ results for an IEEE standard. The IEEE Power & Energy Society Substation Group would be a logical choice and it may in fact end up being the lead on this effort. It might conceivably become part of IEEE 1711, like 1711.1 or something like that.

The consulting-specifying engineer would be well-advised to keep tabs on these efforts, as the CSE may be called upon to evaluate encryption boxes as they determine the appropriate level of encryption (and thus security) needed in any given circumstance.

Although with the growth of the encryption industry, these “bumps in the wire” boxes don’t add much if any latency, there are exceptions to keep in mind. This is particularly true in the case of the high-speed communications needed for protective relays, where the CSE must take into consideration the timeframes needed for the function in question. Latency must not interfere with response time, for instance, in the case of protection devices.


Sam Sciacca is an active senior member in the IEEE and the International Electrotechnical Commission (IEC) in the area of utility automation. He has more than 25 years of experience in the domestic and international electrical utility industries. Sciacca serves as the chair of two IEEE working groups that focus on cyber security for electric utilities: the Substations Working Group C1 (P1686) and the Power System Relay Committee Working Group H13 (PC37.240). Sciacca also is president of SCS Consulting.



No comments
The Top Plant program honors outstanding manufacturing facilities in North America. View the 2015 Top Plant.
The Product of the Year program recognizes products newly released in the manufacturing industries.
The Engineering Leaders Under 40 program identifies and gives recognition to young engineers who...
2016 Product of the Year; Diagnose bearing failures; Asset performance management; Testing dust collector performance measures
Safety for 18 years, warehouse maintenance tips, Ethernet and the IIoT, GAMS 2016 recap
2016 Engineering Leaders Under 40; Future vision: Where is manufacturing headed?; Electrical distribution, redefined
SCADA at the junction, Managing risk through maintenance, Moving at the speed of data
Safety at every angle, Big Data's impact on operations, bridging the skills gap
The digital oilfield: Utilizing Big Data can yield big savings; Virtualization a real solution; Tracking SIS performance
Applying network redundancy; Overcoming loop tuning challenges; PID control and networks
Driving motor efficiency; Preventing arc flash in mission critical facilities; Integrating alternative power and existing electrical systems
Package boilers; Natural gas infrared heating; Thermal treasure; Standby generation; Natural gas supports green efforts

Annual Salary Survey

Before the calendar turned, 2016 already had the makings of a pivotal year for manufacturing, and for the world.

There were the big events for the year, including the United States as Partner Country at Hannover Messe in April and the 2016 International Manufacturing Technology Show in Chicago in September. There's also the matter of the U.S. presidential elections in November, which promise to shape policy in manufacturing for years to come.

But the year started with global economic turmoil, as a slowdown in Chinese manufacturing triggered a worldwide stock hiccup that sent values plummeting. The continued plunge in world oil prices has resulted in a slowdown in exploration and, by extension, the manufacture of exploration equipment.

Read more: 2015 Salary Survey

Maintenance and reliability tips and best practices from the maintenance and reliability coaches at Allied Reliability Group.
The One Voice for Manufacturing blog reports on federal public policy issues impacting the manufacturing sector. One Voice is a joint effort by the National Tooling and Machining...
The Society for Maintenance and Reliability Professionals an organization devoted...
Join this ongoing discussion of machine guarding topics, including solutions assessments, regulatory compliance, gap analysis...
IMS Research, recently acquired by IHS Inc., is a leading independent supplier of market research and consultancy to the global electronics industry.
Maintenance is not optional in manufacturing. It’s a profit center, driving productivity and uptime while reducing overall repair costs.
The Lachance on CMMS blog is about current maintenance topics. Blogger Paul Lachance is president and chief technology officer for Smartware Group.
This article collection contains several articles on the vital role of plant safety and offers advice on best practices.
This article collection contains several articles on the Industrial Internet of Things (IIoT) and how it is transforming manufacturing.
This article collection contains several articles on strategic maintenance and understanding all the parts of your plant.
click me