Security Nugget: Air Compressors Help Secure Generators

At large generators, per-unit air compressors and Unidirectional Gateways are reducing risk and reducing compliance costs.


The latest CIP V5 transition guidance explains how to assess the impact of segmented networks. Large generating sites are duplicating site-wide resources, such as pneumatic air compressors and control systems, for every generating unit. NERC CIP V5 states that if there is a strong security perimeter around each control system segment, and no segment can influence more than 1500 MW of generation, then the site has no Medium Impact cyber systems. This is a significant incentive; Low Impact systems cost much less to administer than Medium Impact systems.

Done properly, increased redundancy and segmentation can dramatically reduce compliance costs and the cost of risks. The right way to segment generating networks is with Unidirectional Security Gateways. Per-unit physical redundancy and per-unit network segmentation with Unidirectional Gateways turns one large, valuable target into many smaller, much harder targets. Unidirectional segmentation eliminates the single biggest risk to generating networks: the risk of remote attacks reaching through firewalls into control system networks. It does not matter how mundane or how sophisticated the attack, it does not matter whether the attack is from corporate insiders or the Internet, Unidirectional Security Gateways physically prevent all message from external networks that may put a control network at risk.

The bottom line: CIP-compliant segmentation substantially reduces compliance costs. Per-unit Unidirectional Security Gateways substantially reduce risks and costs. Investing a tiny fraction of compliance cost savings into risk reduction with Unidirectional Security Gateways is just good business.

August news roundup: Debunking myths and unveiling threats to critical infrastructure

As the summer enjoyed its last hurrah, industrial cybersecurity became a hot topic in the news. In August, we saw the U.S. Department of Homeland Security working to increase security measures with a new committee, and the National Institute of Standards and Technology’s put out a new proposal to improve international standards in cyberspace. Underlying these developments are the ever-present myths and real threats against our critical infrastructure. For details on these stories and more, check out our monthly snapshot of important industrial cybersecurity news below.

Five myths of industrial control system security (SC Magazine, Aug. 20, 2015)

Despite widespread concern about cyberattacks on industrial control systems, IT security models continue to use outdated methods of cybersecurity based on several unfortunate myths. The belief that firewalls provide adequate protection of our critical infrastructure is one myth that perpetuates despite proof to the contrary. The fact is, firewalls offer only a small amount of protection, but not enough to protect our irreplaceable power grids or the many lives that could be affected by an industrial cyberattack.

Five Reasons The U.S. Power Grid Is Overdue For A Cyber Catastrophe (Forbes, Aug. 19, 2015)

The U.S. power grid is long overdue for a cyberattack, according to Forbes contributor and CEO of think tank Lexington Institute, Loren Thompson. The security community has noticed an increase in the number of attacks on industrial control systems used to operate the power grid, a majority of which were cyber-related. Thompson noted several reasons for this increase including the grid’s numerous vulnerabilities, consistent oversights in its regulatory structure and a lack of financial incentives to encourage security investments in the industry.

Homeland Security moves to prevent attack on power grid (The Hill, Aug. 14, 2015)

The U.S. Department of Homeland Security is creating a new committee to boost digital defenses for the industrial sector. The reason behind this decision is the increasing risk of cyberattacks to critical infrastructure sites, especially as electric grids are getting smarter. Homeland Security Secretary Jeh Johnson called for the panel to identify how well the department’s “lifeline sectors” are prepared to deal with threats and recover from a cyberattack. The committee is also tasked with providing recommendations for a more unified approach to state and local cybersecurity.

A Critical Time for Critical Infrastructure (Light Reading, Aug. 13, 2015)

According to a recent Intel Security and Aspen Homeland Security Program report, operators of critical infrastructure are over-confident in their ability to defend against attacks and misunderstand the scale of the current threat environment. In North America, this reality is one of the forces behind the North American Electric Reliability Corporation's (NERC) Critical Infrastructure Protection (CIP) requirements. NERC CIP Version 5 calls for utilities of all sizes to meet new cyber security protection requirements and has a compliance deadline of April 2016.

NIST identifies objectives for cyber standards (FCW, Aug. 11, 2015)

The National Institute of Standards and Technology recently drafting a new proposal, which includes four broad objectives for the government’s pursuit of international standards in cyberspace: improve national and economic security, ensure standards are technically sound, support standards that promote international trade, and develop standards in tandem with industry to boost innovation. If fully implemented, NIST declares the guidance will “enable a comprehensive United States cybersecurity standardization strategy.”

Interested in reading more cybersecurity news? Check out last month’s news roundup.

Unidirectional protections for electric generation (A white paper)

Waterfall Security Solutions released a new white paper describing how Unidirectional Security Gateways and related products are used in power generation applications. The white paper documents the big picture of how, where and why Waterfall’s customers are using the company’s products to protect generating networks. To my knowledge, this is the first time a comprehensive network architecture or use case for unidirectional protections of generating networks has been documented.

The various icons in the diagram depict either unidirectional security gateways, inbound/outbound gateways, the Waterfall FLIP or Waterfall’s Application Data Control add-on. Waterfall customers generally deploy this architecture because they have decided that the risk of an online attack from the corporate network or the Internet that could affect control systems, safety systems or protection systems is unacceptable. To address these risks, customers generally use unidirectional security gateways and related products to replace one layer of firewalls in their layered, defense-in-depth network architectures. With this layer in place, the chain of infection from the Internet and through corporate networks is broken.

Most customers deploy the layer of unidirectional protections at their plants’ IT/OT interfaces, separating plant networks or unit networks, from their corporate networks. The remaining customers generally deploy the unidirectional layer to protect safety-instrumented systems and networks of protective relays from plant and control networks.

In either case, the layer of unidirectional protections separates the most important plant systems from remote attackers. This results in dramatic reductions in cyber risk and the associated cost of risk. NERC CIP and other compliance programs are also very much simplified and reduced in cost, because the strong security of unidirectional protections means far fewer compensating measures need be deployed to reach security targets, and the NERC CIP and other standards increasingly recognize this. In addition, unidirectional gateways and related technologies deployed at the IT/OT connection require far less labor to maintain and monitor than do porous firewalls.

An ever-increasing number of customers are recognizing the benefits of unidirectional security gateways and related unidirectional protective technologies in power plants. Standards authorities agree. Power plants are, after all, not expendable, either to electric utilities or to society at large.

For more information about how unidirectional security gateways reduce threats to critical infrastructure, and to download a copy of the new white paper, check out our resources page.