Smart Electric Grid

industry-risks-header-graphic

The energy infrastructure, in need of grid modernization, is a high value target for cyber warfare. The major risks to the energy grid stem from five factors. The first factor is physical access to heavily instrumented systems with no protection points on the board at manufacture, and the large attack surface due to the number of access points. The second factor is the manipulation of demand attacks from appliances that can leverage botnets to manipulate the power demand in the grid, to trigger local power outages and potentially large-scale blackouts. The third factor is the targeting of unprotected supervisory control and data acquisition (SCADA) systems and other industrial control system (ICS) software. The fourth factor is that intrusion detection systems are tuned down to reduce the number of false positive alerts, to the point that it becomes useless. The fifth factor is that unlike the IT approach of quarantining infected user workstations (endpoints) with virtual LAN (VLAN) based network segmentation, power generation and distribution systems in OT are live and quarantining devices in an interconnected system disrupts service and causes undesirable outage. Reactive approaches based on network-based anomaly detection and deep-packet inspection of application protocols will be challenged eventually by the onset of encrypted network traffic (without application reengineering) in the years ahead.

mocana-countermeasures-header-graphic

The strategy will require at least:

  • securing the integrity of signaling between systems
  • managing the digital secrets that offer such security countermeasures – passwords and keys
  • rotating the digital secrets using X.509 certificates for trusted delivery as a mitigation strategy for recovery on compromise
  • tamper-resistant content delivery through the supply chain
  • remote device recovery on compromise with trusted software and configuration updates, and automated key renewal
  • embedded network access controls for perimeter-less defense
  • auditability for visibility and measurement of compliance posture – to avoid punitive fines for violations (e.g. NERC-CIP)

Smart Electric Grid

mocana-industries-smart-electric-grid

Industrial automation manufacturers and critical electric utilities must ensure compliance with cybersecurity standards such as NIST 800-53, Revision 4, IEC 62443-3-3, and FIPS 140-2. Furthermore, electric utilities must comply with
additional standards such as NERC CIP 003. Keeping up with these standards as well as emerging standards from the Industrial Internet Consortium (IIC) and Industrie 4.0 is challenging.

industry-stat-smart-electric-grid

power plants in the U.S. generating 1,075 gigawatts of installed generation.

— Department of Homeland Security

Perimeter-based defenses and threat detection technologies are not enough to defend against modern cyber attacks. Our electric grids are under attack by nation states. Many legacy programmable logic controllers (PLCs), intelligent edge devices (IEDs), remote terminal units (RTUs), controllers, gateways, and Industrial Internet of Things (IIoT) edge devices are vulnerable due to a lack of basic cryptographic controls such as: multi-factor authentication, secure boot, secure update, and secure, encrypted communications.

Electric utilities industrial automation manufacturers must ensure compliance with cybersecurity standards such as NERC CIP 003, NIST 800-53, IEC 62443-3-3, and FIPS 140-2.  Keeping up with these standards as well as emerging standards from the Industrial Internet Consortium (IIC) and Industrie 4.0 is challenging.

A Cybersecurity System Tailored for the Smart Electric Grid

diagram-electricity

Used by more than 200 OEMs to protect more than 100 million devices

Mocana’s end-to-end cybersecurity system is a FIPS 140-2 validated embedded cybersecurity software solution that ensures device trustworthiness and secure communications by giving industrial automation manufacturers. With solutions for new builds and legacy, brownfield upgrades, Mocana provides electric utilities and OEMs with an easy way to harden new or legacy brownfield RTUs, IEDs, and controllers with multi-factor authentication and trust chaining, as well as secure boot to validate the firmware, OS and applications.

Download Industry Brief

Learn More About Mocana Solutions

icon-trustcenter-white

Mocana TrustCenter™

Services platform for automated security lifecycle management
icon-trustpoint-white

Mocana TrustPoint™

Comprehensive IoT endpoint security that simplifies integration
icon-trustcore-white

Mocana TrustCore

Proven, differentiated and compliant system of cybersecurity
  • We are excited to work with Mocana in implementing their comprehensive software solution across our divisions. With Mocana’s Security of Things Platform, we are able to maintain consistency in our security approaches, across any type of device or sensor, addressing the variance of real-time operating systems (RTOS), controllers and CPUs. Mocana brings strong FIPS-140 proven cryptography to our embedded devices all the way up to the cloud, enabling a safer path to IoT transformation for our connected business strategy."

    George Wrenn

    VP of Global Cybersecurity for Schneider Electric

  • background-blue.jpg

    Mocana has been helping industrial manufacturing and automation companies to secure industrial control systems, SCADA networks, avionics subsystems and IoT devices since 2002. Mocana’s IoT Security Platform is solving operational technology and IoT security challenges by tackling one of the toughest industry problems—making industrial controllers and IoT endpoints more secure and trustworthy."

    Michael Dolbec

    Managing Director, GE Ventures

  • background-blue.jpg

    Supply chain integrity is one of the most important challenges facing the industrial IoT. Mocana’s IoT Trust Platform is tackling this problem head on by automating device enrollment and security provisioning. With tools for both suppliers and OEMs, Mocana’s trust services will simplify enrollment and secure updates."

    Ed Amoroso

    CEO of TAG Cyber, LLC

  • background-blue.jpg

    As the IoT continues to grow, an increasing number of backdoors and vulnerabilities are discovered every day. If enterprise-grade companies expect their users to trust in the inherent safety of their technology, they must ensure that advanced security is embedded directly into the device. Our partnership with Mocana focuses on this type of comprehensive security as we work toward providing customers with an easy and effective way to harden their operational technologies."

    Joerg Borchert

    VP of Chip Card Security of Infineon Technologies

  • background-blue.jpg

    The tools provided by Mocana are rooted in its long history of equipping engineers with the ability to harden devices that perform mission-critical operations. Manufacturers can now be equipped to leverage the power of the embedded chips in their products to support the security and privacy requirements of these emerging data-driven IoT ecosystems."

    Rob Westervelt

    Research Manager, IDC

  • background-blue.jpg

    Ensuring the safety, security, and reliability of control systems is critical. Mocana’s IoT Trust Platform can simplify the implementation of security across modern control and safety systems."

    Joe Weiss

    Managing Partner of Applied Control Solutions, LLC

  • background-blue.jpg

    Mocana’s IoT Security Platform ensures that IoT devices can be trusted and communicate securely to the public and industrial cloud platforms. Their verification of the interoperability and integration of their cloud to AWS, Microsoft Azure IoT, VMWare-based clouds, and GE Predix is a significant benefit for companies working with Mocana."

    Vikrant Ghandhi

    Industry Director, Digital Transformation, Frost & Sullivan of Frost & Sullivan

  • background-blue.jpg

    Mocana has designed its cryptography engine to have a tiny, lightweight footprint. Its software is fast and responsive, making it ideal for hashes and advanced cryptographic functions. In addition, the software modules that sit on the device, gateway, and cloud are customizable, in that customers need to deploy only the code they require to implement specific functions."

    Sankara Narayanan

    Research Analyst, Frost & Sullivan

Find the smart electric grid industry solutions that meet your needs

Request a demo

Resources

The latest thoughts on cybersecurity
management.

Solution Briefs

Learn More

White Papers

Learn More

Datasheets

Learn More

Videos-Podcasts

Watch/Listen

Webinars

Learn More

Case Studies

Learn More