Award winning manufacturer of IT-based building automation.
Distributed Energy, Distributed Control, and Defense in Depth
As the internet of things and the internet of energy use converge, we must apply defense in depth.
A day doesn’t go by when we don’t hear of cyber-security threats to the infrastructure that supports our lives. Cyber-security is not only take-downs and denial of service. It’s also knowledge leakage. Perhaps it’s finding The List of substations to take down, to take out the North American grid. Perhaps it’s merely finding out how to make things embarrassing in a politically convenient way.
This month I have been thinking of applying the principles of computer defense to grid defense. Perhaps it’s because of last week’s news that the Israeli technology in Iron Dome is being re-purposed to detect threats to the power grid by a Canadian metering company. I am considering Defense in Depth and the power supply.
It is now normal best practice that each corporate computing environment should have firewalls and perhaps managed proxies at its edges. If it is of sufficient size, it likely has secured VLANs within its environment, with limited communications between them. Even with this security, each computer is expected to have its own firewall, limiting communications to just the ports that are expected. Inside that last firewall, there is additional software, detecting patterns known (virus detection) and unknown (threat behavior analysis). The operating system and application software is secured against changes during normal use.
Defense in depth.
As the internet of things and the internet of energy use converge, we must apply defense in depth there as well. The most basic information signal in technology is the power supply.
I grew up considering the power supply itself as a communication and control signal. One oft-told family story concerned the time when my father accepted a consulting contract in the late 1940s in the City of Commerce in California. For weeks he arrived late to every meeting, and the locals just laughed and laughed. In those days before the grid, municipalities would install their own independent systems. The City of Commerce had purchased a European system that ran at 50 Hz. Of course the clocks brought to town by any “outsider” ran slow, and the locals drew great enjoyment from observing the effects.
Power may be in or out of specs. For AC power, the waveforms and the
frequency themselves are key information. Florescent lights provided
with bad signals develop annoying hums. Poor power signals cause motors
to vibrate and heat up, all the while performing less than rated work.
Atop the generally poor quality of this information, the power “signal” can be hacked. In the Aurora Generator Test physically destroyed a generator by inducing it to mis-align with this signal. (You can watch it rip itself out of its concrete moorings at https://www.youtube.com/watch?v=fJyWngDco3g) And I know that there are more conventional descriptions, but I am describing it this way to emphasize power supply as information.
Power line carriers can provide means for un-monitored network traffic
to flow into or out of any building. This could support snooping of
internal activities as well as external triggering of internal
If we consider power as an information signal in our networked world, with distributed energy we are moving from mainframe to networked computing. With the internet of things, we are putting more and more of our lives in view of and in the control of powered things. Privacy concerns move beyond late night web-surfing habits to every bit of our lives. This means we should consider applying the principals of defense in depth to how we manage our power.
Digital power conditioning can be one aspect of defense in depth. The
3DFS system cleans up signals and presents ideal three-dimensional
waves to the systems in the building. To achieve these in-building
effects, it starts with gigahertz analysis of the power entering the
building. Watching that incoming signal at that granularity is
informative. One can see, and learn to recognize, the activities of
each house on the same distribution feed. Just as we can tell when a
sound is far away, one can learn to recognize when the power use is far
away, meaning one can distinguish the houses, not merely the sum of
equipment. This system protects its user even as it enables tracking of
everyone else in the neighborhood.
Big data associates trivial facts to infer greater knowledge. Many of us are resigned to our every move being tracked by advertisers. MIT researchers recently reported in Science that anonymized metadata from as few as four credit card transactions can identify each of us as an individual. It is reported that noting patterns of evening pizza delivery at a single office in DC, one outside the Pentagon, would have alerted the careful observer of every significant new effort in the Gulf War.
Civil libertarians, and more recently a wider public have expressed
concern over the surprisingly widespread use of “Stingray” devices to
track people and their conversations. It is not hard to imagine a
snooper using the new found power of digital power monitoring
surreptitiously installed on the power pole.
Intelligent devices such as laptops, tablets and phones already act as portable microgrids. It wouldn’t take much for them to cloak their precise activities while become better “citizens” in the local microgrid. These smoother power loads make them better participants in systems relying on local distributed energy. Digital power conditioning can be considered as a firewall, protecting internal activities while making the chatter of dumb load a better participant in facility-sized microgrids.
Building by building autonomous microgrids, such as those demonstrated by Clean Spark at Camp Pendleton protect building mission while hiding the internal activities. Distributed storage hides anything but the aggregate demand of a facility. Power inverters or wind controls get protected from outside interference by the microgrid interface. Clusters of microgrids may still convey general level of activity, but they themselves get aggregated and blurred as we assemble the fractal microgrid. Even as we assemble these security effects, each node becomes less sensitive to the wider world as it gains resilience from its peers.
As we develop distributed energy and the internet of things, we can repeat the mistakes of the early internet. We can continue to make devices unsecured by default. We can allow the power grid itself to be subject to the sort of zombie-bots used in the Baltic cyber-wars. Or we can design in defense in depth, in power, in power management, and in device control. We can assume that nothing bad can come from exposing millions of solar inverters to remote control, as is currently mandated in California.
Or we can build in informational and control security in depth, starting now.
[Click Banner To Learn More]
[Home Page] [The Automator] [About] [Subscribe ] [Contact Us]