Developing a vibrant community is one of the keys to Remme’s success. That’s why we’ve put a lot of effort into this endeavor, striving to build a strong community of individuals who share our ideas and firmly believe in the project’s success. And Today, we’re pleased to present the Research Paper dedicated to Utility Sector Market, prepared by one of our community members — Daniel Hall.
His day job is as a Senior Systems Analyst for a utility company in the UK, where he looks after the infrastructure and architecture for their mobile work force with a focus on usability, cost efficiency and security.
This research paper investigates areas of the utilities sector that could benefit through the use of the Remme solution with a focus on key use cases where the maximum potential may be realised.
The utility sector in most countries differ from a lot of other industries due to a need for strict security controls, while often having to manage a legacy infrastructure (telemetry, SCADA) and having a unique company/governance culture often seen in sectors that were previously nationalised.
NOTE: SCADA stands for Supervisory control and data acquisition, and is the system used by utility providers to monitor and control industrial systems (Such as flow sensors, network usage, PLC control etc).
The state of IT in utility companies
Utility companies have a difficult challenge whereby they must meet strict regulations around uptime of their utility offering, security and compliance (such as PCI/GDPR in Europe) while managing a large infrastructure that is too large for short term investment cycles as such investment in this infrastructure is often spread out over many years (20–30). This means that you will regularly find that companies have a modern IT infrastructure for payment systems, communications & desktop compute (Office workers), while the operational IT is outdated and under-supported due to the very large costs involved with upgrading this critical infrastructure, these systems are found in a hybrid state with a mix of old and new technologies as it is always in flux.
A study in 2016 has shown a 110% increase in attacks on SCADA systems according to IBM. These were predominantly focused on brute force attacks trying to take advantage of short/weak passwords. The majority of attacks were against US SCADA assets. Two major attacks in recent history were the 2015 Ukrainian power network attack and the 2016 New York Dam attack. There is likely going to be am increase of high profile, effective attacks.
An additional threat is the growing use of worms designed to attack automation systems, one of the most popular being Stuxnet which was first used during an attack on Iranian nuclear facilities and is built to spread via Microsoft Windows and attack Siemens Industrial Control Systems.
Systems often found in the utility sector:
The following is a non-exhaustive list of systems often found in utility companies:
- Desktops/Laptops/Thin Clients
- Servers (Email, Storage, Configuration Management etc)
- Payment systems (Must be PCI compliant in Europe)
- Mainframe (for organisations that have yet to migrate)
- SCADA systems
- M2M, IOT and other telemetry systems
- Automation, PLC, HMI, Sensors
Below are some potential use cases where the solution by Remme can be put to use in order to increase security in the utility sector. Some may also apply to non utility companies.
SCADA (inc M2M & IoT) — SCADA is the system that monitors and controls the automated industrial control systems. Using a water company as an example, it could control chlorine dosing, flow control, pump resilience and much more. The greatest attack vectors for SCADA systems are likely to be a combination of outdated & un-patched operating systems, old & weak passwords and anywhere that the SCADA network has to connect to a public network or the Internet.
As utility companies often have a wide array of automation assets spread over a geographical area, they need to connect to a main control centre, this is either via the internet (a bad practice) or at the very least via a network provider. Even with the use of a private APN with a mobile provider, it will still utilise that providers public backbone.
Some best practices that should apply here is to only connect devices to a network where absolutely necessary, and even then all traffic should be encrypted, and ideally signed in order to audit the data when required. Additionally all access should be permissioned, this is where Remme’s solution can help.
All data transmitted should be encrypted with TLS or over a VPN, and signed with a certificate, the private key should be held on the device (and not re-used between devices) and the public key held on the blockchain. For this to work, a hybrid CA may need to be implemented, for instance a SCEP compatible CA, that uses the Remme blockchain as it’s certificate store & revocation list. This will allow existing software to integrate easily where it already supports common CA designs.
Finally, devices should use a separate private key for authentication with other systems instead of service accounts and passwords that are not changed regularly. Passwords get written down and are difficult to control. However they can be use as a 2nd factor for critical or restricted use systems.
Mobile Email Access — A common requirement for field workers (servicing asstes) is to have mobile access to email & calendar, this often means exposing an internal email system, and caching the users LDAP password on the device. Due to mobile operating systems increasing un-patched vulnerabilities (slow release process by some providers, older unsupported models), exposing your LDAP password can put internal systems at risk, as this password could then be used in an attack to gain access to much more than just email. A method to avoid this is to use Kerberos Constrained Delegation with a CA, KDC and intermediary server. A certificate is used to authenticate with the intermediary server (Such as Mobile Iron Sentry), which verifies the certificate, creates the Kerberos token, and acts as a proxy to the email server.
A hybrid CA as described in the SCADA use case would allow the certificates used for authentication to be stored on the Remme blockchain, providing a decentralised certificate store for seamless authentication with edge systems.
Version Control of PLC programs and configurations — A common problem with industrial control systems is keeping a central store of all configurations and programs for automation systems. If a PLC suffers a failure after being online for 15 years. The original program will be needed in order to duplicate it’s setup onto the replacement hardware. However where there are different versions of the file, or similar files for similar PLC’s, this can lead to confusion and issues which can introduce significant risk to the utility supply. Storing the files (Possibly IPFS), encrypted and signed with a certificate stored on the Remme blockchain along with the file hash and history. A user can then not only be sure that they have the latest file, but also that it has not been tampered with. As older members of staff retire, their replacements will still have access to all the information they need an be able to be certain that they are not introducing additional risk to critical systems.
Utility Sector Market Penetration — Applying 10 years experience in the utility sector and 20 years in enterprise IT systems support & architecture, the researcher provides the following considerations in maximising Remme’s ability to engage in business with utility companies.
- The Hybrid CA discussed in the SCADA use case is a critical factor in gaining market share, As utility companies have to be quite risk averse by nature, they will not be likely to change all of their internal enterprise systems to work with Remme, however if Remme was able to offer a (perhaps open source) hybrid CA that is compatible with other enterprise standards (SCEP etc), this would allow companies to test and use Remme with minimal upset. Over time this can be developed further to move away from the old standards, to a new Remme standard.
- Easy implementation of nodes is another key requirement, organisations may require a private blockchain for them and their partners, or at the very least run their own node to ensure uptime. This could be a Remme provided appliance.
- Remme will likely see increased market penetration by working and partnering with other companies that supply services to utility companies, such as PLC, M2M, IoT and SCADA companies that either provide Software, Hardware or support services. Where these organisations are already trusted, and offering integration with Remme, it is more likely that utility companies will trial the solution with support from their existing, trusted providers. As these providers start to offer products with Remme interruption, utility companies will be poised to benefit from the improved security, control and decentralisation that Remme aims to provide.