Safeguarding Ieds, Substations, and Scada Systems against Electronic Intrusions

United States agencies involved with national security are concerned about the vulnerability of the North American electric power grid to electronic intrusions, commonly known as cyber attacks. Several studies have identified changing socio-economic conditions that increase the probability of an electronic, computer-based attack being launched against a utility or substation, causing regional and possibly even widespread power outage. Increased domestic and international terrorism throughout North America, industry deregulation causing instability in the electric power utility job market, the shift to open protocols and interconnected computer networks, and the growing population of computer literate people with abundant and widely available hacker tools are factors contributing to this rising threat. The problem is compounded by industry’s shift from discrete, manual substation control to increased reliance on automated, integrated networks of IEDs, controllers, and SCADA systems. In this paper we identify and discuss technologies and procedures for safeguarding IEDs, PLCs, substation controllers, and networked SCADA systems against electronic intrusions. We show how technologies for access restrictions, audit logs, authentication, encryption, nonrepudiation, modem and network security, and network topologies can reduce vulnerability and increase survivability of integrated solutions for protection, metering, and SCADA. We discuss mitigating actions to reduce legal liability and outline training needs for increased awareness in the electric power industry. By creating the means to prevent, or at least to detect and survive, electronic attacks, we can ensure the continued safety and reliability of the electric power infrastructure.