Securing power systems in cyberspace

By Alix Paultre, Editor-in-Chief

Security is an issue as old as property and will exist as long as people have things to protect. Once upon a time, in order to secure a facility, one only had to worry about physical dangers. Put up a fence, buy a few dogs, and hire a couple of people with guns to walk around and shake doorknobs. Secure the entrances and access points and you guard the goods inside.

The addition of software to society changed everything. Ever since people like Captain Crunch (John Thomas Draper) used a plastic cereal-box toy whistle to hack AT&T’s long line system to get free calls (see Fig. 1), the ability to bypass physical barriers has plagued society ever since. The most recent attack burned into the public’s mind was the STUXNET virus, malware specifically created to target a particular type of industrial motor that was used in the target system, causing damage to the facility as severe as anything that could have been accomplished with explosives.

Fig. 1: Captain Crunch (John Thomas Draper) used a plastic cereal-box toy whistle like this to hack AT&T’s long line system.

The targeted nature of software attacks was already an issue when the only means to access a system were hard-wired connections to a network, but the explosion in wireless technologies has exacerbated the problem. Now that we have the internet and cloud, the ability to reach deeply into a household, facility, or municipality’s infrastructure is even more prevalent. However, the defenses to these new threats are actually similar to legacy physical procedures.

Migrating processes

The electronics industry is both the cause and customer of this disruption, as software and the internet have not only changed the way that power supplies are designed, manufactured, installed, and operated, but they have also changed the role of a power supply within a system. Previously a static device moving electrons from source to load, a power supply today can be an active part of an intelligent facility, able to not only drive a load but also adjust output on the fly while providing telemetry not only on itself but also on the thermal environment around it.

For example, CUI has partnered with Virtual Power Systems to create the Intelligent Control of Energy (ICE) software/hardware solution for data center power, using a facility’s existing infrastructure to intelligently and dynamically allocate power to racks, branch circuits, and IT nodes and provide a constant awareness of power consumption needs across the entire data center topology. The ICE system employs peak shaving principals to free up redundant supply capacity, profiling power demand and employing battery storage to manage peak demand using power stored during low utilization periods (Fig. 2).

Fig. 2: CUI’s ICE data center power solution uses a facility’s existing infrastructure to intelligently and dynamically allocate power.

However complex, though, these new functionalities are, in one way, merely extensions of old principles, just magnified through the force multiplier of software and logic control. In that same way, new security issues can be contrasted to old by migrating legacy tech, infrastructure, and processes into the 21st century. The nature of the threat is different, but the core issues remain. Today, this new security awareness extends from the manufacturing floor to the client system’s infrastructure once the product is installed.

Just as one needed to encircle a facility with a gate in the physical world, one needs a protected gateway online. One can compare dogs running around a compound and guards walking a patrol to software agents checking ports and data packages for authenticity and security. And of course, proper security procedures at the human level are just as appropriate (and necessary) for software development as any high-value industrial process.

Threats everywhere

For the sake of this article, we’ll ignore back-door attacks and other human-related issues, as a proper security protocol should also include educational classes to all staff on proper data management and security procedures. Some companies have been hacked by simply leaving infected USB drives in the target’s parking lot for unsuspecting employees to pick up and insert into internal systems, bypassing security (Fig. 3). There are a few things that can happen if and when someone gets past your defenses.

Fig. 3: Don’t forget physical security; informed employees reduce back-door security risks.

One way to gain access to a system is via a brute-force attack. Such an attack is probably the most easily prevented, as it is time-consuming and requires multiple login attempts. This type of attack can also be easily detected if you pay attention to your system traffic. A Denial of Service is most commonly used to attack servers, not power supplies, as the attacks are intended to prevent legitimate users from accessing the system by overloading it with more requests than it can process. This could be applied in the power space by overloading the bus with too much or incorrect information.

Depending on how secure your system is, it can be hit with a Secure Sockets attack, which intercepts the data before it can be encrypted by the system. A Port scan is a hostile search of your system for open ports. This attack is usually a reconnaissance mission for a later, more focused attack. This could be used for facility blackmail or for system disruption and/or malware insertion.

Smart power as security solution

The knife of software cuts both ways; as stated earlier, software has given power supply manufacturers new functionalities for performance, reliability, safety, and also security. Software-enabled systems can not only provide energy savings, improved thermal management, and system reliability, they can also be an important part of your software infrastructure’s security. Because of its very nature, the software involved in the system can be a powerful asset in your facility’s security management.

Right up front, the ability to intelligently distribute power across racks doesn’t just help recover lost power and improve efficiency, it also enables dynamic recovery in failure situations in which sections of the power infrastructure are damaged or destroyed. The ability to react in real time not only protects mission-critical computing needs from a performance perspective, it enables soft recovery from catastrophic events. The ICE solution’s ability to leverage power caches in real time to lower peak power loads also lends itself to this, as peak-power storage also becomes system emergency storage in a pinch.

The ability to limit the use of unauthorized power usage through dynamic provisioning of new components with an intelligent system to quickly pinpoint failing or failed power equipment will deliver higher availability and reliability. It almost goes without saying that once such a dynamic ability can be implemented, it would also provide system administrators a secondary ability to monitor and manage critical systems from the inside out. That way, a STUXNET-type attack that causes subsystems to fail innocuously can be more easily detected, as the system can flag devices not performing under acceptable parameters. This provides an additional layer of security to systems highly vulnerable to subtle malware attacks.

Even some catastrophic incidents can be planned for, as the increased granularity of power control with node-level protocols can be implemented automatically based on priority and availability. Another dynamic ability that an intelligent facility-level power system should have is that of being able to take advantage of multiple power sources depending upon availability, cost, or demand. This, again, lends itself to both functionality as well as security, as the system can apply backup generators and secondary sources as amplifiers of power capacity and not just as fail-overs.

Making systems secure

The first line of defense in making an intelligent power system secure is on the manufacturing floor, as proper software and hardware management are critical. It is vital that proper procedures are in place to secure and track the software to be used by the system through the manufacturing process, as malware can be inserted at this level if there is sloppy security. Basic procedures like password protection, limited access to personnel with background checks and training, and fingerprint authentication are as important as having a web firewall.

In the case of the ICE solution, CUI uses ISO-approved documentation to release firmware and process this through manufacturing by tracking the travel tags of programmed circuit boards. In addition, CUI records serial numbers during the product’s automated tests to also verify that the correct version of firmware is installed. Such steps are key to both ensuring security continuity and customer confidence in the supplied product. Just as a rogue USB stick can bring in malware, so can an improperly screened software-enabled supply. ISO-approved protocols ensure both compliance and consistency.

Another weak point that must be addressed is where the software is loaded into the device. Not only is it important to ensure that the proper software is installed to match customer, device, and application, this is another place where the unscrupulous or inattentive can infect the system. It is important that protections are there to ensure that only the right software is loaded; i.e., that there is a robust process with trained personnel using proper design methodology (encryption, authentication, good coding practices, etc.) to test and audit for issues. In special cases, the products may even need to go to an external cybersecurity test organization for additional procedures.

Security on duty

Once a product is installed in a larger web-enabled system, steps must be taken to ensure that the devices involved are not prey to external agents that make it past the facility’s external security. One way is to use authentication protocols in the installed product to protect it from casual port inquiries; however, a basic step to avoid detection is to use different ports than those typically used as common access ports. Many hackers tend to follow established protocols, so simply changing things up in port allocation can help secure the system a great deal.
Once a system is compromised, even if the power system is safe, the system administrators need to be able to go in and troubleshoot the system, with the need to possibly reset the device to ensure that it is operating properly. How easily a system can be reset can greatly aid troubleshooting.

Ensuring security is not a one-off process, and constant vigilance is required. That’s why it is sometimes also useful to determine if the software has been tampered with once it has been installed. In an intelligent facility, another security layer would be for the firmware to be designed to run self-checks on power-up, which requires matching the checksum to the one stored in the factory firmware. This is a very granular layer of defense, so it is best-suited for situations when security is the paramount issue.

Looking forward

The changing tech landscape needs a flexible power solution for both performance and security to address the realities of web-enabled infrastructures. Software/hardware solutions for data center power must not only provide the needed functionality for next-generation web-enabled dynamic power management, but with proper setup and integration, they should also be an integral part of your security solution.

Power Supplies & Energy Storage Special Reports

No Comments

Join the conversation!

Error! Please fill all fields.