Microsoft-based software offers certified substation cybersecurity
SUBNET Solutions Inc | Tuesday, October 18, 2011
Although the new smart grid offers technology that will greatly enhance electric utilities' capabilities in managing and distributing power, the same connectivity that will allow for efficient substation automation and remote access also poses the threat of debilitating cyber attacks.
But these attacks can be prevented if a reliable web service provider, such as Microsoft, is utilized in power distribution operations, as opposed to other providers that have been known to fall behind in monitoring and controlling cybersecurity threats.
In order to address this grave need for the utmost cybersecurity, the North American Electric Reliability Corporation has developed critical infrastructure protection (CIP) standards and requirements, as the U.S. Department of Homeland Security calls CIP "vital" to national economic security, public health and safety.
However, despite the importance of cybersecurity within the power distribution sector and the extensive measures that have been taken to prevent a cyber attack, many substation server manufacturers still use software that has been accused of having security flaws that could have potentially devastating results.
Many substations run a Linux Operation System on their computing platforms, an OS which uses an Apache web service. In late August 2011, Apache experienced a cybersecurity scare that put the software under the scrutiny of software security engineers.
On August 24, Apache developers warned that a denial-of-service tool was circulating the web that could introduce a bug into the system. "Apache Killer," as the tool came to be called, led the Apache project to concede the vulnerability the attack tool exploited.
"A denial of service vulnerability has been found in the way the multiple overlapping ranges are handled by Apache," the group said in a security advisory, adding that all versions in the 1.3 and 2.0 lines were vulnerable to cyber attack.
However, announcement of the bug was no news to Michal Zalewski, a Google security engineer who wrote of the attack tool more than four years ago.
"I feel silly for reporting this," Zalewski began his letter to a security list organization dated January 4, 2007.
"Combined with the functionality of window scaling, it is my impression that a lone, short request can be used to trick the server into firing gigabytes of bogus data into the void, regardless of the server file size, connection count, or keep-alive request number limits implemented by the administrator. Whoops?"
Contrary to Apache's failure to identify a serious problem that went unchecked for more than four years, Microsoft, another popular platform for power distribution systems, has proven to respond to threats rapidly, plugging holes as soon as they are encountered.
The company's commitment to continually updating its methods for classifying harmful cyber threats is evident in the Microsoft Security Intelligence Report Volume 11, which focuses on malware propagation methods, as focusing on the spread of threats results in improved cybersecurity, Jeff Jones, director of the Trustworthy Computing Group at Microsoft, told TechNewsWorld in an interview.
"One of our main goals with the taxonomy is to make it easier for organizations to share data in a way that's easily parsed and consumed by others to enable us all to help protect customers," he stated.
The Apache incident highlighted the need for a web service provider to continually correct security issues within their operating system and make patches available to users. Microsoft and its partners provide technology systems that offer utilities regulatory compliance options that allow regular and timely updates, thereby reducing the risk of attacks like the Apache Killer for users.
Microsoft offers limited access to data for compliance management that provides major solutions and benefits for power utilities. By partnering with the nation's top solutions providers, Microsoft ensures its software meets all regional standards, requirements and measures, and helps utilities to understand and adapt their services to those requirements.
One of the most important features Microsoft and its partners offer is unparalleled security in its large network of connections. Field devices such as relays, meters and monitoring equipment can be securely connected to different business intelligence systems used by utilities to analyze asset and outage systems. The software can be utilized across the wide array of existing communication networks, including fiber, leased-line, wireless and dial up.
SUBNET Solutions Inc., a Microsoft Certified Gold Partner, has been recognized by Microsoft as its top level of solutions providers, which grants SUBNET access to the tools and support needed to stand out in the smart grid marketplace.
Microsoft Certified Partners are chosen for their ability to provide the highest levels of technical expertise, strategic thinking, and hands on skills. Partners such as SUBNET offer utilities the renowned security features that are built into Microsoft programs in order to ensure a safe critical infrastructure and successful deployment of the smart grid.
Substation Cyber Security