The number of targeted cyber attacks has increased exponentially over the past years, and the rate of attacks has also risen particularly on the critical infrastructure, such as power station, gas refinery and transportation. Some major incidents of cyber attack on power sectors, like the Blackenergy attack on Ukrain’s power grids and the Stuxnet on Iranian nuclear plants, cut off their data flow and disrupt utility serviceability. Due to the increased service convergence of Information Technologies (IT) and Operational Technologies (OT), there is an urgent need for more comprehensive, multi-layer security measures for CIP (critical infrastructure protection) in order to ensure secured communications and mitigate the advanced cyber treats.
Since the cyber attack of Ukraine’s power grids in December, 2015, it is clear that traditional ICS, SCADA and off-the-shelf operating systems in substation present imminent vulnerabilities for cyber attack. As the OT networks in critical infrastructures and IT-based control layer devices are more and more interconnected, there have been more loopholes exposed to cyber intruders. Since the energy infrastructures are highly critical to the economic well-beings of the societies, a successfully penetrated attack would cause devastating effects to the enterprises, the government and the people. Therefore, it is necessary to implement an industrial-grade network gateway to secure the industrial communication networks and protocols as most cyber attacks come from this channel.
Nowadays, utility productions, such as oilfield, petroleum refinery, and offshore gas drilling, have become more and more digitalized and connected. Devices deployed such as PLCs, HMIs, SCADA, sensors and embedded computing systems are inter-connected operational technologies (OT) in order to optimize automation and productions. Though digitalization and interconnections of OT devices have increased productivity and outputs for the oil and gas industry, the door is opened to cyber attacks at the same time. As a matter of fact, the numbers of cyber attacks to utility production industries have been rising continuously. According to researches, over 60% utility companies have encountered at least one attack in past years and petroleum industry is listed as one of the most targeted industries for cyber attacks
Utility institutions today are operating globally and relying on substation automation systems to have a secured and reliable solution for controlling and monitoring status of the substations and grids. Historically, substation automation structures involve multiple proprietary protocols which consist of numerous remote thermal units, PLCs, HMIs and plenty of computing systems to be wired together. This implementation usually results in heavy hardware investment, high engineering development time and high maintenance costs due to wiring redundancy and customized communication protocols. In fact, there could be compatibility issues among the automation devices from different vendors.
Since the trend of IoT (Internet of Things), energy sectors all over the world have been frequently the main targets for deliberate malware as consequences of planned attacks can highly devastate reliability, serviceability and public trust. One of the recent incidents was the power cut during Christmas season in Ukraine, 2015, followed by a series of cyber attacks to local energy companies. Large parts of the state were under power black-out. This incident revealed that ICS systems today are practically vulnerable to deliberate attacks.