Power and Energy

The convergence of automation and security stands as a cornerstone in the evolution of digital substations, which has enhanced efficiency, reliability, and performance. However, the proliferation of digital solutions also introduces new challenges, particularly in ensuring the robust security of critical infrastructure.

 

 

Cyber-Physical System (CPS) has emerged as the new paradigm converging the physical and cyber technologies, and has served as the cornerstone to realize IoT (Internet of Things) and IIoT (Industrial Internet of Things). Today, CPS has been embedded in critical infrastructures to converge computational domain and physical sensors and actuators to assure mission-critical application serviceability and performance. The embedded CPS allows precise and real-time interactions between computing devices and physical environments, and thus becomes a phenomenon in manufacturing, utility plants, chemical engineering, transportations and medical.

The concept of green architecture has been a widespread phenomenon to mitigate negative environmental impacts. Indeed, buildings are not just a shelter, but also come with diverse energy systems including lighting, HVAC (heating, ventilation, and air-conditioning), and electrical systems such as elevators, parking facility and entrance security. The maintenance expenses can often exceed the expected budgets. Besides the financial concerns, residents may also demand transparency of the energy consumption data about the buildings they live in, particularly towards incidents such as room temperature discomfort, system failure, and energy waste.

Since the introduction of renewable energy, the electrical system has become more complicated in the generation, distribution and transmission of electricity, so do the power grids. In fact, today’s grids have become more connected, expanded, and sophisticated. On the other hand, utility companies not only have to assure reliability of their system, but also the service resilience. Therefore, the management of the substations in the power grids must be managed with next-generation technologies.

Around August 2018, the largest manufacturing company of semiconductors and processors in Taiwan was forced to shut down its production facilities due to a widespread computer virus. The chip manufacturer reported that some of its fabrication systems were infected by the derivative version of “WannaCry” virus, a ransomware attack which devastated many enterprises and institutions in 2017.

After a series of high-profile cyber security incidents on critical infrastructures, governments and enterprises of such facilities have taken malwares seriously into considerations. Apparently, the malwares or ransomware over the past couple years, such as Stuxnet, WannaCry and Crash Override, have publically exposed the vulnerability of SCADA Networks or Industrial Control Systems in today’s power grid automation, petroleum sites and other critical infrastructures.

The number of targeted cyber attacks has increased exponentially over the past years, and the rate of attacks has also risen particularly on the critical infrastructure, such as power station, gas refinery and transportation. Some major incidents of cyber attack on power sectors, like the Blackenergy attack on Ukrain’s power grids and the Stuxnet on Iranian nuclear plants, cut off their data flow and disrupt utility serviceability. Due to the increased service convergence of Information Technologies (IT) and Operational Technologies (OT), there is an urgent need for more comprehensive, multi-layer security measures for CIP (critical infrastructure protection) in order to ensure secured communications and mitigate the advanced cyber treats.

Since the cyber attack of Ukraine’s power grids in December, 2015, it is clear that traditional ICS, SCADA and off-the-shelf operating systems in substation present imminent vulnerabilities for cyber attack. As the OT networks in critical infrastructures and IT-based control layer devices are more and more interconnected, there have been more loopholes exposed to cyber intruders. Since the energy infrastructures are highly critical to the economic well-beings of the societies, a successfully penetrated attack would cause devastating effects to the enterprises, the government and the people. Therefore, it is necessary to implement an industrial-grade network gateway to secure the industrial communication networks and protocols as most cyber attacks come from this channel.

第 5 頁,共 8 頁