Around August 2018, the largest manufacturing company of semiconductors and processors in Taiwan was forced to shut down its production facilities due to a widespread computer virus. The chip manufacturer reported that some of its fabrication systems were infected by the derivative version of “WannaCry” virus, a ransomware attack which devastated many enterprises and institutions in 2017.

After a series of high-profile cyber security incidents on critical infrastructures, governments and enterprises of such facilities have taken malwares seriously into considerations. Apparently, the malwares or ransomware over the past couple years, such as Stuxnet, WannaCry and Crash Override, have publically exposed the vulnerability of SCADA Networks or Industrial Control Systems in today’s power grid automation, petroleum sites and other critical infrastructures.

The number of targeted cyber attacks has increased exponentially over the past years, and the rate of attacks has also risen particularly on the critical infrastructure, such as power station, gas refinery and transportation. Some major incidents of cyber attack on power sectors, like the Blackenergy attack on Ukrain’s power grids and the Stuxnet on Iranian nuclear plants, cut off their data flow and disrupt utility serviceability. Due to the increased service convergence of Information Technologies (IT) and Operational Technologies (OT), there is an urgent need for more comprehensive, multi-layer security measures for CIP (critical infrastructure protection) in order to ensure secured communications and mitigate the advanced cyber treats.

Since the cyber attack of Ukraine’s power grids in December, 2015, it is clear that traditional ICS, SCADA and off-the-shelf operating systems in substation present imminent vulnerabilities for cyber attack. As the OT networks in critical infrastructures and IT-based control layer devices are more and more interconnected, there have been more loopholes exposed to cyber intruders. Since the energy infrastructures are highly critical to the economic well-beings of the societies, a successfully penetrated attack would cause devastating effects to the enterprises, the government and the people. Therefore, it is necessary to implement an industrial-grade network gateway to secure the industrial communication networks and protocols as most cyber attacks come from this channel.

Utility institutions today are operating globally and relying on substation automation systems to have a secured and reliable solution for controlling and monitoring status of the substations and grids. Historically, substation automation structures involve multiple proprietary protocols which consist of numerous remote thermal units, PLCs, HMIs and plenty of computing systems to be wired together. This implementation usually results in heavy hardware investment, high engineering development time and high maintenance costs due to wiring redundancy and customized communication protocols. In fact, there could be compatibility issues among the automation devices from different vendors.

To reduce carbon emission, renewable energy has become one of the most discussed subjects regarding utilities. Among these, solar energy is the most anticipated source of renewable energy. In fact, many countries have already implemented solar PV plants in communities, commercial areas and industrial zones.

Traditionally, industrial control systems (ICS) like SCADA used to be isolated for its sole purpose of performing mission-critical tasks and controlling the processes within important infrastructures such as oil refinery, power plants, manufacturing factories, water/sewage treatment and energy plants. Therefore, these systems are built with conventional structures and operate in multiple decades of lifespan. However, with the increasing complexity in hardware design and the implementation of open network due to convenience and cost-effectiveness, ICS environments are vulnerable towards cyber threats. There have been incidents of cyber attacks over the past few years and thus ICS security has presented a great challenge. The following will discuss the issue in details and introduce robust platforms that can act as a gateway controller in packet inspection, whitelisting and protocol filtering.

第 29 頁,共 40 頁