AI, Neural Networks, Machine Learning Offer Utilities a Leg Up on Operational, as well as Cyber, Security
- November 17, 2017
- 2162 views
The number, frequency and sophistication of power grid cyber threats is multiplying amid the drive towards ubiquitous network connectivity and the proliferation of energy and industrial Internet of Things devices, equipment and networks. At the least, electric utilities need to keep pace with the escalatoin of cyber threats, if not get ahead of the curve, and they're turning to companies that specialize in developing and implementing cyber security solutions for industry, the energy and power industries in particular.
As reported in part one of this post, the Federal Energy Regulatory Commission (FERC) is fielding public comments regarding a proposed new rule that extends recently established rule governing cyber security from bulk to low-impact electricity carriers. Leading local utilities, such as Vermont Electric Co-op, have a head start when it comes to compliance.
Vermont Electric Co-op and Nozomi's SCADAguardian
San Francisco, CA-based Nozomi Networks' SCADguardian lies at the core of Vermont Electric Co-op's cyber security platform and processes. One of the key attributes that led Vermont Electric to choose Nozomi and SCADAguardian is the secure network appliance's ability to provide real-time monitoring, detection, analysis and recommendations for remedial action that extend beyond cyber attacks to encompass anomalous activity and behavior throughout a utility's grid assets.
That in turn affords local utilities such as Vermont Electric Co-op unprecedented ability to detect and prevent threats – whether it's an attempted malware incursion or a faulty piece of equipment – before they can mushroom into bigger problems.
SCADAguardian makes use of the latest in artificial intelligence and machine learning techniques and methods. The imbues the network appliance-based, industrial cyber security solution with “Dynamic Learning” capabilites, Nozomi explains in a press release. Populating databases with historical, current and real-time data from every device or piece of equipment connected to the utility's grid network, SCADAguardian essentially learns what is normal or abnormal behavior and normal or anomalous activities.
Among other things, Vermont Electric is using SCADAguardian as an early warning system. Automating, adding computerized expertise and providing real-time cyber threat and operational risk alerts is saving Vermont Electric staff some 12-15 hours per week of labor, said Nozomi Networks' Chief Marketing Officer Kim Legelis.
Another example: within the first few hours of implementing SCADAguardian, a Canadian oil and gas company discovered an electronic device on its network infected with WannaCry ransomware, Legelis added.
“That was a case where the ability to detect and alert staff to a cyber security threat was of immediate value. It was something they were very happy to discover and be able to block immediately.”
Tackling one of the power industry's greatest challenges
Monitoring and detecting threats and faulty equipment throughout grid networks is one of the greatest challenges utilities, as well as the industrial sector more broadly, have faced for a long time, Legelis pointed out.
“Now we're seeing electrical and electronic devices and equipment – both ancient and modern – being connected to digital networks at a rapid pace. We spend a great deal of time studying and understanding all the protocols being used, and we apply that knowledge in our AI and neural networks to identify what is normal and abnormal for any given device or piece of equipment,” Legelis said.
“Cyber security in the industrial, power and energy sectors is maturing rapidly. There have been some big changes, and improvements, over the course of the last five years in terms of our abilities regarding real-time monitoring, threat detection and prevention, and a big 'Aha!' moment in the last couple.”
Low-impact electricity carriers, such as Vermont Electric Co-op, stand to benefit to an even greater degree than their larger power grid counterparts. Lacking the resources to employ and maintain dedicated cyber security departments, they can now obtain the same level of both cyber threat and operational risk protection and security as the nation's largest utilities, Legelis concluded.
“Vermont Electric is seeing these benefits every day. Yes, they are comparatively small and lack the capital and other resources large utilities have, but today they can leverage technology, such as SCADguardian, and begin realizing the same sorts of benefits and the same degree and level of protection as the largest utilities in the world.”