Share |

Altalink: Implementing an end-to-end smart grid security strategy

With: Clint Struth, Principal Engineer, Telecommunications Networking and Cory Struth, Network Architect, AltaLink • Issue: Protecting your investment in transformational reliability and efficiencyCategory:

Highlights
  • AltaLink has secured its smart grid network with multiple layers of protection from control room to substation edge points.
  • AltaLink’s multi-tier security concept makes full use of IP/MPLS intelligence, flexibility and control, and includes strong attention to managing the human dimension.
  • AltaLink sees security as an integral aspect of any deployment — one that should be trumpeted from the upper management down through the organization.

In 2010 Alberta’s largest electricity transmission provider, AltaLink, set out to upgrade the distribution and communications infrastructure along its 12,000 km transmission grid in western Canada. Now in the second year of a four year build, its smart grid upgrade has reached more than 65 of its 300 substations. With support for general utility SCADA alongside teleprotection, engineering operations and other operational and corporate voice and data traffic, AltaLink has secured the network with multiple layers of protection that reach from control room to substation edge points.

“In addition to our focus on unauthorized access from the Internet, the command and control portion of the network is certainly a big concern, so architecting the control plane for maximum security on the MPLS network is a paramount,” says Clint Struth, AltaLink’s Principal Engineer, Telecommunications and Networking.  “We also have numerous people, some of whom are not employees but on contract, who are physically inside our facilities, and we don’t always have control over what they’re doing, so certainly edge-level protection is also critically important.”

AltaLink’s multi-tier security concept makes full use of IP/MPLS intelligence, flexibility and control. Its intrusion-detection system of checkpoints for all users includes:

  • Centralized authentication and logging
  • Security policies for each service through access control lists, MAC-pinning, IP and bandwidth filters
  • A centrally-managed and monitored firewall at every substation
  • A per-service firewall policy for nodes bringing services into substations via a Layer 2 Virtual Private Network (VPN)
  • Comprehensive password protection at different levels, which allows users to be quickly isolated and locked out, if necessary.

“We deploy industry best practices,” says Cory Struth, AltaLink’s Network Architect. “It’s a default deny policy unless a particular access or action is permitted, and that applies to all levels of the network. We have centralized user management so that there is one button to push to take everybody off if necessary. On the edge we’re looking at not just firewall but also IDS and IPS technologies. Pro-active monitoring fingerprints common and identified traffic, and alerts you to that being present. So there’s a proactive force, a reactive force, and a design component that all fit together.”

Inherent Security With MPLS

MPLS network architecture provides a high level of data security since there’s a separation of the control and data planes – something the Struths see as a key benefit in protecting AltaLink’s smart grid services. “If you were not to give the proper and due attention to securing your control plane, it could perhaps be more of a target just because it’s IP,” notes Cory. “However, the payload is encapsulated within an IP packet wrapped in MPLS labels. This affords an inherent level of security while in transit. Ultimately, it’s really about how you secure your management platform.”

The Struths note that teleprotection services are well protected on the network. “We run a QoS policy on the converged network backbone links on the transport side,” says Cory. “Teleprotection is basically number-one on the list after network control packets. That’s more about traffic engineering, though. The security of the teleprotection is basically encompassed in the overall security of the MPLS protection itself.”

AltaLink’s MPLS architecture provides a rigid service demarcation and separation of traffic while being label-switched across the network. Consequently, any reliability or security-related issues come into play occur more on the edge. “The edge is where you need to have a robust and scalable firewall solution that can handle converged services and apply a per-service security policy to your traffic when it’s egressing an ingressing the network,” Clint states. “The key is how you design that edge-level architecture, for example where you have one given port in substation that handles many services.”

The Biggest Challenge: Dealing with the Human Dimension

As utilities evolve their communications technologies to support smart grid, they need to consider the impact of the human dimension on security. The Struths believe that implementing a technology or hardware solution is relatively easy in the grand scheme of things, whereas trying to change the human side of it, shaping a human mindset around a fully comprehensive security policy, is a much more difficult task.

“The technology itself is maybe 30 to 40 percent of the equation, with the human aspect the bigger wildcard in the whole migration,” Clint notes. “Trying to get the people to buy in, learn the technology, and fully understand it and be capable with it is a much more difficult process. You’ve got to have the HR side of it, with the staff understanding the implications of security and why they have to be diligent about it.”

The Struths add that firewall solutions or installing video surveillance at critical substations are tools, but not really security. “They will alert you if something is not normal, but you still need intelligent eyeballs looking at it to make an assessment as to what the threat is,” says Clint.

Security and Ultimate Business Success

Clint and Cory Struth strongly believe that success for smart grid companies is critically tied to security — an integral, core aspect of any deployment that should be trumpeted from the upper management down through the organization in the same way that safety currently is in the electric power industry.

“The impact of a security breech is becoming much more serious to a company’s bottom line and public reputation,” Clint states. “Vulnerabilities need to be addressed and mitigated very early on. As networks become IT aware, it may only take a few large security breaches to drag this transition to a halt. The whole industry needs to take a very comprehensive approach to network security very early on.”

“You’re seeing it in the news…Sony, Citibank, Amazon…even Google. They’re all getting hacked,” adds Cory “Security for the next five years is going to be front and center in everyone’s mind. If you’re not thinking about it now, it’s going to be driven home through a variety of means. Cybercrime is taking off. People do want to own your network. This isn’t just vandalism and changing your web page any more – it’s getting into your network to control it, stealing your intellectual property and your money. You have to have defenses in place in case someone comes knocking on your door.”

Back to top