Cybersecurity of your microgrid
An old friend walked by, said he is building a microgrid,
and wonders if we have any thoughts about how to protect it.
Well, I haven’t been trying to build a coherent defense
strategy. Not my job, and I have enough other jobs. But I have heard a whole
bunch of things here and there. Yes, I reviewed the new NIST cybersecurity
framnework/”standards” for power systems, and I remember the three way turf war
between commerce type folks, defense and security on cybersecurity for power.
Security of critical infrastructure, Clancy games… yes, have heard lots.
Four quick thoughts came to my mind for a friend:
1.
Whatever they tell you, first priority is to use
only fully compliant, verified compliant, SE
Linux.
2.
Use fiber, no wireless.
3.
I know a guy who seems to be leading the pack of
current ordinary intrusion detection.. so contact him, but I think we could do
better. (Sandboxing and pattern recognition… one can do lots better in pattern
recognition if one really exploits the underlying principles, from epistemology
to game theory).
4.
Don’t
forget the issue of hardware backdoors.
I have normally thought of hardware backdoors as “impossible”
in a way, though I suppose a real US-China partnership might be able to do
something.
Impossible… if something is lurking there in a piece of
physical hardware, in computer science, how could one possibly hope to elicit
it? Well, OK, a bit of the usual
sandboxing analysis does apply.. but
it’s hard. (Maybe serious… sorry if I have underestimated
it, subconsciously.)
But then comes an amusing idea: 2QC is not just a kind of
fast computer. It’s physical. It’s
using physics as its computer. So hooking up a 2QC to a suspect chip…. endogenizes
the chip into the physical computational process. What is a black box to us is
a white box to physics. So things become feasible which would have seemed
infeasible.
HOWEVER… problem formulation in specifying what a back door
IS might even be the harder issue. This is not like factoring a number, where
we have a clean formulation of the thing to be computed.
And in any case, building the basic 2QC comes first, before
such interesting possible extensions/applications.
By the way, my friend said "we HAVE to use some wireless, to get all the sensors we need." OK, that makes life more complicated, if economics DEMAND a mixed system. For some systems, the security realities just create infeasibility, but for others some compartmentalization and immune system make sense.
What of national policy issues to harden the power grid? Not
this morning. I’ve made some noises through proper channels in routine
government business already anyway… for whatever that may be worth.
Clancy's Threat Vector can mislead people in some ways, but his "four vectors" are familiar, as are the types of hacker attacks -- including those which can physically destroy big machinery.
No comments:
Post a Comment