Bulk Electric Systems Supply Chain Cyber Risk Management

Summary Statement

As part of a previous CREDC project, we have developed a permissioned Blockchain platform (see Fig 1) that provides data provenance and auditability in a cyber supply chain ecosystem[1]. Our contributions to the platform include a proof-of-stake consensus protocol [2,3] to provide assured validation of transactions and a secure multiparty computation protocol [4] to assure privacy for information shared by participating entities. The platform is designed to provide resilience especially by tolerating faults among the constituent components. However, the platform does not yet incorporate the cyber security risk management plan as outlined in NERC CIP-013-1. Fig. 2 describes the mapping of the NERC CIP-013-1 Cyber security risk management requirements to appropriate controls within our Blockchain platform. This will add to the platform’s resilience through early detection and reporting of faults. Fig. 3 illustrates the overview of the approach. At a macro level, the approach involves the customer outlining the performance and security requirements, the vendor identifying the appropriate hardware and software suppliers that can meet the requirements and closing the loop by the suppliers ensuring that they report the desired information that allows the customers to improve auditability, attribution and provenance of their critical assets. The system will also involve integration of vulnerability databases that would result in the system reporting to the stakeholders about any potential vulnerability risks in a component, and the supplier will be expected to provide remediation plans.

 

Fig 1. Blockchain empowered cyber supply chain

 

Fig. 2 NERC CIP-013-1 Cybersecurity Risk Management Plan

 

 

Fig 3. Solution Approach

Energy Delivery System (EDS) Gap Analysis

The cyber resilience of EDS will be reliant on a trusted and reliable cyber supply chain. The presence of multitude of diverse vendors, suppliers, distributors and integrators responsible for the hardware and software components in EDS and ICS has increased the presence of threats and vulnerabilities that go untracked. The North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP-013-1) plan addresses the third-party and supply chain risk for Bulk Electric Systems (BES). Critical components in BES are typically manufactured and integrated by overseas suppliers which expands the attack surface to adversaries with additional opportunities to infiltrate EDS. The NERC CIP-013-1 standard outlines processes for utilities, vendors and suppliers aimed at strengthening supply chain risk management. The successful realization of the standard will hinge on users, owners and operators of BES and the software and hardware vendors and suppliers engaged in implementing the processes. There is a need to enhance monitoring and auditing processes involved in integrating software and hardware components in BES.  The NERC CIP-013-1 standard encourages utilities to draft procurement language but does not hold utilities responsible for new ICS vulnerabilities. There is increased responsibility on the vendor to adopt software integrity criteria and controls.  The goal is to realize a collaborative security ecosystem that involves multiple stakeholders, such as, utilities, vendors, suppliers, etc. that emphasizes shared accountability for cyber risks. The utilities will have increased visibility into the vendor’s methods to provide integrity and will involve utilities and vendors playing a collaborative role in decreasing organizations’ cyber risk. The challenges for meeting requirements involve a) Software integrity and authenticity, b) Vendor remote access, c) Information system planning.

More Information

The bulk of the activities focused on testing and evaluating CyScPro in a container environment. We also conduced the performance evaluation of CyScPro. The performance of the CySCPro was assessed using AWS 2xlarge instances. The CySCPro platform was deployed with a multi-peer Rahasak blockchain cluster (16GB RAM and 8 CPUs). The deployment of the CySCPro orchestrated with Docker, Kubernetes and Helm charts-based container orchestration system. The evaluation results of CySCPro has been obtained from this deployment with a varying number of blockchain peers (1 to 15 peers). Figs. 1- 4 provide the results based on experiments conducted in a container environment on AWS. Our next steps are to evaluate the scalability of CyScPro. CyScPro code is now copyrighted and registered.