In the US, a new security solution, introduced by Intel, to secure both legacy and new critical infrastructure, has been tested at Texas Tech University.
The Intel Security Critical Infrastructure Protection (CIP), a joint development by Intel Security and Wind River, provider of embedded system software, has created the security platform to minimise the risk of cyber-attacks compromising power grid infrastructure.
The Intel Security CIP works by “separating the security management functions of the platform from the operation applications, allowing the operational layer to be robustly secured, monitored and managed,” reports BusinessWire.
Milton Holloway, president and COO of the Center for the Commercialization of Electric Technologies in Texas said: “From December 2013 to January 2015, the Intel Security CIP was in a field at Texas Tech University, where its performed as required by NIST standards and withstood penetration testing, as well as protected the synchrophasor applictions during the Heartbleed vulnerablility and Havex attacks.”
The easy-to-deploy platform can be retrofitted onto existing infrastructure with minimal changes to business process or application software. The Intel Security CIP includes key protection features such as device identity, malware protection, data protection and resiliency – compatible with the growing M2M applications found in enabling a smarter grid today.
Lorie Wigle, vice president of Internet of Things Security Solutions for Intel Security said: “The risk of cyberattacks on critical infrastructure is no longer theoretical, but building security into the grid is challenging due to the amount of legacy infrastructure and the importance of availability of service.
“Traditional security measures such as patching and rebooting are often inappropriate for the grid, so we set out to design something entirely different that could be non-invasive but simultaneously robust.”
Further efforts for cyber-security
Intel security had in 2011 and 2010 sponsored global studies on the security of the grid, conducted by the Center for Strategic and International Studies (CSIS).
The latest study: “In the Dark: Crucial Industries Confront Cyberattacks” reported that 200 critical infrastructure protection executives were surveyed globally, of which 32% hadn’t adopted special security measures for smart grid controls. 33% of participants, had however, anticipated a major cybersecurity incident within 12 months.
The key finding was that the energy sector was not sufficiently prepared for cyber-attacks.
The Intel Security CIP platform was demonstrated in US state, Washington D.C. this week.
Holloway concluded by saying: This project was an outstanding example of a successful public-private partnership in that it produced technologies that are market-ready. What could be a better outcome o a demonstration project?”.