Emerging Technology

From CyberWiki
Jump to navigation Jump to search

Emerging technologies in power generation OT systems aim to enhance efficiency, reliability, and safety. Key technologies being deployed include artificial intelligence (AI), digital workers, and wireless technologies. Predictive analytics tuning of process control using AI is being deployed and piloted. Digital worker technologies and robotics enhance human capabilities in the field and, in some cases, access locations that are inaccessible or difficult for humans. Wireless communications are being expanded for enhanced data gathering in support of data analytics needs. Future use cases under evaluation include Industry 4.0, which integrates advanced manufacturing technologies, and quantum computing. Quantum computing must be considered, as it is proliferation will challenge traditional cryptographic methods.

Key emerging technologies and use cases include:

  • Wireless Technology
  • Digital Worker
  • Artificial Intelligence
  • Industry 4.0
  • Quantum Computing
  • Software Bill of Materials

Wireless Technology

Power generation plants and systems use wireless technologies as a communications pathway for IT and OT functionality. Wireless technologies are used to extend corporate/enterprise networks to remote locations, provide a mechanism to affordably transmit operational data, and enable advanced tools like digital worker technologies. Wireless technologies typically are not used for process control.

Challenges with wireless deployment in power generation facilities include:

  • Like all digital technologies, wireless communication pathways can be susceptible to cyber attack if not correctly configured.
  • Wireless technologies can include many different frequencies across the spectrum. Each available frequency can be matched to a use-case and functionality, i.e., sub-GHz ISM bands, multi-GHz bands, etc. All have their advantages and trade-offs.
  • Different protocols are used at different frequencies and are “controlled” by standards bodies and organizations, i.e., IEEE 802.11, LoRaWAN Alliance, etc.
  • Not all vulnerabilities can be effectively mitigated. Jamming remains a problematic attack for wireless technology users to mitigate. This is one reason wireless technologies aren’t typically used for process control communications.

Relevant EPRI Resources

Wireless Technology: PNT Attacks

Power generation control systems and OT networks rely on an accurate timing source. Position, Navigation, and Timing (PNT) sources commonly utilize satellite constellation technologies like the Global Positioning System (GPS), Global'naya Navigatsionnaya Sputnikovaya Sistema, (GLObal NAvigation Satellite System or GLONASS), or Galileo. PNT data is transferred using frequencies generally between 1.1-1.6 GHz. Other commercial constellations exist that can provide a backup timing source for critical infrastructure. Timing sources other than those from satellites also exist as an alternative method of keeping accurate timing. Cyber threat actors have conducted attacks on satellite PNT sources to disrupt navigation and positioning and cause regional signal outages. These attacks could impact the electric sector and cause control systems to malfunction.

‘’’Key PNT research findings include:

  • Several PNT attacks have resulted in off-course navigation and positioning issues. Covert and overt spoofing of PNT information through GPS on drones is possible and has been demonstrated. News outlets reported in 2011 that Iran was successful in spoofing the GPS signal in a U.S. stealth drone, causing it to malfunction and land.
  • EPRI has demonstrated attacks on GPS-based timing systems in industrial control systems. Commercially available equipment was attacked in a controlled lab setting to determine response/impact and identify mitigations. Several types of attacks successfully impacted equipment and accurate timing ability.
  • Several systems within generation plants rely on coordinated and synced timing, including equipment used for process control, communications, safety, and M&D.
  • Backup and failover sources, some not dependent on GPS, can be utilized to mitigate impacts from specific attacks.

Relevant Resources

Secure Wireless Data Acquisition

Power generation plants, especially within the DCS and other instrumentation, will continue to generate more data. The monitoring and diagnostics (M&D) capabilities of utilities will continue to mature and require more plant data. Modern DCS solutions have much instrumentation built in that can be leveraged through the historian. Still, as diagnostics, prognostic algorithms, and artificial intelligence tools are deployed, utilities will continue installing sensors and instrumentation beyond the DCS points. Many of these sensors are low-cost, non-serviceable, and have additional capabilities like wireless communication. Wireless communication for sensors used for data generation and monitoring can be beneficial if the sensor data is not used for control or in a control/operator’s decision process.

Key secure wireless data acquisition in power generation facilities include:

  • Using built-in or hybrid wireless transmitters can help lower installation and implementation costs.
  • Many wireless frequencies and protocols can be used within a generation plant and should be matched for the data use case.
  • Wireless protocols and communication channels can be secured using encryption, machine-to-machine authentication, certificates, and other security controls per the use-case application and protocol features.
  • EPRI developed a low-cost, secure, hardened, wireless data acquisition system using a Raspberry Pi-based single-board computer. The unit uses LoRa and 802.11 Wi-Fi to transmit data to a gateway into a networked repository. The build plans, performance results, specifications, and hardened OS image are available for download.

Relevant EPRI Resources

Digital Worker

Digital worker (DW) technologies are digital devices that allow workers to interactively access data, collect data, virtually connect to subject matter experts, or provide an advantage or greater efficiency that will enable workers to be more productive. Some examples of DW technologies could include tablets, augmented reality headsets, virtual reality, and simulation.

Challenges deploying digital worker technologies in power generation facilities include:

  • To enable maximum benefit for digital field workers using these technologies, they typically require access to internal data sources or the internet (cloud applications).
  • As utilities transition to low carbon resources and build renewables in remote locations, internet, and internal network connectivity are sometimes barriers to widespread adoption.
  • Because these devices are typically assigned to DWs and usually require wireless access, cyber security programs should have a process for ensuring that these devices are controlled, and the additional cyber risk is mitigated.
  • One common use-case is to provide near real-time operational or equipment health data to workers. Process control and equipment health data can be generated in OT networks and stored in historians. DW technologies and data sources should be configured to access required data from non-OT networks where possible.

Current key digital worker technology security practices include:

  • DW technologies can introduce an additional attack pathway to OT or IT networks if they are not adequately assessed, vulnerabilities are identified, and control is applied to mitigate additional risk. EPRI developed a framework to identify cyber security risks from DW technologies. The use-cases identified in the research categorize the connective requirements and network connections. The framework provides guidance to cyber security defenders to:
    • Categorize DW technology use-cases,
    • Identify cyber security risks associated with the DW use-cases based on communication and connectivity requirements and their potential impact, and
    • Apply cyber security best practices.
  • Seven different categories of DW technology implementation were identified that help cyber defenders determine which controls could be applied as part of an effective cyber security control strategy.
  • Use-cases can be identified as IT, OT, or converged IT/OT as well as isolated connection types. Implementing DW technologies requires the application of cyber security controls across all three functions: protect, detect, and respond & recover.

Relevant EPRI Resources

Artificial Intelligence

Artificial intelligence (AI) is a generic term typically used to describe and include advanced mathematical algorithms and equations for data analysis. It should be noted that AI tools are beyond those associated with advanced pattern recognition, trending, and baselining. Some types of AI could include machine learning (ML), the use of neural networks, natural language processing (NLP), large language models (LLM), convolutional neural networks (CNN), transformers, encoders, etc. Various AI techniques can be applied to address use cases within the energy sector to provide advanced insights, increase efficiency, aid the decision process, and support automation. AI technologies are becoming more integrated within IT and OT applications and will be more commonplace.

Considerations and 'Challenges' with deploying and using AI in power generation facilities include:

  • AI technologies have been implemented across the energy sector, mainly in IT environments, to aid data analysts in understanding current equipment health, increasing O&M efficiency, and increasing customer value/satisfaction.
  • AI can be a target for cyber attackers. Adversaries can target the AI coding, training, and analysis datasets in various attack scenarios.
  • AI can also be found in many embedded products. AI algorithms can be found on edge devices, crewless vehicles, IIoT, DW technologies, and networking technology throughout the energy sector.
  • AI tools can also increase automation and efficiency in cyber security operations. Consumer tools can be applied, or custom tools can be developed to aid cyber analysts in correlating data from many sources, conducting advanced analysis, and automating response functions based on current conditions.

Relevant EPRI Resources

Industry 4.0

Industry 4.0 is a term used to describe the fourth industrial revolution. It specifically follows the first, second, and third industrial revolutions that correspond to mechanization, electricity and mass production, and automation, respectfully. Industry 4.0 corresponds to the introduction of cyber-physical systems with an emphasis on the Internet of Things (IoT), the industrial Internet of Things (IIoT), artificial intelligence (AI), big data, and cloud computing. The continuous blending of IT, IoT, IIoT, and OT equipment, protocols, data, and requirements into industrial networks necessitates the best practices, cyber security risk methodologies, and technical assessment methodologies to understand the communication pathways, requirements, functionality, and configuration of cyber-physical devices and how they should be secured.

Key Facts and Challenges with Industry 4.0 in power generation facilities include:

  • Cyber-physical systems, IoT, IIoT, cloud computing, and cognitive computing are focused within Industry 4.0 to enable increased efficiency and create new value.
  • Several organizational, regulatory, security, social, and economic challenges associated with Industry 4.0 adoption have been identified and should be addressed throughout the project implementation stages.
  • Vendors are increasingly using cloud-based tools to provide their services. Cloud-based tools require a connection to the internet to transport data and provide service. Care should be taken when allowing IoT/IIoT devices within a utility network to access the internet.
  • The fourth industrial revolution is the beginning of the imagination age. The Imagination Age goes beyond the Information Age where digitization made it possible to realize additional economic value by digitizing analog processes. The Imagination Age leverages creative technologies like virtual and augmented reality, generative AI, etc. to enhance user experiences and value to drive additional economic value.

Relevant EPRI Resources

Industry 4.0: Internet of Things (IoT) and Industrial Internet of Things (IIoT)

The Internet of Things (IoT) is a generic term that can include “smart” electronics, communications, and digitalized devices that are most commonly associated with a “smart home.” IoT devices are typically configured and enabled to increase their capability through access to the internet. Industrial Internet of Things (IIoT) devices are similar to IoT devices but are designed to operate and add value in an industrial environment like a power generation plant. These IIoT devices typically do not require access to the public internet but are designed to communicate on a network. Some examples of IIoT devices could include edge computing devices, smart sensors, embedded systems, industrial wireless communications devices, etc. These devices are typically designed for functionality and options for security configuration and controls are often lacking. Additional analysis is usually required to mitigate all vulnerable attack pathways.

Key Considerations with IoT and IIoT in power generation facilities include:

  • IIoT devices are becoming more commonplace within generation plant environments to expand functionality and value, ease of use, and minimize implementation and maintenance costs.
  • IoT devices are typically targeted for home or residential use and normally use standard wireless 802.11 Wi-Fi protocols and frequencies. IIoT devices are usually targeted for industrial use and may offer standard wireless 802.11 Wi-Fi protocols and frequencies, but they may also offer other industrial, scientific, and medical (ISM) frequency bands and protocols. ISM frequency bands can range from 6 MHz to 245 GHz and utilize protocols such as Zigbee, LoRa, NB-IoT, Bluetooth Low Energy, Near Field Communications, or Wireless HART.
  • When used in a generation plant and especially when the supply chain, communications channels, and data security cannot be fully verified, the EPRI Technical Assessment Methodology or a similar cyber security risk analysis and mitigation approach can help ensure that risks associated with their usage are mitigated to an acceptable level.
  • EPRI’s Secure Open-Source Data Acquisition Unit can be considered an IIoT device.

Relevant EPRI Resources

Quantum Computing

Quantum computing technology harnesses the principles of quantum mechanics to solve problems that are too complex or time-consuming for classical computers. Although quantum computers and their technology components are in their infancy, they are rapidly evolving. Quantum computers will be well suited for solving problems that involve modeling, optimization, simulation, cryptography, artificial intelligence, and more.

Key Facts and Challenges with quantum computing include:

  • Qubits: Quantum computers perform calculations like their classical computing counterparts. Instead of transistors and silicon-based CPU chips, they rely upon qubits transitioning to higher energy states and measuring their state, analogous to the binary state of a transistor. Qubits can be any subatomic particle but are typically photons.
  • Superposition: Transistors can have only two states, binarily represented as a 0 or 1. Due to quantum superposition, qubits can have two states represented by a 0 or 1 but are also all states between 0 and 1 – simultaneously.
  • Entanglement: Quantum entanglement is the phenomena in which two qubits are inherently linked in the state, no matter their physical distance. This allows the measurement of the state of two qubits simultaneously. However, as soon as it’s measured, the qubit’s energy transitions to a lower energy level.
  • Interference: Photons and electrons, qubits, have a wavelike nature. Because of superposition and entanglement, interference can occur between multiple qubits depending on their state. Constructive interference can occur when the waves are synchronized, resulting in a multiplicative effect. Destructive interference occurs when the waves are out of phase and cancel. Constructive interference increases the probability of obtaining the correct output.
  • The quantum computers of today are analogous to early computing in the 1940s, like Alan Touring’s machines. Modern quantum computers are large and are only able to control small amounts of qubits. These assets also require large quantities of cooling that impacts miniaturization and mobility.

Relevant EPRI Resources

Software Bill of Materials

A software bill of materials (SBOM) is a record that lists all of the software components in an application or embedded in a device. Some of the components could include real-time operating systems, open-source components, 3rd party code dependencies or libraries, licensed or proprietary elements, etc. The SBOM can be a critical part of supply chain cyber security by providing asset owners and operators additional insight into the software packages and firmware that are running on their devices. It can help them understand where vulnerabilities may exist in sub-software components and help understand how to mitigate vulnerabilities where no patch or update is available.

Key Facts and Challenges with SBOMs in power generation facilities include:

  • Stemming from the Log4j vulnerability in 2021, President Biden issued a cyber security executive order requiring SBOMs for software applications used by the U.S. federal government.
  • Several organizations are researching and promoting SBOM standards, including the U.S. Department of Homeland Security.
  • Several tools can scan software packages and list the sub-software components to varying degrees. Some include:
    • Black Duck
    • SPDX
    • CycloneDX
    • SWID
  • The National Telecommunications and Information Administration (NTIA) of the United States has published a standard outlining the minimum requirements for an SBOM. As per NTIA specifications, an SBOM must contain the author, vendor, component, version, hash, identifier, and relationship.
  • Not all vendors produce SBOMs for their components or equipment; obtaining one may be difficult.

Relevant EPRI Resources

Retrieved from "https://cyberwiki.epri.com/index.php?title=Emerging_Technology&oldid=136"