Emerging Technology

Emerging Technology Overview

Emerging technologies in power generation OT systems aim to enhance efficiency, reliability, and safety. Key technologies being deployed include artificial intelligence (AI), digital workers, and wireless technologies. Predictive analytics tuning of process control using AI is being deployed and piloted. Digital worker technologies and robotics enhance human capabilities in the field and, in some cases, access locations that are inaccessible or difficult for humans. Wireless communications are being expanded for enhanced data gathering in support of data analytics needs.

Future use cases under evaluation include Industry 4.0, which integrates advanced manufacturing technologies, and quantum computing. Quantum computing must be considered, as it is proliferation will challenge traditional cryptographic methods.

‘’’Key emerging technologies and use cases’’’ include:

• Wireless Technology
• Digital Worker
• Artificial Intelligence
• Industry 4.0
• Quantum Computing
• Software Bill of Materials

Wireless Technology

Power generation plants and systems use wireless technologies as a communications pathway for IT and OT functionality. Wireless technologies are used to extend corporate/enterprise networks to remote locations, provide a mechanism to affordably transmit operational data, and enable advanced tools like digital worker technologies. Wireless technologies typically are not used for process control.

Challenges with [XYZ] in power generation facilities include:

• Like all digital technologies, wireless communication pathways can be susceptible to cyber attack if not correctly configured.
• Wireless technologies can include many different frequencies across the spectrum. Each available frequency can be matched to a use-case and functionality, i.e., sub-GHz ISM bands, multi-GHz bands, etc. All have their advantages and trade-offs.
• Different protocols are used at different frequencies and are “controlled” by standards bodies and organizations, i.e., IEEE 802.11, LoRaWAN Alliance, etc.
• Not all vulnerabilities can be effectively mitigated. Jamming remains a problematic attack for wireless technology users to mitigate. This is one reason wireless technologies aren’t typically used for process control communications.

Relevant EPRI Resources

• Secure Open-Source Data Acquisition Unit: A Raspberry Pi Proof-of-Concept (3002025395)
• Securing Digital Worker Technologies: Operational Technology(OT)/Information Technology (IT) Framework for Evaluating Cyber Security when Deploying Digital Worker Technology (3002023360)
• Securing Wireless Communications in Power Generation Environments: A Process for Evaluating and Securing Wireless Deployments (3002024337)
• Roadmap for Resilient Positioning, Navigation, and Timing (PNT) For the Electricity Subsector (3002020266)

Wireless Technology: PNT Attacks

Power generation control systems and OT networks rely on an accurate timing source. Position, Navigation, and Timing (PNT) sources commonly utilize satellite constellation technologies like the Global Positioning System (GPS), Global'naya Navigatsionnaya Sputnikovaya Sistema, (GLObal NAvigation Satellite System or GLONASS), or Galileo. PNT data is transferred using frequencies generally between 1.1-1.6 GHz. Other commercial constellations exist that can provide a backup timing source for critical infrastructure. Timing sources other than those from satellites also exist as an alternative method of keeping accurate timing. Cyber threat actors have conducted attacks on satellite PNT sources to disrupt navigation and positioning and cause regional signal outages. These attacks could impact the electric sector and cause control systems to malfunction.

‘’’Key PNT research findings include:

• Several PNT attacks have resulted in off-course navigation and positioning issues. Covert and overt spoofing of PNT information through GPS on drones is possible and has been demonstrated. News outlets reported in 2011 that Iran was successful in spoofing the GPS signal in a U.S. stealth drone, causing it to malfunction and land.
• EPRI has demonstrated attacks on GPS-based timing systems in industrial control systems. Commercially available equipment was attacked in a controlled lab setting to determine response/impact and identify mitigations. Several types of attacks successfully impacted equipment and accurate timing ability.
• Several systems within generation plants rely on coordinated and synced timing, including equipment used for process control, communications, safety, and M&D.
• Backup and failover sources, some not dependent on GPS, can be utilized to mitigate impacts from specific attacks.

Relevant Resources

• Unmanned Aircraft Capture and Control via GPS Spoofing
• Roadmap for Resilient Positioning, Navigation, and Timing (PNT) For the Electricity Subsector (3002020266)

Secure Wireless Data Acquisition

Power generation plants, especially within the DCS and other instrumentation, will continue to generate more data. The monitoring and diagnostics (M&D) capabilities of utilities will continue to mature and require more plant data. Modern DCS solutions have much instrumentation built in that can be leveraged through the historian. Still, as diagnostics, prognostic algorithms, and artificial intelligence tools are deployed, utilities will continue installing sensors and instrumentation beyond the DCS points. Many of these sensors are low-cost, non-serviceable, and have additional capabilities like wireless communication. Wireless communication for sensors used for data generation and monitoring can be beneficial if the sensor data is not used for control or in a control/operator’s decision process.

Key secure wireless data acquisition' in power generation facilities include:

• Using built-in or hybrid wireless transmitters can help lower installation and implementation costs.
• Many wireless frequencies and protocols can be used within a generation plant and should be matched for the data use case.
• Wireless protocols and communication channels can be secured using encryption, machine-to-machine authentication, certificates, and other security controls per the use-case application and protocol features.
• EPRI developed a low-cost, secure, hardened, wireless data acquisition system using a Raspberry Pi-based single-board computer. The unit uses LoRa and 802.11 Wi-Fi to transmit data to a gateway into a networked repository. The build plans, performance results, specifications, and hardened OS image are available for download.

Relevant EPRI Resources

• Risk-Informed Vulnerability and Patch Management Guide: Generation Cyber Security
• Secure Open-Source Data Acquisition Unit: A Raspberry Pi Proof-of-Concept (3002025395)
• [https://www.epri.com/research/programs/112046/results/3002024337 Securing Wireless Communications in Power Generation Environments:

A Process for Evaluating and Securing Wireless Deployments (3002024337)]

Digital Worker

Digital worker (DW) technologies are digital devices that allow workers to interactively access data, collect data, virtually connect to subject matter experts, or provide an advantage or greater efficiency that will enable workers to be more productive. Some examples of DW technologies could include tablets, augmented reality headsets, virtual reality, and simulation.

Challenges deploying digital worker technologies in power generation facilities include:

• To enable maximum benefit for digital field workers using these technologies, they typically require access to internal data sources or the internet (cloud applications).
• As utilities transition to low carbon resources and build renewables in remote locations, internet, and internal network connectivity are sometimes barriers to widespread adoption.
• Because these devices are typically assigned to DWs and usually require wireless access, cyber security programs should have a process for ensuring that these devices are controlled, and the additional cyber risk is mitigated.
• One common use-case is to provide near real-time operational or equipment health data to workers. Process control and equipment health data can be generated in OT networks and stored in historians. DW technologies and data sources should be configured to access required data from non-OT networks where possible.

Current key digital worker technology security practices include:

• DW technologies can introduce an additional attack pathway to OT or IT networks if they are not adequately assessed, vulnerabilities are identified, and control is applied to mitigate additional risk. EPRI developed a framework to identify cyber security risks from DW technologies. The use-cases identified in the research categorize the connective requirements and network connections. The framework provides guidance to cyber security defenders to:
  • Categorize DW technology use-cases,
  • Identify cyber security risks associated with the DW use-cases based on communication and connectivity requirements and their potential impact, and
  • Apply cyber security best practices.
• Seven different categories of DW technology implementation were identified that help cyber defenders determine which controls could be applied as part of an effective cyber security control strategy.
• Use-cases can be identified as IT, OT, or converged IT/OT as well as isolated connection types. Implementing DW technologies requires the application of cyber security controls across all three functions: protect, detect, and respond & recover.