January 2020

BTL Mark: Resolve interoperability issues & increase buyer confidence
BACnet Testing Laboratories

(Click Message to Learn More)

Next Generation OT Cybersecurity

 Profiles for Buildings and Microgrids

Toby Considine

 Toby Considine
TC9 Inc

The New Daedalus

Contributing Editor

New Products
Secured by Cimetrics
Site Search
Control Solutions, Inc
Past Issues
Securing Buildings News

For the second year, the AHR show in February 2020 will include the New Deal Cybersecurity Summit. Moving to the new BACnet-SC (Secure Connect) standard will likely be a significant portion of the Summit. But SC has taken years to develop and is still too little, too late. Some of the speakers will present critical next steps for securing building automation. Even with these steps, BACS, like the rest of IoT, will continue to lag behind current approaches in enterprise cybersecurity.

In August of 2017, US Cyber Command was raised to the status of a unified combatant command. Organizationally, this put USCYBERCOM at the same level as the regional commands such as the European Command or the Indo-Asian Command, and the functional commands such as Special Forces. The term “unified” says that the commands cross the organizational boundaries such as Army, Navy, Air Force and Space Force.

USCYBERCOM is tasked with centralizing command of cyberspace operations and strengthening DoD cyberspace capabilities. USCYBERCOM is concerned that the cyber-defense model of traditional monolithic systems that tightly couple the sensing, analytics, decision making and acting blocks of cyber-defense activities leads to brittle cyber-defense infrastructure that is relatively static and difficult to coordinate for inter-domain responses to cyber-attacks.

Accordingly, USCYBERCOM demands more responsive, flexible, product agnostic and interoperable cyber defense components include the standardization of interfaces and the adoption of standard protocols. The goal is to ease interoperability and enable unambiguous machine to machine command and control messages.

To achieve these goals, USCYBERCOM and the NSA are encouraging the development of the cybersecurity open command and control specification, OpenC2. It is their hope that OpenC2 will find wide acceptance making OpenC2 conformance readily available.

It is a goal of USCYBERCOM to be able to use OpenC2 to manage cyber-defense across all Defense systems. In particular, USCYBERCOM wants OpenC2 to be available on all new systems before its wide deployment. A significant goal here is to standardize cyber-defense training in advance of second deployments.

This initiative will affect every participant in the smart building and operational technology (OT) markets. The twin goals of modern Defense Department specifications are to make technologies executable and readily available. Executable means that those who need custom applications, which includes systems that are designed for a specific building, will be able to use these requirements when going to bid, and be able to test whether those requirements were met. Readily available means that there are standard items on the market that meet the requirements. Integrators and suppliers will both be held to the new specifications—building owners will benefit from the new market.

USCYBERCOM intends OpenC2 as a cybersecurity command language for the Internet of Things, also known as Operational Technology (OT). Traditional cybersecurity commands are focused on the traditional networks of file servers, database servers, web servers, and desktop computers. Cybersecurity commands from firewall directives to interdiction of malware in documents have as their goal the protection of those administrative and data services. The communications requirements and systems architectures of OT are quite different than those of administrative systems, and the services provided by OT are far more diverse. The security directives for each type of OT system are just now being defined.

The services provided by OT may be critical to the performance of other systems. A cyber-threat to a power distribution system may create risks to every mission supported by that system. OpenC2 on OT systems may be able to provide critical situational awareness on threats to other missions.

Microgrids are a type of OT whose purpose is to supply local power to a system, facility, campus, or base. New microgrids autonomously match the supply and demand of electrical power in real-time. Many microgrids incorporate some level of internal power storage. A microgrid may incorporate proprietary controls for managing a unique set of distributed energy resources such as solar or wind. Many microgrids incorporate some level of internal power storage. A good cyber-defense profile for microgrids should be common to all microgrids while allowing for a diversity of technology within any particular microgrid.

OpenC2 commands are directed to discrete sets of functions grouped as a cyber-defense service, termed an Actuator Profile. A given system may offer multiple actuators. For example, a network gateway might offer three actuator profiles: a stateless packet filter service, a stateful packet filter service, and a malware-blocking service.

So, too, an OT system may support multiple actuator profiles. An OT system may support the Stateless Packet Filter Profile as well as OT specific services.

Reliable Controls Part of developing the OpenC2 profile for Microgrids will be discovering the separable OpenC2 cyber-defense services.  An autonomous microgrid that interacts with other microgrids may support an actuator profile for that. A microgrid may support a profile for situational awareness of operational risks to power-dependent systems. An actuator profile for power storage may be broken out of the overall microgrid profile, enabling technology-agnostic commands to prepare for a widespread threat to power availability (“Charge Up!”) as well to be ready to provide extra power to another microgrid to support a fast-developing operational need. This last service may be one of several profiles on a microgrid, but the sole profile on a battery.

Microgrid deployments, especially of autonomous microgrids, are poised for accelerated deployment across DoD facilities. Deployed Microgrids are foundational to other services on bases. Microgrid functionality is tied to many key vulnerabilities of expeditionary or mobile basing. The required profiles should be a priority so that the cyber-defense of these new assets can be managed within a common operational and training framework with other cyber command and control functions.

While microgrids are first on the list, traditional building automation systems, such as HVAC, access control, and intrusion detection, will soon get their own profiles. These profiles are already being discussed but without significant input from the building automation industry or from commercial owners. As each profile arrives, it will begin to drive the market.

Drop me a line if you want to discuss this or to find out more…


[Click Banner To Learn More]

[Home Page]  [The Automator]  [About]  [Subscribe ]  [Contact Us]


Want Ads

Our Sponsors