Cyber-Monitoring System Secures Connected Hydropower Plant from Potential Attacks

Background

Cyber threats to critical infrastructures shall be taken more serious than ever, as the number of attack incidents has increased and penetrated nuclear plants, and then oil, gas and energy sectors. On the other hand, hydroelectric has remained as one of the most reliable renewable source of energy for the past years.

However, malicious attacks have evolved in forms over the recent years as IIoT (Industrial Internet of Things) related technologies have been adopted in the industrial domains to optimize business operations. Therefore, it is critical to secure the leading renewable source of electricity generation from continually evolved or even well-funded cyber threats.

Requirements

The second largest hydro power plant in France worked with Lanner to develop a hardware-based monitoring and control system to run firewall and other IT security mechanisms, as they understand that software alone may expose vulnerability. In addition, hydraulic power accounts the second largest source of electricity in the country, and a malicious intrusion may have catastrophic impacts on businesses and residents, such as power outage and floods. Therefore, an IT/OT comprehensive monitoring system shall accommodate the following requirements:

Reduced Possibility of down-time with Visibility

One of the major objective of this cyber-monitoring system is to ensure 24/7 continuous operations, in order to prevent unexpected plant shut down, potential damage to the assets and negative impacts on environments and residents. Thus, the system must be empowered with adequate compute and network capabilities of running visibility software.

Advanced LAN Bypass

In a critical infrastructure environment, unexpected outage to the network connection may occur occasionally. Thus, the cyber-monitoring gateway must provide alternate traffic route. For example, LAN Bypass is a fault-tolerant mechanism to ensure critical business communications can remain operating while a network link is disrupted. To ensure traffic between LAN and WAN, the appliance shall provide hardware-based LAN Bypass to avoid compromising the interconnections.

NIC Expansion

A well-designed CIP (Critical Infrastructure Protection) in ICS (industrial control systems) and SCADA settings must accommodate future scalability with modular architecture, such as NIC module expansion to scale up certain functionality.

Solutions

Lanner’s NCA-4210 is introduced in this scenario to act as the DPI firewall between the control center and the hydropower plant. In other words, NCA-4210 functions as the cyber-monitoring and control gateway to converge IT/OT domains.

NCA-4210 is a well-designed hardware with capable features. The gateway is empowered by Intel® 6th/7th Generation Core-i7/i5/i3 CPU (formerly Skylake/Kabylake) and DDR4 memory with ECC data integrity capability to run visibility software and firewall mechanisms without performance compromise. Memory wise, NCA-4210 is designed with 2 DDR4 DIMM sockets with each supporting up to 32GB. The adoption of Intel® H110 or C236 series chipset as the new PCH is obviously a performance upgrade for PCI Express bus and peripheral DMI (direct media interface). Regarding expansion, NCA-4210 is designed with a NIC module expansion slot if scalability is needed. For instance, a multi-LAN module may be installed to expand the bandwidth.

Given the well-designed hardware, NCA-4210 can bring integrated security in IT/OT convergence applications.

Cyber-Monitoring System Secures Connected Hydropower Plant from Potential Attacks was last modified: July 15th, 2020 by Jorge Peregrina