Download PDF
Protecting the Grid: CCS and BeyondTrust Team up to Secure Power Plants
Technology Category
- Cybersecurity & Privacy - Endpoint Security
Applicable Industries
- Electrical Grids
Applicable Functions
- Business Operation
Use Cases
- Cybersecurity
Services
- Cybersecurity Services
The Challenge
Comprehensive Computer Solutions, Inc. (CCS) provides computing solutions for industrial applications, with a significant customer segment in the energy sector. After the 9/11 attacks, CCS was asked by its customers to evaluate security. Prior to this, most of their customers relied solely on perimeter security and proprietary communications channels, which were deemed insufficient post 9/11. CCS's main offering for the energy sector is software that controls the various systems and equipment that generate and deliver electricity. They needed to find a security solution that they could package with their own offerings. The solution needed to be flexible enough to work with Human-Machine Interfaces (HMIs), cost-effective, easy to use, and have a customizable front-end to match the specific needs of power plant IT personnel.
About The Customer
Comprehensive Computer Solutions, Inc. (CCS) is a company that sells computing solutions designed for industrial applications. One of their main customer segments is the energy sector. After the 9/11 attacks, they were asked by their customers to evaluate security. Prior to this, most of their customers relied solely on perimeter security and proprietary communications channels. For the energy sector, CCS's main offering is software which controls the various systems and equipment that generates and delivers electricity. They began evaluating security software, seeking solutions they could package with their own offerings.
The Solution
After evaluating several security options, CCS chose BeyondTrust’s PowerBroker Endpoint Protection solution. Although PBEPP is designed as an Integrated Threat Management solution, with a suite of features that includes antivirus, endpoint protection, vulnerability scanning and more, CCS wanted something more basic: host-based intrusion protection (HIPS). BeyondTrust worked with CCS to package this part of PBEPP with CCS’s energy sector computing solution. PBEPP leverages an intrusion prevention engine that dynamically collects and incorporates new threat data in real time. PBEPP HIPS protects systems regardless of whether or not an attack has been identified and a signature or patch deployed against it. PBEPP blocks zero-day attacks that bypass traditional signature-based solutions, eliminating the need for specific attack signatures. Since the product was launched in 2004, it has successfully thwarted 100% of remote intrusion attempts.
Operational Impact
Quantitative Benefit
Related Case Studies.
Case Study
Hydro One Leads the Way In Smart Meter Development
In 2010, Ontario’s energy board mandated that time-of-use (TOU) pricing for consumers be available for all consumers on a regulated price plan. To meet this requirement, Hydro One needed to quickly deploy a smart meter and intelligent communications network solution to meet the provincial government’s requirement at a low cost. The network needed to cover Hydro One’s expansive service territory, which has a land mass twice the size of Texas, and its customers live in a mix of urban, rural, and remote areas, some places only accessible by air, rail, boat or snowmobile. Most importantly, the network needed to enable future enterprise-wide business efficiencies, modernization of distribution infrastructure and enhanced customer service. To meet these needs, Hydro One conceptualized an end-to-end solution leveraging open standards and Internet Protocols (IP) at all communication levels. The utility drew upon industry leaders like Trilliant to realize this vision.
Case Study
Selling more with Whirlpool
Whirlpool wanted to add connectivity to appliances and transform the company's relationship with customers. Traditionally, Whirlpool interaction with customers was limited to purchases made once every ten years. Connected washer and dryers provide exciting new features like remote management of start times and inter-machine communication.
Case Study
SAS® Analytics for IoT: Smart Grid
Companies face falling revenues, rising infrastructure costs, and increasing risk of outages caused by inconsistent energy production from renewable sources. Less money is coming in as more people and organizations take steps to curb their energy use. Utilities are paying more to maintain and build infrastructure due to increasing complexity, resulting from the rising number of intermittent and variable renewable energy sources connected in the distribution grid.
Case Study
Enel Secures Italian Power Generation Network
Electric energy operators around the world are working to increase the reliability and cyber resiliency of their systems. This includes Enel, a global power company that manages and monitors the Italian power grid. This grid:• Serves 31 million customers• Has a net installed energy capacity exceeding 31 gigawatts• Includes more than 500 power generation plants,including hydroelectric, thermoelectric, and wind• Is managed and monitored by Enel 24/7/365• Is operated by Terna, the Italian Transmission System Operator (TSO)Enel is responsible for the availability of the grid’s underlying ICS and industrial network. It also manages Regional Control Centers and Interconnection Centers which connect with the TSO. The TSO manages the flow of energy to the grid plus controls and remotely regulates the power generation of power plants, increasing and decreasing power production as required. The complex system of interaction and cooperation between Enel and the TSO has strong security implications as well as operational and business challenges.
Case Study
IoT based Energy Quality Availability Monitoring Solution
There were several challenges faced:Since this data would be in the public domain, accuracy and authenticity of this data were of paramount importance. It should be able to withstand scrutiny.It is challenging to build an appliance that can withstand a wide range of voltage fluctuations from as low at 90v to as high as 320v. Since the device would be installed in remote locations, its resilience was of paramount importance.The device would have to deal with poor network coverage and have the ability to store and re-transmit data if networks were not available, which is often the case in rural India. The device could store up to 30 days of data.The platform that deals with the data should be readily available and highly reliable and never lose a packet of data.
Case Study
Hydro Utility Builds Foundation for Powerful Efficiencies and Protection
As the main British Columbia electric distributor, BC Hydro provides 1.9 million residential, commercial, and industrial customers with energy. The hydro utility transformed to a digital business with Cisco connected networking, security, and smart grid solutions. • Deliver reliable, high-quality services • Enable remote automation and monitoring • Connect applications over a common networking infrastructure
