Scada Based Online Circuit Breaker Monitoring System
RF_NEC
1. Special Security Report
The Target - Industrial Control Systems
Industrial control systems (ICS) are used for managing critical
infrastructure networks such as smart grids, gas supply and
many other critical services to modern life. Hackers looking to
disrupt civilian life have been focusing lately on critical
infrastructure networks to reduce the capability of local and
state governments’ to provide basic services.
The Challenge - Authentication & Control
ICS networks are considered safe because they are assumed to
be isolated from the outside world. However, there are two
main situations where this isolation is compromised: when the
system is physically accessed for system maintenance, and
during remote maintenance.
From both the network operations and the network security
aspects, maintenance operations pose a high-level risk to the
network. Without proper control, access rights granted for
maintenance operations may be improperly used for illicit
activities on the ICS, either by a malicious insider or an
unintentional employee with an infected laptop.
The Radiflow-NEC Solution
Radiflow and NEC have developed an integrated solution for
securing ICSs during both remote and on-site (physical)
maintenance operations. The solution, focused on
human-generated traffic and based on the RBAC (Role Base
Access Control) methodology, is compatible with the Guidelines
for Remote Access Management in NERC CIP Ver.5.
Under the proposed solution, the first, if not the most crucial
step prior to granting a user access to the facility, as well as
network access, is verifying the identity of the user.
This is achieved using an advanced two-factor authentication
scheme utilizing the NEC facial recognition system and
Electronic Card (or username and password in the case of
remote maintenance).
Once the user’s identity is verified, however, it is still imperative
to ensure that he has access to only specific devices on the
network and specific privileges on each device.
Upon authentication, a firewall configuration file is downloaded
to the Radiflow routers. These firewall rules enforce the
predefined task parameters, so that during the maintenance
operation the user is able to send only a specific range of
commands to predefined assets. The user’s privileges must be
aligned with the task at hand, so that he won’t be able to engage
with any other device.
At the same time, inside the facility, the technician’s location is
constantly monitored by the video surveillance system, which
escorts him to the maintained relevant device.
Any violations of these rules are monitored and logged, and
sent as alerts to the control center along with the all network
traffic data. This capability provides a comprehensive, real-time
picture of the maintenance performed.
A New Approach to Managing Human
Maintenance Activities at Remote Installations
Combined with NEC’s Physical Security Solution Suite, offering biometric
identification, access gates, video surveillance and behavior pattern analysis,
Radiflow’s ruggedized routers and gateways (including the 3180 Switch/Router,
shown) allow securing ICSs during remote and on-site (physical) maintenance.
RTU 2
The Radiflow-NEC integrated solution uses two-factor authentication to limit
access to specific devices, allowing secure remote or on-site maintenance.
RTU 1
Radiflow
Server
Radiflow
3180
NEC
Server