Zero Trust grid security model, built-in, not bolted-on

Cybersecurity has become an increasingly important topic for electric utilities because of the digitization of the grid and the frequency of attacks that are occurring on critical national infrastructure. Electric utilities are exposed to an expanding risk surface area by a rapid increase in connection points via DER’s, electric vehicles (EVs), mobile forces and cloud services.  Finally, with bi-directional power flow, an attacker can affect more of the system, making every endpoint a concern.  It’s not a closed system, it’s open to any technology or vendor that connects a new asset or device that meets certain communication standards.

Security of the past can no longer keep up as it’s impossible to be sure who is inside.  The castle analogy explains this well. The old way was to prevent the enemy from getting inside with high walls and a moat.  History has shown that new technology and overwhelming numbers defeated the castle and, once inside, anyone has access.  The Zero Trust grid security model assumes nothing is secure and establishes methods and practices that continuously authenticate and constrain access.  GridOS Zero Trust grid security principles is the way forward to help manage the open, expanding electrical utility network. GridOS is the first grid software portfolio designed for grid orchestration. This innovative solution is designed to bring energy data, network modeling, and AI-driven analytics together across the grid to power a suite of composable applications from GE, utilities, and partners that help utilities orchestrate an integrated, flexible, and secure clean energy grid. GridOS uses the Zero Trust grid security model aligned to NIST 800-207 which defines Zero Trust as “providing a collection of concepts and ideas designed to minimize uncertainty in enforcing accurate, least privilege per-request access decisions in information systems and services in the face of a network viewed as compromised.” CISA further explains “CISA shall modernize its current cybersecurity programs, services, and capabilities to be fully functional with cloud-computing environments with ZTA (Zero Trust Architecture)”.   Every aspect of the network’s security is challenged with users, technology, and software at the forefront.

Users present unique challenges as people are in social constructs with efficiency needs, seniority expectations and access rights.  Zero Trust security principles ensure the identity by authenticating the user with MFA (multifactor authentication) or TOTP (time based one-time password).  Federated ID (FID) management is also possible to limit the burden of administration by leveraging identity provider (IdP) as a trusted source for the user ID which is a requirement of GridOS. Finally, as username and passwords are often shared among people, the principle disallows this practice, so each user is considered unique. 

Technology spans many areas and unlike users, it can have consistent structure.  While hardware is certainly a part of the security posture, the network communications are an important focus and where attackers often try first.  Legacy systems might allow custom protocols from a supplier or unencrypted traffic for less latency.  Zero Trust security principles employ standard communication protocols, so all the parameters are known. It mandates all communications are encrypted even if they are internal.  Session management is often delayed in its update as RBAC (roles-based access control) are a function of organizational changes.  Zero Trust security principles not only have strict RBAC triggers, but also limit session concurrency, time, and inactivity.  Lastly, clients inside the OT network are assumed safe as they were deployed, as an asset tagged by the IT department.  Zero Trust security principles go the extra step of only accepting traffic from known clients by IP and certificate.

Software investments in the grid have been growing steadily for many years due to application innovations, the need to manage more data, and support a much wider connection universe. 

The application area in the established paradigm is considered trusted if the proper connection is permitted through routing and firewalls, with spoofing or traffic manipulation possible. GridOS, instead, relies on mutual Transport Layer Protocol (TLS), a method for mutual authentication, to ensure the application connectivity is secured with a key.  Additionally, RBAC policies and full encryption provide secure application connections.  Preventive areas for software and applications in the Zero Trust security model ensures SBOMs (software bill of materials) are verified, and the update cadence is consistent with patches and enhancements.  Outdated software gives the attackers an edge, bringing more risk to the electric utility.  

The Zero Trust security model, aligned to NIST 800-207, gives critical utility infrastructure confidence to change and grow as technology allows more use cases for the grid.  GridOS Zero Trust security model is built in, not bolted on, to ensure alignment to standards and growth in the grid’s scale potential.  The convergence of IT / OT brings in new complexity to the system, especially when OT has historically been isolated.  The energy transition cannot happen without a secure grid, and GridOS with Zero Trust security principles will adapt and scale as the market does. 

For a deeper dive into Zero Trust grid security principles and what it can offer utilities, check out our whitepaper on the subject.