Cyber Security Considerations for Private LTE Networks in Utility Grid Operations

Posted to EPRI in the Digital Utility Group
image credit: © Michael Borgers |
Christine Hertzog's picture
Principal Technical Leader, Cyber Security Strategic Initiative, Electric Power Research Institute

Christine Hertzog is a Principal Technical Leader focused on OT Cyber Security research at EPRI.  She conducts research on new technologies suitable for OT environments and informs industry...

  • Member since 2010
  • 286 items added with 155,299 views
  • Aug 25, 2020

For utilities, what’s the weakest cyber security link in private LTE networks used for utility OT or industrial control environments?  Amongst the known unknowns of private LTE cyber security a good suspect is the air interface between utility User Equipment (UE) and Evolved Node B (eNB) base stations logically situated at cell towers. 

It’s a significant attack vector.  Exploitation of security gaps here – particularly creation of rogue UE (devices) or base stations can give an attacker the entry point to access WANs, substation LANs, or FANs and the applications used by utility control centers and OT cyber security resources. Private LTE WANs carry SCADA and EMS data needed by utility control centers to monitor and manage grid performance and asset health.  Substation LANs transmit data to monitor access to remote assets and perform a variety of critical grid operations. Utility FANs carry data from sensors and FLISR applications for improved situational awareness of distribution grids.  Even when the data traveling over a private LTE is encrypted, it’s not immune from a cyber attack.  How?  Because encryption merely keeps data private, it doesn’t keep it immutable.  OT environments put an emphasis on data availability and integrity over confidentiality.  Encrypted data can be altered, compromising data availability and integrity.  That data may be unusable in OT environments.  Stingrays, devices used by law enforcement agencies around the world, emulate base stations and gather data about mobile devices. What if a Stingray type of device was used to compromise data availability or integrity in OT environments?  The consequences of such attacks could range from asset damage and service disruptions to imperilment of human health and safety.

Understanding the full scope of cyber security risks of the UE/eNB interface is complicated by two realities.  First, utilities that have deployed or are deploying private LTE networks typically have hybrid networks comprised of multiple technologies – in other words, these are not pure private LTE networks.  Second, the security stance across these hybrid networks is only as good as the best mitigations to the worst security gaps.  For instance, many legacy SCADA systems were originally deployed without security considerations at all, so the “bolt-on” security solutions and practices could have some weak points.

Utilities can begin to answer private LTE security concerns by exploring potential attack paths in their own networks to assess and prioritize vulnerabilities, and then develop mitigation plans for them.  However, production environments cannot be used for investigation, so research must be conducted in laboratory settings using network simulations that model multiple attack scenarios and identify and test security mitigations.  Understanding and mitigating the weakest cyber security link in private LTE will give utilities the confidence that data availability and integrity for production environments is not compromised. 

Founded in 1972, EPRI is the world's preeminent independent, non-profit energy research and development organization, with offices around the world.

No discussions yet. Start a discussion below.

Christine Hertzog's picture
Thank Christine for the Post!
Energy Central contributors share their experience and insights for the benefit of other Members (like you). Please show them your appreciation by leaving a comment, 'liking' this post, or following this Member.
More posts from this member

Get Published - Build a Following

The Energy Central Power Industry Network is based on one core idea - power industry professionals helping each other and advancing the industry by sharing and learning from each other.

If you have an experience or insight to share or have learned something from a conference or seminar, your peers and colleagues on Energy Central want to hear about it. It's also easy to share a link to an article you've liked or an industry resource that you think would be helpful.

                 Learn more about posting on Energy Central »