To support the drastic shifts occurring in nearly every facet of the utility industry, many utilities are exploring or deploying building their own Private Cellular (pLTE) network.
For those who have decided to pursue this path, one of the next steps is to consider how to implement cellular security features to meet the unique security requirements of the critical infrastructure these networks support.
Adopting customized network solutions can unleash incredible potential and operational efficiencies. One of those capabilities is to improve cyber security. Unlike public LTE, where security is largely unknown to the end user, pLTE allows utilities to customize security across the entire solution. Accordingly, pLTE shifts the responsibility of security onto the utility company.
This shift demonstrates why it is essential for companies to have informed internal resources that understand the telecommunications implications, the importance of what that security looks like, and how to take steps to implement it properly.
Security considerations for pLTE solutions connecting critical infrastructure
Carriers indeed secure their 4G/5G networks. But their focus is on maintaining the integrity of their public services. They predominantly offer public access to Internet-based services, and their customers expect a level of security, but not necessarily the level of security required to support critical infrastructure.
On the other hand, utilities using the same 4G/5G technology face a more critical battle and therefore warrant more holistic security. Rather than accessing the Internet, utility applications monitor and control the electric grid, which supports the general economy, public safety, and basic human needs. This elevates the risks and necessitates an even more diligent awareness of security threats they must consider as they follow (and necessarily adjust) carriers’ public security precedents.
The good news is that 3GPP provides a key set of capabilities, creating a security baseline for utilities to follow as they build out their own cellular networks. For example, features like traffic separation, over-the-air encryption, and secure backhaul are all basic 3GPP capabilities.
With that said, some of these items are optional and may not be implemented on some public LTE networks. Over-the-air encryption, for instance, can hamper user experience and may not be a popular option with carriers. It is a helpful security feature for utilities (who are both the users and operators within their pLTE network), and they should make it clear to their LTE solution designers that they want over-the-air encryption activated on their network.
When building a pLTE network, utility companies also have the option to secure beyond the basic 3GPP guidelines. They can implement next-generation firewalls and utilize situational awareness to maintain a safer communications environment. The end result is a much more secure and hardened private cellular network for a utility.
Advancing pLTE security
Putting necessary security in place requires a well-thought-out approach. To be most useful, pLTE security should incorporate Zero Trust Architecture (ZTA) along with Artificial Intelligence and Machine Learning (AI/ML) to detect threats on the edges of the network. As users become more experienced with ZTA, they will automatically start to reduce the attack surface, and security is tightened.
When you employ an identity-based security strategy or Zero Trust Architecture approach for identity and access management, the underlying principle is not to allow anyone or anything the ability to perform an action until their identity is proven. To establish greater trust, each utility can use its own private SIM cards and certificates to validate devices used within its system. In contrast to using public LTE, you are making the trust decision using advanced security mechanisms.
In the meantime, artificial intelligence and machine learning are working to detect external threats on the fringes of the network. For example, AI/ML can recognize when a device is being improperly used to upload content and then stop the feed before it becomes problematic. With visibility and awareness of all network devices, the pLTE system is much more beneficial to utilities.
By basing situational awareness on SIM cards along with device identifiers to create various categories of users, utilities can observe similar and predictable utilization patterns that AI/ML solutions can then monitor. AI/ML can recognize historical trends and inconsistencies to identify threats that require attention. Situational awareness facilitates problem isolation with minimal impact.
Experiencing the transformative power of secure pLTE solutions
Security can be a challenge for utilities making a move to pLTE. Especially if it is presumed that the technology's inherent security mechanisms are sufficient in themselves.
It is better to design advanced security controls to protect critical infrastructure systems and why professional third-party support is essential to a healthy migration. Ensure that you have the right people in place who understand critical infrastructure needs as well as industry-specific telecommunication and security issues.
We live in a time of unprecedented operational challenges for the utility industry. As operations become more complex and their solutions more sophisticated, private LTE is quickly becoming a leading network solution for the utility space. For your utility company to properly shift to pLTE, the conversion starts with education to make sure that you have security in place to ensure that the investment pays off over time.
Â
In the case of private cellular security in the electricity utilities industry, WWT brings a unique, mission-critical perspective to the table that is backed by deep industry knowledge as well as a current understanding of security threats and technologies. Follow this link for more information.Â