Service Based Security
- Jan 15, 2015 12:00 pm GMTJun 4, 2015 10:57 pm GMT
- 5274 views
Essentially, the typical services of any power utility are to an extent generic in nature; however, in the world of specialized services, where the core services of a utility may be redefined, there will be a need to identify and guard the core. For e.g., in populous cities, like Tokyo, Sao Paulo, Delhi or New York, where both proactive and reactive management of utilities assets, say smart meters need to be super indexed, a service addressing this would be a core service. Or say, in traffic congested cities like Brussels, Los Angeles, London or Paris, where, with a hoard of electric vehicles on the roads, one of the core services that future utilities would need to provide must be the charging point management of these vehicles.
Some of the utilities may also hold these customers' social conversations, despite of not being in their closed social circle. So, not only the end points of these services but also the related end to end data management services, evidently need to be secured. Most importantly, the responsibility for security of the communication plane would need to be clearly defined between the service providers and utilities.
With promising Big Data analyzers, soon, algorithms will be employed for a more controlled phase distribution. Consequentially, in terms of OT landscape, the asset security has to call for concrete SCADA and PMU security sooner than later.
The below areas might seem as probable specialized service areas and one or more of these components will, in future, serve as the core of the utility services:
1. Small commercial and Industrial units' SMART services
2. PHEV charging & parking
3. Utility social portals
4. Regulatory Analytics
5. Retail portals using SMART services/transactions, for e.g. renewable energy certificates or smart energy pool certificates etc.
This protocol may be implemented with security frameworks already at disposal, like the AICAAA that uses the following checkpoints:
1. Access Control
However, a crucial factor for success would still have to be a thought through disaster recovery and healing module, should a security failure occur. And, this module can be planned and established with ease according to the criticality of the specialized services. Since the specialized services would use dedicated or partitioned infrastructure and tools, it's needless to speak that this approach will guard a single layer from being wholly affected by an attack.
What is your take on service based security?