A Smart Grid is a DSO’s (Distribution System Operator) largest investment and a national asset upon which mission critical and life-saving services rely. Government, business and residents rely on the service it provides every second of the day. It provides the energy supplier with their revenue, and through it, the DSO has access to highly privileged and sensitive customer information.
The bad guys are highly motivated to attack you, and highly ingenious
Remote On/Off Switch
Automation & Analytics
Disruption, System Compromises
Hijack or Brick Meters/DCs
The Information and Communications Technology (ICT) industry has found, at its cost, that relying on perimeter defense against cyber criminals is insuﬃcient. A perimeter is a combination of ICT, processes and people. Even where the ICT piece achieves high theoretical protection, it is the process and the people that can create “loop-holes”, which the cyber-criminals are highly skilled at exploiting.
Are Protective Measures Enough?
This is equivalent to relying solely on the strength of your locks to your home and hoping that no one else has a key or can pick the lock! Modern cyber-security solutions are designed with the assumption that, eventually, protection will be breached. This means that only when detection and response is coupled with protection, is it possible oﬀer a comprehensive defense.
Threat Detection for the Smart Grid
Even if you are aware of security events, you can be missing important indicators of attack, simply because they are lost in the background of low-level threat indicators and false positives. Common responses are to log everything or log nothing. In either case, you are unable to spot the key indicators that would allow you to adopt a modified security posture in response to a threat or react to block an attack or limit its impact.
Grid Watch allows you to augment your already robust OSGP smart meter security infrastructure by adding detection and response capabilities to your established protection layers. It allows you to identify changes in the threat-level, adapt your posture accordingly, spot a developing attack, identify points of penetration, quickly initiate responses to blunt the attack, and start to offer credible deterrents to the cyber-criminal.
Grid Watch also allows you to assess the effectiveness of your protective security controls and monitor for exploits of known weaknesses.
Secure Firmware Updates
3rd Party Reviews & Audits
Physical Tamper Alarms
Security "Always on" Default
Keys Per Device & Interface
Application Layer Protection
Hardware Security Modules
Least-Privilege Access Control
Is protection enough?
Threat Detection for the Smart Grid
Grid Watch intelligently interprets security event information from your OSGP AMI. At its foundation are the security event indications which are provided by every OSGP secured smart meter deployment in the world. It applies sophisticated correlation and pattern matching rules, based on the topology of your network, developed and extended by our own security specialists, to highlight concerted and sustained threat and attack. The result is a highly refined set of threat and attack indicators that you can rely on and respond to.
Grid Watch is designed to integrate into your existing Security Information Event Management (SIEM) tooling, and so contribute to your wider corporate IT security standards. Grid Watch also provides report outputs so utilities can gain in-depth and historic information about the threat-landscape and identify long-term changes, which may otherwise be missed.