9 / 56
7
Electricity
+
Control
SEPTEMBER 2017
<<Author>>
Tim Craven, H3iSquared
Trading CC
+27 (0)11 454 6025
tim@h3isquared.com www.h3isquared.comment and commissioning time, as well as deeper
technical knowledge. The trade-off includes both
increased security that is completely under your
control, as well as better auditing, monitoring and
ease/speed of maintenance as you are not reliant
on a third party solution.
VPNs to consider
Host-to-site
The next question then becomes what type of VPN
to use and what protocol/s to use to establish the
tunnels. In response to the first question there are
two major types of VPNs that can be considered.
The first is known as a host-to-site and is the more
commonly referred to option when users speak
about a VPN. This option involves a single user (the
host) connecting from a remote location to a secure
network (the site) via an unsecure network (normal-
ly the Internet). The user runs software on a laptop
that speaks to the VPN server hardware/software
on site to establish the VPN tunnel. From this point
it will be as if the user is directly connected to the
LAN, and the actual VPN tunnel will be transparent
to other software on the laptop. This is the most
common VPN tunnel type that is used to allow en-
gineers to connect to the network from home or a
hotel in another country and perform maintenance,
configuration or troubleshooting remotely.
Site-to-site tunnel
The second type of VPN is known as a site-to-site
tunnel. In this case, as you may expect, the tun-
nel is established between two secure networks
via an unsecure network, such as in the case of
connecting a remote substation to a control room
via the company corporate network. The tunnels
can be temporary created as required, but are
more often left open as permanent tunnels which
effectively are used to semi-permanently expand
the network across geographical locations. Once
again in these set-ups the VPN tunnel will be trans-
parent to end users and devices, which will simply
see a standard routed network infrastructure.
Protocol/s for VPN tunnel establishment
The final decision to make is to determine which
protocol/s to use for the VPN tunnel establishment.
Once again a variety of options exist, however by
far the most secure currently is IPSec (Internet Pro-
tocol SECurity), which is a VPN protocol that works
over a two phase tunnel establishment. Without
going into too much detail this involves first an au-
thentication phase where the end devices perform
a back-and-forth handshaking process that ensures
they are both who
they claim to be. This
authentication can be done
using a few different methods,
including just standard PSK (Pre-
Shared Key, basically a password ex-
change) or by using secure certificates
(digital files that are used to uniquely identify end
devices). Once this phase is complete phase 2
establishes the cryptographic set-up to ensure
proper encryption of the traffic. IPSec caters for a
variety of different authentication and crypto stand-
ards that can be used depending on the end de-
vices capabilities. By using external authentication
and crypto standards it makes the protocol suite
more future proof as hopefully future changes and
improvements can be included without requiring a
complete overhaul of the IPSec standard.
Conclusion
We have glanced at some of the most salient
points to consider when planning, designing and
implementing security on Mission Critical Net-
works, however this is a field with just as much
depth as it has breadth, and which could be dis-
cussed for months without scratching the surface.
Network security is without a doubt one of the
most important aspects to consider when plan-
ning Mission Critical Networks and should not be
approached lightly. A final thought to keep in mind
is that no network will ever be completely secure
from outside attacks, especially when the network
is connected to an external network. The process
of implementing network security rather becomes
a case of deterrence. This means that one must
think like a potential attacker, and determine if the
payoff is worth the security, or if more security is
needed as a proper deterrence. A single firewall
may be more than enough to protect most home
networks, but a lot more security layers are need-
ed when considering a country-wide smart power
grid network, for instance. Always ask the ques-
tion: ‘Will the cost/time saved by not imple-
menting a certain level of security outweigh
the potential loss if the security is breached?’
Reference
[1] IEC 61850. Power utility automation.