Resilience as the overall strategy for ensuring business continuity

Resilience covers measures that can mitigate impacts from safety, security, and reliability incidents, not only before such incidents (identify & prevent), but also during incidents (detect & respond) and after incidents have been resolved (recover).

This document focuses on the cyber security aspects, while still taking into account safety and reliability as underlying requirements since they can often mitigate security challenges. For example, the NIST Cyber Security Framework and ISO/IEC 27001/27002/27019 provide descriptions of these resilience concepts for cyber security.

Cyber security is far more than preventing attacks launched by malicious hackers.
Cyber security for Smart Energy improves the resilience of the power system by mitigating the threats from
security “incidents” that affect cyber assets that could disrupt operations.

Mitigation of threats to resilience combines cyber security techniques (such as access control, authentication, detection of anomalous behavior, and incident logging) with organizational and engineering methods, which allow the organization to prepare for and adapt to changing conditions and to withstand and recover rapidly from disruptions.

These engineering methods would include traditional power system reliability measures, such as redundant equipment, contingency analysis, and backup systems, but would also include methods focused on addressing cyber asset vulnerabilities, such as planning for the loss of multiple cyber assets, isolation capability to limit cascading cyber attacks, and even training personnel in manual operations typically performed automatically.

NIST Framework for Resilience (Credit N. Hanacek/NIST)

Mistakes are the most common “cyber incident”, so checks on data entry or control commands would be included in resilience support.

Since persons with detailed knowledge of power system operations are the most dangerous attackers, additional cyber security and/or engineering methods may need to be deployed to mitigate this type of vulnerability, such as two-factor authentication, segregation of networks, and continuous monitoring for anomalous traffic.

Storms can affect not only the power system but their cyber assets, so backup generators, communication networks and spare cyber equipment should be located in secure sites, yet easily accessed when needed.

Note 1: NIST Cyber Security Framework https://www.nist.gov/cyberframework

Note 2: Resilience is defined as the “ability to prepare for and adapt to changing conditions and withstand and recover rapidly from disruptions. Resilience includes the ability to withstand and recover from deliberate attacks, accidents, or naturally occurring threats or incidents.” [SOURCE: US Presidential Policy Directive – Critical Infrastructure Security and Resilience].

An supplementary definition states that resilience includes, “the ability to reduce the magnitude and/or duration of disruptive events. The effectiveness of a resilient infrastructure or enterprise depends upon its ability to anticipate, absorb, adapt to, and/or rapidly recover from a potentially disruptive event.”

Note 3: A cyber asset is any equipment with computer processing capability, including controllers of hardware assets, but not the hardware assets themselves (e.g. electromechanical breaker).Cyber assets can be affected by physical actions (cut a wire, damage a transformer) as well as cyber actions (introduce malware, inadvertently enter incorrect data).