Having a light come on when we flip its switch may seem like a given, but an estimated 70% of the U.S energy grid is more than 30 years old, making it prone to stress and failure. Complicating matters is the current effort to transform the energy distribution system through the Internet of Things (IoT) into smart grids. Connecting these legacy devices and adding new sensors, automated controls, and smart consumer devices opens up new security risks.
As the industry works to solve these issues, security is vital – particularly at the edge. In this post, we look at how Wind River and McAfee – both Associate members of the Intel® Internet of Things Solutions Alliance – deliver the necessary layers of security to connect and protect the edge through the Intel® Gateway Solutions for the Internet of Things (Intel® Gateway Solutions for the IoT).
When it comes to providing data for intelligent decision-making and automation, smart grids deliver the goods. What’s more, connected home automation devices, such as those being developed by Nest and other companies, are helping consumers participate in the smart grid to save energy and enjoy more comfort in their lives.
Unfortunately, connectivity makes smart grids vulnerable. Every legacy device connected through a gateway and every new digital device added becomes a potential portal for a hacker. In addition, as smart grid manufacturers increasingly use off-the-shelf components in devices. these devices become more generic and tempting as targets. If one heavily used component has a vulnerability, that vulnerability may be present system-wide. A hacker cracking into 10,000 thermostats could crank up 10,000 air conditioners during peak power usage, seriously straining the grid.
Intelligent Gateways that Provide Security Over and Above the Norm
Protecting legacy and new devices connected over wired or wireless networks requires a comprehensive security strategy. This strategy must be designed to protect devices typically deployed for decades and address not just data security, but also code integrity.
To meet this challenge Intel, McAfee, and Wind River worked together to create the Intel Gateway Solutions for the IoT – a set of interoperable solutions based on Intel® processors that enable secure integration of legacy devices and next-generation intelligent infrastructure (Figure 1). With pre-integrated, pre-validated hardware and software, these intelligent compute platforms provide common interfaces, seamless communication, and advanced security features to enable safe data collection, analysis and control. (Two examples of gateways using this platform can be found in one of my previous posts.)
Figure 1. The Intel® Gateway Solutions for the Internet of Things joins smart grid devices to the Internet and cloud infrastructure.
Currently based on the Intel® Atom™ processor E3800 product family and Intel® Quark SoC X1000 series, these gateways include McAfee* Embedded Control and the Wind River* Intelligent Device Platform (IDP) to help connect, manage, and secure the gateways (Figure 2). These solutions provide a full set of security features to secure the communication channel, data, and end device.
Figure 2. A comprehensive software stack provides everything needed to connect, manage, and secure a gateway.
The Wind River* Intelligent Development Platform
The Wind River IDP builds and ensures a trusted software stack on Intel Gateway Solutions for the IoT (Figure 3). This stack is designed to:
- Validate the signature of firmware and OS images during the boot process through a Trusted Platform Module (TPM) – a key element of the Intel Gateway Solutions for the IoT
- Ensure a tamper-proof system by measuring application integrity before execution and preventing any application from launching that lacks the digital signature of an authorized certificate or shows any evidence of tampering
- Provide certificate-based remote attestation and the ability to set policies for application integrity failure
- Implement access control of critical system resources through Grsecurity, a security enhancement to the Linux kernel provided by Wind River that enables role-based access control
- Enable the use of encrypted storage
Figure 3. The Wind River* Intelligent Development Platform provides many security measures based on the use of a Trusted Platform Module (TPM).
For additional security, Wind River IDP also provides customizable secure remote management that:
- Ensures end device integrity via secure boot
- Provides encrypted communication between device and cloud-based management console
- Limits exposure of untrusted applications through device resource management
Where the impact on application performance of encryption/decryption is a concern, Intel Gateway Solutions for the IoT equipped with CPUs from the Intel Atom processor E3800 product family provide an excellent solution. These gateways include Intel® Advanced Encryption Standard New Instructions (Intel® AES-NI) based acceleration of many cryptographic operations.
McAfee* Embedded Control
Intel Gateway Solutions for the IoT include McAfee Embedded Control to provide resilience to zero-day malware infections and attacks, plus enable comprehensive change policy enforcement and compliance management. This lightweight software technology allows only authorized code to run and only authorized changes to be implemented.
To ensure code integrity, McAfee Embedded Control automatically creates a dynamic whitelist of “authorized code” on the embedded system. Once the whitelist is created and enabled, the system is locked down to the known good baseline. At this point, no program or code outside the authorized set can run and no unauthorized changes can be made. Accepting commands or updates from only trusted applications, whitelisting provides a crucial defense against unknown vulnerabilities in OSs and applications that may crop up in the future. Whereas the blacklisting techniques of anti-virus software identify only known malware and require constant updates to be effective, whitelisting remains always effective because it limits execution only to explicitly enabled applications.
Any robust security strategy, particularly for a smart grid, must also include regular audits to confirm continuous compliance of the system to established security specifications. For edge devices, McAfee Embedded Control delivers integrated, closed-loop, real-time compliance and audit that includes a tamperproof independent system of record of authorized activity and unauthorized attempts (Figure 4).
Figure 4. McAfee Embedded Control detects changes in real time and can verify that updates and other changes were deployed.
To provide a high level of compliance, McAfee Embedded Control includes a real-time change tracking module that logs all changes to system state, including code, configuration, and the registry. Change events are logged as they occur and are sent to the system controller for aggregation and archival purposes in the system of record. This record provides visibility into the sources of change and verifies that changes were deployed onto the correct target systems. It also ensures an audit trail of changes and that changes are made through only authorized means.
A Smarter Smart Grid Security
In connecting a wide range of legacy and new sensors, controls, and consumer devices to smart grids, the industry must address existing vulnerabilities and avoid creating new ones. Utilities that connect these edge devices through gateways based on the Intel Gateway Solutions for the IoT will achieve a comprehensive end device security foundation as they build out their smart grid.
Contact featured members:
Solutions in this blog:
Roving Reporter (Intel Contractor), Intel® Internet of Things Solutions Alliance
Associate Editor, Embedded Innovator magazine