Security is on the minds of many corporate network administrators. They worry about hackers and botnets taking over their computers to send out spam, denial of service attacks on their Web servers, wireless interlopers accessing their corporate networks, and whatever other cyberthreats have been discovered in the last week or so that are likely to cause problems in systems.
But consider the plight of the network or facility manager of a utility with extensive communications and control systems on its power plants or power grid, a petroleum refinery or chemical plant, an airport filled with automated baggage control and surveillance systems, or any large government or military facility.
Some of these facilities may have systems that allow monitoring and control from remote locations. In addition, most need their networks to run nonstop to fulfill their mission. As a result, the network users and many others can be considered targets of various nefarious types who intend to inflict physical damage and to hack networks. Because of this, facilities require maximum network security.
Firewalls and special wireless routers provide some protection to the network, as do encryption and constant password changes. Of course, simply not allowing direct Internet access to critical networks negates most online threats, so the Internet-connected corporate network must not be linked to critical control networks. A recent Government Accounting Office survey of the largest public power company, the Tennessee Valley Authority (TVA), found the TVA’s Internet-linked corporate network was attached to systems used for controlling power production and distribution. The network had security weaknesses that could be used by attackers to manipulate or destroy control systems.
Even the corporate network may contain information that could compromise the security of control systems, such as system schematics, parts lists or operation manuals. Therefore, access must be controlled, perhaps even segmented with various levels of access. Besides log-ins and passwords, more systems are now using biometric systems (face recognition, fingerprints or iris scans) for access.
Any facility’s network administrator needs to consider the security of the physical cable plant supporting the networks and systems and to defend them against online attacks. Damage to almost any part of the cable plant or failure of its power sources can cause outages. Determined crooks can possibly access the network and attach taps, even on fiber networks. So to fully protect a network, one must be concerned with protecting the physical network, as well.
The applications of fiber optics for security systems has been discussed previously in ELECTRICAL- CONTRACTOR (September 2007) in the context of how fiber optics can be used with surveillance cameras, security alarms and even as intrusion sensors. But if one is using fiber in a security-oriented system, the protection of the fiber optic cabling is important to the overall security of the network. How does one secure the fiber optic cabling and network itself?
There are several scenarios to consider. First, how does one prevent damage to the fiber optic cabling system or create the quickest recovery scenario? Can one prevent tapping fiber or detect it if someone tries to tap it? And are there ways to secure transmissions in case it is tapped? Sound like cloak-and-dagger stuff? It is, since these are issues considered for creating a truly secure military or government network. But many of these issues also are important for corporate networks where the networks are expected to run 24/7 and be secure against hacker attacks.
Design for security
To create a secure system, it is necessary to start thinking about where the cable plant and networking equipment are exposed and vulnerable. Right off, one should avoid aerial cables, which can be damaged by high winds, falling trees, vehicle accidents, fires and other accidental damage as well as “target practice,” one of the leading causes of damage to aerial cables in remote areas. Cable should ideally be underground outside buildings and placed in metallic conduit indoors. Splice closures should be secured in locked facilities or permanently buried in secure enclosures.
The telco in one country requires all outside plant underground cables be placed in metallic conduit imbedded in about 1 foot of concrete to prevent the cable being dug up by thieves who would steal copper cables to sell as scrap. Unfortunately, the thieves were not able to distinguish fiber from copper, so they destroyed fiber cables thinking they had salvage value. With the price of copper approaching $4 per pound, the same problem now exists in the United States. Thieves are not generally smart enough to know which cables are copper or fiber or even which are power or communications.
Any cable entrances into buildings need to be secured. Again, run the cable in metallic conduit if possible, not in open cable trays or under floors, and use heavy-duty locked boxes whenever the cable is run outside secure rooms. The cable should not be in the open until it reaches a secured facility where it will be connected to the communications equipment. This is a common requirement in most airports and government facilities, and it provides protection from accidental damage as well as security breaches.
If your basic concern is just to prevent damage by workers on other projects around your fiber optic cables, the biggest deterrent is making it obvious this is fiber optic cable. Colored jackets, yellow for single-mode, orange for 62.5/125 multimode or aqua for 50/125 multimode, will draw attention to the fact that this is fiber cable, as will placing “FIBER OPTIC” tags like those used by- telcos- on the cable at regular spaces, as is done in outside plant cables. An even better solution that can speed up installation is to install fiber optic innerduct—a corrugated innerduct available with a pull tape—along the route of the cable. The fiber cable can then be installed extra fast and will be identified and protected better than any other solution other than metallic conduit. A third option is to specify indoor armored cable, which has corrugated armor under a National Electrical Code-rated jacket.
The next step is to plan for redundancy. Install a backup cabling link, secured as described above, but run in a different path. If something happens to one cable, the second cable will likely not be damaged if it is physically separated. I knew someone who investigated a near-catastrophe at a nuclear power plant some years back. The controls were triple-redundant, but all cables ran through the same conduit. So when fire got into the conduit, all system communications and control was lost, and disaster was narrowly averted.
Telcos and the Internet use a mesh network in which there are multiple communications paths from point to point, minimizing the likelihood of a loss of communications. This can be done both outside and inside the buildings. In extreme cases, the continuity of metallic conduit can be monitored to detect any attempts at intrusion.
Needless to say, high-reliability systems require high-reliability electronics and power. Battery backup and perhaps an emergency generator system are needed for each facility, and, of course, those systems need to be secured like all the other equipment. Colocation with the transmission electronics is advised for backup power systems, or the connecting wiring also should be secured in metallic conduit. Once fuel cells become cost-effective, they will be a top choice for backup power and can be colocated with the equipment.
Outdoor facilities, such as transformer substations or refineries, need extensive monitoring, using closed-circuit television cameras and intrusion alarms, usually connected on fiber, which should be secured as described above. One can even get fiber optic intrusion systems, which weave fiber through fences or bury it in gravel, which will detect and even locate problems, although the costs are too high for all but the most critical applications.
Is tapping fiber a threat?
It is certainly easier to access today’s high-speed networks electronically than physically. The days of using a pickup coil near a phone line to listen in are long gone. The government recognized this fact as soon as digital communications became commonplace, and the result was the Communications Assistance for Law Enforcement Act (CALEA), adopted in 1994. CALEA originally applied to standard phone lines but required digital circuits to have ports where (under court order, of course) law enforcement agencies could access a particular phone line and record any activity. CALEA has been amended numerous times to include broadband data, wireless and voice over Internet protocol services.
The Foreign Intelligence Surveillance Act (FISA) covered similar surveillance by the National Security Agency on calls to and from overseas destinations. But last year, it became public knowledge that some government agencies had, perhaps outside these two laws, gained access to carriers’ long distance networks and had placed taps directly on the fibers themselves, bypassing the electronic ports (and perhaps the court orders) required by CALEA and FISA.
How easy is it to tap fiber like this and pull off surveillance data? It’s not hard to put a bend in the fiber and attach a detector to pick up light, which is routinely done to locate particular fibers by test instruments called fiber identifiers. But when data is being transmitted at billions of bits per second, carrying thousands of phone conversations or millions of data packets, finding what you want is like finding the proverbial needle in a haystack. If you really worry about tapping, encrypting data is a good deterrent, as is transmitting random data (such as the contents of an encyclopedia) interspersed with real data.
Protecting communications equipment and networks involves both securing unauthorized access from online connections over the Internet or wireless devices and providing physical security to the communications equipment and cable plant. This may require cooperation of diverse groups within an organization as well as significant expenditures for construction. Only by surveying the entire network and determining the vulnerability of each part can you develop a reasonable plan and budget.
HAYES is a VDV writer and educator and the president of The Fiber Optic Association. Find him at www.jimhayes.com.