The fifth generation of high-speed cellular broadband connectivity, known simply as 5G, promises better access to networking and a proliferation of devices promoting the internet of things (loT). loT connections continue to spread across the globe (IHS Markit, Englewood, Colo., predicts the number of devices at 75 billion by 2025 and 125 billion by 2030) and the rise of open connections and freely flowing data raises the profile of potential cyber risk.
As cyber threats move from IT to physical security, and now operational technology (OT) and control systems, users have to contend with protecting their mission-critical infrastructures, including utilities, water treatment plants and industrial operations.
New attack vectors for cyber threats continue to emerge with networking and the proliferation of digital technologies. JBS Foods, the one of the world's largest meat producers based in Greely, Colo., was leveled by a cyberattack in early June, affecting U.S. and Australian operations. In the example of high-profile enterprise Molson-Coors, Chicago, a cyberattack in March centered on ransomware. Just like physical security, if attackers want in, they’ll let nothing stand in their way, so active safeguards need to be taken.
The National Renewable Energy Laboratory (NREL) in Golden, Colo., operated by the Alliance for Sustainable Energy LLC for the U.S. Department of Energy (DOE), released a report, “Service-Based, Segmented, 5G Network-Based Architecture for Securing Distributed Energy Resources.” The report, which was presented at the 2021 IEEE Power & Energy Society General Meeting in July, points to mechanisms inherent in 5G technology that can lessen opportunity for cyberattack.
“5G’s technology can be used to mitigate certain types of attack in ways that couldn’t be done before, such as its intrinsic software-defined networking capability that can dynamically change the network at a moment’s notice,” said Daniel Bennett, NREL senior research and operations advisor for energy security and resilience.
NREL researchers focused on potential security benefits of the technology by implementing a concept called network slicing to protect, control and monitor distributed energy systems’ (DER) mission-critical services. In their work, 5G network slicing characteristics were used to reduce the impact of a denial-of-service (DoS) attack. Network slicing is a service-based network architecture for connected systems and devices that improves performance, availability, security and reliability of grid devices and services, according to the report.
The work serves as a “proof of concept that network slicing in a grid monitoring- and controls-based scenario can rapidly respond to an attack and maintain critical functions and services,” Bennett said.
The report highlighted use cases illustrating how slicing isolates against DoS or similar attacks by limiting bandwidth resource availability and directly inhibiting the attack’s ability to affect other services.
Network slicing was tested on NREL’s Cyber-Energy Emulation Platform (CEEP) to validate secure operation and availability of services. Using hardware-in-the-loop devices and systems on CEEP, the fully segmented, secure network was evaluated to produce the results of the testing. By analyzing network latency and bandwidth, researchers observed that complete slice isolation in DER mission-critical services provides a strong mitigation mechanism during cyberattack. 5G network slicing can also provide resilience in the distribution grid by creating isolated islands and micronetworks, the report noted.
NREL further describes network slicing as multiple, virtual networks or slices on top of one underlying, shared public physical network. The independent, virtually separate networks created by 5G network slicing also strengthen individual systems while minimizing costs and overhead for configuration.