Smart city control networks being architected more securely than SCADA
- 20 August, 2014 16:31
Advocates of heavily instrumented 'smart city' infrastructure are acutely aware of the legacy left by insecure SCADA control systems and are instrumenting modern industrial-control networks with a higher degree of security, according to smart-cities architect Silver Spring Networks.
Having seen a “tremendous reception and demand” for its experience in building smart-city networks – which incorporate a wealth of sensors and light controllers as well as energy-efficient equipment such as a “tidal wave” of LED smart lighting – global commercial lead for smart cities CJ Boguszewski told CSO Australia that the need for security had been a key focus for architects of such systems.
Full 256-bit encryption and system-on-chip security, as well as software controls like the ability to limit the number of commands from any one user, are among the controls that ensure individual hackers can't wreak havoc with the systems.
“People don't realise that when these things are connected up, they are a security risk – particularly with respect to public safety,” he said.
Ongoing hacking of SCADA (supervisory control and data acquisition) software has made industrial networks a key focus for many security practitioners, with researchers regularly identifying new vulnerabilities, vendors patching new security holes, and new malware emerging regularly to target SCADA and industrial control systems.
Similar concerns have accompanied the emerging Internet of Things (IoT) paradigm, which is being built around connected devices of all kinds but has raised security and privacy concerns in many corners.
“You can imagine that when your smart-lighting network is connected up some 14 year old may decide to try to light them up to be seen from space,” Boguszewski said, noting that such attempts were expected to increase as IoT spread.
“That's why we've been able to take the security we have in place, and ensure that it fully fits within our security approach and envelope. We have the ability to ensure that any damage from those types of attacks is limited.”
In the short term, compliance with open standards from the likes of the TALQ Consortium is expected to help prevent potential security risks being buried in proprietary code. Standards compliance will also become more important as IoT architectures emerge, ensuring consistency and manageability are not lost as the number of devices explodes.
With city architects increasingly looking to position new smart-lighting networks as conduits for controlling far a much wider variety of equipment than just street lights – parking meters and traffic sensors, for example – Boguszewski was impressed by the progressive vision shared at the recent Australian Smart Lighting Summit in Melbourne, where he was among the presenters.
“I've seen some fantastic lighting designers presenting about their thinking on how they see treating urban space,” he said.
“In a world where you have the opportunity to use less energy and get more control, you might as well put the control systems in place to allow you to get new features and functions. Councils install this technology and have the opportunity to stand up other applications that form part of the smart city, at a fraction of the cost.”
This article is brought to you by Enex TestLab, content directors for CSO Australia.