In this series we’ll discuss the role of both operational and information technology in critical infrastructure from the point of view of an electric utility. We’ll then explore the role that Enterprise Resource Planning plays in this context. In doing so, we’ll demonstrate that, in addition to being an integral component of business operations, ERP systems also contain mission critical applications, crucial to maintaining safe and reliable critical infrastructure.
We’ll expose the issues IT and Cybersecurity teams face in maintaining and protecting ERP systems, including a lack of transparency with business units, complexity as a result of high customization, and, most importantly, a persistent lack of adequate resources to maintain healthy and performant systems.
Finally, we’ll demonstrate how a dedicated team of risk professionals can right these wrongs, gain a windfall of additional resources from federal and state governments, and build better, more transparent relationships with regulators. In the process, they’ll form lasting, collaborative relationships between IT and the rest of business, building a steadfast coalition dedicated to the highest purpose of all, greater public safety.
ERP and Critical Infrastructure: A Series
Electricity is the lifeblood of modern civilization, powering our homes, industries, and essential services. While electric, gas, and water utilities stand at the forefront, other forms of critical infrastructure include telecommunications, transportation systems, and healthcare facilities. Critical infrastructure refers to assets, systems, and networks foundational for our society to function.
Electric utilities run on both Operational Technology (OT) and Information Technology (IT) networks. OT networks in electric utilities prioritize real-time operational functions, such as supervisory control and data acquisition (SCADA) systems and process control systems. These specialized networks facilitate the monitoring and control of physical devices and processes. IT networks, on the other hand, are the conventional user networks that the rest of the business uses to run its day-to-day operations and communicate with the outside world.
Enterprise Resource Planning (ERP) systems are part of the IT network. They integrate various business processes, including finance, human resources, procurement, and inventory management. ERP systems streamline operations by providing a centralized platform for data management and decision-making, enhancing efficiency and resource utilization.
…
Can we safely and reliably provide electricity without it?
That’s the question an electric utility asks itself when determining which of its assets are mission critical. In the context of an electric utility, and other critical infrastructure, mission critical assets are thought to live on the OT network. And they do.
A failure or compromise of Operational Technology could result in the flooding of an entire city. This is because OT systems control the operation(s?) of dams. OT hydroelectric power generation systems exercise precise control over the flow of water, a process fundamental to achieving optimal power generation while maintaining safety standards and preserving environmental integrity. If compromised, such systems hold the potential to trigger a catastrophic event. The flowchart below is provided by The Federal Energy Regulatory Commission (FERC) for utilities to determine the criticality of their tech-enabled dams based on the number of people at risk if compromised.
A failure or compromise of OT systems could also impact grid reliability, disrupting essential services and endangering public safety. OT bulk power systems control the power supply across North America. Due to the interconnected nature of the North American power grid, even a handful of utilities experiencing OT failures could have cascading effects throughout the entire region, or even across regions, causing widespread blackouts (region map below).
This happened on November 9th, 1965, when a power failure in Ontario, Canada cut off power to over 30 million people in parts of Canada, New York, New Jersey and most of New England. And on August 14 and 15, 2003, the northeastern U.S. and southern Canada suffered the worst power blackout in history. Areas affected extended from New York, Massachusetts, and New Jersey west to Michigan, and from Ohio north to Toronto and Ottawa, Ontario. Approximately 50 million customers were impacted.
So who regulates this?
The Federal Energy Regulatory Commission (FERC) was chartered as a result of the Department of Energy Organization Act of 1977, signed by President Jimmy Carter. FERC serves as an independent agency within the US Department of Energy (DOE) that regulates the interstate transmission of electricity, natural gas, and oil. To maintain the reliability of the bulk power system, FERC reviews, approves, and enforces mandatory reliability standards developed by an organization called the North American Electric Reliability Corporation (NERC).
FERC’s reliability jurisdiction primarily focuses on reliable operation of the grid. The aim is to ensure the real-time and day-to-day operations of the grid by developing and enforcing operational and business standards (see “grid” as defined by FERC below).
According to FERC, grid reliability is based on two key elements:
- Reliable operation – A reliable power grid has the ability to withstand sudden electric system disturbances that can lead to blackouts.
- Resource adequacy - Generally speaking, resource adequacy is the ability of the electric system to meet the energy needs of electricity consumers. This means having sufficient generation to meet projected electric demand.
OT systems are used to ensure “reliable operation” by isolating failures so they do not spread across the interconnected power grid. They are used to ensure “resource adequacy” by optimizing the distribution of electricity based on real-time demand and using automated load balancing to manage the flow of power to match consumption patterns, preventing overloading.
OT systems also track the condition of equipment, analyzing performance data to predict potential failures, allowing proactive maintenance and protecting the lives of crew members in the field. They employ sensors and monitoring devices to detect faults, such as short circuits or equipment malfunctions that could cause disastrous and potentially deadly fires. And, In the event of emergencies like natural disasters, OT systems facilitate coordinated responses. They enable quick isolation of affected areas, rerouting power to minimize the impact of these life threatening events.
A stable, protected, and defended electric utility is imperative to prevent disruptions that can have cascading effects on various sectors, including hospitals, elderly care homes, emergency response systems, and other critical infrastructure.
When we think about IT technology in this context, we worry about adequate network segmentation to avoid cyber threats traversing from IT networks where they’re disruptive to OT networks where they’re potentially catastrophic (see AT&T’s network segmentation illustration below).
But what if I told you that an attack on the IT network alone can also be catastrophic? That you could not safely and reliably provide electricity without ERP systems? And that these systems are far too often fragile, underprotected, under-resourced sitting ducks?