We are here to help. Contact us.
For many years, utilities have been deploying “smart” devices in their communications, transmission, and distribution networks and substations to quickly detect anomalies and failures and to automate responses to improve reliability and overall quality of service. This distributed intelligence requires secure and reliable Field Area Network (FAN) communications, which necessitates rethinking of existing utility operations technology security including new methods and tools to gain greater situational awareness to exploit opportunities.
Applied Communication Sciences has conducted in-depth network, software, and low-level hardware security analysis on FAN two-way communications and control systems that employ advanced technologies, such as spread spectrum, ad-hoc networking, public key infrastructure, and secure broadcast protocols. Our experts are currently assisting utilities in managing the cascading changes that Advanced Metering Infrastructure (AMI), Distribution Automation (DA) and Home Area Networks (HAN) are creating in utilities’ operations, engineering, maintenance, theft deterrence, system monitoring, incident management, and service assurance functions. As utilities accelerate their deployment of Smart Grid technology our teams are already working on extracting full value from data analytics and process re-engineering in operations to help utilities integrate Smart Grid capabilities across a broad spectrum of business functions.
Our scientists and engineers have developed unique multi-layered FAN assessment methodologies and tools to address the multiple management, control and end-user planes of this problem space which requires a holistic approach to truly address these growing challenges.
We provide both innovative Smart Grid consulting services and solution development offers; including:
Our teams also provide innovative core technologies which we use to build custom security and operations solutions for utilities to provide improved situational awareness into Smart Grid networks. These capabilities include:
Our holistic approach to Smart Grid security and information assurance assessments often incorporates potential vulnerabilities other reviews miss. Leveraging our broad cross-sector experience, our teams can adapt best practices from different industries to help secure mission-critical fiber, voice, IP, wireless and enterprise networks, and information technology and operations technology environments.
The challenges of security assessment and risk mitigation for Advanced Metering Infrastructure (AMI) and Distribution Automation (DA) Smart Grid systems differ from traditional IP-based computer networks in both scope and technique. Field Area Network (FAN) infrastructures consist of a large number of embedded devices, typically in the form of dual-band wireless nodes, signal repeaters, smart meters, SCADA Remote Terminal Units (RTUs), line sensors, and various monitors. Many of these intelligent endpoints cannot be physically protected and are thus susceptible to both physical and cyber attacks. The combination of proprietary protocols and the embedded nature of today’s FANs render traditional IT security assessment methods and tools unusable.
Applied Communication Sciences experts have developed a proven security assessment methodology which combines traditional penetration testing techniques for networks, computer systems, and applications with a detailed embedded hardware security and radio communications analysis.
4-Quadrant™ Assessment Methodology
As a pioneer in Smart Grid security, Applied Communication Sciences provides in-depth security assessment services based on our unique methodology to validate device and system security features and assess vulnerabilities and risks. Our methodology ensures a comprehensive review of all Network, Software, Wireless and Hardware/Firmware.
SecureSMART™ FAN Analyzer/Probe Live™
Visibility into FAN traffic flows and packet exchanges among nodes is critical to understanding the potential security vulnerabilities in addition to network behavior. We have designed and built the industry’s first FAN protocol analyzer which consists of a custom probe configured for multi-channel packet capture and decode on popular AMI systems. Our custom packet dissectors permit decomposition of captured traffic through several protocol layers. Our FAN Analyzer™ can be used as a security tool to monitor and inspect packet contents, such as security exchanges, as well as provide value as a monitor to assess network health and a diagnostic tool for field technicians and remote maintenance regardless of the FAN devices’ encryption capabilities.
SecureSMART™ GridGuard FAN Intrusion Detection System (IDS)
Designed as a scalable, probe-based system with policies and heuristics to detect signs of potential malicious traffic, our FAN GridGuard IDS operates independent of FAN components and provides a security control for mitigation of cyber threats. It features a multi-channel operation with distributed intrusion detection intelligence and centralized capture storage when deployed in a FAN environment. Our FAN protocol analyzer and intrusion detection capabilities will help augment a utility’s FAN security program and provide much needed visibility into network operation.
SecureSMART™ SCADA System Intrusion Prevention System
Our agent-based SCADA protocol intrusion prevention system monitors traffic for malicious activities and policy violations using custom processing rules, triggers and signatures. We offer an intrusion prevention solution for wide area Synchrophasor (C37.118) Inter-Control Center Communications Protocol (ICCP) DNP3, C12.22, 802.15.4, and 61850-GOOSE network. For more information, download our brochure.
SecureSMART™ MeshView™ NetAnalytics Visualization
Today, utilities can typically detect connectivity issues when smart meter reading attempts or remote operations are unsuccessful. But, there are limited means available to diagnose the cause of the problem remotely and there is no way to gain an understanding of the topology of the FAN and evaluate it holistically. Applied Communication Sciences is at the forefront of developing tools to discover, analyze and display the topology of FANs, and monitor their performance, connectivity and latency characteristics.
Our ground breaking network visualization tool provides utilities with immediate situational awareness of their AMI and DA FAN networks. It analyzes collected data and statistics from meters and access nodes and presents it in a variety of views. MeshView shows how the FAN is connected and how well it is performing. You can immediately see meters that use many hops to get to an access node. You can see which meters have lost connectivity. You can see which links are strong and which are weak. You can back up to a high-level view looking at an entire region and see which access nodes are having trouble reaching their meters. You can drill down and see the details about a specific meter or link. A picture is indeed worth a thousand meter readings. A problem at an access node affecting many meters will be readily identifiable and easier to diagnose. The network visualization tool at its core is intended for use by system operations and engineering groups as well as security organizations to understand and better manage AMI and DA networks and diagnose and resolve connectivity issues with devices. If the AMI and DA infrastructure management is outsourced, this allows the utility to monitor the hosted solution service and work cooperatively to improve efficiency and resolve problems.
Our experts are well equipped to advise utilities in the design, implementation, testing, and deployment of a network visualization tool customized to the utility’s AMI and DA deployments that best serves the needs of its operations, engineering, and business units.
Designed as a real-time Key Performance Indicator (KPI) dashboard, TrafficProfiler provides immediate warning of mesh problems versus traditional meter read cycle “health indicator” methods. It creates a network behavior baseline and provides insights to manage network performance beyond meter reading are overlaid on the mesh. Powerful visualization extracts critical information from mounds of data. It is a highly-scalable, browser-based, multi-view dashboard with an “unlimited number of user definable indicators.
SecureSMART™ Managed Security Services:
As a cost effective solution for distribution and energy generation utilities, Applied Communication Sciences provides outsourcing of security monitoring for AMI, DA and SCADA networks and other FAN environments.
Our teams will build, install, and operate an AMI and distribution automation remote field area network intrusion detection system as a custom managed service within your service area or facility’s network environment with a defined Service Level Agreement. We will build and install wireless signal monitoring probes of different hardware configurations that will operate in fixed and mobile environments. These probes will monitor over-the-air AMI and FAN device traffic and transport captured traffic and alerts to a data center located in our US based facilities. Our Cyber Threat Analysis Team operates an Intrusion Detection System, FAN Analyzer, Capture Repository, MeshView, NetAnalyzer, ProtocolProfiler, Customer Portal and other applications needed to manage the system in our data center for your company. Our industry-proven team conducts traffic analysis and event correlation to investigate, qualify FAN IDS warnings and performs notification. Alerts are logged and trigger a response designed to meet your operations needs. All captured traffic is stored in a Capture Repository and provided to you via a portal to view the traffic traces, IDS alert logs, and system health and operational status. Data can also be fed into your SIEM or other management systems.
Our managed service offering delivers a full range of daily operations, including monitoring system health; sorting, processing, responding, and investigating alerts; examining packet captures associated with alerts; scanning packet captures for unidentified traffic; managing the customer portal and capture repository; and responding to utility requests. We prepare reports summarizing the system operation, alerts, incidents, and statistics. Our team would be pleased to discuss your specific FAN managed services needs with you. Please contact us at firstname.lastname@example.org.
Applied Communication Sciences has over twenty five years of experience planning, designing and protecting critical infrastructure and large, complex networks. Drawing on our Bell Labs and Telcordia heritage, we are regarded as the chief architect of the U.S. telecommunications systems. As a leading global provider of network and operations engineering and security services, fixed, mobile, and broadband communications software, and cutting-edge research we serve a broad spectrum of communications-intensive markets. Working with a range of clients in energy, communications, government, finance, automotive, and entertainment, we bring unparalleled perspectives to current and future network security threats and best operations practices for the utility sector.
As a pioneer in Smart Grid cyber security and trusted technical advisor to leading utilities, Applied Communication Sciences utility experts have conducted in-depth network, software, and low-level hardware security analysis on FAN two-way communications and control systems that employ advanced technologies, such as spread spectrum, ad-hoc networking, public key infrastructure, and secure broadcast protocols. As utilities accelerate deployment of Smart Grid technology, we are already working on extracting additional value from data analytics and process re-engineering in operations to help utilities integrate Smart Grid capabilities across their business functions.
For more information:Email Applied Communication Sciences
Applied Communication Sciences and design logo is a registered trademark of Vencore Labs, Inc.