Customers expect their utilities to communicate as well as other service providers. This shouldn’t be considered a burden, but an opportunity.
When disaster strikes, land-based radios become critical infrastructure.
concentrate efforts and exacerbate the disaster. For example, a technician working on a downed line is exposed to risk of death if reclosers actively attempt to restore functionality, but distribution control receives erroneous reports from a SCADA system that safeties are active and properly locked out.
Common solutions for addressing the confidentiality and integrity of an LMR system include:
• Centralized authentication and authorization (AA) servers that implement role-based access, e.g., active directory: AA servers provide a centralized source of managing and authenticating user access, while also enforcing the concept of least privileges—allowing them to access only what they need to. An example of least privilege is access to USB media drives, where dispatchers are prevented from mounting USB media, while administrators are permitted. A drawback is that failure of an AA server can prevent access to systems unless it’s designed to allow back-up or redundant servers, redundant network links, or specially configured local admin accounts.
• Encryption that uses AES (advanced encryption standard) keys, or other well-known and approved symmetrical encryption algorithms, for communications along backhaul and wireless links: Encryption of communications across channels that can be easily monitored or tapped is essential and contains little risk, though a few points should be carefully planned for key management so that keys can be changed regularly with minimal impact, and network topology to ensure proper termination of encrypted tunnels for proper firewall and network intrusion detection analysis.
• Link layer authentication (LLA) 3 of mobile terminals to ensure that only authenticated and authorized radios are being permitted onto the private LMR system: LLA is similar to performing AA but on mobile wireless devices, and therefore can have similar risks that need to be designed and planned for in case of server or network failure.
• Public key infrastructure: Also known as certificate authentication, public key infrastructure uses a public and private key cryptography for mutual authentication and a shared key for faster communication after verification. This technique currently is one of the best-known implementations to provide privacy and authentication for IT infrastructure communications between systems, but implementation requires specialized expertise.
A secure and reliable LMR system is a lifeline during recovery from disaster, and vital for maintaining the critical communications necessary for field personnel to coordinate. Securing LMR systems has become a fundamental necessity to ensure the confidentiality and integrity of the information by which mission critical decisions are made. As part of the critical utility infrastructure, land mobile radio systems need the same security policies currently in place for various other infrastructure assets.
1. N. Falliere et al. , “ W32.Stuxnet Dossier ,” v.1.4, Symantec, February 2011.
2. “ Hackers ‘hit’ US water treatment systems ,” British Broadcasting Co., Nov. 21, 2011.
3. Telecommunications Industry Association, “TIA Standard: Project 25 Digital Land Mobile Radio—Link Layer Authentication,” TIA-102.AACE, December 2005.