Darren Highfill

Guest author Darren Highfill is the Founder and a Managing Partner of UtiliSec, a consultancy focused on electric power cyber security. Darren has been at the forefront of efforts to secure the smart grid since long before the phrase was coined.

Clouds. They look so nice, soft, and fluffy when flying along at 30K+ feet. Like you could just flop out on them, crank up the Jimi Hendrix, and let all your cares just drift away.

No, I’m not stoned.

Yes, I’m going somewhere with this.

Lately I keep hearing more and more talk about cloud services for operating a utility – and I do mean actual operations vs. just getting operational data to the enterprise. Proponents are talking about these cloud services like they are proven technology that’s ready to go. Availability? Bandwidth? Configuration? They are all scalable! We can have a virtual machine for every flavor of software you ever wanted to run; and if one falls over, we can just switch to another instance faster than you can say “hot standby.”


The problem isn’t that these issues are not interesting. They are. They’re just not the issues that keep my posterior on the burner, and I’m a little suspicious of overlooking issues this technology has the potential to create in the control systems environment. I’m not typically your black-or-white kind of person though, so let’s go through where I’m not clear on this whole cloud thing (pun intended).

Grey Area 1: Physical observation

I like being able to walk over to the server room and see if anything looks/sounds/smells fishy if my network is misbehaving. Adding organizational boundaries, unknown locations, and unfamiliar personnel to this equation doesn’t make it easier for me to figure out what’s going on when (not if) I have issues. Will I know the person I’m calling when the real crisis happens? Will they already be on the phone with someone else?

Grey Area 2 Performance at the endpoints

How are you going to guarantee me communication to my field devices when the Superbowl is in town, or a music festival sets up in my farmland, or a natural disaster happens, or OJ Simpson makes a break for it again? A private network? Don’t I already have one of those? Oh, and by the way… One of my biggest problems is how I even get connectivity, much less bandwidth, to my most remote 2% of locations. Are you solving that?

Grey Area 3: Accountability

What happens when a cloud service gets compromised? (Please don’t tell me you think this won’t happen.) Can a threat use the service to propagate from one utility to another? Where did it start? Who is at fault, or more importantly, how do I prove I wasn’t the source when all my customers lost power? What jurisdiction does the cloud provider fall under? Does that include if the event is multinational?

I could probably go on, but that’s enough overcast talk for now. As I’m sure anyone around New Orleans would tell you, you can get tired of looking at the bottom side of the clouds. Especially if they are about to drop some … stuff … on you.

Image by Shaylor