Being able to monitor and control systems is not just important from the perspective of the Internet of Things (IoT) but it is also a way to secure energy and water networks. So says Alistair Fulton, vice president and general manager of Semtech’s Wireless and Sensing Products Group.
Cyberattacks on infrastructure, power and water supplies are an increasing risk, and the infrastructure has typically seen years of underinvestment and as a result can be poorly protected. There are millions of points of attack that are unmanned and vulnerable, and low power wide area network (LPWAN) technology can be used as a key enabler of safety in the infrastructure.
Significant trend this year
A key trend for 2022 to combat these cyberattacks,and a key driver of digitalisation of infrastructure and the combination of IoT and machine learning (ML), is LPWAN technology. It may seem strange that LPWAN technology such as Semtech’s LoRa devices and the LoRaWAN standard can be a key driver of security as well as digitalisation but the two are increasingly closely linked.
LoRa, operating with LoRaWAN, provides a secure, low energy approach to instrumenting infrastructure. The long range, low energy technology is vital to allowing battery-powered sensors and actuators to be placed in the locations where they are needed. Electricity infrastructure may have access to power, but other critical infrastructure such as water or gas distribution does not necessarily have access to reliable power in the right place. The long range is necessary to minimise the cost of adding a data network layer to critical infrastructure.
Identifying problems
Collecting data is essential to understanding the behaviour in the system and then identifying parts of the system that are starting to behave in a strange way and may be under attack. This is key to understanding and taking faster action for example on what to black list or white list or shutdown or isolate nodes.
Using machine learning for security analysis requires data, lots of data. ML algorithms use pattern matching to identify aberrations in the network, whether that’s in the equipment or in the rest of the network.
A low energy sensor network for collecting this data means the batteries last for years, avoiding costly battery replacement cycles, but this needs wireless protocols that can provide data across a network securely. There is no point in adding a sensor network to infrastructure that itself opens up an attack surface. LoRaWAN implements end-to-end AES256 encryption to protect the data, whether over a gateway or even a satellite network. There are now five networks with satellites in low earth orbit that can pick up LoRaWAN signals directly from sensor nodes on the ground and relay that data, still protected, back to a central database.
Satellite network
Using a satellite network for the sensor network allows infrastructure in remote areas, whether oil and gas pipelines, water or electricity networks to be monitored as closely as necessary. But this also brings other advantages. The same protocols that allow data to be picked up from sensors by a satellite 200km into orbit are also boosting the reliability of sensors in smart meters in basements and apartment buildings that can be difficult to reach.
While the immediate requirement is to monitor the activity of the infrastructure, adding this digital data layer and machine learning brings a number of other advantages. The analysis of the patterns of data from the sensors is bringing tremendous advantages to the network operator.
The ML analysis can identify aberrations in the data, which can be the result of impending failure or unauthorised intrusions. Predictive maintenance can save an operator millions of dollars by identifying equipment that is failing and automatically ordering components ready to be replaced in scheduled maintenance, rather than suffering an unplanned outage.
Similarly, the analysis of the patterns in the data can also identify subtle signs of intruders. Hacks take place over time, with intruders exploring different parts of a network, looking for vulnerable areas. Those pattern matching ML algorithms can also look for the signs of security breaches, unexpected access to systems or data anomalies, flagging up problems before they become significant.
Separating data and network
Having a separate data layer from the sensor network also makes sense from a security point of view. The control of critical infrastructure tends to be managed by SCADA (Supervisory control and data acquisition) software and hardware that directly interacts with sensors, valves, pumps, motors, and more. This is the more common target for security breaches. Having a separate network monitoring the SCADA system can avoid an intruder being aware that they have been caught.
This can be used to shut down parts of the network that might be compromised without having to shut down the infrastructure.
Infrastructure operators are increasingly aware that their networks are under attack. However upgrading the infrastructure is costly and time-consuming. The SCADA networks that control the infrastructure are oriented to real time process control rather than real time analysis of the data. An LPWAN network is a cost effective, quick and relatively simple way to add a data overlay to infrastructure. Open standards such as LoRaWAN, backed by the LoRa Alliance, enable and ecosystem of cost effective sensors, actuators, gateways and network operators around the globe that deliver the data.
This leaves the infrastructure operators and systems partners to ingest the data into their systems for machine learning monitoring and analysis, retaining control over the data as key assets.
LPWAN’s weapon
2022 is seeing infrastructure operators increasingly looking to LPWAN networks as a key weapon in the fight to secure their systems. Adding a data overlay on top of the existing infrastructure, coupled with machine leaning algorithms and ‘big data’ analysis, boosts the reliability, safety and security of energy and water networks.
The author is Alistair Fulton, vice president and general manager of Semtech’s Wireless and Sensing Products Group.
Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow