At our power plant, the North American Electric Reliability Corporation (NERC) requires controls be put in place to maintain cybersecurity. NERC has 13 Critical Infrastructure Protection (CIP) standards that range from physical protections to electronic protections. According to Mark Jones, Engineering Supervisor, Prairie State’s power plant goes above and beyond most of these requirements.
“The Distributed Control System (DCS) is the heart of the plant. If a cyber-attack were launched toward this system, it could easily affect operations,” Jones said. “Because of the criticality of the DCS, good cybersecurity practices that go beyond the NERC standards are a must. One of the most important protections we utilize are firewalls at the perimeter of the DCS. These firewalls are in place to ensure that only specific, necessary communication is allowed to and from the system.”
Other controls include antivirus protection, application whitelisting, and blocking unapproved USB drives. While antivirus protection is a good control, it must be updated to defend against any newly discovered viruses. Application whitelisting is more stringent. Instead of only protecting against a known virus, whitelisting prevents attacks before they can occur. Whitelisting creates an approved list which only allows specific programs to run, blocking all other programs. This works well for the DCS because it is an unchanging environment, which allows for easy maintenance of the approved list.