Canadian Electrical Industry News Week

Apr 16, 2020

LightingIn this article, we focus on cyber-attacks and insider threats to the smart lighting system and the countermeasures an organization can take to help minimize these incidents. This is the fourth and final article in a multi-part introductory series on security in smart lighting systems. In this series, learn about best practices, based on NIST standards and guidelines, for identifying and mitigating cybersecurity risks and threats, as well as implementing cybersecurity controls on an organizational level. The first article introduced the concept of a multi-tiered approach to smart lighting system cybersecurity. We then covered key security control strategies. The second article focused on access control/identification and authentication, and the third article focused on system and communications protection and system and information integrity.

Smart lighting system cyber-attacks

Cyber-attacks to a connected lighting system are usually considered malicious attacks from the outside that target the function and operation of the system. A cyber-attack might involve deploying malware or ransomware that exploits sensitive information or demands the administrator pay a certain ransom. Ransomware that targets shutting down the system unless the requested ransom is paid could pose a serious issue for light management systems. 

Other examples of external threats could be malicious intrusion of an attacker to gain access to the lighting system to control it. This intrusion could be as simple as a prank to control lighting in schools or public spaces, or as complex as a business or politically motivated attack that targets the operation of an industrial, commercial or public administration facility, such as for example, interrupting the production process in an industrial facility.

Systems need to be protected against cyber-attacks by implementing the controls presented in the previous articles in this series, including:

• encryption of all communication and sensitive information
• firewalls at external interfaces or between system components
• anti-malware to identify and to quarantine malicious code such as a virus, ransomware, etc.
• password protection of user accounts

Insider Threats to Smart Lighting Systems

Insider threats are attacks or security-related events that originate within the organization and the boundaries of the lighting system. They occur more frequently than cyber-attacks. Although some insider attacks are malicious and initiated by disgruntled employees, most occur accidentally and unknowingly due to lack of knowledge or carelessness.  Often, they go unnoticed for a long time.

Insider attacks can be as simple as personal control users having privileges, in error, to control areas beyond their private office. Most likely these users were given the additional privileges by mistake, or they weren’t revoked after a user moved to another space within the building.

Access management and training play critical roles in mitigating the risk of insider attacks. When not used, serious attacks could result in the entire lighting system being shut down. This can happen when, for example:

• The lighting control system has full privilege admin accounts shared by all system users (administrators, operators, service techs) instead of individual user accounts that are restricted to the role of a system user.

• Control system administrators are not trained to fully understand the impact of their actions.

• Operators have uncontrolled access to critical system resources such as the system database, user management or encryption keys, that can erase without warning.

Another insider threat risk lies in (unknowingly) sharing protected system information with third parties that should not have access to the information.  Modern technology, such as shared network drives, chat groups or other collaboration tools, make it easy to share information without being aware of the audience that has access to the information, especially when these tools are used as part of the daily work outside of the control system. For example, using the control system admin console or main processing unit as a personal workstation could erase the lines between common usage and the protection needed for the control system.

Processes that mitigate threats

For a control system to stay secure, it is essential that the system administrator implements the following processes.

1. Threat modeling and analysis

Identifying key cyber-attacks and insider threats as well as the measures to best protect the system against such threats, is critical. Threat modeling and analysis is a process that identifies vulnerabilities as well as those assets of most value from an attacker’s point of view. It is important for participants (control system operating team, IT, the system integrator and the corporate security team) to perform this process before implementing the control system, as well as on an annual basis.

2. Identification and access management

Before individuals can be granted access to the system, it is important to identify individual role and skills required to operate the control system safely and securely. Using an identification and access management process highlights not only who will have access to the system but also what privileges each role will have when accessing the system.

Individuals need to be selected for each access category carefully and they must receive initial training as well as periodic refreshers on system security functions and the impact their actions have especially when changing critical security and system parameters. A control system that provides identification and access management functions such as secure sign on, user identification and authentication, and role-based authorization can ensure the secure operation of the control system.

It is important that the identification and access management process and the individual privileges get reviewed on a periodic basis throughout the lifetime of the control system.

3. Security information and event management (SIEM)

SIEM defines relevant security events and how security information is gathered, stored, archived and audited. It also outlines how to react when a security event is recognized and how to inform stakeholders in the event of a security breach.

The lighting control system can help support the system administrator in detecting security incidents or identifying other events that impact the secure operation of the system. The system must be periodically audited and monitored for events that are significant and relevant including password changes, failed logons/system access, the use of administrative privileges, or events for any other relevant functions and operations.

It’s the responsibility of the control system to generate these audit records including information on the type of event, when and where it occurred, the source, outcome and the identity of any individuals or subjects associated. The control system also sends alerts on the detection of audible events or processing failures in the system’s audit and security functions.

The control system should timestamp, securely store, and protect the audit events from unauthorized access, and maintain the records according to retention polices for later analysis and audit.

The ENCELIUM EXTEND Light Management System has been accepted as a secure system by the GSA (General Services Administration), an independent agency of the United States government, and is currently used for smart lighting in government and commercial buildings.

This article is the fourth and final article in an introductory series about Managing Security Risks in Smart Lighting Systems.

• Part 1 10:00:00 introduces the concept of a multi-tiered approach to identifying and mitigating cybersecurity risks and threats.

• Part 2 highlights access control/identification and authentication -- two key security control families.

• Part 3 highlights several additional security control families -- system and communications protection and system and information integrity.

Source

Changing Scene

  • Prev
Government Relations Minister Lori Carr announced the transfer of gas and electrical licensing ...
IDEAL continues to recognize the essential work electricians are doing during this global crisis. ...
Total investment in building construction increased 60.1% to $13.4 billion in May, ...
IDEAL Industries recently put together a new supply catalogue focused on panel builders and ...
ECAO is piloting a young leaders group, named Future Leaders Advisory Council (FLAC).   ...
Cooper Lighting extends its commitment to education and support of its customers and specifiers. ...
Stay Wired to Win is a monthly at-home challenge designed to keep your competitive spark going ...
Join the Electrical Contractors Association of Ontario (ECAO) for a live webinar on July 7 at 2:00 ...
Following the latest COVID-19 announcements from the Ontario Government, ESA has decided to ...
Introducing Stay Wired to Win – a series of monthly at-home challenges designed to keep your ...


 

LDS Aug Products Eaton AL Series Dimmers 400Eaton's Wiring Devices AL series dimmers offer a versatile option for any dimming application - fine tune the dimming performance to match your exact needs and change colors as needed to suit any décor.

Color change kits come with three color faceplates, offering design flexibility within one product. Select models are available in 4 different color combination packs.

 

 


Read More

 

ESAAs the government continues a gradual, staged approach to reopen Ontario, ESA is assessing how they can safely resume in-person classroom training while adhering to Ontario Public Health guidelines. ESA is continuing to monitor key public health indicators and Stage 3 restrictions as efforts begin to reschedule previously postponed in-person classroom courses.

If you are registered in a postponed ESA course, they will notify you in the next couple of weeks of the rescheduled date. Please note that online courses are continuing as scheduled.

 

Read More

 


 



Case Study: EikoPro Electric LLC had a customer that had just constructed a new horse barn and was looking to light it quickly. The barn was designed to be lit with ten high bay lights for maximum efficacy and efficiency. Together with EiKO’s distributor partner, Platt Electric Redmond located in Redmond, Oregon, Pro Electric selected the EiKO 200W BAY-C high bay fixture, which puts out an impressive 30,000+ lumens at a 5000K color temperature. This high lumen output and the long life of the fixture – 72,000 hours – made it an ideal choice for the application.

Obviously, when lighting a barn, the security and safety of the animals, riders, and care givers is paramount. EiKO’s LED high bay products fill the space with light, eliminating shadows and blind spots.

Read More

Product News

  • Prev
The SlimLED you know and love is now available with a 5-position CCT selectable switch.   ...
Intense Lighting, a Leviton company, today announced the launch of the highly anticipated V-Rail ...
Beluce has developed a line of social distancing signs and “face covering required” signs to remind ...
Eaton's Wiring Devices AL series dimmers offer a versatile option for any dimming application - ...
The YDD-L is an energy-efficient dusk to dawn yard light. It was designed for barns and ...
Arani's single-sided LED plastic running man sign comes in 2 versions: with battery, and without ...
With three shapes and 14 sizes available, Lumewerx’s latest addition to the Pop family comes in ...
Midwest’s Metallic RV power centers are a cost-effective favorite among campground owners ...
The IDEAL SLK® Disconnect Fuse Kit is a waterproof breakaway safety device that ...
The LED Edge-Lit ceiling luminaire has a very slim design for a modern and minimalist ...


 

Yard LightThe YDD-L is an energy-efficient dusk to dawn yard light. It was designed for barns and farms. It is a versatile and economic light source that is good on the environment and uses long-life LED’s. The YDD-L comes standard with photo control which helps to provide significant power savings.

Lens
Polycarbonate diffused lens encloses high performance LEDs.

 

 

 

Read More

 


 

Peers & Profiles

  • Prev
At fourteen, Tom Miguel was sitting in the counselor’s office of Silverthorn Collegiate ...
Meredith Halfpenny is a Wind Site Technician with Boralex where she inspects, maintains, and ...
Rutul Bhavsar is a final year Electrical Engineering student at Mohawk College. He recently ...
Shannon Tymosko is a first-year apprentice with IBEW (International Brotherhood of Electrical ...
ELG Electric is an electrical contractor based out of Goderich, Ontario serving the area’s ...
Founded by Warren Osak, Electromate specializes in Robotic and Mechatronic Solutions, distributing ...
 Will West is a first-year apprentice working in the solar industry with Hakai Energy ...
“It’s definitely the Olympics of our trade,” said Lance Giesbrecht of the Ideal National ...
Tommy Carducci is a 14-year industry veteran working with Seneca Electrical and was one of 18 ...
Legend Power Systems is an innovative Canadian company headquartered out of Vancouver, B.C. Their ...


Tom MiguelBy Sarah PickardTom Miguel

At 14, Tom Miguel was sitting in the counselor’s office of Silverthorn Collegiate Institute in Etobicoke with his entire life ahead of him. In 1981, the world was changing, and like so many young men and women, he was faced with a world of choices that would go on to define both his career and his life.

It was in this office that some counsellor suggested becoming an electrician, and Tom’s interest was piqued. “I knew from that point on what field of studies I needed to focus on to become an electrician,” Tom said.

 

Read More

 


Rutul Bhavsar 1 400By Blake Marchand

Rutul Bhavsar is a final year Electrical Engineering student at Mohawk College. He recently co-authored a whitepaper on Mohawk College’s Joyce Centre for Partnership & Innovation discussing the technologies utilized in the state-of-the-art zero-carbon/carbon-neutral facility. Rutul was the lead author on the project, supported by Dr. Mariano Arriaga, General Manager of Mohawk’s Energy and Power Innovation Centre (EPIC) and Dr. Tony Cupido Research Chair, Sustainability at Mohawk College. Rutul’s interests lie in the more progressive areas of the industry, automation, control, and energy efficient technologies.

Read More


 

Copper $US Dollar price per pound

Kerrwil Publications Great Place to Work. Certified December 2019 - December 2020

538 Elizabeth Street, Midland,Ontario, Canada L4R2A3 +1 705 527 7666
©2020 All rights reserved

Use of this Site constitutes acceptance of our Privacy Policy (effective 1.1.2016)
The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of Kerrwil