US Power Grids, Oil and Gas Industries, and Risk of Hacking

A report released in June, from the security firm Dragos, describes a worrisome development by a hacker group named, “Xenotime” and at least two dangerous oil and gas intrusions and ongoing reconnaissance on United States power grids.

Multiple ICS (Industrial Control Sectors) sectors now face the XENOTIME threat; this means individual verticals – such as oil and gas, manufacturing, or electric – cannot ignore threats to other ICS entities because they are not specifically targeted.


The Dragos researchers have termed this threat proliferation as the world’s most dangerous cyberthreat since an event in 2017 where Xenotime had caused a serious operational outage at a crucial site in the Middle East. 

The fact that concerns cybersecurity experts the most is that this hacking attack was a malware that chose to target the facility safety processes (SIS – safety instrumentation system).

For example, when temperatures in a reactor increase to an unsafe level, an SIS will automatically start a cooling process or immediately close a valve to prevent a safety accident. The SIS safety stems are both hardware and software that combine to protect facilities from life threatening accidents.

At this point, no one is sure who is behind Xenotime. Russia has been connected to one of the critical infrastructure attacks in the Ukraine.  That attack was viewed to be the first hacker related power grid outage.

This is a “Cause for Concern” post that was published by Dragos on June 14, 2019

“While none of the electric utility targeting events has resulted in a known, successful intrusion into victim organizations to date, the persistent attempts, and expansion in scope is cause for definite concern. XENOTIME has successfully compromised several oil and gas environments which demonstrates its ability to do so in other verticals. Specifically, XENOTIME remains one of only four threats (along with ELECTRUM, Sandworm, and the entities responsible for Stuxnet) to execute a deliberate disruptive or destructive attack.

XENOTIME is the only known entity to specifically target safety instrumented systems (SIS) for disruptive or destructive purposes. Electric utility environments are significantly different from oil and gas operations in several aspects, but electric operations still have safety and protection equipment that could be targeted with similar tradecraft. XENOTIME expressing consistent, direct interest in electric utility operations is a cause for deep concern given this adversary’s willingness to compromise process safety – and thus integrity – to fulfill its mission.

XENOTIME’s expansion to another industry vertical is emblematic of an increasingly hostile industrial threat landscape. Most observed XENOTIME activity focuses on initial information gathering and access operations necessary for follow-on ICS intrusion operations. As seen in long-running state-sponsored intrusions into US, UK, and other electric infrastructure, entities are increasingly interested in the fundamentals of ICS operations and displaying all the hallmarks associated with information and access acquisition necessary to conduct future attacks. While Dragos sees no evidence at this time indicating that XENOTIME (or any other activity group, such as ELECTRUM or ALLANITE) is capable of executing a prolonged disruptive or destructive event on electric utility operations, observed activity strongly signals adversary interest in meeting the prerequisites for doing so.”

Sensor Network Monitoring: Integrate or Separate?

Analynk AE-902
Analynk AE-902 ATEX Zone 2 and Class 1,
Division 2 Groups A, B, C & D Enclosure
with ISA100a/WirelessHART Gateway and
Aruba AP-318 Access Point
Reprinted from "Built to Blast: Industrial Internet of Things Infrastructure for Hazardous Environments"  by Aruba NetworksFull text white paper can be downloaded here.

Deterministic behavior has long been a requirement for critical control networks in potentially explosive environments, and industrial customers have relied on ATEX Zone 2 or Class 1 Division 2 WirelessHART or ISA100a for years to monitor flow, pressure, temperature, and other wireless sensors. These rudimentary control standards lack advanced cybersecurity features but are very high-speed and low power, making them attractive to oil and gas customers in particular.

Customers are often confused about the pros and cons of purchasing an access point with an integrated 2.4GHz WirelessHART or ISA100a sensor network transceiver, or purchasing a separate control gateway and access point. One of the issues with an integrated access point is that the ideal location for a sensor network antenna can be very different than for a Wi-Fi antenna. The former needs to be within line-of-site of the sensor mesh, while the latter needs to be in line-of-site of roaming client devices and potentially other backhaul access points.

A second reason for remotely locating the sensor network antenna is to avoid interference between the 2.4GHz WirelessHART or ISA100A sensor network and the 2.4GHz Wi-Fi network. WirelessHART uses 2.4GHz 802.15.4-2006 (ZigBee) radios with a channel hopping mesh and time- synchronized messaging. ISA100a also has a single physical layer using 2.4GHz 802.15.4-2006 radios with listen-before-talk operation, short messages, low duty cycle, and adaptive frequency hopping. While both control networks are intended to operate near other wireless network, the reality is that the RF signal degrades with in-band interference, and also interferes with 2.4GHz Wi-Fi channels. Frequency planning, antenna location, and antenna separation must all be considered during the design and implementation phases.

Typically the sensor and Wi-Fi network antennas must be separated by at least one meter, potentially more depending on the frequency of sensor transmissions and the power output and antenna propagation pattern of the Wi-Fi access point. By definition that means one of the systems will require an external antenna and lead-in cable.

Another reason for separating the sensor gateway and Wi-Fi access point was touched on earlier: Wi-Fi is changing at a very fast clip whereas WirelessHART and ISA100a are not. Staying current with technological changes in Wi-Fi requires more frequent updates than do sensor networks, for which change has been very slow. That calculus may start changing after 2021 by which time the new 802.11ax standard could start displacing WirelessHART and ISA100a, leading to hybrid deployments in which new 802.11ax devices have to coexist with WirelessHART and ISA100a. Until that time, separating the sensor gateway from the access point allows RF performance to be optimized for each system while minimizing the impact of RF technology transitions to existing infrastructure.

Technology suppliers have recognized the benefits of building separate sensor gateways for use in potentially explosive environments, and there are multiple vendors for these devices. For example, ArubaEdge technology partners build ATEX Zone 2, Class 1 Division 2 gateways for WirelessHART and ISA100a control networks. These gateways can be connected to a nearby Aruba switch or access point using an Ethernet interface cable up to 100 meters in length, longer if a fiber optics adapter and cable is used. Gateways with a built-in antenna and don’t require a remote antenna or lead-in cable.
If the sensor gateway and Aruba access point must be co-located for cost, convenience, or antenna positioning, an ArubaEdge partner gateway circuit card can be installed in the same explosion-proof housing as the Aruba access point. That design requires an external sensor network antenna and lead-in cable, however, it allows the Wi-Fi access point to be updated as needed without needlessly replacing the sensor gateway.

To learn more, read the entire white paper from Aruba Networks. You can download it from the Analynk website here.


Top 6 Reasons to Deploy Wireless Networking in Industrial Facilities

Wireless technologies offer great value over wired solutions. A reduction in cost is just one of the many benefits of switching to the wireless networking system. There are many benefits, including enhanced management of legacy systems that were previously not possible with a wired networking connection. Here is an overview of some of the value-added benefits of adopting wireless networking in industrial plants.

#6 - Efficient Information Transfer

A significant advantage over wired networks is that the time required to reach a device is reduced. This results in a more efficient transfer of information between network segments that are geographically separated. The industry wireless networking standards use IP addresses to allow remote access to data from field devices.

#5 - Operational Efficiencies

Migrating to wireless networking can help in improving operational efficiencies as well. Plant managers can troubleshoot and diagnose issues more easily. The system facilitates predictive maintenance by allowing the monitoring of remote assets.

#4  - Enhanced Flexibility 

Enhanced flexibility is another reason for deploying wireless networking solutions in an industrial setting. Additional points can be awarded easily in an incremental manner. The wireless system can also integrate with legacy systems without any issues.

#3 - Improved Information Accuracy 

Adopting wireless networking also results in improved accuracy of information. The wireless system is not prone to interferences. As a result, the system ensures consistent and timely transfer of information from one node to another.

#2 - Reduced Installation Costs

Savings in installation costs is the key benefit of a wireless networking system. The cost of installing a wireless solution is significantly lower as compared to its wired counterpart. Installing a wireless network requires less planning. Extensive surveys are not required to route the wires to control rooms. This reduced installation cost is the main reason industrial setups should consider going wireless instead of having a wired networking system.

#1 - Human Safety 

The most significant factor that should influence the decision to migrate to wireless networking is the human safety factor. Wireless technologies allow safer operations, reducing exposure to harmful environments. For instance, a wireless system can be used in taking a reading and adjusting valves without having to go to the problematic area to take measurements.

Analynk Wireless, LLC
(614) 755-5091

Protecting Wireless Infrastructure in Potentially Explosive Environments

Wireless access point enclosure"Built to Blast: Industrial Internet of Things Infrastructure for Hazardous Environments" 

Many chemical, defense, flight line, food processing, fueling, mining, petrochemical, and pharmaceutical applications require high-performance Wi-Fi access in potentially explosive environments. Whether for device telemetry, network access, site-to-site connectivity, or unified communications, these applications require the highest available Wi-Fi performance in the harshest of environments.

Wi-Fi access points can be designed to operate directly in explosive environments without an additional protective enclosure, or they can be designed for use in non-explosive environments and operated inside of an enclosure rated for the application. The former approach is cost-effective when the underlying technology driving the equipment is established, stable, and unlikely to need an upgrade for years; IoT speed, position, pressure, and temperature sensors fall into that category.

The latter approach – using an external enclosure – is the most practical if the underlying wireless technology is changing rapidly. That’s because the cost of purchasing and installing an explosion-proof enclosure can represent from 4 to 20 times the cost of the access point the enclosure is designed to protect. It’s substantially less expensive to swap out the access point, leaving the protective enclosure untouched, than to install a completely new enclosure with every technology upgrade.

In less than ten years the Wi-Fi industry has moved from 802.11n to 802.11ac Wave 1 to 802.11ac Wave 2. Just as no customer would buy a new truck based on a 10 year old design, neither would they consider deploying 802.11n access points based on technology from 2007. At a minimum they would use 802.11ac Wave 1, especially in industrial environments, because of 802.11ac’s outstanding multipath performance in the presence of metal.

Using typical amortization rates a customer that wants to stay abreast of the latest Wi-Fi technology would update equipment roughly once every four years. If we assume that an access point designed for uncontrolled outdoor environments with wide temperature range operation has a List price of $1,500, the associated Class 1 Division 2 enclosure Lists for $3,500, and the installation of just the enclosure (excluding access point set-up and commissioning) costs $2,500, then customers will save $4,500 with every turn of access point technology if the enclosure is retained.

For more information about hazardous area wireless access point enclosures, contact Analynk by calling (614) 755-5091 or visit their website at https://analynk.com.

Regulations and Standards for Equipment Operating in Explosive Atmospheres

Reprinted from "Built to Blast: Industrial Internet of Things Infrastructure for Hazardous Environmentsby Aruba Networks.  Full text white paper can be downloaded here.

A potentially explosive atmosphere exists when air gas, vapor, mist, or dust – alone or in combination – are present under circumstances in which it or they can ignite under specified operating conditions. Places with potentially explosive atmospheres are called “hazardous” or “classified” areas or locations.

Multiple local and international regulations are in place to mitigate the risk posted by operating networks and IoT devices in potentially explosive atmospheres. Increasingly these regulations are becoming harmonized under a framework developed by the International Electrotechnical Commission (IEC) and European and US standards.

ATEX Directives

ATEX, derived from the French phrase “Atmosphères Explosibles,” is a European regulatory framework for the manufacture, installation, and use of equipment in explosive atmospheres. It consists of two European Union (EU) directives:

  • 1999/92/EC which defines the minimum safety requirements for workers in hazardous areas; and
  • 2014/34/EU which covers equipment and protective systems intended for use in potentially explosive atmospheres.

These two directives define the essential health and safety requirements, as well as the conformity assessment procedures, that need to be applied before products can be used in the EU market.

IEC Ex System (IECEx)

IECEx is a voluntary certification program that validates compliance with IEC standards related to safety in explosive atmospheres. Details about IECEx, its coverage areas, and conformity mark system can be found at www.iecex.com.

European Committee for Electrotechnical Standardization (CENELEC)

CENELEC was formed to facilitate a consensus-building process between European and international electrical standards activities. In 1996 CENELEC and the IEC formalized a framework of cooperation through an agreement on common standards planning and parallel voting that is known as the Dresden Agreement. As a result of this initiative both CENELEC and IEC have similar standards for explosive environments.

National Electrical Code (NEC)

NEC defines the standards for the safe installation of electrical wiring and equipment in the United States, and its standards are coordinated with those of the National Fire Protection Association (NFPA). NFPA 70 Articles 500 thru 510 address safe practices for the location and operation of electrical equipment in hazardous locations installations.
Additional national standards relating to hazardous environments may be in effect in different countries, however, there has been a concerted effort in recent years to harmonize local standards with the standards referenced above.

About Analynk

Analynk, LLC manufacturers hazardous area wireless access points. More information on their products can be found here.
https://analynk.com
614-755-5091

IIoT (Industrial Internet of Things) Wireless Networking Considerations in Hazardous Environments

Industrial Internet of Things Wireless Networking
BUILT TO BLAST
Industrial Internet of Things Infrastructure for
Hazardous Environments
Industry groups and standards bodies have collaborated to address these issues by classifying explosive materials and defining standards under which networking equipment and Internet of Things (IoT) devices can be safely operated in their presence. The work has been conducted by different organizations, in different regions, and it can be challenging to understand which standards are applicable under different scenarios.

This white paper examines the different categories of explosive risks, which standards to apply under different scenarios, how network infrastructure can be deployed in explosive environments, and how sensor systems can be integrated with this infrastructure. The goal is to enable end customers and resellers to select the network infrastructure, enclosures, and associated systems that are best suited to each scenario.