Securing The Network Management Module; Cybersecurity Considerations For Electrical Distribution Systems; Purpose; Introduction - Eaton Network-M2 User Manual

4 Securing the Network Management Module

4.1 Cybersecurity considerations for electrical distribution systems

4.1.1 Purpose

The purpose of this section is to provide high-level guidance to help customers across industries and
applications apply Eaton solutions for power management of electrical systems in accordance with current
cybersecurity standards.
This document is intended to provide an overview of key security features and practices to consider in order
to meet industry recommended standards and best practices.

4.1.2 Introduction

Every day, cyber attacks against government and commercial computer networks number in the millions.
According to U.S. Cyber Command, Pentagon systems are probed 250,000 times per hour. Similar attacks
are becoming more prevalent on other kinds of information-based smart networks as well, such as those that
operate buildings and utility systems. Whether the objective is to steal intellectual property or halt operations,
the tools and the techniques used for unauthorized network access are increasingly sophisticated.
4.1.3 Connectivity—why do we need to address cybersecurity for industrial
control systems (ICS)?
There is increasing concern regarding cybersecurity across industries where companies are steadily
integrating field devices into enterprise-wide information systems. This occurs in discrete manufacturing and
process industrial environments, a wide range of general and specific purpose commercial buildings, and
even utility networks. Traditionally, electrical systems were controlled through serial devices connected to
computers via dedicated transceivers with proprietary protocols. In contrast, today's control systems are
increasingly connected to larger enterprise networks, which can expose these systems to similar
vulnerabilities that are typically found in computer systems. The differences between information technology
(IT) and ICS networks can be summarized as follows:
• The main focus of the IT network is to ensure the confidentiality and the integrity of the data using
rigorous access control and data encryption
• The main focus of the ICS network is safety, availability, and integrity of data
• Enterprise security protects the servers' data from attack
• Control system security protects the facility's ability to safely and securely operate, regardless of what
may befall the rest of the network

4.1.4 Cybersecurity threat vectors

Cybersecurity threat vectors are paths or tools that an entity can use to gain access to a device or a control
network in order to deliver a malicious attack. Figure below shows examples of attack vectors on a network
that might otherwise seem secure.
Cybersecurity considerations for electrical distribution systems
Securing the Network Management Module – 71