Warnings about threats to U.S. critical infrastructure are a constant drumbeat here in Washington, D.C. We have Congressional hearings, we have endless talk in agencies, but it has begun to seem that while there’s plenty of hand-wringing about the perils that could befall the critical infrastructure, solutions don’t seem to be at hand.
But that is starting to change. General Electric has introduced something it calls the “Industrial Internet,” which is a communications environment aimed at infrastructure companies that exists in parallel with the public Internet. But it doesn’t rely on the public Web for mission critical needs.
While parts of the GE Industrial Internet have been around for awhile, in some cases as long as 25 years, the company has now created a unified communications system that’s interoperable and which uses a variety of communications media. On April 10, GE announced that it’s added 4G LTE communications to the mix.
According to Tom Mueller, GE’s product manager for Industrial Communications, the Industrial Internet serves public utilities including water and sewage services, electric utilities, transportation (including air and rail systems), mining and other heavy industrial applications. GE business units such as Lentronics provide fiber optic networks while GE MDS (Microwave Data Systems) Orbit MCR-4G provides a variety of wireless communications. But in addition to providing an alternative to the public Internet, GE also goes where the Internet doesn’t.
Speaking of GE’s customers, Mueller said, “They’re often in remote locations with very harsh conditions. There may not be public infrastructure or they may not feel they can rely on it,” he said. But Mueller said that with 4G communications becoming ubiquitous, the Industrial Internet is now making use of Verizon’s LTE in addition to other private wireless solutions.
But private networks and private wireless systems have been around for years. What makes the Industrial Internet different is that it’s designed to provide its users with the services of the public internet without the risks to reliability or security. Mueller noted however that the Industrial Internet does offer access to and from the public Internet and he claims it does so securely. “One of the cornerstones of the Industrial Internet is that it’s completely secure and supports FIPS140-2.” He added that the GE system supports several other security and encryption standards.
While the Industrial Internet does provide services similar to the public Internet, it avoids some of the risks. For example, GE uses LTE only for non-mission-critical applications because of the potential for interruptions during emergencies. However, the fact that these applications aren’t mission-critical doesn’t mean they’re not important.
GE’s ‘Industrial Internet’ Bolsters Critical Infrastructure Security
As is the case with the public Internet, the Industrial Internet provides everything from routine access to the customer’s enterprise allowing remote users to have access to office functions while they’re in the field. It also allows employees to implement secure WiFi hotspots and it makes employees more effective in the process.
However, the need to bolster the US critical infrastructure means that critical industries, including electric utilities, water systems, power stations, transportation and communications need to be secure and dependable. What GE has done is integrate what were once a loose collection of private, leased and public communications pathways and consolidated it into a single, cohesive and secure internet. As is the case with the public Internet, users don’t have to spend time thinking about how they’re going to communicate, they simply do.
But the difference for the Industrial Internet is that the connections are more secure and reliable. The use of private and leased networks wherever possible isolates the network from intruders, while also allowing access for monitoring and intrusion detection. While it’s certainly not impossible for someone to find a way to break into the Industrial Internet if someone has access to a company’s infrastructure, it’s not likely that such an intrusion would go undetected.
So as a result the Industrial Internet that GE has developed meets all of the requirements that Congress, the White House and others have said is necessary to protect the critical infrastructure in the U.S. and with our partners. But obviously there’s something that GE, not to mention Congress and the White House can’t accomplish.
That something is what we lovingly call The Stupid Factor. Examples of the Stupid the managers of a power generation plant that took no data security precautions at all, resulting in a malware infection that shut the plant down for months. Or the water system in Texas that didn’t even have a firewall. Or the defense contractors that have been hosting Chinese hackers for years without knowing it?
When companies are run by managers too dumb, ill-informed or just plain lazy to take even the most basic precautions, then it’s impossible to protect the critical infrastructure, no matter how good products such as the Industrial Internet are.
But maybe there’s a solution there, too. Perhaps in instead of the hand-wringing about critical infrastructure, Congress were to hold those managers personally and financially responsible for failings of the critical infrastructure that are their responsibility, much like managers are responsible for certifying compliance in other areas, it would make a difference. The tools are there. But they don’t work if managers won’t use them.
[Disclosure: As of the publication date of this article Wayne Rash held several shares of GE common stock]