Security Model
The openElectric Security Model
The central motivation of the openElectric reference architecture was to establish a contemporary and coherent security model that can be applied at scale across the global electrification supply chain. Here we attempt to capture the key aspects of that security model, and how it is delegated and applied at various Tiers across the system.
To start at the conceptual level, the security model is trying to merge two important concepts;
-
Zero Trust: for the parts of the supply chain that are internet based, describe a security model that embodies zero trust security principles, by assuming compromise and attempts to limit the blast radius of an attack in all its respective dimensions. This model accepts the fate that nothing can be trusted, and provides a highly dynamic, responsive and automated environment to detect and respond to malicous and non-malicious activity.
-
Critical Infrastructure: where participants in the supply chain that play a role (implicit or otherwise) in the security of the power system, describe a security regime that reflects elements of critical infrastructure security; This model attempts to embody principles within the underlying infrastructure that satisfy the various governance frameworks (ISO 27001, IEC 62443, AES-CSF and so on) around visibility, auditability, and change management.
The security model spans the various tiers of the architecture, and delegates security responsibilities to lower layers wherever possible.
-
As a result, the Application Tier is only responsible for the identity and authorisation of users and roles to access the service. To the largest extent possible, other security concerns for communications across the supply chain are managed by the underlying infrastructure.
-
Cybersecurity and infrastructure monitoring is performed within the Domain Infrastructure Tier, as it relies on important domain information to detect and respond to anomalous behaviour at different points across the system.
-
The responsibilities for communications between workloads, with workloads operating across the supply chain, and with IoT resources, are managed at the Mesh Infrastructure Tier.