In early 2021, Americans living on the East Coast got a sharp lesson on the growing importance of cybersecurity in the energy industry. A ransomware attack hit the company that operates the Colonial Pipeline—the major infrastructure artery that carries almost half of all liquid fuels from the Gulf Coast to the eastern United States. Knowing that at least some of their computer systems had been compromised, and unable to be certain about the extent of their problems, the company was forced to resort to a brute-force solution: shut down the whole pipeline.
Leo Simonovich is vice president and global head of industrial cyber and digital security at Siemens Energy.
The interruption of fuel delivery had huge consequences. Fuel prices immediately spiked. The President of the United States got involved, trying to assure panicked consumers and businesses that fuel would become available soon. Five days and untold millions of dollars in economic damage later, the company paid a $4.4 million ransom and restored its operations.
It would be a mistake to see this incident as the story of a single pipeline. Across the energy sector, more and more of the physical equipment that makes and moves fuel and electricity across the country and around the world relies on digitally controlled, networked equipment. Systems designed and engineered for analogue operations have been retrofitted. The new wave of low-emissions technologies—from solar to wind to combined-cycle turbines—are inherently digital tech, using automated controls to squeeze every efficiency from their respective energy sources.
Meanwhile, the covid-19 crisis has accelerated a separate trend toward remote operation and ever more sophisticated automation. A huge number of workers have moved from reading dials at a plant to reading screens from their couch. Powerful tools to change how power is made and routed can now be altered by anyone who knows how to log in.
These changes are great news—the world gets more energy, lower emissions, and lower prices. But these changes also highlight the kinds of vulnerabilities that brought the Colonial Pipeline to an abrupt halt. The same tools that make legitimate energy-sector workers more powerful become dangerous when hijacked by hackers. For example, hard-to-replace equipment can be given commands to shake itself to bits, putting chunks of a national grid out of commission for months at a stretch.
For many nation-states, the ability to push a button and sow chaos in a rival state’s economy is highly desirable. And the more energy infrastructure becomes hyperconnected and digitally managed, the more targets offer exactly that opportunity. It’s not surprising, then, that an increasing share of cyberattacks seen in the energy sector have shifted from targeting information technologies (IT) to targeting operating technologies (OT)—the equipment that directly controls physical plant operations.
To stay on top of the challenge, chief information security officers (CISOs) and their security operations centers (SOCs) will have to update their approaches. Defending operating technologies calls for different strategies—and a distinct knowledge base—than defending information technologies. For starters, defenders need to understand the operating status and tolerances of their assets—a command to push steam through a turbine works well when the turbine is warm, but can break it when the turbine is cold. Identical commands could be legitimate or malicious, depending on context.
Even collecting the contextual data needed for threat monitoring and detection is a logistical and technical nightmare. Typical energy systems are composed of equipment from several manufacturers, installed and retrofitted over decades. Only the most modern layers were built with cybersecurity as a design constraint, and almost none of the machine languages used were ever meant to be compatible.
For most companies, the current state of cybersecurity maturity leaves much to be desired. Near-omniscient views into IT systems are paired with big OT blind spots. Data lakes swell with carefully collected outputs that can’t be combined into a coherent, comprehensive picture of operational status. Analysts burn out under alert fatigue while trying to manually sort benign alerts from consequential events. Many companies can’t even produce a comprehensive list of all the digital assets legitimately connected to their networks.
In other words, the ongoing energy revolution is a dream for efficiency—and a nightmare for security.
Securing the energy revolution calls for new solutions equally capable of identifying and acting on threats from both physical and digital worlds. Security operations centers will need to bring together IT and OT information flows, creating a unified threat stream. Given the scale of data flows, automation will need to play a role in applying operational knowledge to alert generation—is this command consistent with business as usual, or does context show it’s suspicious? Analysts will need broad, deep access to contextual information. And defenses will need to grow and adapt as threats evolve and businesses add or retire assets.
This month, Siemens Energy unveiled a monitoring and detection platform aimed at resolving the core technical and capability challenges for CISOs tasked with defending critical infrastructure. Siemens Energy engineers have done the legwork needed to automate a unified threat stream, allowing their offering, Eos.ii, to serve as a fusion SOC that’s capable of unleashing the power of artificial intelligence on the challenge of monitoring energy infrastructure.
AI-based solutions answer the dual need for adaptability and persistent vigilance. Machine learning algorithms trawling huge volumes of operational data can learn the expected relationships between variables, recognizing patterns invisible to human eyes and highlighting anomalies for human investigation. Because machine learning can be trained on real-world data, it can learn the unique characteristics of each production site, and can be iteratively trained to distinguish benign and consequential anomalies. Analysts can then tune alerts to watch for specific threats or ignore known sources of noise.
Extending monitoring and detection into the OT space makes it harder for attackers to hide—even when unique, zero-day attacks are deployed. In addition to examining traditional signals like signature-based detection or network traffic spikes, analysts can now observe the effects that new inputs have on real-world equipment. Cleverly disguised malware would still raise red flags by creating operational anomalies. In practice, analysts using the AI-based systems have found that their Eos.ii detection engine was sensitive enough to predictively identify maintenance needs—for example, when a bearing begins to wear out and the ratio of steam in to power out begins to drift.
Done right, monitoring and detection that spans both IT and OT should leave intruders exposed. Analysts investigating alerts can trace user histories to determine the source of anomalies, and then roll forward to see what else was changed in a similar timeframe or by the same user. For energy companies, increased precision translates to dramatically reduced risk – if they can determine the scope of an intrusion, and identify which specific systems were compromised, they gain options for surgical responses that fix the problem with minimal collateral damage—say, shutting down a single branch office and two pumping stations instead of a whole pipeline.
As energy systems continue their trend toward hyperconnectivity and pervasive digital controls, one thing is clear: a given company’s ability to provide reliable service will depend more and more on their ability to create and sustain strong, precise cyber defenses. AI-based monitoring and detection offers a promising start.
To learn more about Siemens Energy’s new AI-based monitoring and detection platform, check out their recent white paper on Eos.ii.
The Advanced Research Projects Agency for Energy (ARPA-E) funds high-risk, high-reward energy research projects, and each year the agency hosts a summit where funding recipients and other researchers and companies in energy can gather to talk about what’s new in the field.
As I listened to presentations, met with researchers, and—especially—wandered around the showcase, I often had a vague feeling of whiplash. Standing at one booth trying to wrap my head around how we might measure carbon stored by plants, I would look over and see another group focused on making nuclear fusion a more practical way to power the world.
There are plenty of tried-and-true solutions that can begin to address climate change right now: wind and solar power are being deployed at massive scales, electric vehicles are coming to the mainstream, and new technologies are helping companies make even fossil-fuel production less polluting. But as we knock out the easy wins, we’ll also need to get creative to tackle harder-to-solve sectors and reach net-zero emissions. Here are a few intriguing projects from the ARPA-E showcase that caught my eye.
Vaporized rocks
“I heard you have rocks here!” I exclaimed as I approached the Quaise Energy station.
Quaise’s booth featured a screen flashing through some fast facts and demonstration videos. And sure enough, laid out on the table were two slabs of rock. They looked a bit worse for wear, each sporting a hole about the size of a quarter in the middle, singed around the edges.
These rocks earned their scorch marks in service of a big goal: making geothermal power possible anywhere. Today, the high temperatures needed to generate electricity using heat from the Earth are only accessible close to the surface in certain places on the planet, like Iceland or the western US.
Geothermal power could in theory be deployed anywhere, if we could drill deep enough. Getting there won’t be easy, though, and could require drilling 20 kilometers (12 miles) beneath the surface. That’s deeper than any oil and gas drilling done today.
Rather than grinding through layers of granite with conventional drilling technology, Quaise plans to get through the more obstinate parts of the Earth’s crust by using high-powered millimeter waves to vaporize rock. (It’s sort of like lasers, but not quite.)
Annika Hauptvogel, head of technology and innovation management at Siemens, describes the industrial metaverse as “immersive, making users feel as if they’re in a real environment; collaborative in real time; open enough for different applications to seamlessly interact; and trusted by the individuals and businesses that participate”—far more than simply a digital world.
The industrial metaverse will revolutionize the way work is done, but it will also unlock significant new value for business and societies. By allowing businesses to model, prototype, and test dozens, hundreds, or millions of design iterations in real time and in an immersive, physics-based environment before committing physical and human resources to a project, industrial metaverse tools will usher in a new era of solving real-world problems digitally.
“The real world is very messy, noisy, and sometimes hard to really understand,” says Danny Lange, senior vice president of artificial intelligence at Unity Technologies, a leading platform for creating and growing real-time 3-D content. “The idea of the industrial metaverse is to create a cleaner connection between the real world and the virtual world, because the virtual world is so much easier and cheaper to work with.”
While real-life applications of the consumer metaverse are still developing, industrial metaverse use cases are purpose-driven, well aligned with real-world problems and business imperatives. The resource efficiencies enabled by industrial metaverse solutions may increase business competitiveness while also continually driving progress toward the sustainability, resilience, decarbonization, and dematerialization goals that are essential to human flourishing.
This report explores what it will take to create the industrial metaverse, its potential impacts on business and society, the challenges ahead, and innovative use cases that will shape the future. Its key findings are as follows:
• The industrial metaverse will bring together the digital and real worlds. It will enable a constant exchange of information, data, and decisions and empower industries to solve extraordinarily complex real-world problems digitally, changing how organizations operate and unlocking significant societal benefits.
• The digital twin is a core metaverse building block. These virtual models simulate real-world objects in detail. The next generation of digital twins will be photorealistic, physics-based, AI-enabled, and linked in metaverse ecosystems.
• The industrial metaverse will transform every industry. Currently existing digital twins illustrate the power and potential of the industrial metaverse to revolutionize design and engineering, testing, operations, and training.
Across social media, a number of creators are generating nostalgic photographs of China with the help of AI. Even though these images get some details wrong, they are realistic enough to trick and impress many of their followers.
The pictures look sophisticated in terms of definition, sharpness, saturation, and color tone. Their realism is partly down to a recent major update of image-making artificial-intelligence program Midjourney that was released in mid-March, which is better not only at generating human hands but also at simulating various photography styles.
It’s still relatively easy, even for untrained eyes, to tell that the photos are generated by an AI. But for some creators, their experiments are more about trying to recall a specific era in time than trying to trick their audience. Read the full story.
—Zeyi Yang
Zeyi’s story is from China Report, his weekly newsletter giving you the inside track on tech in China. Sign up to receive it in your inbox every Tuesday.
Read more of our reporting on AI-generated images:
+ These new tools let you see for yourself how biased AI image models are. Bias and stereotyping are still huge problems for systems like DALL-E 2 and Stable Diffusion, despite companies’ attempts to fix it. Read the full story.
