When considering the challenges of encryption in OT networks, I can’t help but think back to the old days of lock-and-key security; you knew exactly what was protected and how to unlock it. But in today’s interconnected and increasingly encrypted world, things aren’t so simple —especially for those of us tasked with keeping critical infrastructure secure. That’s why I’m thrilled to share how Nozomi Networks is tackling this head-on with our innovative approach to decrypting R-GOOSE traffic in power systems. Let’s walk through why this is a game-changer for securing substation automation and beyond.
This work evolved from our participation in IEC TC 57 WG 15, a working group within the International Electrotechnical Commission formed to undertake cybersecurity standards for power system communication protocols used in energy management and power system automation.
Impact of Protocol Encryption on Deep Packet Inspection in OT
OT networks have historically been reluctant to adopt cryptography for protecting communications, access and data at rest. This hesitation was due to the additional computational overhead and reliance on the physical isolation of OT networks. However, this landscape is now changing. OT networks are becoming increasingly integrated with external networks, making them more exposed to cyber threats and necessitating the adoption of stronger security mechanisms, including cryptography.
At the same time, OT devices are becoming more powerful and better equipped to handle cryptographic operations. We’re also seeing the emergence of new secure versions of OT protocols, such as OPC-UA, Modbus Secure, BACnet Secure Connect, PROFINET Security Class and security extensions for IEC 61850, among others. These advancements are paving the way for enhanced security in OT environments.
However, with cryptography, particularly encryption, comes a new challenge: encryption reduces visibility not only for attackers but also for security teams. It can obscure potential threats and anomalies in encrypted traffic, complicating monitoring and response efforts. Addressing this challenge requires innovative solutions to ensure that encryption strengthens security without sacrificing critical visibility.
Deep packet inspection (DPI) has proven to be a powerful network monitoring technique, extending the scope of network and system monitoring via classic tools like SNMP and Syslog. In OT networks, DPI collects additional information about connected assets, communications and process telemetry that can be used for threat detection — important details that otherwise would not be available to OT operators or SOC analysts.
By scrambling the contents of data packets, however, encryption renders traditional DPI methods largely ineffective.
Network Monitoring with Decryption at Scale
For defenders to get the most out of both protocol encryption and DPI, a compromise needs to be found, ideally within the network monitoring solution itself. It must be able to access plain-text traffic to carry out its classic tasks and detect threats. And it needs to work at scale, without continuous human intervention. What if the existing monitoring solution itself were able to decrypt the traffic, by giving it access to the necessary encryption keys?
Decryption of R-GOOSE via a GDOI Key Exchange
In substation automation, GOOSE messages are used to carry measurements or trip signals among intelligent electronic devices (IEDs). A routed version, R-GOOSE, has been developed to transmit such signals across substations via public wide area networks, therefore requiring the communication to be encrypted. In a publish-subscribe multicast environment like the one GOOSE and R-GOOSE actors use, a possible solution to create and distribute keys is to introduce a key distribution center (KDC) for each actor to enroll in. The KDC implements a key exchange mechanism called Group Domain of Interpretation, or GDOI, as defined in IEC 62351-9, where every publisher gets and uses a group-based encryption key to publish, and subscribers get and use the same encryption key to decrypted subscribed messages.
In this context, the trusted network monitoring solution can enroll the multicast group as another subscriber, to be able to decrypt the communication.
Thanks to implementing an integration with a IEC 62351-9 GDOI KDC, Nozomi can analyze encrypted R-GOOSE communication and protect these power system automation networks in a scalable way.
