Blockchain for Supply Chain Cybersecurity, Optimization and Compliance

Abstract

The U.S. power grid is a complex system of systems that requires a trustworthy, reliable, and secure global supply chain. A formidable challenge considering the increasing number of networked industrial control systems (ICS) and energy delivery systems (EDS) and growing number of intermediary distributors, vendors and integrators involved. Grid modernization has increased the use of “smart” energy devices that automate, digitize, network, and bring together the cyber-physical energy supply chain. In the current Energy Internet of Things (EIoT) environment, the growth of data speed and size requirements as well as the number of critical cyber assets has generated new North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) compliance requirements and cyber supply chain security challenges for vendors, regulators, and utilities. The issuance of Order No. 829 by the Federal Energy Regulatory Commission (FERC) instructed the North American Electric Reliability Corporation (NERC) to confront cybersecurity supply chain risk management for ICS software and hardware, as well as the networking and computing services associated with Bulk Electric System (BES) operations. To meet these goals, current technology and processes must be improved to better identify, monitor, and audit vulnerable EIoT environments. This paper examines how blockchain technology can enable NERC CIP compliance as well as aid in the security of the BES supply chain through an immutable cryptographically signed distributed ledger that allows for improved data security, provenance and auditability.