Schneider Electric enhances global
supply chain security with Yubico
Schneider Electric Energy Management—a global leader
Across the globe, the world runs on electricity. From electronic devices and wearables, to the various forms of transportation, to our places of residence and work, the entire world relies on ready access to power. As the leader in the digital transformation of energy management and automation, Schneider Electric’s company motto “Life is On” captures the modern world’s need to plug in.
Schneider Electric Energy Management, one of the two businesses of Schneider Electric, is built around providing safe and reliable products and power management systems for critical infrastructures. These include data-centers, large office buildings, hospitals, and oil and gas drilling operations, among others. From electrical parts that efficiently distribute power to highly complex turnkey energy management solutions, Schneider Electric is enabling sustainable and reliable energy across the globe.
YubiKeys enable systems operators to complete critical actions in power operations systems
Chad Lloyd is the Director of Cybersecurity Architecture for Energy Management at Schneider Electric. Lloyd initially served as a primary architect of a power operations or Supervisory Control and Data Acquisition (SCADA) system, which included secure design.
In 2016, Lloyd was tasked with a challenge to integrate Multi-Factor Authentication (MFA) on an isolated system—without the use of the Internet or traditional methods such as SMS. While attending Blackhat, a computer security conference, he first learned of Yubico and went home with a couple of YubiKeys in his pocket. He started testing their use in the power operation SCADA system. One benefit of YubiKeys is that they are not powered and are not required to connect to the internet.
Through Lloyd, Schneider Electric introduced YubiKeys in their power operation SCADA system to increase security with MFA. They have achieved several benefits with the introduction of modern MFA, as it enables their SCADA system to securely transition during shift change or when other key operations are necessary. For example, an operator is prompted to login into the system at various times by authenticating themselves with a personal YubiKey. This process allows an operator to come on shift, authenticate quickly, and be able to take actions when appropriate, without any system interruptions. MFA ensures only authenticated users can gain access to operate the system.
“As part of our IEC SL2 certification, we included MFA in our power operation system, well positioning us to meet SL3 requirements in the future. This is a point of differentiation for Schneider Electric.”
To proactively increase security within their supply chain, the company has taken advanced security steps to integrate with key suppliers. By leveraging Yubico technology, including the world’s smallest but powerful hardware security module (YubiHSM), the company ensures that part of the supply chain is secure.
Securing Schneider Electric’s global supply chain
Schneider Electric recently achieved a significant milestone, earning IEC-62443 SL2 certification for some of its products. Modern MFA through YubiKeys was part of the time-consuming process to achieve the certification even though MFA is only required for SL3 certification. “As part of our IEC SL2 certification, we included MFA in our power operation system, well positioning us to meet SL3 requirements in the future. This is a point of differentiation for Schneider Electric,” said Lloyd.
A second important effort that Lloyd helped drive was looking into proactively securing Schneider Electric’s global supply chain.
“Safety and security are paramount at Schneider Electric and are reflected in everything we do,” said Lloyd. The rigorous testing and manufacturing processes of all genuine Schneider Electric products ensures the safety and reliability the company is well known for. To proactively increase security within their supply chain, the company has taken advanced security steps to integrate with key suppliers.
By leveraging Yubico technology, including the world’s smallest but powerful hardware security module (YubiHSM), the company ensures that part of the supply chain is secure. “The YubiHSM was chosen due to the form factor. It was exactly what we were looking for, something that is self-contained and the YubiConnector allowed us to code our own libraries to integrate within our manufacturing process.”
To proactively protect its supply chain, Schneider Electric works closely with key vendors to create dual encryption as both the vendor and Schneider Electric have YubiHSM modules built into the manufacturing process. The process enables both to have confidence that products with the Schneider Electric brand are indeed authentic based on encrypted keys that are embedded by both companies during manufacturing. “Proactively securing our global supply chain was an important step as properly tested and approved products are counted on by our customers who buy and deploy them,” said Lloyd.
Schneider Electric’s relationship with Yubico has allowed the organization to continue innovating, supported by strong MFA, products, supply chain processes and proven compliance.
“Proactively securing our global supply chain was an important step as properly tested and approved products are counted on by our customers who buy and deploy them.”