As power grids become smarter, they also become more attractive targets for hackers and other security threats. How can utilities secure their grids to maintain privacy and reliability, and to prevent fraud and sabotage?
At the recent European Utility Week conference, Christian Wurhofer, CTO of Siemens Smart Grid, explained that cybersecurity and privacy protection are hot topics at utilities across Europe and elsewhere. This is due to the sharp increase in renewable energy integration, greater use of public communication networks, IT/OT convergence, the addition of substantially more sensors in the field, and consumers playing a more active role in the grid -- all of which are connected via IT infrastructure.
"These developments present more avenues for potential attacks," said Wurhofer. "Utilities need to become more advanced about protecting their infrastructure. And they need to set security priorities. There's always a tradeoff between risk reduction and investment."
Wurhofer's cybersecurity presentation covered several Siemens offerings to enhance smart grid security:
- Grid control with patch management.
- Secure substation with a WIB 2.0-certified solution, which includes organizational and process-relevant aspects.
- Access management solution for substations which includes NERC CIP compliance.
Smart grid cybersecurity can help prevent possible negative business impacts, such as misuse of administrative privileges (especially for SCADA systems), various types of fraud (such as falsified power market offers), and "tricking" grid operations into malfunctioning (by working on falsifying sensor data).
Substation security is a key focus area of Siemens Smart Grid. This includes security solutions for centralized user management and role-based access control, as well as advanced cybersecurity that is integrated into our product portfolio for enhanced encrypted communication security and secure remote firmware updates. Siemens also advises utilities on designing more secure substations, including recommendations for network components, malware protection, and other security controls that offer a certified solution.
Wurhofer emphasized the need to increase awareness among utilities about smart grid security, and also for vendors to continue to enhance the security of smart grid products and solutions. "We need to partner with our customers to address these challenges efficiently," he said.
Privacy protection is a topic closely linked with smart metering, and the audience at Wurhofer's presentation indicated a strong interest in this. Smart grid privacy protection can be enabled both by technology and by design -- a practice gaining traction with smart grid policy in Canada and elsewhere around the world.
Wurhofer observed that across Europe, cybersecurity is steadily gaining attention and becoming a higher priority. Increasingly it is considered essential for business continuity.
Read more at: Smart Grid Watch Blog