The energy infrastructure has been undergoing very rapid changes in recent years in order to increase the share of renewable energy sources such as wind and sun, which are by nature more distributed and variable. Managing the energy networks requires a continuously increasing degree of digitalisation. That is why, TCP/IP networks have become an very important component of today´s (digital) substations. Additionally, with an increasingly digitised energy system cybersecurity has become of paramount importance and a concern for all, with an increasing number of incidents in recent times. Aspecto offers several services in the area of networking and cyber security tailor made for the needs of the electrical energy sector. The combination of the knowhow of Senior IT Networking Engineers with our Senior Substation Engineers is unique in the market and is required to meet today’s challenges in our industry. We are providing the following networking services:
Network design incl. equipment definition, considering performance requirements
Installation and configuration of networking equipment like switches, routers, firewalls
Commissioning of networking equipment like switches, routers, firewalls
We are offering the following cyber security services and are allowing our customers to bridge the gap between IT and electrical engineering.
Vulnerability assessment services help to define, identify, classify and address weaknesses across substations and network control centers. Integrating specialist scanning tools and experienced security professionals, it provides the advanced level of support needed to address core vulnerabilities. After the assessment is done, a detailed assessment report is drawn up.
Penetration testing (pentesting) is the process of assessing computer systems, networks and applications to identify and address security vulnerabilities that could be exploited by cybercriminals. The penetration testing can be done during the FAT and/or SAT stage.
Detect & Respond
We provide the essential support needed to overcome a cyber-breach. Our experienced experts are skilled at mitigating the damaging effects of attacks, investigating how they propagate and providing swift, clear remediation advice.
Cyber Security Solution Development & Implementation
We will develop solutions to ensure the system is more secure. Together with our client, we will develop solutions to ensure the system is more secure. We have partnered with leading OEMs and cyber security solution providers and as an independent provider, we are able to find the best solution for each client’s needs. Upon agreement we can implement the recommendations to the system. As we are substation automation field experts ourselves, we are happy and competent to implement the changes in the field.
Some of the goals of implementing cyber security measures in the electrical energy industry ar mentioned bellow. The objective of any specific cybersecurity framework is to provide mitigation in-depth. A typical applied cyber-environment at the energy system uses many different threat mitigation technologies to be able to minimize the success of a cyberattack at multiple levels. A number of cybersecurity frameworks and guidelines are applied in energy systems worldwide.
Maintaining continuity of essential services and operations
Reducing cyber risks across the energy supply chain
Building cyber resilience into antiquated network infrastructure
Managing risks posed by Internet of Things devices like smart meters
Balancing continuous digitisation and interconnectivity with security
Demonstrating security commitments in line with new national and international regulations (see bellow some of the important standards)
Preventing and eliminating ransomware attacks
IEC 62351 on “Information Security for Power System Control Operations” provides a set of documents describing best-practise technologies for implementing selected security solutions in power systems. The document series is not providing a taxonomy for mitigations but recommendations how to implement recommended security systems.
ISO 27019 on “Information security for process control in the energy industry” (based on ISO 27001)
IEC 62443 is a series of standards and reports on cybersecurity for Industrial Automation and Control Systems (IACS)
The European Union Agency for Network and Information Security (ENISA) developed specific security measures for smart grids. The document provides a set of minimum-security measures for smart grids which enhance the minimum level of the addressed cybersecurity services. Though ENISA is not only focusing on energy, the related guidelines and reports are still very much relevant for the energy sector and cover the monitoring of information sharing, and guidance on industrial control systems.
The National Institute of Standards and Technology (NIST) is a non-regulatory federal agency within the US Department of Commerce. NISTIR 7628 is a specific NIST guideline for cybersecurity of IT/OT systems in smart grids. The guideline describes an approach to identify cybersecurity aspects for classified system interfaces and to map and adapt specific security requirements / mitigation measures.
NIST SP 800-53
NIST provides a generic cybersecurity framework applicable to various sectors. It consists of five concurrent and continuous functions: Identify, Protect, Detect, Respond, and Recover. These functions are a high-level summary of the lifecycle of cybersecurity risk management. Each core element is developed to identify associated key categories and subcategories for each function. For each subcategory, there are associated standards, guidelines, and practices.
NIST Framework for Improving Critical Infrastructure Cybersecurity
The NIST CIC Framework focuses on using business drivers to guide cybersecurity activities and considering cybersecurity risks as part of the organisation’s risk management processes. It can be used in any domain and is independent. The framework consists of mostly three parts: (I) Framework Core, (II) Framework Profile, and (III) Framework Implementation.
The Electricity Subsector Cybersecurity Capability Maturity Model (ES-C2M2) was developed as a tool to enhance the security and reliability of the electrical grid. The ES-C2M2 evaluation is designed to assist organisations in identifying specific areas of competency to strengthen their cybersecurity program, prioritise cybersecurity actions and investments, and maintain the desired level of security throughout the IT/OT systems life cycle.
The Critical Infrastructure Protection (CIP) standards from the North American Electric Reliability Corporation (NERC) was established by the electric utility industry in the US and Canada, as well as Mexico through a Memorandum of understanding. The CIP lifecycle approach is segmented into six areas of activity: Analysis and Assessment, Remediation, Indications and Warnings, Mitigation, Incident Response and Reconstitution.
BDEW and Oesterreichs Energie
Whitepaper from 2011 and its recent update in 2018, which is widely used by German utilities and manufacturers of power system equipment, provides a selected subset of ISO 27002 / ISO 27019.
UK NCSC Guidelines
The National Cyber Security Centre in UK provides an exhaustive collection of guidance documents addressing generic cyber security recommendations, regular and current threat intelligence analyses as well as specific guidance for selected industrial sectors. The documents span the complete risk management and security process.