APTP Articles

Cyber Security for Electricity Utilities: Where to Begin?

In 2017, every minute, there were more than 500,000 attempts to attack targets in cyberspace.[1] Fast forward to 2021, and it seems these attempts have started landing. From the raiding of data from company email servers[2] to the shutdown of 45% of the US fuel pipeline [3], infrastructure is emerging as a profitable target for adverse actors.

Digitisation trends of infrastructure networks may provide benefits for maintenance and operations, but they also introduce risk for opportunists and sophisticated cyber criminals to attack power systems.

In the past, power systems protection and control technology was developed with little concern for cybersecurity[4], [5]. Traditional SCADA control telecommunications infrastructure was isolated from the general public, and security scrutiny remained entirely on preventing internal threats.

Today, new control and automation equipment is leveraging our global learnings of the internet, transitioning to using the Internet Protocol (IP) stack as the primary means of communications. There are many advantages in doing this, provided that vendors adopt the same IT network management standards that are currently used in securing traditional business computing assets. 

Cybersecurity is a specialist discipline in IT, but in this article our aim is to build understanding of these concepts for electrical engineers. We review the current state of cybersecurity implementation in electricity distribution networks: the core threats and relevant engineering standards. The goal is to provide electrical engineering practitioners and managers with a roadmap to raise the bar for would-be assailants, and to maintain the reliability of electricity for our communities we serve.

Technical Overview and Threat Management

Cybersecurity Defined

As defined by the CISA, Cybersecurity is the art of protecting networks, devices and data from unauthorised access or criminal use, and the practice of ensuring confidentiality, integrity and availability of information [6]. 

Confidentiality ensures that information is only available to authorised parties. Integrity ensures that this information cannot be modified or forged. And the availability is the assurance that assets, data or information are ready for service when called upon.

By Martin van der Linde, BE, BBusMgt, MIEAust. General Manager - Marketing NOJA Power