Software defends against cyberattacks on energy grids

An EU-funded project is developing software designed to prevent, detect and act on cyberattacks on smart meters in big infrastructure installations, boosting the security of our power supplies.

Countries
Countries
  Algeria
  Argentina
  Australia
  Austria
  Bangladesh
  Belarus
  Belgium
  Benin
  Bolivia
  Bosnia and Herzegovina
  Brazil
  Bulgaria
  Burkina Faso
  Cambodia
  Cameroon
  Canada
  Cape Verde
  Chile
  China
  Colombia
  Costa Rica
  Croatia
  Cyprus
  Czechia
  Denmark
  Ecuador
  Egypt
  Estonia
  Ethiopia
  Faroe Islands
  Finland
  France
  French Polynesia
  Georgia

Countries
Countries
  Algeria
  Argentina
  Australia
  Austria
  Bangladesh
  Belarus
  Belgium
  Benin
  Bolivia
  Bosnia and Herzegovina
  Brazil
  Bulgaria
  Burkina Faso
  Cambodia
  Cameroon
  Canada
  Cape Verde
  Chile
  China
  Colombia
  Costa Rica
  Croatia
  Cyprus
  Czechia
  Denmark
  Ecuador
  Egypt
  Estonia
  Ethiopia
  Faroe Islands
  Finland
  France
  French Polynesia
  Georgia


  Infocentre

Published: 23 March 2020  
Related theme(s) and subtheme(s)
EnergyReliability of supply
Information society
Innovation
Research policyHorizon 2020
SMEs
Security
Countries involved in the project described in the article
Belgium  |  Finland  |  Germany  |  Greece  |  Ireland  |  Italy  |  Netherlands  |  Romania  |  Sweden
Add to PDF "basket"

Software defends against cyberattacks on energy grids

Image

© urbans78 #234658947 source: stock.adobe.com 2020

Europe’s power sector is in the midst of a major transformation. The era of the centralised, fossil-fuel power stations controlled by just a handful of operators is nearing its end; today, we are seeing the rise of decentralised renewable energy providers, consumers generating their own power, growing fleets of electric vehicles, and homes and businesses becoming increasingly connected to energy networks via smart meters.

Taking on the task of maintaining the cybersecurity of our power supplies is the EU-funded project SUCCESS. The project is developing digital security solutions for smart meters in critical infrastructures such as electricity grids that could also be used for water supply systems, hospitals and banking systems.

‘Due to the vital importance of the operations conducted by critical infrastructure, and because of their mutual interdependency, security concepts must be developed for all of them – they cannot take their cybersecurity for granted,’ says Fiona Williams, research director at Ericsson and SUCCESS project coordinator.

Vulnerable to attack

Digitalised infrastructure installations are vulnerable to a wide range of IT attacks. These can include ‘denial of service’ – during which perpetrators can make machines or network resources unavailable to users; ‘malware injection’ – which disrupts or exploits systems; and ‘man-in-the-middle’ attacks – when an attacker secretly intercepts and alters communications between users who believe they are talking directly to one another.

Another impact of a cyberattack is the cascade effect whereby a compromise in one system can lead to problems in another, even beyond national borders. An attack on a water-management centre, for example, could lower the water supply which in turn could result in a lack of cooling water in a power plant.

Through its work at three trial sites across Europe, SUCCESS has developed two-level, EU data-protection-compliant technology capable of detecting threats introduced via smart meters and deploying countermeasures that will significantly reduce the threat of cyberattacks when next-generation smart meters are rolled out.

Security solutions

In Terni, Italy, the project trial focused on a new generation of smart meters; in Ireland, it covered digitalised electric vehicle charging points; and in Romania, it explored connected decentralised energy systems, including photovoltaic power plants, wind power plants and small hydro power plants.

At the individual power infrastructure operator level, SUCCESS developed the Critical Infrastructure Security Operations Centre, CI-SOC. This technology monitors smart meter equipment and communications infrastructure to detect security incidents. CI-SOC then provides local power operators with technical countermeasures to mitigate both old and new threats.

The CI-SOC passes data and information to the second level: the pan-European network developed by SUCCESS, known as the Critical Infrastructure Security Analytics Network (CI-SAN). CI-SAN helps detect wide-scale, simultaneous attacks on many infrastructure sites across Europe. ‘Participating operators benefit from the scaled scope of detection which creates a security community for critical infrastructure operations,’ says Williams.

The project has also developed a next-generation, super-secure, real-time smart meter called NORM. This device communicates with CI-SOC on the detection of risks and uses ‘physically unclonable functions’ to make digital fingerprints that are unique to each device, enabling highly secure communications with the power operator.

In addition, SUCCESS has developed a new mobile communications network called the Breakout Gateway which works with next-generation 5G mobile systems and is capable of activating real-time countermeasures to cyberattacks. The project has also created a list of cyber threats to energy systems which improves on the two major risk taxonomies in both Europe and the US.

Project details

  • Project acronym: SUCCESS
  • Participants: Germany (Coordinator), Italy, Netherlands, Romania, Ireland, Sweden, Finland, Greece, Belgium
  • Project N°: 700416
  • Total costs: € 4 999 946
  • EU contribution: € 4 999 946
  • Duration: May 2016 to October 2018

See also

 

Convert article(s) to PDF

No article selected




loading
Print Version
Share this article
See also
Project details