Software defends against cyberattacks on energy grids
An EU-funded project is developing software designed to prevent, detect and act on cyberattacks on smart meters in big infrastructure installations, boosting the security of our power supplies.
© urbans78 #234658947 source: stock.adobe.com 2020
Europes power sector is in the midst of a major transformation. The era of the centralised, fossil-fuel power stations controlled by just a handful of operators is nearing its end; today, we are seeing the rise of decentralised renewable energy providers, consumers generating their own power, growing fleets of electric vehicles, and homes and businesses becoming increasingly connected to energy networks via smart meters.
Taking on the task of maintaining the cybersecurity of our power supplies is the EU-funded project SUCCESS. The project is developing digital security solutions for smart meters in critical infrastructures such as electricity grids that could also be used for water supply systems, hospitals and banking systems.
Due to the vital importance of the operations conducted by critical infrastructure, and because of their mutual interdependency, security concepts must be developed for all of them they cannot take their cybersecurity for granted, says Fiona Williams, research director at Ericsson and SUCCESS project coordinator.
Vulnerable to attack
Digitalised infrastructure installations are vulnerable to a wide range of IT attacks. These can include denial of service during which perpetrators can make machines or network resources unavailable to users; malware injection which disrupts or exploits systems; and man-in-the-middle attacks when an attacker secretly intercepts and alters communications between users who believe they are talking directly to one another.
Another impact of a cyberattack is the cascade effect whereby a compromise in one system can lead to problems in another, even beyond national borders. An attack on a water-management centre, for example, could lower the water supply which in turn could result in a lack of cooling water in a power plant.
Through its work at three trial sites across Europe, SUCCESS has developed two-level, EU data-protection-compliant technology capable of detecting threats introduced via smart meters and deploying countermeasures that will significantly reduce the threat of cyberattacks when next-generation smart meters are rolled out.
In Terni, Italy, the project trial focused on a new generation of smart meters; in Ireland, it covered digitalised electric vehicle charging points; and in Romania, it explored connected decentralised energy systems, including photovoltaic power plants, wind power plants and small hydro power plants.
At the individual power infrastructure operator level, SUCCESS developed the Critical Infrastructure Security Operations Centre, CI-SOC. This technology monitors smart meter equipment and communications infrastructure to detect security incidents. CI-SOC then provides local power operators with technical countermeasures to mitigate both old and new threats.
The CI-SOC passes data and information to the second level: the pan-European network developed by SUCCESS, known as the Critical Infrastructure Security Analytics Network (CI-SAN). CI-SAN helps detect wide-scale, simultaneous attacks on many infrastructure sites across Europe. Participating operators benefit from the scaled scope of detection which creates a security community for critical infrastructure operations, says Williams.
The project has also developed a next-generation, super-secure, real-time smart meter called NORM. This device communicates with CI-SOC on the detection of risks and uses physically unclonable functions to make digital fingerprints that are unique to each device, enabling highly secure communications with the power operator.
In addition, SUCCESS has developed a new mobile communications network called the Breakout Gateway which works with next-generation 5G mobile systems and is capable of activating real-time countermeasures to cyberattacks. The project has also created a list of cyber threats to energy systems which improves on the two major risk taxonomies in both Europe and the US.