Wednesday 20/11/2019

Bookmark and Share
 
 
Daily News
  PandCT RSS Daily News feed
Secure communication in the energy industry

16 October 2019

Back in 2017, headlines reported that hackers had shut down monitoring systems for oil and gas pipelines across the United States. Alarmingly, insecure third-party systems in SCADA platforms were to blame. How can the energy industry prevent further attacks like this? Jürgen Resch, Energy Industry Manager at COPA-DATA, explains the importance of end-to-end secure communications in the energy sector and the need for the IEC 62351 standard.

When things go wrong

Unfortunately, the attacks on oil and gas pipelines case isn’t a rare example. The following year, cybercriminals also gained access to the United Kingdom's electricity system. The group phished its way into energy systems using a phony word document CV for a man called ‘Jacob Morrison’. Once infiltrated, the group took screenshots of the system, leading experts to believe the hackers were spying to learn how every aspect of the system works.

Attacks like this continue to be a huge concern for the energy sector, particularly if the hacker manipulates data. For example, a cybercriminal could hack a business’s energy controller and change the threshold values of a reaction, or worse. They could maliciously lower the perceived voltage measurement of an energy customer, so the controller thinks the voltage is lower than what it really is. The controller would then increase the voltage at the customer site, exceeding tolerances and destroying power supplies.
Where there is high risk, there needs to be high levels of protection.

Time for change

Many of the energy meters, switches and controls in power plants and substations were designed years ago and as such, only have basic password protection. Criminals know this, so the industry needs to react.
Despite such high-profile attacks, energy security is a shockingly new topic for many in the sector. Even when LAN based technologies such as IEC 60870-5-104 or DNP3 TCP came into play in the late 1990s, concerns about data hacks or data protection were not prevalent.

Today, these older communication protocols are out of date and must be retrofitted with security features that can prevent modern security threats.
To make security even more challenging, the energy grid is no longer confined to its physical structure. The ever-developing smart grid takes energy systems into the cyber-physical world. With data sent trough and stored in the cloud, energy data could become even more vulnerable if security standards are not updated.

Enter, IEC 62351

IEC 62351 is the current standard for security in energy management systems and the exchange of energy-related data. It focuses on the major requirements for secure data communication and processing, including confidentiality, data integrity and authentication.

The arrival of the IEC 62351 filled a huge void for energy security, bringing the existing non-secure communication protocols up to speed. The standard was defined by the IEC TC 57, the technical committee responsible for the development of standards for information exchange.

By applying the IEC 62351 security standard to protocols 60870-5-101/-104, DNP3 and IEC 61850 among others, it is possible to achieve end-to-end security for energy data systems. The standard series dictates the need for encryption and access control through authentication and authorization. For example, Transport Layer Security (TLS) encryption is defined by IEC 62351-3.

However, applying IEC 62351 is not a one-time task. Once implemented, the security mechanisms need to be maintained and updated continuously, in line with changing security threats.

Building readiness

Engineers can now create energy automation applications in accordance with IEC 62351, using the zenon software platform for energy automation. COPA-DATA is continuously implementing the standard step by step in its software platform zenon, and it is already possible to harden the communication by TLS.

Improved security doesn’t change the user experience of the fully secured zenon application, although additional password changes and certificate renewal will be required — a small price to pay for optimal security.

For more information, please contact:

COPA-DATA UK Ltd
15th Floor Brunel House
2 Fitzalan Road
Cardiff CF24 0EB
Tel:   +44 (0) 29 2032 9175
Email: sales@copadata.co.uk
Web:   www.copadata.com
PandCT.com are not responsible for the content of submitted or externally produced articles and images.
Click here to email PandCT about any errors or omissions contained within this article.
     
Send this page
To send this page to a colleague or friend,
fill in the email addresses below...
Your email address
Their email address:
Page to be sent: shownews.asp?ID=54518

Company gateway pages
for COPA-DATA UK Ltd:
FREE Information on the products in this article
To request more information,
fill in your email address below.
Your email address
 
     
Bookmark and Share
Product categories: Accelerometers | Actuators | Agitators | Analysers | Bearings | Compressors | Controllers | Conveyors | Drives | Enclosures | Flowmeters | Heat Exchangers | Motors | Pumps | Relays | Sensors | Transducers | Transmitters | Valves | Weighing
(c) Copyright 1999-2019 Process and Control Today Ltd  |  Reg. no 3733110  |  Email Editor  |  Email Webmaster  |  Sitemap  |  Privacy Policy