Cybersecurity in the electric power system
According to the EU legislation, critical infrastructure refers to assets and systems that are essential for the well-being of the citizens. The disruption of these systems would have a significant impact on maintaining the safety and security of the citizens, their health, economic and social activities. Electricity transmission systems are considered critical because their operation directly impacts all the above-mentioned functions. Furthermore, disruptions in interconnected transmission systems may affect more than one country, thus increasing the consequences and costs to the system and to society.
The successful cyber-attacks in power systems have multi-fold effects. The disruption of the essential service that power utilities deliver is the first and most significant effect, having in mind the interdependencies with other services. The financial effects of undelivered electricity and potential equipment damage may be significant, depending on the spatial effect of the incident and the targeted systems.
As the transmission networks are interconnected, a cyber-attack on one system can have a cascading effect and spread on neighboring systems. The rising sense of insecurity and panic is the underlying element of many cyber-attacks, but the effect of cyber-attacks on power systems is even greater as a huge number of people may be affected.
The secure and reliable operation of transmission systems relies on legacy systems and new technologies. The existing electricity infrastructure is combined with sophisticated control systems and intelligent components with bi-directional communication capabilities to ensure the secure and reliable operation of the transmission systems. The evolving cybersecurity threats require the implementation of adequate protection measures that should reflect the multi-actor environment of contemporary power systems.
To counteract the cybersecurity risks, the Transmission System Operators (TSOs) should apply consistent cybersecurity policies on the company level. The policy should be based on risk management procedures and regular revisions, ensuring that vulnerabilities are detected, and adequate protection measures are in place.
While this approach is recognized as acceptable and effective for the CROSSBOW TSOs, it is still not a regular practice in the whole region, as was already observed and discussed within the project.
South-East Europe into the EU cybersecurity strategy
South-East Europe is the East EU border from cyberattacks on the European electric system. The inclusion of the region into the EU cybersecurity strategy will have a major impact on protecting this EU border from cyberattacks on the European electric system, which is key to guarantee the interregional energy supply and avoid the propagation of system failures and malicious actions that could affect the entire European grid.
Overview of the current cybersecurity issues in power systems by CROSSBOW
The analyses and discussions held within the CROSSBOW ecosystem on the electric sector cybersecurity, show the significance of consistent implementation of cybersecurity measures on all levels – starting from development and implementation of cybersecurity policy on the company level, streamlining the activities on the national level, and strengthening cybersecurity cooperation on EU level.
Aiming to bridge this gap, CROSSBOW’s consortium has elaborated a report which synthesizes the regulatory framework, prescribes the obligations of the actors in the electricity sector, and proposes a cybersecurity framework on the TSO level. The review of standards, guidelines, and practices, as well as experiences from past incidents on the wider energy sector, serve to develop recommendations that are applicable for the TSOs.