by Alex Apostolov, Editor-in-Chief

Be Ready!

When we listen to the papers presented at different conferences around the world we hear several words being repeated over and over again - Smart Grid, Internet of Things, digital substations, wide area communications, IEC 61850.  And one issue being related to all of them - cybersecurity.

Be Ready!

More than ten years ago we dedicated for the first time a whole issue of the PAC World magazine to cyber security. A lot has happened during these ten years – IEC 61850 has gained acceptance at all corners of the world and you can walk into a digital substation at surprising locations; everything is becoming connected to a communications network and more and more tasks are being performed over the Internet.
It is obvious that today’s technology brings significant benefits because of the continuous exchange of information between Intelligent Electronic Devices (IEDs) and substation or other computers and applications. But this comes with a price – the communications may become the target of cyber-attacks.
Like with many other things in life, we have a choice - to get scared and run away from digital technology, or face the challenges and deal with them based on a good understanding of the threats and risks and the methods and tools available to use for protection.

The articles in this issue of the magazine are focused on this task - to help answer the many questions that are in front of us every day. It is clear that the electric power industry is the subject of attacks that are not going away and will increase.

So, what do we need to do?

Since we are protection, automation and control specialists, we need to think about the vulnerabilities of the different components of the PAC systems. We need to think what a hacker can do, how we can detect it and what we can do to deal with it.
For example, if an attacker is able to remotely change some settings in a multifunctional protection IED, this may result in protection operation and an outage. To reduce the chances for such an event, we need to implement Role Based Access Control, authentication and proper password protection.
Using weak passwords, responding to phishing e-mails, visiting suspicious web sites and other dangerous actions increase the vulnerability of the PAC system and should be avoided at any cost.

Another threat is an attack on a digital substation based on IEC 61850. If the hacker is able to copy, manipulate and publish some of the GOOSE messages available on the station bus, this may lead to undesired tripping of circuit breakers followed by equipment outages.
Understanding the principles of GOOSE communications and implementing continuous monitoring of the state and sequence numbers can help with intrusion detection. Depending on the level of sophistication of the attack, in many cases it will be possible to detect it and block the operation.
These are just two examples of the many possible attack scenarios. They demonstrate that the threats are real, but at the same time show that there are things we can do about them.
We just need to be aware of the dangers and be prepared to act when necessary. 

"There are only two types of companies:  
those that have been hacked and those that will be.
Even that is merging into one category:
those that have been hacked
and will be again."

Robert Mueller