Lights on or off? Cyber security and resilience of power grids make the difference

Large-scale and prolonged power outages, waste piling up as waste disposal ceases to function, disruptions to water or gas supplies – successful cyber attacks on critical infrastructures, especially the power grid, can have serious consequences. Holistically conceived cyber security is necessary to prevent such scenarios. As part of the Fraunhofer Center for Digital Energy, Fraunhofer FKIE is working with partners to increase IT security and make the sector resilient to attacks.

Despite the high security standards in Europe and especially in Germany, electricity grids are among the most vulnerable of infrastructures – mainly a consequence  of increasing digitalisation. For example, the increased use of renewable energy has led to micro-generators, and requires increased electromobility to quickly respond to imbalances in supply and demand, leading to stronger simultaneity effects. Moreover, electricity generation is geographically decoupled from consumption, as energy is generated by wind power in the north, while consumption also takes place in the south.

High vulnerability

Although Germany in particular has a very well-developed electricity grid, bottlenecks occur as a consequence because the necessary grid expansion does not take place fast enough. In order to better utilise the power grids and make use of existing reserves, close coordination and digitalisation between operators is necessary. In addition, processes that were previously carried out manually will no longer be possible without IT support in the future. This opens up further possibilities for attackers from cyberspace to attack and disrupt electricity grids.

High-value targets KRITIS

In addition, critical infrastructures are high-value targets. It is not without reason that the European NIS-2 directive is intended to expand the regulations with regard to cyber security for KRITIS operators. At the same time, the Federal Office for Information Security (BSI) forsees an increased threat situation as a result of the war in Ukraine. The consequences of a power supply failure can be particularly serious, as other KRITIS areas such as communication, water supply and food production depend on it.

Holistic security

The Fraunhofer Institutes FKIE and FIT as well as RWTH Aachen University have therefore joined forces in the Fraunhofer Center for Digital Energy to investigate the challenges of the digitalisation of energy supply in an interdisciplinary manner and to develop customised solutions. The energy engineers and IT specialists work hand in hand to increase security and make the sector more resilient  to attacks.

The focus of the Fraunhofer FKIE is on cyber security. For example, it is developing concrete implementations of various existing approaches, such as analysis using fuzzing, in which software and hardware are deliberately confronted with manipulated inputs in order to provoke errors. Another analysis approach examines device firmware used in energy technology. The technical basis for the analyses is the »Firmware Analysis and Comparison Tool« (FACT) developed by Fraunhofer FKIE, which has already been used in the past to identify significant defects in other classes of devices. This helps device operators to better assess risks and accelerate update processes. Manufacturers are supported by a process to close any vulnerabilities.

Integration into energy systems is important

Furthermore, Fraunhofer FKIE is committed to ensuring that cyber security is considered and taken into account from the very beginning when developing new, innovative measures for the power grid. This security-by-design approach was discussed together with the power grid operators within the research project »Innovations in system management until 2030« (InnoSys 2030) and now forms the basis for the secure implementation of the innovative measures.

Furthermore, the aim is to detect cyber attacks as early as possible. Classic intrusion detection (IDS) or security incident and event management (SIEM) systems are not sufficient in the case of power grids. Rather, they must be integrated into the power engineering processes. Often this represents the last line of defence and can make the difference between the lights staying on or going out.