Article

Securing the energy systems of tomorrow

By: Anders Hansson, Security Advisor at Sectra Communications

As local, smaller energy systems are connected into larger decentralized clusters, they become attractive targets for cyberattacks. The ongoing energy transition and increased electrification of our society bring both new opportunities and new security risks. At the same time, the use of cloud services and digital technologies increases the security demands for businesses in the energy sector.

Promises and challenges of the energy transition

The energy transition, driven by the shift to renewable energy and increased electrification, aims to create a more sustainable and resilient energy system. With a higher share of solar, wind, and other renewable energy sources, we have a more diversified and flexible energy market. However, this transformation also comes with challenges, especially from a security perspective. As more actors, systems, and technologies are introduced, such as energy storage and aggregated energy systems, the potential attack surface for cyber threats also grows.

Increased electrification and its consequences for the power grid

The growing electrification, ranging from the transportation sector to industry, puts increased pressure on the power grid. At the same time, flexibility and balancing markets create new opportunities to manage demand variations. These markets open up for new and advanced solutions for control and monitoring of energy resources. The combination of a more interconnected infrastructure and increased digitization creates new attack vectors for potential adversaries.

New actors and responsibility structure

With the energy transition, new actors and roles also enter the market. Aggregators, responsible for gathering and optimizing demand and production, play a key role in future energy systems. However, their role also brings security questions. Who has the overall security responsibility when more parties and technologies are included in the ecosystem of the smart power grid? As multiple actors’ systems are interconnected, the exposure to cyber threats increases while the responsibility for system security risks becoming unclear.

Cloud services, AI, and regulatory requirements

The increasing use of cloud services for control and monitoring of energy systems increases the exposure to cyber threats. Critical systems that were previously relatively isolated are now interconnected and therefore more vulnerable. In this context, the EU’s new regulation on AI, the “EU AI Act,” becomes relevant. This legislation focuses on ensuring that AI systems used in critical infrastructure, such as the energy sector, meet specific security requirements.

The EU AI Act was decided on August 1, 2024, and will initially apply to high-risk AI systems, which applies for a period of six months from the date of the decision. High risk AI-systems include safety components in managing critical infrastructures like the smart grid. Failures in this system could disrupt societal and economical activities, and compromise the integrity of vital infrastructure. Safety components directly protect the integrity of the infrastructure. In the context of the smart grid the integrity can be measured by the frequency and power utilization.

Energy storage and energy communities — new opportunities and risks

Energy storage and local energy communities offer significant opportunities for grid balancing, peak load reduction and increased resilience in the energy system. However, these systems become attractive targets for cyberattacks, particularly as they often rely on automated control systems and increasingly common AI-based optimization.

Simulation of cyberattacks on energy sharing systems

The Vinnova project CyREC conducts important research in collaboration between Sectra, Linköping University, RISE, and Utvecklingsklustret Energi AB. The research focuses on analyzing and simulating cyberattacks on energy systems to highlight risks and vulnerabilities in order to develop more robust solutions. A reference model was developed by Sectra and Linköping University to analyze battery-based energy systems used for energy sharing and their vulnerability to cyberattacks. Here are some examples of attacks that were tested in a simulation environment against the reference model.

  • Time delay attack: This attack creates delays between frequency measurement and control commands, which can lead to oscillation and destabilization of the power grid.
  • False data injection attack: By manipulating sensor values, an attacker can cause system instability that is difficult to detect, potentially triggering critical disruptions.
  • Stealth false data injection attack: A subtle attack where sensor faults are gradually introduced, making it difficult to detect until it is too late and can force operators to shut down systems.
  • Replay attack: By recording and replaying data to control systems, significant frequency deviations can be generated. This was tested in simulations where 100 seconds of data were replayed during a critical time interval.

For these simulations, data from Svenska kraftnät, the authority responsible for ensuring that Sweden’s transmission system for electricity is safe, environmentally sound and cost-effective, from July 2023 was used, and the results demonstrated the need for improved cybersecurity to protect the stability and functionality of energy systems.

Frequency deviations in the power grid can have serious societal impacts and are therefore of interest to various threat actors. The consequences of frequency deviations vary depending on the equipment type, but in most cases, it leads to reduced efficiency, overheating, equipment damage, and significant risk of operational disruptions. In industrial environments, this can mean production interruptions and increased maintenance costs, while sensitive systems in healthcare and IT face more severe consequences like system crashes and data losses. Major frequency deviations in the power grid can potentially lead to extensive power outages and damage to vital infrastructure.

Strengthening security requirements for a sustainable future

The future energy system will rely on innovative technologies and include new actors, but it must also be protected against cybersecurity threats. Research within CyREC clearly shows that energy sharing systems and aggregators need robust defenses against cyber threats. The energy sector must be aware of these risks and work proactively to implement solutions that enhance security.

The energy transition is necessary, but its success depends on our ability to protect it, detect and mitigate cyber threats as early as possible. Sectra collaborates with leading researchers and experts to ensure that our Managed Detection and Response (MDR) services for security monitoring meet these challenges. Through our experience and research, we can help organizations build more secure systems and protect future energy systems from evolving cyber threats.

Do you want to talk OT-security with us? Let's get in touch!

We recognize and respect the importance of your privacy. By submitting this form, you agree to our Privacy policy >>

Oct 11, 2024Author: Anders Hansson, Security Advisor at Sectra Communications

Related reading

Browse all resources

Related products

Browse all products