Increased networking of systems, standardization of communication protocols and operating systems, driven by savings in infrastructure costs and increase in operations efficiency, make digitalized power grids more vulnerable to cyber-attacks.
But cyber security is not only a technical topic. Cyber security needs a comprehensive and holistic approach for the integration of systems. It needs well educated people, defined integration processes and a state-of-the art technology.
For substation automation systems, the realization of security functions is subject to a number of constraints like availability requirement, expected 24/7 operation without interruptions and or long life- time of components.
Considering these constraints, implementing these systems must be in line with the requirements of the international industrial security standards IEC 62443-2-4 and IEC 62443-3-3. All cyber security measures must follow basic cyber security design principles of defense-in-depth, the need-to-know principle and the holistic approach.
Analysis of technical customer requirements
Consideration of customer policies
Verification and validation in FAT (factory acceptance test) and SAT (site acceptance test)
Secure handover to the customer
Security services to keep the system up-to-date
This approach is also in line with national guidelines like BDEW Whitepaper (Bundesverband der Energie- und Wasserwirtschaft) in Germany or and NERC-CIP (North American Electric Reliability Corporation, Critical Infrastructure Protection) and supports the customer to meet local regulatory requirements.
Available and reliable at all times .
Secure products form the basis of a secure energy automation system and of an operation, free of interruptions.
Cyber security is an elementary component of our products and solutions.
We also focus on IT security in all other areas of the organization.
The results are a secure system architecture and implementation as well as ongoing cyber security tests.
Our holistic approach takes into account people, processes and technologies.
And closes the security gaps wherever they arise – since the weakest link in the chain determines how well you are secured.
We offer everything from a single source – from comprehensive consulting on products and systems to services – which enables us to implement customized solutions.