Security requirements standardised for distribution automation in Europe


Security requirements for distribution automation remote terminal units (RTUs) have been released by the ENCS and E.DSO.

The guidelines developed for Europe’s distribution system operators (DSOs) are aimed to provide a defined set of practical considerations for procuring secure RTUs for automation of the medium voltage grid.

Grid operators are increasingly automating their MV substations and lines with distribution automation to reliably integrate renewables and electric vehicles and to remotely control the grid to recover from power outages more quickly.

This automation increases the possible impact of cyber attacks. Many grid operators already have thousands of substations and lines automated. If attackers succeed in switching off power in a large part of those, it can take a lot of time to recover.

Related articles:
ENCS and E.DSO – cybersecurity baseline requirements
Cybersecurity incident response – best practices from the US

Making sure the distribution automation system is secure is hence critical.

The requirements from the European Network for Cyber Security (ENCS) and the European Distribution System Operators’ Association (E.DSO) comprise three parts, a security architecture for distribution automation systems (for members only), security requirements for procuring RTUs and a security test plan.

The scope includes RTUs for use in medium to low voltage transformer substations, medium voltage transport substations and automatic circuit recloser controllers applied to overhead distribution lines.

The security requirements for procurement address issues including access rights and authentication, measures for effective function cryptography, operational and communications security, system acquisition and maintenance, supplier relationships and fail-secure design.

The security test plan offers a standardised plan to evaluate RTUs against the security requirements. Three phases are envisaged, functional tests and a vulnerability assessment by the vendor, usually performed during development; a review of development processes and security design by the grid operator, usually performed during selection; and a penetration test by an external lab, usually performed after the RTU has been selected.

Network security guidelines

With these requirements grid operators can use them directly in their procurement documents. By standardising the test plan, grid operators may more easily share the test reports between them. RTU vendors also can use the test reports to show compliance in tenders.

“These requirements lay a strong foundation for an industry-wide set of recommendations,” says Roberto Zangrandi, secretary general of E.DSO. “This would be a huge step forward to ensuring security of critical European energy grids and infrastructure, which can only really be achieved through a collaborative effort between DSOs and cybersecurity experts.”

Anjos Nijk, managing director of ENCS, says that up until now, Europe has had disparate security requirements due to a scattered approach. “However, this work we are doing with E.DSO has allowed for a harmonised and synchronised set of requirements, which will enable manufacturers to implement security cost effectively.”

These new requirements are the third in a series of security guidelines for Europe’s energy networks from ENCS and E.DSO. Previous releases cover electric vehicle charging points and smart meters.