The NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) and Siemens Smart Infrastructure have signed a Memorandum of Understanding (MoU) to continue cooperation on cybersecurity for critical infrastructure.
The annual high-level cyber defence exercise, Locked Shields, provides a key pillar to jointly build up defence capabilities. With the new agreement, the parties advance their existing cooperation on cybersecurity training for power grids.
In experimenting with grid control software Spectrum Power, Siemens gains valuable insights on the potential attack vectors and can thoroughly test new security features or protocols for its products and solutions.
The way grids are operated and managed has changed fundamentally in the last years with the integration of more renewable and decentralised energy sources. The need for network optimisation, the interaction between prosumers, and the number of new market participants have all significantly increased. With information and communication technology penetrating transmission and distribution networks, the growing interconnections create more vectors for potential attacks on digital energy grids. Consequently, cybersecurity is a top priority for power system operators and government bodies.
NATO CCDCOE has organised Locked Shields annually since 2010 with the intention of training cyber response teams to defend against massive cyberattacks. Siemens has teamed-up with NATO CCDCOE since 2017 to include power grid scenarios into the defence exercise. These help to meet complex energy grid scenarios with control centres and substations which are interconnected and interdependent.
In the exercise, the defenders have to set the defence lines of a complex infrastructure including various systems and applications that should withstand massive cyber-attacks executed by a large group of hackers. Keeping the lights on while performing threat hunting, reporting attacks and recovering the system are some of the challenging tasks the cybersecurity experts learn to deal with in this exercise. Locked Shields is an opportunity to learn through exercise, training and cooperation within the field of defence cyber operations.
Robert Klaffus, CEO of Siemens Digital Grid commented: “Power grids and everything connected to them forms the backbone of modern societies and are therefore attractive targets for hackers. The learning and experience with the Locked Shields exercise are essential to securing and protecting power grids. With the advanced cooperation with NATO CCDCOE, Siemens can gain valuable insights into new forms of attacks and how to address evolving cybersecurity challenges in digital energy grids. These insights are applied to further development of our portfolio.”
One example of testing new features as part of this cooperation is the open standard communication protocol OPC UA PUB/SUB, which is applied to many IoT-applications.
Colonel Jaak Tarien, Director of the NATO CCDCOE said: “Our long-term cooperation with Siemens in training the cyber experts to protect critical infrastructure in general and power grids, in particular, has been a major asset for the NATO CCDCOE technical cyber defence exercises.
“With the aim to reinforce the interaction amongst different cyber defence stakeholders, to deepen co-operation and exchange of best practices, this agreement takes our cooperation to a new level. Our societies rely on strong and resilient critical infrastructure. Accordingly, there is a real value in our partnership to advance cybersecurity together with the key industry partners,” said Tarien.