A smart grid threat landscape and good practices


Assessing cyber threats for smart grids is crucial for their protection and is therefore a key element in ensuring energy availability, the EU’s cyber security agency ENISA has signaled in a new report.

Part of the agency’s  ongoing work on smart grids – which has included a suggested minimum set of cybersecurity measures for smart grids – the report utilizes ENISA’s threat landscape to identify 76 specific threats to smart grid assets in 9 threat groups (Physical attack (deliberate/intentional); Unintentional damage (accidental); Disaster (natural, environmental); Damage/loss (IT assets); Failures/malfunction; Outages; Eavesdropping/interception/hijacking; Nefarious activity/abuse; Legal).

These cover mainly cybersecurity threats, i.e. threats applying to information and communication technology assets. However, some additional non-IT threats have been assumed in order to cover threats to physical assets that are necessary to operate the considered ICT assets.

Also identified are the assets that are threatened (based on the CEN-CENELEC-ETSI Smart Grid Reference Architecture), and the threat agents from whom the threats emerge.

“An understanding of the cyber threat landscape is indispensable for identifying which protection measures are necessary for smart grids,” said ENISA executive director Professor Udo Helmbrecht. “This report is the response to the urgent question of energy providers and stakeholders: It provides the tools to assess risk exposure of smart grid assets.”

Among the key conclusions identified are:

  • Consider external and internal threats – in cyber security, external cyber threats constitute the main source of external exposure
  • Decompose and classify smart grid elements being exposed to threats – from electrical assets like cables, switches, routers, sensors and information to software such as operating systems, services, hardware, infrastructure, and the persons operating the systems
  • Use available knowledge – reuse existing good practices after defining the desired level of protection
  • List the specific smart grids cyber threats and threat agents
  • Assess the vulnerabilities and risks in smart grids.

Finally, ENISA concludes that the threat exposure and risk assessment of a smart grid can only be done by the asset owner, who masters the complexity and interdependencies of the related smart grid infrastructure.

View the report HERE

By Jonathan Spencer Jones