Recommendations for making European smart grids more secure


Udo Helmbrecht,
Executive Director,
Heraklion, Greece — (METERING.COM) — July 11, 2012 – More work needs to be done to address security issues around smart grids in Europe, according to the European Network and Information Security Agency (ENISA) in a new report.

The study, based on input from experts and desktop research, is aimed to provide useful and practical advice for the public and private sector to prepare for a successful rollout of smart grids.

Out of the more than 100 findings, 10 security recommendations are made:

  • Improve the regulatory and policy framework
  • Foster the creation of a public-private partnership (PPP) entity to coordinate smart grid cybersecurity initiatives
  • Foster awareness raising and training initiatives
  • Foster dissemination and knowledge sharing initiatives
  • Develop a minimum set of reference standards and guidelines
  • Promote the development of security certification schemes for products and organizational security
  • Foster the creation of test beds and security assessments
  • Refine strategies to coordinate large scale pan-European cyber incidents affecting power grids
  • Involve computer security incident response teams to play and advisory role in dealing with cyber security issues affecting power grids
  • Foster research in smart grid cyber security leveraging existing research programs.

“Our study shows that the two ‘separate worlds’ of the energy sector versus the IT security sector must be aligned on security for smart grids,” commented Udo Helmbrecht, executive director of ENISA. “We estimate that without taking cybersecurity into serious consideration, smart grids may evolve in an uncoordinated manner. I would therefore suggest that smart grids’ security be made part of the EU’s forthcoming Internet Security Strategy.”

ENISA concludes the report considering the recommendations as “effective, achievable and urgent.”