idw – Informationsdienst Wissenschaft

Nachrichten, Termine, Experten

Grafik: idw-Logo
Grafik: idw-Logo

idw - Informationsdienst
Wissenschaft

Science Video Project
idw-Abo

idw-News App:

AppStore

Google Play Store



Instanz:
Teilen: 
19.09.2022 16:16

Lights on or off? Cyber security and resilience of power grids make the difference

Anne Rindt Wissenschaftskommunikation
Fraunhofer-Institut für Kommunikation, Informationsverarbeitung und Ergonomie FKIE

    Large-scale and prolonged power outages, waste piling up as waste disposal ceases to function, disruptions to water or gas supplies – successful cyber attacks on critical infrastructures, especially the power grid, can have serious consequences. Holistically conceived cyber security is necessary to prevent such scenarios. As part of the Fraunhofer Center for Digital Energy, Fraunhofer FKIE is working with partners to increase IT security and make the sector resilient to attacks.

    Despite the high security standards in Europe and especially in Germany, electricity grids are among the most vulnerable of infrastructures – mainly a consequence of increasing digitalisation. For example, the increased use of renewable energy has led to micro-generators, and requires increased electromobility to quickly respond to imbalances in supply and demand, leading to stronger simultaneity effects. Moreover, electricity generation is geographically decoupled from consumption, as energy is generated by wind power in the north, while consumption also takes place in the south.

    High vulnerability

    Although Germany in particular has a very well-developed electricity grid, bottlenecks occur as a consequence because the necessary grid expansion does not take place fast enough. In order to better utilise the power grids and make use of existing reserves, close coordination and digitalisation between operators is necessary. In addition, processes that were previously carried out manually will no longer be possible without IT support in the future. This opens up further possibilities for attackers from cyberspace to attack and disrupt electricity grids.

    High-value targets KRITIS

    In addition, critical infrastructures are high-value targets. It is not without reason that the European NIS-2 directive is intended to expand the regulations with regard to cyber security for KRITIS operators. At the same time, the Federal Office for Information Security (BSI) forsees an increased threat situation as a result of the war in Ukraine. The consequences of a power supply failure can be particularly serious, as other KRITIS areas such as communication, water supply and food production depend on it.
    Holistic security

    The Fraunhofer Institutes FKIE and FIT as well as RWTH Aachen University have therefore joined forces in the Fraunhofer Center for Digital Energy to investigate the challenges of the digitalisation of energy supply in an interdisciplinary manner and to develop customised solutions. The energy engineers and IT specialists work hand in hand to increase security and make the sector more resilient to attacks.

    The focus of the Fraunhofer FKIE is on cyber security. For example, it is developing concrete implementations of various existing approaches, such as analysis using fuzzing, in which software and hardware are deliberately confronted with manipulated inputs in order to provoke errors. Another analysis approach examines device firmware used in energy technology. The technical basis for the analyses is the "Firmware Analysis and Comparison Tool" (FACT) developed by Fraunhofer FKIE, which has already been used in the past to identify significant defects in other classes of devices. This helps device operators to better assess risks and accelerate update processes. Manufacturers are supported by a process to close any vulnerabilities.

    Integration into energy systems is important

    Furthermore, Fraunhofer FKIE is committed to ensuring that cyber security is considered and taken into account from the very beginning when developing new, innovative measures for the power grid. This security-by-design approach was discussed together with the power grid operators within the research project "Innovations in system management until 2030" (InnoSys 2030) and now forms the basis for the secure implementation of the innovative measures.

    Furthermore, the aim is to detect cyber attacks as early as possible. Classic intrusion detection (IDS) or security incident and event management (SIEM) systems are not sufficient in the case of power grids. Rather, they must be integrated into the power engineering processes. Often this represents the last line of defence and can make the difference between the lights staying on or going out.


    Wissenschaftliche Ansprechpartner:

    Prof. Dr. Elmar Padilla

    Head of Department "Cyber Analysis & Defense"
    Fraunhofer FKIE

    Mail: elmar.padilla@fkie.fraunhofer.de


    Weitere Informationen:

    https://www.fkie.fraunhofer.de/en/press-releases/cyber-security-for-kritis.html


    Bilder

    Lights on or off? Cyber security and resilience of power grids make the difference.
    Lights on or off? Cyber security and resilience of power grids make the difference.

    123RF / Yuliufu


    Merkmale dieser Pressemitteilung:
    Journalisten, Wirtschaftsvertreter, Wissenschaftler
    Elektrotechnik, Energie, Informationstechnik, Wirtschaft
    überregional
    Forschungs- / Wissenstransfer, Forschungsprojekte
    Englisch


     

    Hilfe

    Die Suche / Erweiterte Suche im idw-Archiv
    Verknüpfungen

    Sie können Suchbegriffe mit und, oder und / oder nicht verknüpfen, z. B. Philo nicht logie.

    Klammern

    Verknüpfungen können Sie mit Klammern voneinander trennen, z. B. (Philo nicht logie) oder (Psycho und logie).

    Wortgruppen

    Zusammenhängende Worte werden als Wortgruppe gesucht, wenn Sie sie in Anführungsstriche setzen, z. B. „Bundesrepublik Deutschland“.

    Auswahlkriterien

    Die Erweiterte Suche können Sie auch nutzen, ohne Suchbegriffe einzugeben. Sie orientiert sich dann an den Kriterien, die Sie ausgewählt haben (z. B. nach dem Land oder dem Sachgebiet).

    Haben Sie in einer Kategorie kein Kriterium ausgewählt, wird die gesamte Kategorie durchsucht (z.B. alle Sachgebiete oder alle Länder).