Security Services Platform for Smart Grid Infrastructures

Spanish Ministry of Economy and Competitiveness (TIN2013-41739-R)
Duration: 01/01/2014 to 21/12/2016

Project Overview: 

Due to the use of SCADA systems in public networks for long range monitoring, and their adaptation to new technologies, such as cloud computing, the number of risks, vulnerabilities and data leakage are dramatically increasing. For this reason, the expansion towards Smart Grids requires solving important security problems ranging from the control systems (SCADA systems) to substations and AMIs, and it in addition makes necessary to consider a wide number of security issues at a low cost. These issues can easily range from very elementary problems, such as availability and data integrity of the energy consumption data, to the most advanced ones, such as stealth attacks to substations. Also, topics of protection against non-authorised access to digital resources (information belonging to the SCADA -- alarms, measurements or commands -- or consumer's data) that are part of the Smart Grid likewise have to be considered.

Given this, it is clear that the PERSIST project focuses on the provision of a secure interconnection platform based on a set of "Security Services", specifically designed for protecting the interconnection of, at least, the critical infrastructures that are part of a Smart Grid, such as the central monitoring systems, substations and AMIs.

For the development of this platform, NICS is in charge of the specification, design and development of the required security services including prevention, warning, and response to threats services through communication networks to the substations, as well as services that prevent from misuse of privileged information at the AMIs by the field operators and the unsuitable explotation of the power grid. NICS is completely convinced that the PERSIST platform will guarantee economical savings as well as it will avoid potential problems that might arise in the case that such services were directly integrated into the already installed systems, and which configuration is complex.