Cybersecurity vulnerabilities have proven to be a real risk for the digital technologies that now govern the remote control of energy systems; they put both users and utilities at risk with regards to the reliability, continuity, and efficiency of services, with significant repercussions from an economic point of view. The IEC 62351 security standards specify solutions that can be applied to energy remote control systems and communications to counter or mitigate cybersecurity threats.
The work described in this report concerns the use of a software platform implemented internally at RSE and installed in the PCS-ResTest laboratory which deals with monitoring, command, and control communications between an electrical station and multiple distributed resources according to the IEC 61850 standard; these communications are secured according to the specifications of the IEC 62351-3 and IEC 62351-4 standards regarding the security profiles to be activated in the TLS (Transport Layer Security) protocol, which relies on cryptographic techniques and digital certificates for confidentiality, integrity, and communications authentication. The standard provides alternatives that system integrators must adapt to the operational scenario; the tool developed and the performance tests conducted highlight how the different possibilities determine even significant performance differences requiring appropriate design and operational choices.
The platform calculates appropriate Key Performance Indicators (KPIs) for evaluating the performance of different security profiles so as to support the system integrator in choosing solutions that satisfy performance, as well as architectural and functional requirements. The identified KPIs essentially consist of latency measurements at different moments of the remote control communication; it has been verified that different security profile parameters have a different impact in the different communication phases. Knowing and evaluating the impact at different moments of communication and on the basis of different architectural choices generally allows adapting remote control procedures to minimize performance degradation while at the same time maximizing architecture security and robustness.
In the reference period, the development of functions to support encryption with algorithms based on elliptic curves was integrated, which are the subject of discussion and current evaluation within WG 15 of TC 57 of the IEC which draws up the specifications of the IEC 62351 standards.
New features were also introduced for logging significant events relating to cybersecurity, which are being standardized using the consolidated syslog protocol.
A series of test scenarios were also set up aimed at verifying both the weight of the individual safety parameters specified in the standards and the relative behavior of the different profiles considered. The influences of external but inevitable factors such as processing systems, virtualization tools, and communication solutions, which are essential for remote control activities, were also verified. Tools similar to the one developed in the three-year period of research and the tests carried out during the reference period also provide support for the application of the IEC 62351 standard, both at
a national level (e.g., in the CEI 0-16 standard for the protection of data exchange with active users connected to medium voltage networks) and at an international level. The availability of this type of test environments is a highly innovative contribution to the deployment of standard secure communications, in compliance with the operational requirements characteristic of energy applications.