Cyber security vulnerabilities are a real threat to digital technologies and electricity system services. They put at risk the privacy of users and utilities as well as the reliability, continuity and efficiency of services. Fortunately, cyber security protection technologies, if properly used, can guarantee adequate levels of security for systems, infrastructure and information. IEC 62351 standards specify security solutions that can be applied at multiple levels and indicate some of the risks that these solutions prevent.

The work described in the report concerns the design and initial development of a software platform aimed at verifying the performance of communication security solutions provided for in IEC 62351 standards. In particular, for IEC 61850 communications over TCP/IP transport, the standards provide for the use of authenticated and encrypted connections for sending measures, parameters and control commands.

The designed software platform implements monitoring, command and control communications between an electrical station and a generic distributed energy resource; these communications, as required by the IEC 62351 standard, are secured through the TLS (Transport Layer Security) protocol that uses cryptographic techniques. The standard provides alternatives and parameters that designers must evaluate in order to create a safe and efficient system.

The platform allows designers and system integrators to evaluate through appropriate indicators (KPI) the performances of the different alternatives available to them, so that they can check whether design specifications are met. The KPIs concern, for example, the increase in communication latencies or the communication bandwidth required by the security functions.

During the reporting period, the platform design was completed and the software development activity started using support libraries/frameworks. The designed architecture is modular in order to improve robustness and maintainability and allow for future extensions. The libraries selected for the implementation are open-source and aimed at the creation of modular, efficient and scalable systems. Currently, working prototypes of the core communication modules have already been implemented. The test platform will be integrated into the pre-existing laboratory demonstration environment already equipped with simulation and visualization capabilities, in order to support the development of resilience scenarios in the presence of cyber attacks on energy control applications.

The availability of this type of test environment represents a highly innovative contribution to the deployment of standard secure communications, in compliance with the operational requirements typical of energy applications.