Cybersecurity vulnerabilities are a real threat to digital technologies and electricity system services; they put at risk both the privacy of users and utilities and the reliability, continuity and efficiency of services. The IEC 62351 security standards specify solutions that can be applied to electricity telecontrol systems and communications to counter or mitigate cybersecurity threats.

The work described in the report concerns the development of a software platform designed to verify the performance of the communication security solutions provided for in the IEC 62351 standards. Specifically, for IEC 61850 communications via TCP/IP, the standards require the use of authenticated and encrypted connections to convey measurements, parameters and control commands.

The software platform designed implements monitoring, command and control communications in accordance with the IEC 61850 standard between an electrical station and the distributed resources; these communications are secured through the TLS (Transport Layer Security) protocol, which uses cryptographic techniques in accordance with the specifications of the IEC 62351 standard. The standard provides alternatives and parameters that system integrators must adjust to the operating scenario.

The platform provides for the calculation of relevant Key Performance Indicators (KPIs) to evaluate the performance of the different alternatives available to the developer and the system integrator, so that they can verify that the application requirements are met. KPIs refer, for example, to increased communication latencies or to the communication bandwidth required by the security functions. In the reference period, the development of functionalities initiated in the previous period was completed using open source libraries/frameworks. In particular, support for multiple concurrent communications and set point processing was finalized. The developed platform was integrated into the pre-existing laboratory demonstration environment, which was already equipped with simulation and visualization functions for electrical values.

During the reference period, a simplified platform for telecontrol communications based on the IEC 60870-5-104 protocol was also created with similar purposes; several test sessions were conducted in the laboratory environment to calculate KPIs relating to the impact of the security measures provided for by the IEC 62351 standard. The results obtained were analyzed on the basis of the technologies and solutions adopted, obtaining plausible interpretations and confirmations regarding the effectiveness of the cybersecurity solutions.

The availability of this type of test environments constitutes a highly innovative contribution to the deployment of standard secure communications, in compliance with the operational requirements typical of energy applications.

The document is available on the site in Italian