The paper titled “Cybersecurity In the Loop for Multi-Energy Infrastructures,” by Project Leader Giovanna Dondossola, and Roberta Terruggia and Mauro Giuseppe Todeschini from the RSE Transmission and Distribution Technologies Department, was selected by the Study Committee D2 as the best paper presented at the latest edition of CIGRE.

To provide more details, energy infrastructures are evolving towards systems where various energy vectors (electricity, heat, gas, hydrogen) cooperate to ensure efficient and sustainable energy services. The MISSION project – “Multivector Integrated Smart Systems and Intelligent Microgrids for Accelerating the Energy Transition,” within the MISSION Innovation Smart Grid program, aims to study, explore, and test the potential and role of multi-vector microgrids and smart energy in supporting the energy transition.

Smart grids are being extended to connect Distributed Energy Resources (DER) even in large geographical areas and to provide auxiliary services to the system, improving the use of different energy vectors, including renewable energy sources from non-programmable sources. Digitalization plays a crucial role in developing these infrastructures, which require new communication, monitoring, and control functionalities.

The resilience of advanced cyber-physical control systems for multi-vector energy networks is closely linked to the ability of ICT infrastructure to prevent and manage in real-time the effects of cybersecurity threats affecting communications and components. The availability of cyber-physical infrastructures for field validation of the effectiveness of cybersecurity technical measures is essential for the technological development required by the energy transition.

This paper presents the design of the “CIL – Cybersecurity In the Loop” demonstrator, which aims to leverage the best available cybersecurity technologies in control devices within the RSE Test Facility’s digital architectures.

Both preventive and defensive cybersecurity measures are included in the CIL architecture by design, through the implementation of data encryption and communication authentication supported by a Public Key Infrastructure management system, as well as defensive measures necessary to mitigate residual risks based on ICT monitoring and anomaly detection functions.

The article describes the selection of security measures that can be implemented in infrastructures, highlighting the key hardware and software components supporting the cybersecurity functionalities of CIL.

It then illustrates the design of the extended architecture with preventive and defensive security measures and explains the main solutions. Regarding preventive measures, the document focuses on devices supporting IEC 61850 communications protected by IEC 62351 profiles.

Additionally, the design addresses the functions and architecture of a Public Key Infrastructure responsible for managing the lifecycle of keys and digital certificates. For defensive security, the paper presents a platform for collecting relevant cybersecurity information and events and the implementation of a centralized SIEM (Security Information and Event Management) system for the RSE test facilities.

The SIEM system is equipped with advanced security monitoring features, anomaly detection using Artificial Intelligence and Machine Learning techniques, and the management of cybersecurity incidents. The CIL demonstrator will allow testing and validating the resilience capabilities of ICT infrastructure by simulating attack processes in operational scenarios of the RSE Test Facility.