Cybersecurity vulnerabilities are a real risk for the telecontrol of energy systems, with important repercussions on utilities regarding the reliability, continuity and efficiency of services and putting end users’ services at risk.

The work of this three-year research period aims to verify the impact on the performance of telecontrol communications protected by the specifications of IEC 62351-3 Ed 2.0 , also comparing it to the impact of the previous editions. The implementation of the IEC 62351-3 Ed 2.0 requires a greater effort than previous editions as the upgrade mainly concern version 1.3 of TLS v1.3, recently introduced and not yet available in some middleware which support the development of the telecontrol software.

We investigated the alternatives available for integrating this solution into middleware implementations of the IEC 61850-8-1 (MMS) protocol, verifying support for TLS v1.3 in widely used open source middleware.

We investigated the alternatives available to integrate this solution into middleware implementations of the IEC 61850-8-1 (MMS) protocol, verifying support for TLS v1.3 in widely used open source middleware ; OpenSSL and GnuTLS tools were identified as appropriate.

The architecture designed for the performance impact measurement platform and related support services were illustrated, which pertain the management of the life cycle of digital certificates and the management of the logging of events that have occurred.

Technologies for the time synchronization of devices have been investigated, which are essential for assessing the impact of cybersecurity specifications on telecontrol performance; the most widespread and used technologies in the electro-energetic sector have been taken into consideration. Specific cybersecurity solutions for time synchronization have been analyzed, because of their impact on the security of the devices and on the robustness of energy control applications against cyberattacks. Scenarios have been set up to verify the performance of time synchronization in our laboratory, replicating telecontrol architectures, which have highlighted the dependence on architectural and operational factors.

Finally, updates have been carried out to the test architecture of telecontrol communications implemented in the PCS-ResTest laboratory of RSE with the introduction of wireless communication solutions, which are expected to show significant variability and peculiarities in terms of performance.

The availability of this type of test environments constitutes a highly innovative contribution to the deployment of secure communications, in compliance with the operational requirements of the power system applications. The experience which has been gained enables RSE to contribute to the Italian sector normative, by requiring the application of standard cybersecurity solutions for the protection of energy infrastructures.

The Report is available on the Italian site