Cybersecurity vulnerabilities have proven to be a real risk to the telecontrol of energy systems, with major repercussions for utilities in terms of reliability, continuity and efficiency of services and spillover even to end users. The IEC 62351 suite of standards specifies solutions that can be applied by design to electricity system systems and communications to counter or mitigate
cybersecurity threats. In particular, the major update of the standard IEC 62351-3 edition 2.0 (Ed. 2.0), which is being finalized and soon to be published, defines profiles for the widely used TLS security protocol suitable for the power sector.

The work undertaken in this three-year research project seeks to verify the impact on performance of the telecontrol communications protected by the specifications of this new edition of the standard, comparing it to the impact of previous editions. The implementation of IEC 62351-3 Ed 2.0 solutions requires more effort than in previous editions since the new features introduced mainly concern TLS version 1.3, which has been recently introduced and is not yet available in some middleware supporting the development of telecontrol software components. The architecture will be enriched by the communication security support services provided by IEC 62351 and in particular with those offered by PKI on the use and management and digital certificates.
The alternatives available for integrating this solution within libraries implementing the IEC 61850-8-1 (MMS) protocol were investigated, verifying support for TLS v1.3 in widely used open source middleware.

Technologies for time synchronization of devices were investigated, which will be essential for the evaluation of the impact of cybersecurity specifications on telecontrol performance; the most popular technologies used in the electricity sector were considered. When possible, cybersecurity solutions specific to time synchronization were analyzed, because this aspect is essential and impacts device security and the robustness of energy control applications against cyber-attacks. Scenarios were set up to test the performance of time synchronization in laboratory telecontrol architectures that revealed dependence on certain architectural and operational factors.

Finally, upgrades were made to the telecontrol communications test architecture implemented in the PCS-ResTest laboratory with the introduction of wireless communication solutions, which are now widespread and are expected to manifest variability and distinctive behaviors in performance.

The availability of this type of test environment is a highly innovative contribution to the deployment of secure communications while meeting the operational requirements characteristic of energy applications. The experience gained allows RSE to contribute to Italian industry regulations, requiring the application of standard cybersecurity solutions for the protection of energy infrastructures.