New ENISA study: 10 recommendations for making European smart grids safer

Back to News

New ENISA report on how to make smart grids and their roll out a success, for more efficient and safer energy consumption.

A smart grid is an upgraded electricity network with two-way digital
communication between supplier and consumer. The adoption of smart grids will dramatically change the distribution and control of energy for solar panels, small wind turbines, electric vehicles, etc. By making energy distribution more efficient, smart grids give clear benefits to users, electricity suppliers, grid operators, and society as a whole. At the same time, their dependency on computer networks and Internet makes our society more vulnerable to cyber-attacks, with potentially devastating results. Therefore, to prepare for a successful roll-out of smart grids, this study proposes 10 security recommendations for the public and private sector out of almost 100 findings.


Some key report recommendations include:

  • The European Commission (EC) and the
    competent authorities of the Member States (MS) need to provide a clear, regulatory and policy framework on smart grid cyber security at the national and EU level, as this presently is missing.
  • The EC, in collaboration with ENISA, the MS,
    and the private sector, should
    develop a minimum set of security measures based on existing standards and guidelines.
  • Both the EC and the MS authorities should
    promote security certification schemes for the entire value chain of smart grids components, including organisational security.
  • The MS authorities should involve Computer
    Emergency Response Teams to play an advisory role in power grids’ cyber security.

The Executive Director of ENISA, Professor Udo Helmbrecht, commented;

Our study shows that the two ‘separate worlds’ of the energy sector versus the IT security sector must be aligned on security for smart grids. We estimate that without taking cyber security into serious consideration, smart grids may evolve in an uncoordinated manner. I would therefore suggest that smart grids’ security be made part of the EU’s forthcoming Internet Security Strategy.”

Cyber security aspects of smart grids

Smart grids give rise to new information security challenges for electricity networks. Information systems’ vulnerabilities may be exploited for financial or political motivation in cyber-attacks to shut off power plants. In 2009, US officials recognised that cyber spies had hacked into the US electricity grid (Source: DowJones/The Wall Street Journal). Software and hardware for the smart grid infrastructure are thus high risk targets. Therefore, reducing barriers to information sharing is vital for the success of smart grids.

Full report

Background:

EU Smart Grids Communication

EU Critical Information Infrastructure Protection- CIIP Communication

European Commission initiative on smart cities



For interviews:
Ulf Bergstrom, Spokesman, ENISA, press@enisa.europa.eu,
Mobile: + 30 6948 460 143, or Konstantinos Moulinos, Smart Grids Project Manager, ENISA, Konstantinos.Moulinos@enisa.europa.eu