A smart grid is an upgraded electricity network with two-way digital communication between supplier and consumer.
The adoption of smart grids will change the distribution and control of energy for solar panels, small wind turbines, electric vehicles, etc. By making energy distribution more efficient, smart grids give clear benefits to users, electricity suppliers, grid operators, and society as a whole.
At the same time, their dependency on computer networks and Internet makes our society more vulnerable to cyber-attacks, with potentially devastating results. Therefore, to prepare for a successful roll-out of smart grids, a new ENISA study proposes 10 security recommendations for the public and private sector out of almost 100 findings.
key report recommendations include:
- The European Commission (EC) and the competent authorities of the Member States (MS) need to provide a clear, regulatory and policy framework on smart grid cyber security at the national and EU level, as this presently is missing.
- The EC, in collaboration with ENISA, the MS, and the private sector, should develop a minimum set of security measures based on existing standards and guidelines.
- Both the EC and the MS authorities should promote security certification schemes for the entire value chain of smart grids components, including organisational security.
- The MS authorities should involve Computer Emergency Response Teams to play an advisory role in power grids’ cyber security.
The Executive Director of ENISA, Professor Udo Helmbrecht, commented: “Our study shows that the two “separate worlds’ of the energy sector versus the IT security sector must be aligned on security for smart grids. We estimate that without taking cyber security into serious consideration, smart grids may evolve in an uncoordinated manner. I would therefore suggest that smart grids’ security be made part of the EU’s forthcoming Internet Security Strategy.”