German government on IT security of energy system


At the beginning of August 2020, the German government received a so-called “Kleine Anfrage” (minor enquiry) from an opposition faction on the state of IT security of energy supply. In accordance with German parliamentary practice, such minor enquiries are answered in writing and in public by the Federal Government. The recently published written reply of 16 pages is of interest not only to German TSOs but also to European colleagues, as it covers national levels as well as the entire European interconnected grid.

Ultimately, the issue is the probability of a supra-regional blackout (not only for electricity, but for the entire energy supply). Does the progressing digitisation and automation result in an increased likelihood of energy supply failures? The attack surface of suppliers and grid operators surely has been expanded and the critical components of the digital energy system may be considered targets of cybercriminals or foreign states. In other words, the government had to deal with scenarios like in Marc Elsberg’s novel “Blackout”, which is supposed to be immensely popular in TSO circles (some will remember that the bestselling author was also one of the speakers at ElSeC 2017).

To start with, the Federal Government’s assessment is reassuring. Its statement is based on statistics for 2018 and 2019 from the German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik). According to these statistics, external parties were able to penetrate the IT networks of German suppliers three times in 2018. In 2019, suppliers were the target of unauthorised access twice. None of the reported attacks led to interruptions in the energy supply. The government attributes this partly to the certified Smart Meter Gateway, a communication unit with integrated security module which is used to secure critical infrastructures – and successively also in the areas relevant to the energy transition.

According to the Federal Government, long-lasting supra-regional power failures are extremely rare. Regarding the national or the entire European interconnected grid, it has never been at risk and it is assumed that blackouts are extremely unlikely. However, a concrete probability cannot be stated. But even in the very unlikely event of a blackout, at least nationwide, the grid operators would ensure a rapid return of electricity supply through their grid restoration strategies. For this purpose, special power plants are kept in reserve which can start up without any external supply of electrical energy and which can reactivate power grids.

The German Federal Government has commented on the state of IT security of energy supply (illustration using a picture from ENTSO-E)

> Open Reply of the Federal Government, in German (pdf, 321.7kB)

See article on single page

DEFENDER workshop hosted by Eles


The European project DEFENDER for the protection of Critical Energy Infrastructures (CEI) comprises 18 partners from the entire spectrum of the energy industry as well as research institutions, public authorities, consulting companies, engineering offices, or software developers. The consortium’s only transmission system operator (TSO) is TSCNET shareholder ELES from Slovenia. On 18 September, Eles hosted a DEFENDER workshop in which experts from the Jožef Stefan Institute, Slovenia’s largest research institution, the Institute of Corporate Security Studies (ICS) Ljubljana, and the German RWTH Aachen University discussed possible threats to transmission and communication systems.

Representatives of the RWTH introduced their tools and methods for emergency response. Part of the presentation was the CPSS Co-Simulator, the main purpose of which is to analyse cyber, physical and human impacts and threats on the critical energy infrastructure, identify the most likely attack on the vulnerable parts of the network, and the possible consequences of such an attack. Eles in turn presented the topology of its transmission and telecommunications network. In the second phase of the DEFENDER project, the RWTH experts are expected to provide concrete analyses of critical points in the Slovenian TSO network that could pose serious risks to the overall system.

ELES hosted a DEFENDER project workshop on threats to and defence of transmission and communication systems (picture: ELES)

> See ELES press release (html)
> Visit DEFENDER website (html)

See article on single page

KfW new minority shareholder of 50Hertz


In a press statement, TSCNET shareholder 50Hertz, one of the four German transmission system operators (TSOs), welcomes the German KfW Bankengruppe as new minority shareholder. The KfW is a development bank under public law and has acquired 20% of shares in Eurogrid International SCRL, the holding company of 50Hertz, on behalf of the German Federal Government (a so called “mandated transaction”). This means that the shareholder rights are exercised by the German Federal Government. The transaction was made possible by the majority shareholder of 50Hertz, Elia System Operator SA, which holds 80% of shares and has taken over the remaining 20% from the IFM Global Infrastructure Fund for immediate resale to the KfW.

Boris Schucht, CEO at 50Hertz, explicitly thanks Elia as well as IFM for their constructive support and reliable partnership. With regard to the TSO’s path towards a successful energy transition, Mr Schucht appreciates the new shareholder: “The entry of the KfW as a minority shareholder of 50Hertz underlines the elementary importance of the transmission system as part of our country’s critical infrastructure. We welcome this commitment, which in our view is also a strong signal for the energy transition.”

KfW Head Office Frankfurt am Main, Germany, outdoor shot Westarkade (source: KfW Photo Archiv / Rüdiger Nehmzow)

> See 50Hertz press release (html)

See article on single page

Responses to cyber-physical network threats


The European project DEFENDER on critical energy infrastructure (CEI) protection brings together 18 partners covering the entire spectrum of the energy sector, as well as research institutions, authorities, consultancies, engineering companies or software developers. DEFENDER’s strategic challenge is to protect the existing CEI and to design a new generation of a more resilient and self-healing infrastructure capable of surviving severe accidents and attacks, be they physical or cyber-based. The project is mainly funded by the EU Horizon 2020 programme.

The sole transmission system operator (TSO) of the consortium is TSCNET shareholder ELES from Slovenia, who has just announced that DEFENDER is fully on schedule. Currently, ELES and its partners are preparing the scenarios for the pilot projects that focus on the early detection and prediction of existing hazards. These are mainly caused by network intrusion. The subsequent phase of the project is dedicated to the DEFENDER Security Framework for appropriate management of various types of security threats.

> See ELES press release (html)
> Visit DEFENDER website (html, with access to workshop registration)

Picture: Screenshot of video “Flying Hunter” showing a conceptual hunting drone prototype (DFSL – Smart Security Systems, YouTube)

See article on single page