With a more networked architecture, cyber security is a paramount design requirement for digital solutions. In most instances, remote connectivity and cloud solutions are foundational components for advanced digital applications and the efficiencies they offer. However ABB says it is witnessing hesitation by some power generation operators to adopt networked digital technologies due to concerns around exposing their systems to cyberattack.
“Although there is plenty of excitement around positive impacts of digitalization such as gains from process optimization, reduced maintenance costs, and increased revenues from higher availability factors, within the power generation industry, there is still hesitancy to adopt more networked digital solutions. Simply put, for many generators, cyber security concerns and their potential to impact safety and availability outweigh the benefits of digitalization. The reality is that cyber risks of a more connected world can be managed. Trust is essential — a utility must allow the transfer, monitoring, and analysis of their data before realizing the benefits that result from big data insights,” said Susan Peterson-Sturm, ABB’s digital lead for Power and Water.
In response to these concerns and to complement its extensive cyber security portfolio of products and services, ABB has unveiled a six-pillar systematic approach to addressing cyber security among the power generation industry that illustrates how to apply the best practice learnings from system design through to retirement stages of power process equipment. It comprises:
- Identify – An organizations commitment to align to baseline security requirements, and then routinely measure themselves against those baseline requirements.
- Protect - The goal is to minimize unnecessary exposure to potential vulnerabilities.
- Detect - A proactive approach to threat and vulnerability management.
- Respond - It is likely that all power generation organizations will eventually experience a security incident. The impact of that event is largely determined by the strength of a company’s incident response capabilities.
- Recover – Power generation organizations must be able to back up and restore their systems to a near real-time position regardless of whether the event was caused by a cyber-attack, human error or physical failures. The key to managing an incident is how effectively an organization is able to recover.
- Comply – With regulatory compliance and training
ABB says that while technologies can be effective in spotting cyber threats and vulnerabilities, the key to best mitigating cyber risk or recovering quickly after an attack is to embed these six pillars in an organization’s behaviors and culture.
“When these concepts are implemented, utilities have more confidence in the security posture of their operations and services, knowing that they have the right checks, balances and behaviors in place to enable them to take best advantage of the latest networked digital solutions,” concludes Peterson-Sturm.