OSLO, Norway — DNV published new guidelines for power system companies planning to improve the cybersecurity of protection devices and digital technologies within substations.

Power system protection technologies are essential to maintaining the stability of a grid. They aim to isolate a faulty section of an electrical power system, leaving the rest of the live system to function acceptably without severe damage from the fault. DNV Recommended Practice DNV-RP-0575 Cyber security for power grid protection devices describes cyberattack surfaces relevant for substations, potential cyberthreats, and possible countermeasures for companies to consider.

National power grids are becoming increasingly network controlled. While this brings greater control and efficiency to transmission and distribution systems, it also exposes infrastructure to new cyberthreats. A high-profile attack on a series of Ukraine’s power grid substations in 2015 left a quarter of a million people without power and set a precedent for the vulnerabilities facing the world’s grids. By 2019, more than half of utilities had encountered a cyberattack, according to research by Siemens and the Ponemon Institute.

“Threats to the cybersecurity of power grid substations are becoming more common, complex, and creative,” said Trond Solberg, managing director of cybersecurity at DNV. “However, there is a lack of best practice guidance on how operators, manufacturers, and regulatory authorities can build an effective force of defense. DNV’s new recommended practice helps to fill that gap. Working in partnership with national transmission system operators in Norway, Sweden, and Finland, we have outlined 45 practical measures to secure power grid protection devices.”

Recommended Practice DNV-RP-0575 was published following a joint research project conducted by DNV and Nordic transmission system operators Fingrid, Statnett SF, and Svenska Kraftnät. It offers industry-reviewed guidance on planning and implementation of cybersecurity measures and controls in power system protection devices.

The measures outlined in the recommended practice cover people, processes, and technology. They apply to organizations involved in operating, managing, and securing protection devices and the digital technologies in substations. They are based on a comprehensive review of current EU and U.S. legislation, and a range of applicable standards and guidelines on cybersecurity of operational technologies. The recommended practice also discusses future substation infrastructure.

"DNV’s power grid engineering and cybersecurity specialists have teamed with some of the world’s most experienced transmission system operators to provide a practical set of guidelines to approach cybersecurity for substation protection devices in a structured manner,” said Kirsti Eikeland, cybersecurity consultant at DNV. Proposed countermeasures and suggestions for quick wins outlined in our recommended practice can support companies in prioritizing actions to strengthen their cybersecurity controls.”