Cyber Security in Power Plants

Compliant Security of Control Systems

Cyber ​​attacks pose a major challenge for the operational reliability of decentralized power plants in critical infrastructures. Many power plants and industrial plants are not armed for dealing with malware targeted on industrial automation and control systems (IACS).

Especially PLC, HMI and SCADA systems are vulnerable targets as cyber attacks on such systems could lead to a massive disruption in operation or even outage of the entire power plant. These direct impacts on the power supply often come along with economic losses as well as loss of reputation and trust.

International standards and regulations provide guidelines for effective cyber security in plant operation and create secure, CRITIS-compliant environments for manufacturers, integrators and operators.

As a specialist for power plant control systems, Kuhse is your competent partner for “cyber secure“ and CRITIS-compliant control solutions. Whether consulting, production, commissioning or service - we offer all services from a single source.
 

Challenges

Increasing complexity in the field of IT security due to

  • digitization of Industrial Automation & Control Systems (IACS), including control systems for decentralized power generation systems
  • rapidly growing technologies for Industry 4.0
  • increasing interconnectivity between industrial data networks (OT) and enterprise data networks (IT)
     

Interconnectivity

  • Protection of previously isolated areas and network zones against possibilities of cyber attacks
  • Increasing number of vulnerabilities in industrial control systems (IACS), of which 20% is related to the energy sector
  • Application of IT security concepts on the OT environment under considera-
    tion of disparate priorities:
    • IT:    data and information protection
    • OT:    reliability and availability as well as a long life span

Standards and Certifications

International standards and Cyber Security programs are based on global best IT practices and technologies for the development and integration of secure and CRITIS-compliant systems.

EU Cyber Security Act:

Establishment of a secure, cyber security-compliant environment (for manufacturers, integrators and asset owners / operators) concerning Industry 4.0 products and systems

IEC 62443:

Rules and guidelines for mandatory security in OT environments (for manufacturers, integrators and asset owners / operators)

IT- Security Law 2.0:

The 2nd German Security Act to increase the security of IT systems for the protection of the federal administration, critical infrastructures and companies of public interest.

Spectrum of Technical Measures for Integrators

Depending on their needs, we support our customers in selecting and implementing the relevant technical measures for their application:

Architecture and Design

  • Determination of a suitable network architecture & needed network devices
  • Limitation of physical access
  • Hardening of software and services; Strengthening of hardware

Access Management

  • Administration of user accounts 
  • Limitation of access permissions
  • Remote access management 

Event & Protection Management

  • Event Management
  • Management of security Tools and anti-malware solutions
  • Protection mechanisms & procedures 

How can we support you?

Kuhse as a System Integrator

Daten laufen in einem Zahnrad zusammen

In the cyber security standard IEC 62443, tasks and services for the different roles are predefined. 
Kuhse as a System Provider and Integrator of “cyber secure“ industrial control systems for decentralized power generation applications is responsible for

  • the professional cyber security engineering of the control system (according to architecture and design)
  • the integration of the control system into the decentralized power generation plant regarding cyber security aspects.

Kuhse as a Service Partner

Servicemitarbeiter und Zahnrad

In the role of a Service Partner for integrators and asset owners resp. operators of decentralized power generation applications Kuhse takes care of 

  • professional extended maintenance of our industrial control systems to ensure continuously cyber- secure operation
  • supporting the owner‘s service personnel in case of cyber attacks and other according violations.

Kuhse as a Consultant

Puzzle

As a Consultant for integrators and asset owners resp. operators of decentralized power generation applications Kuhse supports through

  • the introduction of the technical and organizational cyber security standards
  • the determination and implementation of necessary technical and organizational measures

Our Cyber Security Solutions for Power Plants at a glance:

KUHSE CYBER SECURITY PREMIUM PACKAGE

for Power Generation Plants with extended cyber security requirements

Technical Measures

  • Network architecture & enhanced network security by means of suitable segmentation
  • Central management of user accounts, access and permissions
  • User authentication via two-factor-authentication
  • Minimizing the physical and logical accessibility and thus points for potential attacks
  • Hardening and strengthening of the control system (hardware, software, services)
  • Logging of logins, login attempts and respective violations
  • Backup / restore and disaster recovery tools and procedures

Service Measures

  • Process manual for operation, maintenance and dealing with cyber attacks
  • Training of the owner‘s operators and service personnel
  • Repeating tests for ensuring the effectiveness of technical measures and implemented procedures
  • Updates for network security devices, relevant control system components and implemented security tools (after verification) (patching, anti-malware, application whitelisting, digital certificates)

KUHSE CYBER SECURITY BASIC PACKAGE

for Power Generation Plants with basic cyber security requirements

Technical Measures

  • Network architecture & basic network security by means of suitable segmentation
  • Management of user group accounts, accesses and permissions
  • User authentication via two-factor-authentication
  • Limitation of physical and logical accessibility and thus points of potential attacks
  • Hardening of network & security devices, relevant control system & maintenance devices
  • Logging of logins and login attempts
  • System backup after delivery and commissioning

Service Maßnahmen

  • Process manual for operation and maintenance
  • Regular manual updates of security mechanisms (as an option)
  • Regular check of effectiveness of the security measures (as an option)
  • Training of the owner‘s operators and service personnel (as an option)

Download more information:

Your contact

Oliver Land
Sales Manager

+49 160 951 93 747

Kuhse News

We would be pleased to inform you about current products and developments from our company with our topic-specific newsletters.