Essen: Industry 4.0 is also confronting the energy sector with major challenges: Progressive digitalisation is lifting the lid on ever greater numbers of security vulnerabilities in the software and hardware of Internet-enabled products. Also missing in many instances are binding standards for information and communication technology. Calls for the introduction of an IT quality label show just how relevant the issue is. The information security management system (ISMS) due to have been put in place by all electricity and gas providers by 31 January 2018 is a start, but is not yet enough to guarantee comprehensive IT security in companies. With the exception of the IT Security Act for Critical Infrastructure (KRITIS), no binding legal foundations are in place. And yet, given its sensitive infrastructure, the ability to guarantee cyber-security in the energy sector is essential. At the E-world trade fair in Essen from 6 to 8 February 2018, experts will be discussing such issues as the current challenges facing IT security in the energy sector.
The response of the energy sector to digitalisation and the energy transition is an undertaking to put in place more efficient systems of energy provision and a more transparent billing model for consumers. It is in the light of these developments that intelligent measuring systems are being set up and consumer data transmitted in digital form to energy suppliers. Power plants are being networked. In a manner consistent with the move toward decentralised energy generation, plants are being pooled and controlled by a central control system like a single power plant. Cloud-based platforms offer an integrated view of customer relationships. Network stations are being digitalised to improve security of supply, and the structure of the networks and load management are being improved. However, this also entails a degree of risk: “The ever-closer convergence of the process and control technology used in plant operation with communications and information technology is giving rise to an enhanced threat of cyber-attacks,” says Ulf Theike, General Manager of TÜV NORD Systems.
Four pillars for enhanced IT security
The cyber-security experts from TÜV NORD have some specific ideas as to how comprehensive digital security can work in the energy sector. Dirk Kretzschmar, General Manager of TÜViT, a TÜV NORD GROUP company, recommends taking IT security into account right from the start of product development (security by design), presetting devices to the highest security standards and privacy levels across the board and quickly implementing all security updates. He also counsels the use of smart gateways to achieve the mandatory separation of networks, the separation of private and public data and the regulation of their transfer. In the future, hardware-based security anchors (secure elements) should be installed in all networked devices for the storage of sensitive data such as private keys.
From 6 to 8 February 2018, interested parties can visit the shared stand of TÜV NORD and TÜViT, 6-108, in the “Smart Energy” section of Hall 6 at the E-world trade fair in Essen to find out all about current developments in IT security and information security management and the certification thereof.
Über die TÜV NORD GROUP
Als anerkannter Technologie-Dienstleister stehen wir weltweit für Sicherheit und Vertrauen. Dabei haben wir die digitale Zukunft fest im Blick. Unabhängige Ingenieure und IT-Security-Fachleute bieten exzellente Lösungen für Sicherheit, Qualität und eine hervorragende Position im Wettbewerb. In mehr als 70 Ländern stärken wir Unternehmen und Partner bei der Wahrnehmung ihrer Verantwortung für Menschen, Technologie und Umwelt.