SG2 – Energy Infrastructure Security

SG2

The importance of energy security and energy infrastructure security cannot be overstated. It is among the most serious security, economic and environmental challenges today and is expected to continue to be such in the future.

Critical energy infrastructures provide the fuel that keeps the global economy moving and our societies working. The disruption or destruction of these infrastructures would have a serious impact on the health, safety, security and economic well-being of individuals and the world as a whole.
Critical energy infrastructures include: electricity generation, transmission and distribution systems, oil and gas production and pipeline systems, liquefi ed natural gas facilities.
Secure and reliable operation of the electricity system is fundamental to economy and quality of life. Their very interconnectedness makes them more vulnerable to global disruption, initiated locally by material failure, natural calamities, intentional attack, or human error. Security of cyber and communication networks is fundamental to the reliable operation of the electricity grid. As electricity systems rely more heavily on computerized communications and control, system security has become increasingly dependent on protecting the integrity of the associated information systems. Part of the problem is that existing control systems, which were originally designed for use with proprietary, standalone communication networks, were later connected to the Internet (because of its productivity advantages and lower costs), but without adding the technology needed to make them secure. This issue is increasing of importance with the introduction and implementation of Smart Grids.

In a constantly evolving landscape of threats to the oil and gas industry, the role of security operations must continuously adapt to meet changing economic, geo-political, and criminal and homeland-security challenges.
Security issues are related to both offshore and onshore oil and gas arising out of civil unrest, terrorist activities, and competitive global market. The focus shall be on the key elements of using a variety of intrusion detection technologies to detect vibrations and sound, infrared and microwave barriers, CCTV for motion detection and access control. Also, the implementation of security operations centres for data protection, events correlation, issuing warnings and what is required to ensure robust perimeter security and surveillance, maritime and cyber security is very relevant.
Liquefied natural gas (LNG) facilities are receiving a great deal of public attention due to their increasingly important role in the nation’s energy infrastructure and their potential vulnerability to terrorist attack. The physical infrastructure of LNG consists of interconnected transportation and storage facilities, each with distinct physical characteristics affecting operational risks and security needs. Security challenges impacts on the three major elements of this infrastructure: tanker ships, marine terminals, and storage facilities. LNG tankers and land-based facilities are vulnerable to terrorism. Tankers may be physically attacked in a variety of ways to destroy their cargo–or commandeered for use as weapons against coastal targets. Land-based LNG facilities may also be physically attacked with explosives or through other means. Alternatively, computer control systems may be “cyber-attacked” or still worse both physical and cyber attack may happen at the same time.

Several Energy Infrastructures are also subject to the EPCIP Directive 2008/114 of December 8th, 2008 on the identifi cation and designation of European critical infrastructures and the assessment of the need to improve their protection. The process of designation of European Critical Infrastructures is still in progress.
From the previous description of the different characteristics of Energy Infrastructures, derives the need of different technological and conceptual tools necessary to ensure their security with a global approach.
In detail, we have identified the following needs:

  • To develop methodologies for the preparation of integrated Operator Security Plans (OPS) and implementation of integrated technological solutions addressing both physical and logical protection of all assets composing an Energy Infrastructure;
  • To develop simulation methods and simulation platforms to study the complexity of the mutual interactions and the vulnerabilities deriving from the mutual interactions among different Energy Infrastructures and among Energy Infrastructures and infrastructures belonging to different sectors;
  • To develop methodologies and technological solutions to better monitoring and diagnose the state of interconnected Energy Infrastructures to prevent cascading effects;
  • To develop appropriate methodologies and technologies to deal with the new challenges posed from the cyber security in the Smart Grid.

Integrated solutions for Energy Infrastructures protection
Much can be done on a local level by both power producers and operators to enhance the operational performance of their facilities. From safety and security risk prevention to impact limitation and recovery, integrated solutions can help the operators to improve energy supply reliability by managing risks, looking also beyond the physical environment to include remote facilities and network monitoring, and the coordination of incident response with national and international agencies.

Interdependent Energy Infrastructure Simulation and Vulnerability Analysis
The primary function of interdependent energy infrastructure simulation and vulnerability analysis is to enable analysts and decision makers to understand and accurately assess intrinsic vulnerabilities and those vulnerabilities that result from other forms of attack. It should help in answering questions of importance to operators as well as national and international agencies such as identifying potential events that cause catastrophic system failure or developing policy procedures that will aid in the prevention of cascading failure.

Diagnostic and control of Energy Infrastructures
This capability includes the development of sophisticated methods and software to monitor, control, and diagnose the operating state of complex energy infrastructures ranging from electrical and thermal power generation to the end use of energy in industrial and residential facilities. Examples of these technologies include the Decision Support for Operations and Maintenance (DSOM) technology suite. Specific areas of emphasis may include measurement, analysis, simulation, and modeling of power system dynamic responses, analysis of energy storage benefi ts and distributed generation interconnection issues, power quality and reliability inputs of distributed generation, and energy infrastructure information security and vulnerability. Examples of these technologies include the Wide Area Measurement System. The main goal of these technologies remain the necessity to discover as soon as possible any possible failure that may cause cascading effects.

Smart Grids Cyber Security
A smart grid is an upgraded electricity network depending on two-way digital communications between supplier and consumer that in turn give support to intelligent metering and monitoring systems.
Information and communication technologies have become the underpinning platform for the grid of the future but at the same time they are also its Achilles heel. Achieving a secure smart grid will not be an easy task. There is a series of unknown or not well understood potential vulnerabilities and weaknesses that must be further analysed. The communication infrastructures are not the only source of vulnerabilities. Software and hardware used for building the smart grid infrastructure are at risk of being tampered with even before they are linked together. Rogue code, including the so-called logic bombs which cause sudden malfunctions, can be inserted into software while it is being developed.
As for hardware, remotely operated “kill switches” and hidden “backdoors” can be written into the computer chips used by the smart grid and allowing outside actors to manipulate the systems. Smartgrids cyber security is a real challenge and goes far beyond the problem of Smart Meters.

SG 2 partners : Energy Infrastructure Security