ENCS introduces architecture security training for smart grid systems

13 November 2018 (Last Updated November 19th, 2018 13:22)

The European Network for Cyber Security (ENCS) has introduced a new training course to enable security architects to design secure smart grid systems.

The European Network for Cyber Security (ENCS) has introduced a new training course to enable security architects to design secure smart grid systems.

Focused on deploying secure European critical energy grids and infrastructure, ENCS has already conducted the first architecture security training course.

ENCS managing director Anjos Nijk said: “As the smart grid grows in scope and sophistication, we see increasing integration between IT and OT [operational technology].

“Following the 2016 and 2017 blackouts in Ukraine, we also see a growing need to withstand advanced, dedicated cyber attacks on energy infrastructure.

“Assessing that balance requires a thorough understanding of the systems and risks involved.”

“Grid operators are addressing this need by hiring security professionals to design a secure architecture that crosses both IT and OT. With this training, we hope to improve the skills of these professionals.”

The three-day course includes modules on risk-based-architecture and IT/OT interface designs, as well as practical use cases such as substation design and smart metering.

ENCS noted that that the course has been developed using its experience, and features practical cases to give students directly applicable knowledge for their role.

Participants will also be divided into groups and given an OT security challenge, as well as a task to design a solution.

Nijk added: “One of the challenges of designing effective smart grid risk architecture is getting the balance right. There are many measures from the IT world that are applicable to OT systems: networks segregation, VPNs, jump-servers and so on.

“But using too many measures will cause high investment costs and may make the system hard to use. Too few though, and the system is vulnerable. Assessing that balance requires a thorough understanding of the systems and risks involved.”