The latest generation of electricity grids are fitted with smart services so that energy is supplied efficiently, sustainably, economically and safely. In other words, the traditional electrical grids are evolving into smart grids. To be able to offer these smart services and meet the strict operating requirements of the new smart grids, it is necessary to deploy appropriate communication solutions in the electrical substations. This modernisation is carried out by fitting smart electronic devices in a distributed way in the substations; these devices provide the control and protection functions for the primary equipment (transformers, switches, etc.) and can also be accessed locally or remotely to ensure a rapid, automatic response to possible problems in the power supply. These devices need to be connected with each other to form a communication network within the substation and they also have to communicate with the outside; for example with a remote control centre.

In modern substations, due to the fact that the protection equipment is connected to large external communication networks and even with the public Internet network, these networks are exposed to remote attacks that could lead to dire problems such as the cutting off of the electrical power supply in large urban areas or on industrial estates. Apart from the vulnerabilities of conventional computing systems, electrical substations are exposed to fresh threats owing to the nature of the communications and resources used. Instead of conventional computers, the protection devices are normally based on embedded computing systems that require a specific approach to tackle cyber-security challenges.

A thesis written up in the Applied Electronics Research Team (APERT) of the Department of Electronic Technology of the UPV/EHU's Faculty of Engineering in Bilbao is conducting research into protecting one of the most sensitive communication protocols from among those being considered by the international standardisation bodies to be applied in substations: the Precision Time Protocol (PTP), a synchronization protocol that undertakes to distribute a time reference from a master device to the rest of the slave devices within the network in a very precise way.

Small advances for a more secure future

The researcher Naiara Moreira, the author of the thesis, explains that "it is very important to protect this protocol because if a time error of just a microsecond should occur, it could cause serious problems in the protection functions and even bring the functioning of the primary equipment to a halt". The research group is working to integrate this synchronization protocol into MACsec, a security standard for Ethernet networks —conventional local networks— that fulfils much of the security requirement of the PTP protocol.  This "is a standard that has been developed and marketed for many years," explained Moreira, but the research carried out has concluded that this standard protects the network of electrical substations "in a way that no other could; in other words, it is a solution that aims to cover part of those needs that others do not cover".

In parallel, the APERT group is working on the standardisation groups —groups that specify a set of rules so that the devices of different manufacturers can communicate with each other— in order to harmonize the solutions developed with the emerging standards in this field, this aspect being crucial in achieving the subsequent transfer of the results obtained to industry. In this research they have concluded that "protecting a communication in this way with these requirements is very complicated, and the task being carried out by the standardization bodies is even more so because there are many interests in this field," explained the researcher. At the end of the day, there is no single security solution that is the definitive one, because they are not designed for this scenario (that of substations); so a set of different solutions are used and they are adapted in the best way possible to this scenario, and these proposals and these alternatives are included in the standard so that later with a set of regulated standards in place each manufacturer can apply them to its devices".

Additional information

Naiara Moreira (Barakaldo, 1985) is a telecommunications engineer and has a Master's in advanced electronic systems. She is currently finishing her PhD thesis entitled System-on-Chip Architecture for Secure Sub-microsecond Synchronization Systems and supervised by Armando Astarloa at the UPV/EHU's Faculty of Engineering in Bilbao. The researcher belongs to APERT (Applied Electronics Research Team), which has broad experience in the design of electronic systems based on reconfigurable devices for industrial communications.

Bibliographical reference

N. Moreira, E. Molina, J. Lázaro, E. Jacob, A. Astarloa. "Cyber-security in substation automation systems". Renewable and Sustainable Energy Reviews, v. 54, 1552-1562. Febrero 2016.

Photos: Tere Ormazabal. UPV/EHU.