Summary
Given the rapid evolution of cybersecurity requirements in recent years and the emergence of new European directives, it has been identified the need for an automated testing system to verify the status of the protection and control devices deployed in the substations and the smart grids according to the current and future requirements. This system will help to enhance the OT cybersecurity of all the electronic devices to ensure substation-level security and its complete operational functionality in an industrialized manner.
Read more Read lessManaging product cybersecurity in energy applications implies typically applying cybersecurity standards, where IEC62443 is considered the reference. In recent years more cybersecurity controls from IEC62443 are being implemented in the Intelligent Electronic
Devices (IEDs) which are the center piece of the substation automation systems. Nowadays, product cybersecurity testing is based on manual testing methodologies. These methodologies need to be customized to every IED equipment by integrators to conduct the cybersecurity testing. Therefore, adopting product cybersecurity implies a significant workload in terms of time and resources needed to perform assessments to all products.
In this project developed within the framework of the Global Smart Grid Innovation Hub, we present the Cyber Test Box (CTB), a portable testing platform that is devoted to automating
IEC62443 testing for energy system IEDs. The CTB can run in two operation modes. In laboratory mode, the CTB connects to the same laboratory network where all the services are available (e.g., PKI, LDAP, syslog, NTP, DNS). In autonomous mode, the CTB works as a standalone machine by virtualizing all the services, so that IEDs which cannot be sent to the laboratory of Iberdrola can also be tested under the same conditions at the facility of the manufacturer. Additionally, this system will enable the decoupling of the company's internal developments from the final requirements of the IEDs, allowing all services to be tested in advance and so, ensuring that the equipment is ready for deployment once the infrastructure is ready, thereby facilitating an optimal rollout of the solutions and reducing the time and resources needed to evaluate product cybersecurity compliance.
The final goal of the project will be executing the automatic tests over IEDs and Station Control
Units (SCUs) from five manufacturers comparing the different compliance level of the
Foundational Requirements (FR) according to IEC62443 and provide support for manufacturers to improve cybersecurity level in equipment and operations. More specifically:
1. The FR that are checked in the selected Devices Under Test (DUT).
2. Services available and virtualized environment.
3. The functionality of the testing device such as the test queue scheduler, the test suite orchestrator, etc.
4. Review of the reports generated and their interpretation.
5. Finally, a summary of the benefits obtained from using this new system.
Additional informations
| Publication type | Session Materials |
|---|---|
| Reference | D2_11643_2026 |
| Publication year | |
| Publisher | CIGRE |
| Country | Spain |
| Study committees | |
| File size | 586 KB |
| Price for non member | 30 € |
| Price for member | 30 € |
Authors
FERRERO Iñigo - i-DE, Iberdrola, Spain; TRUJILLO Salvador - Orbik, Spain; PEREZ Borja - Orbik, Spain; GONZALEZ Jaime - i-DE, Iberdrola, Spain; MARTINEZ DE GUEREÑU Lorena - i-DE, Iberdrola, Spain; SAEZ DE CAMARA Xabier - Ikerlan, Spain; ARELLANO Cristobal - Ikerlan, Spain; SAIZ Oskar - Ikerlan, Spain
Keywords
