2019 ICS Cyber Security Conference | USA

This presentation discusses the rationale and learnings gained when re-designing a flat Electrical Protection Network (EPN) to a segregated network to increase reliability and security. The electric utility used in this real-world case study has a network of 55 interconnected sub stations varying in voltage from 600 volts to 34.5kV. The original EPN network was designed as a flat network. As a result they had experienced reliability issues, a single fault or cyber event on the network could result in a partial or complete network failure. The project involved segregating the network into smaller logical sections that would prevent network outages and maintain network failure risks to smaller, distinct and controllable regions.

The design criteria for the network included supporting GOOSE high speed protocol with considerations for the large geographic location. Other key requirements of the EPN included: allowing electrical protection relays to communicate with each other for high speed system protection coordination thus reducing system ARC flash values. The network must support operating status and control, alarms, trips and metering information to local HMIs and the T&D High Voltage Control Centre.

The presentation will also focus on the network security aspect including the design, testing and installation of DMZ firewalls used to protect the network and the use of VLANS and network switches for increased network separation, isolation and security. The factory acceptance testing was performed in a IEC 61850 lab environment configured to simulate the field parameters while subjecting the system to numerous cyber-attacks and fault simulations. The reconfiguration of the network was performed on an operating facility.