A workshop was arranged by UNITED-GRID on 2 December to give a better understanding of needs and worries for cyber security for the smart grid. The workshop was held at Chalmers University in Gothenburg, Sweden. “More threats than I thought. More collaborations can be developed and might be useful to solve tomorrow’s challenges”, was one of the reactions after the workshop.
What was the purpose with the workshop?
– A better understanding of needs and biggest worries of cyber security for the smart grid. To let partners from different organizations of UNITED-GRID (and a few other external projects / people) meet and discuss cyber security, says Magnus Almgren, Chalmers, who coordinated the workshop. We also wanted to gain a better understanding of the needs of the partners of UNITED-GRID, understand the activities of different actors, promising technologies for the future.
– We started with a general introduction. This was then followed by a discussion of the program, the goals, the methodology of the day, and a first discussion in smaller groups. We then introduced cyber security and data streaming, especially with the smart grid as a target. Over lunch, we had five shorter presentations of ongoing research relevant for cyber security and data streaming.
Demonstration by Forescout
After lunch, an invited H2020 project presented their activities. We then presented the two major deliverables in UNITED-GRID of security, followed by a presentation / demo by Forescout as an industrial partner working with cyber security.
The day ended with a new breakout session with discussions in smaller groups, and then bringing the results back to the larger plenary session.
What was the outcome?
Based on the notes from the participants, many learned from the “other side”. That is, cyber security experts learned from power engineers and the opposite. Other concrete take-aways was to meet partners, understand their background and their concern, and what their role is in UNITED-GRID.
The awareness of security was also raised among the participants. Some already knew but others increased their awareness. A positive take-away from some participants is that they find awareness is already quite high, but more solutions need to be found.
– We color-coded the participants security expertise on the feedback (red / orange / yellow) and formed diverse groups across organizations and security expertise. This allowed us first to see if there were any specific trends on central questions discussed during the workshop.
- Place your note on the scale from not important / false to important / true for the following questions
- Security is a concern in our organization
- Security threats have grown over the last decade
- We cannot find expertise in security
Who can benefit from what you did?
– The final message was to ask people how they are going to discuss the take aways in their home organizations. As such, we should reach a larger target than just the participants of the workshop, says Magnus Almgren.
Quotes from the workshop
- “More threats than I thought. More collaborations can be developed and might be useful to solve tomorrow’s challenges.”
- “Bring home: Perhaps new collaborations in development. Use STRONG passwords and two factors authentication.”
- “The level of security solutions for the smart grid is more advanced than I thought earlier.”
- “Power system engineers need to think about security earlier in development.”
- “Not everyone working on smart grid is aware of security.”
- “It (security) is a research topic but in daily life we are not that careful.”
- “Cyber security is not only encryption.”
- “Security needs to be more discussed and higher on the agenda”
- “Smart Grid security may differ more from other domains as I originally thought: resource constraints, anomaly based IDS may be easier than other domains.”
- “There is more awareness than I expected but still lack of solutions.”