Cyber-Security Workshop | Thursday 12th April 2018

Registration: 08:00, Programme begins: 09:00, Programme ends: 17:00

Workshop Format

Through a series of presentations, break-out sessions and group exercises, this hands-on interactive workshop uncovers the cyber-security vulnerabilities specific to the digital substation environment, and provides practical implementable strategies to help utilities stay one step ahead of the threat landscape, particularly in the context of an increasingly pressurised commercial and regulatory environment.


Led by the team at SecurityMatters with contributions from several utilities and system integrators, this one-day programme provides a rich, varied and comprehensive cyber-security toolbox for both Substation and Cyber-Security teams engaged in the implementation of next generation digital substation systems.



 Workshop Leader

Elisa Costante, Head of Research, SecurityMatters, BV


Elisa Costante joined SecurityMatters B.V. in 2015 and became Head of Research in 2016. She leads key internal and external research activities, including international projects.  Her main research topics include ICS security, network behavioural modelling and cyber-attacks mitigation. She received her PhD in Mathematics and Computer Science in 2015 from the Eindhoven University of Technology.  Her thesis entitled ‘Privacy throughout the Data Cycle’ focuses on data leakage protection and privacy evaluation techniques. She is co-author of several international scientific journals.


SecurityMatters empowers critical infrastructure and manufacturing organizations with the ability to identify, analyse and respond to industrial threats and flaws, minimizing troubleshooting costs and unexpected downtime. They leverage OT-specific knowledge and understanding to provide visibility into critical assets and their activity, and detect operational problems and cyber security threats as soon as they appear. They employ engaging, interactive visualizations and actionable insights to provide utilities with all the information they need to make their networks cyber resilient.



Workshop Speakers

Gian Luigi Pugni, Cyber-Security OT Engineer,  Global ICTENEL

Alexander Harsch, Head of Cyber Security Resilience – Innogy

Oliver Jung, Senior ScientistAustrian Institute of Technology

Jalal Bouhdada, Founder, Principle ICS Security ConsultantApplied Risk

Guido Gluschk, DirectorInstitute of Security & Safety

Bas Kruimer, Senior Manager, Smart Grid ServicesAccenture 

Andrew West, Regional Technical Director – SUBNET

Luca Barba, Product Marketing Manager – SecurityMatters


Registration & refreshments


Welcome address from the workshop leader


Session 1:  Digital Substation Security: Implementing effective cyber security solutions into digital substation systems that are integrated into legacy infrastructures

  • Carrying out robust vulnerability analysis to pinpoint key system weaknesses across the digital substation infrastructure
  • Implementing an effective strategy for managing the performance and availability of legacy devices
  • Enabling the constant monitoring of all critical substation software, IEDs and RTUs to ensure timely updates
  • Ensuring the security of passwords and remote access procedures to prevent unauthorised entry into critical systems
  • Creating a secure communication network by implementing effective cyber-security features into communication protocols
  • Implementing an effective back up, response and recovery strategy to secure electricity supply
  • Complementing cyber-security approaches with the latest substation physical security measures

Session 2: IED Security: Enabling the secure operation of digital devices such as IEDs and RTUs to ensure the uninterrupted protection and control of digital substations

  • Analysing potential security threats to digital devices and determining the best ways to combat these
  • Ensuring that IED and RTU software is kept up to date at all times
  • Enabling effective monitoring of communication with multiple devices to ensure secure information transfer
  • Putting in place effective authorisation and authentication procedures to reduce exposure of the system
  • Monitoring, storing and analysing security events to establish patterns and enable better future security event identification

Morning refreshments & networking


Session 3: Grid Edge Security: Effectively managing the cyber security of many more grid connections to LV and MV substations; renewable energy sources, smart meters, and EV charging points

  • Evaluating the threat landscape and scale of cyber security attacks through the smart meter, renewable energy resources and EV charging stations and the implications for digital substations
  • Ensuring smart meter functionality and security through implementing secure and cost-effective design, and regular monitoring and technology updates
  • Developing an attack-resilient architecture and layered cyber-physical solutions to protect the integrated renewable energy resources
  • Implementing a secure IT infrastructure to support smart EV charging and ensure effective end to end communication
  • Evaluating the application of blockchain cyber security technology to help secure distributed energy resources at the grid edge

Session 4: Mobile Workforce: Eliminating cyber-physical security incidents within digital substations by implementing an effective mobile workforce framework for security policies, procedures and awareness

  • Fostering a culture of cyber security awareness among the workforce to ensure compliance with regulatory guidelines, remote access procedures, and information sharing best practice
  • Enforcing adherence to internal rules and external regulations adopted by the organisation
  • Creating an effective structure for remote access authorisation to devices and information to fully secure the system
  • Creating a comprehensive training framework that meets the specific training and development needs of different groups within the mobile workforce

Lunch & networking


Session 5: Digital Substation Communication: Effectively securing IP based communication networks to ensure the reliability and security of digital substations and connecting control centre

  • Examining the range of communication technologies and protocols available in private and public networks and their effectiveness in securing data transfer
  • Assessing the risks associated with IP/Ethernet based communication networks and how these can be mitigated
  • Securing the connection between digital and legacy substations to avoid disruptions to the evolving digital grid
  • Determining the most effective approach to managing SCADA system cyber-attacks to minimise their adverse effect on digital substations
  • Applying an effective wide area monitoring security strategy to protect the information flow between substations and control centres
  • Mitigating the cyber-physical security risks of a mobile maintenance workforce to enable more secure access to the system
  • Ensuring high levels of communication availability, reliability and security at minimal cost

Session 6: IEC 61850 Cyber Security: Evaluating the levels of embedded cyber security within IEC 61850 and the customisation required to support the large-scale deployment of multi-vendor multi-edition systems

  • Identifying the most critical points of vulnerability in IEC 61850 systems
  • Balancing the need for more communication security with time sensitive access to information
  • Enabling better intrusion detection to provide a more holistic approach to IEC 61850 communication security
  • Managing the cyber-security complexities of multi-vendor multi-edition IEC 61850 systems
  • Devising a roadmap for the continuous and long-term security of IEC 61850 systems

Afternoon refreshments & networking


Session 7: Intrusion Detection Demonstration: Assessing the potential of state-of-the-art intrusion detection systems to safeguard the digital substation environment

During this session participants will get the opportunity to view and work with a state-of-the-art intrusion detection system, SilentDefense by SecurityMatters. With installations worldwide, SilentDefense is the most advanced and mature OT network monitoring and intelligence platform. SilentDefense passively analyses industrial network communications, provides rich information about network assets and alerts in real-time for any threat to operational continuity. SilentDefense empowers industrial operators with unrivalled visibility, threat detection capability and control of their network. Featuring a user-friendly interface and out of the box detection engines, SilentDefense instantly delivers actionable results.




End of workshop

▲ Back to top