DSOs cooperation with vendors in handling cyber-attacks in control systems

Challenge and objective

The technological evolution has enabled Norwegian Distribution System Operators (DSOs) to make greater use of products and services from external suppliers. Although outsourcing provides resources, expertise and cost-effectiveness, it also introduces new dependencies and gates for potential attacks. As the dependence upon suppliers and the system complexity increase, the use of suppliers has to be taken into account in the cybersecurity incident management for the DSOs.

Work performed

Interview study of DSOs and vendors of industrial control systems on how they cooperate on incident management.
Current practices for the involvement of suppliers in incident management are investigated.

Significant results

An understanding of current practices, including both successful practices and challenges.
Recommendations for both DSOs and the power industry at large. DSOs are particularly recommended to involve suppliers more in preparatory activities, and supplier contracts should be improved.

Impact for distribution system innovation

Awareness of the need for improved collaboration between DSOs and their vendors.
Improved cyber resilience.

Oddbjørn Gjerde

Oddbjørn Gjerde

WP2 Lead

+47 99 730 027

Name: Oddbjørn Gjerde
Title: WP2 Lead
Organization: SINTEF Energi AS

Reference in CINELDI

R. Gudmestad: "Delayed Integrity Check for IEC 61850 Communication" MSc thesis at UiS, 2020. Paper accepted at Societal Automation.