Alternative methods for safely obtaining measurement results from electrical substations

Abstract

This article describes the problem of ensuring secure access to substation measuring equipment via open networks, in particular in cases where the main communication channel is damaged. Given the growing digitalization of power networks and increasing dependence on remote monitoring, a key aspect is ensuring the security of transmitted data and uninterrupted operation of the energy infrastructure. The article examines in detail several approaches to ensuring secure access. The main emphasis is placed on the use of the IEC 60870-5-101 protocol, which is a standard for data transmission between energy facilities and control systems. The protocol ensures the compatibility of various equipment, which is critically important for maintaining stable operation of substations. To improve security, solutions are proposed that include the use of VPN connections to create secure data channels, network segmentation and VLAN separation to isolate traffic of critical components, as well as multi-level security measures that involve a combination of technical and organizational protection measures. In particular, the article describes methods for implementing firewalls, intrusion detection systems, data encryption and access control. The article emphasizes the importance of a multi-factor approach to protection against various types of threats, including physical access, network traffic and attacks on firmware. The use of such an approach allows for a comprehensive solution to the tasks of ensuring the security of energy infrastructure and maintaining reliable operation of equipment in conditions of increased risk.

Keywords: cybersecurity, energy security, VPN server, CA, VLAN, Apache Kafka, RS232, SCADA, Firewall, critical infrastructure, MFA, DMZ, IEC-60870-5-101.