27 October 2021 – Operations program: Vulnerability management. This webinar will discuss vulnerability management for critical infrastructure systems, including legacy systems used in OT. Grid operators are often overwhelmed by large numbers of vulnerabilities coming out of scans and penetration tests. Many are difficult to solve for legacy systems. We will discuss how different members deal with this problem.
3 November 2021 – Policy program: Network code on cybersecurity – Information sharing and incident response. This webinar will provide more background on how the network code will deal with information sharing and incident response. The network code uses the network of CSIRTs established by the NIS directive to share information. But it puts greater requirements on grid operators. Operators are for instance required to establish a CSIRT, either in-house or through a service provider, and the deadline for reporting incidents is shortened to 4 hours. We will discuss what these additional requirements will mean practically.
10 November 2021 – Policy program: ISMS expert group – security in projects. The digital infrastructure at grid operators is changing quickly to make smart grids possible. Operators therefore are dealing with more and more project to build or extend systems that could affect security. Security should be addressed early on in such projects. In this webinar, we will discuss how different grid operators are trying to do this in their ISMS.
TBD – Architecture program: Harmonizing security requirements for procurement. In the spring webinars, we presented our plans to update the ENCS security requirements sets. The update has two goals.
- Make it easier to use them in tenders for multiple components. Some grid operators found it difficult to combine the requirements when doing a substation automation tender with gateways, IEDs, and an HMI, or a distribution automation tender with an RTU and a modem. By harmonizing the requirements and numbering between different sets, the combination will now be much easier.
- Allow the requirements to be used in the ICCS certification scheme developed under the European cybersecurity act. Using this certification will be encouraged under the network code and may become mandatory under the revised NIS directive.
A lot of work has been done during the summer on the requirements update, and we will present the progress.
13 October 2021 – Policy program: Network code on cybersecurity – Risks and requirements. This webinar will discuss how the network code will deal with risk management and requirements to grid operators. The framework guidelines define a complex process to do risk management at three levels: at the individual entities such as grid operators, at member state level, and at European level. We will discuss how the drafting team plans to integrate these different levels. The risk assessment results in metrics and thresholds to identify high-risk and critical-risk entities that fall under the network code. We will discuss what these metrics and thresholds may look like. And we will discuss the matrix of standards that grid operators will need to follow.
6 October 2021 – Operations program: OT security sensors in the substation – final results. This webinar provides an overview of the final results of the tests that ENCS has performed on different substation monitoring sensors. In 2020, ENCS started a project to evaluate OT security sensors inside substations. These sensors are designed to detect incidents and vulnerabilities in industrial networks. The first round of tests was completed in 2020 and presented in webinars. In a second round of testing 2021, the results were validated with the sensor suppliers, so that the reports provide a better view of sensor capabilities. The results of the tests give interesting insights into what kind of vulnerabilities and incidents the sensors can reliably detect.
29 September 2021 – Policy program: Network code on cybersecurity – New framework guidelines: A drafting team led by ENTSO-E and the EU-DSO entity is preparing a network code on cybersecurity that will become mandatory for most European grid operators, probably in 2023. In July, ACER, the European agency for energy regulators, released framework guidelines that define the priniciples for the network code. This webinar provides an overview of these framework guidelines to give an idea what grid operators will have to do to comply with the network code in the future.
16 June 2021 – Operations program: Results of substation sensor testing: Results of the second round of testing of OT security sensors on substation traffic.
9 June 2021 – Architecture program: Smart metering requirements: Presentation of the 2021 update of the security requirements for smart meters and data concentrators, including an overview of common vulnerabilities in smart meters.
19 May 2021 – Policy program: Network code framework guidelines – part 1: Overview of the draft guidelines framework guidelines for the upcoming network code on cybersecurity.
5 May 2021 – Architecture program: DA and SA requirements (part 2): session on the update to the distribution automation and substation automation requirements with a focus on the test plans.
28 April 2021 – Policy program: Product assurance scheme: discussion on how the product assurance scheme in the network code can best be filled in.
21 April 2021 – Architecture program: Moving OT systems to the cloud: session to present a risk assessment and security requirements for moving operation technology systems to the cloud.
14 April 2021 – Policy program: ICCS certification scheme (part 2): discussion of the evaluation methods in the ICCS scheme and the method developed for IEC 62443 by TeleTrusT.
7 April 2021 – Architecture program: Physical security of smart meters: overview of the security of smart meters against physical attack, including a demonstration of how to extract the firmware using hardware fault attacks.
31 March 2021 – Policy program: ICCS certification scheme (part 1): overview of the industrial ICCS certification scheme developed by the Joint Research Center. This scheme is expected to be selected by ENISA as the official scheme for industrial components. Discussion on how ENCS requirements sets can fit into this scheme.
24 March 2021 – Architecture program: DA and SA requirements (part 1): session on the update to the distribution automation and substation automation requirements with a focus on the requirements for automated key management.
17 March 2021 – Policy program: Update on EU developments: overview of current developments in EU cybersecurity regulation, including the revised NIS directive, network code on cybersecurity and the Cybersecurity Act.
10 March 2021 – Architecture program: Security for engineering laptops: presentation of a draft security architecture for engineering laptops, including the central systems to support them and an audit plan to check the implementation of the architecture.