Spanish Wind Energy Association interview with Isotrol Cybersecurity Manager Manuel Alguacil

Source: Spanish Wind Energy Association (AEE)

1. ISOTROL is a Spanish company specializing in engineering, software, and control services. Which position does renewable energy have in your current market?

The link between Isotrol and renewable energy dates back to the ‘90s. We were one of the first companies to develop technology to exploit and operate wind parks in Spain, and we participated in the connection and monitoring of the first plants that were built in our country, introducing unknown technology so far in them.

Our activity and position in the renewable energy sector has not stopped growing ever since. Nowadays, we have a well-known specialization and a competitive offer worldwide, attributing an essential place to the clean energies in the company’s strategy. Renewable energy has become the first work streams of Isotrol because of its activity volume, the experience we have accumulated, and the growing opportunities it provides.

It represents more than 60% of our business and it is complemented with the rest of work streams that composed our offer for the renewable energy sector. Besides supporting the efficiency and rentability of generator plants, we offer technological solutions for its network integration and we help large companies to optimize their commercial operations of energy. This capacity provides us a unique company profile, and a privileged position to contribute to the digital transformation of the energy sector as an expert technological partner.

2. From your point of view, what is the current situation of cybersecurity in the wind energy sector?

As seen in other energy sectors, the deployments are more and more cyber secure, but much remains to be done. In the last years, a clear effort has been observed to dispose of environments more and more protected, for example, by making use of international frameworks of cybersecurity and taking new measures orientated to reduce the exhibition surface and minimize the risks. Examples of some of these measures are the disabling of unnecessary hardware, the policies of less privilege, the deployment of the only necessary software or the confusion of administrative credentials. However, and despite the increasing cybersecurity maturity in the sector during the last years, we cannot loosen up. Therefore, as I was saying, there is still room for improvement until cybersecurity is so rooted in our diary processes that it practically becomes a commodity.

What is clear is that the attacks to critical sectors are and will be increasing because cybercriminals are more and more specializing in each of these sectors and the economic or positional benefit is more than patent in these times.

3. ISOTROL is a company with international services and clients. Has the company been deeply affected by the pandemic? Could it be an opportunity to develop new services on remote control?

Our activity has not been stopped by COVID; indeed, this situation has reinforced it. The coronavirus has forced us to accelerate digitalization and remote control processes that looked for the improvement of efficiency in the operation of plants. Over the past few years, our clients have been requesting new tools to optimize their processes, reduce operative costs, and increase the efficiency of their plants. The pandemic has caused the acceleration of this natural trend in the maturation process of the sector due to the difficulties of carrying out in-person activities. This crisis has speeded the changes we were already working on, reducing implantation and putting into operation costs of new tools for the remote control and management of renewable assets.

4. Is the sector protected enough from current threats?

It is almost impossible to always be completely protected from a cyber attack. In some cases, it is avoidable; in others, the only thing you can do is to minimize the impact; and in others, you simply do not realise it until it is too late and you can only apply forensic techniques to analyse the situation and implement new protection measures. The more attention you pay to cybersecurity, the more secure you will be, although 100% security is not insurable. The more mature the implementation level of cybersecurity is, the harder it will be for cybercriminals to attack. In this regard, mitigation measures are as important as early detection ones to minimize the impact.

In addition, it is also important to protect all the headwater because in most cases, they communicate from generation plants with control centers, operation networks, third party networks, etc., which can be affected by a security breach. Conversely, if any of these networks is exposed, it becomes a perfect entry point for the plant.

Nowadays, it is obvious that one of the most important aspects is awareness-raising. We are as strong as our weakest link, and these latter are often the people. It is increasingly common to implement security measures in end-point, perimeter, DLP, IDS/IPS, etc., but if people are not sufficiently trained and prepared regarding security issues, cybercriminals will take advantage of this door soon or later, and everything else will have been for nothing.

5. Is there room for improvement and innovation in the cybersecurity field of wind parks? Which are the principal work streams?

Indeed, nowadays there is still room for improvement, since each wind plant is different and, therefore, each one has different protection needs. There are already security levels which are being treated as commodity, such as anti-malware software, firewalls, bastion, less privileged policies, etc. However, we still can do more, such as adding advanced systems of intrusion detection in each plant, which will allow us to detect anomalies in IT and OT networks that so far they have been unthinkable.

Moreover, although communications in wind parks are mainly wiring, the implementation of wireless networks in built environments offers a new security challenge because of the exhibition these networks have. These allow an attacker to act at a certain distance from the access points as if it were directly connected to the local network, exposing it even more.

Very specific and restrictive settings will have to be considered for this new casuistry, at communication protocols level and its encryption, emission powers, directioned emission levels, etc.

6. What do you expect of the future of cybersecurity in wind parks?

Without a doubt, much remains to be done regarding cybersecurity of wind parks. Much milestones remain to be achieved, such as the active AI in real-time attacks detection and remediation, which can act over the attackers and interact with the own plant, avoiding possible disasters produced by the cybercriminals. In this way, the systems will be autonomous enough to detect the threat and act on it, preventing data leakage, production downtime, sabotages, etc.

New paradigms such as Machine Learning and even Deep Learning will allow us to model in an efficient way the IT/OT networkings behaviour and act faster on the threats and even in an automatic way.

7. The hybridization and storage are already key technologies to improve the penetration of renewable energy and emissions reduction, as well as to achieve the goals proposed in the Integrated National Energy and Climate Plan 2021-2030. With this incorporation, how will the management of wind and PV parks be?

The hybridization and storage are already key technologies to improve the penetration of renewable energy and emissions reduction, as well as to achieve the goals proposed in the Integrated National Energy and Climate Plan (INECP) 2021-2030. Then, with the incorporation of these technologies, how will the management of wind and PV parks be?

Storage is undoubtedly a fundamental vector in the penetration of renewables, as it will exponentially increase the capacity to be managed with this technology. It will also increase the quality of the energy injected into the system (measured in terms of services offered to the system and the predictability-reliability of the plant), with almost nothing to envy to traditional plants. The combination of short- and medium- to long-term storage, such as hydrogen, will extend the contribution of renewable energy to the system in a more uniform way over time (reducing intermittency and seasonality). Finally, and given the numerous services it will contribute to the system, they will be able to participate in markets in which they did not do so until now, such as the secondary market, or in others in which they simply could not, such as in the resolution of technical restrictions on uploading, not to mention emerging markets such as the ramp or local markets.

This will imply the participation of more actors and more complexity in the management of each plant, as different services may be provided to different agents in the system. There will be more interconnection between systems, more open and interoperable systems and more needs for traceability and information security. Undoubtedly, new challenges will appear not only in the energy field, but also in the field of cybersecurity and reliability of critical facilities associated with their operation.

8. May the energy sector adopt the public cloud?

Yes, of course, and especially after the pandemic. We have seen a kind of exodus towards public clouds worldwide. Undoubtedly, the public cloud has infrastructures, professionals, procedures, certifications, etc. that are not usually available in private data centers and are very difficult and expensive to obtain and maintain.

Over time, the adoption of the public cloud to host control centers, plant SCADAs, etc. of wind parks will become commonplace, just as on-premise infrastructures are today. Advanced data analysis techniques, such as Big Data or Business Intelligence, provide increasing value in operation, predictive analysis and asset management. These techniques are closely linked to a powerful infrastructure to support them. I am convinced that in the coming years we will see an increasing trend of migration from private cloud to public cloud, starting from more short-term scenarios based on hybrid clouds as a transition element.

9. In our daily life, we all can act on climate change. Which concrete measure would you propose to our readers so they can apply from today on?

There are many actions that can be done from home to contribute our bit to this fight against climate change, from turning off the lights that are not being used to separate and recycle the garbage we generate. One action in particular that I consider important today is to reduce the use of plastics, an action as simple as taking your bags to the supermarket and reuse them already brings great value.

Comments are closed.