IT security for functional resilience in energy systems: effect-centric IT security

Abstract

From the point of view of energy system operators, cyberattacks, that is, information technology (IT)-security incidents, comprise an additional source for reduced functionality or system failure. In this capability cyberattacks ‘compete’ with unintentional disturbances like weather, natural disasters and accidental disruptions. Information technology-security experts, developing countermeasures to cyberattacks, primarily are concerned with intelligent, complex, malicious attacks that must be defended against using dedicated countermeasures and security processes. In order to prevent degraded function of energy systems through intentional attacks, for example, effecting a blackout or instabilities, functional resilience of the energy system is mandatory.