37. саветовање CIGRE Србија (2025) СИГУРНОСТ, СТАБИЛНОСТ, ПОУЗДАНОСТ И RESILIENCE ЕЛЕКТРОЕНЕРГЕТСКОГ СИСТЕМА МУЛТИСЕКТОРСКО ПОВЕЗИВАЊЕ У ЕНЕРГЕТИЦИ И ПРИВРЕДИ – D2-09
АУТОР(И) / AUTHOR(S): Nina Đuričić, Jovana Đukić, Neven Nikolić, Mladen Dragićević, Suzana Mladenović
DOI: 10.46793/CIGRE37.D2.09
САЖЕТАК / ABSTRACT:
The development and digitalization of electric power transmission have significantly improved the monitoring and control of systems, but have also increased the exposure of SCADA (Supervisory Control and Data Acquisition) systems and the entire OT (Operational Technology) infrastructure to cyber threats. Real-world attacks, such as Stuxnet, Industroyer, and BlackEnergy, have demonstrated how vulnerable industrial systems can be, even though they are not, or should not be, exposed to the Internet. A compromise of the SCADA infrastructure could have serious consequences for the stability and continuity of electricity grid operations. Traditional IT security solutions are not tailored to the specifics of the OT environment, which requires the implementation of specialized security technologies. This paper includes an analysis of the most common cyber threats in the OT infrastructure of electric power transmission, such as unauthorized access to SCADA system components, compromise of industrial devices, and lateral movement of attackers within the network. Special focus is placed on the impact of various components of the KICS (Kaspersky Industrial Cyber Security) system, which has been implemented as a security enhancement for the system, including anomaly detection, endpoint protection, and network traffic analysis, while ensuring the uninterrupted operation of operational processes within the power plants. As part of the security improvements for critical systems within Elektromreža Srbije, the KICS platform has already been implemented in local substations, regional dispatch centers, and will soon be integrated into the national dispatch center, establishing a unified and centralized OT infrastructure protection system. The KICS platform enables proactive protection of critical infrastructure, reduces the risk of cyberattacks, and facilitates more efficient management of security incidents, significantly increasing the resilience of the industrial network to modern cyber threats.
КЉУЧНЕ РЕЧИ / KEYWORDS:
SCADA, OT infrastructure, KICS, cyber threats, industrial cybersecurity, critical infrastructure protection
ПРОЈЕКАТ / ACKNOWLEDGEMENT:
ЛИТЕРАТУРА / REFERENCES:
- International Electrotechnical Commission (IEC). (2018). IEC 62443 – Industrial communication networks – Network and system security. Geneva: IEC
- International Organization for Standardization (ISO). (2013). ISO/IEC 27001: Information Security Management Systems – Requirements. Geneva: ISO.
- European Network of Transmission System Operators for Electricity (ENTSO-E). (2021). Cybersecurity Framework for the Electricity Sector. Brussels: ENTSO-E.
- Kaspersky Lab. (2021). Kaspersky Industrial CyberSecurity – Technical Overview.
- Kaspersky Lab. (2023). KICS for Nodes and Networks – Deployment and Configuration Guide.
- Radivojević, M. i Ristić, S. (2022). Industrijska sajber bezbednost u SCADA sistemima: izazovi i rešenja. Elektrotehnički fakultet, Univerzitet u Beogradu.
- Stojković, M. (2021). Bezbednosni aspekti upravljanja elektroenergetskim sistemima. Zbornik radova sa konferencije INFOTEH-JAHORINA.
- US Department of Homeland Security – ICS-CERT. (2020). Recommended Practices for Industrial Control Systems.
- Institute „Mihajlo Pupin“. (2020). SCADA rešenja za elektroenergetski prenos i distribuciju – tehnički vodič.