Working together for greater security

Growing e-mobility presents both opportunities and new challenges for the electrical grid. To address these challenges effectively, the energy specialist INTILION and the automation expert WAGO are committed to close collaboration and open communication. Through their joint “Grid Booster” project, they provide solutions that stabilize the electrical grid while maintaining the highest security standards. Their primary focus is protecting against cyberattacks to ensure that critical infrastructure in the energy sector is well-prepared for potential threats, securing a reliable energy supply for the future.

Guest authors:
Jens Sparmann

System Specialist Security at WAGO

Overview

Protection against cyberattacks: security in the energy sector

In light of the increasing threat of cyberattacks, protecting critical infrastructure in the energy sector is essential. Given the significant risks posed by vulnerabilities in these systems, security is a top priority for WAGO and INTILION. Their shared objective is to identify threats early and implement targeted measures to address potential vulnerabilities before they can be exploited.

To achieve this, the partners regularly conduct penetration tests, attempting to breach the system without authorization. External security experts stress-test selected automation components to uncover potential risks at an early stage.

This approach allows us and our partners to detect security vulnerabilities early and fix them promptly – before they can pose a real threat.

Jens Sparmann
System Specialist Security at WAGO

Rapid action: critical security vulnerability successfully closed

The effectiveness of ongoing safety tests is highlighted by a recent case where we identified a security vulnerability in the switches of battery storage devices. Thanks to the partners’ open communication and swift response, this vulnerability was addressed immediately. Christoph Bürger, Team Lead Application at INTILION, and Stefan Balluff, who oversaw the process as a software communications engineer at the time, explain: “Openness and transparency are crucial in such situations. We reported the security vulnerability without hesitation, and WAGO responded promptly.”

Rapid action and strong corporate cohesion led to a successful outcome. Jens Sparmann from WAGO adds: “We strive to address vulnerabilities openly and avoid hiding issues. Effective communication is key to resolving such matters.”

Certified processes for maximum security

To continually enhance product security, WAGO established the Product Security Incident Response Team (PSIRT) years ago. This vulnerability reporting center proactively supports software and cybersecurity efforts to protect existing applications and processes within industrial automation. Jens Sparmann explains: “The PSIRT operates internally and externally. It assesses potential vulnerabilities, consults with key stakeholders like the Development Department and Product Management, and initiates necessary actions – ranging from recommendations and updates to patches.”

An example of this is a recently published vulnerability in switches, detailed in a CERT@VDE report from the German Electrical Engineers Association (VDE). The report provides information on bug fixes and security vulnerabilities through advisories and offers an RSS feed. The VDE’s IT security platform acts as a central point of contact for customers, aggregating security issues from various companies and providing specific solutions.

Strong partnerships are the key to success

This case clearly demonstrates that close cooperation and seamless communication are essential for a swift and effective response during emergencies. The success of this situation was due to the quick reaction from INTILION and the certified processes of the WAGO PSIRT. Christoph Bürger from INTILION highlights:

Openness – as part of a culture of learning from errors – is crucial. Our shared, open-source approach with WAGO was key to improving security.

Christoph Bürger
Team Lead Applications at INTILION

Moving forward, the partners will continue to rigorously test and verify their systems to provide the best possible protection, embodying the motto: “Synergies for greater security.”

Share on social media:
Next post:

Do you have further questions?

Then book a free online consultation with one of our experts for your energy storage system.

This might also interest you: