Energy Networks Association's technical lead, Darwin Aseka, explains how we've been working with BEIS and NCSC on new cyber security guidance.
We are witnessing a number of seismic shifts in the energy market central to which are its decarbonisation, decentralisation and digitalisation. But it’s one thing to witness this, it’s another to ensure that customers and generators of all types can reap the full benefits despite the new challenges they may face, including navigating the cyber security protocols in place to keep the system running safely and stably.
There is over 30GW of distributed energy connected to local electricity networks, of which 85% is renewables and a mixture of batteries and other technologies. A volume which will only increase with broader electrification of heat and transport and the continued decentralisation of power.
This diversified system will be managed by a digitalised backbone whether through the new systems the network companies are putting in place, or indeed the roll-out of smart meters to every household in the country.
ENA recently held a webinar where, in conjunction with BEIS and the National Cyber Security Centre (NCSC), we published guidance for distributed energy resources. This guidance will support them in connecting to the grid safely and securely, without compromising the integrity of the wider network.
Despite its growing importance to our energy mix, distributed energy does not currently meet the ‘essential service’ criteria laid out in the Network and Information Systems regulations. As a result, it falls outside of the umbrella of support that would otherwise have been provided. Navigating these complex regulations and processes can be challenging, especially for the small-scale distributed energy providers – such as community energy projects or independent generators. To support these parties and standardise cyber security across the sector, we worked closely with the Energy Emergencies Executive Cyber Security Task Group and BEIS to develop guidelines to identify address this issue.
Adoption of these cyber security connection guidelines will support end-to-end security for distributed energy, at an industry-accepted level and – ultimately - help mitigate the risk of a cyber-attack. It will also enable DNOs and operators to effectively and consistently implement an industry baseline for cyber security when connecting new assets to the distribution networks.
In summary, this guidance aims to:
- Promote cyber security throughout the design and implementation of new projects.
- Provide a consistent approach to cyber security for DER connections across the UK.
- Provide a baseline level of security that is required for new DER connections.
- Enable BEIS, NCSC and us to address short-term and long-term threats and promote standardisation.
- Provide cyber security guidelines that are flexible enough to apply to any DER, regardless of size, maturity or location
- Provide guidance that encourages technology providers to improve security for their devices out of the box.
The guidance can be found on the new ENA website here.
Notes to editors
First online at Current (28 Oct).
About Energy Networks Association
Energy Networks Association (ENA) is the industry body representing the companies which operate the electricity wires, gas pipes and energy system in the UK and Ireland.
ENA helps its members meet the challenge of delivering electricity and gas to communities across the UK and Ireland safely, sustainably and reliably.
Its members include every major electricity and gas network operator in the UK and Ireland, independent operators, National Grid ESO which operates the electricity system in Great Britain and National Grid Gas which operates the gas system in Great Britain. Its affiliate membership also includes companies with an interest in energy, including Heathrow Airport and Network Rail.
What are energy network operators?
Energy network operators manage and maintain the wires, pipes and other infrastructure which delivers electricity and gas to your home, business and community. They are private companies which are regulated by Ofgem and employ around 45,000 people in the UK and Ireland. They are represented by their industry body, Energy Networks Association (that's us).
Energy supplier or network operator? Energy network operators are entirely separate to your energy supplier, which is the company that bills you for using electricity and gas. Energy suppliers and generators are represented by Energy UK.