RWE boosts security on Scada networks

Power generator ramps up security to meet CNI guidelines

RWE, Europe's second-largest power generator, is stepping up security for the systems that control operations at its UK power stations, and will consider whether to upgrade network security across its 8,000-megawatt generating capacity.

The move is a response to UK government guidelines for members of the critical national infrastructure (CNI) to tighten security in the wake of 9/11, the London bombs and the heightened threat from terrorists and activists. It will also enable RWE npower -the company's UK arm - to compete more effectively in energy markets.

The new network security system from Industrial Defender sits on top of the system control and data acquisition (Scada) network that controls how and when a power station generates electricity.

Phil Bowley, manager of the electronic controls and instrument group at RWE npower's head office, said the system protects against three main threats: human error, cyber-threats and industrial espionage.

RWE npower chose the system because of its scalability. It can be used with a single generator, scaled up to a whole power station, and retro-fitted to legacy systems, said Steven Pringle, RWE's automation consultant.

"The system listens continuously rather than asking sensors for data. This reduces data traffic and latency on the Scada network, both of which could disrupt operations. We also know instantly if something is out of tolerance," he said.

Pringle said that in the past, power generators ran standalone Scada systems. However, privatisation of the National Grid in 1990 meant that, to be competitive, the firm's energy trading systems had to link into the real-time systems used to control the generating turbines. This opened the Scada network to threats such as viruses and hackers.

The Linux-based Industrial Defender technology suite contains a unified threat manager for perimeter security, network intrusion detection system, and host-based intrusion detection system.

CMS powers energy provider online >>

RWE npower >>

David Lacey's security blog
Managing security from one of the UK's leading security experts

Comment on this article: [email protected]

Read more on IT risk management