"TECNALIA develops hardware and firmware products that facilitate access to markets with cyber security requirements"
The digitalisation of critical infrastructures, such as the electricity system, has raised new cybersecurity challenges that have led Europe to develop a new policy to ensure more secure and resilient hardware and software products
This new policy includes the Critical Infrastructure Resilience Directive(CER Directive), the revised Network and Information Systems Security Directive (NIS2 Directive), and the European Cyber Resilience Act (CRA), which will come into force in 2024, requiring manufacturers of equipment with digital components to ensure more secure and resilient products against cyber-attacks.
Technological trends, such as the virtualisation of functionalities in power grid nodes or the use of shared data spaces between different agents make it even more necessary to reinforce cybersecurity in the equipment and infrastructures that make up the electricity system.
Unique skills in industrial cyber security
In this context, the product design and development process is more relevant than ever and TECNALIA brings together skills in both cyber security and the development of hardware and software products for the energy system, which enables it to offer:
- Identification of potential risks and vulnerabilities of electrical equipment and the systems in which they are used.
- Secure development from the product design phase: incorporating elements that protect against potential threats, such as information encryption, user authentication, password management, detection and response to attacks, etc.
- Security testing and validation in accredited laboratories: it is important to verify security and check that products are resistant to possible attacks and comply with established security standards.
- Regular security updates and patches to correct possible vulnerabilities detected and to keep products secure and up to date throughout their life cycle.
In short, TECNALIA combines unique skills in industrial cyber security (with 5 dedicated laboratories) with in-depth knowledge of the electrical product and its manufacturing process.
How to implement cyber-insurance products in the electricity system with the help of TECNALIA
These skills and knowledge make TECNALIA unique in assisting companies in their processes of developing secure and resilient products and addressing potential vulnerabilities in the energy system through:
- Product development: thanks to extensive experience in hardware and firmware development, we guarantee manufacturers that the cyber security of their products will be increased from the design and development phase and throughout the entire life cycle.
- Certification: providing added confidence to the market and regulators regarding compliance with new cyber security requirements.
Companies like ACLARA-HUBBELL, MERYTRONIC, ARIADNA, SCHNEIDER ELECTRIC, or ZIGOR, are currently working with TECNALIA on the adaptation and resilience of their products, as well as utilities such as ENDESA, to incorporate cyber security criteria in the operation and control of the grid.
Technical conference with experts
Taking advantage of the European cyber security month on 3rd October, we will show companies "How to accelerate regulatory compliance and certification of cyber secure products in the electricity sector", in a Technical Conference with the participation of experts in smart grids, cyber security, as well as representatives of manufacturers and utilities. This session is part of the 21st International Congress of Experiences in Industrial Cybersecurity 2023, which is being held in Bilbao.
