Cyber Security for National Power Grid
Cyber security is in focus given reports of attack on the Kudankulam nuclear power plants administrative facilities which had been linked with the internet while the main plant and operations were stand alone.
Similarly now the systems in the Power Grid are being questioned as this is a national grid and penetration of one section may have an impact on the entire grid support across the board.
The Indian Power system for planning and operational purposes is divided into five regional grids. The integration of regional grids, and thereby establishment of National Grid, was conceptualised in early nineties. The initial inter-regional links were planned for exchange of operational surpluses amongst the regions.
However, later on when the planning philosophy had graduated from Regional self-sufficiency to National basis, the Inter-regional links were planned associated with the generation projects that had beneficiaries across the regional boundaries. With cyber threats being able to traverse across the grid smoothly there are concerns of the Powergrid as well.
For securing transmission assets of POWERGRID, communication from equipment of Substations to control centers are done over dedicated optical fiber network owned by POWERGRID without any connectivity to external networks. They are further protected through multiple Firewalls. These systems are kept isolated from office networks, to prevent any malicious online attack because of Internet connectivity.
Also, POWERGRID is certified for ISO27001 Information Security Management System as laid down in Information Technology Act, 2000.
Further, Ministry of Power has formed Sectoral CERT-Transmission housed in POWERGRID, which works in close coordination with Indian Computer Emergency Response Team (CERT-In), National Critical Information Infrastructure Protection Centre (NCIIPC), Ministry of Home Affairs (MHA) and Ministry of Electronics and Information Technology (MeitY) and which has laid down detail procedures for Protected Systems, alerts and advisories, regular cyber audit, Crisis Management Plan (CMP), mock drills and exercises.
This information was provided by Union Minister of State (IC) Power, New & Renewable Energy and Skill Development and Entrepreneurship Shri R.K. Singh, in written reply to a question in Rajya Sabha