The Security of Information and Communication Systems and the E+I Paradigm

Abstract

This chapter will discuss the Information and Communication Systems (ICS) used in the electric power infrastructure, in light of their relevance for the occurrence and the management of risk-relevant situations. Electronic technologies found their way into power systems early on, mainly as an effective means for implementing control and protection mechanisms. The applications of those technologies, evolving from analog to digital systems, have expanded at accelerated pace. This evolution has been driven by, among others, increases in processing power, and decreases in costs and size. This massive incorporation of computerised and networked devices has changed the same character of power systems, bringing the electric power infrastructure into a new paradigm. We have denominated this the E+I paradigm, a new infrastructural service, namely “Electricity plus Information”, characterised by the integration of both elements. At the same time, it has enhanced the operational and monitoring capabilities, provided means for protecting against contingencies, and paved the way for new threats, partly due to the fallibility of ICS, partly due to their connectedness and openness that facilitate malicious attacks. In this light, it is clear that the analysis of the risks of the electricity infrastructure has to take into account the information security aspects of ICS. In order to clarify the topic, the chapter will discuss the diverse conceptual frameworks that exist for dealing with security issues.