Secure Power Grid

In order to ensure the supply of electricity at all times, it must be protected against cyber attacks. Axpo has analysed the risks and developed a concept for even more secure substations.

Cyber attacks on companies are commonplace: automated attacks to test vulnerabilities take place every minute. Every company has implemented security mechanisms to ward off such attacks. A 2025 study by the University of Applied Sciences of Northwestern Switzerland shows that one in 25 companies has been affected by a cyber attack in the last three years.

Power grid also in focus

“Hackers also try to attack the power grid,” explains Daniel Schirato, OT Security Officer Grid: “In the transmission and distribution grid, there are devices that switch and monitor the grid. These devices are equipped with communication interfaces and are therefore vulnerable, even if they are not directly connected to the Internet.” In a cyber attack in Ukraine in October 2022, hackers disconnected 4,000 villages and cities from the power grid. The attackers also made a targeted attempt to prevent the resumption of operations.

The role of a substation

The power grid consists of lines that transport electricity over long distances, as well as substations where these lines are connected and the voltages are transformed between different levels. The operation of the plants is ensured by an important security system called grid protection: this detects errors – lightning strikes or a fallen tree – and very quickly disconnects the affected power supply from the rest of the grid. This is the same principle as at home, where a fuse disconnects the defective devices from the power supply in the event of a short circuit. 
 

The threats

Grid protection devices are exposed to many cyber risks. Security must always be guaranteed during manufacture, installation, operation and maintenance work. Risks are posed by other devices in the substation, such as PCs, servers and portable laptops. Hackers could attempt to access the substation by any means of communication. Axpo takes strict measures to safeguard these vulnerable points.

Prioritisation of functions

A power grid must never be operated without grid protection, as the risk to people, the environment and materials would otherwise be far too high. For this reason, it is essential that the protection works correctly and reliably. Other functions such as remote control of the substation from the central grid control centre are likely to be out of action for several weeks in an emergency. This would be very unpleasant, but the power grid would still be operable as the protection is functional and can be switched on the devices on site.

Increased security

In particular, the availability of grid protection is to be increased through technical redundancy: an additional protection device has the same grid protection functions but no communication interfaces, meaning malware cannot impair the overall protection.

The basic protection device is equipped with state-of-the-art security methods. “These measures already present significant obstacles for attackers. In addition, the digital disconnection of devices in the so-called ‘emergency level’ makes access extremely difficult,” explains Oliver Kindermann, OT Security Grid Expert. It’s like a computer that’s never connected to the Internet. In the event that we are attacked and hackers are able to penetrate the network – despite all the latest security mechanisms – we will then switch to emergency mode. This puts a substation in a secure state. As a result, no further destructive actions can be carried out. The attack is analysed, defective devices replaced and all systems checked. After rectifying the situation, it is then possible to switch back to normal operation.

Through these comprehensive measures, which have been developed with a great deal of expertise, Axpo additionally secures its power grids and ensures the future supply of energy.