Developing cybersecure solutions aiming to make HV, MV & LV networks safer and more sustainable
Cybersecurity is a transversal and constantly evolving concept
At ZIV we conceive cybersecurity not only as a product plus, or a market requirement. It is something as important as quality or safety at work, that is, it affects the entire company. We will possibly be one of the first companies that have had a transversal cybersecurity area. This affects all processes, from finance to IT, and obviously to product design and development. We beleive that being a cybersecure is as important as developing cybersecure products.
In this evolution towards transversal cybersecurity we have found 3 important conditioning factors:
- The lack of expertise, since it is a complex, novel subject that requires a lot of training time.
- Its own dynamism, since the appearance of vulnerabilities is constant and we must respond with agility and reliability.
- And its wide scope, as we must understand cybersecurity as something that applies to all processes and to the entire product life cycle: specification, design, implementation, testing, manufacturing and operation.
Within this testing part is where the penetration test is framed, which, thanks to IKERLAN and the BDIH Konexio 2021 program, has allowed us to test a large part of the solution and know that we are on the right track.
The Road Map of cybersecurity in ZIV
We have been investing in cybersecurity for many years, the last 5 intensively. We are aware that cybersecurity is here to stay. We have designed a road map that shows us where to move forward in the medium and long term. In the short term, we have been practical and pragmatic. Our products already cover the current needs of our customers.
- role-based access control,
- use of strong passwords,
- remote user authentication (LDAP, RADIUS),
- secure communications,
- security of the firmware based on digital signatures,
- cybersecurity activities recording
- disabling ports and services
- implementation of the PKI that allows the use of digital certificates to verify identities and establish secure communications.
Benefits obtained and technologies applied
The main benefit we have achieved is the awareness of the entire company about the importance of cybersecurity. This favors our products being cyber-secure and providing additional value to customers. Of course, in the case of electricity companies, this results in a clear benefit for all of society.
In terms of applied technologies, in addition to having analyzed and studied the main cybersecurity standards that affect OT cybersecurity, such as IEEE 1686, IEC 62443 or IEC 62351, and good practice guides, we have been working on:
- access control (PAM, LDAP, RADIUS),
- communications security (SSH, TLS),
- firmware security
- PKI for the management of certificates, certifying entities, revocation of certificates, which are used in secure communications and in the verification of firmware signatures
We are already working on HW cybersecurity, secure firmware boot and secure storage of credentials based on the use of TPM…
This has only just begun, and we are already reaping the first fruits. It is an exciting field in which we will continue working. We are aware that the world needs more green energy and more cybersecurity. Both are two very clear growth vectors for ZIV. Our R&D strategy is aligned with these goals, we want and we can provide cybersecure solutions capable of making electrical networks safer and more sustainable.