Wind Power Cyber Security

Distributed Energy Resources

»Monitor LON & Remote Access Communication ‒ Implement Intrusion Detection for DER«
  • Ensure Cybersecurity & Visibility For Distributed Energy Resources

    Identification of cyber attacks, manipulation and malware in local operating networks (LON) and remote access activities.

  • Implement Intrusion Detection & IT Security Regulations

    Next Generation Intrusion Detection combining threat detection, OT monitoring and anomaly detection.

  • Build Cost-Efficient Infrastructure Security Across All Locations

    System-wide security monitoring via hardware sensors and / or software integration on existing OT components.

Thanks to the newly gained transparency and analysis capability with Rhebo, we were able to significantly improve the performance of our SCADA technology and specifically enhance the cybersecurity of the wind and PV parks we operate.
Mohamed Harrou, BayWa r.e. Head of SCADA
Wind Power Cyber Security
BayWa r.e. is a worldwide leading developer, service provider, wholesaler and supplier of solutions in the field of renewable energies.

Cyber Attacks & Disruptions In Distributed Energy Resources

Challenges & Risks For Operators

Distributed energy resources (DER) and in particular renewable energy resources (RES) are most at risk from attacks due to their remote location far from the control room. SCADA systems, IEDs and local PLCs can be hijacked by adversaries undisturbed and via the simplest methods.

In addition to the loss of power and profit, damage to equipment can result. In the event of fleet shutdowns, even grid stability is at stake.

How Vulnerable Are Distributed Energy Resources?

In 2017, Dr. Jason Staggs demonstrated the inevitable at DEFCON, the oldest and largest underground hacker conference. Using a common Rasperry Pi and publicly available software, he managed to take control of several wind turbines in a very short time. The hack was not detected by the existing security mechanisms. It would have been easy for him to damage the wind farm via repeated hard stops or to put it into ransom mode. In the latter case, he would have shut down the entire wind farm or threatened to damage it until a ransom was transferred by the owners.

Substation Level Monitoring - Cybersecurity in Remotely-Controlled Utilities

»How to achieve cybersecurity from the control room to the substation«

Central Visibility Of All Local Activities

Requirements For Distributed Energy Resources Security

In order to immediately detect man-in-the-middle attacks, local manipulation and sabotage attempts, monitoring of all communication processes within DER's local operating networks and operational technology networks is required.

A modern intrusion detection system combines seamless OT monitoring with anomaly detection and threat detection – thus providing the critical visibility into your OT infrastructure required by most security regulations, NIST, IEC 62443 and ISO 27001. It enables you to detect changes in your distributed OT at an early stage and prevent disruptions to energy management in a timely manner.

Comprehensive Cybersecurity For DER

Solution: Monitoring Of LON and Remote Access Communication

The Rhebo next generation intrusion detection system enables end-to-end monitoring of the distributed infrastructure. Rhebo Industrial Protector non-intrusively analyzes and visualizes all devices and the complete data traffic within the local operating networks and OT networks. Communication changes occurring in the plants, related to cyber attacks, tampering, scans and technical error conditions, are detected, assessed, documented and reported to the control room in real time.

Monitoring is implemented at the distributed sites via cost-effective software sensors on existing edge devices or as hardware. Rhebo Industrial Protector fully supports specific DER protocols such as OPC, IEC 60870-5-104, IEC 61850-8-1 and DNP3, amongst others.

Network security managers in energy companies can thus implement a holistic, end-to-end intrusion detection system (IDS) in accordance with international standards and national regulations.

  • Solution Brief Renewable Energy Resources


    Intrusion & threat detection at renewable energy resources.


    Download Solution Brief

  • OT Risk & Maturity Assessment


    Risk and vulnerability analysis of your ICS and OT networks


    Download Solution Brief

  • Success Story BayWa r.e.


    Ensuring 24/7 cybersecurity for renewable energy resources


    Download Success Story


Follow the Rhebo Ambassadors