Details
Initial situation and challenge
TEN Thüringer Energienetze is the largest distribution network operator in the German federal state of Thuringia. Its networks reliably supply more than 1.1 million people, the domestic economy and downstream distributors with energy. TEN provides all infrastructure services for the supply of electricity and natural gas, the connection of decentralized energy resources and, as part of its services, network operation for third parties. As a pioneering company, TEN has developed an intelligent, efficient infrastructure that is used by grid customers, electricity and gas suppliers and more than 16,000 decentralized producers. The increasing complexity and decentralization of network operations has been secured by TEN since 2017 through a certified Information Security Management System (ISMS). The greatest challenge is to securely integrate the different systems of all network users. For this reason, the IACS is constantly monitored and secured against attacks, technical error states and other critical changes. In addition, regular external audits ensure the infrastructure is free of any vulnerabilities.
Detection of attacks and error states
Continuously monitor IACS communication to detect and mitigate even smallest anomalies.
Fast, sound analysis of events
Document all event details to enable root cause analysis and traceability of affected devices.
Support of ISMS implementation
Establish continuous improvement as well as assessment of security levels and measures in accordance with EN ISO/IEC 27019.
Solution

Recurring risk analysis
Rhebo Industry 4.0 Stability and Security Audit
- Analysis of assets and communication structures;
- Risk assessment for cybersecurity and stability;
- Definition of mitigation measures;
- Detailed risk assessment within 8 hours.

IACS monitoring
Rhebo Industrial Protector
- Continuous monitoring of IACS and remote control technology;
- Real-time identification and assessment of cyberattacks, vulnerabilities, malware and technical error states;
- Analysis and mitigation of events;
- Daily risk assessment within minutes.

Implementation and findings
As a first step, Rhebo carried out a Rhebo Industry 4.0 Stability and Security Audit of the TEN IACS using its IACS monitoring and anomaly detection solution Rhebo Industrial Protector. Identified vulnerabilities and weaknesses were immediately corrected afterwards. Thus the network quality could be increased.
- Topological overview of all assets and their properties like firmware, connections and protocols.
- Reporting of all security- and operations-related anomalies.
- Reporting of suspicious communication and behavior patterns.