Electrical Grid is one of the sophisticated systems humanity ever built. New technologies such as IEC 61850 and Europe-wide initiatives to create continent-wide SmartGrid systems makes it more and more complex.
Our latest research was devoted to the analysis of the threat landscape, architecture and implementation of the modern Smart Grid elements, including relay protection, wind and solar energy generation.
It may seem (not) surprising but the systems which manage huge turbine towers and household PhotoVoltaic plants are not only connected to the internet but also prone to many well known vulnerabilities and low-hanging 0-days. Even if these systems cannot be found via Shodan, fancy cloud technologies leave no chances for security.
In this talk, we summarize our practical experience in security assessment of different components of European SmartGrid technologies: from housekeeping and rooftop PV systems to digital substations. We will release new (but responsibly disclosed) vulnerabilities in SmartGrid components, Cloud SCADA technologies as well as new tools for security assessment of SmartGrid industrial protocols.