to overview previous case next case
Case Study

Keeping renewables online

Setting the scene

Digitalisation in all its forms is one of the main pillars of the energy transition. 

It opens up new opportunities and brings with it many benefits. For the renewable energy sector, these range from asset management to artificial intelligence and from smart grids to blockchain.  

However, as we have seen in other sectors, increasing digitalisation in the energy sector also brings with it an ever-increasing risk of cyber-attacks. 

We’ve all heard of instances where customer data has been stolen, companies’ systems have been hacked, or individual users have fallen prey to world-wide ransomware attacks like WannaCry. With Forbes estimating that cybercrime will cost around $10.5 trillion a year by 2025, it’s clear that we all ignore the risks at our peril. 

The German government was one of the first adopters of the European Union’s NIS directive which ‘bundled’ together energy projects and control centres that handled more than 420 MW. 

The country’s government continues to lead the way and is now amending its regulations to reduce the threshold to 36 MW per feeding in point to the grid (projects themselves could be less than 36MW), meaning many more renewable energy generations assets will now be considered as critical infrastructure. 

Meeting the Challenge

The new lower limit of 36 MW makes it more important than ever that all qualifying assets are protected as much as possible from any form of cyber-attack. This means that not only sites and physical equipment must be safe from the hackers, but also digital information too.  

Through our very own BayWa r.e. SystemSafe processes, we have been employing a range of measures to keep both our own assets, and those of customers, protected for years.   

Our multifaceted approach ensures that all aspects of site management and operation are considered, from on-site security including access, devices and routers, and that each asset is kept digitally hidden – with a VPN and encrypted data measures in place as a minimum. 

Staff training is also factored in – if operatives can recognise phishing, ransomware attempts, rogue emails or suspicious on-line activity, then it’s much more likely that cyber-attacks will be unsuccessful. 

As the roll-out of digitalisation increases, it’s likely that cyber criminals will get smarter as they seek to find vulnerabilities in systems. That means we need to continue to review and evolve too, and find new ways of bolstering protection. 

That’s why we also work with specialist security technology partners, like Timm Technology, to ensure we’re giving our own assets, and our customers’ assets, the very best levels of protection. 

The results

Our BayWa r.e. SystemSafe software and hardware combined with our years of experience, means we have a great track record in protecting renewable energy assets and giving our customers the assurance they need that their wind and solar farms are safe in our hands.  

Our programme of review and refresh gives them the confidence that the right measures are in place to protect generation assets of all capacities.  

With the new 36 MW threshold that’s planned, we’re in a great position to advise operators on their roles and responsibilities, and to provide them with practical support that will help keep their assets within the requirements of the law, and out of the hands of cyber criminals. 

We’re here to improve the digital security of renewable energy operators around the world. Our experience and proven systems give our customers the confidence they need to keep generating clean energy.

Mohamed Harrou
Head of Global SCADA, BayWa r.e. Data Services GmbH

Contact form