What Facebook and a refrigerator have in common – Sustainability Session with Stephan Lechner

The renowned security expert presented some of the European Commission's ideas and approaches to increase the cybersecurity of the future energy System.

Freiburg. With a perceived temperature of well over 40 degrees Celsius, June 22 has so far been the hottest day of the year. The participants of the Sustainability Center Freiburg's second Sustainability Session were nevertheless able to keep a cool head: At Fraunhofer EMI, pleasant temperatures prevailed thanks to a secure and reliable power supply. It was physically perceptible how central a functioning energy system is for our society.

There are currently at least two major change processes in the energy system. On the one hand, the increasing digitalization that we also witness in other aspects of our society; on the other hand, the conversion of obtaining our energy supply from  renewable energy sources, which is necessary due to climate change and finite resources. Both lead to the fact that the energy system of the future will be much more decentralized than has hitherto been the case.

Lechner pointed out that such a decentralized system is fundamentally more stable and less vulnerable to external attacks than a centralized system in which the failure of a few nodal points – such as large power plants – can lead to large-scale blackouts. At the same time, this system can only function and guarantee security of supply throughout Germany and Europe if its individual components are closely interlinked. In this way, however, cyberattacks on individual components of the system can lead to uncontrollable cascading effects and cause serious damage to the entire energy system.

Although all of these developments in cybersecurity are relevant for many aspects of society, the energy system's major importance becomes clear once again. Stephan Lechner illustrated this by a simple example: a protracted failure of social media platforms such as Facebook would be quite serious, but it does not lead to the failure of the refrigerator at the same time. This is a different case with the power supply: In case of a power outage, all other important infrastructures break down – from water and food supply to hospitals and many more.

The European Commission is therefore currently trying to develop strategies to increase the security of modern, "smart" energy systems when facing cyberattacks. Stephan Lechner emphasized in his lecture the need to switch from a purely reactive behavior following serious cyberattacks to a proactive, systemic approach. It is about getting companies to embed (cyber-)security as early as possible already in the system design. This includes regulations and laws. According to Lechner, however, the fact is that the majority of the relevant IT technology companies are not based in Europe and are therefore difficult to regulate by European law. In the future, we will have to answer the question of how such companies could be taken on board.

In the ensuing discussion with the participants, the question was whether complex systems such as a decentralized energy network could be modeled and simulated at all. The Sustainability Center's researchers have dedicated themselves to this task. They are trying to shift the existing limits of such simulation methods ever further and thus contribute to increasing the security of the future energy system.

After the presentation and discussion, the participants were able to deepen the discussions at a small reception.

Information on the Sustainability Sessions:

The Sustainability Sessions are a new format in which the Sustainability Center Freiburg  invites renowned experts for sustainable development. In programmatic evening events, the discussion on individual topics can be deepened in an informal framework. In the near future, further lectures will be held on subjects such as the "Energiewende", urban resilience and the transformation of society.

Information on Stephan Lechner:
Dr. Lechner is the Director Euratom Safeguards in the Directorate-General for Energy of the European Commission. Before that he served as Director of the Institute for the Protection and the Security of the Citizen (IPSC) at the European Commission's Joint Research Centre (JRC). The IPSC is located in Ispra, Italy and employs over 300 researchers on technical and scientific security aspects of various sectors (buildings, networks, financial systems, society) crisis management, maritime security and new Information Technology. Dr Lechner's background is in mathematics and computer sciences and he holds a PhD in cryptography. Before joining the European Commission, Dr Lechner used to be Global Department Head for Security Research at Siemens Corporate Research from 2002 to 2007. He worked as head of Corporate Security and as IT Security in the telecommunications sector in Germany from 1993 to 2002 and started his professional career as network security researcher at Siemens in 1989.