Power sector
BIPSE - security of the teleinformatic system
BIPSE - system of ensuring safe IP communication in the field of managing electro-energetic network
The function of the BIPSE system is to ensure security of the teleinformatic system for controlling electro-energetic infrastructure. It is done by detecting threats, analyzing and filtering traffic, intelligent and active monitoring of devices and ensuring reliable and hacking resistant transfer of technological movement. Thanks to the use of BIPSE system, it is possible to remove the unwanted traffic and warning about attack attempts on the teleinformatic infrastructure of the energy production.
The basic part of the system constitutes the Hub of Safe Communication cooperating with other elements of the security system responsible, among others, for controlling the state of network, reaction for the detected threat, visualization of threats and informing about the detected anomalies. The Hub of Safe Communication is the logical module grouping all elements of the system installed within one single unit of the electro-energetic station. In the global scale, the BIPSE system functions as a federation of such hubs within the independently managed domains of energy companies.
System architecture
The BIPSE system possesses the federation structure, consisting of the domain systems of safe communication of energy companies. The domain systems can work in the teleinformatic networks located at the Operators of the Distribution System, at the Operators of the Transmission System as well as in the Generating Units Centrally Disposed. The subsystem of BIPSE consists of one or more modules, which are the base unit for functioning of the whole system. They ensure the safe communication between the resources inside the local network of the station as well as with the elements from the external networks. The key element of the BIPSE system is the Hub of Safe Communication, possessing the modular construction enabling the flexible confi¬guration and an easy extension of its functionality. In the teleinformatic network the Hub of Safe Communication controls the traffic fi¬ltration, detects (by means of probes) and prevents from threats, stores the safety logs and makes available the safe information and administration interface.
The probes monitor and analyze the threats in the critical points of the network and they signal the occurrence of alarm events to the Hub. The aggregated data on threats from the network of station, available in the Hub, are processed in the Supervision Station functioning in the domain of the energy company. The function of the Supervision Station software is the real-time analysis of the threats coming from inside, as well as outside of the network and semiautomatic decision-making (with participation of the operator) within the range of implementing indispensable changes in the con¬figuration of the network. The Supervisory Stations are adapted for exchanging data with the central hub coordinating activities connected with the safety of the whole electro-energetic network.
