Cybersecurity for Centralized and Distributed Power Generation at ISAGEN

Main Article Content


Cybersecurity, centralize electric power control, power generation cybersecurity, industrial cybersecurity, critical infrastructure cybersecurity, ISO/IEC 27002


This paper presents the answer to the cybersecurity challenges faced by the centralization of the electric power generation control in the second company of this type in Colombia. Likewise, it describes the main cybersecurity practices that were investigated, analyzed and implemented to establish and maintain a safe environment for operations, which allow facing the risks of cyberattacks on this essential service to the society. It presents the methodologies and technical measures that should have been considered in the different stages of the project to prevent cyberattacks from being effective, to identify them in a timely manner and to achieve the resilience of the supervision and control systems that were used and tested in this environment. It also shows how these results were used as a contribution to the evolution of Colombian national electric sector regulations on the subject and how they can serve as a basis for improvements
to regulation and cybersecurity for other agents in the electricity sector in the country and the region.


Download data is not yet available.
Abstract 1082 | PDF (Español) Downloads 1321


[1] R. M. Lee, Michael J. Assante, and Tim Conway, “ Analysis of the Cyber Attack on the Ukrainian Power Grid Defense Use Case,” SANS Industrial Control Systems - E-ISAC, Tech. Rep., 2016.

[2] J. Slowik, “ Crashoverride: Reassessing the 2016 ukraine electric power event as a protection-focused attack,” Dragos Inc., Tech. Rep., 2019.

[3] CISA, “ Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors,” 2018. TA18-074A

[4] Qi’anxin Threat Intelligence Center, “ APT-C-36: Continuous Attacks Targeting Colombian Government Institutions and Corporations,” 2019.

[5] Lab52, “ APT-C-36 recent activity analysis,” 2020. apt-c-36-recent-activity-analysis/

[6] El Congreso de Colombia, “ LEY 143 DE 1994,”, 1994.

[7] J. Andress and S. Winterfeld, Cyber Warfare, Second Edition: Techniques, Tactics and Tools for Security Practitioners. Syngress; 2 edition, 2011.

[8] A. D. Campen, “ Uncommon Means for the Common Defens,” in Cyberwar: Strategy and Conflict in the Information Age, A. D. Campen, D. H. Dearth, and R. T. Goodden, Eds. Fairfax, Virginia: AFCEA International Press, 1996, pp. 71–75.

[9] Ministerio de Energía and Ministerio de Defensa Nacional, “ Plan de Seguridad del Operador de Infraestructura Crítica Cibernética de Colombia (Modelo para Agentes del Sector Eléctrico) PSICCN V1.0.” Bogota, 2018.

[10] Consejo Nacional de Operación and Ministerio de Defensa Nacional, “ Plan Sectorial de Protección y Defensa para el Sector Electricidad de Colombia PSPSE V1.0.” Bogotá, Tech. Rep., 2018.

[11] NERC, “ Standards,” 2020. aspx

[12] Consejo Nacional de Operación, “ Acuerdo No. 788 Por el cual se aprueba la Guía de Ciberseguridad,”, p. 21, 2015.

[13] Consejo Nacional de Operaciones, “ Acuerdo 1241 Por el cual se aprueba la modificación de la Guía de Ciberseguridad,”, pp. 5–7, 2019.

[14] Comisión de Regulación de Energía y Gas, “ CIRCULAR No. 072,” 2019.

[15] Departamento Nacional de Planeación, Consejo Nacional de Política Ecónomica y Social, “ CONPES 3995,” 2020. co/CDT/Conpes/Económicos/3995.pdf

[16] G. Disterer, “ ISO/IEC 27000, 27001 and 27002 for Information Security Management,” Journal of Information Security, no. 4, pp. 92–100, 2013.

[17] D. Denning, Information Warfare and Security. Addison-Wesley Professional; 1 edition, 1999.

[18] ISO, “ Information technology — Security techniques — Information security controls for the energy utility industry,” ISO/IEC 27019:2017, 2017.

[19] National Institute of Standards and Technology, “ Framework for improving critical infrastructure cybersecurity,”, NIST, Tech. Rep., 2018.

[20] National Institute of Standards and Technology, “ Marco para la mejora de la seguridad cibernética en infraestructuras críticas,” NIST, Tech. Rep., 2018. 04162018

[21] Consejo Nacional de Operación, “ Guía de Ciberseguridad,” Consejo Nacional de Operación, Bogota, Tech. Rep., 2019. https://cnostatic.s3.amazonaws. com/cno-public/archivosAdjuntos/anexoacuerdo1241.pdf

[22] Ministerio de la Defensa Nacional, Consejo Nacional de Operación, “ Plan Sectorial de Protección y Defensa para el Sector Electricidad de Colombia ,”Tech. Rep., 2018.

[23] Y. ZHAO and Z.-j. SHEN, “Application of tcp/ip based iec60870-5-104 telecontrol protocol in power system [j],” Power System Technology, vol. 10, p. 016, 2003.

[24] F. B. Schneider, “ Least privilege and more,” IEEE Security and Privacy, vol. 1, no. 5, pp. 55–59, 2003.

[25] Center for Internet Security, “ CIS - Center for Internet Security,”, 2020.

[26] D. Colesniuc and I. Martin, “ Cybersecurity by Minimizing Attack Surfaces,” in International Scientific Conference "Strategies XXI", Suppl. Suppl_Command and Staff Faculty. Bucharest: Natinoal Defense University, 2015, pp. 42–48.

[27] J. M. Hiatt, “ ADKAR: a model for change in business, government and our community.” Prosci Research, 2006, ch. 1, pp. 2–3.

[28] P. Bowen, J. Hash, and M. Wilson, “Information security handbook: A guide for managers,” in NIST Special Publication 800-100, National Institute of Standards And Technology, 2007, pp. 178–800.

[29] M. Xue, S. Roy, Y. Wan, and S. K. Das, “ Security and Vulnerability of Cyber-Physical Infrascture Networks: A Control-Theoretic Approach,” in Handbook on Securing Cyber-Physical Critical Infrastructure: Foundations and Challenges, S. K. Das, K. Kant, and N. Zhang, Eds. Morgan Kaufmann, 2012, ch. 1, pp. 5–30.