IHI Terrasun’s Approach to Energy Storage Cybersecurity: Protecting Critical Infrastructure
Creating robust cybersecurity systems for IHI Terrasun’s energy storage projects is critical to our national security because energy storage is part of the national electrical grid infrastructure. Unlike consumer-level products, energy systems are under constant threat from highly resourced attackers seeking to destabilize the nation’s power grid, with potentially catastrophic results. The risks we face demand robust, multi-layered defenses, requiring a complex and continually evolving combination of software, network feedback, and rigorous data security controls. This is why we approach cybersecurity not as an ordinary product offering, but as a core responsibility.
IHI Terrasun’s multi-tiered defense process therefore incorporates the latest protective measures, defensive strategies, and proven technologies. Our approach revolves around three core cybersecurity principles: Confidentiality, Integrity, and Availability, or the CIA triad. This ensures that site operations and sensitive data are protected, systems function without interference, and critical services remain accessible to customers.
Layered Defense: IHI Terrasun’s Multi-Tiered Approach
With IHI Terrasun’s defense-in-depth model, security is built across multiple layers, instead of relying on a single line of defense like a firewall. We continually monitor attack patterns and signatures to identify aggressors and neutralize threats, using a series of controls, including virus scans, network segmentation, and access control management.
Our role-based access controls serve to restrict system access based on the user’s responsibilities. We apply the principle of least-privileged access, meaning users only have access to the data and systems needed to perform their specific roles. This limits the risks of unauthorized access and minimizes the potential damage from compromised accounts. In the event of a breach, our network segmentation ensures that it is contained to that segment and does not impact the entire network.
Another key differentiator for IHI Terrasun is that our security processes are not static — with our proactive approach, we are continually monitoring for new and evolving vulnerabilities. Our tools survey the threat environment, with any suspicious files or IP addresses rapidly flagged and automatically blocked.
Equipment Management: Managing Cybersecurity from a Global Supply Chain
Additionally, energy storage systems rely on equipment sourced globally, including from regions that could pose security risks. We carefully vet and isolate hardware, to avoid the risk of outside connectivity or backdoor access to critical systems. IHI Terrasun also conducts regular patching and technology refreshes, ensuring all equipment is well maintained to prevent vulnerabilities from lingering beyond warranty.
We have established a detailed incident response process that activates swift and organized protective measures. Our 24/7 in-house cybersecurity team monitors systems for new threats and updates defenses to ensure ongoing protection. In addition, regular tabletop exercises keep the team sharp and ready for real-world events.
Innovation and Adaptation in Security Technologies
Integrating cybersecurity into every stage of our projects, IHI Terrasun works to identify and mitigate risks across all phases of development, from initial project proposal through commissioning and into ongoing operation. We communicate any potential risks to project developers, helping them understand the balance between installing security improvements and maintaining operation.
As threats evolve, so too must our defenses, and we utilize machine learning and artificial intelligence to help meet new risks. Our cybersecurity strategies ensure all equipment, software, and practices are rigorously maintained and up to date. IHI Terrasun emphasizes the importance of technology refreshes and keeping systems within warranty to maintain ongoing protection. From the design phase to end-of-life management, this approach ensures systems are secure for the entire lifecycle of the asset, while proactively addressing new vulnerabilities.