Transforming TSOs Through Secure, Interoperable, Real-Time Communication

by Amandine Le Pape, COO, Element

Transmission System Operators (TSOs) are crucial players in guaranteeing the safe and reliable functioning of power grids. Preserving the equilibrium between energy supply and demand, and ensuring effective transmission is no mean feat - especially in a country as large as the USA.

Like many other industries, speed and safety of communication amongst TSOs is essential. As the grid becomes more complex and interconnected, there is an urgent need for secure and efficient real-time communication between TSOs, and across other entities in the utilities supply chain.

Society's reliance on utilities means it's imperative that there are robust and resilient communication networks in place for TSOs. This isn’t just for efficiency's sake. In today's digital era, where cyber threats are constantly emerging and pose a serious threat to the stability of our power grids, it’s a matter of existential importance.

Last year’s sabotage of the Nord Stream 2 pipeline demonstrates that large scale physical attacks are not just a theoretical risk. Sophisticated cyberattacks on the Colonial Pipeline Company (US), the SolarWinds supply chain (global) and key European oil terminals (Netherlands/Belgium) are just some of the recent examples that show utility firms are increasingly targeted.

Still using email?

The tools that TSOs use for communication are not up to the job of modern, secure communication. For too long, TSOs have been relying on email as their main mode of communication, which is not only insecure but also slow and prone to failure, such as the recent Microsoft / Outlook outage.

In a world where real-time interactions are a critical component of operational efficiency, email simply doesn’t cut it.  More tech savvy businesses may believe collaboration platforms like Slack and Microsoft Teams are sufficiently secure for the TSO network. While these offer a slicker, faster means of communicating - and include voice and video - they do not provide a sufficient level of security or data sovereignty across supply chains.

Interoperability - the ability for different apps and platforms to communicate and work together seamlessly - should be a cornerstone in today's communication landscape. Even more so in critical infrastructure supply chains. However, Silicon Valley giants have made it almost impossible for different real time communication systems to interoperate with each other (for instance, someone using Microsoft Teams being able to message someone using Slack). These proprietary systems and technologies are designed as walled gardens, effectively locking out cross-collaboration and stymying competition.

For TSOs this lack of interoperability can have a serious impact. The inability to seamlessly communicate with all relevant stakeholders leads to fragmented and disjointed workflows, especially in the wake of a crisis. This is why email continues to be the default choice for communicating between organisations, as it ensures a level of inherent interoperability through the SMTP protocol (even if companies use different email clients, such as Outlook or GMail. Today’s world needs secure, interoperable, real-time communications across the board, effectively creating a secure and real time email equivalent for the 21st century.

The headaches of consumer apps and centralisation

Due to the lack of attractive alternatives, some employees resort to consumer-grade apps like WhatsApp or Signal, citing their ease of use, widespread adoption, and end-to-end encryption. However, these apps provide limited corporate control and oversight and are unsuitable for workplace use due to several factors.  They are consumer based apps that lack the business functionally and transparency needed at companies dealing with sensitive information. Indeed workplace use of such apps has left Wall Street firms facing $2bn in fines.

Another key problem in common with the likes of Slack, Teams, or any of the consumer apps is centralisation. By design, a centralisation network is dependent upon a single central server. If that goes, the entire system goes down. It’s why services such as MS Teams, Slack or WhatsApp suffer global outages and why they are not considered suitable for mission-critical environments.

Centralized systems also create a huge honeypot of data, leaving the likes of Slack or Signal as some of the highest value attacks targets in the world.

The solution lies in the very origins of the internet, and its decentralized design.

Defense offers the best example of defense

Decentralized systems offer a far more resilient network. The U.S. Advanced Research Projects Agency Network (ARPANET) was the first public packet-switched computer network, and led to the internet. It was developed through Defense funding to build a  communications network that could withstand major disruptions, such as nuclear attack.

The resilience offered by a decentralized network makes it the ideal backbone for mission-critical communications. It also gives organisations the freedom to host their own data, which leaves organisations able to retain complete ownership and control over their data.

TSOs can learn from the example of the US Navy, US Marine Corps, and US Space Force - as well as governments in France, Germany, the UK and Sweden - by adopting an open standard for secure, decentralized real-time communication. All of them use the Matrix open standard to enable seamless secure communication between multiple organisations, whether partnering with allies or across a supply chain.

The same approach would provide TSOs, utilities, and other supply chain participants with the ability to communicate efficiently and securely in real-time. Matrix is the real time equivalent of SMTP, providing data sovereignty (the ability to self-host your communications platform, and support air-gapped environments) and a decentralized design for mission critical performance, with the added benefit of end-to-end encryption. And being an open standard, organisations are free to choose any Matrix-based platform rather than being locked into using a single proprietary solution.

Matrix recently exceeded 90M users globally; a little more than a third of users are US-based.

TSOs are starting to adopt Matrix

The European Network of Transmission System Operators for Electricity (ENTSO-E) is implementing Element, a Matrix-based collaboration platform, to power its real time communications.

The initial implementation is purely for ENTSO-E’s own use but, representing 39 electricity transmission system operators from 35 countries across Europe, the vision is to enable all ENTSO-E members to communicate securely, sovereignly and instantly through a Matrix-based federation.

A similar approach is already being rolled out by the entire German healthcare system. It has specified its own communications standard, TI-Messenger, which adds healthcare specific requirements on top of the Matrix protocol. The 150,000+ organisations that constitute the German healthcare system will use Matrix, from local clinics and hospitals through to health insurance firms.

Within utilities, Matrix-based communication would provide better incident management, as it enables real-time interoperable communication with no barriers between TSOs and other stakeholders. This is critical in emergency situations where fast coordination is essential, such as power outages. TSOs can quickly collaborate with other supply chain participants to assess the situation and take necessary actions to restore power.

A secure supply chain for improved safety and productivity

TSOs must embrace a communication platform that combines the best elements of different apps and email.

Email, with its interoperability and global reach, offers a blueprint but doesn’t offer real time communication, voice and video, and is nowhere near secure enough for mission-critical environments.

Consumer apps like WhatsApp or Signal offer end-to-end encryption and a simple user interface, but don’t support basic business requirements such as SSO or record keeping.

Meanwhile, collaboration platforms like Teams or Slack offer business functionality but are not encrypted and, like consumer messaging apps, their centralized nature presents wide scale risks associated with outages and data breaches.

None of these platforms offer data sovereignty, forcing organisations to store their conversations on servers that they don’t own.

With physical and cyber attacks growing in sophistication and volume, an open standard for secure real time communication offers a multitude of benefits; improved incident management, stabilized grid operations, increased cybersecurity, resilient communication network, and enhanced interoperability.

The US military, and TSOs in Europe, are adopting Matrix. As US TSOs and utilities firms look to upgrade their own communications, Matrix should be the foundation for secure communications.