Cybersecurity Strategies to Protect Smart Power Grids

In the era of digital transformation and the integration of intelligent technologies into critical infrastructures, power grids face unprecedented security challenges.

In the era of digital transformation and the integration of intelligent technologies into critical infrastructures, power grids face unprecedented security challenges. This article explores the fundamental strategies for protecting smart power grids against growing cyber threats, with special emphasis on the Mexican context. It analyzes everything from technological fundamentals to practical implementation cases, offering a comprehensive vision that combines technical rigor with practical applicability for professionals in the energy and technology sector.

introduction

The electric power industry has become increasingly vulnerable due to the growth of smart grids that interconnect consumers through information, transmission and distribution technologies based on communication systems. The modernization of these critical infrastructures, while providing significant benefits in efficiency and management, also expands the surface area of exposure to cyberattacks (Elizalde-Canales, 2019).

The interconnection of devices in intelligent electrical grids creates an environment of greater risk, turning energy systems into attractive targets for malicious actors, with potentially serious consequences for the economy and society (Cyberprotected, 2025). Therefore, developing and implementing robust cybersecurity strategies is not only a technological option, but a critical need to ensure the resilience of the national electricity system.

Definitions

Smart Power Grids

Smart power grids or Smart Grids represent a fundamental evolution compared to conventional networks. These integrate areas that traditionally remained separate, such as advanced communication systems and intelligent decision-making systems (Tecnológico de Monterrey, 2017). This modern infrastructure is supported by bidirectional communication systems, which allow suppliers and consumers to access real-time data on energy supply, demand and prices (Olivarría-González, Gutiérrez-Rochin, Llamas-Domínguez, & Carrillo-Colado, 2023).

An essential component of these networks are intelligent or bidirectional meters, capable of receiving and sending information in real time about energy consumption, allowing remote metering configuration, dynamic rates, energy quality monitoring and load control (León-Trigo, Reyes-Archundia, Gutiérrez-Gnecchi, Méndez-Patiño,, & Chávez-Campos, 2019).

Cybersecurity in Electrical Networks

In the context of intelligent power grids, cybersecurity is defined as the set of practices, technologies and policies aimed at ensuring the confidentiality, integrity and availability of critical data and systems (Cyberprotected, 2025). This involves protecting not only the information exchanged between the different components of the network, but also ensuring the continuous operation of the physical infrastructure.

The concept encompasses three fundamental pillars:

  • Confidentiality: Ensure that sensitive information such as energy consumption or production data is not accessible to unauthorized entities
  • Integrity: Ensure that transmitted data is not altered during transmission or storage
  • Availability: Maintain services and operating systems even under adverse conditions or attack attempts

Hyperconnectivity

Hyperconnectivity represents the intensive integration of devices, systems and people through communication networks, mainly the Internet. In the field of intelligent electrical grids, this concept is embodied through the Internet of Things (IoT), a network that incorporates sensors, software and other technologies to connect and exchange data between devices and systems (Modi, 2025).

This permanent interconnection allows the real-time monitoring of electricity consumption, the early detection of faults and the dynamic optimization of energy distribution. However, it also multiplies potential attack vectors and expands the surface of exposure to cyber risks.

Fundamentals of applicable cybersecurity technologies

The security of smart power grids requires implementing specific technologies that are adapted to their particular characteristics and challenges. Among the most relevant are:

Robust encryption for limited-power networks

Communications in intelligent power grids often occur on devices with limited computing resources. For this reason, it is necessary to implement lightweight encryption algorithms that provide adequate security without compromising performance (Alonso, Gálvez, & Ledo, 2020). Standards such as AES-128 bits represent an optimal balance between security and efficiency, and are widely implemented in protocols such as Meters and More, G3-PLC and IEEE 1901 (INCIBE, 2020).

Authentication and identity management

Strong authentication is essential to prevent unauthorized access. Modern systems implement:

  • Symmetric key-based authentication
  • Multifactor systems
  • Digital certificates
  • Granular access controls

These measures ensure that only authorized entities can interact with critical components of the electrical system (INCIBE, 2020), (Petrashin, Lancioni, Laprovitta, & Castagnola, 2024).

Data Integrity Verification

To prevent the malicious manipulation of critical information, intelligent power grids implement message authentication (MAC) codes that allow verifying both the integrity of the received data and authenticating the sender (Alonso, Gálvez, & Ledo, 2020). This protection is particularly important in an environment where altering energy readings could result in incorrect billing or erroneous operating decisions.

Blockchain technology for secure energy transactions

A relevant innovation is the implementation of cybersecurity architectures based on multilayer blockchains, adapted to intelligent measurement systems. This technology offers transparency and security in energy transactions, providing greater trust to end users and reducing the risk of fraudulent manipulation (Olivares-Rojas, Reyes-Archundia, & Gutiérrez-Gnecchi, 2023).

The immutability characteristic of the Blockchain of Blocks (blockchain) is especially valuable in a context where, according to CFE estimates, non-technical losses (including measurement errors, billing, theft and electric power fraud) reach 25.2% nationwide (Olivares-Rojas, Reyes-Archundia, & Gutiérrez-Gnecchi, 2023).

In-depth network segmentation and defense

The implementation of segmented network architectures is essential to limit the spread of attacks and reduce the exposure surface. This involves dividing the intelligent electricity grid into distinct security zones, for example separating the control network from the management network and the corporate network (Petrashin, Lancioni, Laprovitta, & Castagnola, 2024).

Modern protocols for protection in smart power grids

Smart power grids use a variety of specialized communication protocols, each with their own characteristics and security requirements:

PRIME (PowerLine Intelligent Metering Evolution)

This protocol is primarily used for communication between devices in intelligent power grids. To ensure your security, it is recommended to implement security profile 2, which incorporates encryption. However, by acting only at the lower levels of the OSI model, security can be complemented by additional protections at the higher levels (INCIBE, 2020).

Meters and More

This protocol, an evolution of ENEL's proprietary remote management system, covers the full stack of the OSI model (INCIBE, 2020). Its security features include:

  • Encryption using 128-bit AES keys.
  • Authentication based on symmetric keys.
  • Protection against relay attacks.
  • Verification of message integrity.
  • Individual keys for each counter.
  • End-to-end protection.

G3-PLC

This narrowband PLC protocol has been adopted in countries such as France, which plans to implement 35 million devices (INCIBE, 2020). Your security model includes:

  • AES-128 encryption at the MAC layer level.
  • Simplicity based on a single shared credential.
  • Extensibility to support group key distribution.
  • CCM encryption to provide confidentiality and integrity.

IEEE 1901

This standard for PLC communications incorporates security features based on the IEEE 802.1X framework, using as a reference the IEEE 802.1i standard for wireless network security (INCIBE, 2020). Its security measures include:

  • Encryption using 128-bit AES keys.
  • End-to-end protection.
  • Access control.
  • RSNA security framework that defines authentication and key management mechanisms.

IEC 62351

This international standard defines security requirements for communications in electrical power systems. Its implementation is essential to ensure secure interoperability between components of the smart grid, and is recommended by international regulatory bodies (FutUred Cybersecurity Group, 2019).

Trends: Intelligent Hyperconnectivity

The evolution of electrical networks towards hyperconnected environments is defining new technological trends that directly impact cybersecurity strategies:

Distributed Energy Resources (DER)

The integration of decentralized renewable energy sources, such as solar panels and wind turbines, represents a challenge for traditional grids. These resources require accurate and secure synchronization with the existing network, which involves updating obsolete regulations and developing new technologies to optimally manage energy flow without compromising safety (Hive Power, 2023).

Integration of electric vehicles

The exponential growth of electric vehicles (EVs) requires smart grids prepared to manage significant increases in energy demand. Smart charging stations and technologies Vehicle-to-grid (V2G) allow EVs to not only consume, but also to store and return energy to the grid during periods of peak demand. This bidirectionality introduces new security vectors that must be adequately protected (Hive Power, 2023).

Energy Management Systems (EMS)

These systems constitute the core of intelligent grid monitoring, collecting and analyzing data from multiple sensors and meters to optimize both energy production and distribution (Pesset, 2024). Their increasing complexity and critical nature make them priority targets for sophisticated attacks, requiring adaptive and resilient security architectures.

Advanced data analysis and anomaly detection

The massive volume of data generated by smart grids is driving the implementation of anomaly detection systems based on Machine Learning (Machine Learning, ML), capable of identifying suspicious patterns that could indicate attempted attacks. Models such as Random Forest have proven to be particularly effective in identifying false data injection (FDIA) attacks, a growing threat to smart power grids (Chacon-Acosta, 2023).

Applicable use cases in Mexico

Smart meter pilot project in Mexico City

In 2010, the Federal Electricity Commission (CFE) began a pilot project in the Polanco and Lomas de Chapultepec areas of Mexico City, which included the installation of 60,000 smart meters. The main objective was to reduce losses in the distribution network through the use of advanced measurement and communication technologies (Enlight, 2025).

This project incorporated cybersecurity elements such as data encryption and authentication, laying the groundwork for future larger-scale implementations. The results showed significant improvements in the detection of non-technical losses and greater accuracy in billing.

Smart Power Grid Program

Mexico has implemented automation and remote control systems in distribution networks as part of the CFE Intelligent Power Grid Program. Until the end of 2023, progress was reported in the installation of more than 8,000 kilometers of optical fiber and the integration of SCADA systems (Supervisory Control and Data Acquisition) in various substations (Enlight, 2025).

These systems include cybersecurity protocols designed specifically for industrial environments, such as network segmentation, strict access control, and continuous monitoring of network traffic.

Challenges and opportunities in Mexico

Regulatory Challenges

Mexico faces significant regulatory challenges for the effective implementation of cybersecure smart power grids:

  1. Outdated regulatory framework: The Intelligent Power Grid Program (PREI), whose latest version dates from 2017, requires an urgent update to address emerging cyber threats (Enlight, 2025).
  2. Absence of specific Mexican Official Standards: The lack of NOMs dedicated to fundamental components of smart electric grids, such as smart meters and communication protocols, makes it difficult to standardize and implement homogeneous security measures (Enlight, 2025).
  3. Insufficient regulation in cybersecurity: The current legal framework does not adequately address specific aspects of cybersecurity for critical infrastructures such as electrical networks (Enlight, 2025), (Alonso, Amarís, Pastrana, Turanzas, & Gálvez, 2021).

Technical Challenges

  1. Legacy infrastructure: The integration of modern technologies with legacy systems (Legacy) has inherent vulnerabilities that must be mitigated by adaptive security architectures.
  2. Detection of sophisticated attacks: False data injection (FDIA) attacks represent a growing threat that requires the implementation of advanced solutions based on Machine Learning for effective detection (Chacon-Acosta, 2023).
  3. Real-time cyberattacks: Intelligent power grids require immediate responses to security incidents, requiring detection and mitigation systems with automated response capabilities.

Development opportunities

  1. Implementation of Blockchain technologies: Mexico has the opportunity to lead the implementation of blockchain-based solutions to ensure secure and transparent energy transactions (Olivares-Rojas, Reyes-Archundia, & Gutiérrez-Gnecchi, 2023).
  2. National capacity development: The creation of specialized cybersecurity centers for critical infrastructures would train local talent and reduce technological dependence.
  3. Public-private collaboration: The development of strategic alliances between the government, energy sector companies and security providers would facilitate the implementation of comprehensive solutions. Projects such as SEC2GRID demonstrate how collaboration between electrical industry leaders can drive significant advances in cybersecurity for smart power grids (Zigor, 2023).
  4. Integration with renewable energy projects: The growing adoption of renewable sources in Mexico offers an opportunity to incorporate cybersecurity measures from the initial design of the facilities, following the principle of Safety by Design (Security by Design).

Conclusions

The cyber protection of smart power grids in Mexico represents not only a technological challenge, but also an opportunity to modernize and strengthen a critical national infrastructure.

Cybersecurity strategies for these networks must be holistic, ranging from the design of the architecture and the selection of secure protocols, to the implementation of advanced technologies such as Blockchain and detection systems based on Machine Learning. An approach that combines multiple layers of protection, following the principle of Deep Defense, is essential.

The successful development of these strategies in Mexico necessarily requires updating the regulatory framework, encouraging collaboration between sectors and prioritizing the training of local specialists in cybersecurity of critical infrastructures. Only through this comprehensive approach can we guarantee a national electricity system that is not only more efficient and intelligent, but also resilient to the growing threats of cyberspace.

The security of our smart power grids is not a technological luxury, but rather a strategic need for the country's sustainable development. The time to act is now, before new incidents jeopardize an essential service for Mexico's economy and social welfare.

References

Alonso, M.A., Gálvez, L., & Ledo, A. (2020). Cybersecurity challenges in smart grids. VII Smart Grids Congress. Communications Book, (pp. 207-211). Madrid.

Alonso, M., Amarís, H., Pastrana, S., Turanzas, j., & Gálvez, L. L. (March 25, 2021). Cybersecurity challenges in smart grids.

Chacon-Acosta, D. (2023). False Data Injection Attack (FDIA) Attack Detection in Smart Grids. Obtained from Universidad de los Andes Colombia.

Cyberprotected. (2025). Smart Grids, Secure Networks: Cybersecurity in the Smart Grid Era. Obtained from Cyberprotected.

Elizalde-Canales, F. (2019). Strengthening cybersecurity in electrical energy measurement systems in the smart grid (SG) scenario within the IoT. Obtained from Tulancingo Polytechnic University.

Enlight. (May 08, 2025). Overview of smart electric grids in Mexico. Retrieved from LinkedIn.

FutuRed Cybersecurity Group. (2019). Analysis of the cybersecurity situation in electrical networks: regulations, good practices and legal obligations. Retrieved from FutureD.

Hive Power. (March 20, 2023). Top 5 smart grid trends for 2023. Obtained from Hive Power.

Holgado, E. (July 12, 2023). Protecting Mexico's National Energy Network: Reflections after the 2020 cyber attack. Obtained from Zepo.

ICLOUDS. (May 2020). Smart Grid Industrial Protocol Safety Guide. Obtained from INCIBE.

León-Trigo, L., Reyes-Archundia, E., Gutierrez-Gnecchi, J., M.-P. A., & Chavez-Campos, G. (2019). Smart Grids in Mexico: Current Situation, Challenges and Implementation Proposal. Engineering, Research and Technology, 20(2).

Modi. (August 08, 2025). How to improve energy efficiency thanks to IoT. Obtained from Modi.

Olivares-Rojas, J., Reyes-Archundia, E., & Gutiérrez-Gnecchi, A. (2023). A cybersecure energy trading system using multi-level blockchains. Computing and Systems, 27(3), 851—867. doi:doi:10.13053/CYS-27-3-4071

Olivarría-González, M., Gutierrez-Rochin, B., Llamas-Domínguez, J., & Carrillo-Colado, A. (2023). Smart electric grids in Mexico. Digital Journal of Computer Technologies and Systems (REDTIS), 7(1), 145-152.

Pesset, I. (2024). Smart Grids: Technical solutions for innovative monitoring. Obtained from Motilde.

Petrashin, P.P., Lancioni, W.P., Laprovitta, A.P., & Castagnola, J.P. (2024). Integrating Cybersecurity Measures into the Design of Intelligent Networks: Improving Resilience and Protecting Critical Infrastructure. 22nd LACCEI International Multi-Conference for Engineering, Education, and Technology, 1-6.

Monterrey Technology. (2017). Smart grid: technical fundamentals. Obtained from Tecnológico de Monterrey.

Zigor. (September 29, 2023). Cybersecurity in smart grids: The SEC2GRID project. Obtained from Zigor.

Regresar
Blogs recientes
May 6, 2025
Is your connectivity reliable in the field? How to guarantee it in remote environments
Nowadays, reliable connectivity isn't a luxury: it's a critical need for companies operating in the field...
Leer artículo
April 15, 2025
Industrial Cybersecurity: How to Protect Critical Infrastructure
Critical infrastructure is the backbone of any country. From electrical grids and water treatment plants, to mining and oil operations...
Leer artículo
April 4, 2025
The future of applied telemetry in mining
Mining is a sector that has undergone significant transformation in recent decades, driven by the adoption of advanced technologies.
Leer artículo
Para brindarte una atención personalizada, compártenos tus datos y nos pondremos en contacto contigo. Nos dará mucho gusto atenderte.
Agendar un meet
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
¿Quiénes somos?
casos de éxito
blog
carreras
Terminos y condiciones
Aviso de privacidad
Apollocom © 2024
Branding y sitio por undertk studio