GridVigil: Tri-securing Critical Infrastructure of energy transmission systems through People, Process and Technology
Abstract
The increasing digitisation of India’s power transmission sector— driven by the integration of SCADA systems, digital substations, and wide-area monitoring—has introduced new vulnerabilities in the critical infrastructure landscape. As threats evolve in complexity and frequency, ensuring cyber resilience has become a strategic imperative. This research evaluates the cybersecurity posture of India’s transmission utilities using the People–Process–Technology (PPT) framework. Drawing on regulatory mandates, case studies, and national and international standards (CEA Guidelines, IEC 62443, NIST SP 800-82), the study identifies significant implementation gaps across organisational capacity, operational governance, and technological deployment. Key findings reveal that utilities with dedicated OT-trained personnel, well-documented response procedures, and active SOC infrastructure demonstrate markedly better threat readiness and response metrics. The paper recommends targeted interventions, including mandatory certifications, red-team simulations, CEA guidelines-compliant procurement, and centralised threat intelligence sharing. The study concludes that cybersecurity in India’s power grid must evolve from a compliance exercise to a performance-driven paradigm, where harmonised policy enforcement, skilled human capital, and resilient architecture collectively safeguard national energy security.
References
2. Papers and proceedings (D2 Study Committee). In: CIGRE Paris Session; 2022 Aug-Sep; Paris. CIGRE; 2022. https:// www.e-cigre.org/publications/detail/session-2022-d2-session-2022-sc-d2-package.html
3. Central Electricity Authority. Guidelines on cyber security in power sector. New Delhi: CEA; 2021 https://cea.nic.
in/wpcontent/uploads/notification/2021/10/Guidelines_on_Cyber_Security_in_Power_Sector_20212.pdf#:~:text=1,firewalls%20between%20any%20IT%20and
4. Press Information Bureau. Cybersecurity of power grids – steps taken by Government. New Delhi: PIB, Government of India; [cited 2025 Jan 13]. https://www.pib.gov.in/PressReleaseIframePage.aspx?PRID=2043154#:~:-text=1.%20GRID,the%20past%20five%20years%20v%20iz
5. Central Electricity Regulatory Commission. Indian electricity grid code (cyber security provisions amendment). New Delhi: CERC. https://cercind.gov.in/Regulations/180-Regulations.pdf
6. Soonee SK, Agrawal VK, Bose A, Narasimhan SR, Porwal RK, Saxena SC, Pandey V, Verma SK, Jain B, Sahay S, Kumar R. Enhancing Efficiency, Effectiveness and Resiliency of Indian Load Dispatch Centers Through Institutional Capacity Building: Analysis, Impacts and Way Forward. In2024 23rd National Power Systems Conference (NPSC) 2024 Dec 14 (pp. 1-6). IEEE. https://ieeexplore.ieee.org/abstract/document/10987224
