Proceedings of the

The 33rd European Safety and Reliability Conference (ESREL 2023)
3 – 8 September 2023, Southampton, UK

Practical Barriers in Implementing Intrusion Detection Systems in Control Systems in Electric Utilites

Jon-Martin Storma and Janne Hagenb

Institute of Informatics, University Of Oslo, Norway.


The last ten years have seen an increased Cyber-risk against Industrial Control Systems (ICS). ICS is paramount for everything in our lives, from industrial manufacturing to controlling critical infrastructure. While many cybersecurity controls are adjusted to work in these systems, some essential measures have yet to see broad implementation. One is Intrusion Detection Systems (IDS), which detect cyberattacks and incidents that preventive controls have not stopped. We have conducted a case study based on audit reports and interviews with five security experts in Norwegian electric utilities to explore barriers to implementing IDS. We have found that detection control is more commonly applied at an ICS's perimeter than through an IDS. The study implies that security experts in the utilities consider human resources the main barrier to implementing IDS. There are also differences between experts working at utilities and those working for CERTs on how they value the benefits of IDS.

Keywords: Intrusion detection system, Cybersecurity, Organizational challenges, OT, Critical infrastructure, Energy utilities, Industrial control system.

Download PDF