Jump directly to main navigation Jump directly to content Jump to sub navigation

IT Security of Wastewater Treatment Plants in NRW below the KritisV

subKRITIS – Assessment of the IT security level of small and medium-sized wastewater treatment plants in North Rhine-Westphalia below the KritisV (Verordnung zur Bestimmung Kritischer Infrastrukturen nach dem BSI-Gesetz) threshold

Wastewater treatment plants below the KritisV threshold are not obliged to take any information security measures. To determine the status of the IT security level, 13 wastewater treatment plants in East Westphalia, which are below the KritisV, were examined. For this purpose, an assessment was carried out based on the industry-specific security standard for water/wastewater (B3S WA). In addition, the effects of different attack scenarios were estimated using modeling and simulations. Based on this, technical policy approaches were derived to increase the general IT security level of wastewater treatment plants. In addition, specific IT security recommendations were developed for the participating operators and general measures were extracted.

More about the MUNV funded subKRITIS Project