February 27, 2013

IEEE PES Smart Grid Technologies: The next challenges in grid modernization

At the IEEE PES Conference on Innovative Smart Grid Technologies in Washington DC,  Patricia Hoffman, Asst Secretary Department of Energy, Office of Electricity Delivery and Energy Reliability, gave the  keynote address. 

The whole is greater than the sum of its parts

In the past the focus for the DSC00307abDepartment of Energy and for utiltiies has tended to be on individual technologies such as smart meters and AMI, self-healng networks, synchrophasars, substation automation, and so on.  Ms Hoffman's message is that we need to start focussing on the smart grid as a whole and in particular we need to focus on grid resiliency.  Things will happen, floods, tornadoes, hurricanes, derechos and other natural and man-made problems.  We need to ensure that the grid is resilient so that we can recover from disasters quickly.  The example she gacve was one that I have blogged about,  Southern Co.'s use of  smart meters to track outages caused by tornadoes in April, 2011 and then help with restoration. 

Ms Hoffman then discussed specific areas where there are opportunities to make the grid more resilient.

Transmission operations

There is a lot of data that is becoming available, primarily because about 1000 synchrophasars have been deployed over the national transmission grids.  What are needed are improved interoperability, analytic, and visualization to better manage the transmission grid.  For example, it took almost a year to analyze the data and determine the cause of the 2003 Northeast blackout.  The 2011 San Diego blackout  required about 3-4 months, so fault analysis is getting better, but we need to be able to use the available data to predict the state of the transmission grid in real-time.

Distribution operations DSC00303ab

In the area of electricity distribution, Ms Hoffman singled out peak load reduction as the area where there are the greatest econimic and environmental benefits.  Reducing peak load means that the construction of new power plants (peakers) that may only be used a hundred hours a year can be avoided.  The other areas she identified include distribution automation, especially automated self-healing networks using devices such as intelliRupters,  improved outage management, using predictive analytics to replace equipment before it fails, and microgrids.

Customer empowerment

Areas that directly impact the customer are residential diagnostics to help the customer understand how power is being used in the home and ways that it can be used more effectively, at lower cost, and as much as possible moved to off-peak.  Photovoltaic cells and plug-in electric vehicles are becoming much more prevalent and utlities need to be prepared for these.  Improving reliability and resiliency directly impacts customers by reducing the number and duration of outages.  An area that is getting a lot attention is rate structures, for example, pricing electric power to motivate shifting load from peak to off peak.  A new technology that is being investigated by DoE is transactive control signals.  This is a  smart grid signaling approach that communicates prices and other information, such as expected future prices, to encourage the customer to change his/her electric power usage.

Energy infrastructure cyber protection

DSC00306abMs Hoffman's message on cyber protection is that it needs to be dynamic and multi-dimensional.  Infrastructure is complex and changing and new vulnerabilities are detected every day.  In addition multiple organizations are responsible for the grid.  Effective cyber security management has to deal with a dynamic landscape of control and information systems.  There are a broad range of threats and motivations including unintentional, natural phenomena, and those with malicious intent including theft, revenge, and national security.  It is also important to recognize the interdependencies among critical infrastructure.  A gas explosion can affect the telecommunications and electric power networks.  Loss of electric power can affect many other networks including water and telecommunications.  Disruption of communications, for example, severing a fiber optic cable can directly affect the electric power grid.

To address these challenges cybersecurity solutions need to be mutli-dimensional.including cyber-physical, wide area monitoring and protection, cryptography, anti-tamper devices and advanced architectures. 

One of the most serious challenges that Ms Hoffman singled out specifically is developing the cybersecurity workforce that is going to be responsible for implementing these measures.

Where are we headed ?

The next major challenge is turning the smart grid into a driver of economic development.  The example Ms. Hoffman used was Chatanooga.  The Electric Power Board (EPB) saw the smart grid as not only benefiting the utility and improving the quality of life of its cusomers, but also as a driver of economic development.  The city’s decision to deploy one of the country’s highest capacity fiber-optic networks not only improved power quality, reliability, customer service and energy efficiency but also made Chananooga more attractive to business.  For instance, because bandwidth is virtually unlimited, EPB is able to offer its customers Internet upload and download speeds of up to one gigabit/sec, making Chattanooga very attractive for businesses that rely on the internet for critical aspects of their operations.

Posted at 01:00 PM in Analytics, Big data, Cyber security, Disaster management, Electric Power, Grid resilience, Interoperability, Smart cities, Smart-grid | | Comments (0)

| |

February 20, 2013

President Obama signs Executive Order on cybersecurity for critical infrastructure

IPrior to the President's State of the Union Address, President Obama signed an Executive Order on cybersecurity. This has  important implications for the electric power industry and is a wakeup call for utilties that have not yet developed or updated their cybersecurity policy.

Michael Daniel, Special Assistant to the President and Cybersecurity Coordinator, on the White House Blog, hs given an overview of the Executive Order including the motivation for it and its key provisions.

Critical infrastructure 18 sectors DHSAccording to Mr Daniel, the government’s senior-most civilian, military, and intelligence professionals all agree that inadequate cybersecurity within the nation's 18 critical infrastructure areas poses a threat to the security of the United States.  Because of the seriousness of the threats, the President issued an Executive Order directing federal departments and agencies to use their existing authorities to provide better cybersecurity for the Nation.  The Administration received input from a broad range of stakeholders in industry, the public sector, the legislative branch, and the advocacy community including over 30 organizations representing all 18 critical infrastructure sectors.

The Executive Order focusses on the three areas, information sharing, a framework of core security practices based on existing standards, and privacy protections.

Information sharing

The Order makes it is a national priority to increase the cyber threat information shared with authorized individuals and companies.  In particular, it aims to improve information sharing between the private sector and all levels of government.  It expands the Department of Homeland Security’s (DHS) Enhanced Cybersecurity Services program to provide near real-time sharing of information on cyber threats with critical infrastructure companies and state and local governments.

Cybersecurity framework

The Executive Order directs the National Institute of Standards and Technology (NIST) to lead the development of a framework to reduce cyber risks to critical infrastructure. NIST is directed tol work with industry to identify existing voluntary consensus standards and industry best practices to incorporate into the framework.  The Order puts private-sector cyber leaders in critical infrastructure sectors at the core of  the development of voluntary best practices for the framework.  The DHS Secretary is directed tol establish a voluntary program to support the adoption of the Cybersecurity Framework by owners and operators of critical infrastructure.  This has direct and immediate implications for utilities.

Privacy

The Executive Order directs departments and agencies to incorporate privacy and civil liberties protections into cybersecurity activities based upon widely-accepted Fair Information Practice Principles as well as other applicable privacy polices.

Posted at 06:18 AM in Cyber security, Privacy | | Comments (0)

| |

January 24, 2013

The state of malware on the internet or why utilities need to prioritize cyber security

In its essence smart grid is about turning the power grid into an internet of intelligent devices.  That means that the next generation  power grid will be susceptible to all the cybersecurity issues that affect the internet.   This makes cybersecurity a priority for every utility that is implementing some form of a smart grid.

DSC00063abAt the EDIST 2013 Conference in Toronto, the keynote speaker was Mikko Hypponen of F-Secure, who has been chasing cybersecurity problems since the 1990's and has been responsoble for taking down a number of internet malware exploits.  He gave a very current assessment of today's cybercrime. 

Cybercrime on the internet today is very different from a decade ago  when it involved "kids" with no real motive, who just did it because they could. 

Now there are three categories of people who indulge in cyber expolits and they all have motives.

  1. Criminals - organized crime groups (in MiKko's experience primarily in Russia, Ukraine, Brazil, China, but all over the world) whose motive is money
  2. Hacktivists - groups with a political agenda and whose motive is protest
  3. Governments - both totalitarian and democratic governments are involved in offensive malware with a variety of motives, espionage and military are obvious ones, but governments also target malware on their own citizens
Criminals

Mikko gave an example of a criminal cyber exploit involving credit card theft but with a wrinkle.    Typically when this activity is tracked to a particular account, the ISP is notified and will shutdown the account.  But in this case the ISP was owned by a criminal.  When notified he would promise to would look into the problem, but wouldn't take any action except charging the account owner more for hosting.  Hosting would get to be very expensive for an account holder if it got a lot of attention from the credit card companies.  The ISP owner bought a lot of real estate with the money he made - 155 properties have been identified.  He is currently awaiting trial.

Another example of a criminal exploit is banking trojans.  The best known is called "Zero-access" and has infected 9 million computers.  The way it generates revenue is by interrupting your on-line banking session and displaying what appears to be a message from your national police force ( it is a different "police force" depending on the country where you are using your computer) telling you that illegal financial acitivities have been traced to your account and your access the the account has been disabled.  This all sounds legit, until it goes on to say that if you pay a $100 fine, access will be restored.  And it provides a legitimate way for you to transfer the money.

One of the surprising changes in cyber crime is that until recently it has involved exploits targetting computers running Windows.  Millions of Windows machines are infected every year.  But the 75 % of the world's servers that run Linux have not been affected. (Last quarter for the first time Linux passed Windows in number of new installations.)

DSC00062abBut now Linux, in the form of Android on smart phones, has a malware problem.  The number of devices affected by attacks currently number in the thousands, but this is increasing rapidly and involves mostly criminals, not hacktivists or governments.

Hacktivists

One of the best known hacking by hacktivists involves a programmer who wanted to customize his Playstation software.  Unwisely Sony sent its lawyers after him, which immediately became known and had the effect that Sony became a favourite target of the hacker community.

In an interesting contrast, a programmer who wanted to customize his IPhone, was hired by Apple.

Governments

The best known is the stuxnet worm that targeted Iran's uranium centrifuge equipment running Siemens Step7 software.  The source of this exploit is suspected to be a Western government.  Mikko presented a fascinating story about how this exploit was traced and identified from public TV broadcasts.

ARAMCO, the largest company in the world, was attacked by an expoit that shut down 75% of its computers.  A Middle Eastern government is the prime suspect.

The "red october" exploit has just been identified by Kapersky and the source is suspected to be the government in the Far East.  This exploit involves sending what looks like innocuous official and academic articles to government officials which then infects their computer with a trojan.

But governments also use malware against their own citizens.  Mikko mentioned Syria, the previous regime in Egypt, but also the US, Germany and the UK.

In the latter cases, this typically involves trojans that are used during criminal investigation to track the communications of suspects and is similar to telephone tapping.  Mikko described a fascinating example where a person suspected of criminal activity was separated from his luggage and questioned by Customs and Immigration at an airport.  The questioning was bogus, but while he was being questioned, officials went through his luggage, found his computer and installed a trojan on it.  He was subsequently found to be innocent. The officials then had to stage the same airport exercise to get the trojan off of his computer.

This was a fascinating presentation which I suspect created in the utilities folks in the audience a significantly heightened awareness of how seriously the cybersecurity challenge to the electirc power grid must be treated.

Posted at 02:28 AM in Cyber security, Electric Power, Smart cities, Smart-grid | | Comments (0)

| |

RSS Feed

  • Subscribe

Categories

Recent Posts

Archives

More...