Making the Smart Grid safer!
The Smart Grid is an extremely complex architecture with a lot of areas for intrusions and attacks. Especially when operating a Smart Grid has moved from managing electricity distribution to a super Information and Communication Technology machinery. Michael McElfresh, Adjunct Professor of Electrical Engineering at Santa Clara University, very well summarized the situation, saying: “Technological advances in grid operation have made the power grid increasingly vulnerable to cyberattacks. The growth of the smart grid has created many more access points for penetrating grid computer systems – the “internet of things” will only make this worse.”
All over the world, governmental, consortiums and group of experts are engaged in an amazing race to deploy security methods and protocols to make the Smart Grid safer. In the USA, the set of Critical Infrastructure Protection (CIP) standards issued by the North American Electric Reliability Corporation (NERC) became mandatory in 2007 for owners, operators and users of the Bulk Electric System (BES). That is to ensure that certain assets on the grid critical to reliable operation are protected from both a cybersecurity and physical security standpoint. The CIP standards are going through a wave of new revisions, moving from CIP V3 to CIP V5, skipping V4, and accelerating V6! That situation reflects the situation faced by the standardization organization developing security standards in a fast evolving world of threats.
In Europe, despite a number of initiatives within the European network and information security community to establish frameworks and standard operating procedures, the EU-level response to cyber incidents lacks consistency though projects such as the EU-funded Smart Grid Protection Against Cyber Attacks (SPARKS) are showing very good signs of progresses.
Step by step, the worldwide Smart Grid is getting stronger and safer though the potential of threats remains high.
Because of the complexity and the variety of connected devices to the Smart Grid, power supplies manufacturers will have to consider the security aspect when their products integrated within a Smart Grid. As I introduced at APEC 2015 Software Defined Power Architecture are deploying fast in the ICT industry and some systems, already installed in data-centers, are connected to the Smart Grid and communicating through the SCADA system. To close the loop, if there is little risk a hacker would send a command to a POL blasting a local core processor, the risk for a UPS and even a frontend rectifier to receive a fatal command is not excluded. The Ukrainian case trigged the alarm ON and for all of us involved in developing power systems connected to the Smart Grid, that is a signal that we should never forget.
US Department of Homeland Security alert (IR-ALERT-H-16-056-01)
E-ISAC - Analysis of the Cyber Attack on the Ukrainian Power Grid
The North American Electric Reliability Corporation (NERC)
Smart Grid Protection Against Cyber Attacks (SPARKS)
About the author:
Patrick Le Fèvre is Marketing & Communication Director at Powerbox - www.prbx.com