Acquired Electronics360

Data Center and Critical Infrastructure

The Dangers That Come with a Smart Grid

13 February 2018

The efficiency of smart grids must be weighed against the cost of security. The greatest pitfall of revolutionizing the energy grid with distributed energy sources, smart meters and renewable energy technologies is the risk associated with cybersecurity.

The AEE Institute and 21 CES Initiative

The Advanced Energy Economy Institute mission is to raise awareness of the public benefits and opportunities of advanced energy. They do so by providing critical data that drives policy discussions on key issues.

The AEE Institute's recent white paper, “Cybersecurity in a Distributed Energy Future,” evaluates progress made on the 21st Century Electricity System (21CES) Initiative. The initiative was developed to accelerate the transition to a high-performing, customer-focused electricity system that is secure, clean and affordable. The three primary activities of the 21CES are to convene forums, participating in key regulatory proceedings and facilitating collaboration among stakeholders.

Development of Smart Grids

A significant change to the energy grid is being driven by new technologies, evolving customer needs, environmental imperatives, regulatory drivers and an increasingly complex set of requirements. It is foreseen that the grid of the future will incorporate more interconnected distributed energy resources and it is pivotal that these systems are connected in a secure manner throughout the transition period as they form what is referred to as a smart grid.

Smart grids and distributed energy sources prevent or limit widespread electric grid outages. They are indicative of enhanced power quality and have the capability to isolate problematic components. On the back end, progress is driven by new modes of communication and interaction between increasingly diverse and numerous participants and devices, which in turn exposes security vulnerabilities.

Cybersecurity Dangers to Consider

Cybercrimes that involve fraud and theft for monetary gain are most prevalent, followed by attacks designed to disrupt or destroy physical assets. Hackers have exploited interconnected devices by identifying those security vulnerabilities such as unchanged factory default passwords. They have also exploited flaws in a protocol such as those used by Windows operating systems when sharing files.

Alongside these broader trends in cybercrimes, there has been an increase in the number of attacks that are designed for espionage and physical damage targeting national governments and critical infrastructure. These attacks either focus on information technology (IT) and the gathering of sensitive data, or operation technology (OT) where they aim to manipulate industrial control systems.

Edge devices such as distributed energy systems are most vulnerable to cyber threats. This is because they are numerous and are typically troubled by limited bandwidth, memory and storage space.

Best Practices

The risk of service outages resulting from a breach of the smart grid can be minimized or even eliminated by establishing best practices and deploying protocols with a proven track history. The AEE Institute has recommended future actions as well as defined best practices that help protect advanced grids from cyber attacks in their recent white paper.

Device manufacturers typically supply new devices with factory-set passwords — by simply changing these passwords users significantly improve the security of their hardware. The AEE is suggesting that device manufacturers should incorporate technology that requires passwords to be changed when a device is first connected.

In addition, standard operating procedures should include proper password maintenance actions. To prevent passwords from being compromised it is important to remove access from users who should not need it as well as update them upon employee termination. Proper maintenance of passwords is a strong line of defense against unauthorized access and while it is largely a manual process some automated methods that have had proven success include password timeouts, shared directory functions and locking out infrequent users.

Updating malware and software protection is another important task. Software fixes are distributed to fix bugs and in some cases security flaws. Allowing automatic updates ensures operating systems are up to date minimizing vulnerability to cyber attacks.

Other factors to consider include message encryption and firmware deployment. Encryption solutions should follow the latest NIST standards and endpoint devices should not share any secret or private keys. Devices should be loaded with firmware that has been designed by the device manufacturer to help improve its cybersecurity and interfaces should be disabled at the operating system level.

Distributed energy resource management systems (DERMS) are also being developed. They facilitate the integration of new energy sources in a secure environment. Implementation of these platforms also requires the incorporation of strict requirements to address the handling and storage of data.

Conclusion

The isolation of the smart grid from the internet is an increasingly difficult task. In a world of cloud computing, being up to date and compliant with applicable security standards is imperative. There is also a dire need to undergo periodic security assessments and monitoring as these standards are in their infancy and are subject to change when new flaws are surfaced.

To contact the author of this article, email shawn.martin@ieeeglobalspec.com


Powered by CR4, the Engineering Community

Discussion – 1 comment

By posting a comment you confirm that you have read and accept our Posting Rules and Terms of Use.
Re: The Dangers That Come with a Smart Grid
#1
2018-Feb-23 2:31 PM

One very critical danger that comes with a "smart grid" was not mentioned: the adverse health effects from electromagnetic fields. Current estimates of people experiencing adverse health effects from wireless technology hover at around 5%--I am one of them. After the installation of a water utility smart meter at my place of work, I experienced an escalation of symptoms (over time) that started with headaches and ultimately culminated in a seizure (I lost control of my legs). One month prior to the smart meter installation I had a complete annual physical and was given a clean bill of health. I underwent a barrage of medical tests after a week of experiencing health symptoms (thyroid, EEG, MRI, etc.) and everything was normal. I did begin to feel some of the painful head and eye sensations (that I would feel near wireless sources) at the end of the MRI.

My professional career has been in Biotechnology and I have worked mostly in Protein Biochemistry. I have been researching the health effects of emf radiation ever since my exposure, and have learned various ways to shield and protect myself to reduce symptoms. Various researchers and authors have investigated and demonstrated the adverse health effects of emfs: increase in cell mitotic division (cancer), distortion of cell membranes and calcium balance, etc.) but unfortunately, these courageous individuals have their research discredited and their funding removed. Dr. Martin Blank's "Overpowered" and Dr. Robert Becker's "The Body Electric" are just two very important books that need to be read. There are many scientific papers that discuss the "bio-electric" nature of living organisms and the effects of external emfs.

While wireless technology provides many advantages, the increasing adverse health effects that accompany the technology will have long term health costs and negative economic impacts. The danger to our health needs to be considered along with the cyber security danger of a "smart" grid.

jme

Engineering Newsletter Signup
Get the Engineering360
Stay up to date on:
Features the top stories, latest news, charts, insights and more on the end-to-end electronics value chain.
Advertisement
Weekly Newsletter
Get news, research, and analysis
on the Electronics industry in your
inbox every week - for FREE
Sign up for our FREE eNewsletter
Advertisement

CALENDAR OF EVENTS

Date Event Location
04-07 Jun 2018 Boston, MA
06-08 Jun 2018 Los Angeles, CA
18-22 Jun 2018 Honolulu, Hawaii
12-16 Aug 2018 Vancouver, Canada
11-13 Sep 2018 Novi, Michigan
Find Free Electronics Datasheets
Advertisement