How ‘Smart’ Is the Smart Grid? Maybe Not So Much

Power Plants in U.S. by Vintage Year

In July,  Joseph McClelland, director of the Office of Electric Reliability Federal Energy Regulatory Commission, testified on cybersecurity and the U.S. power gird before the U.S. House of Representatives’ Committee on Homeland Security.  His comments, which follow in italics, cut against the grain of common thinking about the so-called ‘smart grid.’

“The need for vigilance may increase as new technologies are added to the bulk power system. For example, smart grid technology promises significant benefits in the use of electricity. These include the ability to better manage not only energy sources but also energy consumption. However, a smarter grid would permit two-way communication between the electric system and a large number of devices located outside of controlled utility environments, which will introduce many potential access points.

“Smart grid applications will automate many decisions on the supply and use of electricity to increase efficiencies and ultimately to allow cost savings. Without adequate physical and cyber protections, however, this level of automation may allow adversaries to gain unauthorized access to the rest of the company’s data and control systems and cause significant harm. Security features must be an integral consideration when developing smart grid technology. The challenge will be to focus not only on general approaches but, importantly, on the details of specific technologies and the risks they may present.

“Regarding data, there are multiple ways in which smart grid technologies may introduce new cyber vulnerabilities into the system. For example an attacker could gain access to a remote or intermediate smart grid device and change data values monitored or received from down-stream devices, and pass the incorrect data up-stream to cause operators or automatic programs to take incorrect actions. As was mentioned previously, the potential exists for off-grid equipment to adversely affect the bulk power system through corrupted communications.

“In regard to control systems, an attacker that gains access to the communication channels could order metering devices to disconnect customers, order previously shed load to come back on line prematurely, or order dispersed generation sources to turn off during periods when load is approaching generation capacity, causing instability and outages on the bulk power system. One of the potential capabilities of the smart grid is the ability to remotely disconnect service using advanced metering infrastructure (AMI). If insufficient security measures are implemented in a company’s AMI application, an adversary may be able to access the AMI system and could conceivably disconnect every customer with an AMI device. If such an attack is widespread enough, the resultant disconnection of load on the distribution system could result in impacts to the bulk power system. If an adversary follows this disconnection event with a subsequent and targeted cyber attack against remote meters, the restoration of service could be greatly delayed.

“The CIP standards will apply to some, but not all, smart grid applications. The standards require users, owners and operators of the bulk power system to protect cyber assets, including hardware, software and data, which would affect the reliability or operability of the bulk power system. These assets are identified using a risk-based assessment methodology that identifies electric assets that are critical to the reliable operation of the bulk power system. If a smart grid device were to control a critical part of the bulk power system, it would be considered a critical cyber asset subject to the protection requirements of the CIP standards.

“Many of the smart grid applications will be deployed at the distribution and end-user level so they may incorrectly be viewed as not affecting the bulk power system. For example, some applications may be targeted at improving market efficiency in ways that may not have a reliability impact on the bulk power system, such that the protection requirements of the CIP standards, as they are currently written, may not apply. However, as discussed above, these applications either individually or in the aggregate could affect the bulk power system.

“The Commission and its staff currently are coordinating with a number of governmental and private sector organizations on cyber security issues surrounding smart grid technology, including the DOE Smart Grid Task Force, the NIST Domain Expert Working Groups, the Gridwise Architecture Council, and the FERC-NARUC Smart Grid Collaborative. The Commission has issued a policy statement that would strongly encourage interoperability of smart grid technologies, recognizing that cyber security is essential to the operation of the smart grid The Policy Statement stated that the Commission will require a demonstration of sufficient cyber security protections in the proposed smart grid standards to be considered in rulemaking proceedings under the Energy Independence and Security Act of 2007 (EISA), including, where appropriate, a proposed smart grid standard applicable to local distribution-related components of smart grid. The Commission also encouraged NERC to work with NIST in the development of the standards.

“While the Commission is doing what it can under its jurisdiction, EISA does not make any standards mandatory and does not give the Commission authority to make or enforce any such standards. Under current law, the Commission’s authority, if any, to make smart grid standards mandatory must derive from the FPA.”

Comments are closed.