Smart Grid Cybersecurity: Can the Grid be Outsmarted?

Smart grids bring a wealth of benefits and can propel the energy industry into an era of reliable, efficient, and cleaner energy. On a wave of modernization, outdated electrical infrastructure is being revamped for the digital age. But could cybersecurity concerns slow down smart grid progress?

Put simply, a smart grid will automate electrical energy distribution. Renewable energy sources such as wind and solar can be easily incorporated into the supply chain. Outages and blackouts will be reduced, and the consumer will have transparency over usage and billing, due to a trend in advanced metering infrastructure (AMI). Smart grids are vital for future economies but there will be early costs to bear. Power utilities are expected to invest almost $100 billion on communications equipment and services over the next decade.

Out with the Old, in with the New

Conventional plants must be upgraded in order to deliver the aforementioned advantages. This will include linking legacy equipment to new smart grid IoT applications and connecting to cloud infrastructure. This enables monitoring, analysis, control, and two-way communication of information within the supply chain. Two-way communication allows for better management of energy consumption at home, creating energy and cost savings.

But networked technologies and numerous points of entry make smart grid infrastructure susceptible to cyberattacks. To be effective, smart grid network must be able to detect abnormal incidents and eradicate threats while remaining operational.

Get Smart on Security

From generation to consumption, cybersecurity solutions exist to protect the perimeter of smart grid IT networks and reduce vulnerability to attacks. In any industrial environment, the main priority of functional safety and automation security is to protect the wellbeing of plant staff.

However, for optimal productivity, it is vital to underline your cybersecurity objectives. The first of these is to ensure data availability. This means that data is always available when required and can be securely analyzed and passed on. In standard IT systems, data confidentiality has highest priority. But for a connected smart grid, it is necessary to protect information and grant only authorized users a right of passage to data. With AMI, customers’ billing and usage information is jeopardized if data confidentiality is lost. A third objective is ensuring the integrity of data. If integrity is sacrificed, authorized entities can alter, modify, or corrupt smart grid data to perform malicious attacks on field devices or components.

It is vital that all stakeholder; generating plants, utility companies, device manufacturers, and consumers all take responsibility to protect data.

Block Out or Blackout

In 2015, an intricate cyberattack on a Ukrainian power grid revealed gaps in networks. A substation control system and its backup power supply were hacked. Devices were nullified by malware, server files were erased, and a call center was flooded so customers were unable to communicate the problem. There were lessons to be learned.

A normal response to cybersecurity is to introduce firewalls and layers of encryption. However, due to the large attack surface of the smart grid, actually identifying and minimizing the potential points of entry is a primary objective.

Simply securing the perimeter of the smart grid is not enough to protect companies and customers from attacks. A perimeter solution has been likened to ‘changing the locks every week’, if the smart grid were a house. Security information and event management (SIEM) combines security information management and security event management to analyze security alerts generated by applications and network hardware.

The US Leading the Way?

A recent study from Vermont Law School and US smart grid advisory group, Protect Our Power, provides concrete steps towards ensuring a more resilient grid in the United States. The report includes best practices for improving the movement of confidential data and preparing legislation to combat cyberattacks.

It talks about the tools that are used to improve the grid’s security. By understanding the origins of the tool, we can see that regulatory bodies and utility companies each have a critical role to play in securing the grid. It also determined that electric utilities must pursue grid protection capabilities – processes, equipment, and software – that are better than existing US CIP standards in order to provide appropriate protection.

Groups such as Protect Our Power are working with industry and security experts to define, evaluate, and continuously update best practices that are available for implementation, or are being successfully deployed, to create a more resilient grid. However, there are things that companies can do now, in order to tighten cybersecurity.

A SIEM-ply Smart Solution?

As mentioned earlier, SIEM software can help companies to get inside the head of an attacker and reveal how they operate. They can provide information about a potential attack – for example, the method of attack any known information about an attacker.

The next generation SIEM solutions can monitor the smart grid without interrupting or disrupting services. They can also be applied to current security infrastructure. If utility companies and distributors were to use SIEM, the grid would be protected from the inside, consumers would be less vulnerable, and the likelihood of all types of attacks would decrease. As operators begin implementing SIEM and publish behaviors of cyberattacks and solution to remedy them, others will learn from their experience. This would eventually result in a tighter smart grid network for all.