In 2003, the U.S. National Academy of Engineering identified electrification as the top engineering achievement of the 20th century, meaning that this singular capability had the greatest impact upon life during and following this period. The power grid is the core mechanism through which this ability is delivered to growing economies around the world. Places where the power grid does not exist are noticeably behind in economic progress than others that do. Over time, as the electric grid has grown primarily in developed economies and in other places, it has become somewhat indispensable to everything that is required to sustain the economy, so much so that life seems to come to a standstill when there is an outage.
For the longest period of time, cyber security was not an issue with the electric grid. This was because of three main factors:
- The core principles behind the flow of electricity from one point to the other is based on physics (Kirchoff’s law, Maxwell’s equations and so on). And more importantly, the consumption of electric power at any point in time in exactly equal to the power generated at that instant of time.
- Most control systems such as SCADA, EMS and other similar systems that monitored and controlled power flow were implemented and operated in isolation from the rest of the communications systems.
- The sensors and controls fed these centralized control systems communicated through proprietary (and closed to the Internet) communications networks and proprietary protocols, thereby making it very difficult for hackers to get in and do anything.
However, while the law of physics is not changing, everything else is changing; with the smart grid, several changes have been happening.
- Newer systems such as DMS, OMS and DRMS are being implemented. These and some of the pre-existing systems identified above are now becoming more connected and becoming less isolated from the Internet.
- The sensors and controls (including smart meters) that are being installed everywhere are being moved from proprietary mechanisms to IP-based mechanisms.
These two changes have brought incredible flexibility to the electric utility industry, because they have allowed greater change to come in at a much faster pace. However, they also have brought in the same vulnerabilities that have plagued the rest of the computer world - something we see in the news almost on a daily basis.
Where Is The Cyber Threat?
The core threat comes from the ability of a hacker to get into one or both the bullet items identified above and performing one or more of the following actions:
- Opening or closing one or more (or all) remote operated switches — thereby causing a combination of overloading and loss of load — which could lead to fuses tripping and cascading outages.
The same action also could cause an unsafe environment to utility crews working on various power equipment, leading to either injury or death.
- Interrupting communications on the utility network causing a lack of observability on the electric grid, leading to faulty decisions by the system operator.
- And several other similar issues.
How Serious Is This Threat?
This is a very serious threat and, unlike cyber hacking of financial networks, can lead to the ultimate end result of causing people to die. So, yes, this is very serious and must be taken as such. To combat this threat, it is important to reassess the grid from the bottom up from a security perspective and plug all possible areas from where a hacker can get into the network and set the standards to ensure that it is safe.
Innovation At Work
There is a lot of work being done on intrusion detection from a communications network perspective. The idea here is to monitor the communications network to check for hackers who may have entered the network through some form of a back door and then shut them out.
New research is looking at electrical networks and searching for anomalies in the behavior to see if there is evidence or a pattern of external interference. We believe that this research has the potential to make cyber threats more benign because when successful, it can eliminate the threat even before it can cause harm.
To join the cyber security discussion, please comment in the box below.