At one time in the not-too-distant past, electrical grids were controlled by electromechanical and pneumatic devices. Now, they are controlled by computers running Windows or Linux, using the Internet Protocol (IP) to communicate. Wireless and Bluetooth capabilities are appearing in supervisory control and data acquisition (SCADA) devices that are integral to the backbone of grid operations. All of these new features open an entire world of possibilities for more efficient utility operations, but also an entire world of risks. According to a new report published by Pike Research, such risks to the electrical grid will require utilities to make significant new investments in cyber security for industrial control systems (ICS), which the cleantech market intelligence firm forecasts will total $4.1 billion during the years between 2011 and 2018.
“The smart grid changes everything, but when it comes to cyber security issues, much of the story remains the same,” says senior analyst Bob Lockhart. “Integrating information technology into a power grid presents enormous potential to deliver energy more efficiently and profitably, but also brings inherent risks in terms of security vulnerabilities. The discovery of the Stuxnet worm in 2010 shone a bright light on the fragility of industrial control systems such as SCADA, and has created a new urgency among security vendors and utility managers alike. Nearly overnight, ICS security went from being a non-issue to being critical.”
Lockhart adds that ICS security initiatives will include major investments in control consoles and systems, telecommunications security, human-machine interfaces, and sensors and collectors. The ICS security enhancements will serve key grid operations application areas such as distribution automation, substation automation, and transmission upgrades. Pike Research’s analysis further indicates that smart grid deployments are not globally uniform, and thus some technology upgrades have been addressed earlier than others. For example, utilities tend to mitigate risks in transmission grids first, because a single outage in transmission can have such a wide-ranging effect.
The firm forecasts that ICS security investments will increase at a relatively steady rate over the next seven years, rising from $309 million in 2011 to $692 million annually by 2018. In addition to this revenue, a significant number of professional services opportunities exist, including development and maintenance of security reference architectures for utilities’ control networks, development of security policies and procedures, maintaining employee security awareness programs for ICS, and change management, among others.