For an industry historically slow to change, the ongoing transformation of the power grid is remarkable. However, with this transformation comes a dramatic increase in the risks of the grid being hacked and disabled.
Securing the modern "smart grid" requires new networking technology and services designed to cost-effectively secure communications to assets ranging from utility-scale generating units to residential scale batteries and inverters. This is particularly true for Distributed Energy Resources or "DERs."
The benefits of this transformation are substantial, as they offer the potential to:
- Improve the environment and ultimately lower costs by shifting to renewable resources.
- Improve grid reliability and efficiency by decentralizing power generation and storage, and increasing overall infrastructure utilization.
- Offer consumers additional value-added services, such as visibility into and control over their energy consumption, through the deployment of digital technologies.
A Rapidly Growing Population of Distributed and Connected Devices
As costs fall and business models are refined, the number of interconnected devices grows exponentially. The U.S. already boasts over two million rooftop solar installations. By 2024 consulting firm Wood Mackenzie projects one residential installation every minute.
Solar arrays, batteries, electric vehicle chargers, thermostats, and other smart devices increasingly populate the grid, and as costs continue to fall their growth will accelerate. Estimates suggest that the number of distributed assets may soon exceed ten million in a single utility service territory soon.
In Hawaii, for example, local utility HECO expects 50 percent of its future energy resource to be supplied and controlled at the grid edge, overseen and orchestrated by the utility. This grid-scale DER system will provide a time-shifting service for the solar-generated electricity and manage power quality.
Since DERs have a significant dependency on digital communication and control the cybersecurity ramifications of this dynamic are clear. Each asset added to a control network represents a new security attack surface, a potential point of entry to attack the power grid or manipulate the device itself. Furthermore, since the cost of connecting and securing each asset must be commensurate with its value, the vast majority of DER assets will be connected using the (vulnerable) public Internet.
Today's digitally-enabled DERs are deployed across the distribution grid, typically close to the load (demand) and usually "behind the meter." Owned by consumers and parties other than the utilities, these assets can be deployed individually or in aggregated mode to provide value to the grid, individual customers, or both.
Although these DERs have historically not participated in the management and operations of the bulk energy system, they are now reaching sufficient scale such that they need to be monitored, and in some cases controlled, to ensure the stability of the grid at large.
These Devices Must Be Secured
The electric grid is not the only thing that is evolving: Nation-states with sophisticated tools and significant resources have increasingly become a potentially dangerous new adversary. They are continually developing new tactics and procedures so that the strategies and technologies that secured the grid just a few years ago are no longer adequate.
Security risks include unauthorized access to DER controllers and smart inverters, penetration through the facility network, unauthorized access to smart meters, unauthorized changes in settings, and owners who fail to secure their devices adequately.
Network protocols also need to be analyzed for potential vulnerabilities. For example, when distributed energy sources are connected to a utility network, adversaries can "tunnel in" through network pathways when they are not secured, sending malicious commands to DER controllers or smart meters. Another risk is that a DER may be interconnected with building automation networks and other IT networks, further increasing their attack surface.
Attacks against these centralized systems can impact a critical mass of DER systems across multiple distribution grids. The greater the number of DER attached to smart grids, the more serious the impact of attacks, including injecting excessive power or intentionally manipulating voltage which can destabilize the entire system. Without adequate protection and control of the communications network edge, the security of these network connections is extremely vulnerable.
Poor Security Must Not Compromise the Benefits of the Smart Grid
Driven by the availability of attractive sustainable and distributed energy solutions, DERs will continue to propagate an increasing number of devices operating at consumer and utility locations. Since smart DER devices already vastly outnumber the utility owned and controlled resources, the time to think through how to leverage virtual networks and management systems to avoid a catastrophic security breach is now.
Attack-resilient, secure virtual IP networks can be designed and rolled out, which will enable utilities to ensure a more secure overall grid. Advanced virtual networking software that offers the highest level of security is available today and can be integrated directly into DER assets, enabling them to "plug-n-play" into ultra-resilient virtual cloud networks. Leveraging the processing and memory of these devices and the public Internet is essential to lowering costs.
Engineered thoughtfully, DER systems and the traditional power grid are complementary technologies. Coupled with secure transmission networks and applications that ensure endpoints are not vulnerable, these developments will only further the growth of more sustainable smart grid, micro-grid, and mixed-technology grid innovation.
The benefits of a more decentralized energy paradigm are vast; increasingly smart DER systems will continue to have a positive impact on the environment and the economics of power generation and consumption. The traditional power grid is undergoing a massive change through renewable integration, microgrids, demand response, AMI, and DER, evolving from a utility-centric architecture and model to a distributed smart grid. How we secure smart grids must change to ensure cyberattacks do not diminish the benefits of sustainable energy.