Share |

Protecting the smart grid with today’s solutions

With: Peter Johnson, Vice-President Smart Grid, Alcatel-Lucent • Issue: Protecting your investment in transformational reliability and efficiencyCategory:

Highlights
  • The emerging imperatives for smart grid security include getting a consistent level of the world’s attention on the issues, and then implementing solutions in a productive fashion.
  • From a security standpoint, it is extremely important for any utility to ensure homogeneous standards and applications across is entire smart grid solution, and before it is deployed.
  • Although security considerations in the smart grid ecosystem can be varied and complex, the architecture, tools and expertise exist to fully address these issues now.

The primary objective of the smart grid is securing the supply of energy and making sure that it will remain viable in the future. That means that we must keep grid itself safe from malicious attack or misuse while protecting the privacy of rich consumer data it generates.  Although security considerations in the smart grid ecosystem can be varied and complex, the architecture, tools and expertise exist to fully address these issues now.

The one big difference between smart grids today and the conventional systems that came before is, of course, the move to converged IP/MPLS networks and the unprecedented level of timely reporting and control they enable.  A key characteristic of this new model is that communications and other critical data are no longer contained inside traditional network boundaries, but now reach out to the edges where there is more opportunity for interception or attack, which means that more devices have to be protected.

Utilities also need to be concerned with the privacy of network data – for example, overall consumption and performance, how individual substations are performing, and the usage patterns of customers. How those factors are addressed will be highly dependent on the regulatory environment in each country and at various levels of local government and society.

Effective smart grid security must also fully address the human element, for at the end of the day, the network and its security is only as good or as strong as the human processes that support it.  If a utility’s processes are not well thought out and strictly enforced – if they either allow someone to deliberately misuse the network, or to accidentally do something that will jeopardize its functionality without any tracking or logging, then they have failed. The consequences of not addressing the human element will have an immediate and direct effect on energy supply.

Ultimately, security in all of its forms serves the purpose of making sure that there is a continual supply of affordable energy when you need it through widespread adoption of the smart grid environment by all stakeholders, from government to partners and consumers.  For that you need to make sure that the grid itself is secure so that it can work as intended.  The bottom-line benefit is more efficient use of energy.

Adding value through smart grid security

Solid security will add value to any smart grid deployment in two very fundamental ways.  In its most tangible form, it protects the investments of the utility and of its customers by making sure that the control signals get through, that the measurements are returned, and that the entire value chain, from the generator down to the customer and back again works efficiently and continuously. It ensures that power supply is not interrupted, degraded, or otherwise compromised. The Stuxnet attacks last summer, which were targeted at a very specific type of equipment, are indicative of the sorts of threats we will see more often in the future.

A more intangible, but equally important value is the confidence the user community has that a utility’s business will not be interrupted.  So much business today depends on the reliable availability of electricity, that the failure of the power grid will have immediate impact.  This is not something you can measure in straight dollars in utility accounts, but it does have direct impact on the ability of the community to do business safely and create more prosperity.

Security benefits and challenges in the smart grid ecosystem

Global smart grid initiatives are fueling a rapidly expanding environment of collaboration among companies in the power, telecom and IT sectors. This activity is creating a new ecosystem that leverages diverse knowledge and technology for great benefit.

With so many players in the game, standards and solutions interoperability are the unifying glue of the modern communications infrastructure, and are essential for unprecedented levels of security and efficiency. This new level of interoperability has to be robust, and has to encompass all the component parts of the solution being deployed. Communication supported by IP/MPLS architecture is its key foundation and enabler, bringing greater cohesion to all operations and allowing security to be managed as a homogeneous whole.

Open standards in the security space are helping to ensure that smart grid utilities are strengthening their ecosystem, and that the partners within any particular ecosystem are well aligned on every level. Now that we are all talking to each other, highly effective security can be designed into a deployment, and it will be far stronger and more effective than anything that has come before because it has that homogeneity across the three contributing sectors. We at Alcatel-Lucent make sure that our solutions are open so that utilities aren’t locked into a narrow set of vendors that could limit their operational and security effectiveness.

Smart grid security and adoption

Regulation is the key enabler of the smart grid; and it also can be the obstacle. Generally utilities will only react to regulations since the regulators authorize investment, so cyber security tends to be driven by what regulators require. In North America the path forward is very clear, entailing very strict adherence to the standards and compliance enforcement established by North American Electric Reliability Corporation’s Critical Infrastructure Protection program (NERC CIP). That’s not the same in other countries, where the attention being given to the security of the grid can be considerably lower.

When it comes to data privacy, best practices are not as well defined at this point, and utilities can be constrained by local rules and regulations.

Whatever the political situation governing these area, in both cases the role of Smart Grid technology is to provide the tool set that allows the utility to adequately protect its network and meet its obligations to both regulators and customers.

Acting on smart grid security now

The emerging imperatives for smart grid security include getting a consistent level of attention around the world for the issues, and then implementing solutions in a productive fashion. Central to this is the absolute imperative to design in security from the outset of smart grid design, and not to try and add it in after the fact.

Alcatel-Lucent not only understands the utility industry extremely well, but offers a wealth of unique expertise in communications and the security surrounding both data and communications. What we bring to the smart grid ecosystem is the understanding of security’s imperative needs, and the tool set that allows the utilities to address them. We’ve got the tools both built into our products and within our solutions that allow us to protect the access, protect the data, and neutralize the threats.  That adds up to an immense value that we are bringing to this industry and to smart grids. The expertise exists now, and every day is ensuring that smart grids are reliable, efficient, and secure.

Back to top