Quantcast
Channel: Technological Leadership Institute Blog » communication
Viewing all articles
Browse latest Browse all 2

Power Assurance and Security for Smart Grid Operations (PASSGO)

0
0

Dr. Massoud Amin

Much discussion has been given in recent years to cyber security of smart grids. The articles and media reports on the cyber vulnerabilities of our electric power grid bring back memories of the past: In the aftermath of the tragic events of 9/11, when I became responsible for security R&D at EPRI, I received seemingly contradictory piles of reports/files that either claimed that “we are bullet proof” or “the sky is falling.”

Security of control computers and communication networks is fundamental to the reliable operation of the grid. Smart grids incorporating distributed generation and control will rely more heavily on computerized communications and control. System security and reliability thus becomes increasingly dependent on protecting the integrity of the associated information systems. Part of the problem is that existing control systems, originally designed for use with proprietary standalone communication networks, were later connected to the Internet without adding the technology needed to make them secure, leaving them exposed to cyber threats.

Grid operators have neither the training nor the time to deal with the flood of cyber alerts. Intrusion detectors in a moderate information technology network (about 500 computers) can produce 10,000 – 30,000 alerts per day. Analysis of blackouts and cyber intrusions illustrate how difficult it is for operators alone to piece together everything happening on the grid and the networks to perform relevant, timely and accurate situation assessment.

The operators require enhanced security technology, which addresses the real challenges above. I have published non-sensitive material on this key issue for over a decade. On 26 March 2009, I spoke at the U.S. Congressional Research and Development Caucus, on the Smart Grid briefing. I highlighted cyber security as one of the key challenges, and asked for the design of a smart grid that includes “security built-in as part of its design and NOT glued on as afterthought.”

Power assurance and security for smart grid operations (PASSGO) automates assurance and security measures by use of intelligent agents that detect abnormal situations – both accidental and malicious and localize them. I propose a four-phase approach, to assess and mitigate the cyber-focused vulnerabilities of smart grids:

  1. Phase 0 (three months) Align all stakeholders, assemble the team, issue sub-contracts, analyze relevant NIST, EPRI and IEEE standards work which will influence the communications protocols, develop use cases and abuse cases.
  2. Phase 1 (seven months) Clear assessment and definition of the cyber-focused vulnerabilities to smart grids, combined with technology assessment/solutions with high probability of success.
  3. Phase 2 (seven months) Development and evaluation of protection and defense solutions in a laboratory environment. Selection of the most promising solution and recommendation for deployment.
  4. Phase 3 (seven months) Evaluation of protection and defense solutions in “safe” real-world setting (this may include a decommissioned power plant or one of the utilities or at a national laboratory test facilities).

The success of Smart Grid deployments, and the resultant benefits including peak shaving, enabling less dependence on fossil fuels, electrification of transportation, and emissions reduction, are all predicated on security of the Smart Grid devices and system. The PASSGO project will substantially reduce risks of tampering, intrusions and cyber threats while addressing integration of a physical system (the grid) and the control network.

Find out more about the benefits of PASSGO and the tasks required for implementation.

Dr. Massoud Amin is the Director of the Technological Leadership Institute (TLI) at the University of Minnesota – Twin Cities. TLI offers graduate studies programs in security technologies, management of technology and infrastructure systems engineering.

[image credit: Dave Lester via Flickr]


Viewing all articles
Browse latest Browse all 2

Latest Images

Trending Articles



Latest Images