Can you believe Distributed Grid is Vulnerable to Cyber-attack?
One of the major concerns for the US economy is to deal with Cyber security. The critical infrastructure like the energy system, interdependent systems, water, communications, natural gas, and fuel distribution, the highly dynamic electric power sector, are all going through an advanced and intelligent energy technology.
This doesn’t mean that distributed grid of the future will be vulnerable to cyber-attack so they need to be closed. It means they need to be replaced in the process and upgraded to the current technological requirement.
Moving to advanced technology will be a huge benefit in terms of security and benefits of the energy system and also to consumers. It is already proved how advanced controls and to distribute energy generation architecture can prevent widespread electric grid outages, by isolating problematic components and enhancing power quality.
Distributed Energy System (DER) is there in the entire modern grid, which has opened up new modes of communication between diverse and numerous participants. Modern grid technologies are exposed to vulnerabilities and threats, but at the same time also bring benefits. Nevertheless, there are improved and advanced technologies that can protect the current grids, and make them resilient against cyber-attacks.
Lisa Frantzis, AEE vice president of the 21st Century Electricity System, said, “We really believe that distributed energy resources can make the grid much more resilient and reliable. There are steps that can be taken right away, with minimal effort, to help secure the network.”
As quoted in Utility Dive Kenneth Lotterhos, managing director, energy, at Navigant Consulting, said “Recent events have shown that cyber threats are “increasing and targeting a broader range of assets, including advanced distributed energy technologies and smart grid applications,” said and a contributor to the report.
Manufacturers should program devices so people are forced to change default passwords when they connect to the grid, said Bloomberg. It further added that utilities also could deter attacks by requiring and issuing software keys to protect connected devices.
AEE Institute recommends several concepts for consideration by industry and policymakers to encourage adoption of best practices.
- To develop a mandatory list of standardized requirements that are no-cost or low-cost to implement end-to-end protection of both DER devices and the management systems that control them.
- Creation of guidelines to secure DER systems,
- Cybersecurity embedded as part of standard security practices or end-use adopters.
- Unification of DER cybersecurity efforts that would benefit from closer coordination and support.
- With a vision for platform integration and interoperability with due consideration for international standards bodies.
- New endpoint protection technology needs to be developed for critical infrastructure devices and to be supported for ongoing innovation in the face of emerging threats
Todd Wiedman, director of security at the Swiss smart meter said: “A lot of this is basic stuff, but a lot of it hasn’t really been applied to the operational technology areas of the utility space.” Mr. Wiedman also as a developer Landis+Gyr and a contributor to the AEE Institute report, told E&E stated “This is especially true of older devices still in the field, he said. “We’re in a situation where 101-level IT security — things that we do on our computers every day, or on our mobile devices — has not really been extended to the meters yet, or to the endpoints.”
We still believe that the grid edge technology should be positive even though there are technologies and operational strategies that will reduce exposure to cyber attacks.
Chris King, chief policy officer for the digital grid business unit at Siemens, said “People have been attacking the grid for years, from a cyber-perspective, and we have not seen any major incidents. He further added, “That doesn’t mean we should lower our guard — in fact, we should raise our guard because we’re getting into new areas with distributed resources.”
Kevin Jones951 Posts
Kevin Jones, Ph.D., is a research associate and a Cyber Security Author with experience in Penetration Testing, Vulnerability Assessments, Monitoring solutions, Surveillance and Offensive technologies etc. Currently, he is a freelance writer on latest security news and other happenings. He has authored numerous articles and exploits which can be found on popular sites like hackercombat.com and others.