The energy transition is driving a shift toward the increasing use of distributed energy resources (DERs). DERs are smaller power-generation resources, usually located on the consumer side, that provide energy where it is needed.
Critical questions for securing distributed energy resources
Examples of DERs include rooftop solar photovoltaic panels, combined heating and power (CHP) systems, electric vehicles and chargers, wind turbines, generators and energy storage, among others.
From a cybersecurity perspective, DERs pose new and unique challenges for utilities. This is primarily because while DERs connect to electricity grid operators, they may not always be owned by these operators or support the necessary security features. Consequently, they could post a significant risk and directly impact power systems.
In the European Union, the European Commission Regulation (EU) 2016-631 that covers “establishing a network code on requirements for grid connection of generators” now includes smaller “Type A” and “Type B” assets that need switching or control capabilities, i.e., the ability to turn type A assets on and off, and controlling the power generation of Type B assets. These two categories consist of assets ranging from 800 watts or the equivalent power of eight strong lightbulbs, up to 50 megawatts for continental Europe (one of five regional groups), which is enough to power a small city.
Asking the big questions
To enable switching or power control capabilities for these assets, millions of devices will need to be connected via the Internet to the systems that control the energy networks. While the IEEE1547 standard provides a set of criteria and requirements for the interconnection of DERs with electric power systems, there is much more to consider than just enabling the connection. Some of the important questions to ask are: Who will own and control these devices? Which protocols will be used, and through which networks? And, perhaps most important of all, how can these DERs be implemented securely and safely?
Current control systems comprise the control centres of distribution system operators (DSOs) and transmission system operators (TSOs) and the software they use. At present, these systems are not set up or able to securely control the growing numbers of devices that are on diverse communication networks and protocols in real-time.
An important responsibility
Disruptions to the electricity network directly impact lives and livelihoods – and continuous disruptions pose a serious risk. For example, a 2016 power cut in the Ukrainian capital, Kiev, has been linked to a hack and blackout in 2015 that affected 225,000 households.
In the case of DERs, it is not merely the responsibility of utilities to integrate them securely, as the onus is also on installation partners that are building new DER systems like solar parks, heat pump installations and micro-CHP systems. They need to have the necessary insight not only to safely install these systems, but also to do so securely.
Today, DERs represent an increasing portion of available generation capacity. The Mirai IoT botnet incident crippled many major websites, demonstrating the damage that can occur due to insecure IoT devices. Compromising thousands or millions of Type A or B assets in a similar way would not only impact operational technology (OT) networks but also raise the spectre of large-scale impacts on society.
Security is no longer just an IT responsibility
It is critical to have proper security measures in place to secure the grid and the supply of electricity. This is why it is necessary to ask and answer several key questions about DER security:
- Governance: Who has what responsibility for DER security?
- Who assures installations are not only safe, but also secure?
- Standards: Who defines the standards for interfaces, protocols and procedures and who tests them?
- Technology: Which platform(s) will be used within the service area of DSOs and TSOs for this connectivity?
Similar to platforms or datahubs for central market facilitation, such as Central Market Solutions (CMS), we foresee the need for a central balancing facilitation platform where near-real-time OT information and control statements can be securely exchanged between connected assets, DSOs and TSOs.
Understanding the unique ICS environment of a utility
In January 2017, what was believed to be a switching mistake at a high-voltage station near Amsterdam in the Netherlands, caused a complete blackout in the capital and a few neighbouring cities. This left more than 350,000 people without power for half a day. In December 2015, 230,000 Ukrainian residents experienced a power outage of up to six hours after 60 substations went offline due to a malware attack. While the former was a genuine error, the latter was a targeted cyber attack intended to cause harm to people, property and the economy at large.
As utilities and energy delivery systems begin to seek the benefits that the convergence of information technology (IT) and operational technology (OT) offers, they also face the challenge of increased vulnerability to cyber-attacks. Understanding the fundamental differences between a classic industrial control systems (ICS) environment and that of an electricity network is key to implementing the right security solutions that secure the flow of power to customers, and protect employees and citizens.
Potential impact of security breaches
An electricity network is an ICS environment. While IT systems are used to manage information, an ICS environment is used to control physical processes and objects. But unlike a classic ICS environment – a factory, for instance – which is restricted to a geographical area, electricity networks are spread across an entire state or country. This means that though a security breach at a factory may have a big impact on the company, its effects are localised.
In the energy system, the potential effects of security breaches can be dangerous and have far-reaching consequences, not just on homes and businesses, but on civil society and the economy as well. For example if the electricity supply is interrupted or cut off to intensive care units at a hospital, or drinking water pumping stations, it could jeopardise the lives and health of people.
More points to secure
For energy transport and distribution networks, whose ‘factories’ are spread across thousands of kilometres, ensuring operational security presents a big challenge. For distributed system operator (DSO) environments in particular, the number of customer sites can run into the tens of thousands (more in larger countries), which also represent the number of points of vulnerability. If the DSO’s ICS system is not secure, it becomes easier for malicious elements to damage the reliability of the grid, the network or the entire energy system.
Increasing avenues of risk
Digitalisation is altering the way information is collected, used and processed in the energy system. For instance, meter readings traditionally involved a person physically collecting readings from an electricity meter. With smart meters, this process is now online. However, this same connection is used to switch electricity, such as turning off or changing the electricity feed in case of a failure somewhere in the electricity network.
As large scale operational systems are integrated with the Internet, it increases the vulnerability of critical infrastructures, because the same channels used for information sharing and exchange may be used by intruders to enter and manipulate the system.
Distributed generation of power
The increasing need for clean, affordable energy is driving the growth of renewable energy sources (wind, solar and hydro). Consumers and businesses are installing solar panels on their rooftops and producing energy themselves. In addition, concepts like energy islands and innovative technologies like Tesla batteries enable homes and businesses to harvest and store energy, and deliver it back to the power grid. These developments have exponentially increased the number of energy sources that are being connected to the distribution grid, and consequently the number of points that need to be controlled and secured.
Securing the future
There is a new energy ecosystem evolving – one where distributed generation, storage and consumption will become more common, and the way energy is used and generated will transform. Utilities need to be prepared for what it really means to have a distributed grid. These changes usher in more dynamic energy pricing and greater opportunities for organisations to generate their own electricity; but it also means more risk, not just on the IT side, but also on the OT side. Putting in place preventive measures against cyber threats in the energy system is paramount to ensure that the integrations that already exist within the company or those with other companies continue to work in a safe and secure manner.
In this new energy system, IT/OT integration is integral to balancing the grid. It is also vital to break down silos created by people, systems and data and enable the smoother flow of information to support automatic control of the distributed network. However, we need to achieve this in the safest and most secure way possible, so that there is no impact on businesses or on the safety of people and the economy.
ABOUT THE AUTHOR
Hans Marcus Principal IT Architect, CGI
Hans is a principal IT architect working in the utilities and manufacturing industries. With market experience and deep knowledge on the IT/OT environments of customers, Hans advises and assists customers to help securely integrate and converge their IT and OT systems