Image credit: Stock

Smart Energy International spoke to Joe Peichel, an independent enterprise architect, to get his insights into how the latest developments in cybersecurity are affecting the way utilities operate and how to map risk management strategies.

What are some of the key trends affecting utilities in terms of protocol usage and device management?

In terms of industrial IoT (IIoT), most machines and smart devices have been designed with cybersecurity in mind and have a device identity, making them relatively secure compared to older consumer devices.

One of the biggest challenges is that many of the communications standards between control systems and the end devices have been designed with traditional protocols and without security in mind. In these instances,security was more of an afterthought or bolt on, which is where the risk lies.

The latest devices in the market are taking a more pro-active approach to security and there’s work underway in the industry to drive uptake of common and advanced standards, which go beyond some of the legacy protocols. These protocols have security baked in from the beginning.

The main difficulty is due to the industry continuing to use legacy equipment that still needs to depreciate and has a useful life ahead of it. The question being asked is how do we bridge that gap and mitigate the risk this gap presents.

In order to remain relevant and competitive,utilities are redesigning their business models to interact with both existing legacy infrastructure and with innovative technology. What are your thoughts on achieving this balance?

One of the things impacting the industry is that many smart devices that interact with the grid, even though not necessarily under utility control, are coming into the landscape through other channels,particularly with consumers. Utilities need to create incentive programmes that provide some level of interaction with these, as well as a level of control. Having to deal with protocols that are either proprietary or only recently adopted is an additional hurdle that the industry is facing.

The addition of electric vehicle chargers, smart thermostats and water heaters is creating an interesting dynamic.These are often not areas the utilities spend money on, as they do not own the devices.

However, utilities need to interoperate with them and have to create programmes that provide incentives to consumers to delegate some authority to the utility. It is vital to implement the communications protocols that can govern and ensure security.

You mentioned that the influence of electric vehicles and e-mobility is clearly impacting how utilities operate. Would you say the prosumer is playing as big a role in disrupting the industry?

There is a great deal of attention on prosumers and the role they play. The  media has given a lot of attention to this; however, at this point the prosumer segment of the market is a bit smaller than people might believe. Despite this,they do have an impact and organisations are working to define programmes and understand the personas of these individuals, in order to understand what incentives they will find most attractive and then translating that into the technical capability. It all comes down to successfully understanding the mechanics between utility, consumer and device and how these interact together.

In terms of identifying industry trends and preparing accordingly, are utilities managing to fully exploit data analytics to their advantage?

Big data is one of the areas where some utilities are still trying to carve out their strategy and implementation. Traditional mobile device management systems were good for what they were designed for, but we are dealing with a very different landscape and volume of data. In many cases, the utilities don’t have the internal capacity to consume all this data and then interoperate or interact with it in the proper way – in some cases in near real time – in order to make market decisions based on the data.

In many instances we are seeing smaller,faster aggregators applying big data and analytics approaches to the mechanics of accumulating that data and presenting it in a way that is more cohesive. In other words,by delivering that service and capability they are doing some of the work for the utility as part of their value proposition.

In your opinion, are there sufficient resources available to help utilities navigate these  disruptive forces?

In some cases, there are too many resources and too much information available. Too many peer-to-peer opportunities can make things confusing. The best scenario is to pick the right partners through which to operate this collaboration. It is vital to ensure your partners are aligned with and affiliated to the Department of Energy, as well as national labs and other thought leaders. That would be a big draw for utilities to continue engagement.

In your opinion, what do the next five years look like in terms of the utility operational landscape?

We will definitely continue to see collaboration around open protocols and open implementation that provides a reference model for the utilities and for manufacturers to adopt. Recent developments in this space have seen inter-industry cooperation to drive the implementation of standard protocols. This trend of collaboration will continue. The role of universities and national labs will grow in an effort to ensure industry collaborations are somehow stitched together to avoid redundancy and drive focus towards a few key standards, ultimately consolidating the sector.

We will see protocols and standards come to fruition, seeing more widespread adoption across the industry. In terms of the more capital intensive aspects of the grid, I predict a slower pace to modernising. This will revolve around how quickly utilities can implement and recover through work with consumers.

Conclusion

Even though the industry as a whole tends to move fairly slowly, we are clearly in a period of fairly rapid transformation. The impact of non-utility technology being deployed and the expectation from consumers that they will be able to interact with it is driving a great deal of the disruption. That will continue to accelerate and utilities and organisations will drive towards greater efficiency and more self-reliance. Aspects such as battery storage and products like the TESLA Powerwall will continue to trend. These are the kinds of large sector tendencies that will drive change from outside of the industry. We need to beprepared to meet this challenge, to work with consumers to address these new demands.

ABOUT JOE PEICHEL

Joe is an enterprise architect specializing in emerging technologies, energy and smart grid security. His mission is to secure the energy grid, one cryptographically identified device at a time. Joe specializes in applying cryptography to identity and access solutions across the landscape of Industrial Internet of Things (IIoT).

He is a contributing member on Open FMB, Smart Grid Cybersecurity and Smart Grid Architecture, and recently served as a reviewer for a study on non-wires alternatives.

Joe consults on enterprise architecture, focusing on workforce mobility using iPad,iPhone, Android and Windows mobile devices with connectivity secured by two multi-factor authentication and client-side digital certificates.

Joe also works as an enterprise architect for a large Midwest utility company, where he has driven the core principle of identity as the new perimeter into security, cloud,and big data reference architectures and related standards.

Joe has 20+ years of experience in cybersecurity and digital identity and accelerating adoption of emerging security capabilities around device and user identity.

This article was originally published in Smart Energy International 4-2018.