Security a concern for microgrids

Ernest Hayden

Exclusive interview with Ernest Hayden, Managing Principal, Critical Infrastructure Protection/Cyber Security, Verizon, US, speaker in the Smart T&D Infrastructures track at the upcoming European Utility Week

You will speak at European Utility Week on “Understanding the key security concerns surrounding microgrid implementation,” – can you give us a sneak preview of your talk?
My presentation will concentrate on the topic of microgrids and cover the basics, from what a microgrid constitutes and current installations, and the focus on enabling technologies and the need for adequate security in current and future microgrid deployments.

Microgrids are surfacing as a “new” point of conversation in the global smart grid commentary, but in the excitement of implementing this technology many enterprises are bypassing the fundamental security requirements demanded by the growing increase in physical and cybersecurity attacks.

What do you think the main challenges are in microgrid security?
There are three challenges we need to address:

  1. Microgrids are being deployed in a rush and do not appear to include adequate security reviews and mitigations. As a security professional this concerns me the most.
  2. They are viewed as a “new” technology when they have been with us ever since electricity was introduced to ships and remote villages. Hence, there are new solutions being invented that may be more expensive and less secure than currently proven deployments used for the past 50 years.
  3. Finally, microgrids need to be viewed as one of many solutions incorporated into the smart grid. It is not a single solution but one of many to help deliver reliable electricity to the end user.

What do you find most surprising in this market?
Probably the biggest surprise is that utilities and industry analysts see microgrids as a “new” approach yet it is really a fairly mature concept. Most villages in the US state of Alaska are on microgrids in that they are not connected to any transmission or distribution system outside of their boundaries. Another example of a microgrid is a ship with its own self-contained power plant and distribution system. Hence, there are many lessons to be learned from these mature deployments that need to be included in the “new” microgrid deployments.

A second surprise is again the lack of inclusion of security for the microgrids. There needs to be very secure controls – both physical and cyber – on how and when the microgrid connection circuit breaker is closed or opened. Uncontrolled operation of this circuit breaker cannot only defeat the benefits of a microgrid but can also cause substantial damage and maybe even casualties. Again, security must be included in these designs and deployments.

What will be your main message at European Utility Week?
Businesses need to fully understand what a microgrid is and isn’t; learn lessons from previous implementations of microgrids; and most importantly ensure that physical and cybersecurity controls are designed into the microgrid from the outset – not as an afterthought or even forgotten altogether.

What are you most looking forward to in Amsterdam?
The event provides a tremendous opportunity for the major influencers to discuss, debate and challenge views in order to stimulate the industry for the better. This alone is exciting and I am looking forward to the impact we can have.

On a personal level, Amsterdam is one of the most beautiful cities in the world and one of the most cultured! I am a “semi-pro” photographer and I look forward to visiting the canals and taking many photos of the architecture reflecting off the still waters!