Hacking of the national grid could potentially damage electrical equipment and cause localised power outages. The White House and the Energy Department are now calling for a transition to a ‘smart grid’ which will be more responsive to changing power needs and better able to integrate renewable energy technologies. It will also be more efficient and reliable than the present national grid.
An important part of the transition to such a system will be the addition of communication and control devices to distant corners of the grid in order to give utilities a greater situational awareness and the ability to respond quickly to disturbances. These two-way communications will work like an ‘electricity only Internet’ with access restricted to utilities. However, just like the real internet, this also means that the systems will be vulnerable to hacker attacks, which in turn means they will need a strong cybersecurity system in place.
The National Renewable Energy Laboratory (NREL) has now established a strategic initiative for energy system cybersecurity. In March 2015, NREL hired Erfan Ibrahim as director of the Cyber Physical Systems Security and Resilience Center, under NREL's Energy Systems Integration (ESI) directorate.
“If you look at utilities today, and independent power producers, you will see a tremendous appetite now for cybersecurity solutions that work” said Mr Ibrahim. “Unfortunately, utilities currently have to rely on the sales pitches presented to them by the cybersecurity vendors. And this is where I believe that research labs, especially national research labs, have a unique role to play. The time for hype is over.”
Ibrahim’s team launched an effort—funded by NREL's Laboratory Directed Research and Development program—to build the Test Bed for Secure Distributed Grid Management, a hardware system that mimics the communications, power systems, and cybersecurity layers for a utility's power distribution system, the part of the power grid that carries power from substations to homes and businesses. The test bed includes the hardware and software that utilities would use to control a distribution system, including a distribution management system, an enterprise data management system, and two substation management systems. In turn, the substation management systems can interact with real field equipment, such as electric storage systems and electric vehicle chargers, as well as computer-simulated devices, such as solar photovoltaic systems.
The test bed also incorporates much bleeding-edge technology for cybersecurity in an attempt to make the system as secure as possible.
Typical computer-based communications systems, like the Internet, break data up into small ‘packets’ that are exchanged between computers. The NREL testbed includes a system that hides a "token" within the first packet of each communication session. If some hacker gets into the system and tries to establish his own communication session, his packet will be rejected because it lacks the hidden token. Another approach "cloaks" the network from unauthorized users, so that hackers can't even detect the computer server. You can't attack what you can't detect. Yet another approach maintains an "airgap"—an information exchange with no network connectivity. You can't use an online attack for a device that is not online.
Once Ibrahim and his team had set up the perfect system to secure the test bed, they then tried to break it. Three different angles were tried, revealing only one vulnerability, which was due to a misconfigured device.
“In three and a half months, we were able to pull a real-scale test bed together, attack it, and figure out what works and what doesn't work from a protection perspective” Ibrahim added. “Now we're going to share our findings with the industry to accelerate the adoption of empirically proven cybersecurity controls to protect critical infrastructure.”
Ibrahim’s team will slowly expand its reach as they learn more about the system. They are aiming to bring cybersecurity product vendors and system integrators into the Energy Systems Integration Facility, where the test bed is located, in order to refine and experiment with it. Once the test bed ready for “prime time”, it will be opened up to utilities and product developers - with a current target of early 2016.
Although the test was originally designed to handle power distribution grids, cybersecurity for other online energy devices will also be able to use it, such as electric vehicles, wind turbines, home energy networks, thermostats and demand response systems.
For additional information: