The current U.S. power grid supplies electricity to end users through a one-way relationship, which works in a similar way to our water heaters. Large amounts of electricity are generated and stored until they are sent to the end users in need. This system is outdated and inefficient; furthermore, it is difficult to apply to renewable energy sources. With renewable energy sources, wind will not always be blowing and the sun will not always be shining. In order to update power grid and get around these difficulties, a “smart” power grid is being developed. In the smart grid, electricity works through a two-way relationship where electricity flows both from the utility company to the end users and from the end users back to the utility company. The smart grids also use digital technology to monitor equipment throughout the grid in order to make power delivery more efficient.
In order to make the smart power grid secure, the utility companies must keep their computer systems secure so hackers cannot exploit the vulnerabilities presented with the smart grid. Utility companies must first keep the data of how much electricity is flowing back and forth between the utility company and the end users confidential. The companies must also have safeguards in place to prevent hackers from modifying the flow of electricity which will protect the integrity of the smart grid. Finally, the utility companies must make sure the smart grid works so electricity is available to the end users.
In contrast to the utility companies’ security goals, attackers are going to try and exploit the smart grid. They will attempt to disclose confidential information to gain access to the data on electricity flow, alter the flow of electricity between end users and utility companies, and deny end users and utility companies’ access to electricity.
IOActive, an application and smart grid services provider, made comments on the vulnerabilities of the smart grids with Richard Adhikari of technewsworld.com “research has been conducted throughout the industry and has concluded that the power grid is susceptible to common security vulnerabilities such as protocol tampering, buffer overflows, persistent and non-persistent rootkits and code propagation”. Potential attacks will focus on these vulnerabilities.
The inherent risk with the smart grid technology lays in the dependency on the internet and having to rely on Internet Protocol. The risk of having a major breach in the security of smart grids can result in situations ranging from problems, such as people getting away with paying their power bill and can be as serious as terrorists gaining complete control of the system and causing mass blackouts across the United States.
In order to prevent this from happening utility companies must use centralized log management systems, which can track when and where cyber security threats exists and how to respond to those threats. There should also be third-party assessments made on the smart grids to ensure the security of grids are being audited.
Sources:
Smart Meters and Security: Locking Up the Grid by Richard Adhikari
Monday, October 12, 2009
Subscribe to:
Post Comments (Atom)
Posts
I had heard about smart grids but never really understood what they were. I still don't understand it completely, but I get the basic idea now. I think it sounds great, but they really need to be sure all the kinks are worked out before they put it into real use to avoid blackouts. Is there anyplace that a system like this is already in place, or is this still in research stages?
ReplyDeleteAs far as security, I think this would be a prime target for terrorists or even just malicious pranksters who think it would be funny to shut down the electricity for a city or region. They could cause a lot of confusion and really disrupt the flow of life, security systems, and the economy for an area if they succeeded.
Although this new technique for energy transfer seems much more efficient and modern than the current system, it does seem much more vulnerable to security threats. My biggest concern would be the two way flow of energy and information linked to a central database. That energy and information would be coming from the end user to the central database is a great concern because it leaves that database more vulnerable to a security breach than if the energy and information could only come from the central database to the end user.
ReplyDeleteI remember when the New York area had its blackout, nighttime satellite imagery made it look like it disappeared from the map. The major news networks speculated the possibility of a terrorist attack, given the impact of the loss of electricity on almost all services.
ReplyDeleteThough smart grids may revolutionize power distribution and reduce waste, its important to remember the basics. Are there backup systems for hospitals, the stock market, communications, and other critical sectors with a centralized grid? I am very interested in seeing what countermeasures will be developed while implementing this system.