Securing the Smart Grid
Everything, it would seem, is getting “smarter.”
From our phones, to our televisions, to even our washers and dryers, companies are constantly finding new ways to connect technology we currently use and make it more efficient, ultimately enabling better usage.
Essentially, making it work smarter, not harder.
However, with increased connectivity, comes increased risk for breaches in security. Bigger networks mean bigger risks as hackers can gain access to a wider swath of whatever they’re targeting.
For renewable energy utilities, this is quickly becoming a potentially devastating problem in the form of increasingly connected smart grids, and one that they are rushing to solve.
Threat Level Rising
A report on smart grid security risks by Dr. Isaac Ghansah defines a smart grid as a “modernized electricity network which is being utilized as a way of addressing energy
independence, global warming, and emergency resilience issues.”
One of the several key characteristics of a smart grid the report identifies is its “operating resiliently against physical and cyber attack.” This is especially critical since smart grids are considered one of the 18 critical infrastructures by the U.S. Department of Homeland Security. Many of the other critical infrastructures depend on smart grids for operation, making their security paramount.
Unfortunately, Dr. Ghansah’s report outlines a number of potential security threats to the smart grid. First, smart grids are multi-layered networks, and the each layer could become an avenue for a cyber attack. While the threat may not be as big in the residential arena, it is a huge factor for large-scale power operations. As substations and other energy structures become more connected and automated, the level of vulnerability increases greatly. If someone wishing to do damage gained access to one level of the smart grid, they could potentially gain access to much more. As grids get bigger, so does the problem. The issue itself isn’t exactly new, though.
While the Dr. Ghansah’s report is from 2009, attacks against smart grids were already a major cause for concern. He claims that the DHS gets daily reports of countries—possibly China and Russia, among others—infecting various grids such as water, electric, and waste. The CIA has also reported hackers causing blackouts in exchange for extortion money to turn the lights back on.
A Most Pressing Concern
Now, the situation is reaching a point where further lack of serious action could prove catastrophic. A report released on July 2 of this year by Bloomberg Businessweek discussed the revelation that several back-door attacks that have occurred within the past 15 months. Hackers “Dragonfly” and “Energetic Bear” were able to gain access to U.S. and European power networks relatively easily due to the system’s vulnerability.
The “Dragonfly” incident was particularly troubling because of its broad scope. A group of hackers, believed to be in Eastern Europe, ran a spam campaign against several power companies in February of last year. They gained access to the networks of three unnamed power companies. According to Bloomberg, the majority of the incidents were reported in Spain, the U.S., France, and Italy, though 84 countries were targeted. The hackers compromised industrial control systems and installed self-replicating malware, which spread to other computers.
Cyber security company Symantec helmed an investigation into the attacks. Eric Chen, a member of Symantec’s Security Technology and Response Team, told Bloomberg that the attacks were more than just espionage, and when the threat is fully assessed they’re “very concerned about sabotage.” Chien discussed a worst-case scenario in which systems could be shut down and the power could simply go out.
Cyber Intelligence Analyst at the Northern California Regional Intelligence Center Donovan Miguel McKendrick told Emergency Management in an interview that another worst case scenario could involve something as simple as a light bulb. Pointing specifically to the Philips Hue light bulb, a bulb that changes colors and can be controlled via a smartphone app, McKendrick says its inclusion in the smart grid could lead to potential troubles if it is accessed through a smart grid hack.
“Now suppose that light bulb is installed in an emergency room and someone shuts it off during a procedure. That’s a worst-case scenario,” McKendrick said.
The Challenge of Implementing Security Measures
What’s exceedingly clear is that something needs to be done sooner rather than later.
As Emergency Management reports, more than 26 percent of public and 28 percent of investor-owned utilities are currently in the planning stages for smart grids. In today’s hyper-fast modern world, security measures need to be preventative, not reactive.
The U.S. and Europe have already taken steps to fight smart grid attacks, though it is projected utilities’ spending for cyber security will increase dramatically over the next few years, with Europe’s set to more than double to 412 million euros by 2016 according to Bloomberg.
However, McKendrick believes the threat is still understated saying, “There’s no awareness about how serious it is.” He cites the lack of an immediate, personal impact as a driving factor for inaction.
Utilities, despite current efforts, are still slow to jump on board with serious cyber security measures. Budgets for preventative measures and research are increasing, but not rapidly enough. To fully protect the grid, massive updates need to be conducted.
Chief Technology Officer at WiFore Nick Hunn told Bloomberg Businessweek that he believes utilities are still thinking in the physical realm, much to their detriment.
“If you talk to the utilities about what you have to protect against, it’s about transformers shorting out and trees falling on lines,” Hunn said. “That’s what they’ve been dealing with for the past 100 years.”
Looking back to Dr. Ghansah’s report, one of the key findings is that grid firmware is in serious need of updating. He explains that proper, effective, and secure implementation of a patch or upgrade can take more than a year, meaning that by now, many utilities are already behind on their security systems.
It’s a problem that can’t afford to exist for much longer, though, as smart grid security can be the difference between keeping the lights on and being left in the dark.
Hydrostor receives $4m funding for A-CAES facility in Canada
Hydrostor has received $4m funding to develop a 300-500MW Advanced Compressed Air Energy Storage (A-CAES) facility in Canada.
The funding will be used to complete essential engineering and planning, and enable Hydrostor to plan construction.
The project will be modeled on Hydrostor’s commercially operating Goderich storage facility, providing up to 12 hours of energy storage.
Hydrostor’s A-CAES system supports Canada’s green economic transition by designing, building, and operating emissions-free energy storage facilities, and employing people, suppliers, and technologies from the oil and gas sector.
The Honorable Seamus O’Regan, Jr. Minister of Natural Resources, said: “Investing in clean technology will lower emissions and increase our competitiveness. This is how we get to net zero by 2050.”
A-CAES has the potential to lower greenhouse gas emissions by enabling the transition to a cleaner and more flexible electricity grid. Specifically, the low-impact and cost-effective technology will reduce the use of fossil fuels and will provide reliable and bankable energy storage solutions for utilities and regulators, while integrating renewable energy for sustainable growth.
Curtis VanWalleghem, Hydrostor’s Chief Executive Officer, said: “We are grateful for the federal government’s support of our long duration energy storage solution that is critical to enabling the clean energy transition. This made-in-Canada solution, with the support of NRCan and Sustainable Development Technology Canada, is ready to be widely deployed within Canada and globally to lower electricity rates and decarbonize the electricity sector."
The Rosamond A-CAES 500MW Project is under advanced development and targeting a 2024 launch. It is designed to turn California’s growing solar and wind resources into on-demand peak capacity while allowing for closure of fossil fuel generating stations.
Hydrostor closed US$37 million (C$49 million) in growth financing in September 2019.