As Smart Grids evolve, they start to look more and more like distributed IT and telecommunications networks.
Gone are the days where the Electricity Meter was simply a device to communicate consumption to generate bills – the latest generation of the Smart Meters are mini-computers, with IO and peripherals allowing them to connect to home devices, and on-board compute resource allowing monitoring, automation, control and analytics.
And the communications infrastructure is getting smarter with the latest generation of data concentrators providing very capable ruggedized compute platforms far into the field, with the ability to automate local energy brokering services.
This means that, suddenly, the functions and capabilities of the “nodes” in the Smart Grid are no longer static and defined by physical build. They are defined by configuration of software and firmware. There is a massive opportunity to innovate and create a Smart Grid; enabled by this flexibility, the function and performance of smart meters can be monitored and controlled remotely, and new services and capabilities introduced without needing to visit the customer. This is essential if the changes in the way we generate and use energy are to be enhanced by the Smart Grid.
This modernization brings its own challenges as well. As the equipment in the field becomes more sophisticated, how will monitoring, management and securing of these assets need to change?
The question is partially answered already – just look at the telecoms industry. 30 years ago, there was a phone, a copper cable connected to an exchange and some switching equipment, much of which was physical – you needed ear protectors to visit a telecoms exchange in the 1970s.
And then transformation! The switch becomes a DSL Access Module, the cable is often now coax or fibre, or sometimes replaced by radio, and the phone is replaced by a DSL Modem, and suddenly, the laptop, smart-phone and smart-home become the end-point that the consumer interacts with.
Utilities and the Smart Grid are perhaps 10 years into this same type of transformation, and so the industry should be asking…..
How did the telecommunications industry respond to this massive change?
The answer is that they implemented sophisticated, highly integrated network monitoring and management systems; addressing fault/performance management, inventory configuration management, service activation and engineering. Integration is facilitated through alignment to an overarching telecoms process model called eTOM, developed by the TMF, the Telecommunications Management Forum, and the associated information model (SID) and application framework (TAM). This means that the IT teams building these complex systems have a common language, and vendors can align their solutions to allow interoperability.
This was great for the new generation of equipment (no longer requiring headphones to visit), but then, just like with the Smart Grid, software started to dominate. At that point, the ITIL (Information Technology Infrastructure Library) family of processes, became essential. These apply problem and issue management, release management, configuration management, security and SLA management processes, which are essential in maintaining an IT network where software and IT platforms work together. (Does this sound like the Smart Grid that we are starting to see emerge?)
The TMF, recognising this transition, moved to embrace ITIL collaboratively, resulting in a set of standards which provide a framework for managing, monitoring and securing a sophisticated distributed, technological national resource – the telecommunications network.
The final transition was towards customer experience management; utilising the compute resource in the handset to monitor and control the quality of experience of the consumer. Now, management of telecommunications networks focuses on social impact, revenue impact and public image as much as technology.
So, what does this mean for Smart Grid? Well, instead of re-inventing the wheel, why not look at what the telecoms industry has achieved over the last 30 years, as they went through the same type of technological and social transformation that the energy industry is going through, only now?
It all starts with the intelligent devices in the field, just like in telecoms 30 years ago – select the Smart Grid solution providers that give you visibility of the infrastructure, the consumer’s service, the ability to control the service and the flexibility to adapt through software and firmware configuration. Focus on the parts of the infrastructure where visibility is hardest to achieve, such as the low-voltage grid, because, these are the areas where change is coming fastest, and will require agility to respond through remotely configurable devices.
NES supplies the most sophisticated and secure Smart Grid solutions available today, and its solutions form the foundation for any energy provider seeking to follow the path set by the telecommunications industry, as they transition from being a technology focused enterprise to a business driven by social impact, sustainability, security and customer experience.
Cybersecurity efforts have, by and large, neglected the newly built “smart” infrastructures in power grids. Emil Gurevitch, Security Engineer and Hacker, explains why they will be targeted, and what utilities should do to plan for the inevitable cyberattacks.
Smart grids will reduce emissions and create a wealth of savings for utilities, but the fast-paced adoption of new technology comes at the cost of increased risk of cyberattack.
Industrial control systems have been subject to such attacks, and significant effort has been put into securing them as a result. However, new, emerging technologies, such as smart meter infrastructures, have yet to be battle-tested, and utilities should expect them to inevitably have weaknesses.
Despite this, they are installed into the grid in an effort to keep companies competitive in the race to the smart grid, prioritizing increased operational efficiency and new business opportunities over potential bad actors.
You may think that comparing smart meters to, say, the SCADA for substation control, is a bit of a stretch. And, to some extent, you would be right. However, if you take an adversarial look at it, you will probably find, that they pose a much greater risk than expected.
Security Architect and Hacker
For example, utilities use smart meters to remotely switch power off, they use smart meter data in mission-critical processes that go well beyond billing, and they make significant investments to upgrade the physical grid infrastructure with communications networks that bind it all together. Utilities expect these newly built computerized infrastructures to gain new capabilities over time via remote software updates, thus increasing the return of investment. From an attacker’s perspective, we are looking at a system that we can misuse to switch power off, a system we can manipulate to disrupt or derail a utility’s mission-critical processes, and a centrally managed system of millions of connected devices that we can take control of and reprogram.
In the EU, Member States are required to implement smart metering. The latest report from the Joint Research Centre says that Member States have committed to rolling out close to 200 million smart meters for electricity by 2020.
Efforts to secure these new technologies have largely focused on trying to prevent attacks from being successful. This is of course important, but new stories of cyber attacks hit the headlines almost every day, and it should be abundantly clear by now that not every attack can be blocked — utilities must therefore invest in early detection and incident response, especially for their newer technologies that may not be procured, developed, or operated with a bad actor in mind.
Making detection and response a core part your grid is crucial to protecting yourself and your consumers, and are cornerstones of creating a truly smart grid and city.
So, how can we ensure detection and response is effective?
A starting block is to work through a series of cyberattack scenarios and assess how your technology and processes hold up. Simulating them in practice and training for them can be a cost-effective way to find areas of improvement.
Here are three example scenarios that utilities should consider, and ask themselves “how do we detect this early?” and “how do we recover?”.
They are described from the perspective of the attackers and are intentionally focused around the often-neglected smart meter system.
Keep in mind that these attack scenarios are likely to happen in parallel during a real cyberattack. For example, in the 2015 cyberattack on a power grid in Ukraine, attackers took control of substation control systems and switched off power, they bricked grid devices by sending malicious firmware updates, turned off backup power supplies, erased files on servers and workstations, and even flooded a call-center in an attempt to prevent people from learning about the incident. These individual attacks were centrally coordinated, and some of them were probably launched in parallel. This is how real cyberattacks work.
Hacker Scenario #1: Power Outages. We work for a nation state and our mission is to inflict power outages. We hack our way into the utility’s centralized smart meter control center, wait until the low-voltage grid is under high load, and then we start sending out disconnect commands to all the smart meters in the field. In the middle of the attack, we find that the utility has built-in limits on the number of disconnect commands you can launch from the central system within a given time period, but we find a way around it — like we always do — and remotely change the power thresholds on the meters instead, thus causing the meter to hit the limits immediately and disconnect.
It should be noted that, at the time of writing, there are no known successful cyberattacks misusing the smart meter system to switch power off in the grid.
However, like the flow of electricity, attackers follow the path of least resistance. They will go through the smart meter system to achieve their mission if that is easier than to breach the SCADA for substation control.
Hacker Scenario #2: Manipulating Business Processes. This time, our mission is to manipulate a series of processes that base their decisions on the information received from the smart meters in the field — such as signal and power quality levels used for fault detection and load balancing. We hack our way into a couple of carefully chosen, Internet-connected control nodes managing around 2,000 smart meters in total. We then start making slight but controlled changes in the information reported back to the utility, and ultimately achieve our mission.
Of course, smart meters are often not just used for billing consumers for the electricity they use. Smart meters are increasingly being used as grid sensors, monitoring the conditions of the edges of the grid. This is an extremely insightful data point from a Smart Grid perspective. By manipulating this data, attackers can directly change the view of a grid to their advantage.
Hacker Scenario #3: Stealing and Selling. We work for a criminal organization. The mission is to steal utility assets and sell them back to the utility (similar to a ransomware model). We are looking to cash out as much as possible, and as quickly as possible. So we go after what a utility relies on the most to operate: data and grid infrastructure. We outsource the development of new malware targeting smart meters, launch it, and take control of thousands of smart meters. Then we change their security keys, pushing the utility out of their own infrastructure. We also rent a classic ransomware service and launch a campaign against the utility’s central system, stealing large amounts of data. We then demand a ransom in return for the access to the hijacked smart meters in the field, as well as the data we stole. We then wait for the payout in ’Monero’ to come in.
Although ransomware campaigns are common, there are no known successful attempts at pushing a utility out of their own smart meters with ransomware. However, it is important to at least acknowledge that all of these new power grid infrastructures are essentially large, distributed networks of computers that can be hijacked for financial gains.
The need for early detection and response planning
So, how would your utility hold up in these scenarios? In an environment with increasingly resourceful attackers and an increased attack surface, do utilities have the right technology and tools to detect intrusions early?
Attacks can be significantly hampered by early detection and pre-planned disaster response playbooks. However, as of right now, solutions aren’t being applied quickly enough to newer grid technologies.
It’s like having smoke alarms in your house — you want to be able to prevent a big fire from happening by knowing there’s smoke. Utilities need to begin installing their cyber security smart metering ‘smoke’ detectors.
Of course, a Smart Energy Grid is an integral part of a Smart City. The social and sustainability benefits of the Smart City are dependent on reliable and secure supply of energy, leveraging the changing role of distributed generation and maximising distribution efficiency. This is clearly understood by the energy industry and directs the quality and “intelligence” of Smart Grid solutions in these environments.
Here is a whitepaper that will help you determine what type of Smart Grid is needed for a Smart City.
The linkage with the iTunes App Store may be a little harder to conceptualise, but that is exactly what Tauron, a leading DSO in Poland, has explained in a recent case study describing their deployment of a Smart Grid for their Smart City Wroclaw initiative. You can read the English version of this case study here, and the original in Polish here.
Tauron is referring to how their deployment of more than 360K meters allows the introduction of new meter vendors and services into their Smart Grid solution seamlessly; reliably working together and integrating with their back-end systems.
When you log into the iTunes App Store and download a new application, you just expect it to all work together. But, what does this mean? The application must function, yes. But, you expect the application to fit into the same security framework, co-exist with other applications sharing the same computing resource, offer the same user experience, interweave with other applications running on the same device and administrated through the same operational processes.
So, how does that translate into the Smart Grid in Tauron’s Smart City Wroclaw initiative?
Tauron has deployed an OSGP (Open Smart Grid Protocol) based solution which offers an unprecedented level of interoperability. OSGP certified meters do not just communicate over the same protocol. They communicate into the same head-end, they have the same operational controls and capabilities, they can be managed from the same operational screens and they apply the same stringent security capabilities. That is something which cannot be said for all AMI standards.
Tauron mentioned Mitsubishi Electric in their most recent case study, but other OSGP partners, including Apator and Networked Energy Services (NES), a leading supplier of highly sophisticated smart meters, have also provided OSGP certified meters for this Tauron project. You can find more information on the technology that brought this project to life here.
So, let’s go back to Tauron’s endorsed linkage to the App Store:
- Security – All OSGP devices implement industry leading security layers. An important aspect of this is that security across OSGP devices is always-on and fully enabled. There are no “chinks in the armour” for the OSGP devices. Regardless of which vendor provides the smart meters, security is uniform, fully enabled and stringent throughout the deployment.
- Co-existence – All OSGP devices share the same underlying infrastructure resources and are designed to do so collaboratively. This covers the connection from the meter to the concentrator, the functions of the concentrator, the communications back to the HES, and its IT compute resource. None of the OSGP devices will “hog” resources and lead to performance issues elsewhere within the solution.
- User experience – It is this conformity of performance which underpins the utility’s user experience. SLAs for all OSGP meters are monitored and managed centrally, and any remedial actions to improve SLAs in any black-spots are also standard and aligned to the OSGP characteristics rather than a specific meter vendor. By maintaining strong communications, the meters are able to share valuable information to the DSO including energy supply quality and energy flows from distributed generation.
- Interweaving with other applications – OSGP meters offer the means to control consumer devices, interact with the Smart Home, and interact with other smart but non-communicating meters. Any OSGP meter, equipped for such local connectivity, is supported through the same operations and control framework, and follows open standards to connect with the consumer equipment.
- Operational processes – Multi-vendor meter solutions often fragment at the operations layer. Alignment to a common protocol may not necessarily mean consolidation of operations to a single set of processes and a single set of operational screens. However, OSGP certified meters are managed through a single operational application, which provides fault, performance, accounting, configuration, remote device and security management.
So, when Tauron relates Smart Grid, Smart City and the App Store, they are illustrating how their vision for Smart Grid in the Smart City promotes a level of openness, expandability and flexibility should be achievable using leading Smart Grid protocols. The reality is not all standards guarantee this outcome. Tauron has demonstrated how this is a real and practical outcome, in its Smart City Wroclaw initiative, through the OSGP standard.
Original article in Polish retreived from Cire.pl: http://bit.ly/2Dbzn8c
Tauron has built an AMI smart metering system in the capital of Lower Silesia, in which OSGP-based (Open Smart Grid Protocol) meters from three manufacturers are being used, maintaining the highest standards of PLC communication security. The group emphasizes that this is the first such solution in Europe.
Initially, the company installed about 368 thousand meters in the area of the city of Wrocław as part of the AMIPlus Smart City Wrocław project. The installed devices are supplied by two different manufacturers. The smart meters are fully interoperable, which means that they interact and communicate with each other in the power grid.
“Interoperability is a unique feature of the system because it allows devices from different manufacturers to operate in the network and communicate with each other. This is a rare feature, but a very desirable one, as it increases the competitiveness of tender procedures. It also ensures greater investment in security since we are not reliant on only one equipment supplier,” says Mariusz Jurczyk, director of intelligent metering at Tauron Dystrybucja Pomiary.
This year, the company decided to install meters from a third manufacturer Mitsubishi Electric, which debuts on the domestic and European market. It is a three-phase meter, compliant with the OSGP standard and associated PLC technology. Previously, the meter was tested for interoperability and compliance with the AMI specification. The specific procedure of verifying the meter for compliance with the OSGP standard is similar to the world of smartphones and platforms on which phones work.
“Our solution is more like the iOS platform and the rules prevailing in Apple’s App Store. To meet the standard, one has to undergo demanding testing procedures, and the same goes for all participating suppliers. As a result, we receive a meter that is compatible with the system and can be immediately included in operations, while maintaining high safety standards,” explains Mariusz Jurczyk.
Now, AMI meters from the new manufacturer are installed in the Tauron Distribution network, mainly for newly connected customers. Wrocław is a city that is dynamically developing and expanding. It is also one of the most active investment regions in the country for multi-family housing. This causes continuous demand for AMI meters, mainly in the three-phase system.
Last year, Tauron Dystrybucja was the first energy company in Poland to release a new functionality that allows remote activation of the wireless communication interface in an intelligent electricity meter. As a result, Tauron's customers are the first to observe the energy consumption of individual devices in homes or offices in real time. This is possible thanks to a new service called HAN Tauron AMIPlus.
Since 2015, within the Wrocław region, Tauron Dystrybucja has been implementing the AMIplus Smart City Wrocław project related to the installation of smart metering. AMIplus is a system that allows automatic processing, transmission and management of measurement data. It enables two-way communication between electricity meters and the Distribution System Operator, while giving the customer access to current information on electricity consumption. Communication is done via the OSGP - based PLC technology.