Europe’s power reliability - are 'smart' grids intelligent enough? Read More Apr 18, 2018
Smart Grid Security Perspectives Read More Jan 02, 2018
Tauron Distribution has installed over 350,000 smart meters in Wrocław Read More Oct 02, 2017
( Original in Polish )
NES emphasizes critical importance of Smart Grid security Read More Aug 03, 2017
UAS: A Vision for Smart Energy Read More Jul 14, 2017
Role of Smart Grids in building smart cities Read More May 17, 2017
Smart meter security - how Denmark is upping the ante Read More Apr 28, 2017
Networked Energy Services Response to Static Energy Meter Accuracy Study Read More Mar 29, 2017

Grid reliability is crucially important to safeguarding utility revenue, customer service and asset lifespan. NES tells Engerati how new distributed intelligence applications could help.

The branding of ‘smart grids’ makes them sound just that - smart. In terms of capabilities and technology, however, the low-voltage (LV) grid lacks intelligence, says Lars Molske, Product Manager, Low Voltage Grid Analytics & Distribution Outcomes at Networked Energy Solutions (NES).

According to Molske, Europe’s LV grid is not performing as reliably as it could be.

The reason for this? Outdated technology and processes. “We’ve been using estimates from the last 25-30 years to manage the networks. Now we have new technologies, people becoming more energy aware and more efficiently managing their usage, so the average consumption per customer is getting lower,” he explains.

“In addition, things like solar, energy efficiency and electric vehicles are changing the grid, and unfortunately utilities have no visibility of the LV grid.”

In distribution networks, Molske considers the LV grid to be the weak link in a smart chain. The difficulty he identifies is that it will require a different approach.He says, “so far we’ve made the transmission systems smart, as well as the medium-voltage grid to some extent, but making the LV grid smart with traditional methods, such as using SCADA solutions, would be expensive and impractical.” Using technologies like deep learning, machine learning, and artificial intelligence as grid applications is the natural next step for the local, LV grid, he argues.

“Most of the smart grid is not really ‘smart’. It’s mainly switching loads, but that response technology is the only thing I see as really intelligent. Even then, that’s following some really basic principles: if-then-else.” Instead, Molske and NES suggest there can be better leveraging of smart meters that are already in the LV grid, thanks to Europe’s smart meter rollout efforts. Although it may require distribution system operators (DSOs) to better use advanced metering infrastructure (AMI) systems.

Better usage for AMI in LV grids

“What we’re looking at is using smart meter infrastructure to provide more information about the grid - to identify voltage quality, observe anomalies and patterns and others items,” Molske explains.

If utilities then put that information into a machine learning platform, they can identify the problems before they happen by recognising patterns. This can increase their awareness of what happens in the grid, but also turn that into predictive analytics, reducing operational expenditures for maintenance and outage hours.

According to Molske, there are three factors as to why this technology has yet to take on the utility industry as it has elsewhere. “The first reason is that it’s a very careful industry, responsible for a critical infrastructure around the world. They don’t just jump on any trend or bandwagon to the future, but tend to be conservative.”

“Then,” he continues, “there’s the issue with machine learning, where you can only learn but only when you’ve got the data, so it can take a couple of years to develop a truly smart grid.”

Finally, there are difficulties from a resourcing perspective - many utilities are still trying to roll out smart meters. Molske explains, “processing smart meters and implementing the structure has been known to take 15-20 years for some DSOs. NES had this idea years ago, and utilities knew even then that it was the future. The problem was that utilities didn’t have any the appropriate resources, time and money to implement it in a meaningful way.”

Now that AMI systems are more commonplace, utilities and DSOs can begin to make their smart grids truly intelligent. By building this from existing infrastructures, it takes away the necessity from the utility to roll out new technology, adding new applications to the grid where the only cost is software licensing and data integration.

De-centralising LV management

Although this new technology enables utilities to solve previous difficulties regarding LV grid reliability, new difficulties naturally arise, such as data volume management.

Molske says, “with the new volume of data, it’s not economical to mine it in a centralised hub. If you’re getting 10 times more data per metering point and have to overlay with that grid topology and analyse the data, companies won’t have the resources or staffing, and currently don’t have the technology either.”

NES is able to take that responsibility away from utilities, handling the data and establishing value before reporting back with valuable insights.

One solution enabling this intelligent technology is the distributed control node (DCN). It can build the topology of the grid without connecting to the head-end system and run localised algorithms. Using this computing resource and machine learning, the DCN has the ability to one day control the entire data analytic process itself.

Molske says, “these intelligent technologies are standard in the computer technology world. By providing the DSO with targeted information about  what’s happening in the grid without all of the white noise of the regularities that are happening, it offers more actionable and relevant data.”

Ultimately, a truly intelligent smart grid provides opportunities to save utilities in operational expenditure, from data handling to outage prevention and management.

“Why should utilities spend huge amounts of capital to collect, analyse and store data only to later throw it away? If 100% of relevant information could be identified in the field in a localised way and get packaged to be sent upstream, it cuts out cost massively,” says Molske.

With the smart grid exposing more relevant information, business analytics tools are able to focus on the combination of the technical information with other sources of data – weather, demographics, social importance of consumer, VIP consumer, revenue for consumer or grouping of consumers.

DSOs will, in turn, be able to prioritise their operations and maintenance on a wider set of inputs, and not only focus on the technical nature of a problem, minimising the economic and social impacts of outages and degradations.

“By extending the rich data sets from in-house line-of-business systems with external sources like weather, market information, home automation, transformer sensors and more, DSOs are able to maximize the return of their existing data and get valuable actionable insight with the use of data analytics”, says Erik Åsberg, CTO, eSmart.

New-age analytics tools, such as those provided by eSmart, coupled with machine learning and AI, and the rich underlying information provided by sophisticated smart metering solutions, DSOs can move from being grid-aware to becoming business aware.

For more information on NES’ smart grid solutions in practice, tune in to our webinar, “Making the smart grid intelligent: Using apps for power reliability”.

This paper provides smart grid security perspectives from a security expert involved in both attacking and defending these types of systems in practice. It is formatted as an interview, with questions and answers. The topics include smart grid threats, defensive approaches, and security certification perspectives. 

Security is getting a lot of attention in all sorts of industries. For utilities, what are the main types of threats they face related to smart meter systems (AMI), and the smart grid in general? 

There are three sets of threats that need to be addressed. There is the set of "old school" threats of fraud, theft and safety, which have long been a top concern for utilities. There is a newer and growing set of regulatory threats around non-compliance, such as the General Data Protection Regulation in Europe. Finally, there are the threats associated with the adoption, use and increasing reliance on information technology, such as cyberattacks that can prevent a utility from delivering its services. Some of these threats are similar to those of a traditional IT infrastructure, but their priorities and threat model usually differ significantly. For example, utilities use AMIs and smart grids to store, distribute, and manage energy using information technology. Therefore, they share many of the same assets and corresponding threats as other entities relying on information technology systems. There are three main types of threats I spend a lot of time thinking about while working on providing a safe and resilient platform for smart grids. 

  • Threats that disrupt or prevent utilities from delivering energy. Most of us rely on the availability of electricity to power heating systems, hospitals, communication systems, transportation systems, etc. Outages can have severe and even fatal consequences for us and our businesses. There are many threats that can result in outages; from nation-sponsored cyberattacks to software malfunction, operational mistakes and natural disasters. 


Fig. 1: Key considerations of a security system.

  • Threats originating from criminal organisations that monetise from a utility’s lack of security. Over the past years, we have seen a rapid increase in malware samples and attacks specifically targeting utilities managing AMIs and smart grids. “Smart” almost always means “vulnerable” which in turn means opportunity for cybercriminals. A common, and unfortunately effective, tactic is to demand a ransom in exchange for not damaging a utility's infiltrated systems and/or reputation. 
  • Threats that may compromise our privacy as utility customers. Utilities are responsible for handling and storing private information. This makes data leaks and unauthorised accesses to this data two of the main threats to privacy.

Of course, these are only part of the threat landscape that needs to be specifically mapped out by experts when conducting risk assessments for the specific grid at hand.  

AMI and the smart grid is an evolution that continues to change within the industry, how has security and protection evolved over time, and what are the expected changes that we will see in the future? 

Before AMIs and smart girds, the industry relied on physical security measures and obscurity to protect the power grid. Fences, door locks, guards, video surveillance, and the obscurity of physically-isolated proprietary control systems were often enough to manage the threats utilities were facing. In addition, incident response procedures were often wellestablished and fairly comprehensive.

The introduction of AMIs and smart grids, and thus information technology, changed everything and necessitated a new industry expertise: information security. However, although industry embraced the many operational and financial promises of AMIs and smart grids, information security expertise was severely lacking and properly securing these new and advanced systems became an afterthought at best. This resulted in fragile and insecure smart grid deployments developed from non-existent or misguided security recommendations.

We are only now seeing industry and nationleaders waking up to the “cyber” reality as devastating cyberattacks on utilities are publicly being disclosed. As a result, initiatives to establish nation-wide baseline security requirements and security certifications are in progress. Unfortunately, these initiatives may be too late in some cases and may even foster a compliancy-defined approach to security. We have learned from other industries that this is a harmful approach; an expert-driven risk-based approach to safe and resilient smart grids is the way forward.

Smart grids will continue to increase in complexity, and attacks will continue to increase in both sophistication and frequency. An adaptive and comprehensive approach to security is needed to keep up with this advancement and it starts with expertise, politics, and financial incentives. 

How should a utility approach ensure security of its systems? 

Utilities need to go beyond compliance, make information security an integral part of their core business and invest in it accordingly, focus not only on protective measures but in detection and incident response as well, conduct independent risk assessments on a regular basis with their technology vendors, and most importantly, obtain as much expert knowledge as possible in order to determine exactly how and precisely where to invest in security.

A misconception that I often hear is the assumption that the internet and the smart grid share identical system characteristics. In reality, smart grids differ greatly from the internet in terms of communication technologies, network reliability, smart meter/ server resources, and threat model.

A consequence of applying an internet-biased security mindset to the smart grid can result in degradation of performance forcing utilities to compromise on security in order to meet service-level agreements (SLAs). You must understand the technical differences in order to apply the appropriate security measures. There is no one-size-fits-all when it comes to securing these complex systems. 

There are various certifications used by utilities to ensure compliance to various standards and processes. How does certification factor into security solutions and implementations? 

One on side, certification provides a minimum baseline of practice and raises the bar for all. Certifications also provide transparency and accountability for security and compliance,and helps utilities demonstrate to regulators and legislators that they are doing their job. If security certification becomes part of regulation, then it also forces utilities to spend money on security. These are all positive and important factors of certification.

On the other side, however, security certifications can discourage utilities to go beyond compliance as there is little financial incentive to do so. Certification processes also have a long-standing reputation for being disruptive, cost ineffective, and providing superficial security assurances. Certification can also discourage new practices and technology adoption because of the need for re-certification. Finally, certifications are slow-moving which is in direct contrast to the fast-changing threat landscape that they hopelessly try to keep up with. That being said, I do believe a regulated security program can be beneficial to the industry if it is able to resolve the issues mentioned before, help hold utilities financially liable for securing the power grids that we all rely on, and to use it as a tool to foster a risk-based and comprehensive approach to security. 

What are the key areas needed to ensure a secure system? 

Utilities should continuously strive to maintain a safe and resilient system. To do so, three key areas need to be covered: protection, detection, and incident response.

Protection is about trying to prevent security breaches from happening in the first place. Encryption and authentication are two examples of preventative security measures designed to protect the confidentiality and integrity of information, respectively. There is one thing we have learned in the security industry – the highly skilled and focused attackers will always find a way to either break through or entirely circumvent the protective measures. This brings us to detection and incident response.

Detection is about detecting security breaches before, after, or as they are happening. It is important to have measures in place for monitoring both incoming and outgoing events. There are many attacks that go undetected once they have infiltrated the system.

Incident response is about being able to handle breaches of security in a timely and efficient manner. It relies on people, processes, and technology. During a crisis, it is essential to have an action plan in place to regain control of the situation as fast as possible. 

You mentioned that "comprehensive security" is the essential approach for utilities. What does this mean to you? 

 “Comprehensive security” is a loaded term. It means different things to different people. For me, basically, it means that your security goes through a continuous cycle of three stages:

  • Identify: Pinpointing areas of concern and prioritising them based on risk. This is also known as risk assessment. For a risk assessment to be considered comprehensive, keeping up to date with current threats is crucial.
  • Improve: Design and implementation of the security measures used to address the identified areas of concern.
  • Evaluate: Evaluating all of the security measures in practice. This needs to be done internally as well as by an expert third-party ensuring a fresh perspective. In relation to the previous question, it is worth noting that comprehensive security leads to compliancy.

Some industry experts state that utilities should conduct risk assessments to identify the areas of concern, what is involved in a risk assessment? 

The ultimate goal of a risk assessment is to answer the following question: where should we invest in security? To answers this question, utilities must first identify and prioritise their assets. Next, they need to enumerate all threats to the assets. Finally, they must assess and rank each threat according to the impact and likelihood of the threat. Based on the rankings, a decision can be made as to which risks need to be addressed. This is the classic approach. The hard part, as always, is hidden in the details.

Acknowledgement

A version of this paper was published in Smart Grids Polska, issue 16. Contact Emil Gurevitch, Networked Energy Services, emil.gurevitch@networkedenergy.com

Tauron Distribution is at the final stage of the AMIplus Smart City Wrocław project. Over 350,000 AMI smart meters were installed between 2014-2017. The present work concentrates on optimizing the meter reading system solution and completing the installation of meters in the southern part of the city.

AMIplus is a smart metering system that enables automatic processing, transmission and management of measurement data. It enables bi-directional communication between the electricity meters and the distribution company while providing the customer with up-to-date information on their electricity consumption.

Tauron Distribution installed AMI smart meters from two manufacturers, NES and Apator, in its distribution network. The meters use power line communications and are compliant with OSGP (Open Smart Grid Protocol).

Measurement data from the AMI meters is available for Tauron Distribution customers on the dedicated Tauron eLicznik platform. The platform is available through Tauron’s website, as well as from mobile devices based on the most popular platforms including iOS, Android, and Windows Mobile.

Tauron Distribution has provided HAN service to Tauron AMIplus customers in the AMIplus Smart City Wrocław project. This enables customers to access measurement data directly from their energy meter in real time. Activation of the service is carried out through the Tauron eLicznik portal.

The solution implemented in Wrocław has made it possible to improve the method of obtaining readings from electricity meters. The readings are obtained as a remote reading, without the need for a field technician. The method of operating the measuring system has also changed. At present, the vast majority of the maintenance work for the measuring system is performed remotely, without the involvement of assembly services.

Additional Project Information

In addition to the 350,000 smart meters, Tauron’s AMIplus Smart City Wroclaw project includes more than 2,400 NES data concentrators along with head-end system software from NES. All transmitted data is encrypted using the AES128 bit standard. The smart meters provide greater than 99.5% daily availability of 15 minute energy profiles for 4 values (active power import/export and reactive power import/export) along with energy billing data and events.

NES urges utility providers to brace for cyberattacks on power grids


Over the last two months, the world has been subject to two major ransomware attacks. The most recent being an attack known as 'Petya', a malicious software that spread through large firms that led to PC's and essential data being locked up and held for ransom. Prior to this incident, the 'Wannacry' ransomware locked data from nearly 230,000 computers used by leading international organizations in at least 150 countries, including the UK’s National Health Service, Russian Ministry of Interiors, and FedEx. These attacks, once again, brought to forefront the significance of cyber security at a time when cyber-crime has evolved into a growth industry with low risks and high returns.

In light of this event, Networked Energy Services Corporation (NES), a global smart grid market leader with the industry’s leading Patagonia Energy Applications Platform (EAP™), has thrown the spotlight on the critical role of security in Smart Grids. The connected infrastructures in power grids such as intelligent networks, smart meters, and Internet of Things (IoT) solutions have increased the possibility of cyber threats in the energy sector. In line with this, the company has urged the community, individuals, organizations and utility providers alike to be prepared to deal with cyberattacks for national security and economic well-being. Utility providers such as Dubai Electricity and Water Authority and Sharjah Electricity and Water Authority in the UAE are stepping up their efforts to ensure security in their grids from such attacks with the installation of smart meters, which is currently underway across the country in a bid to complete over one million smart meters by 2020.

Michel Madi, CEO – Middle East, Africa and India, Networked Energy Services Corporation, said: “Smart Grids are not just electrical infrastructure but are huge data networks that are critical for the seamless functioning of the various economic sectors of a country. It has now become imperative for key sectors, particularly energy, to ensure the implementation of the latest security solutions to secure Smart Grids and avert risks. The UAE is one of the leading countries in the region on track in safeguarding their services as the country’s smart metering market looks to increase at a rate of 9 per cent over 2016 to 2024 in line with its Energy Plan 2050.”  NES offers various important security related recommendations including adopting a systematic approach to assess cyber risks, improving the protection of energy systems, fostering a performance-based cybersecurity culture; framing cybersecurity guidelines; and promoting physical preparedness and resilience.

About Networked Energy Services Corporation (NES)

Networked Energy Services Corporation is a global smart energy leader in the worldwide transformation of the electricity grid into an energy control network, enabling utilities to provide their customers with a more efficient and reliable service, to protect their systems from current and emerging cybersecurity threats, and to offer innovative new services that enable active, intelligence use of energy. NES was formed as a result of the spinoff of Echelon Corporation’s Grid Modernization Division in October 2014. NES is headquartered in the US with R&D centers located in Silicon Valley, North Dakota and Poland, and sales offices throughout the world. NES’ smart grid technology is used in nearly 40 million smart meters and other smart end devices around the world. NES is a member of the OSGP Alliance, a global association of utilities and smart grid companies, which promotes the Open Smart Grid Protocol and cooperates to provide utilities greater value by enabling true, independently-certified, multi-vendor interoperability based upon open international specifications and standards. You can find out more information about NES, its Patagonia Energy Applications PlatformTM (including grid management software, distributed control nodes, and smart meters) and services at: www.networkedenergy.com.

By: Michel Madi, CEO – Middle East, Africa & India, Networked Energy Services Corporation


According to a study by the WHO, nearly 54 per cent of the global population resided in cities in 2015, at an increase of 30 per cent since 1950 [1]. The urban residents are forecasted to rise to 60 per cent of the world population by 2030, adding 2.5 billion more people to urban areas by 2050 [2]. With such rapid growth, future cities need to become smart to make judicious use of non-renewable resources and existing infrastructure and mitigate the impact of climate change and global warming.
 

What is a smart city? It is an intelligent metropolitan which employs innovative technologies to enhance the performance of vital local services, including energy, water, transportation, healthcare, waste management, and public safety. The use of various channels of communication and information technology (IT) allows smart cities to effectively address many challenges such as a rapidly expanding population, environmental sustainability, and economic viability to offer a safe, secured and clean environment to its residents.
 

While there are several features of a smart city, the single most important aspect is its energy infrastructure, which impacts all other critical functions of the city and a Smart Grid is the solution for a sustainable, resilient and affordable energy infrastructure. But what is a Smart Grid? It is a dynamic, interactive, and real-time infrastructure concept that modernizes power systems through automation, remote monitoring, and control. It also informs consumers about the usage and cost to enable them to make informed decisions.
 

Research and Markets’ ‘Emerging Markets Smart Grid: Outlook 2017 [3] report states that most Smart Grid investments have been concentrated in developed nations. Countries in North America, Western Europe, and East Asia represent over 75 per cent of the installed base of smart meters and other pioneering smart grid initiatives. For instance, the USA passed the bill for Smart Grids as early as in 2007 and earmarked funds to develop its smart grid infrastructure.
 

Since then, the US Government has launched several initiatives, including the Smart Grid Investment Grant (SGIS) for 2009-2014 to modernize the country’s electrical infrastructure. The USD 8 billion joint investment program, consisting of 99 cost-shared projects and involving more than 200 electric utility providers and participating organizations, deployed more than 15 million smart meters, 1,200 phasor measurement units, 19,000 units of distribution technology, and an assortment of customer systems [4]. Likewise, nearly 30 Smart Grid Projects with a total investment of EUR 300 million were started in Europe [5].  
 

Now many developing countries are exploring the multiple benefits of Smart Grids. Almost 50 countries forecasted to invest USD 268 billion in building Smart Grid infrastructure in the next 10 years [6]. Among them is the MENA region that is rapidly adopting renewable energy initiatives to manage its robust energy demands. The deployment of Smart Grids in the GCC can help the region save up to USD 10 billion in infrastructural investment by 2020 [7].
 

The UAE leads the region with its path-breaking initiatives to build smart cities. It launched the Energy Plan 2050 to increase the contribution of clean energy and decrease dependence on natural gas to generate power in line with UAE Vision 2021 [8]. It also pushed the Dubai Clean Energy Strategy during the inauguration of the second phase of the Mohammed Bin Rashid Al Maktoum Solar Park in 2015, which involves AED 100 billion in Green Fund investments and AED 50 billion for the park [9].
 

Smart Grids are modern power network that are the future of the energy sector as they have the tremendous potential to improve the quality of power and make energy sources reliable through demand response and comprehensive monitoring capabilities. Through the intelligent use of digital technologies and innovative application, they can contribute in the development of zero-energy buildings and green communities. Smart Grids also encourage consumers to rationalize their consumption by bringing them closer to energy sources and providing them greater control over their usage. However, initial installation cost pose a significant challenge, which can be addressed by formulating policies and offering incentives by governments to encourage investment in transforming legacy power networks to Smart Grids.
 

[1] http://www.who.int/gho/urban_health/situation_trends/urban_population_growth/en/
[2] http://www.un.org/en/development/desa/news/population/world-urbanization-prospects-2014.html
[3] http://www.prnewswire.com/news-releases/emerging-markets-smart-grid-outlook-2017-300411871.html
[4] https://www.greentechmedia.com/articles/read/8-billion-in-smart-grid-investments
[5] http://publications.jrc.ec.europa.eu/repository
[6] http://www.prnewswire.com/news-releases/emerging-markets-smart-grid-outlook-2017-300411871.html
[7] http://meconstructionnews.com/20745/smart-grids-can-save-gcc-countries-10bn-by-2020
[8] http://www.thenational.ae/uae/uae-turns-green-with-new-power-plan-2050
[9] http://gulfnews.com/news/uae/government/dubai-clean-energy-strategy-2050-launched-1.1628043

Danish utility SEAS-NVE collaborated with Networked Energy Services to implement Patagonia Smart Meter Security Enhancements


Mention ‘security’ today and many people immediately think of hacks or viruses and the need for cybersecurity.
Likewise, many assume that a new IT-based system comes with adequate security built in.
But these assumptions are both quite wrong when it comes to smart meters, says Emil Gurevitch, Security Software Engineer at Networked Energy Services (NES), a provider of smart grid and security solutions globally.
“We often see people equating a smart meter system to a traditional IT system but their characteristics are very different. That needs to be understood or the risk analysis won’t be accurate.”
 

Smart Meter Security Landscape

There are three sets of threats that need to be addressed for a smart metering system, Gurevitch points out. There are the ‘old school’ threats of fraud, theft and safety, which have long been a top concern for utilities.
There is a newer and growing group of regulatory threats around non-compliance, such as the General Data Protection Regulation in Europe. And then there are all the threats associated with IT, such as cyberattacks that can prevent a utility from delivering its services.
“Some of these threats are similar to those of an IT system, but their priorities differ,” comments Gurevitch. “And they are not static and continue to evolve and so the security solutions must likewise continue to evolve.”
 

SEAS-NVE Investigates Security  

Back in 2014, when utility IT breaches were starting to make headlines, Denmark’s largest cooperative utility SEAS-NVE was encouraged to look more closely into its own security arrangements.
“At the time our smart meters were installed, security wasn’t a priority issue,” says Bo Danielsen, Head of Department at SEAS-NVE. “But with smart meters as a critical infrastructure for our business offering 400,000 potential attack points, we needed to ensure the system was as secure as possible.”
The upshot was an approach to the Technical University of Denmark located near to Copenhagen as an outside party for academic input. This resulted in Gurevitch, then a master’s student there, undertaking for his thesis a detailed investigation of SEAS-NVE’s smart metering system from a security perspective and presenting solutions to address problems found.
“Our intention was to create a win-win-win solution for our customers, the company and the vendor by aiming for the most secure system on the market,” says Danielsen.
 

Advanced Smart Meter Security

The outcome of that investigation was a series of security enhancements to NES’s Patagonia smart metering platform aimed at addressing both the current security needs as well as future issues that may arise during the lifetime of the system.
“These features provide higher levels of protection end to end across the system, from the central management layer at the utility to the internet-connected devices such as data concentrators and the smart meters themselves,” says Gurevitch.
Examples he quotes include improved communications security between the different layers of the system and a new key management system providing automatic key updates at regular intervals. Others include improved intrusion detection based on the smart meter characteristics to detect abnormal behaviours, and improved ‘compartmentalisation’ to ensure that a breach into a meter is restricted to that meter alone.
“Signals of possible security breaches land at the utility management system and with these enhanced features, the false-positive rate has been reduced. So if a signal is received, one can be very sure there is something going on,” he says.
 

OSGP security compliance

Another outcome of the project that Gurevitch highlights is an update of the security definitions and specifications of the Open Smart Grid Protocol (OSGP), a global open standard for smart grid applications.
“This positively impacts on all those who implement OSGP-based solutions, while from NES’s perspective, the updates automatically benefit all other customers.”
He comments that when he speaks to customers, he wants to hear that the new enhancements are “just another update” that has come virtually unnoticed via a remote firmware upgrade. “It is essential that updates should not change the performance of the system and that the security features are working behind the scenes without impacting on the meter data collection process.
“If a security feature prevents the utility from meeting its KPIs, then it is not a security feature in our view.”

SEAS-NVE security experience

Danielsen says that from SEAS-NVE’s perspective, the partnership between the three parties - utility, academia and  vendor - has been very fruitful.
“Security is a common problem we face as an industry and it has enabled us to have a hands-on role in the direction of developments in this area,” he says.
“If a utility suffers a security breach then it is likely that SEAS-NVE will face a similar attack and we feel it is important to have the bigger picture rather than focus on just our own little corner of the world.”
Danielsen offers one piece of advice to utilities. He states that the remote firmware update process isn’t trivial and needs planning and monitoring to implement and complete for many thousands of smart meters. For his part, Gurevitch, who notes that further security updates are in the pipeline, advises that utilities looking to enhance their security should complete a risk assessment in advance.
“One of the key lessons here is that you need to understand the security issues you are dealing with in order to determine your security needs and priorities. There is no one solution that fits all and a risk assessment is essential.”

NES clarifies that Echelon meters were not associated with the recent 
Static Energy Meter Accuracy Report

San Jose, CA, March 29th, 2017: Networked Energy Services Corporation (NES), a global smart grid solution provider with the industry’s leading Patagonia Energy Applications Platform (EAPTM), announced today the University of Twente in the Netherlands had not tested the accuracy of its meter in the recent published Static Energy Meter Accuracy Report. Recently there have been various industry articles referencing this report that identified meter accuracy errors caused by certain laboratory conditions meant to simulate households using numerous electromagnetic emitting devices. Some of these articles unintentionally misused a photo of an Echelon meter, but the University confirmed that Echelon meters were not part of the meters included in the report.
 

The University of Twente also informed NES, which was formed from the spinoff of Echelon Corporation’s Grid Modernization Division in 2014, that the University had tested an Echelon meter in a separate previous study by the University.  The Echelon meter tested correctly and accurately, and did not provide the accuracy errors associated with the meters in the well-publicized study.

“In the earlier study, an Echelon meter was also tested, and our testing results show that this is one of the most reliable meters,” said Prof. Frank Leferink from the University of Twente. “In our research, the Echelon meter kept its measurements comparable to the readings of the Ferraris meter.”

In response to the various articles, ESMIG, the European voice of the providers of smart energy solutions, issued a positon paper about the research. ESMIG and its members, which includes NES, announced that while it supports independent research studies, it believes that the study in question did not properly represent real world conditions. ESMIG’s position paper was meant to reassure policy makers, network operators, electricity suppliers and most importantly, European consumers, that the smart metering technology being deployed in Europe is robust, secure and accurate.

“The issue identified in the report is not specific to the measurement technology in a meter but rather how a vendor implements the technology. If designed properly, these types of conditions do not negatively impact the accuracy of meters,” said Andy Robinson, CTO of NES. "We have known about these conditions since 2008 and designed our meters accordingly. NES meters meet, and often surpass, the requirements of the testing standards under the EU Measuring Instruments Directive (MID), which ensure their accuracy, reliability, durability and safety."
 
About Networked Energy Services Corporation (NES)

Networked Energy Services Corporation is a global smart energy leader in the worldwide transformation of the electricity grid into an energy control network, enabling utilities to provide their customers with a more efficient and reliable service, to protect their systems from current and emerging cybersecurity threats, and to offer innovative new services that enable active, intelligence use of energy. NES was formed as a result of the spinoff of Echelon Corporation’s Grid Modernization Division in October 2014. NES is headquartered in the US with R&D centers located in Silicon Valley, North Dakota and Poland, and sales offices throughout the world. NES’ smart grid technology is used in nearly 40 million smart meters and other smart end devices around the world. NES is a member of the OSGP Alliance, a global association of utilities and smart grid companies, which promotes the Open Smart Grid Protocol and cooperates to provide utilities greater value by enabling true, independently-certified, multi-vendor interoperability based upon open international specifications and standards.  You can find out more information about NES, its Patagonia Energy Applications PlatformTM (including grid management software, distributed control nodes, and smart meters) and services at: www.networkedenergy.com.