We need to understand the threats and vulnerabilities related to the digital transition of the electricity grid with the aim of improved control over the cyber risks.
The electricity grid is undergoing a digital transition to become intelligent, robust, and cost-efficient, which means the grid is facing unknown dynamics and causal relationships. Digital transition includes interdisciplinarity and mutual dependencies – factors that can represent vulnerabilities for the grid.
An example of digitalisation in the grid is the integration of grid topology monitoring and data-driven decision support systems with the remote control of breakers in the grid. Although this scenario is still a few years away, SCADA systems are increasingly being interconnected with other systems, such as distribution management systems, geographical information systems, network information systems and systems for customer relationship management. All these system integrations require secure communication technology, protecting them against attacks from malicious actors that may result in unauthorised information disclosure or disruption of the security of supply.
You can find all CINELID’s results about cybersecurity in the Knowledge base:
Cyber risks in grid planning
Cybersecurity risks may become problematic and more difficult to handle if not addressed early in the grid planning process, and preliminary results indicate that cyber risks should be considered already at the distribution grid planning stage.
Grid planning is the process that electric power grid companies carry out to change power transfer capability through decisions about the construction, upgrading, replacement, retrofitting or decommissioning of assets. Long-term grid planning is typically carried out on a time horizon of decades and aims to develop the system optimally to meet future demands. Grid planning can rely on passive measures such as traditional reinforcement or building new lines, or active measures such as support from ICT-solutions during grid operation to increase the power transfer capability or facilitate other kinds of optimisations.
The ongoing digitalisation of the electric power grid is resulting in complex cyber-physical smart grid systems that may be highly exposed to cyber risks. Electric power grid companies are therefore pushed to assess potential cyber risks as part of the grid planning process. This is problematic for two reasons. First, the electric power grid company may not have the personnel with the required cyber-risk knowledge to assess cyber risks. This is especially true for smaller companies.
Second, most available information about the target power grid at the planning stage is at a conceptual level. This makes it even more difficult to obtain a detailed risk picture.
In CINELDI we are currently working on a method to help the industry overcome these issues. The aim is to provide a low-threshold method to assess high-level cyber risks in the grid planning process, based on the limited information that is typically available at the planning stage.
Cyber vulnerabilities in grid operation
As indicated above, relying on digitalisation and active measures in the planning phase imply that choices have been made that need to be followed up in the grid operation phase. During grid operation we have more information available and can obtain a better understanding of the cyber risks. So far, we have investigated several parts of this picture in CINELDI.
The future distribution grid operations are characterized by continuous monitoring and optimization where data is easily accessible and proactive operational planning is regular practice. Advanced Distribution Management Systems (ADMS) is such a control room platform characterized by seamless sharing of models, measurements, database values, and control signals among applications. Although such systems enable comprehensive and optimal monitoring and control of the distribution system, they may also create new vulnerabilities.
Testing and characterizing cybersecurity risks in grid operation is a daunting task. Most of these operational conditions are risky to demonstrate in the real physical grids. Hence, sufficient laboratory-based representation of the cyber-physical system is of paramount importance to test new operational functions under various operational conditions in a controlled and safe environment. An ADMS laboratory testbed has been developed in CINELDI as part of the National Smart Grid Laboratory, and has been used to demonstrate impacts of threats related to coordinated voltage control function. Technology providers and grid operators are highly encouraged to use the capabilities of the National Smart Grid Laboratory to characterize and validate cybersecurity risks and mitigation methods.
Another common vulnerability in grid operation is the insufficient protection of the ability to change control signals (setpoints). This is a vulnerability that will likely be exploited by malicious actors because the number of controllable devices are increasingly used. Such vulnerabilities can be tested and demonstrated in the National Smart Grid Laboratory ADMS testbed as described above.
Grid operators need to build competence and employ the required tools to sufficiently evaluate cybersecurity risks of new control and monitoring technologies. Such tools should be able to represent the power system and ICT infrastructure connectivity and information exchange together with their perceived threats and vulnerabilities. One proposal for such a tool is the Microsoft Threat Modelling Tool (TMT) stencil (or template) which has been developed in CINELDI. The tool can be used by grid operators to identify threats before implementing new operational concepts.
Investing in communication infrastructure is also another need to realize advanced grid operation and which might have implications towards security. Although more studies are still required, 5G can potentially offer better security for smart grids compared to 4G networking technology. In CINELDI we have identified and studied several relevant use cases for employing 5G in connection with IoT and Edge Computing, and the results confirm improved characteristics both for connectivity and security.
How to ensure a secure electricity grid?
In the distribution grid, cybersecurity and reliability are intertwined more strongly than ever. New advanced operational functions are relying heavily on the ICT infrastructure with increased connectivity and data exchange. Grid planning in turn is highly relying on the advanced operational functions as the rapid electrification needs are hard to meet with grid expansion measures. To delay investment needs and to minimize investment costs additional operational measures are required, for example, activation of flexibility to solve congestion problems. These developments entail that grid planning is no longer only focusing on the expansion of the electric power infrastructure, it shall also consider short- and long-term planning of the ICT infrastructure that grid operations will rely on in the long future.
Power Grid companies, Technology Providers and other industry working with aspects of the electricity grid all need to take these new risks into account. The new risks are here to stay, but we can address them and make sure to secure our electricity grid. To do that, we need to:
- Build sufficient competence and allocate sufficient resources to follow up.
- Cooperate across the traditional power and ICT domains within the companies.
- Do the required analyses, make best possible choices in the planning phase, and follow them up in the subsequent (specification/engineering and) operation phase.
- Establish a routine procedure for validating and testing on security implications of advanced operational functions in the control centre.