A Turkish business trying to cope during the recent power outages

Securing smarter grids from the enemy

As smart grids become more vulnerable to cyber-attacks every day, what developments are in place to ensure a secure infrastructure?

Smart grid security is a hot topic, especially as the UK government's £11bn smart meter roll-out is widely seen to be in disarray. A report from the Institute of Directors calling for the programme to be scrapped says the system is vulnerable to cyber-attacks that could leave us without power if hackers found a way in. However there are some developments in the field that could still create safe and secure smart grid infrastructures, which in turn may help get the smart meter project back on track.

Truly smart grids can integrate the power generated from traditional sources such as coal and gas with that from wind, water and solar, as well as predict and manage how much power is coming in and what demand is going to be, and keep all of the data, applications and monitoring systems safe while it's doing so.

With the way modern society works, we are completely dependent on electricity and there has been a lot of recent publicity around cyber attacks on smart grids. James Arbuthnot, the MP who chaired the Defence Select Committee until last year, said they pose a major threat to the UK's security, and the previous government pledged an extra £2m to the fight against hackers. National Grid won't discuss numbers but it's believed that there are multiple attacks on the network all day long, every day of the week.

But what are the biggest risks we face if these hackers gain access to the grid? We rely on electricity for communication services and the supply of all our daily necessities such as water, food, transport, fuel, healthcare, national security and banks, so without it, everything grinds to a halt. The fact that so much of our leisure and business activities and even our critical infrastructure now relies on the Internet means we are vulnerable in many areas, and as a major part of the framework that keeps it all going, the smart grid has to be both secure and safe in design right from the start. If not, then the biggest risk is that hackers will gain access to the communication network or control system and bring down part or all of the electricity supply network so we have no power, communications or other vital services.

We just have to look at the chaos caused in Turkey in March 2015 when two power stations were switched off at the same time and the ensuing blackout closed down the transportation infrastructure in major cities, interrupted public transport services, caused huge traffic jams and meant thousands of businesses had to close down for the day. While the blame has been laid at the door of human error for this catastrophic event, the consequences are exactly the same as if hackers had gained access and shut down services.

So, protecting our smart grids from attacks is obviously a problem that needs to be resolved with some urgency and one that technology companies large and small have been working to address.

Smarter security

In the US, Intel Security, in partnership with Wind River, has developed a new platform, Intel Security Critical Infrastructure Protection (CIP), as part of a smart grid project that is being trialled at Texas Tech University in advance of a planned state-wide roll out. CIP works by separating the management functions from the operational ones so that the operating applications can be more securely monitored and managed. For grid operators Intel says the best thing about this new solution is it can be retrofitted with little change to business processes and application software.

Meanwhile in Europe Netcontrol has been developing smart grid automation and security systems that have created an extra layer of security. Headquartered in Finland, the company has customers worldwide whose power grids are being protected by its solutions. Dr Max York, Netcontrol's UK sales manager, says: 'Traditionally, power grids have been vulnerable to attack through external control boxes as hackers could just take out the Ethernet cable, plug in a switch and gain access to the grid.'

But Netcontrol has developed a distributed automation product that removes this risk and adds an extra layer of security to protect the grid. It does this through a technology architecture specifically designed for integrated cybersecurity.

York explains: 'The use of the Internet Protocol is strictly controlled and protected through a reliable VPN (virtual private network), end-to-end authentication and strong AES encryption that protects the operation of the transmission and distribution automation network against virtually all cyberthreats. The supervision of the smart grid communication infrastructure is important and needs to be part of the complete energy network automation system, so resilience against denial of services or communication network outages is built in by using meshed communication solutions.'

Netcontrol's Netcon gateway and remote terminal units contain fully integral cyber-security services, providing a secure base for energy network automation. To protect existing legacy protocols the Netcon gateways can be used to tunnel these through end-to-end secured connections and convert to new IP protocols using secure sessions. York said the upgrade of old legacy technology to modern IP technology can be done economically in steps until all of the legacy technology is retired and replaced. 'This allows network operators to sustain existing infrastructure while providing a secured and future-proofed technology platform. Typical asset lifespans for network operators are 40-plus years, so it is not viable for them to replace everything at once.'

Staged hacker attacks

While the developments at Netcontrol and Intel Security are already helping to make smart grid infrastructure safer, a research project at Syracuse University in New York is focusing on data protection by testing a 'hack-proof' Unisys technology called Stealth. This protects networks by making their attached controls invisible to unauthorised users, so it keeps data-in-motion across any network safe as it travels.

The project was conceived by Associate Professor Jason Dedrick after discussions with Unisys about how Stealth could be applied to the Internet of Things. Dedrick has done extensive research on smart grid adoption by utilities and he realised that the network and information security challenges inherent in smart grid technologies provided a unique testing ground for Stealth. His idea was to have the students pair the technology to the grid, then try to hack the system to see how it held up to the test. So in a collaborative project with Unisys and the US arm of National Grid, the test has been carried out on a smart grid in Massachusetts.

'The project is looking at preventing hacking of the utility's information systems through smart grid systems,' says Dedrick. 'The students are working to figure out how Stealth can be used to protect against an attack in that kind of environment, in terms of the equipment being used, the software and the communication networks.'

The testing is still going on, with the first results from the project due to be released in May at the end of the university semester. The hopes at Unisys are that what they reveal will help the Stealth solution to become an integral part of smart grid deployments in the future.

European Alliance

In Europe, EVN, the largest multi-energy provider in Austria, announced in March that it is joining the European Network for Cyber Security (ENCS) to help establish new smart grid security requirements. A not-for-profit organisation, ENCS was founded in 2012 and its members are critical infrastructure stake owners and security experts focused on deploying secure European critical energy grids and infrastructure.

EVN joins companies such as E.ON, Alliander and Accenture to help with security research focusing on how to secure smart grids and industrial control systems (ICS). Several major smart grid security research projects have been completed and others in progress. One of these, Cyber Security for Smart Grids, was completed in January 2014. A collaboration between Alliander, TNO, KPN, DNV KEMA, Security Matters and the University of Twente, the project was funded for a year by the Netherlands Enterprise Agency to find security solutions for the energy sector. Energy is one of nine 'top sectors' where the Dutch Government is supporting developments with export potential.

The project identified several problems within the energy sector and worked on developing the innovative solutions needed to fill the gaps that the research revealed. The work was a first step in making it technologically possible for distribution system operators (DSOs) to meet the security requirements for a resilient smart grid. To develop these solutions the group researched and analysed the international security standards applicable to smart grids and ICS, including threat, vulnerability and risk analyses and good practices on security protection measures. Other areas that the research looked into were: monitoring solution for ICS and smart meter infrastructure; PET (privacy-enhancing technologies) for smart metering; and setting up a cybersecurity test bed methodology and framework to perform end-to-end security testing of ICS and smart grid infrastructures.

From this initial research, several new strategies, protocols and new solutions have been developed. Monitoring is a vital tool in smart grids and the project resulted in a strategy to place intrusion detection sensors in substation automation systems. A major step forward has been the development of new algorithms to detect man-in-the-middle-attacks that abuse network management protocols (ARP, ICMP, and DHCP) and intrusions in encrypted traffic between control centres and substations. The algorithms can detect abnormal sequences of network packets in a periodic stream, or abnormal amounts of traffic. Tests on real traffic showed they will even detect subtle attacks while raising few false alarms.

A proof-of-concept monitoring solution was also built in a substation automation test bed. When tested on 15 realistic use-cases defined by a grid operator it performed outstandingly well and all cases could be detected with the solution.

Privacy-enhancing technologies

When reading out smart meters, DSOs have to ensure the privacy of consumers while also getting the information they need for advanced smart grid services such as demand side management. So, new protocols are needed to manage the communication between smart meters and the grid operator that ensure the privacy of consumers. Privacy-enhancing technologies are how this achieved. The ENCS project used a realistic testbed to check the robustness and scalability of the privacy-preserving meter-reading protocol and to identify additional use-cases in smart grids that need privacy-preserving technologies and develop cryptographic protocols for them.

Again, the results were good and the protocol performed well in a realistic test set-up with 100 meters. The encryption caused no significant delays in reading the meters, and could easily be integrated into the DLMS/COSEM communication protocol.

A new security requirements framework has been developed from what the project revealed that can now be used to define the security foundations that need to underpin every smart grid. This includes a comprehensive overview of the threats and vulnerabilities to substations, a strategy for developing a secure architecture, and a set of best-practice literature for smart grid security for ENCS members to learn from.

The work hasn't stopped there though, and now a project is under way looking at ongoing improvements to PET.

Then there's the DENSEK project funded by the European Commission's Migration and Home Affairs directorate as part of the CIPS programme which is focused on 'prevention, preparedness and consequence management of terrorism and other security related risks'.

The DENSEK projects aims to improve the resilience of the whole European energy infrastructure against cyber threats by bringing together all the major players to work together against hackers. It hopes to work with as many stakeholders as possible within the energy supply chain, from energy producers to the end consumers, to better organise the protection of smart grids and to lift the resilience to a higher level through three core areas: a European energy information-sharing and analysis centre, a situation awareness network and an information-sharing platform.

There is a lot going on in the world of smart grid cybersecurity, and while much of the work is at very early stages, if the UK government can get its act together and implement the right tools now then maybe the smart meter project won't just be another in a long line of failed IT projects from Westminster. Instead, it could be a vital step in making people more energy-conscious and moving towards a lower-carbon economy rather than a costly mistake.

    Sign up to the E&T News e-mail to get great stories like this delivered to your inbox every day.

    Recent articles