This article examines the ways to protect smart grid network from cyber attack
India is one of the largest electricity consumer bases in the world with its distribution sector caters to more than 200 million consumers having a connected load of about 400 GW. However, the country losses more than 23 per cent of the total power generated during electricity transmission and distribution (T&D).
Smart grid helps improving the transmission, distribution of the electricity etc, that are automated by incorporating advanced computer and communication technologies for improving the efficiency and safety of the grid.
Currently, the smart grid network is facing many cyber threats like leaking the users information, destroying the device, conventional power network etc.
In this situation, adoption of advanced automation technologies can enhance the performance of entire distribution network while reducing the losses.
How vulnerable is our smart grid network?The traditional electrical power grid is steadily evolving in to smart grid. Smart grids integrate the traditional electrical power grid with information and communication technologies (ICT) thereby improving energy efficiency.
A smart grid also helps the users to retrieve the information but the heavy use of such heavy technologies have made smart grid network vulnerable. Nowadays, smart grid network is facing different types of attacks such as: damage to the infrastructure and leakage of users information. India with huge population demands more of such technologies. But how far the use of such technology is safe is a big question. It is important to know, what are the cyber threats or attacks the smart grid network is facing or will face?
The following vulnerabilities are the most dangerous:
Customer security: Smart meters autonomously collect massive amounts of data and transport it to the utility company, consumer, and service providers. This data includes private consumer information that might be used to infer consumer’s activities, devices being used, and times when the home is vacant.
Greater number of intelligent devices: A smart grid has several intelligent devices that are involved in managing both the electricity supply and network demand. These intelligent devices may act as attack entry points into the network. Moreover, the massiveness of the smart grid network that is, 100 to 1,000 times larger than the internet which makes network monitoring and management extremely difficult.
Physical security: Unlike the traditional power system, smart grid network includes many components and most of them are out of the utility’s premises. This fact increases the number of insecure physical locations and makes them vulnerable to physical access.
The lifetime of power systems: Since power systems coexist with the relatively short lived IT systems, it is inevitable that outdated equipments are still in service. This equipment might act as weak security points and might very well be incompatible with the current power system devices.
Implicit trust between traditional power devices: Device-to-device communication in control systems is vulnerable to data spoofing where the state of one device affects the actions of another. For instance, a device sending a false state makes other devices behave in an unwanted way.
Different Team’s backgrounds: Inefficient and unorganised communication between teams might cause a lot of bad decisions leading to much vulnerability. Using Internet Protocol (IP) and commercial off-the- shelf hardware and software: Using IP standards in smart grids offer a big advantage as it provides compatibility between the various components. However, devices using IP are inherently vulnerable to many IP-based network attacks such as IP spoofing, tear drop, denial of service, and others.
When asked about the vulnerability of smart grid network in India, Kanwaljeet Singh Kukreja, Senior Manager – Marketing and Business Development, Schneider Electric Infrastructure Ltd., said, “Smart grid network introduces enhancements and digital modifications to the conventional power network making it more complex and vulnerable to different types of attacks. These vulnerabilities might allow attackers to access the network, break the confidentiality and integrity of the transmitted data, and make the service unavailable.”
The ability to defend an energy grid depends on more than the security of a grid’s individual components. Today, there is a need to exchange information between various systems monitoring and controlling the grid than ever before. On this note, RK Chugh, Head – Energy Automation, Energy Management Division, Siemens India., states, “Information and communication networks have evolved alongside the electricity grid that interconnects all energy producers and consumers as well as grid operators. This level of interconnectivity and data exchange increases the vulnerability of the grid to cyber attacks. Unlike the older days when utilities relied on private point to point communication networks, today grid operators and service providers deploy a wide range of communication technologies and media which are shared resources e.g, a telecom network. These provide easy access from public networks that a hacker can take advantage of and penetrate the grids IT network.”
Today, the electric grid is highly dependent on Supervisory Control and Data Acquisition (SCADA) system/ industrial control systems, which is used to manage the operations of all these facilities round the clock. A majority of the SCADA systems used in India were installed 20-30 years ago, in the pre-internet era and were therefore not built to deal with today’s network-based threats or cyber-attacks. “Not only the legacy systems, but also the recently-installed SCADA systems in a networked environment, are vulnerable to cyber-attacks,” says Priyank Kacker, Regional Sales Manager – North, Texas Instruments India. “This is because devices running SCADA systems have limited computational power to implement security protocols. Also these systems are increasingly connected to open networks such as the internet, exposing them to cyber risks.”
Smart grid is a complex ecosystem and a mix of not only various systems, network, processes but a convergence of various IT and communication technologies with the electrical grid.
Potential cyber threat areasIn July 2012, the northern, eastern and north-eastern parts of the country witnessed a blackout caused by a tripping of the regional electricity grids. It was the world’s largest blackout, with half of India’s population left without electricity, and resulted in losses of approximately $100 million. Although any cyber sabotage was ruled out then, such a scenario is not too far-fetched and can have a deep and devastating impact on India’s economy.
According to Mr Kacker, the spectre of cyber-attack extends to other critical infrastructure too, spanning the private and public sectors. He says, “The NTPC power plants, pipeline networks of GAIL and ONGC, the steel plants of SAIL and Tata Steel, as well as various dams are all susceptible to cyber attack.”
Majority of cyber threats can be easily averted by minimal training and technical support. However, there is currently lack of training and technical mechanism to restrict these normal cyber threats.
On the other hand, cyber attacks can be of two types, one where it is done to acquire some critical data of an organisation and the other which is done to cause intentional harm or disruption of critical operations of an organisation. Mr Chugh, explains the sources of both this type of attacks can be:
Cyber criminals interested in making money through the sale of valuable information.Industrial competitors trying to get a competitive advantage for their organisation.Hackers who do it as an enjoyable challenge.
Employees who have legitimate access to the system who may do it accidently or deliberately done by disgruntled employees.
Similarly, Mr Kukreja, points out the potential cyber threat areas could be: Theft of power: Attackers can divert the power usage and subvert a meter to report low usage or zero usage. This is classified as theft of power and causes huge losses to the utilities.Customer security: Smart meters automatically collect tremendous amounts of data and transport it to the utility company, consumer, and service providers. This data generally includes private consumer information that might be hacked. Regular interruptions in power supply: Attackers can interrupt communication on the utility network leading to faulty decisions by the system operator which might cause interruptions in power supply.Injecting false information: An attacker can send packets to inject false information in the network, such as wrong meter data, false prices, fake emergency event, etc. Fake information can have huge financial impact on the electricity markets.
Cyber attack proof smart grid network?Smart grids are being introduced to ensure a sustainable power system with minimum losses and high quality, security of supply and safety. However, it is must to realise that, the usage of smart grids result in extra entry points to the power system leading to higher cyber threat possibilities. In case of smart grids, it is necessary to have a robust and resilient grid infrastructure that is able to overcome potential attacks. Speaking on the solutions for cyber attack proof smart grid network, Mr Kukreja, opines “Possible solutions that would ensure a cyber attack proof grid system would be detection systems that have security monitoring sensors and a central monitoring centre for data collection and analysis which would ensure that it is extremely difficult for any attacker to break into the grid system.”
Mr Chugh thinks that, a completely fail proof grid network will never be possible but security solutions are available that can help reduce cyber attacks to the minimum. He says, “Advanced grid security with concrete features for data encryption, for example, or the integration of communication into field devices to reduce the number of network components and create fewer points vulnerable to attack while providing for end-to-end encryption. The ability to defend an energy grid depends on more than the security of a grid’s individual components. Rather, it is necessary to protect the system as a whole.
In spite of research and development, the best solution for the safety of smart grid network in not yet found. Mr Kacker, says, “The smart grid is required to be self-healing and resistant to attacks. In spite of years of research and development by myriad programmers, researchers, and designers, attack-proof networks have never been achieved yet. It would be wiser to design smart grid so when it is attacked, the smart grid reverts to a dumb but working grid.”In fact, in the conception, design, and implementation of the Smart, it should be assumed that a malicious attacker will gain access to the network and associated hardware and metering. Determining the limits of damage tolerable when such an attack occurs and design the system to the discovered limit.
To prevent cyber attacks on smart grid network, the network operators have to be familiar with the normal demand-response values on their networks before they can distinguish between harmless deviations and alarming anomalies. Monitoring is necessary even to notice that 500 login attempts per second have been made. Many attack on networks of any kind, whether they are private, industrial, or public, can simply go unnoticed.
Strict access control is another important factor. In other words: Who is allowed to do what? Who can access a smart grid and through which portal? From proper password generation to the assignment of roles and authorisations, a number of factors need to be taken into consideration.
A sophisticated security concept will ideally fend off an attack by hackers, ensuring that the idea of a city being “switched off” remains just a scenario.
Ideas and technologies to protect smart grid networkHumans are the weakest link in network security, so end-user training is critical. There is a need to educate and train young population on cyber security as they are the first traps for hackers with disguised messages and links. Training programs must be geared toward specific user roles.
IT security should not be an afterthought in the smart grids and should not simply be a set of technology-based controls. It should be an integral part of design, operations, and ongoing maintenance. Utilities should scrutinise which employees (and potentially third parties) have access to these networks and confirm that only those individuals who absolutely need access have it.
Sharing cyber threat information will also be helpful. Most major cyber attacks don’t occur as a single event but as a string of incidents that take place over time. Viewing incidents in isolation makes seeing broader attack campaigns very difficult. By sharing information on cyber threats with local law enforcement agencies and peers, utilities can better detect systemic threats and also learn from their peers what anomalies to look for on their networks.
The world, with thousands of endpoints outside the sphere of physical control of the utility, will not make securing the grid easier. These attacks can be reduced to some levels or can be rooted out by using right technologies. Mr Kukreja, shares information on technology that can protect smart grid network, he says, “A comprehensive approach that considers the entire network, targeting security, patch management, and compliance together, is needed to succeed in this evolving and heterogeneous environment of smart grid including security.” One of the best ways to reduce cyber threats is to make it harder and more costly for adversaries to initiate attacks. Mr Kacker, shares solution, he says, “Multifactor authentication (MFA) helps reduce exposure caused by phishing campaigns and login compromise. Agencies should also consider augmenting MFA with contextual security controls such as location, device identity, device trust attestation and network access point.”
To protect critical infrastructures, it is essential to address all levels. A comprehensive security architecture should include everything from sensors and field devices to the user interface on end devices; and from the tablets used by service engineers to the smart meters that record sensitive customer data.
Mr Chugh, presents some types controls that are a combination of technologies and policies to help in reducing risks of cyber attacks:Hardening of the network by using technologies like firewalls and internet gateways that establish network parameter defences.Encripted and secured communication protocols.Malware protection to protect and respond to known attack codes.Secured congiration where every device and application is restricted to the minimum functionality needed for business operationsUser access control which can be implemented by strict password policies or encryption methods like secured ids. Restrict a user’s access to the minimum required for his area of responsibility. Special care should be taken to deactivate access of employees when they change their roles or leave the organisation.Patch management to patch known vulnerabilities with latest versions of software.
ConclusionIndia needs a proper guidance on cyber security. The country’s smart grid network is vulnerable and it is important to make attack free network. In the coming years, experts providing security solutions will be able to bring out the best solutions and technology, that will reduce and possibly root out the potential threats and make cyber attack proof smart grid network. ___________________________________________Smart grid network introduces enhancements and digital modifications to the conventional power network making it more complex and vulnerable.Kanwaljeet Singh Kukreja, Senior Manager – Marketing and Business Development, Schneider Electric Infrastructure Limited_______________________________________
A completely fail proof grid network will never be possible but security solutions are available that can help reduce cyber attacks to the minimum.
RK Chugh, Head – Energy Automation, Energy Management Division, Siemens India___________________________________
Not only the legacy systems, but also the recently-installed SCADA systems in a networked environment, are vulnerable to cyber-attacks.
Priyank Kacker, Regional Sales Manager – North, Texas Instruments India,