This article examines the ways to protect smart grid network from cyber attack
 India is one of the largest electricity consumer bases in the world with its distribution sector caters to more than 200 million consumers having a connected load of about 400 GW. However, the country losses more than 23 per cent of the total power generated during electricity transmission and distribution (T&D).
Smart grid helps improving the transmission, distribution of the electricity etc, that are automated by incorporating advanced computer and communication technologies for improving the efficiency and safety of the grid.
Currently, the smart grid network is facing many cyber threats like leaking the users information, destroying the device, conventional power network  etc.
In this situation, adoption of advanced automation technologies can enhance the performance of entire distribution network while reducing the losses.
How vulnerable is our smart grid network?The traditional electrical power grid is steadily evolving in to smart grid. Smart grids integrate the traditional electrical power grid with information and communication technologies (ICT) thereby improving energy efficiency.
A smart grid also helps the users to retrieve the information but the heavy use of such heavy technologies have made smart grid network vulnerable. Nowadays, smart grid network is facing different types of attacks such as: damage to the infrastructure and leakage of users information. India with huge population demands more of such technologies. But how far the use of such technology is safe is a big question. It is important to know, what are the cyber threats or attacks  the smart grid network is facing or will face?
The following vulnerabilities are the most dangerous: 

Customer security: Smart meters autonomously collect massive amounts of data and transport it to the utility company, consumer, and service providers. This data includes private consumer information that might be used to infer consumer’s activities, devices being used, and times when the home is vacant. 
 Greater number of intelligent devices: A smart grid has several intelligent devices that are involved in managing both the electricity supply and network demand. These intelligent devices may act as attack entry points into the network. Moreover, the massiveness of the smart grid network that is, 100 to 1,000 times larger than the internet which makes network monitoring and management extremely difficult. 
 Physical security: Unlike the traditional power system, smart grid network includes many components and most of them are out of the utility’s premises. This fact increases the number of insecure physical locations and makes them vulnerable to physical access. 
 The lifetime of power systems: Since power systems coexist with the relatively short lived IT systems, it is inevitable that outdated equipments are still in service. This equipment might act as weak security points and might very well be incompatible with the current power system devices.
Implicit trust between traditional power devices: Device-to-device communication in control systems is vulnerable to data spoofing where the state of one device affects the actions of another. For instance, a device sending a false state makes other devices behave in an unwanted way.
Different Team’s backgrounds: Inefficient and unorganised communication between teams might cause a lot of bad decisions leading to much vulnerability. Using Internet Protocol (IP) and commercial off-the- shelf hardware and software: Using IP standards in smart grids offer a big advantage as it provides compatibility between the various components. However, devices using IP are inherently vulnerable to many IP-based network attacks such as IP spoofing, tear drop, denial of service, and others.
 When asked about the vulnerability of smart grid network in India, Kanwaljeet Singh Kukreja, Senior Manager – Marketing  and  Business Development, Schneider Electric Infrastructure Ltd., said, “Smart grid network introduces enhancements and digital modifications to the conventional power network making it more complex and vulnerable to different types of attacks. These vulnerabilities might allow attackers to access the network, break the confidentiality and integrity of the transmitted data, and make the service unavailable.”
The ability to defend an energy grid depends on more than the security of a grid’s individual components. Today, there is a need to exchange information between various systems monitoring and controlling the grid than ever before. On this note, RK Chugh, Head – Energy Automation, Energy Management Division, Siemens India., states, “Information and communication networks have evolved alongside the electricity grid that interconnects all energy producers and consumers as well as grid operators. This level of interconnectivity and data exchange increases the vulnerability of the grid  to cyber attacks. Unlike the older days when utilities relied on private point to point communication networks, today grid operators and service providers deploy a wide range of communication technologies and media which are shared resources e.g, a telecom network. These provide easy access from public networks that a hacker can take advantage of and penetrate the grids IT network.”
Today, the electric grid is highly dependent on Supervisory Control and Data Acquisition (SCADA) system/ industrial control systems, which is used to manage the operations of all these facilities round the clock. A majority of the SCADA systems used in India were installed 20-30 years ago, in the pre-internet era and were therefore not built to deal with today’s network-based threats or cyber-attacks. “Not only the legacy systems, but also the recently-installed SCADA systems in a networked environment, are vulnerable to cyber-attacks,” says Priyank Kacker, Regional Sales Manager – North, Texas Instruments India. “This is because devices running SCADA systems have limited computational power to implement security protocols. Also these systems are increasingly connected to open networks such as the internet, exposing them to cyber risks.”
Smart grid is a complex ecosystem and a mix of not only various systems, network, processes but a convergence of various IT and communication technologies with the electrical grid.
Potential cyber threat areasIn July 2012, the northern, eastern and north-eastern parts of the country witnessed a blackout caused by  a tripping of the regional electricity grids. It was the world’s largest blackout, with half of India’s population left without electricity, and resulted in losses of approximately $100 million. Although any cyber sabotage was ruled out then, such a scenario is not too far-fetched and can have a deep and devastating impact on India’s economy.
According to Mr Kacker, the spectre of cyber-attack extends to other critical infrastructure too, spanning the private and public sectors. He says, “The NTPC power plants, pipeline networks of GAIL and ONGC, the steel plants of SAIL and Tata Steel, as well as various dams are all susceptible to cyber attack.”
Majority of cyber threats can be easily averted by minimal training and technical support. However, there is currently lack of training and technical mechanism to restrict these normal cyber threats.

Advertising

This article examines the ways to protect smart grid network from cyber attack
 India is one of the largest electricity consumer bases in the world with its distribution sector caters to more than 200 million consumers having a connected load of about 400 GW. However, the country losses more than 23 per cent of the total power generated during electricity transmission and distribution (T&D).
Smart grid helps improving the transmission, distribution of the electricity etc, that are automated by incorporating advanced computer and communication technologies for improving the efficiency and safety of the grid.
Currently, the smart grid network is facing many cyber threats like leaking the users information, destroying the device, conventional power network  etc.
In this situation, adoption of advanced automation technologies can enhance the performance of entire distribution network while reducing the losses.
How vulnerable is our smart grid network?The traditional electrical power grid is steadily evolving in to smart grid. Smart grids integrate the traditional electrical power grid with information and communication technologies (ICT) thereby improving energy efficiency.
A smart grid also helps the users to retrieve the information but the heavy use of such heavy technologies have made smart grid network vulnerable. Nowadays, smart grid network is facing different types of attacks such as: damage to the infrastructure and leakage of users information. India with huge population demands more of such technologies. But how far the use of such technology is safe is a big question. It is important to know, what are the cyber threats or attacks  the smart grid network is facing or will face?
The following vulnerabilities are the most dangerous: 

Customer security: Smart meters autonomously collect massive amounts of data and transport it to the utility company, consumer, and service providers. This data includes private consumer information that might be used to infer consumer’s activities, devices being used, and times when the home is vacant. 
 Greater number of intelligent devices: A smart grid has several intelligent devices that are involved in managing both the electricity supply and network demand. These intelligent devices may act as attack entry points into the network. Moreover, the massiveness of the smart grid network that is, 100 to 1,000 times larger than the internet which makes network monitoring and management extremely difficult. 
 Physical security: Unlike the traditional power system, smart grid network includes many components and most of them are out of the utility’s premises. This fact increases the number of insecure physical locations and makes them vulnerable to physical access. 
 The lifetime of power systems: Since power systems coexist with the relatively short lived IT systems, it is inevitable that outdated equipments are still in service. This equipment might act as weak security points and might very well be incompatible with the current power system devices.
Implicit trust between traditional power devices: Device-to-device communication in control systems is vulnerable to data spoofing where the state of one device affects the actions of another. For instance, a device sending a false state makes other devices behave in an unwanted way.
Different Team’s backgrounds: Inefficient and unorganised communication between teams might cause a lot of bad decisions leading to much vulnerability. Using Internet Protocol (IP) and commercial off-the- shelf hardware and software: Using IP standards in smart grids offer a big advantage as it provides compatibility between the various components. However, devices using IP are inherently vulnerable to many IP-based network attacks such as IP spoofing, tear drop, denial of service, and others.
 When asked about the vulnerability of smart grid network in India, Kanwaljeet Singh Kukreja, Senior Manager – Marketing  and  Business Development, Schneider Electric Infrastructure Ltd., said, “Smart grid network introduces enhancements and digital modifications to the conventional power network making it more complex and vulnerable to different types of attacks. These vulnerabilities might allow attackers to access the network, break the confidentiality and integrity of the transmitted data, and make the service unavailable.”
The ability to defend an energy grid depends on more than the security of a grid’s individual components. Today, there is a need to exchange information between various systems monitoring and controlling the grid than ever before. On this note, RK Chugh, Head – Energy Automation, Energy Management Division, Siemens India., states, “Information and communication networks have evolved alongside the electricity grid that interconnects all energy producers and consumers as well as grid operators. This level of interconnectivity and data exchange increases the vulnerability of the grid  to cyber attacks. Unlike the older days when utilities relied on private point to point communication networks, today grid operators and service providers deploy a wide range of communication technologies and media which are shared resources e.g, a telecom network. These provide easy access from public networks that a hacker can take advantage of and penetrate the grids IT network.”
Today, the electric grid is highly dependent on Supervisory Control and Data Acquisition (SCADA) system/ industrial control systems, which is used to manage the operations of all these facilities round the clock. A majority of the SCADA systems used in India were installed 20-30 years ago, in the pre-internet era and were therefore not built to deal with today’s network-based threats or cyber-attacks. “Not only the legacy systems, but also the recently-installed SCADA systems in a networked environment, are vulnerable to cyber-attacks,” says Priyank Kacker, Regional Sales Manager – North, Texas Instruments India. “This is because devices running SCADA systems have limited computational power to implement security protocols. Also these systems are increasingly connected to open networks such as the internet, exposing them to cyber risks.”
Smart grid is a complex ecosystem and a mix of not only various systems, network, processes but a convergence of various IT and communication technologies with the electrical grid.
Potential cyber threat areasIn July 2012, the northern, eastern and north-eastern parts of the country witnessed a blackout caused by  a tripping of the regional electricity grids. It was the world’s largest blackout, with half of India’s population left without electricity, and resulted in losses of approximately $100 million. Although any cyber sabotage was ruled out then, such a scenario is not too far-fetched and can have a deep and devastating impact on India’s economy.
According to Mr Kacker, the spectre of cyber-attack extends to other critical infrastructure too, spanning the private and public sectors. He says, “The NTPC power plants, pipeline networks of GAIL and ONGC, the steel plants of SAIL and Tata Steel, as well as various dams are all susceptible to cyber attack.”
Majority of cyber threats can be easily averted by minimal training and technical support. However, there is currently lack of training and technical mechanism to restrict these normal cyber threats.

Advertising