1st Edition

Smart Grid Security An End-to-End View of Security in the New Electrical Grid

    328 Pages 40 B/W Illustrations
    by CRC Press

    The Smart Grid has the potential to revolutionize electricity delivery systems, and the security of its infrastructure is a vital concern not only for cyber-security practitioners, engineers, policy makers, and utility executives, but also for the media and consumers. Smart Grid Security: An End-to-End View of Security in the New Electrical Grid explores the important techniques, challenges, and forces that will shape how we achieve a secure twenty-first century electric grid.

    Includes a Foreword by Michael Assante, President and CEO, National Board of Information Security Examiners

    Following an overview of the components of the Smart Grid, the book delves into the evolution of security standards and regulations and examines ways in which the Smart Grid might be regulated. The authors discuss the technical details about how metering technology is being implemented and the likely threats and vulnerabilities that utilities will face. They address the home area network (HAN) and examine distribution and transmission—the foundation for the delivery of electricity, along with distributed generation, micro-grids, and operations.

    The book explores future concepts—such as energy storage and the use of plug-in electric vehicles (PEVs)—in addition to the concomitant risk for fraud and manipulation with stored energy. Consumer-related issues are discussed as they pertain to emerging ways of receiving and generating energy. The book examines dysfunctions ranging from inadvertent outages to cyber-attack and presents recommendations on how to respond to these incidents. It concludes with speculation of future cyber-security challenges and discusses new ways that the grid can be defended, such as better key management and protection.

    Written in a style rigorous enough for the practitioner yet accessible to a broad audience, this comprehensive volume covers a topic that is becoming more critical to industry and consumers everywhere.

    What Is the Smart Grid, and Why Should We Care about Security?
    Definitions: The Traditional Power Grid
    Definitions: What’s a Smart Grid?
    Why Do We Need a Smarter Grid?
    Smart Grid Risks
    Smart Grid Risks versus Benefits
    The Smart Grid Evolution: Smart Grid Standards, Laws, and Industry Guidance
    Regulations, Smart Grid, and the Bulk Electric System
    Privacy Information Impacts on Smart Grid
    Security Standards
    Smart Grid Security Strategy
    Smart Grid Impacts
    Applying Security Control Frameworks to Smart Grid
    Managing the Overall Risk to Smart Grid
    Smart Metering: The First Security Challenge
    The Cost of Smart Metering
    Smart Metering Programs
    Smart Meter Authentication
    Smart Metering Security
    Smart Meter Vendor Management
    Smart Meter Security Management
    Home Area Networking: Giving Consumers Control or Opening a Pandora’s Box?
    Elements of the Home Area Network
    HAN Communications
    HAN Commissioning, Registration, and Enrollment
    Defense-in-Depth and Other Security Solutions
    Distribution Automation: Moving from Legacy to Secure
    What Is the Distribution System?
    Distribution System Architecture
    Definition of Distribution Automation
    How Does Distribution Automation Work?
    Distribution System Costs
    What Is the Smart Grid Function of Distribution Automation?
    The Importance of the Distribution System and Its Security Challenges
    Securing the Distribution System
    Distribution Management Systems
    Standards, Inoperability, and Cyber-Security
    Transmission Automation: Can Utilities Work Together Securely?
    Transmission Infrastructure Costs
    Transmission Infrastructure Functionality
    Transmission Technology
    Transmission Substations
    Smart Transmission Cyber-Security
    Strategies for Securing the Transmission System
    Distributed Generation and Micro-Grids: Can Distributed Systems Work Together?
    Major Generation Resources
    Major Generation Costs
    Distributed Energy Resource Costs
    DER Cyber-Security
    Micro-Grids
    Distributed Control System
    Smart Grid and Distributed Generation
    Cyber-Security and Distributed Generation
    Operations and Outsourcing
    Design
    Engineering
    Communications
    Information Technology (IT)
    Planning
    Grid Operations
    Plant Operations
    Substation Operations
    Accounting
    Marketing
    Maintenance
    Substation Maintenance
    Generation Maintenance
    Construction
    Metering Support
    Smart Grid Operations
    Plug-In Electric Vehicles and Energy Storage: Now the Fun Really Begins
    Storage Technologies
    Measurement and Coordination
    What Makes Plug-In Electric Vehicles Unique?
    Plug-In Vehicle to Grid Logistics
    Grid to Plug-In Vehicle Logistics
    Energy Storage and Cyber-Security
    The Future of Energy Storage
    What about the Consumer?: Securing Relationships between the Utilities and Their Customers
    Electric Charging Stations
    Home Area Networks
    Distributed Generation
    Demand Response and the Consumer
    Consumer Health Risks of Smart Grid
    Consumer Protections
    Utility Protection from the Consumer
    Third-Party Service Providers
    Protecting Consumers from Themselves
    Identifying and Recovering the Grid from a Cyber-Disaster
    Malicious Threats
    Nonmalicious Threats
    Incident Identification
    Incident Containment
    Incident Eradication
    Cyber-Disaster
    Crystal Ball Time: Will We Have a Secure Grid and What Will It Take?
    Smart Meter Security
    Home Area Networks
    Head-End and Meter Data Management
    Distribution System Security
    Transmission Security and the Bulk Electric System
    The Distribution System and NERC CIP
    Identity and Key Management
    Differential Power Analysis and Other Side Channel Attacks
    Energy Theft and Market Manipulation
    Privacy
    Will the Smart Grid Be Secure?
    Endnotes
    Bibliography
    Index

    Biography

    Gilbert (Gib) N. Sorebo is a chief cybersecurity Technologist and assistant vice president for SAIC where he assists government and private sector organizations in addressing cybersecurity risks and complying with legal and regulatory requirements. He has been working in the information technology industry for more than nineteen years in both the public and private sector. In addition to federal and state governments, Mr. Sorebo has done security consulting in the financial services, health care, and electricity sectors. He is currently responsible for coordinating cybersecurity activities in the energy sector companywide. He has been the co-lead of SAI C’s Smart Grid Security practice where he established the SAI C Smart Grid Security Solutions Center for product security testing and solution development and contributes to a variety of other smart grid security research efforts.

    Michael C. Echols is a cyber security consultant who specializes in the development and management of utilities’ cyber security programs. This includes the development of governance models, policy development, and compliance. Michael has worked in Energy and Utility markets developing and delivering transformational cyber security solutions for Critical Infrastructure systems. Michael is recognized for his expertise in cyber security compliance and posture analysis for industrial control systems and smart grid technologies. He has worked in the public sector as a cyber security officer for the U.S. government, where he has applied security requirements from both NIST and NERC to industrial control systems, in real world situations. He has led efforts to assess, secure and remediate risk to Generation, Transmission, Distribution, and Advanced Residential Metering Systems for the U.S. government and major U.S. energy providers.

    Between them, authors Gib Sorebo and Michael Echols have the chops to go deep into the technical weeds of grid security risks, challenges and solutions. However, their aim is quite different than a technical tour de force … I highly recommend this book for anyone for who cares that their grid is as reliable, efficient and secure as possible.
    —Andy Bochman, Smart Grid Security Blog

    In Smart Grid Security: An End-to-End View of Security in the New Electrical Grid, authors Gilbert Sorebo and Michael Echols do an excellent job of providing the reader with a comprehensive overview of what the smart grid is, what the security and privacy risks are, and ways in which to mitigate those risks. For those looking to get a handle on how to secure the evolving and dynamic smart grid, Smart Grid Security: An End-to-End View of Security in the New Electrical Grid is an excellent reference. 4 stars.
    Security Management, December 2012