The Smart Grid has the potential to revolutionize electricity delivery systems, and the security of its infrastructure is a vital concern not only for cyber-security practitioners, engineers, policy makers, and utility executives, but also for the media and consumers. Smart Grid Security: An End-to-End View of Security in the New Electrical Grid explores the important techniques, challenges, and forces that will shape how we achieve a secure twenty-first century electric grid.
Includes a Foreword by Michael Assante, President and CEO, National Board of Information Security Examiners
Following an overview of the components of the Smart Grid, the book delves into the evolution of security standards and regulations and examines ways in which the Smart Grid might be regulated. The authors discuss the technical details about how metering technology is being implemented and the likely threats and vulnerabilities that utilities will face. They address the home area network (HAN) and examine distribution and transmission—the foundation for the delivery of electricity, along with distributed generation, micro-grids, and operations.
The book explores future concepts—such as energy storage and the use of plug-in electric vehicles (PEVs)—in addition to the concomitant risk for fraud and manipulation with stored energy. Consumer-related issues are discussed as they pertain to emerging ways of receiving and generating energy. The book examines dysfunctions ranging from inadvertent outages to cyber-attack and presents recommendations on how to respond to these incidents. It concludes with speculation of future cyber-security challenges and discusses new ways that the grid can be defended, such as better key management and protection.
Written in a style rigorous enough for the practitioner yet accessible to a broad audience, this comprehensive volume covers a topic that is becoming more critical to industry and consumers everywhere.
Table of Contents
What Is the Smart Grid, and Why Should We Care about Security?
Definitions: The Traditional Power Grid
Definitions: What’s a Smart Grid?
Why Do We Need a Smarter Grid?
Smart Grid Risks
Smart Grid Risks versus Benefits
The Smart Grid Evolution: Smart Grid Standards, Laws, and Industry Guidance
Regulations, Smart Grid, and the Bulk Electric System
Privacy Information Impacts on Smart Grid
Smart Grid Security Strategy
Smart Grid Impacts
Applying Security Control Frameworks to Smart Grid
Managing the Overall Risk to Smart Grid
Smart Metering: The First Security Challenge
The Cost of Smart Metering
Smart Metering Programs
Smart Meter Authentication
Smart Metering Security
Smart Meter Vendor Management
Smart Meter Security Management
Home Area Networking: Giving Consumers Control or Opening a Pandora’s Box?
Elements of the Home Area Network
HAN Commissioning, Registration, and Enrollment
Defense-in-Depth and Other Security Solutions
Distribution Automation: Moving from Legacy to Secure
What Is the Distribution System?
Distribution System Architecture
Definition of Distribution Automation
How Does Distribution Automation Work?
Distribution System Costs
What Is the Smart Grid Function of Distribution Automation?
The Importance of the Distribution System and Its Security Challenges
Securing the Distribution System
Distribution Management Systems
Standards, Inoperability, and Cyber-Security
Transmission Automation: Can Utilities Work Together Securely?
Transmission Infrastructure Costs
Transmission Infrastructure Functionality
Smart Transmission Cyber-Security
Strategies for Securing the Transmission System
Distributed Generation and Micro-Grids: Can Distributed Systems Work Together?
Major Generation Resources
Major Generation Costs
Distributed Energy Resource Costs
Distributed Control System
Smart Grid and Distributed Generation
Cyber-Security and Distributed Generation
Operations and Outsourcing
Information Technology (IT)
Smart Grid Operations
Plug-In Electric Vehicles and Energy Storage: Now the Fun Really Begins
Measurement and Coordination
What Makes Plug-In Electric Vehicles Unique?
Plug-In Vehicle to Grid Logistics
Grid to Plug-In Vehicle Logistics
Energy Storage and Cyber-Security
The Future of Energy Storage
What about the Consumer?: Securing Relationships between the Utilities and Their Customers
Electric Charging Stations
Home Area Networks
Demand Response and the Consumer
Consumer Health Risks of Smart Grid
Utility Protection from the Consumer
Third-Party Service Providers
Protecting Consumers from Themselves
Identifying and Recovering the Grid from a Cyber-Disaster
Crystal Ball Time: Will We Have a Secure Grid and What Will It Take?
Smart Meter Security
Home Area Networks
Head-End and Meter Data Management
Distribution System Security
Transmission Security and the Bulk Electric System
The Distribution System and NERC CIP
Identity and Key Management
Differential Power Analysis and Other Side Channel Attacks
Energy Theft and Market Manipulation
Will the Smart Grid Be Secure?
Gilbert (Gib) N. Sorebo is a chief cybersecurity Technologist and assistant vice president for SAIC where he assists government and private sector organizations in addressing cybersecurity risks and complying with legal and regulatory requirements. He has been working in the information technology industry for more than nineteen years in both the public and private sector. In addition to federal and state governments, Mr. Sorebo has done security consulting in the financial services, health care, and electricity sectors. He is currently responsible for coordinating cybersecurity activities in the energy sector companywide. He has been the co-lead of SAI C’s Smart Grid Security practice where he established the SAI C Smart Grid Security Solutions Center for product security testing and solution development and contributes to a variety of other smart grid security research efforts.
Michael C. Echols is a cyber security consultant who specializes in the development and management of utilities’ cyber security programs. This includes the development of governance models, policy development, and compliance. Michael has worked in Energy and Utility markets developing and delivering transformational cyber security solutions for Critical Infrastructure systems. Michael is recognized for his expertise in cyber security compliance and posture analysis for industrial control systems and smart grid technologies. He has worked in the public sector as a cyber security officer for the U.S. government, where he has applied security requirements from both NIST and NERC to industrial control systems, in real world situations. He has led efforts to assess, secure and remediate risk to Generation, Transmission, Distribution, and Advanced Residential Metering Systems for the U.S. government and major U.S. energy providers.
Between them, authors Gib Sorebo and Michael Echols have the chops to go deep into the technical weeds of grid security risks, challenges and solutions. However, their aim is quite different than a technical tour de force … I highly recommend this book for anyone for who cares that their grid is as reliable, efficient and secure as possible.
—Andy Bochman, Smart Grid Security Blog
In Smart Grid Security: An End-to-End View of Security in the New Electrical Grid, authors Gilbert Sorebo and Michael Echols do an excellent job of providing the reader with a comprehensive overview of what the smart grid is, what the security and privacy risks are, and ways in which to mitigate those risks. For those looking to get a handle on how to secure the evolving and dynamic smart grid, Smart Grid Security: An End-to-End View of Security in the New Electrical Grid is an excellent reference. 4 stars.
—Security Management, December 2012