cyber security in the smart grid - amazon web services...cyber security in smart grid systems within...

Cyber security in the smart grid

Future Leaders industry forum

Future Leaders industry forum

—

This paper was developed in the framework of the IEC Young

Professionals (YP) Programme, whose core objective is to increase

the involvement in IEC work of the next generation of IEC experts

and leaders, and to encourage their long-term participation in

standardization and conformity assessment activities.

As part of the Programme, an IEC Future Leaders industry forum

event was organized, bringing together a group of IEC Young

Professionals to discuss and share their views on the issue of

cyber security in smart grid systems within the larger overall

context of security in smart infrastructures. Held on 26-27 March

2018 in Munich, Germany, the event was sponsored by Siemens

and moderated by the VDI/VDE Innovation + Technology GmbH

research institute. This paper summarizes the discussions of the

future leaders at the forum.

3

Executive summary

Smart infrastructures

—

In the past, physical devices have constituted the main element in

urban infrastructures, but with the increasing development of digital

technology and its growing use in the operation, maintenance and

coordination of such structures, a trend can be seen involving the

merging of physical and cyber-physical devices, giving rise to so-

called “smart infrastructures”. In the energy sector, electrical grids

are increasingly taking the form of smart grid systems in which the

application of digital processing and communications enables data to

flow from producers to consumers and vice versa.

The energy sector

—

Currently, the energy sector is undergoing a fundamental change

from vertical generation to platform-based generation of energy,

involving an increased need to converge and cooperate with other

industries. Specifically this means a shift in the functioning of power

systems from a centralized fossil fuel-based grid model toward

distributed and green-based networks utilizing increased distributed

energy resources (DER) and information technology (IT). This change

is generating additional challenges and considerations, including

those related to cyber security.

Smart grid of the future and cyber security challenges

—

In the future, major trends are foreseen involving the adoption of

communications and computing technologies, in particular those

related to use of big/smart data and algorithms in power systems,

such as (cloud-) connected sensors, data analytics and artificial

intelligence (AI).

Major developments are also foreseen in the area of services and

business models that build on the above technologies, such as AI-

based or big-data-based services, for example personalized energy

services, next generation demand response (DR) systems and real-

time balancing.

Power over ethernet (PoE) is becoming increasingly popular and

demonstrates how information and communication technologies (ICT)

and the electricity grid will converge in the future.

Expected innovations of the future

—

The following innovations are expected to emerge and become

mainstream in the smart grid sector. Interestingly, all of these

innovations are characterized by the same prominent features,

namely the qualities of being smart, connected, distributed and

secure. In addition, they all focus on the integration of hardware,

software and algorithms, and they all involve communications and

computing. It is highly probable that these innovations will also lead

to opportunities for the development of new business models. These

innovations include:

distributed smartness/intelligence

blockchain or similar trust systems

new business models

5G networks for high bandwidth and low latency communication

Internet of Things (IoT)

Standardization and conformity assessment needs

—

To respond to today’s cyber security challenges in the smart grid

and to anticipate the needs brought by these future trends and

innovations, the IEC will have an important role to play through

its Standards and conformity assessment (CA) activities. Some

current gaps and future opportunities in this regard are identified

in this paper, such as the need for Standards on the efficiency of

power diverters used to store or convert energy, and the necessary

development of robust standardization around all aspects of AI.

CA should enable quality assurance in the AI domain and the

assessment of functionalities for smart meters.

4

Structure of the paper

—

The present paper explores the above issues, challenges, trends,

innovations and needs in the particular context of cyber security

in smart grid systems. In addition to identifying how current and

expected developments may affect both the prospects and structure

of the energy sector, and determining the specific responses that such

developments imply, the paper formulates concrete recommendations

to IEC and its community of partners concerning standardization and

CA gaps and opportunities that need to be addressed in this context.

Section 1 outlines basic security issues affecting smart infrastructures

in general and sets the stage for an analysis in the rest of the paper

of cyber security aspects currently developing in the smart grid sector

and the IEC role in helping to address these with standardization and

CA tools.

Section 2 concentrates more specifically on smart grid system

security. Following an introduction on the smart grid as a whole

(subsection 2.1), future communication interfaces within a smart

grid infrastructure are considered in subsection 2.2, and current

and future cyber security issues raised by new and disruptive

technologies are discussed in subsection 2.3. Subsection 2.4

considers the implications and concrete needs posed by the prospect

of smart grids involving up to 10 million DER, the resulting issues

across key sectors and the different players and roles involved. The

transferability of gains in this respect from the smart grid to other

critical infrastructures is discussed in subsection 2.5. Throughout

this section recommendations are formulated to IEC concerning

appropriate actions to undertake.

Section 3 provides an aggregated summary of the innovations

expected in the smart grid energy sector in coming years, how they

will shape the development and operation of infrastructures and

what the IEC role could be in responding to the standardization and

assessment needs that emerge.

Annex A provides a copy of the preparatory material elaborated by

VDI/VDE Innovation + Technology GmbH (VDI/VDE-IT) in collaboration

with IEC Central Office as an outline/framework and stimulus for

participants in the IEC Future Leaders industry forum held 26-27

March 2018 in Munich. The current paper presents the reflections

that resulted from the forum on the basis of that material.

5

List of abbreviations

AI artificial intelligence

AT&C aggregate technical and commercial

CA conformity assessment

CII critical information infrastructure

DER distributed energy resources

DR demand response

DSO distribution system operator

ICT information and communication technologies

IoT Internet of Things

IP intellectual property

IPR intellectual property rights

ISMS information security management system

IT information technology

MSB (IEC) Market Strategy Board

OT operational technology

PoE power over ethernet

PV photovoltaic

RTO research and technology organization

SCADA supervisory control and data acquisition

SDO standards developing organization

SGAM smart grid architecture model

SSO standards setting organization

TSO transmission system operator

YP young professional

6

Table of contents

Executive summary

List of abbreviations

Section 1 Security in smart infrastructure

Section 2 Cyber security in the smart grid

2.1 Smart grid – an introduction

2.2 Future communication interfaces within a smart grid infrastructure

2.2.1 Standardization and conformity assessment needs

2.2.2 Recommendations for the IEC

2.3 Smart grid of the future and cyber security challenges

2.3.1 Current isses related to cyber security

2.3.2 Future new/disruptive technologies

2.3.3 Self-healing and predictive grids – opportunities and challenges



2.4 Smart grids involving 10 million DER

2.4.1 Initial thoughts and questions

2.4.2 Players and their roles



2.5 Transferability

2.5.1 Key issues across sectors



Section 3 Aggregated results

3.1 Top innovations that are expected to shape the industry int he ocming years

3.2 Recommendations for the IEC

Annexe A Preparatory material

Annexe B List of contributors

3

5

7

8

8

9

10

10

10

11

11

13

14

14

15

15

15

15

15

15

16

16

16

18

18

19

20

25

7

Section 1Security in smart infrastructure

Infrastructures underpin and channel the basic systems and services,

such as transport and power supplies, that a country or organization

uses in order to work effectively. In the past, physical devices have

constituted the main element in urban infrastructures, but with the

increasing development of digital technology and its growing use

in such structures, the trend is toward a merging of physical and

cyber-physical devices, thereby giving rise to the concept of the

“smart infrastructure”. Critical information infrastructures (CIIs) are

defined as those facilities, systems or functions whose incapacity or

destruction would cause a debilitating impact on national security,

governance, economy and the social well-being of a nation. Typically,

power, oil, gas, transport, telecom and defence infrastructures are

considered as CIIs.

Smart infrastructures are made up of various components stemming

from diverse domains of activity, such as energy, transport, public

safety, etc. In smart infrastructures, sensing technologies are

embedded both in the infrastructure itself and in the equipment with

which it interacts. These sensors are connected to a communication

platform, which allows data acquisition and analysis. In this

environment, smart infrastructures are able to respond accurately

and instantaneously to users’ needs. This development also poses its

own set of challenges, as the use of software-controlled devices that

interact with the physical world brings new risks for the economy and

for the safety of people.

As the use of both cyber connection and the IoT is increasing, the

changes effected by this trend are impacting and accelerating an

energy transition in the world. The consumer is having more and more

access to information and will increasingly become the centre of the

energy system. This is challenging and transforming the way in which

energy is produced, consumed and distributed. In addition, the supply

landscape is also changing, as hydrocarbon and non-hydrocarbon

sources are becoming increasingly abundant, which should lead to

lower costs and a sustainable provision of energy.

In this paper, reflecting the expertise of the content contributors, we

will focus our analysis of security in smart infrastructures around the

smart grid and its cyber security issues, with particular attention on

the following themes:

future communication interfaces within a smart grid

infrastructure

the smart grid of the future and cyber security challenges

a smart grid consisting of 10 million DER

transferability

8

Section 2Cyber security in the smart grid

2.1 Smart grid – an introduction

A smart grid is an electrical grid in which the application of digital

processing and communications enables data to flow from producers

to consumers and vice versa. This in turn permits the detection of

and immediate reaction to local changes in usage. Information

management is central to the smart grid.

Today the world is experiencing the effects of relentless economic

factors that are steadily compacting loosely-coupled critical

infrastructures in favour of more tightly coupled systems. Loosely-

coupled critical infrastructures are relatively independent from one

another, and the state of any given individual infrastructure has

almost no effect on the state of other infrastructures, e.g. electricity,

water, etc. Tightly coupled critical infrastructures, on the other hand,

depend highly on one another. Electricity and communications

technology are becoming the most tightly co-dependent elements

of a critical infrastructure. Other elements (i.e. liquid fuels, water,

transportation, financial systems, etc.) continue to intermesh. A

consequence of this is that while society enjoys economic efficiency

in day-to-day operations, leeway within the critical infrastructure

ecosphere, and in particular within advanced societies that depend

on such infrastructures, continues to shrink. The result is a steadily

diminishing capacity of society to absorb a supply chain interference.

The energy sector is currently undergoing a change from vertical

generation to platform-based generation of energy, involving an

increased need to converge and cooperate with other industries.

The trend in power systems is to shift from a centralized fossil fuel-

based grid model toward distributed and green-based networks. This

trend is necessitating a new way of designing smart grids to ensure

more reliable and secure power system performance, as dependency

on resilient and reliable technology will only grow with the advent

of increased DER and IT, and additional considerations such as

cyber security that such elements entail. The demand side will be

increasingly involved in power system management, requiring large-

scale utilization of distributed communication networks. This evolution

will also enable consumers to become generators of their own

electricity and will provide them with the possibility of contributing

back to the grid as prosumers.

New communication interfaces, increased computing intervention,

energy generation and storage technologies, but also new sectors,

market players, business models, power plants, assets or even new

regulations will significantly impact the market participants of the smart

grid as well as the smart grid in its entirety. One of the key challenges

involved is a potentially higher degree of vulnerability due to:

greater interconnectivity, less specific boundaries between

systems and proliferation of technologies and interfaces

the growing intent and capability of a range of actors seeking to

deliberately subvert and maloperate energy related systems 1

New Standards and communication protocols will be vital to

ensuring that tomorrow’s grid is a platform with the appropriate

degree of openness and flexibility to respond to the opportunities

and challenges that the smart grid brings, while continuing to be

reliable, robust and resilient. With increasingly granular data and

communications, the power industry could transition to performing

as a multidirectional ecosystem for value exchange, much as the

telecommunications industry does. This changing landscape could

also generate a different perspective concerning the need for future

Standards and will likely push Standards developing organizations

(SDOs) to re-evaluate their current working practices and investigate

new ways of working, developing Standards and forging closer ties

with other SDOs.

1 The US Department of Energy (DoE) recently released a five-year cyber plan

covering some of the key issues: go.iec.ch/ypforum01

‘ With increasingly granular data and communications, the power industry could

transition to performing as a multidirectional ecosystem for value exchange.

9

2.2 Future communication interfaces within a smart grid infrastructure

One of the elements of smartness in the smart grid concerns

communication between all domains of the electrical energy supply.

Given that the smart grid is a critical infrastructure, it is of utmost

importance to guarantee security across all respective interfaces.

In this subsection we will look at future communication interfaces

within a smart grid infrastructure, taking into consideration certain

necessary technological changes, such as distributed intelligence, the

incorporation of blockchain and DER within the smart grid landscape.

We will also look at the role Standards as well as CA will play in this

development.

The contributors to this paper believe that the technologies, products

and services discussed below, which mirror elements of the IEC Smart

Grid Standards Map, will become widely adopted in the smart grid

of the future. Table 1 places these technologies, products, services,

etc. on the time frame of a trend radar which indicates when these

elements will be widely adopted.

Table 1 | Trend radar as established during the discussions in work stream 1 2

2 The term “work stream” refers to the different focal areas of discussion at the IEC Future Leaders industry forum (see Annex A).

Big data analytics

Blockchain

Edge computing

Machine/deep learning

AI

Quantum computation

Electric vehicles

Smart appliances

Green energy

Autonomous vehicles

Smart meter

Predictive maintenance

Aggregation services

P2P trading

Audit services

Data provider

Revenue sharing model

Trust provider

Availability pricing

Green market

IoT, industrial internet

Consensus-based islanding

Supervisory control and data acquisition (SCADA)

Smart meter

Blockchain

High bandwidth/performance and low power wireless networks

2020 2025 2030 2035 2040Identified itemsCategory

Technologies

Products

Services

Business models

Markets

Trends

Interfaces

Coloured bullets behind the identified items of different categories indicate that one of the conceived interfaces establishes a connection between those items.

10


Based on the above information, a subsequent discussion of

standardization and CA needs brought the paper contributors to focus

on the following two interfaces, as these were evaluated as being the

most important: high bandwidth/performance and low power wireless

networks, and smart meters.

High bandwidth/performance and low power wireless networks:

the standardization and CA needs related to this interface

concern performance in terms of latency, reliability, security

and bandwidth, as well as the need to accord test cases and

test procedures (including expected results). Another important

issue involves creating some sort of process that guarantees

interoperability on the basis of actual use cases. Conformity

should be assessed by including the entire system as opposed to

single devices, in order to take interoperability into account.

Smart meters: the standardization needs of this interface

should be identified on the basis of the needs of the market and

business models. Standardization should focus on security and

safety, taking into account the next and perhaps even the next-

plus-one generation of smart meters and interfacing, and should

formulate a minimal set of Standards for base functionalities.

The needs in the area of CA in this case were framed as a

recommendation to change the perspective from a use case

solution to one of functionality.


The concrete recommendations addressed to the IEC in this area can

be summed up as follows:

High bandwidth/performance and low power wireless networks:

– Develop a process that guarantees interoperability on the

basis of actual use cases.

– Ensure that CA includes the entire system as opposed to

single devices, in order to take interoperability into account.

– Collaborate closely and foster coordinated working

relationships with other alliances active in this area. These

may include established organizations, such as IEEE, as well

as current or new consortia that may develop around new

technologies, such as the Wi-SUN alliance, LoRa alliance,

ZigBee alliance, etc.

Smart meters:

– Formulate a minimal set of Standards for base

functionalities that includes the next and next-plus-one

generation of smart meters and interfacing.

– Change the perspective from that of a use case solution to

one of functionality for CA.

– Provide standardized test beds and perhaps even test

engineers for CA.

– Encourage and incentivize close collaborations with

universities or research institutes.

2.3 Smart grid of the future and cyber security challenges

The fusion of a traditional grid with modern communication interfaces

has ramifications that extend beyond known historical disturbances to

critical infrastructure caused for example by natural disasters such as

floods or earthquakes.

The electricity grid has a long history – extending back to the start

of electro-mechanical technologies – of being an early adopter of

information and communication tools. Currently, most electricity

grid systems include an extensive, and steadily growing, overlay of

cybernetic systems (e.g. SCADA systems, advanced distribution/

energy management systems, smart metering, etc). Commercial

pressures have resulted in the removal of air gaps in the grids’

cybernetic systems and their fusion with consumer appliances on the

general internet. Grid owners are aware of the possibility of malicious

actors utilizing the bridge between internet and grid cybernetic

systems for their own nefarious purposes, and typically have suitable

technical controls in place. Nevertheless, this possibility constitutes a

new threat for the electricity grid.

Modern communication interfaces have enabled certain technological

changes within the smart grid landscape, notably:

distributed intelligence, including outage detection and response

to outage, rerouting of power by automated switching, reduction

of aggregate technical and commercial (AT&C) losses, peak load

management

mechanisms for dealing with message integrity (resistance

to modification) and the option to implement automated trust

services. The chosen technology will depend on the capabilities

or requirements desired and the extent to which those

requirements are satisfied. One such possible mechanism is the

blockchain

DER in which generation and storage are performed by a

variety of grid-connected devices (e.g. aggregators), creating

opportunities for novel business cases

For market participants in the smart grid, the particularities of the

smart grid environment lead to special and extremely demanding

requirements for an information security management system

(ISMS) and its security processes. In this context, the process of

risk management – risk assessment and risk treatment – deserves

special attention. Generally speaking, risk management allows system

operators to analyze what kinds of events can occur, determine what

the possible consequences of such occurrences could be and decide

what should be done and when it should be undertaken in order to

11

adequately prevent potential damage. Here, the special character of

the smart grid becomes obvious. Against a backdrop of emerging

business models, new market participants and a constant and

massive exchange of information between participants, the smart grid

represents a particularly demanding field for an ISMS, its processes

and relevant measures (so-called controls) (see ISO/IEC 27002 and

ISO/IEC 27019).

In addition, enhanced integration of ICT in the smart grid enables

resiliency and leads to enhanced efficiency, security and reliability,

but at the same time exposes the grid to an increased risk of cyber

intrusions and other ICT failures. Furthermore, the changing grid

landscape allows the entry of new stakeholders and non-traditional

grid players such as Amazon, Google and Tesla.

2.3.1 Current issues related to cyber security

Current key issues related to cyber security include the following:

the development towards an increased use of smart devices

and the concomitant issues related to their connection and

integration with other systems in the real world

the increasing necessity to involve consumers in the smart grid,

and the challenges associated with this development

the need for in-depth standardization and CA knowledge

from a substation perspective: the concern that with the

expanding number of devices involved, e.g. for monitoring, the

“attack surface” for cyberattacks on substations is increasing.

Critical Standards related to such issues in substations include

the following documents from IEC TC 57: Power systems

management and associated information exchange:

– IEC 61850 series, Communication networks and systems for power utility automation, in particular the individual parts related to protection and control in substations

– IEC 62351 series, Power systems management and associated information exchange – Data and communications security

from a utility perspective: the challenge to implement advanced

metering and at the same time support cyber security.

Standards relating specifically to this challenge from the

work of ISO/IEC JTC 1/SC 27: IT security techniques, include:

– ISO/IEC 27001:2013, Information technology – Security techniques – Information security management systems – Requirements

– ISO/IEC 27019:2017, Information technology – Security techniques – Information security controls for the energy utility industry

from the grid-to-estate perspective: especially for industrial

estates with complex requirements regarding interfaces and

energy management, needs connected with instance load

control and advanced metering

2.3.2 Future new/disruptive technologies

Participants at the IEC Future Leaders industry forum considered what

new/disruptive technologies (e.g. in the areas of communications,

computing, generation, storage, electronics) could be envisioned as

entering the market from today until 2040, and likewise which new

sectors, market players, business models, power plants, assets,

processes, or even regulations could be foreseen as playing a critical

role in the smart grid of the future. A trend radar was developed

for the coming 20 years, identifying trends in a number of relevant

categories related to technologies, position in the energy supply chain,

assets, market sectors, market players or framework conditions, and

mapping these on a time scale between today and the year 2040.

The criterion for positioning the trends on the timescale was their

actual availability on the market and their large-scale deployment.

Table 2 provides an overview of the trends identified and the projected

timeframe for their deployment.

‘ Enhanced integration of ICT exposes the smart grid to an increased risk of cyber

intrusions and other ICT failures.

12

Table 2 – Trend radar as established during the discussions in work stream 3

Connection to cloud (home/car/utility)

Artificial inertia

(Cloud-) connected sensors/trillion sensors, substations

Data analytics/social networks

Millions of producers

Battery parks storage technologies (Tesla)

Central AC generation from calibrated DC generation

Inertia control/real-time balancing standardavailable for photovoltaics (PV)

PoE

Self-healing grid/predictive grid (closed loop control)

Choose where energy comes from, commit toamount of energy used

Next generation DR systems (AI-based)

Configuration of energy services for consumers

Aggregators

Amazon

Enable non-connected persons access to the grid

2020 2025 2030 2035 2040Identified itemsCategory

Communications computing

Energy storage

Distribution consumption

Services business models

Sector players

Regulation policies

The following are the core thoughts of the paper contributors on this

topic:

Major trends are foreseen in the adoption of communications

and computing technologies, in particular related to big/smart

data and algorithms, in the power systems.

Examples include:

– (cloud-) connected sensors

– devices and assets

– data analytics

– AI

Artificial inertia (delivering power quickly when system frequency

deviates from its nominal value by a certain amount) was

mentioned as one concrete application.

Economic considerations regarding the cost of cyber security

versus the benefits associated with an extension of the grid’s

cybernetics into the home will drive the outcome.

Major trends are also foreseen in the area of services and

business models that build on the above technologies.

Examples of these include:

– AI-based or big data-based services such as personalized

energy services

– next generation DR systems

– real-time balancing

Projections confirm the impact of DER involving millions of

producers, and the related innovation potential:

– in the field of energy storage, e.g. battery parks for

secondary use of electric car batteries

– for new market sectors and players, e.g. aggregators

– for new services and business models, e.g. online market

places and digital platforms

PoE technology is growing in popularity and demonstrates how

ICT and the electricity grid will converge in future.

Most trends are projected for the coming 5-10 years, and

only very few for a timeframe of 15-20 years from today.

The trend furthest in the future is that of the self-healing and

predictive grid. Customers have already made significant capital

investments in the electrical appliances in their homes.

13

Suggested typical lifespans for these capital-expensive

appliances are as follows:

– pool pumps: 5 to 10 years, depending on run times, run

speed and exposure to elements

– air conditioners: 7 to 15 years, depending on run times and

basic maintenance

– dishwashers: 10+ years, depending on run times and basic

maintenance

– clothes dryers (resistors): 10 to 15 years, depending on

element life

– hot water systems (resistors): 10 to 20 years, depending on

anode replacements

– refrigerators: 10 to 20 years, depending on exposure to

elements and door seal life

– stoves and ovens (resistors): 20+ years

– solar PV systems: 10 years for the inverter and 25 years for

PV cells

The lifespan of these appliances subsequently dictates the

natural adoption rates of smart appliances and the support time

for an embedded IoT device. For example, solar diverters are

now entering the market place as an add-on to electric hot water

systems to minimize household importing power during partially

cloudy periods. However, the price of solar diverters is high,

typically between 100% to 200% of the base cost of an electric

(resistive) hot water system. While under present economic

conditions solar diverters are questionable and are adopted only

by enthusiasts, it is reasonable to assume that over time the

price of such units will fall significantly. No Standards exist on

the efficiency of these power diverters for storing or converting

energy.

A rule of thumb suggests that customers face two major hurdles

before adopting a new energy-efficient technology:

they must have access to the necessary capital

they typically seek a payback time of five years or less

Assuming these two criteria are met, even then the replacement cycle

for a smart appliance technology introduced in 2025 will still require

another 10 to 20 years to reach a critical mass.

Once again, economic factors – including the cost of cyber

security – will drive the adoption rates for smart appliances. If the

cost of ongoing cyber security to ensure the reliability of a smart

appliance outweighs the cost of a basic resistive hot water system,

then customers are unlikely to adopt such systems en masse.

2.3.3 Self-healing and predictive grids – opportunities and challenges

Based on the projections of the trend radar, a vision of the smart grid

of the future can be formulated, involving namely a “cyber secure

hyper-connected grid which self-heals using AI-control systems”.

It should be added that the actual implementation of such a self-

healing network can be more challenging to achieve than in theory,

as it includes:

installing the field hardware and getting the communication links

working

requiring grid engineers to spend a significant amount of their

time ensuring that disparate elements work together

integrating safety considerations (particularly on overhead

networks), ongoing software upgrades, maintenance of field

devices, etc. in the operation of the system

Therefore, for such a self-healing and predictive grid to be

implemented, the technology associated with self-healing networks

needs to mature. If it does not, the adoption of this technology could

remain incremental at best.

With regard to opportunities, it is expected that AI could be exploited

to make the grid more secure.

On the challenge side is the considerable complexity of the system,

i.e. the fact that millions of producers and an increasing number

of sensors, devices and assets are connected, that ICT and power

converge in the grid and that substations by necessity must contain

an increasing quantity of monitoring equipment. Specifically, concerns

are posed about:

controlling the unwanted switching off of devices, either through

accidental shutdowns or deliberate, manipulation in a cyber-

attack

knowing which devices need to be switched off and when, and

how to control that

the plugging in of devices for power charging that might also

transmit unwanted data

‘ A vision of the smart grid of the future involves a “cyber secure hyper-connected

grid which self-heals using AI-control systems”.

14


The following concrete standardization and CA needs related to these

opportunities and challenges have been identified:

No Standards exist on the efficiency of power diverters for

storing or converting energy.

In the area of AI, Standards and CA initiatives are needed in

order to set basic requirements and guarantee quality. The

notion of dependable or trustworthy AI should be underlined

here. Currently super-intelligence is the subject of a great

deal of thinking as well as the fact that AI may make decisions

in which human interests are not appropriately prioritized. A

key requirement that seems to be emerging is the notion of

interrogatability (transparency into how the AI arrived at a given

solution/conclusion). AI can deliver surprising results, which

are being collated by academics. For example, one AI system

deduced that the quickest way to sort a list of items was to

delete the list. Here something similar to Asimov’s Three Laws of Robotics is recommended 3:

– A robot may not injure a human being or, through inaction,

allow a human being to come to harm

– A robot must obey the orders given it by human beings

except where such orders would conflict with the First Law

– A robot must protect its own existence as long as such

protection does not conflict with the First or Second Laws

To address the challenges surrounding the switching off of

devices, a Standard on monitoring the system frequency is

seen as helpful. This could include forcing grid operators to

overlay cybernetic systems with backup systems that are

naturally immune to cyber threats. Examples would include

electromechanical protection relays or analogue electronic

relays built with discrete components (e.g. resistors, capacitors,

transistors) manufactured in a trusted environment. Such

duplication also alters the economics associated with the

installation of cybernetic systems. The electricity grid has worked

satisfactorily for over 100 years using electromechanical relays,

and the marginal gains obtained by retrofitting a cybernetic

system may not be worth the whole of life cost. In short, it may

be easier and cheaper to convert back to electromechanical.

Standardization concerning tamper-resistant connections and

respective CA would be useful for addressing concerns related to

the convergence of ICT and the power grid and would also help

build confidence in new technologies.

3 https://en.wikipedia.org/wiki/Three_Laws_of_Robotics


Concrete recommendations addressed to the IEC in this area include

the following:

Develop Standards on the efficiency of power diverters for

storing or converting energy

Standards and CA mechanisms are needed in the area of AI, in

order to set basic requirements and guarantee quality that will

enable the development of dependable or trustworthy AI

Develop a Standard on monitoring system frequency to address

the challenges surrounding the switching off of devices

Standards and CA concerning tamper-resistant connections

would be useful to address concerns related to the convergence

of ICT and power grids and would also help build confidence in

new technologies

In view of increasing technology convergence and the fact

that many of the identified trends around cyber security in the

smart grid are related to communications, and given that cyber

security is a focal concern of many other communities, it was

recommended to:

– increase collaboration between the IEC and other

standardization organizations, such as the International

Telecommunication Union (ITU), the International

Organization for Standardization (ISO), the National Institute

of Standards and Technology (NIST), the North American

Electric Reliability Corporation (NERC)

– establish cross-committees with these other standardization

organizations

– organize a joint annual conference on cyber security

A need was seen for broader information, awareness raising and

practical training in the area of cyber security. In this context,

training for personnel on Standards and their respective CA

mechanisms was also recommended.

‘ Standards and CA mechanisms are needed to enable the development of

dependable or trustworthy AI.

https://en.wikipedia.org/wiki/Three_Laws_of_Robotics

15

2.4 Smart grids involving 10 million DER

Customer choices are driving a distributed energy revolution

globally – but how would an electricity system with up to 10 million

DER actually work in the long term? How will system operators

avoid chaotic threats to power quality and reliability or the choking

off of new connections in constrained parts of the network? New

Standards and communication protocols will be vital for ensuring

that tomorrow’s grid can function as a platform with the appropriate

degree of openness.

2.4.1 Initial thoughts and questions What does “open” really signify, e.g. in the context of open

source?

Does open mean more or less security?

Will such a platform need a central trust entity or can this be

established by technology, e.g. via a blockchain?

How can load/phase balance and synchronicity be ensured?

Who will be in charge of reliability?

How can liability be ensured with 10 million DER?

Can everyone/everything become sufficiently agile to react to 10

million DER or will this number of devices perhaps even balance

itself?

2.4.2 Players and their roles

A number of players and their corresponding roles were identified in

an envisioned open platform:

Property/building owners, who in contrast to their role in today’s

energy infrastructure will transform from being bare consumers

of electricity to serving also as generators. Their interest will

be to have access to cheap electricity, sell the electricity they

themselves generate at reliable prices and enjoy a high degree

of availability of the infrastructure.

Generation companies that sell electricity reliably and with “good

quality” in terms of voltage and frequency can still make a profit,

but their future chief asset will increasingly become reputation.

Distribution system operators (DSOs) and transmission system

operators (TSOs) who connect generators to consumers and act

as gate keepers can also make a profit and will equally want to

ensure their long-term reputation.

Communication network companies will be increasingly vital to

ensure fast, low latency and secure data transfer between the

DER, thereby performing a new role in such an ecosystem.

Electricians (installers) who guarantee an installation compliant

with Standards could perform another role that will potentially

gain importance. Their interest, among others, mainly concerns

safety when working on the grid infrastructure, and they will

require additional communications/network competencies.

Manufacturers of e.g. solar panels or storage devices need to

make sure their equipment adheres to applicable Standards.

Aggregators potentially will play an important role in combining

and balancing large fractions of up to 10 million DER.

Regulators and CA bodies will continue to be responsible for the

development of the relevant Standards and CA procedures to

ensure reliable and secure availability of electricity.


The main challenges identified in connection with an open platform

scenario again revolved around the issues of reliability, liability and

financing of the grid, or respectively of the entire infrastructure.

In most cases, these challenges can be translated directly into

recommendations for regulators and CA bodies aimed at promoting

their role in monitoring the effective functioning of open platforms.


Concrete recommendations addressed to the IEC in this context

include the following:

Regulators and CA bodies should make sure that they retain

responsibility for ensuring that all components involved in

an open platform work in such a way that energy is reliably

available.

Specifically in connection with cyber security, it was noted that

mere development of additional Standards would not suffice.

It was therefore recommended that only practical guidelines

following best practices in combination with case studies and

lists of do’s and don’ts will result in a valuable contribution to the

digital transformation that most of the companies are already

undergoing.

2.5 Transferability

A valuable question to pose regarding smart grids within the wider

context of security in smart infrastructures, concerns the issue of

transferability, i.e. to what extent can lessons learned in addressing

challenges related to cyber security in the smart grid be transferred

and applied in other critical infrastructures or smart systems. Such

infrastructures are operative in a variety of domains, including gas

and oil, ICT, transport and traffic, health, water, food, finance and

assurance, government and public administration, media and

cultural production, building and construction. Likewise, various

smart infrastructures function in parallel with smart grids, including

for example smart cities, smart production and smart homes. What

specifically could be transferred between sectors and could thereby

be transformed into collective knowledge in the sense of learning

from the best? The objective here is to help avoid duplication of

mistakes and contribute to the wider aim of security and sustainability

of existing and future critical and smart infrastructures.

16

2.5.1 Key issues across sectors

A number of key issues were identified across sectors:

In every smart infrastructure, a variety of different parties and

activities are involved, such as generation, distribution, metering,

billing and smart services. Among the latter, for example, could

be cited the generation of unified bills for electricity, water,

gas, television, internet etc. for the same consumer, or smart

contracts enabling people to sell electricity to their neighbours.

This complexity gives rise to a number of questions and

challenges:

– Reliability: who is responsible for ensuring reliability, e.g. in

the case of software or infrastructure?

– Maintenance: who is in charge of performing maintenance,

e.g. in the case of devices, services, connectivity?

– Liability: who is liable if something goes wrong?

– Privacy: who has access to data, and how can privacy be

guaranteed across all involved parties?

– Intellectual property rights (IPR): who owns the Intellectual

property (IP), and could there be shared rights?

A number of commonalities exist across all smart infrastructures.

In some cases common Standards, cooperation, joint activities or

other forms of sharing are seen as beneficial. Examples include:

– Communications: since communications are always needed,

a common telecom infrastructure makes sense

– Utilities: services of utilities could become more cross-

sectorial in the future

– Life cycle: in all smart and critical infrastructures, the

integrity of devices has to be guaranteed along the entire

life cycle. On-boarding and decommissioning are relevant

issues in this respect

– Incidents: all smart and critical infrastructures need to

report and respond to incidents. The utility of centralized

reporting mechanisms and standardized response

procedures under fault conditions was cited as important

and as allowing involved parties to respond globally


The above key issues can be translated into concrete measures,

including identification of actors to be involved and a timeline for

implementation. The results of the discussion were as follows:

A measure was proposed to define and standardize security

levels for products, services, systems, etc. and to ensure

that such levels are well-publicized and widely-recognized.

Additionally, development of a respective cyber security audit

was recommended as urgent, both for IT and operational

technology (OT), involving cross-sectional experts and

manufacturers, testing labs and CA personnel. The benefits

of such an initiative would extend well beyond just the smart

grid, as such audits could be utilized across all other “smart”

infrastructures (smart building, smart home, smart city, etc.)

and for IoT devices. However it should be noted that even a

securely designed and constructed application can be integrated

in an insecure manner to an existing system. Any security

framework needs to include consideration of the possible

emergent elements of security that arise during operation

(security operations and response and recovery have to form an

integral part of the security lifecycle). A cyber security task force

already exists in Working Group 3 of the IEC Systems Committee

on Smart energy to address the high level overview of cyber

security across the smart energy domain. IEC CAB WG 17: Cyber

security, is addressing the CA side of this topic.

Building on the above measure, it was recommended to develop

CA or benchmarking measures for companies that test for

cyber security. As with the cyber security audit measure, this

recommendation was considered urgent.

Maintenance of devices during their entire life cycle (from

manufacturing, installing and on-boarding to decommissioning)

is seen as a major challenge to be solved in the medium term

through development of something similar to the life cycle

models elaborated by software developers such as SAP and

Microsoft. Again this measure should involve cross-sectional

experts and manufacturers, testing labs and CA personnel.

It was recommended to explore how IEC could use and

contribute to knowledge on incident sharing and analysis centres

across domains and regions. A first step could involve developing

measures to share data and best practices, foster cross border

collaboration on governance and regulation, extend education

and encourage incidents and vulnerability assessment with

IEC experts.

Since sharing of solutions was identified as a need, but at the

same time was seen as constituting a challenge due mainly

to IP concerns, it was recommended that means be found for

incentivizing such sharing, e.g. by introducing signed software or

secure hardware labels, making them an integral part of device

software management principles.

Liability in the case of issues across a system was seen as an

important principle, and it was recommended that mediation

mechanisms be developed in the medium term. IEC could

provide guidelines for this, however such mechanisms will need

to be adopted by governments to guarantee their wide use.

2.5.3 Recommendations for the IECConcrete recommendations addressed to the IEC in this area include

the following:

The work currently being done by the cyber security task force

in Working Group 3 of the IEC Systems Committee on Smart

energy and by CAB WG 17: Cyber security, should be more

widely publicized.

17

Development of a cyber security audit was recommended for

both IT and OT.

Development of CA or benchmarking measures for companies

that test for cyber security was proposed.

Standards and CA mechanisms for maintenance of devices

during their entire life cycle (from manufacturing, installing and

on-boarding to decommissioning) should be developed along the

lines of the life cycle models elaborated by software developers

such as SAP and Microsoft.

The IEC should use and contribute to the knowledge on incident

sharing and analysis centres across domains and regions. It

was suggested that a first step could be to develop measures to

share data and best practices, foster cross border collaboration

on governance and regulation, promote education more widely

and encourage incidents and vulnerability assessment with

IEC experts.

Means should be found for incentivizing the sharing of solutions

in cases where IP is a concern, e.g. by introducing signed

software or secure hardware labels, making them an integral

part of device software management principles.

The IEC could provide guidelines including mediation

mechanisms for liability issues across a system, with such

guidelines being adopted by governments to guarantee their

wide use.

There should be commonly-defined tiers indicating how “secure”

a device is, recognizing that there is no such thing as a perfectly

secure system, and that the level of security required for a bank

or utility may not be the same as that needed for a children’s toy.

Data protection should take place at the level nearest to the end

user, i.e. the application level.

Training should be available on cyber security best practices

specifically for end customers.

There should be a phasing out of old (insecure) protocols such

as Telnet.

By virtualizing networks, along the same lines as those adopted

in the telecom sector, scalability issues could be addressed.

Generally, when designing infrastructures, it is recommended to

learn from the IT industry.

18

3.1 Top innovations that are expected to shape the industry in the coming years

Five top innovations clearly emerge. Interestingly, in all of these

innovations the same features are quite prominent, namely the

qualities of being smart, connected, distributed and secure. In

addition, they all focus on the integration of hardware, software and

algorithms, and all five involve communications and computing.

Finally, it is noteworthy that these innovations lead to opportunities for

the development of new business models.

Top innovation 1: Distributed smartness/intelligenceWith the advent of DER and distributed energy storage systems it

will become more and more important to make decisions in place,

in order to save communication costs and minimize delays. This

touches on subjects such as sensor networks, real-time sensing, data

processing and actuation, and in particular on edge computing, where

in contrast to cloud computing the data is not transferred to a remote

server but is processed in place. This might include intricate pattern

recognition based on machine learning and artificial intelligence, for

which powerful, and at the same time highly reliable, hardware as

well as reliable algorithms and software are needed. At the same

time distributed smartness is a prerequisite for a self-healing grid,

because it enables real-time DR systems, dynamic frequency control

and artificial inertia.

Top innovation 2: Blockchain or similar trust systemsThe catchword referring to what was probably the single most

frequently mentioned innovation is the blockchain and similar

technologies, by which an entire ecosystem of business cases

becomes viable. Offering an immutable distributed ledger, blockchain

technology is today at the heart of many innovations in varying fields

such as transport logistics, supply chain management or smart

contracts. The latter application would also offer tremendous potential

in the case of a new energy system, in which, for instance, a contract

between a consumer and a supplier could be negotiated automatically

and flexibly according to the momentary relation between demand

and supply.

Top innovation 3: New business modelsA common issue raised was the necessity for established actors

in the energy market to adapt their business models or even

completely rethink them, thereby generating entirely new models.

With the vanishing paradigm of a unidirectional energy system, in

which energy is transformed by a relatively small number of large

power plants on one end, transmitted by a network that is operated

by an even smaller number of actors, and finally distributed into

local grids, many business models will become obsolete or will

at least be strongly challenged as DER generate power locally and

intelligent assets automatically route the energy within geographically

confined areas. Those confined areas – sometimes referred to as

cells – might be able to balance their energy supply and demand

without ever connecting to an overlying grid (islanding). Similarly, the

convergence of infrastructures, e.g. ICT and energy, will create new

opportunities for utilities to transfer services to other sectors. These

developments will create market opportunities for new actors and

new smart services, and will at the same time push requirements for

new technologies such as blockchain. Examples of such new actors

and services include aggregators, digital platform providers, security-

as-a-service providers, but also certification bodies and training

providers. These new business models will also push requirements

for new technologies such as blockchain, distributed intelligence and

sensing mechanisms.

Top innovation 4: 5G networks for high bandwidth and low latency communicationThe above-mentioned edge computing will probably never be able

to carry out the most demanding data analysis, meaning that of all

the elements involved it will be the large and complicated data sets

that have to be transferred to more powerful computers and servers

via fast and secure communication. This will enable entirely new

business models. When a provider offers to update pricing models

according to fluctuations that might result from local weather

changes, these updates need to be implemented without substantial

delay. Otherwise batteries might be charged with cheap power when

strong solar irradiation was present an hour before. Similar to top

innovation 1, this innovation constitutes another important enabler of

a self-healing grid.

Section 3Aggregated results

19

Top innovation 5: Internet of ThingsIoT summarizes an entire ecosystem of sensors, actuators and

other distributed devices that communicate among each other and

with other computing infrastructures. The projections of different

analysts concerning the number of devices that can be expected

to be deployed in the field in the coming years surpass each other,

however the commonality of such forecasts places the figure in the

billions. Putting this tremendous resource of data to good use in

connection with the energy system definitely constitutes another top

innovation that will emerge in the near future, but this development

will also pose a significant challenge, given that the vast amounts of

data produced by IoT devices not only can be used to provide more

accurate snapshots of current situations, but could also be employed

to cripple systems. In fact, first approaches are already well underway,

in which for instance the rain sensors of connected cars are used

to generate precise and strongly localized weather forecasts. In the

same sense, the brightness sensors of shades on buildings might

be used to generate an up-to-date outlook on the expected solar

irradiation.

3.2 Recommendations for the IEC

Recommendations addressed to the IEC in these areas relate to four

categories:

Standardization

—

Standards are needed on the efficiency of power diverters to

store or convert energy

Develop training Standards on cyber security

Ensure consistency of Standards

Develop Standards with an actual application in mind (not

isolated devices and narrow test conditions)

Develop smart meter Standards for base functionalities

Develop a Standard on fail-safe operation of DR/load control

Develop an AI Standard equivalent to Asimov’s Three Laws of

Robotics

Develop a Standard on monitoring system frequency

Develop a Standard on tamper-resistant devices connection

Develop high performance/bandwidth Standards (parameters,

test cases and procedures)

Develop life cycle models ensuring maintenance of devices

during their entire lifetime

Conformity assessment and certification

—

Cyber security audit based on Standards for cyber security levels

CA including the whole system, not just single devices

CA or benchmarking for companies testing for cyber security

CA for personnel dealing with cyber security

Test beds and test engineers for cyber security

Quality assurance of AI

Assessment of functionalities, not key figures, for smart meters

Signed software/secure hardware labels

Training and publications

—

Practical trainings on cyber security, especially for end users/

installers of DER

Practical guidelines on best practices/case studies/do’s and

don’ts in cyber security

Best practice collection on incident management, vulnerability

assessment and penetration testing

Guidelines on liability in case of issues across a system,

including mediation mechanisms

Information and awareness raising on cyber security

Work of IEC in this area should be more widely publicized

Cooperation

—

Cooperate on cyber security

Cooperate on incident sharing and provision of analysis centres

across domains and regions

Cooperate with other SDOs, Standards setting organizations

(SSOs), alliances (cross-committees, joint conferences)

Cooperate with universities and research and technology

organizations (RTOs)

Share solutions (if needed by incentivizing to overcome IP

concerns)

20

Annexe APreparatory material

IEC Future Leaders industry forum

“Security in smart infrastructures”

26-27 March 2018

This document has been prepared by VDI/VDE-IT in collaboration with

IEC Central Office.

Introduction and scope of the forum—

The conventional power grid has transformed into a smart grid – not

least due to:

the rise of renewable and DER

the growing number of smart devices, such as smart meters,

smart meter gateway, and controllable local systems

the immense amount of smart data generated and processed by

these devices

the introduction of digital platforms and the associated digital

business models and digital services

One of the big challenges of the smart grid is the potentially higher

degree of vulnerability due to the much larger number of targets for

cyberattacks. At the same time, with cyber security in place, a big

opportunity of the smart grid consists in the availability of additional,

new and possibly better options to assure resilience. Cyber security

is a prerequisite to successfully address the challenge and seize the

opportunity.

The six work streams of the IEC Future Leaders industry forum will

therefore look into “cyber security in the smart grid”

with a focus on key topics, such as security of communication

interfaces, security processes, technology and market trends

from different perspectives, such as standardization, CA, best

practices and transferability

While parts of the group work will consist in taking stock of the

present situation, the primary focus of all work streams will be to look

at the future, within a range of 10 to 20 years from today, including

technology and market trends, visions and scenarios, as well as

proposed solutions and recommendations. The 2-hour work streams

in the morning are expected to be quite intense and very much

results-oriented, whereas the shorter work streams in the afternoon

will be oriented towards a fruitful exchange of knowledge and ideas

between delegates. The following table gives an overview of the six

work streams and their timing.

ws # Morning work streams

Afternoon work streams

ws #

1 Communication

interfaces of tomorrow

Cyber security in

distributed networks –

benchmarking

4

2 Security processes/

ISMS

Tomorrow’s grid – case

study

5

3 Trend scouting – energy

sector 4th generation

Transferability 6

(Sub-)Topics and related work streams—

Work stream 1: Communication interfaces of tomorrowOne of the elements of smartness in the smart grid is communication

between all domains of the electrical energy supply. Given that the

smart grid is a critical infrastructure, it is of utmost importance to

guarantee security across all respective interfaces.

This work stream is therefore intended to identify future

communication interfaces within a smart grid infrastructure, taking

into consideration certain necessary technological changes, such

as distributed intelligence, the incorporation of blockchain and DER

within the smart grid landscape:

distributed intelligence refers to the part of the smart grid

that applies to the utility distribution system (wires, switches,

and transformers) that connect the utility substation to the

customers. A key component of distributed intelligence is outage

detection and response. An automated system can respond

more quickly and keep power flowing to more customers. By

having sensors that can indicate when parts of the distribution

system have lost power, and by combining automated switching

with an intelligent system that determines how best to respond

to an outage, power can be rerouted to most customers in a

21

matter of seconds, or perhaps even milliseconds. Other major

key expectations of distributed intelligence are to reduce AT&C

losses and deal with peak load management.

blockchain is a continuously growing list of records, called

blocks, which are linked and secured using cryptography.

Each block typically contains a cryptographic hash of the

previous block, a timestamp and transaction data. By design, a

blockchain is inherently resistant to modification of the data as

once recorded; the data in any given block cannot be altered

retroactively without the alteration of all subsequent blocks,

which requires collusion of the network majority. In the smart

grid, blockchains may be used to implement several automated

trust services, thereby making several current trust services

obsolete and enabling different services and business models.

DER are electrical generation and storage performed by a

variety of small, grid-connected devices. These local networks

consisting of storage, renewable technologies, fossil fuel, solar

are becoming more and more common today. DER will create

an opportunity for third party companies (aggregators) to insert

themselves between customers and utilities, which will disrupt

the utility model.

The group will look at the entities involved in these communication

interfaces, how these interfaces will be secured, and which role

Standards as well as CA will play.

It is recommended that the group bear in mind the use cases

approach of the standardized smart grid architecture model (SGAM)

as visualized in the IEC Smart Grid Standards Map.

Questions: when looking into the following questions it is important

to bear in mind that we would like you to project what challenges

and opportunities you think lie ahead in the coming 10-20 years.

The below bullet points include suggestions from discussions of the

IEC Market Strategy Board (MSB) but they should not limit you in

this future looking exercise. Therefore you don’t necessarily need to

consider or limit yourself to these below questions; they are there to

give you some helpful guidance and direction. Don’t forget to think

outside the box!

If you consider distributed intelligence, how would you see it

affect the communication in the smart grid in the future?

If you think blockchain will play a major impacting role, what

different services and business models would you anticipate with

its advent?

If you decide to consider DER, how would you envision the

insertion of third party companies (aggregators) between

customers and utilities in DER? How do you think it might

disrupt/modify the current utility model and communication

between all domains of the electrical energy supply?

What additional/new interfaces would you envision to become

relevant in the future?

How could these interfaces be secured in the future?

What standardization needs would you envision with these new

challenges that you have identified?

How would you envision CA in the communication of the

smart grid when looking at these new elements that you have

identified?

Work stream 2: Security processes/ISMSThe establishment, implementation and maintenance of an ISMS

is practiced in many companies and industries. An internationally

recognized ISMS is described in ISO/IEC 27001. This is generally

valid and can be applied to any type of organization.

Three perspectives determine this management system:

a governance viewpoint (IT targets and information security goals

derived from the overriding corporate objectives)

a risk viewpoint (protection needs and risk exposure of corporate

values and IT systems – the company’s appetite for risk –

opportunities vs. risks)

the compliance viewpoint (external requirements through

laws, regulations and standards – internal requirements and

guidelines – contractual obligations)

For market participants in the smart grid, the particularities of the

smart grid environment lead to special and extremely demanding

requirements for an ISMS and its security processes from all three

perspectives. In this context, the process of risk management (risk

assessment and risk treatment) deserves special attention. Generally

speaking, risk management allows to analyze what can happen, what

the possible consequences can be, and to decide what and when

it should be done in order to adequately prevent potential damage.

Risks in the context of information security arise from:

the use of IT systems and IT technologies

data exchange within and outside the organization, legacy

systems and legacy applications

cooperation with third parties

remote access by third parties

natural phenomena/natural disasters

sabotage and white-collar crime

the use of new systems and technologies

Here, the special feature of the smart grid becomes obvious – for

all market participants. Against the backdrop of emerging business

models, new market participants, a constant and massive exchange

of information between the participants, the smart grid represents a

particularly demanding field for an ISMS, its processes and relevant

measures (so called controls) (see ISO/IEC 27002 and 27019). In

addition to that, enhanced integration of ICT in the smart grid enables

22

resiliency and leads to enhanced efficiency, security and reliability,

but at the same time introduces the grid to increased risk of cyber

intrusions and other ICT failures.

Furthermore, the changing grid landscape allows the entry of new

stakeholders and non-traditional grid players such as Amazon, Google

and Tesla.









outside the box!

What we suggest is that you look at ten years from now (2030), and

see how you would:

define the scope of the ISMS of a smart grid participant with all

implications (e.g. definition of security goals) in a meaningful way

see the requirements in terms of new tools and binding

methodologies for concrete processes such as risk management

(beyond for example ISO/IEC 27005)

see the enhanced integration of ICT in the smart grid influencing

the ISMS of the grid. What challenges do you anticipate?

see the smart grid landscape with new stakeholders and non-

traditional grid players such as Amazon, Google and Tesla

see standardization help meet the challenges you have identified

envision CA to help meet the challenges you have identified

Work stream 3: Trend scouting – energy sector 4th generationNew communication interfaces, increased computing intervention,

energy generation and storage technologies, but also new sectors,

market players, business models, power plants, assets, or even new

regulations will significantly impact the market participants of the

smart grid as well as the smart grid in its entirety, including the cyber

security aspect.

The energy sector is currently entering the 4th generation which

implies a change from a vertical generation to a platform-based

generation with an increased need to converge and cooperate with

other industries. There will be an increasing dependency on resilient

and reliable technology with increased DER and cyber security.

In this work stream the group will develop a trend radar for the coming

20 years, mapping new technologies, assets etc. in respective radar

segments and on a timeline from today until 2040. Based on this, the

group will work on visions, scenarios or missions for the smart grid of

the future and look at its cyber security challenges. It will anticipate

challenges and opportunities, and take into account the role that

standardization and CA will play.

Although the clear focus of this work stream is on future

developments, it is strongly encouraged to also dedicate some

time to challenges that might arise in the context of legacy systems

due to the necessary security goals (e. g. confidentiality, integrity,

availability), especially in combination with new technologies and new

communication protocols. The question of how to include existing

plants into the smart grid and retrofit them with a minimal amount

of intelligence will be key for both a fast and secure adaption of new

technologies, and consequently a sustainable smart grid.









outside the box!

With the energy sector entering the 4th generation, you could

consider looking at which new/disruptive technologies (e.g.

communications, computing, generation, storage, electronics)

you would envision entering the market, and where would you

locate them on a timeline from today until 2040

You could also consider looking at which new sectors, market

players, business models, power plants, assets, processes, or

even regulations you would envision to play a critical role in the

smart grid of the future, and where would you locate them on a

timeline from today until 2040

How do you think the trends that you have identified will impact

the smart grid? Where do you see challenges and opportunities?

How will it affect the cyber security issues of the smart grid?

In view of these trends, you could consider looking into which

challenges might arise in the context of legacy systems, and how

they could be addressed

What could be visions, scenarios or missions for the smart grid

of the future?

What role could standardization and CA play in this? Where do

you see opportunities? Who are the relevant stakeholders, what

is the timeline, and what are your recommendations?

23

Work stream 4: Cyber security in distributed networks – benchmarkingThere is an increasing trend in the power systems from a centralized

fossil fuel-based grid toward a distributed and green-based network.

This requirement compels a new way of designing smart grids for a

more reliable and secure power system performance. Involving the

demand side in the power system management requires large-scale

utilization of distributed communication networks.

The benchmarking exercise foreseen in this work stream builds on

the excellent regional and sectorial coverage of the delegates, and

their collective technical, political, regulatory, standardization and CA

related experience.

The group will develop a plan for how they see the evolution of the

power system towards a distributed network and the related cyber

security challenges from the perspective of their respective regions

of the world.









outside the box!

In the coming 10-20 years how do you see the evolution of the

power system towards a distributed network in your region of the

world? What will the related cyber security challenges be?

What standardization needs do you envision to meet this

evolution and its related cyber security challenges?

How can CA help meet this evolution and its related cyber

security challenges?

Are there underlying commonalities from the different regions

of the world? What are they (include the evolution of the power

system and the standardization and CA needs)? Does the group

consider these underlying commonalities as best practice in view

of a secure and sustainable future smart grid?

What measures could be taken to implement these best

practices in the coming 10-20 years? Who would be the relevant

stakeholders, and what is the timeline?

Work stream 5: Tomorrow’s grid – case studyCustomer choices are driving a distributed energy revolution

globally – but how would an electricity system with up to 10 million

DER actually work in the long term? How will system operators avoid

chaotic threats to power quality and reliability or choking off new

connections in constrained parts of the network?

New Standards and communication protocols will be vital to ensuring

tomorrow’s grid is not only a platform – but a platform that is open

to a degree. With increasingly granular data and communications can

the power industry transition to a multidirectional ecosystem for value

exchange, much more like telecommunications?

This will also bring a different way to view the future Standards’

needs. Could an open platform also force traditional SDOs to re-

evaluate how they draft and implement Standards?









outside the box!

What are the foreseen challenges of a 10 million DER grid for it

to actually work in the long term? How would you address these

challenges?

What standardization and CA needs would you anticipate to help

meet these challenges?

What will a 10 million DER grid bring in terms of cyber security

challenges? How would you address these cyber security

challenges?

What standardization and CA needs would you anticipate to help

meet these cyber security challenges?

How do you see Standards being drafted and implemented

to meet the challenges of an open platform that would be

necessary to meet the requirements of such a grid?

24

Work stream 6: TransferabilityAlthough the overall scope of the 2018 edition of the IEC Future

Leaders industry forum is on the smart energy infrastructure, having

one work stream with a cross-sectorial view and a broader scope

covering the full breadth of smart and critical infrastructures is

considered useful and of mutual benefit.

The group will therefore look into transferability of the future

challenges between cyber security in the smart grid and that in

other critical Infrastructures (gas and oil, ICT, transport and traffic,

health, water, food, finance and assurance, government and

public administration, media and culture production building and

construction), or other smart infrastructures (e.g. smart cities, smart

production, smart home).

Based on a collection of commonalities, differences, lessons learnt and

good practice, the group will look at how these could be transferred

between sectors, and be transformed into collective knowledge in the

sense of learning from the best, and avoiding duplication of mistakes.

The wider aim is to contribute to the security and sustainability of

existing and future critical and smart infrastructures.

Here are some questions you could consider:

What are the common future challenges between cyber security

in the smart grid and other critical or smart infrastructures?

Which of these would be worth transferring from the smart grid

to other infrastructures or vice versa ? Would they be transferable, and how could transfer be achieved?

How could they be transformed into collective knowledge, and

hence contribute to secure and sustainable infrastructures in the

future?

Today different utilities are dealt with as silo institutions, with

discrete control and management. Do you see a future merging

of common areas across these institutions? Therefore would you

see these common future challenges as being repeated from

one critical or smart infrastructure to another in silos, or would

you see them merging into one?

What are your recommendations, which measures could be

taken, who are the relevant stakeholders, and what is the

timeline?

25

Annexe BList of contributors

Ethan Biery, Lutron Electronics

Kai Cui, Haier Group

Roberto Fernandez, National Grid

Markus Gaaß, VDI-VDE-IT

Laurent Gomez, SAP

Tri Hardimasyar, PT PLN (Persero)

Roland Hug, General Electric

Steven Humphries, Australian Energy Market Operator

Clemens Klemm, Siemens

Atsushi Miyoshi, Mitsubishi Electric Corporation

Chan-keun Park, Korea Testing Certification

Ralf Rammig, Siemens

Yimin Rao, JTC Corporation

Hem Parkash Thukral, Ernst & Young

Petra Weiler, VDI-VDE-IT

26

About the IEC

The IEC, headquartered in Geneva,

Switzerland, is the world’s leading publisher

of International Standards for electrical

and electronic technologies. It is a global,

independent, not-for-profit, membership

organization (funded by membership fees

and sales). The IEC includes 171 countries

that represent 99% of world population and

energy generation.

The IEC provides a worldwide, neutral and

independent platform where 20 000 experts

from the private and public sectors cooperate

to develop state-of-the-art, globally relevant

IEC International Standards. These form

the basis for testing and certification, and

support economic development, protecting

people and the environment.

IEC work impacts around 20% of global

trade (in value) and looks at aspects such

as safety, interoperability, performance

and other essential requirements for a vast

range of technology areas, including energy,

manufacturing, transportation, healthcare,

homes, buildings or cities.

The IEC administers four Conformity

Assessment Systems and provides a

standardized approach to the testing and

certification of components, products,

systems, as well as the competence of

persons.

IEC work is essential for safety, quality and

risk management. It helps make cities

smarter, supports universal energy access

and improves energy efficiency of devices

and systems. It allows industry to consistently

build better products, helps governments

ensure long-term viability of infrastructure

investments and reassures investors and

insurers.

Key figures

171 Members and affiliates

>200

Technical committees and subcommittees

20 000

Experts from industry, test and research

labs, government, academia and

consumer groups

>10 000

International Standards

in catalogue

4

Global Conformity Assessment Systems

>1 million

Conformity Assessment certificates

issued

>100 Years of expertise

A global network of 171 countries

that covers 99% of world population and

electricity generation

Offers an Affiliate Country Programme

to encourage developing countries to

participate in IEC work free of charge

Develops International Standards and runs

four Conformity Assessment Systems to

verify that electronic and electrical products

work safely and as they are intended to

IEC International Standards represent a

global consensus of state-of-the-art

know-how and expertise

A not-for-profit organization enabling global

trade and universal electricity access

27

IEC Conformity Assessment Systems—

IECEE / IECRE

c/o IEC − International Electrotechnical

Commission

3 rue de Varembé

PO Box 131

CH-1211 Geneva 20

Switzerland

T +41 22 919 0211

[email protected]

[email protected]

www.iecee.org

www.iecre.org

IECEx / IECQ

The Executive Centre

Australia Square, Level 33

264 George Street

Sydney NSW 2000

Australia

T +61 2 4628 4690

Fax +61 2 4627 5285

[email protected]

[email protected]

www.iecex.com

www.iecq.org

Asia Pacific

IEC-APRC − Asia-Pacific

Regional Centre

2 Bukit Merah Central #15-02

Singapore 159835

T +65 6377 5173

Fax +65 6278 7573

[email protected]

Latin America

IEC-LARC − Latin America

Regional Centre

Av. Paulista, 2300 – Pilotis Floor – Cerq.

César

São Paulo - SP - CEP 01310-300

Brazil

T +55 11 2847 4672

[email protected]

North America

IEC-ReCNA − Regional Centre

for North America

446 Main Street, 16th Floor

Worcester, MA 01608

USA

T +1 508 755 5663

Fax +1 508 755 5669

[email protected]

Please visit the IEC website at www.iec.ch

for further information. In the “About the

IEC” section, you can contact your local IEC

National Committee directly. Alternatively,

please contact the IEC Central Office

in Geneva, Switzerland or the nearest

IEC Regional Centre.

Global—

IEC − International Electrotechnical

Commission

Central Office

3 rue de Varembé

PO Box 131

CH-1211 Geneva 20

Switzerland

T +41 22 919 0211

Fax +41 22 919 0300

[email protected]

www.iec.ch

IEC Regional Offices—

Africa

IEC-AFRC − Africa Regional Centre

7th Floor, Block One, Eden Square

Chiromo Road, Westlands

PO Box 856

00606 Nairobi

Kenya

T +254 20 367 3000 / +254 20 375 2244

M +254 73 389 7000 / +254 70 493 7806

Fax +254 20 374 0913

[email protected]

[email protected]

Further information

T +41 22 919 [email protected]

3 rue de VarembéPO Box 131CH-1211 Geneva 20Switzerland

® Registered trademark of the International Electrotechnical Commission. Copyright © IEC, Geneva, Switzerland. 2018.

YP F

utur

e le

aser

s:20

18-1

0(en

)

InternationalElectrotechnicalCommission

cyber security in the smart grid - amazon web services...cyber security in smart grid systems within...

Documents