Systems Engineering Approaches to Address Cybersecurity Challenges of the Electric Grid

Published via Electric Energy T&D Magazine – 2019 Quarterly Issue 2

By: Kay Stefferud, Director of Implementation Services
kay@enernex.com
865-218-4600 x8104

 

 

Like many systems of systems, the electric grid is facing challenges as devices and applications originally intended to be either standalone or locally networked are now being connected to the Internet. Additionally, the electric grid faces challenges as the need to reduce carbon output is resulting in rapidly increasing numbers of non-centralized renewable energy systems. Many renewable energy systems such as solar Photovoltaic (solar PV) are owned not by electric utilities but by customers, thus requiring new cyber controls to protect information flowing to and from the electric utility on utility-owned, private, and public communication networks. Other unique electric grid cyber challenges include the need to meet the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) requirements and a business model being contested by non-profits such as the San Diego Community Choice Alliance. In the state of Illinois, more than two-thirds of residents’ energy is supplied by community choice aggregators (CCAs).

Electric grid cyber challenges can be met using systems engineering techniques including:

  • Cyber Enterprise Architecture.
  • Effective implementation of NERC CIP requirements.
  • Consistent cybersecurity requirements for system procurement Requests for Proposals (RFPs).
  • Cyber assessment for OT systems defining risks based on impacts to safety, reliability, key functions, processes and compliance.

Motivation for cyberattacks specifically targeting the electric grid ranges from individual hacktivists with an ax to grind to powerful nation-states that use attacks against their enemies. Threat motivations include theft of intellectual property, economic gain from stealing and then selling information, and the desire to create a high impact event such as the loss of electric power over an extended area – an event that is virtually guaranteed to generate wide-spread media attention which is the goal of many terrorist attacks.

Continue reading…

 

X