Real-Time Systems Need Real-Time Security Requirements: the Value of Agile Detective and Corrective Security Controls

Mar 14, 2014 | Archives

It is no secret that cyber security related to Smart Grid systems and deployments has garnered much attention over the past several years. Much of it has been and still is negative in the form of criticism that the industry as a whole is not doing enough to address cyber security. While most utilities today agree on the need to secure these systems and are actively working to do so, the debate of the adequacy of the industry’s efforts is not likely to subside anytime soon.

One of the drivers in this debate is the degree to which the various utility systems employed today are integrated and interconnected and the fact that these systems will be more so interconnected in the future. As their infrastructure has evolved over the years, utilities have become well versed in system design. Requirements are developed and systems are designed, built, and tested to validate that they meet these requirements. Once operational, they system(s) remain relatively unchanged until the need to modify, upgrade, or replace them is justified by identifying new or changing requirements, usually in the timeframe of months or even years. It’s a model that the electric utility industry understands well.

The challenge with cyber security and Smart Grid is that there is no finish line, at least not one that remains constant throughout the life of the system being protected. Adversaries and threats evolve constantly and new vulnerabilities can be discovered at anytime which means that for cyber security, the system requirements are always changing to a certain extent. On one hand, there have been many technical solutions developed or customized for the Smart Grid environment which has lead to tangible improvements. On the other hand, the industry’s ability to evolve and deploy solutions struggles to keep pace with these threats.

The bottom line for utilities is reducing risks that any system or application poses to the operational and business aspects of the power grid. While this can be accomplished by limiting or even removing system functionality, it’s a safe assumption that the industry will follow the opposite direction and rely more on and increase the functionality of these systems in the future. This evolution in turn drives the need for continues improvement of the employed cyber security solutions. Looking at many of the security solutions developed within the industry over the past decade, many of them are aimed at preventing unauthorized activity, malicious or otherwise, within the utility’s control systems. While preventative measures such as these are essential, they represent only one facet of technical security controls which can be organized into three basic types:

Preventative security controls exist to prevent a threat from coming in contact with a utility control system weakness or vulnerability

Detective security controls exist to identify that a security event, malicious or otherwise, is present within the utility’s control the system

Corrective security controls exist to mitigate or lessen the effects of an event affecting the utility’s control system

Of the three types of security controls, Preventative controls are typically the most popular in any security program since they minimize the possibility of loss by preventing an event from occurring. They are active and typically designed, tested, and validated with specific threats and vulnerabilities in mind. The challenge with Preventative security controls in control systems which support Smart Grid functions is that in many cases, the utility’s ability to quickly deploy new or modified security controls is limited. Utilities invest a significant amount of effort to test and validate the operations of their control systems which may unintentionally create an overly rigid environment when the necessity of new or modified security controls arises. In many cases, system updates, modification, and subsequent testing is not feasible until an outage of the supported power system assets, such as the case for a generating plant Distributed Control System (DCS). As new threats and vulnerabilities emerge, utilities may be faced with a gap in their ability to mitigate the associated risks until new or modified Preventative security controls can be applied. To bridge this gap in many cases, Detective and Corrective security controls are utilities primary defense.

Where Smart Grid systems often lack effective security is in the agility of the prescribed Detective and Corrective security controls. In many electric utility control system deployments, Detective and Corrective controls are not implemented in a real-time fashion and are less effective in mitigating potential impact to real-time power system operations. Often these controls are applied after the fact such as examination of security logs to detect an event that has already happened or a system restart to reload an application. While these are legitimate security controls for more business centric systems, they fall short of the mark when trying to mitigate risks to control systems which in turn translates to risks to the stability of the real-time process; generating, transmitting, and distributing electric power in this case. To be effective in control systems supporting Smart Grid functions, Detective and Corrective security controls need to be invoked as soon as possible from the start of the event.

All three security control types are utilized together to form an effective defense. If a security control to prevent an event is ineffective or cannot be deployed in a timely manner, then there must be a mechanism in place to detect that an event is happening as quickly as possible. Detecting an event in progress many times is not enough so there must also be corrective mechanisms in place to react to the detected event. The key for electric utilities is that they need all three types of security controls in Smart Grid deployments implemented in a manner that creates an agile defense.

One key aspect of attaining this improved cyber defense agility is information sharing. EnerNex is fortunate enough to be participating in the Situational Awareness Reference Architecture (SARA) pilot project lead by the folks at the Industrial Control System Information Sharing and Analysis Center (ICS-ISAC). One of the key components of the SARA project is fostering the adoption of automated Machine-to-Machine knowledge sharing. The notion that a trusted source can share threat information tailored for the utility control systems environment and have that information automatically downloaded and available to the utility’s monitoring systems in real-time or near real-time is a powerful concept and those of you who may not be familiar with the SARA pilot will find it worthwhile to check out.

Want to know more about how EnerNex can support your cyber security efforts relating to utility automation systems? Feel free to contact me at brian@enernex.com to discuss. EnerNex is uniquely qualified to assist you as our staff has decades of experience in all aspects of utility automation systems from both vendor and utility perspectives.

Smart Metering (SM) and Advanced Metering Infrastructure (AMI)

Smart Metering and AMI is a transformational process addressing multiple business and technical needs of the utility enterprise. This is more than just smart meters and communications networks; it includes all of the back end applications that can leverage the meter assets, such as outage notification, demand response, call center optimization, disputed billing process handling, pre-payment opportunities, and service connection management methods and procedures, to name a few.

Implementing SM and AMI faces the same business, engineering, and operational challenges as any other across-the-utility information technology endeavors – most notably risk associated with embracing proprietary technology, missing functionality and early obsolescence. Effective SM and AMI development, implementation, and operation relies on a marriage of electric power engineering with information technology expertise: a key component of EnerNex’s expertise and experience.

EnerNex provides an array of engineering and consulting services geared towards intelligent and effective implementation of SM and AMI. This covers all phases of project development, starting with capturing system requirements where our experts leverage a “Use Case” centric view of activities needed to be accomplished and their interaction with systems and other users. Subsequent project steps typically examine other critical areas, such as: modeling of business cases, building inter-department consensus, assembling and assessing system functional requirements and non-functional requirements, developing a system design, hardware and software specifications and standards, complete procurement services including RFI and RFQ process support, supplier rating system, response evaluation methodology, deployment management, and training of office and field personnel.

Demand Response (DR)

Demand response can be as simple as load interruption directed by the energy supplier in response to severe demand requirements, to complex customer defined load management in response to price signals. DR is one of the components of a “Non-Wires Alternative” that many utilities are effectively using to avoid expensive distribution fortification or upgrade.

Often the success and/or failure of demand response programs can be linked to program implementation challenges such as rate/tariff design rate structures communication (e.g. price signals) or ineffective incentives used by utilities to encourage customers to accept operational change. The issues of program design, rate structure and customer impact have a tremendous influence on the success or failure of load management initiatives. Demand response has traditionally been used as a tool of the energy industry to ensure system stability. However, the introduction of microelectronics, communications, home automation and the Internet of Things (IoT) has led to the development of cost effective solutions that have the capability to allow the consumer to take control of managing their energy load and ultimately, the price they pay for energy.

EnerNex has the experience and skills to turn your DR program into a successful operational asset and customer engagement process that can deliver value to all parties.

Energy Assurance Planning

Natural and man-made disasters cause an estimated $57B in average annual costs for all parties; large single events have resulted in losses of $100B or more. Events, such as the World Trade Center disaster, Hurricane Katrina, and most recently Hurricane Helene, have demonstrated an acute need to revisit, revise and implement an effective energy assurance plan. Energy assurance plans assess the functionality and interdependencies of buildings and infrastructure systems and the role they play in sustaining service and rapidly restoring critical services to a community following a hazard event.

EnerNex assists our clients in developing comprehensive energy assurance plans that mitigate and minimize the impact of energy disruptions. Our experts assess critical infrastructure risks and evaluate appropriate mitigation strategies and can help in developing an effective business continuity/disaster recovery (BC/DR) plan for utilities and your customers.

Microgrid Development

As the electric grid becomes more distributed and interactive, microgrids are playing an increasingly important role in our energy future. Decision makers at military bases, corporate and institutional campuses, residential communities and critical facilities across the world are exploring and implementing microgrids to meet economic, resiliency and environmental goals. Utility-grade microgrids are being deployed to meet transmission constraints, reliability requirements and safe-havens in the event of a significant storm event.

Microgrid_development Graphic steps to support grid modernization

Bringing together a portfolio of distributed energy resources into a controllable, islandable microgrid comes with its own set of challenges. The key to solving these challenges is in architecting a system to support information exchanges between components across well-defined points of interoperability (interfaces) in a technology independent manner. This interoperability ensures that the system is resilient to technology change. Modern systems engineering techniques must be employed to ensure that individual sub‐systems are clearly identified, their functions enumerated, their data requirements known, and the points of interoperability clearly specified, along with the commensurate monitoring, command and control that is needed to ensure grid stability. With such architecture, we can apply best of breed technology available today to support those information exchanges at interface boundaries but be free to upgrade / change the implementation technology later without causing a ripple effect throughout the system.

Enterprise Architecture

Enterprise Architecture focuses on aligning an organization’s business strategies with its anticipated, desired and planned technology enhancements. Enterprise Architecture provides a framework to cost-effectively transition from a current “as-is” technology to future enterprise-wide technological solutions. An effective Enterprise Architecture program aligns business investments with long-term business strategies while minimizing risk and providing superior technological solutions. EnerNex’s key asset is its highly skilled and experienced staff who are closely connected to both the smart grid and EA standards and practices. We provide clients with the insight necessary to operate a fully functioning smart grid, which is flexible, scalable, and vendor independent.

Grid Modernization Roadmap

Utility companies across the globe are continually modernizing their grid. Each company often has different rationales, objectives and priorities. Frequently, smart grid plans are developed for individual, incremental initiatives, rather than as a part of a whole, intelligent and interoperable infrastructure. Planning may be developed around technology choices rather than business and technical requirements. The result of incremental and flawed planning leads to increased cost and risk, lost opportunities, disconnected expectations and dead ends.

EnerNex’s approach to grid modernization roadmap development follows a proven, industry-standard approach to grid modernization planning by collaboratively working with the utility to develop a set of prioritized and time-phased grid modernization initiatives unique to its business strategy and objectives. The roadmap developed is holistic, requirements-based, business value driven and actionable. It often builds on and leverages existing applications and infrastructure, and incorporates industry standards to ensure interoperability, flexibility and reduced cost and risk.

Utility Communications

Utility communication and control systems are increasingly interconnected to each other and to public networks and as a result, they are becoming increasingly more susceptible to disruptions and cyber attacks. EnerNex has experience with the various issues relating to development, implementation and optimization including feasibility analysis, design, software development and customization, project management and acceptance. Our expertise extends from being involved in the development of the fundamental standards that support utility communication and automation, through deployment and securing of those resources. EnerNex personnel were heavily involved in development of such standards and protocols as IEC 61850, IEC 60870-5 and DNp3. Our staff played a key role in the EPRI Utility Communication Architecture (UCA) project and the IntelliGrid Architecture effort.

Grid Modernization & Grid Architecture

by EnerNex | Jun 20, 2025 | Grid Modernization

Helping our clients implement and integrate grid modernization technologies and processes that are aligned with tomorrow’s utility. A Grid Modernization program frequently includes many complex utility engineering and operational topics, many times the scope of these...

Enabling Grid Integration of Electric Vehicles: NEMA EVSE 40011 Standard

by EnerNex | Apr 22, 2025 | Article

We’re excited to share our involvement in an important industry milestone: the development of the NEMA EVSE 40011 standard, which supports the integration of electric vehicles into the grid. This effort represents a crucial step toward ensuring safe, effective, and...

Grid Modernization with Artificial Intelligence

by EnerNex | Jan 29, 2025 | Article

_______________________________________________________________________________________________________________________ Introduction The electric power industry is undergoing a transformative era, driven by digitalization, renewable energy integration, and increasing...