Advanced Security Acceleration Project for the Smart Grid (ASAP-SG)

Apr 8, 2024 | Blog, Projects

The Advanced Security Acceleration Project for Smart Grid (ASAP-SG) was a collaborative effort led by EnerNex and involved multiple major North American utilities, the National Institute of Standards and Technology, and the United States Department of Energy (DOE), including resources from Oak Ridge National Laboratory and the Software Engineering Institute of Carnegie Mellon University.

The ASAP‐SG effort produced a series of Security Profile documents which define recommended security controls tailored to the needs of specific smart grid application areas. The security controls outlined in each security profile are derived from the intended functionality of a system (documented in detailed use cases) and high level security and operational objectives. Each profile addresses different, but interacting, elements of potential smart grid applications and provides prescriptive, actionable guidance for how to build-in and implement security for smart grid functionality. A Security Profile is a reference that identifies detailed security requirements for assets involved in supporting a specified collection of smart grid functionality. These specifications are agnostic to vendor and implementation. The potential users of a Security Profile are all stakeholders in the smart grid community who are concerned about security including:
• Utilities that want to secure their systems
• Vendors and service providers that want to offer products and services that satisfy established smart grid security requirements
• Government agencies and consumers that want to know what is being done to secure smart grid resources
• Standards development organizations that want to collect best practices for security in the smart grid

These documents can be found on the OpenSG User’s Group/SG Security SharePoint site. For your convenience, a summary and link to the various works produced by the ASAP-SG team follows.

ASAP-SG: AMI Security Profile v2.1
The AMI Security Profile was developed by the ASAP-SG team in order to accelerate the development of security requirements and standards. This work product has been accepted and used by NIST Cyber Security Working Group and the AMI-SEC Task Force within the UCAIug.

ASAP-SG: Third Party Data Access Security Profile v1.0
The Third Party Data Access Security Profile was developed by the ASAP-SG team in order to accelerate the development of security requirements and standards. This document delineates the security requirements for individuals, utilities, and vendors participating in a three-way relationship that involves the ownership and handling of sensitive data. Specifically this document is aimed at the smart grid environment, and is intended to address the concerns of electric utility customers who want to allow value added service providers to access electric usage data that is in the custody of the customer’s utility. Other three-way data sharing scenarios may also be addressed using this profile, as the roles of the three parties have been abstracted in such a way as to support mapping to different environments.

ASAP-SG: Distribution Management Security Profile v1.0
The Distribution Management Security Profile was developed by the ASAP-SG team in order to accelerate the development of security requirements and standards. This document defines security requirements for automated distribution management (DM) functions in a smart grid environment, including steady state operations and optimization. This document addresses concerns related to using communications and automation in field equipment that controls the configuration and operation of the electric distribution system. Other electric system operation scenarios may also be addressed using this profile, as the various roles defined herein have been abstracted in such a way as to support mapping to different environments.

ASAP-SG: Wide-Area Monitoring, Protection, and Control (Synchrophasor) Security Profile (Draft) v0.08
The Wide-Area Monitoring, Protection, and Control (WAMPAC) Security Profile was developed by the ASAP-SG team in order to accelerate the development of security requirements and standards. This document defines security requirements for wide-area monitoring, protection, and control of the electric grid, specifically leveraging synchrophasor technology. This profile addresses security concerns associated with the use of phasor measurements in electric system operational decisions, whether these decisions are made off-line, real-time but manually, or through automated processes. The recommendations made herein are based on stated system architectural and functional assumptions, and offer a singular security baseline for overall use of synchrophasor technology with tailored subsets of recommendations where variations in system deployment or usage occur.

ASAP-SG: Substation Automation Security Profile (Draft) v0.15
The Substation Automation Security Profile was developed by the ASAP-SG team in order to accelerate the development of security requirements and standards. This document defines security requirements for electric grid substation automation technology. The profile addresses security concerns associated with automated and manual interaction in support of system protection (inter and intra-substation), system control (local and remote), system optimization (e.g., voltage and reactive power), and system monitoring (i.e., equipment health) performed by equipment located in transmission and distribution substations.

ASAP-SG: Security Profile Blueprint v1.0
The Smart Grid Security Profile Blueprint provides the electric utility industry along with supporting vendor communities and other stakeholders a framework, set of tools, and method to create and customize Smart Grid domain-specific security profiles. These security profiles specify security requirements that should be applied to the procurement, implementation, and configuration of Smart Grid systems.
The primary audience of the Blueprint is any organization attempting to create a new security profile or customize an existing security profile; therefore the document is written for security architects from utilities, vendors, and system integrators that have experience with utility security. Other stakeholders, such as vendors, can use this document to understand how a particular set of security controls was selected as part of a particular security profile. The Blueprint is intended to produce requirements that are technology-specific but vendor-agnostic, and does this by defining a process for creating a security profile. This process includes the delineation of profile scope, creation of a logical reference architecture, definition of objectives for secure operation, performance of a failure analysis, recommendation of security controls, and validation of criteria for satisfaction of requirements.

ASAP-SG: How a Utility Can Use ASAP-SG Security Profiles (White Paper)
This document describes several different ways that ASAP-SG security profiles can be used to improve the security of smart grid systems. We assume that the business decision to create or modernize a system has already been made and that procurement will be an important element of the project. We do not assume a particular procurement process or how project responsibilities may be distributed across particular organizational units. Instead, we focus our discussion on elements that are integral to any smart grid project—elements like sets of requirements, designs, and procured or internally developed equipment or systems—and how a security profile can be used (for example) to help create, test, or configure these elements.

 

 

Smart Metering (SM) and Advanced Metering Infrastructure (AMI)

Smart Metering and AMI is a transformational process addressing multiple business and technical needs of the utility enterprise. This is more than just smart meters and communications networks; it includes all of the back end applications that can leverage the meter assets, such as outage notification, demand response, call center optimization, disputed billing process handling, pre-payment opportunities, and service connection management methods and procedures, to name a few.

Implementing SM and AMI faces the same business, engineering, and operational challenges as any other across-the-utility information technology endeavors – most notably risk associated with embracing proprietary technology, missing functionality and early obsolescence. Effective SM and AMI development, implementation, and operation relies on a marriage of electric power engineering with information technology expertise: a key component of EnerNex’s expertise and experience.

EnerNex provides an array of engineering and consulting services geared towards intelligent and effective implementation of SM and AMI. This covers all phases of project development, starting with capturing system requirements where our experts leverage a “Use Case” centric view of activities needed to be accomplished and their interaction with systems and other users. Subsequent project steps typically examine other critical areas, such as: modeling of business cases, building inter-department consensus, assembling and assessing system functional requirements and non-functional requirements, developing a system design, hardware and software specifications and standards, complete procurement services including RFI and RFQ process support, supplier rating system, response evaluation methodology, deployment management, and training of office and field personnel.

Demand Response (DR)

Demand response can be as simple as load interruption directed by the energy supplier in response to severe demand requirements, to complex customer defined load management in response to price signals. DR is one of the components of a “Non-Wires Alternative” that many utilities are effectively using to avoid expensive distribution fortification or upgrade.

 

Often the success and/or failure of demand response programs can be linked to program implementation challenges such as rate/tariff design rate structures communication (e.g. price signals) or ineffective incentives used by utilities to encourage customers to accept operational change. The issues of program design, rate structure and customer impact have a tremendous influence on the success or failure of load management initiatives. Demand response has traditionally been used as a tool of the energy industry to ensure system stability. However, the introduction of microelectronics, communications, home automation and the Internet of Things (IoT) has led to the development of cost effective solutions that have the capability to allow the consumer to take control of managing their energy load and ultimately, the price they pay for energy.

EnerNex has the experience and skills to turn your DR program into a successful operational asset and customer engagement process that can deliver value to all parties.

Energy Assurance Planning

Natural and man-made disasters cause an estimated $57B in average annual costs for all parties; large single events have resulted in losses of $100B or more. Events, such as the World Trade Center disaster, Hurricane Katrina, and most recently Hurricane Helene, have demonstrated an acute need to revisit, revise and implement an effective energy assurance plan. Energy assurance plans assess the functionality and interdependencies of buildings and infrastructure systems and the role they play in sustaining service and rapidly restoring critical services to a community following a hazard event.

 

EnerNex assists our clients in developing comprehensive energy assurance plans that mitigate and minimize the impact of energy disruptions. Our experts assess critical infrastructure risks and evaluate appropriate mitigation strategies and can help in developing an effective business continuity/disaster recovery (BC/DR) plan for utilities and your customers.

Microgrid Development

As the electric grid becomes more distributed and interactive, microgrids are playing an increasingly important role in our energy future. Decision makers at military bases, corporate and institutional campuses, residential communities and critical facilities across the world are exploring and implementing microgrids to meet economic, resiliency and environmental goals. Utility-grade microgrids are being deployed to meet transmission constraints, reliability requirements and safe-havens in the event of a significant storm event.

Microgrid_development Graphic steps to support grid modernization

Bringing together a portfolio of distributed energy resources into a controllable, islandable microgrid comes with its own set of challenges. The key to solving these challenges is in architecting a system to support information exchanges between components across well-defined points of interoperability (interfaces) in a technology independent manner. This interoperability ensures that the system is resilient to technology change. Modern systems engineering techniques must be employed to ensure that individual sub‐systems are clearly identified, their functions enumerated, their data requirements known, and the points of interoperability clearly specified, along with the commensurate monitoring, command and control that is needed to ensure grid stability. With such architecture, we can apply best of breed technology available today to support those information exchanges at interface boundaries but be free to upgrade / change the implementation technology later without causing a ripple effect throughout the system.

Enterprise Architecture

Enterprise Architecture focuses on aligning an organization’s business strategies with its anticipated, desired and planned technology enhancements. Enterprise Architecture provides a framework to cost-effectively transition from a current “as-is” technology to future enterprise-wide technological solutions. An effective Enterprise Architecture program aligns business investments with long-term business strategies while minimizing risk and providing superior technological solutions. EnerNex’s key asset is its highly skilled and experienced staff who are closely connected to both the smart grid and EA standards and practices. We provide clients with the insight necessary to operate a fully functioning smart grid, which is flexible, scalable, and vendor independent.

Grid Modernization Roadmap

Utility companies across the globe are continually modernizing their grid. Each company often has different rationales, objectives and priorities. Frequently, smart grid plans are developed for individual, incremental initiatives, rather than as a part of a whole, intelligent and interoperable infrastructure. Planning may be developed around technology choices rather than business and technical requirements. The result of incremental and flawed planning leads to increased cost and risk, lost opportunities, disconnected expectations and dead ends.

 

EnerNex’s approach to grid modernization roadmap development follows a proven, industry-standard approach to grid modernization planning by collaboratively working with the utility to develop a set of prioritized and time-phased grid modernization initiatives unique to its business strategy and objectives. The roadmap developed is holistic, requirements-based, business value driven and actionable. It often builds on and leverages existing applications and infrastructure, and incorporates industry standards to ensure interoperability, flexibility and reduced cost and risk.

Utility Communications

Utility communication and control systems are increasingly interconnected to each other and to public networks and as a result, they are becoming increasingly more susceptible to disruptions and cyber attacks. EnerNex has experience with the various issues relating to development, implementation and optimization including feasibility analysis, design, software development and customization, project management and acceptance. Our expertise extends from being involved in the development of the fundamental standards that support utility communication and automation, through deployment and securing of those resources. EnerNex personnel were heavily involved in development of such standards and protocols as IEC 61850, IEC 60870-5 and DNp3. Our staff played a key role in the EPRI Utility Communication Architecture (UCA) project and the IntelliGrid Architecture effort.

Related Articles

Related

Grid Modernization & Grid Architecture

Helping our clients implement and integrate grid modernization technologies and processes that are aligned with tomorrow’s utility. A Grid Modernization program frequently includes many complex utility engineering and operational topics, many times the scope of these...

read more

Grid Modernization with Artificial Intelligence

_______________________________________________________________________________________________________________________ Introduction The electric power industry is undergoing a transformative era, driven by digitalization, renewable energy integration, and increasing...

read more
X