Integrating risk reduction to protect critical infrastructure
Work continues on the EU’s E7m integrated risk reduction of information-based infrastructure systems (IRRIISS) project. Launched last year (International Power Engineer, November 2006), IRRIISS aims to protect large critical complex infrastructures such as energy supply from threats as diverse as short circuits, human error, hackers and terrorists.
The project now has a better idea of the challenges it faces following a recent survey on information and communication technology (ICT) vulnerabilities within the power sector. The survey was carried out by GRID, an EU-funded coordination body set up to assess the needs of the EU power sector (see http://www.irriis.org/ecn for more).
Overall, the survey found that protection and control are the most critical issues in terms of the interface between ICT and power systems. Protection and measurements are found to be the most vulnerable issues. Control is perceived to be less vulnerable, because of confidence in operator capabilities.
In particular, the survey found that vulnerability of the electrical infrastructure appears to be increasing due to growing demand, hectic transactions, more stakeholders and control complexity. Referring to the blackouts in both Europe and the US, the report states: “Although these events do not seem to have been influenced by malicious acts, existing vulnerabilities could be exploited by malicious threats in the future.”
Protection was ranked as the most critical function, followed closely by control. The reason for such high rankings in these two areas is that a single error in protection and/or control has the potential to lead to larger events of a severe nature such as voltage instability and blackouts. The ability of protection systems to both limit damage under normal expected operation and to exacerbate problems under abnormal operation makes the protection area critical.
Control comes in a close second behind protection. The survey found that the proper circulation of information in the control loop is the key element in control criticality. “The availability of correct incoming and outgoing information is essential in supporting and executing operators’ decisions regarding control actions,” it states.
The telecommunications network is quoted as a critical component of both management and coordination on the one hand and measurements on the other. Measurements are seen as highly critical collectively and barely critical individually due to the high level of measurement redundancy. Operator decision support ranked the lowest in criticality due to heavy reliance on the sound judgment of experienced operators.
Protection, the function with the highest criticality ranking, also ranked highest in vulnerability. Hidden failures and configuration/settings errors are of primary concern here. Remote access via ICT and sensitivities to ICT failures also cause protection schemes such as wide-area protection and distance relays to have increased levels of vulnerability.
Measurements are seen as highly vulnerable mainly because of the high failure rate of RTUs and the reliance of ICT functions on wide-area measurements. “The tendency of data acquisition methods away from privately owned dedicated networks on to potentially less secure systems is a cause for concern,” notes the survey.
Wide-area monitoring seems to be the key link that makes monitoring both critical and vulnerable. The term ‘wide-area’ suddenly marries measurement devices such as RTUs (with their famously high failure rates) and monitoring functions such as state estimators (with their famously sound robustness) together through the ICT medium. The questionnaire findings indicate that it is the ICT interface with power systems that increases risk and vulnerability. State estimators are not seen as highly vulnerable and are permanently observed, thus monitoring enjoys a lower level of vulnerability.
System management and coordination along with operator decision support were the least vulnerable functions owing largely to confidence in operator experience. Those polled also placed great emphasis on the use and methods associated with risk and vulnerability tools. While cyber-security assessment of critical online equipment is needed, there is a lack of appropriate methodologies. The effort to “amalgamate the risk analysis of electrical contingencies with cyber security analysis” is encouraged by those polled. The lack of appropriate risk and vulnerability tools is explained by the lack of a broadly accepted conceptual basis for risk assessment. The redesign of control architectures and technologies is not a popular idea, while the upgrading of control architectures and technology is highly emphasised.
The results of the survey suggest that an evolution is in order – not a revolution. A main challenge voiced in the control issue is to ‘integrate innovative control equipment with the legacy control systems…’. The focus here is on researching wide-area controls that are impenetrable to hackers.
Among other problems highlighted by the survey are need to incorporate ICT risk scenarios into operator trainer programmes, and the need for a risk database. The lack of ICT/cyber-security studies on power systems controls is noted as a problem needing remedy, too.
US plans for smart grid
Meanwhile, the California-based Electric Power Research Institute (EPRI) has launched a new initiative called Dynamic Energy Management (DEM) to address issues such as electricity savings, demand reductions and peak load management. The goal is to improve energy efficiency by using the latest technology, thereby reducing electricity usage and greenhouse gas emissions
More than 36 electricity utilities will meet with the EPRI to collaborate on the programme, which in focusing on three key areas. These are: analytics and information on the economic and environmental impact of dynamic energy management; infrastructure component and system testing and development; and smart, efficient end-use device and equipment development, targeting the identification and influencing the design and deployment of equipment that has the highest impact on energy efficiency and demand response.
The EPRI says that increased energy efficiency and demand response are essential elements of any strategy seeking to meet national goals to:
- Meet consumer needs.
- Conserve scarce energy resources.
- Minimise air pollution.
- Control emissions.
- Protect and enhance economic growth.
- Move to a more sustainable long-term energy supply.
“The DEM initiative represents a major step forward in developing an electricity system that is more efficient and environmentally friendly,” said Arshad Mansoor, vice president of EPRI’s power delivery and markets sector. “We will evaluate products to determine how well they function and whether they are interoperative with utilities’ communications systems. This is a key component in creating demand response and dynamic systems that facilitate getting prices to devices,” he added.
That assessment requires the creation of a living laboratory, a real-world demonstration project, which EPRI has agreed to host at its Knoxville, Tennessee, research facility.
Among the items that the laboratory will examine are high-efficiency energy end use devices, internet protocol (IP) addressable electrical devices, control systems to optimise performance and match it with demand, and two-way communications to allow automated control of devices in response to pricing or emergency demand reduction signals.
