Communication and Security for the Smart Grid
Keeping the Smart Grid Smart with Hardware and Software-Based Security and Standards
The Smart Grid and its connected applications are tied into multiple networks carrying vast amounts of information. But with connectivity comes risk. Intelligent M2M solutions serving the Smart Grid need to factor in security as well as seamless communication. These requirements can be served by intelligent systems.
CHRISTINE VAN DE GRAAF, AAEON ELECTRONICS
Page 1 of 1
Intelligent systems are all around us, and one that has been getting a great deal of public attention over the last couple of years is the Smart Grid. A frequent question is: What are the requirements of the subsystems that make up the network behind the Smart Grid? Additionally, and especially important, is an understanding of the communications mechanisms for data capture and analysis plus the security measures put in place to safeguard the data and overall network. Past occurrences of hacking and denial-of-service attacks via an overlooked and unprotected port have put application solution developers equally on guard with the end user and the public.
Security is a key consideration for sensor implementation and data communication for M2M solutions serving the Smart Grid. It is an extremely important factor to consider with regard to sensor implementation in intelligent systems. Sensors used in applications such as transportation and energy, which will be discussed here, require a greater level of security as opposed to ones that are of a less sensitive nature. That being said, any sensors that are used for gathering data about a person also require a deep level of security in order to preserve personal privacy. Since the Smart Grid is an example of a machine-to-machine (M2M) application, it helps to first have an understanding of the layers of M2M networks (Table 1).
Machine-to-Machine (M2M) layers of the Smart Grid.
By dissecting each layer, we get a clearer understanding of what communication is happening at each point and what security measures have to be taken into consideration. Though hardware is a key part of each layer, the software portion and overall system integration are becoming increasingly important too. This helps to achieve the greater goal of optimal value both for the end power customer and the utilities themselves.
Access is the data capture layer. Edge nodes and sensors are constantly collecting data about use, load, generation, etc. Because it would be detrimental to the overall network if these collection points were tampered with, they have safeguards built into them that indicate types of data to be collected and triggers for when they may or may not communicate to the next layer of the grid. A primary means of security for these sensors and edge nodes is a key that identifies them to the next layer. If these units are not identified with the appropriate trusted identification, then the data they are collecting cannot be allowed to travel to the next layer of the network. A smart meter is one example of an access point for the smart grid.
Pre-aggregation and aggregation systems are the gateway to the rest of the grid. Therefore, they must be even more secure than the sensors and edge nodes of the access layer. It is highly important that these systems have both hardware- and software-based security. A key way to do this is to select from solutions that have a built-in trusted platform module (TPM) as well as leverage security technology built into the core computing platform. Together with the TPM as a foundation for security, software-based security with encryption and connection management can be applied. The software security layer also must have a means for detecting hazards and isolating them as well as confirming that a pushed patch has been properly applied. Board and system level products that are Intel Intelligent Systems Framework (ISF) qualified are well suited to match the needs of the pre-aggregation and aggregation M2M layer for the Smart Grid. One such product is the Aaeon GENE-TC05 3.5-inch single board computer (Figure 1). Not only does the GENE-TC05 support onboard TPM as an option, it also has been proven compatible with all the elements of the Intel ISF for connectivity, manageability and security.
The Aaeon GENE-TC05 3.5-inch SBC supports an onboard TPM (optional) and has been qualified by Intel as an Intelligent Systems Framework Ready product.
The core is the layer commonly referred to as the “Cloud.” It is where the vast amounts of Smart Grid Big Data is gathered and put into appropriate and separate sub-clouds (the Smart Grid domains: markets, operators, service providers, bulk generation, transmission, distribution and customers) before being analyzed and having decisions made based upon it at the application layer. The network cloud computing servers that support this layer also need to have built-in security features as well. Such features include TPM and BIOS working together to form “Root of Trust.” They employ 64-bit and 128-bit Advanced Encryption Standard (AES) encryption and powerful policy-based filters. In addition, they use hash-based message authentication code (HMAC), plus Internet Protocol Security (IPsec). Other measures include role-based access control (RBAC) and the use of a signed operating system image.
Finally, in the case of the Smart Grid, the application layer is the back office for each of the domains plus key mobile field devices such as tablets and HMI systems that interact directly with the Big Data collected. Depending on the function of each of the domains, there are unique software-based security measures implemented. The data analytics and data warehousing portion of this layer both have to maintain security with respect to the integrity of data collected and how it syncs with business process tools. As this can become quite complex, it is important to work with partners who know and collaborate with the right mix of experienced M2M ecosystem members. One slip can result in power outages or data releases that impact millions of customers and have exponential revenue impact.
The National Institute of Standards and Technology (NIST) established the Smart Grid Framework, which defines the flow of communications as well as electrical flows. This helps ensure that the key checks and balances are in place to protect communication within the Smart Grid (Figure 2).
Internet Protocols for the Smart Grid per PAP01 (June 2011).
Smart Grid Framework per the National Institute of Standards and Technology (NIST).
In addition to security, the standards that are being implemented for the Smart Grid cover material, products, personnel qualifications, processes and services. They also take into consideration the applicability to their purpose and that they ensure compatibility and interoperability for subsystems that need to work together. They must also preserve public health and safety, protect the environment and, of course, optimize cost.
The efforts of the NIST Priority Action Plan (PAP01) resulted in a study of the suitability of Internet networking technologies for Smart Grid applications. This work area investigated the capabilities of protocols and technologies in the Internet Protocol Suite to determine the characteristics of each protocol for Smart Grid application areas and types.
The Internet technologies consist of a set of protocols to network and transport data messages using IP packets as well as a set of protocols to manage and control the network, such as routing, mapping of IP addresses, device management, etc. This protocol suite enables distributed applications to run over a set of interconnected networks. It also includes session- and transaction-oriented mechanisms to provide security services. The Internet Protocol that has been developed for the Smart Grid is shown in Table 2.
Also worth noting is that the American National Standards Institute recently approved the ANSI/NEMA (National Electrical Manufacturers Association) SG-IC-1-2013 Smart Grid Interoperable and Conformant Testing and Certification Scheme Operator Guidelines. This now makes it easier for those developers bringing to market solutions for the Smart Grid as they have a means of validating interoperability and security of individual grid elements. This means that there are standardized checks and balances as well as a clarified description of roles and responsibilities for each of the key points of the overall Smart Grid adoption process. This contributes to the overall goal of ensuring that Smart Grid products are interoperable from day one.
Although the Smart Grid is evolving and its future capabilities will someday be far beyond what we think of today, regulatory steps and standards are being put in place to keep the Smart Grid smart and secure. As further intelligent systems come to market, they will have to keep these key elements of hardware- and software-based security in mind if they are going to be able to comply with the standards that are coming into play to serve the needs of the advancing energy market.
SIDEBAR: Vision of the Smart Grid
Based on a more detailed overview of the Smart Grid as prepared by Energy.gov, the concept of the Smart Grid reaches far beyond just smart metering. It is an overall way of making the process of energy generation and use far better than it has been in the past, and making it something that everyone can feel a sense of responsibility for as energy is impacted by environment and natural resources, etc., and attempt to make it:
Intelligent – Use/load sensing and dynamic adjustment of power routing based on ongoing data collection while keeping in sync with the goals of the customers, regulators and utility companies themselves.
Efficient – Adjusting to meet demand without the added cost of increased infrastructure and/or resources.
Accommodating – Utilizing power from multiple resources (solar, wind, water, fossil fuel) as seamlessly as from just one with a future-focused design capable of integrating additional power generation sources as they are identified.
Motivating – Allows real-time interaction between the user and the utility so that users can tailor their power consumption to their individual preferences.
Opportunistic – This equates to the ease of “plug & play both from the perspective of incorporating new power sources and the end users options for services.
Quality-focused – Maybe the days of brownouts and blackouts will be behind us as the Smart Grid comes online. This feature is targeted on minimizing power generation and use disruptions.
Resilient – Both security from technology attack as well as tolerance to natural disaster are factored into this element of the Smart Grid.
“Green” – This keeps in mind good global citizenship and minimizing further global climate change while working to actually improve environmental issues.
Aaeon Electronics, Orange, CA. (714) 996-1800. [www.aaeon.com].