The energy information that will be unleashed by the digital technologies of the smart grid is valuable. That’s why companies and policy-makers are pushing so hard to add infotech to our electrical system. But that information is also valuable to people that could use it for ill will — to disrupt the power grid, for example, or steal personal information.
Worried? Don’t fret too much. The Department of Energy and the National Institute of Standards (NIST) are taking the subject seriously. NIST recently released a smart grid security document that’s twice as long (over 200 pages) as the group’s overall smart grid industry roadmap and the DOE has said it won’t hand out stimulus funds to otherwise strong smart grid projects unless security is addressed in them. Here’s 10 important things to know about security for the smart grid:
Security Added in Later is Costly: Internet security experts have been pretty clear about the fact that adding on security functions to the smart grid after the architecture has already been rolled out will be considerably more expensive than if security is folded in from the very beginning. Security consultants at IOActive recently wrote: “Studies show that overall project costs are 60 times higher when gaps in information security controls are addressed late in the development cycle, as opposed to projects where security is implemented in the design phase.”
It’ll Be A Big Business: There’s another reason that computing security and information technology companies are talking a lot about smart grid security — it’ll be a sizable industry. Last week computing giant Hewlett-Packard launched its Smart Grid Security Quality Assessment (SGSQA) service, which will provide auditing and testing of security services and is based on tools that HP uses to test its own software. Consultants like IOActive will also make some nice sales off of teaching utilities and power companies about how to keep their assets safe.
Two-Way Networks Mean More Risks: The very nature of adding digital intelligence and two-way functionality to the power grid will increase the risk of cyber attacks and vulnerabilities. As the NIST smart grid security document explains more endpoints and more interconnected networks mean more ways for security problems to get in and proliferate. But that said, the power grid — like everything else — needs to go digital, not just to combat climate change but to create more efficient operations. And as long as the industry builds the smart grid to prepare for these security concerns, the problem is manageable.
It’s Already a Problem: Don’t think this is an issue that is far in the distant future. According to Ian Watts, head of energy and utilities at British security firm Detica, the 40 million smart meters that have already been installed globally “have seen a number of security breaches,” including “insecure meters, hacking of customer details, denial of service attacks and suspected infiltration by foreign intelligence services.”
It’s Just Digital Security: We’ve seen this before. Smart grid security is very similar to keeping other important digital functions secure, like electronic voting systems, online banking and ATMs, personal information on cellphones and laptops, and of course the Internet and phone company networks, points out Steve Brain, an analyst with metering firm Meter-U. And as the NIST document explains: “IT and telecommunication sectors will be more directly involved. These sectors have existing cyber security standards to address vulnerabilities and assessment programs to identify known vulnerabilities in these systems.”
Smart Grid Security Has Even More Standards: While NIST has been busy identifying 77 standards for the smart grid, NIST has found at least five standards that are directly related to smart grid security. That includes standards from NERC, IEEE, AMI System Security Requirements, UtilityAMI Home Area Network System Requirements and IEC standards.
It’s a Work In Progress: NIST established the Cyber Security Coordination Task Group (CSCTG), which is made up of 200 volunteers from private companies and the public sector, and published the first draft (already a 236 page tome) of smart grid security requirements earlier this month. NIST is taking public comments and will craft a new version to be published by December 2009. Then the final document is supposed to come out March 2010.
Utilities Need Much Better Privacy Safeguards: A NIST group looked at privacy policies for utilities and found that state utility commissions often lack formal privacy policies related to the smart grid, and if the state does have privacy laws, they often aren’t specific to utilities. In response to these findings, NIST suggested these steps to ensure consumer privacy: 1). Appoint personnel to ensure privacy practices exist and are followed; 2). Explain clearly to consumers what and why any data is collected; 3). Give consumers choices for collecting their data and get consent; 4). Don’t collect more data than needed; 5). Only use the data for which it was intended to be collected; 6). Show consumers the data that is being collected and enable them to correct it if need be; 7). Protect data from security vulnerabilities.
The Smart Meter As the Pain Point: At the Black Hat security conference IOActive’s Mike Davis showed how smart meters could be the most vulnerable area of the smart grid because they’re cheap, accessible and — in a word — hackable. Using a simulation of a worm David showed how a smart meter could be hacked to spread a worm from meter to meter, which could cause a power grid surge or shut off.
Different Places on Grid Have Varying Vulnerability: The NIST group plotted out piece-by-piece how vulnerable each section of the grid is and what could happen to them under a security threat. Check out pages 18 to page 32 for this interesting
source: Link
Friday 9 October 2009
The Green IT Review: Smart Google and Cisco
Google has announced a device partner for its PowerMeter tool, which we mentioned in a previous blog. The PowerMeter software shows consumers their home energy information in a form easy to access and understand on their computer. The idea (as with all home smart meters) is that increased awareness of energy use leads to reduced consumption.
But up till now PowerMeter has required a smart meter to be installed by the utility supplier. With this new device the utility’s smart meter is no longer required.
![]()
The device, which is only available in the US, is a TED 5000 from Energy Inc. (TED stands for ‘The Energy Detective’). It allows users to view personal home energy data using the free PowerMeter software from anywhere you can access the web. Consumers can get real-time information on energy use and costs, as well as changes in use over time. The company is looking for other device partners.
Meanwhile, Cisco is also continuing its push into the smart grid market. According to smartgridnews.com the company has partnered with German utility Yello Strom in a pilot to allow about 70 homes and businesses to communicate with the electric grid over an IP network. The trial will use Yello Sparzaehler meters, which also happen to integrate with Google’s PowerMeter. The trial is aimed at giving Yello Strom customers the means to manage their energy consumption, hence reducing bills and peak demand.
© The Green IT Review
Link
But up till now PowerMeter has required a smart meter to be installed by the utility supplier. With this new device the utility’s smart meter is no longer required.
The device, which is only available in the US, is a TED 5000 from Energy Inc. (TED stands for ‘The Energy Detective’). It allows users to view personal home energy data using the free PowerMeter software from anywhere you can access the web. Consumers can get real-time information on energy use and costs, as well as changes in use over time. The company is looking for other device partners.
Meanwhile, Cisco is also continuing its push into the smart grid market. According to smartgridnews.com the company has partnered with German utility Yello Strom in a pilot to allow about 70 homes and businesses to communicate with the electric grid over an IP network. The trial will use Yello Sparzaehler meters, which also happen to integrate with Google’s PowerMeter. The trial is aimed at giving Yello Strom customers the means to manage their energy consumption, hence reducing bills and peak demand.
© The Green IT Review
Link
Thursday 8 October 2009
WiTricity chosen as 2009's best company for "Energy Management, Smart Grid, and Energy Efficiency"
WiTricity is a startup that’s developed a technology to wirelessly transmit electricity, powering anything from small portable devices to EVs while they’re idling at a red light.
The AlwaysOn Network recently announced their Third Annual List of the GoingGreen 100 Top Private Companies of 2009. The award recognizes the top private greentech companies that are creating new business opportunities and transforming the world’s largest industries to improve sustainability. WiTricity was chosen as the best private company under the "Energy Management, Smart Grid, and Energy Efficiency" category by The GoingGreen 100.
More: Link
The AlwaysOn Network recently announced their Third Annual List of the GoingGreen 100 Top Private Companies of 2009. The award recognizes the top private greentech companies that are creating new business opportunities and transforming the world’s largest industries to improve sustainability. WiTricity was chosen as the best private company under the "Energy Management, Smart Grid, and Energy Efficiency" category by The GoingGreen 100.
More: Link
Earth2Tech: What Cisco Can Learn From A Yello Strom Smart Grid Pilot
Networking giant Cisco could learn a whole lot from its partnership with German utility Yello Strom, which I once called the coolest utility in the world, and which focuses heavily on smart grid consumer hardware and the use of the Internet for the power grid. While Cisco included Yello Strom as a partner in its smart grid announcement last month, the networking company announced more details about a 70-home pilot project using Yello Strom’s sophisticated “Sparzähler” or smart meter this morning. If Cisco aims to some day develop a Linksys-based home energy management product, the project detailed today could provide some important information for that effort.
The trial will use an Internet Protocol-based connection and customers will use the Yello Sparzähler to monitor energy consumption in real-time, and hook up appliances to smart plugs to curb consumption during specific times of the day. Cisco confirmed with us that the pilot will use the consumer’s home broadband network for the smart meter connection. Yello Strom commonly uses the consumer’s own home broadband connection to connect the Sparzahler to the smart grid, which is somewhat unusual in the utility world.
Using the home broadband connection can make the energy management set-up easier, the connection cheaper and help customers incorporate energy management into their everyday lives more quickly. On the other hand, when the broadband connection drops, the smart meter service goes out, too. Many utilities also want to keep control over their networks, partly so they can maintain a high level of security for smart grid services.
Yello Strom is also one of the only utilities I’ve heard of that has developed and sells its own sophisticated smart meters. In July Martin Vesper, Yello Strom’s executive director, told us that the company looked at the smart meters that were already available on the market, and found only tools that focused on helping energy efficiency from a utility perspective. Not seeing anything they liked, or anything that would get consumers excited, they developed their own, which looks like it would be at home in the window of an Apple store, is built off of Microsoft Windows CE, and has both a small web server and client inside. Yello’s meter is a lot more sophisticated than other smart meters.
This unusual environment — a sophisticated, innovative smart meter, and potentially a home broadband connection — will be a very interesting environment within which Cisco can run a pilot program. It could enable Cisco to get an interesting perspective for how it could roll out any type of Linksys, broadband-based, home energy management product, which Cisco has actively been looking into. Back in June Cisco told us that for a trial with Duke Energy it could deploy its own consumer smart energy home hardware, which includes Linksys products and “homeplug” devices that transfer data via power lines.
From a brand recognition perspective, using gear made by Linksys, which Cisco acquired in 2003, could help consumers become more aware of home energy management tools and even ease them into the practice of buying the devices. Since a Linksys device would be more sophisticated than a common smart meter, and would likely use a home broadband connection, this pilot with Yello Strom could actually teach Cisco a whole lot in how home owners would use such a device.
Source: http://earth2tech.com/2009/10/05/what-cisco-can-learn-from-a-yello-strom-smart-grid-pilot/
Wednesday 7 October 2009
Earth2Tech: The Focus on Smart Meters Is A “Red Herring”
While I was edumacating attendees of our “Biggest Opportunities of the Smart Grid” webinar this morning (for subscribers to GigaOM Pro), I learned a great deal from Pike Research analyst Clint Wheelock, who gave an overview of the market on the call. Most interesting to me was that out of a predicted massive investment in smart grid infrastructure — estimated at $210 billion between 2010 to 2015, according to Pike Research — smart meters will actually play a pretty small part of the market: just 11 percent of the total smart grid revenue opportunity.
“The focus on smart meters is a red herring,” explained Wheelock in the webinar this morning. Given all the attention surrounding utilities rolling out smart meters, I thought it was interesting that revenues from smart meters trailed other smart grid sectors like transmission infrastructure and distribution automation. And revenues from smart meters actually just tied the demand response market, and barely beat out the revenues from substation automation. Wheelock pointed out on the call that utilities will get a better return on their investment for those technologies like distribution automation, and additional transmission capacity compared to smart meters.
Images courtesy of Pike Research and Flickr Creative Commons.
Source: http://earth2tech.com/2009/10/07/the-focus-on-smart-meters-is-a-red-herring/
“The focus on smart meters is a red herring,” explained Wheelock in the webinar this morning. Given all the attention surrounding utilities rolling out smart meters, I thought it was interesting that revenues from smart meters trailed other smart grid sectors like transmission infrastructure and distribution automation. And revenues from smart meters actually just tied the demand response market, and barely beat out the revenues from substation automation. Wheelock pointed out on the call that utilities will get a better return on their investment for those technologies like distribution automation, and additional transmission capacity compared to smart meters.
Images courtesy of Pike Research and Flickr Creative Commons.
Source: http://earth2tech.com/2009/10/07/the-focus-on-smart-meters-is-a-red-herring/
HP launches a smart grid security service
According to a report in eWeek Europe, HP has launched a security audit for smart grid services.
Security has been increasingly raised as an issue with smart grids, as I reported back in March, and HP’s new service is also in response to some recent hacking of energy meters and other smart grid infrastructure.
The HP Smart Grid Security Quality Assessment (SGSQA) service was announced at the company’s Executive Energy Conference in Budapest and is aimed at utility companies and smart grid operators.
The new service is apparently based on an existing security audit methodology that HP uses to test its own software and hardware. The service, which HP says works in multi-vendor environments, would take around two weeks to check the vulnerabilities of a smart grid system and is already being trialled with three utility companies.
© The Green IT Review (www.thegreenitreport.com)
Source: Link
Security has been increasingly raised as an issue with smart grids, as I reported back in March, and HP’s new service is also in response to some recent hacking of energy meters and other smart grid infrastructure.
The HP Smart Grid Security Quality Assessment (SGSQA) service was announced at the company’s Executive Energy Conference in Budapest and is aimed at utility companies and smart grid operators.
The new service is apparently based on an existing security audit methodology that HP uses to test its own software and hardware. The service, which HP says works in multi-vendor environments, would take around two weeks to check the vulnerabilities of a smart grid system and is already being trialled with three utility companies.
© The Green IT Review (www.thegreenitreport.com)
Source: Link
Smart Grid City
The city of Boulder, Colorado in the USA has installed "Smart Grids", which allow you to determine how much energy you are using, at what times, and even where it's coming from.
Demand Response
A video explaining the concept of 'Demand Response'
what Demand response can mean to us
what Demand response can mean to us
First IEEE International Workshop on Smart Grid Communications - SmartGridComm
CALL FOR PAPERS
First IEEE International Workshop on Smart Grid Communications
(SmartGridComm 2010),in conjunction with IEEE ICC 2010
Important Dates:
- Submission Deadline: November 15, 2009
- Notification of Acceptance: January 20, 2010
- Camera Ready Due: February 20, 2010
- Workshop Date: May 27, 2010
SmartGridComm
First IEEE International Workshop on Smart Grid Communications
(SmartGridComm 2010),in conjunction with IEEE ICC 2010
Important Dates:
- Submission Deadline: November 15, 2009
- Notification of Acceptance: January 20, 2010
- Camera Ready Due: February 20, 2010
- Workshop Date: May 27, 2010
SmartGridComm
NIST releases development standards for smart electric grid
The National Institute of Standards and Technology released a report identifing 15 new standards to guide the development of the smart electric grid, using two-way communication systems to better monitor energy use to lower consumption.
The standards can be found on the following link:
NIST Framework and Roadmap for Smart Grid Interoperability Standards, Release 1.0
The standards can be found on the following link:
NIST Framework and Roadmap for Smart Grid Interoperability Standards, Release 1.0
Subscribe to:
Posts (Atom)
Posts
