Normally, the last thing I'd advocate is another government agency. But in the case of the smart grid, it might not be a bad idea.
The Massachusetts Institute of Technology recently concluded that the mishmash of agencies overseeing the security of the smart grid is ill equipped to handle a cyberattack. According to a Reuters article, MIT recommended that a single federal agency deal with the threat of cyberattacks on the national grid. This agency would work with the industry and have the regulatory authority to enhance cybersecurity preparedness, response, and recovery. According to the article:
While acknowledging there is no absolute insurance against such attacks, the MIT researchers said a single U.S. agency would be better able to address the problem than the disparate federal, state, and local entities responsible for various aspects of safeguarding the power grid.
Problems with managing the grid were highlighted by a rare October snowstorm that swept across the Northeast. In some states, residents were without power for up to 11 days, because repair efforts weren't properly coordinated. Crews dispatched from outside the Northeast sat idle while they waited for the OK to get to work. Some crews answered to their employers, some to the state, and others to a union. No single organization coordinated the efforts, and the results were a nightmare.
Until recently, I had a hard time imagining why anyone would try to hack into a utility. The fact is that outages in one part of the country have a far-reaching effect. Planes in California are grounded because of outages in Atlanta. Hackers aren't targeting individuals. They are targeting systems. If weather can wreak such havoc, imagine what a coordinated attack would feel like.
Other MIT recommendations cited by Reuters include:
Utilities with advanced metering technology should start the transition to customer prices that reflect the time-varying costs of supplying power, to improve the grid's efficiency and make rates lower.
The electric power industry should fund research and development in computational tools for bulk power systems, methods for wide-area transmission planning, procedures for responding to cyberattacks, and models of consumer response to real-time pricing.
To improve decision-making, more detailed data about the bulk power system, results from "smart grid" demonstration projects, and other measures of utility cost and performance should be compiled and shared.
Cybersecurity fears reach far beyond the grid, of course -- any system can get hacked. But utilities might be vulnerable because of the market they serve. Homeowners aren't worried about their utilities being hacked. But maybe they should be.
For a hacker to attack a system he/she must have an incentive. That incentive may be financial gain or the pure thrill of being the first to crack a system. In the case of the smart grid, besides the obvious incentive of causing widespread chaos, another strong incentive for an attacker is making money. In the smart grid, households will be able to sell energy to the grid besides using it. This energy will be harvested in a house using solar panels, wind power and in some cases wave motion. (There 's a great video that illustrates how this is done here for the interested readers.)
Imagine a scenario where the meter ID of a house selling energy to the grid is stolen by an attacker to use in his/her utility meter at home. That way the attacker would be able to pocket the money that belongs to the victimised home owner.
In order to avoid such attacks, besides providing local security measures on the smart meters, a global security framework is required. This security measure should be centralised and controlled by a trusted and powerful body in order to be effective. Therefore, I cannot think of an alternative means of providing this security framework other than by a govenrment agency.
Good point p_d, I am wondering also how that application could run, for example, in case Govs would decide to implement public safety services for preventing natural disasters as hearthquake or dramatical flooding. It is an aspect not mentioned till now within posts delivered, but I am convinced smart grid could help a lot in.
I am quite curious to know about this Bloom Box. How does it stand in terms of pricing and running cost. It could become a viable alternative for grid power in remote villages and small towns in India.
Yes, it seems that a smart grid would need extra security. But even the standard power grid we have in place now can be improved. Though my own area was not really affected, some people in northern NY, NJ, and CT were without power for a whole week after the snowfall in October. There really should be a way to move things along faster with better backup, planning, and reaction times.
Thanks for the feedback, readers! I've been mulling this over, trying to figure out how it might work. One thing that comes to mind is the Department of Energy be given oversight in the event of a cyberattack. That means the DOE and the various utilities have to cooperate upfront to get their systems in sync and they must agree on a common protocol. I think one of the barriers here is the mix of public and private ownership of ultilites we have here in the US. Even though a utility is regulated, it doesn't mean that a state or federal government can mandate how a utility runs its business. A cooperative effort on behalf of the government and utilities would be much more effective.
"The Massachusetts Institute of Technology recently concluded that the mishmash of agencies overseeing the security of the smart grid is ill equipped to handle a cyberattack".
I do agree with the Massachusetts Institute of Technology findings too. If the current agencies are ill equipped to handle a cyber attack or unable to deal with recent act of God that affected some parts of the states in America then a government or some sort of agency is needed to oversee and ensure the delivery and services of a proper workable smart grid.
I am normally like you Barbara; I would rather not see more government agencies set up for many reasons. However I do think there needs to be a agency in place that can help coordinate and control the countries grid. After the massive blackout in the early 2000's that took out power from Michigan to New York or the various blizzards, everybody needs to be on the same page. After seeing some of the chaos caused by storms, it would be total pandemonium if there was a coordinated super hack.
@Barbara, thanks for the post. I think government should install backup powersupplies at all critical places. One such alternative powersupply device is - bloom box. The technology is a square box made of fuel cells that can fit right in the palm of your hand but can also power your entire house. According to he founder and CEO of Bloom Energy, a single cell (one 100 × 100 mm metal alloy plate between two ceramic layers) generates 25 watts, enough to light a lightbulb.
EBN Dialogue enables and encourages you to participate in live chats with notable leaders and luminaries. Not only editors and journalists, but the entire EBN community is able to comment and ask questions. Listed below are upcoming and archived chats.
Thailand Stages a Comeback Join EBN contributor Jennifer Baljko on Thursday August 23, 2012, at 11:00 a.m. EST for a live chat on how electronic manufacturers in Thailand have shored up their supply chain to reduce the impact of future natural disasters.
Microsoft Surface: Potential Winners & Losers What are the implications for the electronics industry supply chain of Microsoft Corp.'s decision to launch its own tablet PC? Join industry veteran and EE Times' systems and OEM expert Rick Merritt on Tuesday, July 3, at 12:00 pm EDT for a Live Chat on this subject.
Join EBN contributor Jennifer Baljko on Thursday August 23, 2012, at 11:00 a.m. EST for a live chat on how electronic manufacturers in Thailand have shored up their supply chain to reduce the impact of future natural disasters.
Peter Drucker famously said "Trying to predict the future is like trying to drive down a country road at night with no lights while looking out the back window." Yet in the razor's-edge world of electronics—with a lean supply chain and just-in-time demands—the need to know the future is vital.
While no one really can accurately predict the future, we can take guidance from another Drucker saying which is the best way to predict the future is to create it.
You've heard the saying "the No. 1 supply chain risk is your people." That hasn't always been the case. But today's complex global supply chain requires a new type of multitalented employee. It's one who understands, finance, marketing, economics, is savvy with technology, graceful with relationships and can think analytically.
Where are these people? Are universities properly preparing the next generation supply chain professionals? How do train your existing workforce for these new, demanding positions?
Brian Fuller, editor-in-chief of EBN, will lead a 60-minute Avnet Velocity panel discussion that will ask and answer these and other questions swirling around today's supply-chain talent challenges.