Microgrids and Cyberattacks
Updated: Sep 24, 2020
During a power outage, microgrids are considered as electrified oasis. These islands of power are created by removable utilities and standalone power sources. With multiple segments including network for microgrid, interconnections to connected utility and utility control system, these are neither strictly cyber (e.g., information technology) nor electromechanical (e.g., recloser, switch gear, etc.).
Figure: Changing energy eco-system
Thus, it is evident that these utilities are prone to cyber-attacks. Cyber-attack is more dangerous to microgrids when compared to natural calamities like storm or a hurricane. This is because there is less warning. This cyberattack has got a potential to take down an entire microgrid and eliminate the functionality for a longer duration of time.
While security experts compare this cyber-attack to a symmetrical warfare, there seems to be no exaggeration in this. This is because, contemporary economies rely on electricity and without which they seize. Concern about grid security has grown with reports of cyber intrusions into commercial computer networks across a wide range of industries. There have been several high-profile attacks in recent years, including the hijacking of sensitive data from Sony Pictures (reference) in 2014 , the breaching of digital defenses at J.C. Penney and Yahoo! (reference) , and the successful grid cyber-attacks in the Ukraine in 2015 and again in 2016 and 2017. A study conducted by CISCO (reference) claims that 56% of the IT security professionals in utilities say they use cloud-based web security, compared with 36% of respondents in other industries. As experts have experienced more number of security breaches, there has been an urge to adopt cloud-based security.
Attacks originating in cyberspace may range from the disruptive and destructive such as distributed denial of service (DDOS), defacing bill-payer websites, damage to automated modules, ‘bricked’ meters, malware installation, disclosing sensitive data, remote sabotage. As per the article (reference) published, cyber-attack on microgrids is no longer a theoretical concern. This growing threat has captured the attention of the utility industry.
The Edison Electric Institute (EEI), a utility-funded advocacy group, has launched a series of initiatives aimed at safeguarding the grid from cyber threats and is partnering with federal agencies to improve the industry’s resilience to cyber-attacks. EEI also is collaborating with the National Institute of Standards and Technology (NIST), the North American Electric Reliability Corp. (NERC), and federal intelligence and law-enforcement agencies to strengthen grid capabilities.
In this respect, it is important to recognize that the very elements that make a microgrid resilient can also make it vulnerable. Microgrids often include distributed energy resources (DERs), such as solar panels, that require inverters to send power to consumers or the grid. One of the key enabling features of a microgrid, in fact, is the two-way data communications among the microgrid participants and with the grid to which it is connected.
With the emergence of renewable energy sources, and the digitisation, decentralisation, and consumerisation of energy, microgrid applications are slowly moving on to the cloud. While Amazon being the leading cloud service provider, there are other competitors including Microsoft (Azure) and Google (Google Cloud Platform). While AWS cloud has been providing the tools for power and utilities companies to navigate new business models, it has been also giving the foundation to focus on delivering the best customer experience, to achieve operational and cost efficiencies while meeting demand securely and reliably, the flexibility to evolve their business model and innovate in a rapidly changing industry, and the critical business insights to transform the industry.
AWS partnered with Vector, one of the leading energy service providers in New Zealand and Australia, to jointly develop the New Energy Platform (NEP). Through this strategic alliance, Vector and AWS will leverage the breadth and depth of AWS services, including IoT, analytics, machine learning (ML), and infrastructure services, with Vector’s energy industry knowledge, plus the joint engineering capability of both organizations. GCC Microgrid, one of the prominent microgrid operators in Saudi Arabia, UAE, Kuwait, Oman and Bahrain (reference) has joined hands with AWS. To meet the growing demand for energy sources due to raise of industrialisation and population growth across GCC countries, the demand for energy storage systems has increased. The increasing demand for clean energy, and the rising instances of cyberattacks on the energy infrastructures has enormously accelerated the growth of the GCC Microgrid market.
Utility leaders recognize the growing vulnerability of their operations to cyberthreats and available intel indicates utility organizations of all sizes and types are striving to achieve higher levels of cybersecurity. Unfortunately, the threat is also growing. Microgrids designed to backup critical infrastructure and mount cyber countermeasures appear to be practical solutions to bolster security. Electric utilities, microgrid developers, and cybersecurity experts all have expertise to assist in the identification of microgrid backup measures that could provide additional levels of security for individual customers and the entire grid.