You are on page 1of 2

1

Smart Grid Security, Privacy, and Resilient Architectures: Opportunities and Challenges
S. Massoud Amin, University of Minnesota (email: amin@umn.edu)

AbstractAny complex dynamic infrastructure network typically has many layers, decision-making units and is vulnerable to various types of disturbances. Cyber connectivity has increased the complexity of the control systems and facilities it is intended to safely and reliably control. Thus, in order to defend electric infrastructure against the impacts of cyber-physical attacks, signicant challenges must be overcome before extensive deployment and implementation of smart grid technologies can begin. Cyber security and interoperability are two of the key challenges of the smart grid transformation. As for security, it must be built-in as part of its design and NOT glued on as afterthought. Regarding recent cyber threat reports, it is fundamental to separate hype from the truth. What is most concerning about such reports is mainly one piece from an early article: The response to the alert was mixed. An audit of 30 utility companies that received the alert showed that only seven were in full compliance, although all of the audited companies had taken some precautions. This is the reality that needs to be addressed. A key challenge is to enable secure and very high-condence sensing, communications, and control of a heterogeneous, widely dispersed, yet globally interconnected system. It is even more complex and difcult to control it for optimal efciency and maximum benet to the ultimate consumers while still allowing all its business components to compete fairly and freely. In the electric power industry and other critical infrastructures, new ways are being sought to improve network efciency by eliminating congestion problems without seriously diminishing reliability and security. Effective, intelligent, hierarchically distributed control is required within a layered defense architecture that would enable parts of the networks to remain operational and even automatically recongure in the event of local failures or threats of failure. Sensing, communication and control systems are needed across broad temporal, geographical, and industry scalesfrom devices to power-system-wide, from fuel sources to consumers, from utility pricing to demand response, and so on. With increased deployment of feedback and communication, opportunities arise for reducing consumption, for better exploiting renewable sources, and for increasing the reliability and performance of the transmission and distribution networks. At the same time, however, closing loops where they have never been closed before, across multiple temporal and spatial scales, creates control challenges as well. Societal and governmental visions for the smart grid will require the engagement of the controls community for their realization. Feedback, optimization, estimation, dynamics, stability... these and other control system concepts are core to smart grid technology. In many ways, the smart grid is a control problem! Another major strategic goal is to enable real-time demand management and responseto make is possible for customers to modify consumption in reaction to hourly changes in electricity prices and availability. We see inexpensive but advanced two-way secure wireless communications as essential: Dynamic modeling of energy ows, their optimization and control depend on the availability of trustworthy data streams from sensors and monitors distributed throughout the electricity delivery system, for example on power lines and local distribution transformers.

Drawing on those inputs and the even more ubiquitous data transmitted securely and wirelessly from substations, operations engineers will be able to spot potential problems and make adjustments before problems arise. As these systems are put in place, they will provide the opportunity to investigate the whole range of issues that arise in connection with the smart grid, from hybrid vehicle integration and electricity market design to system automation and security. If the smart grid is to fulll its promise, it needs to be not just more efcient but also more robust that our current power systems (which are by no means dumb), both self-healing and highly resistant to attack. Thus, we have developed and assessed a novel cyber-physical security attack detection-framework that is distributed, agentbased, automated, self-conguring and self-tuning, scalable, and lightweight with respect to computational and communications resources being required. Cyber-agents include trafc analyzers, content analyzers, physical-system signals analyzers (such as an agent inspecting voltage, current, rates of change, frequency signals of power lines), and user-behavior analyzers. No matter how many layers of security or the degree of sophistication used in defense mechanisms, it will be essential that the industry hire qualied people. Research ndings suggest that human and organizational factors do affect computer and information security performance in a multi-layered fashion. Often vulnerabilities are not the result of a single mistake or conguration error, but numerous latent organizational conditions, such as management support and decisions made by designers that combine to create scenarios where failures and vulnerabilities may occur. In many complex networks, the human participants themselves are both the most susceptible to failure and the most adaptable in the management of recovery. We also are currently investigating the potential savings for groups of distribution customers that are served by backup energy storage systems during a time of outage, using a sophisticated cost model recently developed at Lawrence Berkeley Laboratory. Enabled by remote load controllers, intelligent load shedding can be implemented on the legacy distribution systems or in microgrids to prioritize emergency power service to critical or high cost-of-outage loads. Taken as a whole, the University of Minnesota smart grid program will provide opportunities to develop, test and demonstrate innovative distribution technologies at all scales: smart room, smart home, and smart microgrids. That is, if successful in all its dimensions, what we have dubbed our smart grid sandbox could be the model for regional distribution systems that are interactive, self-correcting and self-defending. That is, once the smart grid concept has been stress-assessed from micro to macro, stakeholders will be able to see the way forward toward implementing it nationwide.

978-1-4673-2729-9/12/$31.00 2012 IEEE

S. Massoud Amin S. Massoud Amin, chairman of the IEEE smart grid newsletter and a fellow of ASME, holds the Honeywell/H.W. Sweatt Chair in Technological Leadership at the University of Minnesota. He directs the universitys Technological Leadership Institute (TLI), is a University Distinguished Teaching Professor and professor of electrical and computer engineering. He received the B.S. degree with honors and the M.S. degree in electrical and computer engineering from the University of MassachusettsAmherst, and the M.S. degree and the D.Sc. degree in systems science and mathematics from Washington University in St. Louis, Missouri. Prof. Amin is the author of over 200 peer-reviewed manuscripts and has received numerous national and international recognition and awards for leadership and excellence in R&D and education. Before joining the university in 2003, he held positions of increasing responsibility at the Electric Power Research Institute (EPRI) in Palo Alto. After tragic events of 9/11, he directed all EPRIs Infrastructure Security R&D and served as area manager for Security, Grid Operations/Planning, and Energy Markets. Prior to that, he served as manager of mathematics and information sciences, where he led the development of more than 24 technologies that transferred to industry, and pioneered R&D in self-healing infrastructures and smart grids, and twice received the Chauncey Award, The Institutes highest honor. For more information, please see http://umn.edu/amin