Documente Academic
Documente Profesional
Documente Cultură
Contents
Executive Summary.................................................................................................................................2
Overview and Importance.......................................................................................................................3
Background..............................................................................................................................................4
Smart Grid Defined..............................................................................................................................4
Strengths of the Smart Grid.................................................................................................................5
Weaknesses and Threats.....................................................................................................................6
Findings and Recommendations............................................................................................................13
Information Sharing...........................................................................................................................14
Reserve and Redundancy..................................................................................................................15
Cyber Security....................................................................................................................................16
High Impact, Low Frequency (HILF) Events........................................................................................19
Conclusion.................................................................................................................................................21
Endnotes................................................................................................................................................23
Works Cited…………………………………………………………………………………………………………………………………………..23
Grego 2
Executive Summary
The implementation of the smart grid raises questions about the security and reliability of
the new system. Everything from physical and cyber attacks, to electromagnetic pulse and solar
storms all pose potentially serious risks to a smart system. Some of these threats are present in
the current system as well and will require collaborative strategies to ensure the security of the
The following report outlines the strengths and weaknesses of the current grid and the
potential smart grid. It highlights critical risk areas that could be exploited under a smart grid
system and also analyzes the current grid with respect to these security concerns. It concludes by
outlining key findings and recommendations for the future of the smart grid and the US bulk
power system.
- Information Sharing
o Information sharing will be critical across the entities responsible for the electric
grid and should remain a priority.
- Reserve and Redundancy
o Contingency planning for an emergency should include the capability to replace
damaged equipment.
- Cyber Security
o The field of cyber security should be dealt with from every available perspective.
Diplomatic agreements, government coordination, and industry regulation should
all be used to adapt to this quickly changing field.
- High Impact, Low Frequency (HILF) Events
o Industry regulators should remain conscious of possible events with grid wide
implications. Although unlikely, these events will have to be dealt with
separately to ensure the security of the power grid.
Grego 3
the United States has significant promise to increase efficiency and reliability but also poses
system has been identified as a primary concern of all infrastructure systems as a one of North
America’s Critical Infrastructure and Key Resource systems.1 The reliable and constant supply of
electricity is not only vital to maintain the current standard of living in the United States but
almost all industry, infrastructure, information and security entities are modeled with secure
access to electricity as a given. Therefore the need for a secure electric grid contributes to almost
The current grid system, through direct government and industry regulation has been able
to meet many security challenges by virtue of its excess capacity, detailed command systems,
and transmission redundancy. Excess capacity thresholds established and regulated by the North
American Electric Reliability Corporation (NERC)2 ensure that in the event of a failure of a
major generator there is reserve capacity in other generators to meet load demands. .3 Similarly,
the current bulk power system creates a large incentive for excess capacity because as the
demand for electricity varies throughout the day more producers are brought on line to meet the
increased demand at a higher price. Many plants lie dormant until a bulk power price threshold
is reached at which time they begin to sell power. This allows the market to bear significant
1
Homeland Security Presidential Directive-7. Department of Homeland Security. December 13, 2003.
http://www.dhs.gov/xabout/laws/gc_1214597989952.shtm
2
“Reliability Standards” North American Electric Reliability Corporation Website. Accessed 4/28/2011.
http://www.nerc.com/page.php?cid=2|20
3
Ibid.
Grego 4
Regional Transmission Organizations (RTOs). This allows for executive control and support in
crisis management situations as well as prioritization of resources. Lastly, the grid has redundant
transmission and distribution routes built into it in order to incorporate the various producers and
markets. This ensures that the destruction of one line will not lead to compounding blackouts.
The smart grid also has particular strengths that can increase reliability in the current
conscious manner, to allowing for better energy storage to accommodate renewable energy
sources, to ‘self-healing’ in the event of an outage or attack and providing forensic data analysis
of lapses in reliability.4
All of these elements have great promise to increase reliability and capabilities in a smart
grid system but there are vulnerabilities that would affect the Smart Grid just as much as the
current grid. Electronic components will always be vulnerable to electro-magnetic pulse in either
system. Also, the staff required to oversee and run the grid as well as the facilities themselves are
subject to attack. And lastly, both grids rely heavily on computer monitoring and data
Background
Smart Grid Defined
The Smart Grid is a concept for integrating new technologies into the electric grid. It is
diagnostic data analysis and energy storage capabilities. The US Department of Energy (DOE)
and National Energy Technology Laboratory’s Modern Grid Strategy project along with industry
leaders have established seven characteristics and implicit goals of a smart grid.
4
“Smart Grid” Department of Energy Website Accessed 4/30/2011. http://www.oe.energy.gov/smartgrid.htm
Grego 5
Taken individually, each of these criteria yields volumes of technical data and implementation
questions. However, taken as a whole they represent a working model of the smart grid. More
directly related to cyber-security is the issue of incorporating computer analysis and digital
communication into smart grid practices. While this is implied in characteristic number seven,
the digital data collection and transmission poses unique strengths and weaknesses that affect
use real time data analysis to record and mitigate distribution and outage issues. The mountain of
data produced over time by producers, distributers and individual demand response units could
streamline production and distribution. Also, the smart grids storage technologies could not only
allow for further integration of alternative energy sources such as wind as solar, which rely on
intermittent weather patterns and therefore require storage for large scale viability.6 Lastly, smart
grid technologies have the potential for automation and self-healing processes which could ease
the load on electricity managers and regulators as well as provide a back up emergency
One risk highlighted by the North American Electric Reliability Corporation’s (NERC)
High Impact, Low Frequency (HILF) Study is that of a pandemic, which could drastically inhibit
5
“Smart Grid” Department of Energy Website Accessed 4/30/2011. http://www.oe.energy.gov/smartgrid.htm
6
Ibid.
Grego 6
the effectiveness of an actively managed grid.7 Smart grid technologies could replicate some
functions carried out by highly trained individuals in the event of such a personnel emergency.8
perspective, data and decentralized control systems could provide access points for a slew of
cyber attacks ranging from personal data liability to denial of service. However, the Smart Grid
has will still be subject to certain threats that affect the security of the current grid. These
The effect s of electromagnetic pulse on electrical systems has been well known and
documented since the early 20th century. However, recent research has revealed new elements
and dangers to particular systems associated with the electric grid. In particular, unprotected
wires in command and control centers which are used for data rather than transmission have been
showed to be vulnerable to electro-magnetic pulse.9 This vulnerability exits in the current the
grid and will likely only be compounded in the Smart Grid with additional monitoring devices in
the system. The nature of the threat detailed below illustrates the potentially devastating effects
7
“High-Impact, Low Frequency Event Risk to the North American Bulk Power System” North American Electric
Reliability Corporation. June 2010. http://www.nerc.com/files/HILF.pdf p. 2.
8
“Smart Grid” US Department of Energy Website. http://www.oe.energy.gov/smartgrid.htm
9
“High-Impact, Low Frequency Event Risk to the North American Bulk Power System” North American Electric
Reliability Corporation. Pp 61-72.
Grego 7
Geomagnetic Disturbance (GMD) is caused by solar storms and the associated inflections
in the polarized electromagnetic field of the earth.10 This disturbance creates geomagnetically
On March 13th, 1989 a severe geomagnetic event took place focusing around Quebec
Canada. At 2:44 AM it caused the shutdown of the entire Quebec grid and the loss of almost
10,000MW of generation. The approximate strength of the storm, measured in nT/min was about
500nT/min and had damaged transformers as far away as New Jersey.
What is most concerning about the 1989 storm was how a majority of the damage occurred
on equipment associated with 735kv transmission grid as opposed to the smaller distribution grid.
The storm created a 15% asymmetry in load on the grid and quickly overloaded transformers before
they could be taken off the grid.
These currents have the potential to overload transformers and compensators in large scale
electrical systems causing hardware damage and transmission outages.12 Significantly, high
10
“High-Impact, Low Frequency Event Risk to the North American Bulk Power System” North American Electric
Reliability Corporation. p. 61
11
Ibid.
12
“High-Impact, Low Frequency Event Risk to the North American Bulk Power System” North American Electric
Reliability Corporation. Pp 62-65.
Grego 8
voltage transmission lines are less resistant proportionately to GIC compared to lower voltage
lines.13 The larger voltages and capacities of these lines also serve to concentrate GIC more
effectively over space and increase the likelihood of transformer overload on the grid.14
Since GMD occurrences are forces of nature and completely unavoidable, protection
efforts in this category should focus on three critical steps; detection, preparation and mitigation,
and recovery/restoration. By detecting geomagnetic storms early enough, some actions could be
taken to prevent a cascading failure of key components of the grid. Solar storms, take mere
minutes to reach the earth however, with training and preparation this could be enough time to
isolate and protect key areas of the grid.15 Next, proper insulation and shielding of critical control
components and facilities should be incorporated to disperse the effects of the storm. And lastly,
any transformer, transmission line, or facility should have reconstruction and replacements plans
emitted by GMD. Since HEMP weapons would require advanced nuclear weapon designs and
sophisticated delivery and targeting systems, they could likely be traced to their perpetrator and
their use deterred in the same manner as deterrence more generally. A HEMP weapon would
appear completely infeasible by any non-state group. Also, the actual effects on the greater
electric infrastructure of the US have been debated as different levels of mitigation to GMD
events already are in place. However, while further insulation and shielding standards could
effectively mitigate both GMD and HEMP occurrences, unique policy to the threat of HEMP
13
Ibid. pp 69-73.
14
Ibid.
15
Ibid. p. 19.
Case Study: Tres Amigas – A compound vulnerability Grego 9
The Tres Amigas Superstation is a proposed bridge between the three independent
power grid in the US; the Western, Eastern, and Texas interconnections. The facility would be
constructed near the Texas-New Mexico border and would allow for power transfers across all
three grids.
Source: http://www.tresamigasllc.com/about-overview.php
It would rely on new large capacity transmissions lines linking all three grids in one
location. As illustrated, these large capacity lines can concentrate and transfer geomagnetically
induced current which can knock out transformers and transmission infrastructure. Any project
that calls for these large transmission lines will require a close examination of insulation
techniques to ensure it can withstand feasible amount of GMD. Also, a combined facility such as
this would be an appealing target to a traditional or cyber attack, which merits enhanced security
should be the focus of international policy. A focus on prevention, deterrence, and detection
Large scale kinetic attack threats have existed as long as production facilities and
transmissions lined have comprised the grid. An effective attack on one or more facilities could
potentially knock out production capacity and transmission reach. Due to the physical
restrictions of electricity distribution, a smart grid would most likely have similar vulnerabilities.
Grego 10
The same security standards in place today should suffice for the physical security of smart grid
assets. In actuality, a responsive smart grid would by definition be able to respond more
vulnerabilities in the information sharing, transmission, and processing inherent in the smart grid
could raise new vulnerabilities. NERC has highlighted eight unique capabilities of cyber attacks
that could potentially be used against a smart grid: Distributed Denial of Service (DDOS) Attack
—attackers flood network resources to render physical systems unavailable or less than fully
16
“Smart Grid” US Department of Energy Website. http://www.oe.energy.gov/smartgrid.htm
17
“High-Impact, Low Frequency Event Risk to the North American Bulk Power System” North American Electric
Reliability Corporation. P. 29
Grego 11
An attack which used a variety of these methods could pose a serious threat. Even a coordinated
As discussed, cyber vulnerabilities can take on many forms and many motivations. Two
recent prominent events have highlighted the need for a dynamic cyber security strategy for the
safety of the smart grid.
First, Stuxnet was a computer worm that infiltrated and infected uranium enrichment
facilities in Iran. It targeted Supervisory Control and Data Acquisition (SCADA) used by the
Siemens hardware and resulted in the destruction of centrifuges and large set back to the Iranian
nuclear program.
Second, on April 20, 2011 the private network used by Sony’s Playstation gamers was
hacked by what appears to an individual or small group. This was not a common Denial of
Service attack designed to shut down a system, rather it was a sophisticated infiltration of the
network’s secured information that may have resulted in the leak of user credit card
information, addresses, etc.
These two separate reflect the diversity of the challenges of cyber security. Stuxnet was
state-run operation with clear political aims while the Playstation hack seems to be contributable
to a small motivated group. These both illustrate the diverse types of cyber threats that exist and
stress the importance of a flexible security plan for both the individual consumer and the grid as
a whole.
denial of service attack could potentially create load asymmetries in the grid to disrupt or
interrupt service. 18
The field of cyber security is quickly changing and relatively new. Data heavy industries
such as banking and finance have implemented secure data servers and protocols to ensure
connections. Given the consolidated nature of the grid compared to the spread out and
decentralized structure of these other industries it is likely that the Smart Grid may be able to
secure its data as good as if not better then these other industries.
18
“High-Impact, Low Frequency Event Risk to the North American Bulk Power System” North American Electric
Reliability Corporation. P. 29
Grego 12
The last vulnerability posed by smart grid implementation pertains to individuals and
customer data. NERC’s research has focused on the threat of pandemics. However targeted
attacks on personnel have a just as much power to affect to the security of today’s grid as well as
the smart grid. Any shortage of the already limited staffing of electric grid coordinators and
engineers could drastically hinder the effectiveness of the over 1,800 separate entities that make
Therefore, essential personnel records and strategies should be developed to ensure that
critical individuals are given precedence for evacuations, vaccinations, and emergency
notification as NERC suggests20 but additional physical security, resources, and background
checks should be allocated for people with significant influence in the system to protect them
Also, the implementation of the smart grid poses security concerns for the private
consumer as well. Separate from the macro-level grid oriented attacks of denial of service attacks
and like, personal data recorded on the smart grid could be accessed by unauthorized people if it
is not secured properly. It has been theorized that simple demand-response data could also reveal
personal data to criminals pertaining to anything from the time people leave their homes,
systems and utility providers become a primary concern of smart grid implementation. Also,
compartmentalization of this data should be utilized to ensure that hole in one small area remains
confined to a limited area and a widespread connection patterns vary in encryption patterns and
purposes. Lastly, isolation of Supervisory Control and Data Acquisition (SCADA) should be
19
“High-Impact, Low Frequency Event Risk to the North American Bulk Power System” North American Electric
Reliability Corporation. p. 23.
20
Ibid. pp 46-51.
Grego 13
isolated from internet servers as much as possible and the possibility of a separate secured
network along the lines of the Departments of Defense’s Secure Internet Protocol Router
Network (SIPRnet) should be considered and investigated for large scale and inter-grid
information transmission.
better than the current grid in dealing with the threats detailed above. As it stands, the present
grid is vulnerable to all the threats covered in this report just as the smart grid would be. The key
areas in which the security of the smart grid differs however is in cyber security for consumers
because the current grid already relies heavily on secure communications to function, and the
further expansion of high capacity transmission lines exemplified by the Tres Amigas project.
Either way, the recommendations listed below would enhance the security of the current grid and
- Information Sharing
o The US DOE, NERC, and FERC should work with their Canadian counterparts to
ensure a framework for the creation of cooperative research and standards.
o The US DOE and FERC should work with NOAA and NASA to create a grid wide
warning system for geo-magnetic spikes and other atmospheric events in line
with FERC’s recommendation.
- Reserve and Redundancy
o FERC should implement the spare parts database in line with the findings of their
task force.
- Cyber Security
o The US DOE should submit to congress an initiative to commit to an international
definition of cyber attack, crime, and war.
o The US DOE should attempt to target a portion of Smart Grid stimulus grants to
offset security costs in the development of new technology.
o NERC should work with industry leaders to create a best practices forum for the
purpose of pooling collected knowledge on massive data encryption.
- High Impact, Low Frequency (HILF) Events
o NERC should work with industry leaders to create a best practices forum for the
purpose of pooling collected knowledge on massive data encryption.
Grego 14
Information Sharing
The US DOE, NERC, and FERC should work with their Canadian counterparts to
ensure a framework for the creation of cooperative research and standards.
Securing the smart grid will require pooled knowledge and experience from government,
industry, and private technology firms. Therefore it is imperative that the US DOE, its Canadian
counterpart, and industry leaders have a means to cooperate and coordinate on research and
Among other benefits of this combined effort superior encryption techniques, enhanced
security software, and better smart meters could be developed by private research firms. The
smart grid will be more dependent on dispersed control elements than the current system,
exacerbating issues of interoperability. The electric industry as a whole will have to establish its
own system of interoperability standards, but government should also play a monitoring role to
The US DOE and FERC should work with NOAA and NASA to create a grid wide
warning system for geo-magnetic spikes and other atmospheric events in line with
FERC’s recommendation.
To respond to major system wide threats such as GMD, HEMP, and combined Kinetic
and Cyber attacks the smart grid will have to rely on fast and accurate detection mechanisms in
order to ensure the protection of as many key components as possible. Rapid dissemination of
changing atmospheric conditions and problem outages could effectively reduce the impact of
21
“High-Impact, Low Frequency Event Risk to the North American Bulk Power System” North American Electric
Reliability Corporation. pp. 18-19
Grego 15
Therefore, the US and its Canadian partners should establish a system of information
sharing and dissemination between organizations with pertinent perspectives over threats to the
electric system. Most notably in the US this would encompass the Department of Defense,
Department of Homeland Security, and the Department of Energy concerning domestic kinetic
and cyber threats and National Aeronautics and Space Association (NASA) and National
Oceanic and Atmospheric Administration (NOAA) concerning GMD and HEMP threats.
Given the two governments interconnected grids, similar incentive for cooperation, and
diplomatic ties, it would be beneficial to the security of the entire North American grid to have
both governments and their grid monitoring bodies working together to ensure a rapid system of
Further, interagency alarm systems should be established similar to those in Quebec after
the GMD storm of 198922 to ensure immediate notification and action throughout the entire
affected area that can be triggered from central monitoring agencies (NOAA) to further establish
breakdowns in the grid can and will happen eventually. A catastrophic GMD event will be
impossible to prevent or completely shield the grid from and outages and unscheduled equipment
failures happen even when all due care is taken to prevent them.
It is therefore necessary that critical replacement components are available to deal with
crises in the grid. NERC’s recommendation of reopening the Spare Parts Database which
22
“High-Impact, Low Frequency Event Risk to the North American Bulk Power System” North American Electric
Reliability Corporation. pp. 62-65.
Grego 16
provided grid distributing bodies a central database of all reserve components nationwide23
should be carried out. This would allow a critically damaged area to benefit from the stocks of an
Many of the major components in the grid, transformers, static var compensators, etc.
have replacement times ranging between 1 to 2 years and for many of them there is little or no
capacity for producing them domestically.24 While it may be uneconomical to push for the
opening of new production plants as NERC suggests25 the industry should be pushed to enforce
Cyber Security
The US DOE should submit to congress an initiative to commit to an
international definition of cyber attack, crime, and war.
The field of cyber security is evolving rapidly. With new areas and issues a dialogue is
often needed to standardize discussions and negotiations in order to create transparency and
what constitutes cyber war, a cyber crime, and a cyber attack. This differentiation would aid
policy makers but it would also empower domestic security bodies to deal with each of these
threats in varying degrees of magnitude. Since cyber attacks are difficult to trace and analyze, a
framework for differentiating different cyber threats would give the public and decision makers a
23
“Spare Parts Database Task Force.” North American Reliability Corporation Website. Accessed 4/20/2011.
http://www.nerc.com/docs/pc/sedtf/PC-SEDTF_Sep_2010_Scope_v7.pdf
24
“High-Impact, Low Frequency Event Risk to the North American Bulk Power System” North American Electric
Reliability Corporation. p. 98
25
Ibid.
26
Ibid.
Grego 17
For example, a cyber crime would likely deal with personal information loss or
demographic data. A cyber attack would possibly be a worm or virus attack at a specific plant.
And lastly, cyber war would be a coordinated attack against grid level systems at such a
magnitude that it would have needed the support of a country or state government. (See Stuxnet
However, from a security perspective this means that breach in security at the lowest level
It is therefore necessary that standards are created to compartmentalize the data screen
and encrypt it differently at every level to ensure that data remains secures. Essentially, this
means data sent from a home would first be collected on a municipal level, encrypted and send to
a higher county wide collection point or substation, and then encrypted again for the next level
up and so on.
Encryption is almost a ubiquitous process in the internet age. Everything from email to
practices layered on top of each other have the potential for miscommunication and overlap.
Therefore, the coordinating bodies of the North American electric grid and the US and Canadian
governments should investigate different information collection techniques for smart grid
27
Robert McMillan (16 September 2010). "Siemens: Stuxnet worm hit industrial systems". Computerworld.
Accessed 4/24/2011/.
http://www.computerworld.com/s/article/print/9185419/Siemens_Stuxnet_worm_hit_industrial_systems?
taxonomyName=Network+Security&taxonomyId=142
28
Thomas, Keir. “Sony Makes it Official: Playstation Network Got Hacked.” PC World. 4/23/2011. Accessed
5/1/2011. http://www.pcworld.com/article/226128/sony_makes_it_official_playstation_network_hacked.html
Grego 18
Also, isolation of Supervisory Control and Data Acquisition (SCADA) should be isolated
from internet servers as much as possible and the possibility of a separate secured network along
the lines of the Departments of Defense’s Secure Internet Protocol Router Network (SIPRnet)
should be considered and investigated for large scale and inter-grid information transmission.
The US DOE should attempt to target a portion of Smart Grid stimulus grants to
offset security costs in the development of new technology.
Much of smart grid implementation is based on efficiency and cost-effectiveness. These
new technologies are competing with old ones to show that over the long run, an investment in
the smart grid technologies will pay off for individuals and governments alike. However, this
cost restraint has led to a reduction in research and development of security measures in smart
Effectively, the elements that make smart grid technologies so appealing (information
sharing, real time feedback, etc.) have also posed security risks whose mitigation requires
Because smart grid technologies with substandard security measures are already on the
market, the US government should mandate information security standards on all electric grid
products and should allocate a portion of the current smart grid subsidies to offsetting the
research and development costs of producers of smart grid technologies in order to ensure they
are safe and competitive at the same time. This would ensure that new smart grid products, like
various smart meters, would meet the highest level of security needed without inflating the costs
NERC should work with industry leaders to create a best practices forum for the
purpose of pooling collected knowledge on massive data encryption.
29
Hathaway, Melissa. “Power Hackers: The US Smart Grid is Shaping up to be Dangerously Insecure.” Scientific
American. 10/5/2011. Accessed 4/5/2011. http://www.scientificamerican.com/article.cfm?id=power-hackers
Grego 19
The smart grid will rely on millions of data transfers everyday to function the way it has
promised to. Each one can be potentially used against the grid or its customers by malignant
actors. However, hope lies in the fact that other industries have incorporated data exchange
The current banking and securities exchange systems in the US transmits mountains of
data, both numerical and personal across different entities and businesses everyday with
relatively few incidents of electronic breaches in security.30 The same security measures that
have worked for years for banks could also work for the smart grid.
The US DOE should work with electric industry leaders and the leaders of industries
which have already implemented significant data transfer systems to facilitate discussion,
cooperation, and dissemination of best practices between industry leaders to ensure that the
transfer of data over the smart grid is as secure as the transfer of data between people’s bank
accounts.
smart grid will be somewhat vulnerable to unlikely but possible events that would require grid
wide mitigation strategies. This makes funding an issue for countermeasures to HILF events
decreased affecting the numbers of engineers experienced enough to run the system. . The smart
30
“Cyber Security for the Banking and Finance Sector.” Wiley Handbook of Science and Technology for Homeland
Security, Edited by John G. Voeller. John Wiley & Sons, Inc. 2008. Accessed 4/12/2011.
http://www.fsround.org/hyperlink/hhs460.pdf
Grego 20
grid could drastically reduce the risk associated with this shortage through levels of automation
The US DOE should ensure that all automated functions of the smart grid have manual
oversight and override functions. But in an emergency situation when the managers of these
systems become compromised, the US DOE should ensure that there are automated measures in
or HEMP event. NERC research has shown that major transmission and distribution lines are
effectively resistant to induced current.31 However, many common components used in command
and control centers such as computer and control board wiring do not have the shielding and
The smart grid compounds this issue because the command and control functions would
be expanded to include data centers and more advanced smart monitoring systems. Now an
induced current would have a much greater effect on these more diverse systems simply through
The US DOE and industry leaders should examine the shielding methods used across the
industry for current command and control centers as well as developing smart grid technologies
in order to ensure that critical components could survive or could be quickly repaired or replaced
31
“High-Impact, Low Frequency Event Risk to the North American Bulk Power System” North American Electric
Reliability Corporation. pp. 61-73
32
Ibid. pp. 79-93
Grego 21
Possibly the most critical element of HILF preparation will be universal contingency
training on a grid wide scale. It is unlikely that a HILF event will only affect one regional
transmission organization or a handful of producers. HILF events will produce large regional,
trans-regional, or grid wide effects that cannot be mitigated by one operating entity.
Therefore the US DOE should mandate grid wide contingency planning and emergency
drills that incorporate every level from production, transmission, and distribution. These drills
should occur on a yearly basis and proper contingency instructions should be distributed to all
concerned entities.
As the smart grid continues to develop these drills will become ever more important to
test and assess the capabilities of the ‘self-healing’ smart grid. They could be effectively used to
determine the best products and practices moving forward and could supply important data about
Conclusion
The implementation of the smart grid has significant potential to increase the efficiency
and security of the electric grid in the United States. However, if done improperly or hastily this
transition could leave the US electric grid more vulnerable to cyber infiltration, physical attack,
The findings and recommendations outlined above will only serve to alleviate some of
the concerns regarding the smart grid and are by no measure an exhaustive or authoritative list.
Rather, in such a rapidly changing field constant reevaluation and adjustment will have to be
By focusing on four critical areas of policy, information sharing, reserve and redundancy,
cyber security, and the possibility of HILF events, the US government and key decision makers
will be better equipped to deal with policy and public concern over the smart grid.
Most Americans will be blind to the changes made in the smart grid as well they should.
The current system has supplied reliable electricity to homes and businesses for almost a century.
The success of the current grid raises the expectations and narrows the acceptance of growing
pains of the smart grid system. However, to move effectively into the new era of energy
management security and reliability must remain a focus of the electric sector.
Grego 23
Endnotes
i
1). Quebec 1989 case study cited from: “High-Impact, Low Frequency Event Risk to the North American Bulk
Power System” North American Electric Reliability Corporation. pp. 61-73
2) Tres Amigas Case Study cited from: “Overview of Tres Amigas.” Tres Amigas LLC website.
http://www.tresamigasllc.com/about-overview.php. Accessed 5/2/2011.
Thomas, Keir. “Sony Makes it Official: Playstation Network Got Hacked.” PC World. 4/23/2011. Accessed
5/1/2011. http://www.pcworld.com/article/226128/sony_makes_it_official_playstation_network_hacked.html
Works Cited
“Cyber Security for the Banking and Finance Sector.” Wiley Handbook of Science and Technology for Homeland
Security, Edited by John G. Voeller. John Wiley & Sons, Inc. 2008. Accessed 4/12/2011.
http://www.fsround.org/hyperlink/hhs460.pdf
Hathaway, Melissa. “Power Hackers: The US Smart Grid is Shaping up to be Dangerously Insecure.” Scientific
American. 10/5/2011. Accessed 4/5/2011. http://www.scientificamerican.com /article.cfm?id=power-hackers
“High-Impact, Low Frequency Event Risk to the North American Bulk Power System” North American Electric
Reliability Corporation. June 2010. http://www.nerc.com/files/HILF.pdf p. 2.
Homeland Security Presidential Directive-7. Department of Homeland Security. December 13, 2003.
http://www.dhs.gov/xabout/laws/gc_1214597989952.shtm
McMillan, Robert "Siemens: Stuxnet worm hit industrial systems". Computerworld. 9/16/2010. Accessed
4/24/2011/. http://www.computerworld.com/s/article/print/9185419/Siemens_Stuxnet_worm_
hit_industrial_systems?taxonomyName=Network+Security&taxonomyId=142
“Reliability Standards” North American Electric Reliability Corporation Website. Accessed 4/28/2011.
http://www.nerc.com/page.php?cid=2|20
“Smart Grid” Department of Energy Website Accessed 4/30/2011. http://www.oe.energy. gov/ smartgrid.htm
“Spare Parts Database Task Force.” North American Reliability Corporation Website. Accessd 4/20/2011.
http://www.nerc.com/docs/pc/sedtf/PC-SEDTF_Sep_2010_Scope_v7.pdf
Thomas, Keir. “Sony Makes it Official: Playstation Network Got Hacked.” PC World. 4/23/2011. Accessed
5/1/2011. http://www.pcworld.com/article/226128/sony_makes_it_official_playstation_net
work_hacked.html