Using the Smart Grid in the Smart City and the Security issues

One of the first innovations that the proposed Smart Cities in India need to build up is an efficient way of distributing electricity so that the net cost of consumption of Electricity is reduced. The solution for this without doubt is to build a Smart Grid. A Smart Grid is a mechanism where there is an intelligent sharing of information from the  end of the consumer of electricity and using it to modify the electricity supply and usage pattern so that a balance is achieved between production and consumption.

This requirement of matching demand with supply on a real time basis arises since electricity production and consumption varies throughout the day and there are peak requirements and slack period requirements. Since power cannot be easily and economically  stored and used at different times, if we need to satisfy consumer demand, we always need to keep production matching the peak requirement and let it go waste at other times. Otherwise outages would occur when peak load is demanded and the grid cannot supply the same.

If  smart management of demand and supply is possible,  the consumers can stagger the use of electricity to match the production and suply. Also different production sources such as solar production, wind production, etc can be connected to a common grid to which the conventional production sources dump their production. Since the natural source production of electricity may depend on say the availability of Wind or Sun, there will be variation in production of such energy which needs to be balanced by the consumers being incentivised to  stagger their consumption by offering discounts on consumption when surplus power in the grid is available as against premium charged when there is a shortage.

Also if the consumers are able to produce electricity on their own by say owning solar panels on their rooftops or a single wind turbine in the farm etc., they can supply electricity to the grid during peak hours and earn premium income while consuming electricity for their own use in the off-peak hours when the prices can be at a discount. In a way the consumers will consume electricity when it is cheap on the grid and produce electricity and push it to the grid when it is expensive on the grid.  This makes a consumer become a new category of user who may be called a “Prosumer” who both produces and consumes.

These fancy ideas of a smart grid are very much within the realms of possibility even now if the electric grid architecture can be planned properly ab-initio. The architecture will require supply of electricity and exchange of data over the same power line. In other words, every electric line will carry both electricity and data which will be resolved at each end through appropriate modems. Even broadband on power lines will also be possible under the same system.

The above smart grid applications can be built and are expected to be built in the smart cities. In cities like Amaravati where the electricity lines are to be drawn from scratch, perhaps it would be easier to use the appropriate hardware to build the dual purpose electricity distribution system which can carry power and data over the same lines.

While Electrical Engineers will work on the technology required for the purpose of carrying data over power lines and software professionals build applications to process the data and use them to modify distribution etc., the cyber security professionals will be concerned about the risk of data being unauthorizedly accessed and modified. In fact, the experience of Stuxnet is too recent to be forgotten. All Smart grids will fall into the category of  critical infrastucture and will be juicy targets for Cyber terrorists and as targets during a Cyber War.

Security will therefore be a major concern for Smart Grid developers and hence this is one of the first challenges to be tackled by the Smart City Cyber Security managers.

Note that use of smart grids will immediately require a modification of electricity laws as well as redefining of many cyber crime related laws and there could be obstructions from short sighted politicians who donot understand security issues. Modification of Cyber Laws is therefore a part of the cyber security plan for smart grids or smart cities.

In designing a Cyber Security system for a smart grid, all the five aspects of data security such as Availability, Integrity, Confidentiality, Authentication and Non Repudiation will be applicable. There will be threats and vulnerabilities to be recognized and risks estimated. Controls need to be built to mitigate the risks with a very very low tolerance levels and with redundancy built in some form to tackle the inevitable security breaches.

Building security to a smart grid system after it is established would be complicated, inefficient and some times impossible. Hence planners of the Smart cities need to integrate cyber security plans when building the smart grid network itself.

It is difficult to conceive of the cyber security system for a smart grid without knowing exactly the architecture. But NIST has worked on the requirements and come up with a suggested architecture for interoperability as well as guideline for information security applicable for smart grids and perhaps it needs to be adopted to our requirement with whatever minor changes need to be made.

If these requirements are not studied now and addressed, the specifications for the hardware would be imperfect leading to delay in projects, escalation of project costs and also compromise of security for which we may have to pay a huge price some time in future.

I therefore request the CM of AP in charge of Amaravati project,  Mr Chandrababu Naidu and also the Union Power minister Mr Piyush Goyal  not to neglect the cyber security requirements of smart grids when they plan for the smart cities, and more particularly for Amaravati where work has to commence from a zero base.

Naavi

 

About Vijayashankar Na

Naavi is a veteran Cyber Law specialist in India and is presently working from Bangalore as an Information Assurance Consultant. Pioneered concepts such as ITA 2008 compliance, Naavi is also the founder of Cyber Law College, a virtual Cyber Law Education institution. He now has been focusing on the projects such as Secure Digital India and Cyber Insurance
This entry was posted in Cyber Law. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.