Researchers call for 'healthcheck' metrics to protect the smart grid

February 13, 2017 // By Nick Flaherty
Researchers at Michigan Technical University (MTU) in the US are calling for standard metrics to measure the health of smart grid power networks in a bid to improve cybersecurity.

Threats from hackers now means that the reliability of the electricity grid has to include both physical security and cybersecurity. Threats to either can trigger instability, leading to blackouts and economic losses.

The MTU researchers looked at "nightmare" scenarios where hackers exploit security weaknesses and execute a disruptive plan of cyberattacks. The problem is the gap in security between physical equipment and software, says Chee-Wooi Ten, associate professor of electrical and computer engineering.

Smart meters in homes, management systems for distributed energy resources like wind and solar production along with instrumentation systems in power plants, substations or control centres create both improvements in monitoring and entry points for hackers. "Ten years ago, cybersecurity simply didn't exist, it wasn't talked about and it wasn't a problem," said Ten, pointing out that people thought he was crazy for suggesting power grid hacking was possible. "Now hackers can plan for a cyberattack that can cause larger power outages and people are starting to grasp the severity of the problem."

Ten points out that hackers target specific parts of the control network of power infrastructure and they focus on the mechanisms that control it. Automated systems control much of the grid from generation to transmission to use. As Ten puts it, the convenience and cost reduction of automation streamlines the process, but without solid security measures, it also makes the systems vulnerable. The interconnectedness of the grid can also cause cascading impacts leading to blackouts, equipment failure and islanding where regions become cut off and isolated from the main power grid.

Ten and his team draw connections and assess weaknesses using a framework that would constantly assess the bottleneck of a power grid and its interconnection with their neighboring grids. Using quantitative methods to prioritize cybersecurity protection will ensure power grids are operated in a more secure and safer manner. Ten says it's like measuring blood pressure. "You know your