Protecting smart systems against cyber threats.
Henry S. (Hank) Kenchington is deputy assistant secretary at the U.S. Department of Energy’s Office of Electricity Delivery and Energy Reliability. Carol Hawk is a program manager in the office. Darren R. Highfill is founder of UtiliSec, an independent utility security consultancy. Jack Eisenhauer is president and CEO of consulting firm Nexight Group LLC, and Lindsay Kishter is a communications specialist with the firm. This is the first of a two-part article edited from the authors’ report, Cyber Security for the Smart Grid, scheduled for publication on Fortnightly.com (www.Fortnightly.com/whitepapers.cfm). The second part will be published in Fortnightly’s August 2011 issue.
The electric sector has steadily expanded the use of electronic controls and automation technologies during recent decades. But the widespread implementation of smart grid technologies will mark a notable shift in the U.S. electric grid, changing the way it operates, communicates, and ultimately delivers power. Millions of digital devices interconnected through complex public and private communication networks will collect a large amount of data to better understand the behavior of the power grid, enable greater automation to reduce system outages, improve system efficiency and resilience, and provide information for customers to better manage their electricity use. But these benefits will also be accompanied by a host of new cyber security challenges. Of the seven smart grid domains—as defined by the National Institute of Standards & Technology (NIST)1 (See Figure 1)—the transmission, distribution, and customer realms will see the greatest changes.