Cybersecurity Research on Future Energy Systems

Charalambos Konstantinou By Charalambos Konstantinou, Assistant Professor of Electrical and Computer Engineering, Florida State University

In modern power systems with Innovative Smart Grid Technologies, a diverse set of technologies, machines, instrumentation, and architectures are integrated together. This complexity makes the science of determining the most effective strategies to make energy infrastructure secure and attack-resilient rather challenging. The fact that physical dynamics of grid infrastructure networks can be manipulated through cyber means is good on the one hand as it stipulates enhanced monitoring and efficient control, but on the other hand raises new threat channels against which the overall system needs to be secured. Thus, there is an inevitable need to enhance the robustness and resilience of power grid critical infrastructure network against any disruptive scenarios, including cyber-attacks and malicious intrusions. In the IEEE 12th Conference on Innovative Smart Grid Technologies from February 16 to 18, 2021, the theme of “Technology Solutions for an Evolving Grid” is also reflected in the paper submissions with a good variety of works focusing on the ongoing cybersecurity research on future energy systems. The following is a sampling of the different cybersecurity areas touched by this year’s research in an effort to explore concepts and approaches to make the power grid infrastructure and other interdependent systems and networks more resilient against disruptions and attacks.

Distributed Energy Resources (DERs): It is of paramount importance to develop resilient and operational-secure strategy methods for electric grid applications considering the renewable future of the energy sector. Despite the rise of renewable energy generation providing “greener” energy, in recent years the shift towards DERs allows for economically dispatchable power and improved control over the on-site generation. DERs also provide data exchange between utilities and DERs, or aggregators, for timely and automated management of DER capabilities. The supported communication infrastructure for the DER asset control expands the power system threat surface and introduces cybersecurity risks.

Substations Assets: The US electrical power grid consists of over $1 trillion worth of assets which are responsible for the reliable and continuous supply of electricity. Key substation assets include transformers, circuit breakers, instrument transformers (CTs, PTs, CCVTs) and Intelligent Electronic Device (Relays, PMU, DFRs). The security of such cyber-physical assets can minimize the risk related to objective functions that capture reliability, failure, and safety metrics while at the same time provide a significant contribution to improve the return on investment of cybersecurity-related strategies.

Communication Infrastructure: The technological dimensions that characterize modern energy systems are electricity grids and the information and communication networks that can contribute to the development of intelligent energy systems and support clean energy (e.g., electric vehicles, energy-efficient buildings, etc.). Over the past fifty years, the information and communication technology of energy systems was hosted on dedicated infrastructure rendered it resistant to cyber threats. This has changed over the past decades, as cost pressures are dictating convergence of conventional information technologies (IT) with industrial grid systems, contributing towards the utilization of communication infrastructure and network protocols to facilitate integration and control of energy resources. At the same time, networked energy systems co-exist and co-evolve with other interdependent systems such as water, transport, and food production systems. Consequently, the energy infrastructure has become increasingly exposed, either by direct connection to the Internet, or through utility IT systems interfaces.

State Estimation: Due to the complexity and interconnections within cyber-physical energy systems, many attacks use a multi- layer threat model, targeting one or multiple layers of the grid infrastructure. The goal of the attacker, in most cases, is to force the system to be in the wrong operational state by strategically corrupting selected process measurements. This misleads the underlying control algorithms, which rely on the process measurements, into steering the system to the wrong state desired by the attacker. The secure and resilient state estimation has attracted significant attention of the ongoing smart grid research as data integrity attacks can maliciously alter system operation via affecting the integrity of either the system’s measurements (e.g., current, voltage, power, or status measurements) or the system’s controls (e.g., power set-points or status control changes, etc.).

From assets to energy resources to communication technologies, this year’s conference puts cybersecurity of the power system at the heart of the modernization challenges, demonstrating that ongoing research on the cybersecurity of future energy systems will contribute towards developing a resilient electric grid immune to cyber-attacks while ensuring that the new technologies will be used safely and effectively by operators and end-users.