Technology Today

2011 Issue 1

Cyber Risk Management in Electric Utility Smart Grids

Critical infrastructures are the basic facilities, services and utilities needed for the continued functioning of society. A short list includes electrical power generation and distribution systems (the grid), telecommunications, manufacturing, transportation, water and wastewater, and government. Electric power is vital for all other services and utilities to function; without it, societal order would be severely disrupted. The aging U.S. electric infrastructure and the rise in electric power consumption are factors driving utility industry and government experts to examine the reliability and vulnerabilities of the nation's electrical grid.

The electric power grid within the U.S. is a complex network of thousands of tightly coupled power plants, transmission and distribution elements. For clarity, Figure 1 shows a simplified representation of the power grid that delivers electrical power from a generating station to homes and businesses. Much of the technology in use today is more than 30 years old, and there remains a high reliance on last century's programmable logic controllers and electromechanical control systems, which were designed with little concern for protection from malicious cyberattack. As the electric power industry moves to modernize the grid, new cybernetworks for operational monitoring and control are being installed.

Supervisory control and data acquisition (SCADA) systems, introduced in the 1980s, are computerized systems that automate management of industrial systems and are found in all sectors of business and industry. They improve control efficiency through distributed monitoring and regulation of field operations. Many SCADA systems utilize the Internet or non-secure radio links to maintain control networks between substations and central offices and are interconnected to corporate local area networks (LAN). However, the utilization of non-secure field communications and corporate LAN interconnectivity introduces new vulnerabilities to cyberattack.

Figure 1. This simplified representation shows the major elements of a power system that are vulnerable to cyberattack. Source: United States Department of Energy.

The smart grid integrates information technology with the existing electrical power infrastructure to improve management of society's energy needs. One can view a smart grid as an "energy Internet," not only providing energy, but also providing real-time information and automated control of energy systems that promise improved energy reliability. The benefits of a smart grid are seen by government and industry as desirable and necessary. However, the technological improvements of the smart grid bring additional cyber vulnerabilities that are proving costly and technologically challenging to address.

The Federal Energy Regulatory Commission (FERC) and National Institute of Science and Technology (NIST) have recently mandated regulations and guidelines for smart grid cybersecurity strategy, architecture and high-level critical infrastructure protection. Compliance with these requirements is mandatory. However, the high cost and effort needed for compliance have hampered adoption.

There are some additional technical challenges posed by the move to a smart grid. Legacy control and monitoring systems were developed using proprietary control system equipment, software and unsecure communication systems, some of which are no longer supported. SCADA engineers who are developing replacement systems are adopting open-source operating systems and communication protocols, resulting in systems that may be more vulnerable to cyberattack.

Next-Generation SCADA

The future smart grid requires new and innovative technology to accomplish the vision of regulators and industry. The objective is to develop and demonstrate autonomic technology that will enhance utilization of available smart grid assets and reduce disturbance frequencies and durations. Raytheon engineers, together with researchers at the University of Arizona, Tucson Electric Power (a public utility) and small business partners, are working toward providing technology to achieve FERC/NIST smart grid 2,030 targets of 40 percent improvement in system efficiency and asset utilization with a load factor of 70 percent, and to demonstrate prognostic health management capability through distributed sensors located within critical distribution system assets.

To specifically address the risks of cyber vulnerabilities, autonomic network defense and management solutions modeled after autonomic biological systems are being developed at the University of Arizona NSF Center for Autonomic Computing and Avirtek (a small technology company under license). This cutting-edge technology is being integrated with Raytheon-developed hardware to do the following:

  • Develop capabilities critical for identifying anomalous events triggered by malicious cyber and/or physical threats or failures.
  • Provide the ability to accurately characterize current state, and perform risk and impact analysis.
  • Develop proactive mechanisms to deploy autonomic agents to mitigate the impacts of malicious attacks.

This new autonomic technology will be able to detect hostile behavior aimed at the smart grid by monitoring the physical and cyber infrastructures. Once hostile behavior is detected and characterized, protective countermeasures can be implemented to ensure uninterrupted grid operation. This effort builds upon previous and current research funded by Raytheon and the U.S. Departments of Defense and Energy.

Figure 2. Smart grid test bed
Smart Grid Modeling and Simulation Test Bed

Few facilities exist to test newly developed industrial control system cyberdefense and control automation technology. To fill this gap, Raytheon, together with the University of Arizona and Tucson Electric Power, has developed an industrial control system test bed (ICSTB) capable of modeling and simulating the operation of the future smart grid (Figure 2). This test bed will be used to develop, test and demonstrate new technologies for detection, isolation and defense of cyberattacks as well as the behavior of autonomic control systems specifically designed to defend industrial processes and systems from malicious manipulation. Through thoughtful design, the ICSTB can model not only the electrical power system, but any part of our societal infrastructure (e.g., water/wastewater treatment, transportation and financial systems) to simulate behavior with sufficient fidelity to permit integration, testing and analysis of new cyber defense and control technologies.

The ICSTB is located at the University of Arizona in Tucson. Currently one of a kind, it will soon be joined by an identical twin at Raytheon's Missile Systems facility in Tucson. Because of the uniqueness of the ICSTB, researchers from many top universities and national laboratories are negotiating cooperative research and development agreements with Raytheon for future research into a broad range of industrial control systems and smart grid-related projects.

Electric Utility Vulnerability Assessment

The first step to reduce risks and improve the cyber-security of the smart grid is to assess existing vulnerabilities. Raytheon offers electric utility and Department of Defense customers extensive security assessments, including physical and cyber vulnerabilities. Differing from other companies' services, Raytheon security assessments not only identify vulnerabilities, they also include remediation recommendations. Our cyber assessment teams consist of certified cyber-security professionals who work with our customers, from vulnerability assessment through remediation implementation, to ensure that the most appropriate and cost-effective actions are employed to meet all security and regulatory requirements.

The vision of the Raytheon team is that the knowledge gained from detailed analysis of our critical infrastructures' vulnerabilities and operation will support the development of advanced cyberdefense and autonomic control systems technologies to reduce risks from malicious operational disruptions. In this way, Raytheon is leading the way in developing innovative products and services that provide solutions to today's problems and tomorrow's challenges in cyberprotection and industrial control of the future smart grid.

Don Cox and Steven Kramer

Top of Page