The Security of Renewable Energy and the Electric Grid

Kathryn Bunner
December 7, 2016

Submitted as coursework for PH240, Stanford University, Fall 2016

Introduction

Fig. 1: Power lines carry electricity across Washington State. (Courtesy of the DOE)

Driven by the global climate crisis and new technologies, renewable energy is slowly increasing its contribution to the world's energy consumption. Plenty of reasons exist to focus on making renewable energy sources a bigger contribution. However, there is an important, and sometimes overlooked, technological aspect to renewable energy that is increasing the attention these resources are receiving. A Bipartisan Policy Center (BPC) report defined cyber attack on the transmission grid as an attempt by any of the "variety of malicious actors" to disrupt grid operations, damage infrastructure, or steal information via grid system. [1] A cyber security attack to the energy sector holds the potential to cause power outages, food and water supply shortages, or disrupt health care delivery. Renewable energy is an important initiative; however, there are many risks to consider and precautions to take in order to assure the safety and security of both the users and the systems.

Grid Infrastructure

America's electric grid is comprised of three smaller grids called interconnects, which are a complex network of power plants and transformers connected by more than 450,000 miles of high-voltage transmission lines like those shown in Fig. 1. Electricity is delivered to places like the home through these grids. While this grid system stands as an engineering marvel, its aging infrastructure requires extensive upgrades to effectively meet the nation's energy demands. [2] Over the past six years there have been big changes to modernize the electric grid system and make it more automated. [3] However, complex technology often contains multiple backdoors for attackers to open. Further, delivery systems are the backbone of the energy sector. The control systems utilize interconnected electronic and communication devices to monitor and control the processes that produce, transfer, and distribute energy; this makes renewables more exposed. However, the complication of the security is not from the intermittency, but the separation from a utility's control system. Unfortunately, the existing reliability protections are not going to be sufficient against a well-executed cyber attack.

Threats to energy companies come from a range of sources, including other nation states and cybercriminals whose motivations may include stealing data, making a profit, destroying information, or exposing corporate secrets. [3] Fortunately, the electric power sector has yet to experience a cyber attack that affected the operations of the North American grid. The challenge of protecting the electric grid from cyber attacks is that they are less predictable than traditional threats because these attacks can come from anywhere in the world at the click of the button.

What's Next

Protecting the critical energy infrastructure that makes all of the energy delivery in America possible is a top priority for the both the President and the DOE. There are strategic and pragmatic plans acting to assure the protecting of our energy. For example, the "Roadmap to Achieve Energy Delivery Systems Cybersecurity," [2] is a strategy developed to design, install, operate, and maintain resilient energy delivery systems that can survive a cyber incident while sustaining critical functions. Risk mitigation is a critical component in cyber security policy. [3] Improving the cybersecurity of our renewable energy systems benefits both the energy sector and the changing climate. The Department of Energy says they will continue to make investments into adapting and meeting the challengers of today's evolving cyber challenges. This includes new, innovative technologies that will help the energy sector stay ahead of what's next. Improvements will need to emphasize collaboration among the government, industry, universities, national laboratories, and end users to advance research and development in cybersecurity that is tailored to the unique performance requirements, design and operational environment of energy delivery systems. Renewable energies are an important step toward saving our planet's environment, but it is equally important to make sure these resources are resilient and reliable.

© Kathryn Bunner. The author grants permission to copy, distribute and display this work in unaltered form, with attribution to the author, for noncommercial purposes only. All other rights, including commercial rights, are reserved to the author.

References

[1] "Cybersecurity and the North American Electric Grid: New Policy Approaches to Address an Evolving Threat," Bipartisan Policy Center, February 2014

[2] "Roadmap to Achieve Energy Delivery Systems Cybersecurity," Energy Sector Control Systems Working Group, September 2011.

[3] W. Wang and Z. Lu, "Cyber Security in the Smart Grid: Survey and Challenges", Comput. Netw. 57, 1344 (2013).