Smart grids are electricity grids in which computer intelligence and networking capacity have been added to a ‘dumb’ electricity distribution system. This enables greater consumer involvement in managing their consumption patterns, giving them access to the information required to make informed choices. A smart grid also provides the capacity to accommodate intermittent energy from renewable and decentralised sources. However, both of these advantages of the smart grid are not without their inherent risks.
The operation of a smart grid relies on a complex network of computer hardware, software and communications technologies. This leaves the grid vulnerable to malicious attacks that have the potential to cause major disruption, with possibly devastating consequences for both suppliers and consumers alike. The grid flexibility required to accommodate intermittency introduces a level of uncertainty that has implications for security of supply. The challenge of keeping a European smart grid safe should not be underestimated - it is a truly enormous task, involving coordinating the cyber-security of an area with a population of over 500 million people. This task is further complicated by the fact that it should be coordinated between 28 governments with different requirements concerning data protection and privacy.
In its report “Smart Grid projects in Europe: lessons learned and current developments,” the Joint Research Centre (JRC), the European Commission’s in-house science service, identified five important challenges that need to be addressed with respect to data protection and grid security. These are: the large amount of sensitive customer information the grid will transmit; the greater number of control devices in the smart grid; the poor physical security of a great proportion of these devices; the use of Internet Protocol (IP) as a communication standard; and the number of stakeholders the grid relies on for its smooth operation.1
A number of EU projects and initiatives aim to address these issues. In July 2012, the European Union Agency for Network and Information Security (ENISA)2 published Smart Grid Security: Recommendations for Europe and Member States. The aim of this report was to provide advice aimed at improving current initiatives, enhancing co-operation, raising awareness, developing new measures and good practices and reducing barriers to information sharing. To this end, the report produced a set of recommendations for the European Commission and Member States.
These recommendations include undertaking initiatives to improve the regulatory and policy framework on smart grid cyber security at national and EU level. It is also recommended that the EU, in cooperation with ENISA and the Member States, promotes the creation of a public-private partnership to coordinate smart grid cyber security initiatives and to foster awareness raising and training, along with dissemination and knowledge sharing. Given the range and complexity of equipment required to make the smart grid function, and in recognition of the JRC’s concern about the poor physical security of smart grid devices, ENISA also recommends that the competent authorities in the European Commission and the Member States develop security certification schemes for components and products. Furthermore, ENISA recommends that strategies be refined to counter large scale pan-European cyber incidents that affect power grids.3
While cyber security is clearly a critical issue, there are other concerns of a systemic nature that also need to be dealt with to support safe grid operations. Among measures to ensure the stable operation of the European grid, in its Seventh Framework Programme (FP7) the European Commission organized a call for ‘innovative tools for the future coordinated and stable operation of the pan-European electricity transmission system’. One of the projects awarded funding under this call was iTesla (Innovative Tools for Electrical System Security within Large Areas) - a project that aims to provide the technical means for European transmission system operators (TSOs) to address challenges arising from the integration of renewable energy. To do this, it will perform accurate security analysis of the energy system to provide a risk-based assessment that takes into account the various uncertainties (particularly those arising from intermittent power generation), the probability of contingencies and the possible failures of corrective actions.
iTesla is expected to cover the actual needs for security analysis expressed by the TSOs, as well as provide additional functionalities. One such functionality is the possibility of working on an ENTSO-e power grid, which will make it possible to carry out studies of coordinated actions. iTesla should provide probabilistic security analysis taking into account uncertainties such as renewable generation (primarily wind and photovoltaic) and other variable parameters. The iTesla toolbox will build on the results of the EC supported Pan European Grid Advanced Simulation and State Estimation (PEGASE) project, which aimed at removing algorithmic barriers related to the monitoring, simulation and optimization of very large power systems. Once the iTesla toolbox has been developed, the project findings will be disseminated to regulatory bodies, European TSOs and other stakeholders in an effort to share the knowledge gained and promote the adoption of the toolbox.
The iTesla project works in tandem with another FP7 project - “Toolbox for Common Forecasting, Risk Assessment, and Operational Optimisation in Grid Security Cooperation of TSOs” (Umbrella). This project, which has been awarded a label by the European Electricity Grid Initiative (EEGI), aims to develop a dedicated innovative toolbox to support the grid security approach of TSOs. This toolbox shall include: simulation of uncertainties due to market activities and integration of renewables on various time scales; optimisation of corrective actions in reaction to simulated risks; and the development of risk-based assessments for anticipated system states, with and without corrective actions. In so doing, it aims to provide a scientifically sound basis to support common TSO rules.
The European power grid was designed to operate with fixed, centralised and predictable energy sources. The revolutionary changes that the grid is currently experiencing are necessitated by the changing nature of how we produce and use energy. As the energy system strives to accommodate these adjustments, the measures currently being implemented and the proposed recommendations to enhance grid security will be instrumental in creating a secure foundation for the grid of the future.
For more information:
1JRC, Smart Grid projects in Europe: lessons learned and current developments, p. 56
2The European Network and Information Security Agency (ENISA) is a centre of network and information security expertise for the EU, its Member States, the private sector and Europe’s citizens.
3ENISA, Smart Grid Security: Recommendations for Europe and Member States, p. 27.