A Separate Network for Control System CyberSecurity

The electric utility sector smart-grid definition implies the need for ubiquitous communications and extensive controls to increase reliability, efficiency, flexibility, and cost effectiveness. Smart-grid features include demand-response capabilities, advanced controls, DER integration, increased situational awareness, smart metering, advancement of ancillary services, time-of-use pricing, and peak curtailment, to name a few. The communication technologies at the smart grid’s heart provide the backbone for these features, which risks being exploited by adversaries. Furthermore, adding numerous automated services and devices to support smart-grid objectives risk compromise. In essence, the attack surface of the utility control systems is significantly larger. For example, smart meter and Advanced Metering Infrastructure systems, when implemented incorrectly, could provide injection points to the utility and meters equipped with demand response capabilities introduce the possibility of direct customer power disconnect.

A separate network for control system cybersecurity defines a highly secure, resilient and redundant critical communications, sensing, and technical assistance solution supporting all elements of the electricity enterprise and its supply chain. It is designed to retain national continuity of operations, enable rapid restoration, and facilitate cost-effective protective measures to thwart consequences of cyberattacks, operational and physical threats, and natural disaster. Security and resilience enhancements are not about bolting on a costly, cumbersome exoskeleton. As a nation, we must infuse the grid’s operational architecture digital native attributes (DNA) with modifications resulting in immunity to attack and degradation. Objectives of a project to implement utilization ofa separate communication network include:

A review of this concept is presented.