UK Smart Grid Security ‘Too Fragmented’: Study

A new study has urged the government to take a more joined-up approach to security smart grids

The UK’s “smart grid” plans are in danger of exposing the UK’s energy supply to attacks, due to a fragmented approach to cyber-security, according to a new report.

The report, published on Wednesday by the Energy Networks Association (ENA) and carried out by international consultants KEMA, was commissioned for the Department for Energy and Climate Change (DECC).

Fragmentation

It arrives as a new taskforce is set to begin discussions between the government and energy Distribution Network Operators (DNOs) on how future power grid IT and communications security will be protected.

While DNO and government plans are “rigorous”, the report called for a more coherent and joined-up approach.

For instance, the report compared smart grid plans unfavourably to the planned rollout of smart meters.

Organisations participating in the smart grid will be responsible for managing their own security, in contrast to the smart metering rollout, in which security requirements are to be more unified.

Smart metering providers will be provided with “one set of detailed specifications which will be applicable to all suppliers participating in the rollout, and one wide-area communications infrastructure provider,” KEMA wrote in the study.

Security challenge

By contrast, the conditions for the smart grid rollout are much more fragmented, the study found.

“Each DNO (will be) responsible for deploying its own smart grid solutions, including communications infrastructure, to its own specifications,” KEMA wrote in the study. “Therefore there is a greater challenge to the coordination of smart grid cyber security efforts.”

The report made a number of recommendations at the national and DNO level. At the national level KEMA recommended that cyber security be incorporated into the work of the Smart Grids Forum and that a national risk assessment process be developed for smart grids.

At the DNO level KEMA recommended that cyber security be brought under the explicit control of management, among other recommendations.

The government welcomed the study as a contribution toward ensuring the continued security of the energy grid.

“We will study its recommendations carefully,” said Energy Minister Charles Hendry in a statement.

Security is ‘critical’

He said the government will shortly publish a high-level strategy for the development of the smart grid as part of a forthcoming white paper on electricity market reform.

The energy grid plans are designed to reduce carbon emissions, but they also introduce new risks, according to ENA chief executive David Smith.

Cyber-security must be addressed as a top priority, Smith said.

“We are keen to work with government so that cyber security is not a sub-project but reflects the risks posed to critical infrastructure we depend upon so much,” Smith stated.

The cyber-risks to energy-generation systems were highlighted last year when the Stuxnet worm targeted nuclear power plants in Iran.

Smart grid rollouts have been slow outside of the US, according to some industry observers, a situation that has been blamed on established utility companies afraid of disruption to their business models.

Disruption

Management consultant Neil Gibbs of Marchment Hill Consulting, speaking in a panel discussion at HP’s annual Executive Energy Conference in Dubai last year, said established players in the energy industry were worried about the status quo being upset.

“Utilities recognise this will change the way consumers interact. There is information asymmetry at the moment and many people have no idea what they are consuming,” he said. “Big businesses realise that this will change things pretty dramatically.”

Gibbs made the remark following an admission from HP that uptake of smart grid technology had been sluggish outside of the US.

The North East of England could be among the first regions in the UK to pioneer a smart grid electricity system, following a proposed £54 million smart grid project by CE Electric UK.

The electricity provider will work with the likes British Gas, Durham University and EA Technology, and “aims to lay the foundations for helping British homes and businesses cut their carbon footprint, reduce their energy use and save money on a mass scale”.

“If successful, the knowledge gained from the project could speed up the installation of low-carbon technology, potentially saving homes and businesses across the UK around £8 billion in energy costs and 43 million tonnes of CO2 emissions,” said the supplier.