Building an Effective Security Program for Distributed Energy Resources and Systems E-Book

Building an Effective Security Program for Distributed Energy Resources and Systems

Understanding Security for Smart Grid and Distributed Energy Resources and Systems

Volume 1

This edition first published 2021© 2021 John Wiley & Sons, Inc.

All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, except as permitted by law. Advice on how to obtain permission to reuse material from this title is available at http://www.wiley.com/go/permissions.

The right of Mariana Hentea to be identified as the author of this work has been asserted in accordance with law.

Registered OfficeJohn Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, USA

Editorial Office111 River Street, Hoboken, NJ 07030, USA

For details of our global editorial offices, customer services, and more information about Wiley products visit us at www.wiley.com.

Wiley also publishes its books in a variety of electronic formats and by print‐on‐demand. Some content that appears in standard print versions of this book may not be available in other formats.

Limit of Liability/Disclaimer of WarrantyWhile the publisher and authors have used their best efforts in preparing this work, they make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives, written sales materials or promotional statements for this work. The fact that an organization, website, or product is referred to in this work as a citation and/or potential source of further information does not mean that the publisher and authors endorse the information or services the organization, website, or product may provide or recommendations it may make. This work is sold with the understanding that the publisher is not engaged in rendering professional services. The advice and strategies contained herein may not be suitable for your situation. You should consult with a specialist where appropriate. Further, readers should be aware that websites listed in this work may have changed or disappeared between when this work was written and when it is read. Neither the publisher nor authors shall be liable for any loss of profit or any other commercial damages, including but not limited to special, incidental, consequential, or other damages.

Library of Congress Cataloging‐in‐Publication Data

Names: Hentea, Mariana, author.Title: Building an effective security program for distributed energy resources and systems / Mariana Hentea.Description: Hoboken, NJ : Wiley, 2021. | Includes bibliographical references and index.Identifiers: LCCN 2020045336 (print) | LCCN 2020045337 (ebook) | ISBN 9781118949047 (cloth) | ISBN 9781119070429 (adobe pdf) | ISBN 9781119070436 (epub)Subjects: LCSH: Smart power grids–Security measures.Classification: LCC TK3105 .H45 2021 (print) | LCC TK3105 (ebook) | DDC 621.31068/4–dc23LC record available at https://lccn.loc.gov/2020045336LC ebook record available at https://lccn.loc.gov/2020045337

Cover Design: WileyCover Image: © Henrik5000/Getty Images

To my husband, Toma, and our children, Irina and Marius, for their love and patience.

“There is no doubt that it is around the family and the home that

     all the greatest virtues… are created, strengthened and maintained.” (Winston Churchill)

Foreword

“Just because something doesn’t do what you planned it to do doesn’t mean it’s useless.” (Thomas A. Edison, US Inventor)

Environmental policies, energy rising costs, and technology innovations are challenging many assumptions that were used to build current electric utility infrastructure, which has been evolving for more than a century. The power grid is the most complex man‐made system that allows access to electricity, a fundamental enabler for the economy. While access to electricity is the greatest engineering achievement of the twentieth century, the grid of today does not have the attributes necessary to meet the demands of the twenty‐first century and beyond.

The Smart Grid paradigm promises to improve the power grid reliability and enable sustainability and customer choice. To meet the power grid concerns, utilities around the world are investing in distributed energy resources (DERs). However, different utilities have different reasons and business drivers for investing in DERs management. Besides grid reliability, the increasingly rapid adoption of DERs is driven by other factors such as to meet the world's energy efficiency and greenhouse gas emission goals. With these drivers for investing in DERs and Smart Grids, cybersecurity solutions are imperative for reliable energy delivery. In highly connected world via Internet and with an increasing sophistication of threats, it is unrealistic to assume energy delivery systems are isolated or immune from compromise.

To achieve the interoperability of Smart Grid devices and systems, it is required that standards and protocols align policy, business, and technology in a manner that would enable all electric resources, including demand‐side resources, to contribute to an efficient, reliable electricity network. There is a need to understand that ensuring cybersecurity and privacy of the information is more than conformance to standards.

Security and privacy needs for Smart Grid and DERs, strategies, security requirements, risk management, security and privacy design, and countermeasures as well as standards and best industry practice recommendations are discussed in this book.

Understanding Security for Smart Grid and Distributed Energy Resources and Systems (Vol 1)

Building Security Program for Smart Grid and Distributed Energy Resources and Systems (Vol 2)

Effective Security Program for Smart Grid and Distributed Energy Resources and Systems:

An Engineering Approach (Vol 3)

The aim of this three-volume book is building security and privacy programs to support the development of Smart Grid Systems and DER systems that are reliable, secure, resilient, and flexible. The cybersecurity problem becomes a very complex problem for the Smart Grid system, defined also a system of systems. The basic concepts, approaches, and frameworks are described in this three-book set. Smart Grid and DERs security and privacy issues are gradually introduced and discussed from many perspectives.

The sequence is starting with introductory topics for the security and privacy programs and Smart Grid and DER needs (Volume 1), followed by more advanced and detailed functions of the programs as well as discussion of Smart Grid and DER characteristics, vulnerabilities, threats, potential risks (Volume 2), to efficient and effective security and programs that include monitoring, reporting, and control based on security measurements and security metrics as well as intelligent decision-making (Volume 3). Each volume and some topics can be used independently for limited purposes.

These books include information about strategies, security requirements, risk management, security design, and countermeasures as well as regulations, standards, and best practice recommendations. The focus is on describing the most specific issues of Smart Grid and DERs including building security and privacy program blocks to handle several aspects of the security and privacy risks for the Smart Grid and DER systems. These books demonstrate how to blend Engineering techniques with standards and best security practices. Finally, a perspective on the future DER systems cannot be discussed without taking a look at the vision on the future Smart Grids and research needs.

The information provided in this three-volume book could be used to educate current workforce, future graduates, academic/research, and regulators to understand the complex cybersecurity domain in the context of the various paradigms (e.g. Smart Grid, convergence of security by design and privacy by design) and emerging technologies (e.g. Internet of Things, wireless technologies, big data analytics, machine learning, intelligent control, and decision-making).

Preface Volume 1

Understanding Security for Smart Grid and Distributed Energy Resources and Systems

“If you want to find the secrets of the universe, think in terms of energy, frequency and vibration.” (Nikola Tesla, US Inventor)

The emergence of Smart Grid paradigm and distributed energy resources (DERs) applications requires innovation and deployment of new technologies, processes, and policies. DERs are typically smaller electricity generation or storage units located in a community, business, or home. They can serve consumers' energy needs locally and can provide support for the grid. All points of the power grid infrastructure will come under challenge, so it is critical that we fix the process and trust issues in DERs and future Smart Grid technologies.

The more sophisticated technologies and devices become, the greater the danger of them being stolen or adapted for misuse. The growing popularity of wireless technology used in several computing systems may have finally attracted enough hackers to make the potential for serious security threats a reality. In fact, the number and types of mobile threats – including viruses, spyware, malicious downloadable applications, phishing, and spam – have spiked in recent months. One can argue that device makers and wireless service providers have long focused on communications and other services, with security remaining an afterthought.

There is a growing concern about the security and safety of the control systems in terms of vulnerabilities, lack of protection, and awareness. In the past, control systems were isolated from other Information Technology (IT) systems. Historically, IT teams and industrial control systems or operational technology (OT) teams have been organized vertically based on the technology stack they managed. Connection to the Internet is new (early 1990s) and debatable among specialists. However, even without any connection to the Internet, these systems are still vulnerable to external or internal attackers that can exploit vulnerabilities in private communication networks and protocols, software such as operating systems, custom and vendor software, data storage software, databases, and applications.

Therefore, the increasing cyber attacks to energy sector and critical infrastructure are National concerns that require better security and privacy protection, an educated work force of Engineers in the area of security and privacy issues, and Security Professionals in the area of industrial control systems, particularly developing and implementing security protection for emerging Smart Grid applications and DER systems.

The security frameworks and initiatives surrounding the Smart Grid technology hence need to be provided and applied in a time‐critical fashion before larger implementations of Smart Grid roll out without good designs. Additionally, the electrical power community needs to critically consider applications of such frameworks to legacy power grid implementations to avoid security add‐ons that could be costly and inefficient.

While no single solution can be applied today to protect the power grid, this book (Volume 1), Understanding Security for Smart Grid and Distributed Energy Resources and Systems,provides an introduction of the fundamental concepts of cybersecurity, Smart Grid, DERs, power systems, and energy sector as a critical infrastructure. It discusses strategies, approaches, methods, frameworks, and standards that could help current work force in the electrical sector and power product manufacturers to:

Understand the security problem as it applies to the power grid, energy sector, and electricity subsector.

Understand the cybersecurity terms and evolution of terms.

Understand the Smart Grid concepts, DERs, and system needs for protection against intentional or unintentional threats.

Construct new engineering approaches to cybersecurity such as integrated organizational cooperation, strategic and tactical methods to be implemented, and increasing standards compliance requirements as well as fostering public trust that security is a high priority to those who provide these critical energy resources.

Define trust in a dynamic, collaborative environment and understand what it means to provide trust throughout an interaction.

Use a common framework for security policies and support of interoperability, ensuring security, and continuity.

Recognize the importance of standards in the development of Smart Grid technologies and DER systems to develop a framework that includes protocols and model standards for information security management.

Describe relevant cybersecurity standards or best practices that can be used for the specific applications.

Understand the scope and limitations of the security controls.

Identify the capability of the components or system to be updated to meet future cybersecurity requirements or technologies.

The key topics discussed in the book include:

Smart Grid paradigm, DERs and systems, scope of security and privacy, computing and information systems for business and industrial applications, critical Smart Grid systems, overview of Smart Grid cybersecurity standards, and key players in Smart Grid standards development.

Cybersecurity concepts and cybersecurity evolution, cybersecurity for electrical sector as a National Priority, emerging technologies, the needs for Smart Grid cybersecurity, solutions, security, and privacy programs.

Principles of cybersecurity, characteristics of information, critical security characteristics of information and systems, information security models.

Applying security principles to Smart Grid and DERs, Smart Grid infrastructure and technologies by considering IT systems infrastructure versus industrial control systems infrastructure with their differences and similarities including the IT and Operational convergence trends.

Smart Grid vulnerabilities, threats, recent cyber attacks, security controls, and cybersecurity challenges.

Critical infrastructure, critical infrastructure interdependencies, energy sector as a component of critical infrastructure, information security frameworks (NIST Cybersecurity Framework and NIST Privacy framework – generic frameworks), terrorism challenges addressing security of control systems, emerging technologies, and impacts to cybersecurity.

Characteristics of Smart Grid and DER systems, power system services and operations, energy management system, electrical utilities evolution, Smart Grid conceptual models (NIST conceptual model, IEEE model, European Union conceptual model), power and smart devices, and Smart Grid key technologies.

Analysis of power system characteristics (e.g. stability, partial stability), analysis of DER impacts, addressing issues (e.g. cybersecurity, reliability, resiliency, cyber‐physical systems), Smart Grid interoperability dimensions, interoperability framework, and addressing cross‐cutting issues.

Distributed energy systems, DER technologies and security challenges, establishing information security governance, and examples of Smart Grid applications and cybersecurity expectations.

Security management as a broad field of management, security management components and tasks, security program definition and functions, security management process, asset management, physical security and safety, security versus safety, information security management infrastructure, models and frameworks for information security management, privacy program functions, and approaches for building a security program and privacy program.

Security management for Smart Grid systems – strategic, tactical, and operational views, unified view of security management based on risk management for both IT systems and control systems, systemic security management – comparison and discussion of models, efficient and effective management solutions, security models for electrical sector – electricity subsector cybersecurity capability maturity model (ES‐CM2), NIST framework, etc., implementation challenges on achieving security governance, and ensuring information assurance, certification, and accreditation.

The topics discussed in this book help to educate the Security Professionals, Power Control Engineers, management, regulators, service providers, and inform the public at large about the Smart Grid paradigm, DERs, and needs for Security and Privacy protection. Also, the book may be used to educate future graduates (e.g. engineers, computer science, IT graduates, business, and law) to gain skills and more knowledge on understanding and managing the security and privacy risks of Smart Grid and DERs as well as approaches for defining and maintaining a security and privacy program. For example, Law students can use the material from the book to understand the cybersecurity issues for critical infrastructure problems. Also, they can learn about the current regulations, the power and consumers' needs for new regulations in the future.

Research and academia communities could use the book to have a broader view of the cybersecurity problems for Smart Grid, critical infrastructure and energy sector.

Acknowledgments

Although I am the sole author of this book, the content is the product of my work experience and learning from discussions with colleagues and friends about various topics and projects at work, interactions with researchers at conferences and workshops, meetings and presentations provided by professional societies, my published research works, presentations and talks at conferences, teaching courses in the university, leading research projects with students, meetings with IEEE members, etc.

Besides these, I have been inspired by Dr. Martha Evens' strength and dedication to seek new work and educate others. Dr. Martha Evens encouraged me to pursue a doctoral degree in Artificial Intelligence, after I accomplished an MS in computer science at Illinois Institute of Technology, Chicago, IL, USA. Still after several decades, Dr. Evens (now emeritus professor) provided advice on how to manage the writing of this book. She always encouraged me to pursue my own research interests.

The chosen topic – cybersecurity for the Smart Grid and distributed energy resources – is the result of my own decision, after I learned about threats to power grid and the need for providing more information on security matters to engineers.

I thank Dr. Simone Taylor for reading my book proposal and offering the opportunity to publish this book. My thanks also go to reviewers, Antony Sami, Brett Kurzman, Kari Capone, Sarah Lemore, and the team of editors and managers from Wiley. Their support and advice in completing the writing task are very much appreciated.

Part IUnderstanding Security and Privacy Problem

1 Security

1.1 Introduction

Over a short period of time, people and businesses have come to depend greatly upon computer technology and automation in many different aspects of their lives. Computers are involved in managing and operating public utilities, banking, e‐commerce and other financial institutions, medical equipment and healthcare services, government offices, military defense systems, and almost every possible business and day‐to‐day activities of the people. This level of dependence and the extent of Internet technology integration made security necessary discipline as stated by the Organisation for Economic Cooperation and Development (OECD) in [OECD 2006]:

Security must become an integral part of the daily routine of individuals, businesses and governments in their use of Internet Communication Technologies (ICTs) and conduct of online activities.

Security is the condition of being protected against danger and loss. In general usage, security is similar to safety. Security means that something is not only secure but also it has been secured.

There are various definitions of security provided by different dictionaries (e.g. security is freedom from danger; safety) (see more definitions in Appendix A), but all of them basically agree on some components, and they miss this point: they do not translate readily into information technology (IT) terms. In the IT sector, there is an acceptance that there is no pure risk‐free state, whatever it is done (or not done), but it carries a risk.

Therefore, the definitions should not be considered as absolute descriptions of the word security in the real world because they individually describe a practically impossible goal. In order to describe security in a more realistic way, by combining the definitions provided by two dictionaries, new definitions are suggested (e.g. [Fragkos 2005]).

Thus, the definition of security is understood as the capability of a system to protect its resources and to perform to its design goals. However, definitions may differ among users, standards organizations, and industries. Also, several concepts and definitions for security and many related terms have evolved in time to reflect emerging trends. Some other terms are used such as information security and cybersecurity. In a computing context, the term security implies cybersecurity [TechTarget]. Information security was first brought to the public’s attention by the release of the first guidelines to protect the security of information systems in 1992 [OECD 1992].

Ten years later, the OECD reviewed the guidelines to take into account the generalized adoption of Internet technologies, which enabled the openness and interconnection of formerly closed and isolated information systems. The need to develop a culture of security and greater awareness was initiated in 2002 by OECD [OECD 2002] for OECD members and nonmembers alike; it was adopted by United Nations in 2002 [UN 2002]. The OECD document [OECD 2002] emphasizes the need to take into account the emergence of the open Internet and the generalization of interconnectivity. These guidelines apply to all participants in the new information society.

Security is, therefore, currently a widespread and growing concern that covers all areas of society: business, domestic, financial, government, and so on. Often security has different meanings to different people. There are several definitions and terms that sometimes make the security an ambiguous field. For example, in the energy sector, energy security refers to the uninterrupted availability of energy sources at an affordable price [IEA 2016]. To a power engineer, security means that power flows between utilities are open. Another view of security is a three‐legged stool consisting of physical security, information technology (IT) security, and industrial control systems (ICS) security [Weiss 2010].

Security has a wide base and addresses specific issues regarding computers, networks, communication devices, data, information, people, organizations, and governments. Users must have confidence that information systems operate as intended without unanticipated failures or problems. Also, users must have confidence that information is handled timely, accurately, confidentially, and reliably.

Following this document [OECD 2002], OECD published more technical guidelines and recommendations for the implementation and management of security [OECD 2003], [USCIB 2004], [OECD 2005], [OECD 2008] including privacy [OECD 2016]. Revisions of the guidelines are reported in [OECD 2012a], [OECD 2012c].

On 17 September 2015 the OECD Council adopted the Recommendation on Digital Security Risk Management [OECD 2015], which replaces the 2002 guidelines. The [OECD 2015] document provides guidance for a new generation of national strategies on the management of digital security risk aimed to optimize the economic and social benefits expected from digital openness. The recommendation calls on governments, public, and private organizations to adopt an approach to digital security risk management that builds trust and takes advantage of the open digital environment for economic and social prosperity. As described in this document, digital security implies that security is approached from at least four different perspectives, each stemming from a different culture and background, recognized practices, and objectives:

Technology that is focusing on the functioning of the digital environment (often called information security, computer security, or network security by experts).

Law enforcement and, more generally, legal aspects (e.g. cybercrime).

National and international security, including aspects such as the role of information and communication technologies (ICTs) with respect to intelligence, conflict prevention, warfare, etc.

Economic and social prosperity, encompassing wealth creation, innovation, growth, competitiveness, and employment across all economic sectors, as well as aspects such as individual liberties, health, education, culture, democratic participation, science, and other dimensions of well‐being in which the digital environment is driving progress.

The continuous growth of cybersecurity threats and attacks including the increasing sophistication of the malware is impacting the security of energy sector and other critical infrastructures. The energy industry includes electricity sector that provides the production and delivery of power to consumers through a grid connection.

Currently, cybersecurity is a widespread and growing concern for the energy sector. In addition, the energy market shows the presence of emerging Smart Grid phenomena, which introduce new security concerns. In the context of this book, security has a wide base and addresses specific issues regarding power grid and Smart Grid with its related technologies such as Internet of things, cyber–physical systems, industrial control systems, communication networks, computers, information, organization, and people, and others.

1.2 Smart Grid

The Smart Grid is evolving from the traditional electrical grid. An electrical grid (also referred to as an electricity grid or electric grid) is an interconnected network for delivering electricity from suppliers to consumers. It consists of generating stations that produce electrical power, high‐voltage transmission lines that carry power from distant sources to demand centers, and distribution lines that connect individual customers. The US electric power system has provided highly reliable electricity for more than a century.

1.2.1 Traditional Power Grid Architecture

The traditional architecture (see Figure 1.1) is based on large‐scale generation remotely located from consumers, hierarchical control structures with minimal feedback, limited energy storage, one‐way control, and passive loads.

Figure 1.1 Traditional electricity delivery system.

Source:[DOE 2015a]. Public Domain.

As illustrated in Figure 1.1, the electricity sector is composed of four distinct functions: generation, transmission, distribution, and system operations. Once electricity is generated, it is generally sent through high‐voltage, high‐capacity transmission lines to local electricity distributors. Once there, electricity is transformed into a lower voltage and sent through local distribution lines for consumption by industrial plants, businesses, and residential consumers.

Because electric energy is generated and consumed almost instantaneously, the operation of an electric power system requires that a system operator constantly balance the generation and consumption of power. Figure 1.2 shows additional functional systems (transmission system, system operations, distribution system) and substation connected to different customers (offices, residential customers, and industrial customers). Information including basic definitions of terms and concepts related to the electrical power grid can be also found in the references and glossaries included in Appendix B.

Figure 1.2 Functions of the electricity sector.

Source:[GAO 2011]. Public Domain.

1.2.1.1 Key Players

In the US electric sector, the key players include utilities and system operators [GAO 2011]:

Utilities own and operate electricity assets, which may include generation plants, transmission lines, distribution lines, and substations including structures often seen in residential and commercial areas that contain technical equipment such as switches and transformers to ensure smooth, safe flow of current and voltage. Utilities may be owned by investors, municipalities, and individuals (as in cooperative utilities).

System operators are sometimes affiliated with a particular utility or sometimes independent and responsible for managing the electricity flows in multiple utility areas. The system operators manage and control the generation, transmission, and distribution of electric power using control systems, IT information systems, and network‐based systems that monitor and control sensitive processes and physical functions, including opening and closing circuit breakers (see definitions in

Appendix B

). Therefore, the effective functioning of the electricity industry is highly dependent on these control systems.

However, for many years, the US electricity network lacked opportunities such as [GAO 2011]:

Adequate technologies (e.g. sensors) to allow system operators to monitor how much electricity was flowing on distribution lines.

Communication networks to further integrate parts of the electricity grid with control centers.

Computerized control devices to automate system management and recovery.

1.2.1.2 Electric Grid Design of the Future

As the electric grid transitions from the traditional design to the design of the future, new features and technologies must be incorporated. Increasing communications and computing capabilities are transforming power grid from the traditional centralized model to an integrated hybrid centralized/decentralized system. Therefore, society and the power industry in particular are challenged by the transformation of the power grid, as introduced by Nikola Tesla about 120 years ago, into a Smart Grid.

Figure 1.3 depicts an electric power grid that is evolving to include more distributed control, two‐way flows of electricity and information, more energy storage, and new market participants including consumers as energy producers.

Figure 1.3 Evolution of the electric power grid.

Source:[DOE 2015a]. Public Domain.

1.2.2 Smart Grid Definitions

The definition of a Smart Grid is broad and encompasses many aspects of electric grid operation and management. A Smart Grid is an improved electrical power grid, a network of transmission lines, substations, transformers, and more that deliver electricity from suppliers to consumers by using two‐way digital technology to communicate with end loads and appliances at industrial, commercial, and residential premises to save energy and reduce capital and operational cost by improving reliability, security, and efficiency of current power grid. The Smart Grid enables greater use of electricity generated from renewable resources.

Smart Grids are typically described as electricity systems complemented by communication networks, monitoring and control systems, smart devices, and end‐user interfaces [OECD 2010], [OECD 2009].

Another Smart Grid definition blends both functions and components [OECD 2012b] and refers to an electricity network that uses digital and other advanced technologies to monitor and manage the transport of electricity from all generation sources to meet the varying electricity demands of end users. Smart Grids coordinate the needs and capabilities of all generators, grid operators, end users, and electricity market stakeholders to operate all parts of the system as efficiently as possible, minimizing costs and environmental impacts while maximizing system reliability, resilience, and stability [IEA 2011].

The Smart Grid is a vision of the future electricity delivery infrastructure that improves network efficiency and resilience while empowering consumers and addressing energy sustainability concerns [Gartner IT].

The SmartGrids Platform was started by the Directorate‐General for Research of the European Commission in 2005 [SmartGrids 2006]. This initiative aims at boosting the competitive situation of the European Union in the field of electricity networks, especially smart power grids. The establishment of a European Technology Platform (ETP) in this field was for the first time suggested by the industrial stakeholders and the research community at the first International Conference on the Integration of Renewable and Distributed Energy Resources [Conference 2004].

Although there is no formal definition of a Smart Grid based on its features proposed in the literature, the Smart Grid may be considered as a power grid in which modern sensors, communication links, and computational power are used to improve the efficiency, stability, and flexibility of the system [Rihan 2011].

The 2006 report of European Commission [SmartGrids 2006] describes the vision of the “Future: operation of system will be shared between central and distributed generators. Control of distributed generators could be aggregated to form microgrids or ‘virtual’ power plants to facilitate their integration both in the physical system and in the market.” Figure 1.4 shows how the concept of SmartGrids works.

Figure 1.4 SmartGrids concept.

Source:[SmartGrids 2006]. © European Communities, 2006.

SmartGrids was a new concept for electricity networks across Europe. The initiative aims to respond to the rising challenges and opportunities, bringing benefits to all users, stakeholders, and companies. Also, the Advisory Council of the technology platform SmartGrids proposed new ways for Europe to move forward on improving the efficiency of the generation, transmission, and distribution of electricity. By using cleaner energy resources (e.g. solar, wind), the SmartGrids aims to benefit the European economy and help improve consumers’ needs.

Figure 1.5 illustrates the vision for the future electricity networks. As presented in the [SmartGrids 2006] report, a proportion of the electricity generated by large conventional plants will be displaced by distributed generation, renewable energy sources, demand response and demand‐side management, and energy storage.

Figure 1.5 Future network vision.

Source:[SmartGrids 2006]. © European Communities, 2006.

Figure 1.6 depicts the layout of the modernized electrical grid with voltages and depictions of electrical lines that are typical of Germany and other European systems. A vision of future developments in Europe is depicted at VISION 2050 site (see [VISION 2050]). More European reference publications are available at [ETIP SNET].

Figure 1.6 General layout of electricity networks.

Source:[ElNet 2014]. Licensed under CC BY 3.0.

The development of Smart Grid in the United States is a result of Title XIII of the Energy Independence and Security Act of 2007 [EISA 2007], which provided legislative support for Department of Energy’s (DOE) Smart Grid activities and reinforced its role in leading and coordinating national grid modernization efforts [Mandates 2007].

The smart power grid delivers electricity from suppliers (e.g. central power plant, distributed generation resources such as wind turbines, microturbines, etc.) to consumers using two‐way digital technology to communicate with end loads and appliances at industrial, commercial, and residential premises to save energy, reduce capital and operational cost by improving efficiency, and increase reliability and transparency. Also, the Smart Grid includes control systems, intelligent devices, and communication networks that keep track of electricity flowing in the grid.

Until this point in time, research on the Smart Grid has revolutionized the way the energy trade will be performed in the near future. The Smart Grid concept challenged the majority of the energy trade stakeholders regarding several aspects of the current setting: infrastructure should be reengineered, and new legislation should be developed, and new business models should be implemented, and so forth. Motivations for Smart Grid developments in the United States are also described in [DOE 2009].

As we have seen in the above definitions, Smart Grid and similar names such as intelligent grid, modern grid, future grid, modernized grid, and so on are all being used to describe a digitized and intelligent version of the current power grid.

1.2.3 Drivers for Change

Examples of drivers for change in the electric power system in the United States include:

Integration of Smart Grid technologies (see definition in

Appendix B

) for managing complex power systems, driven by the availability of advanced technologies that can better manage progressively challenging loads.

Growing expectations for a resilient and responsive power grid in the face of more frequent and intense weather events, cyber and physical attacks, and interdependencies with natural gas and water systems.

Smart Grid technologies and applications encompass a diverse array of modern communications, sensing, control, information, and energy technologies that are already being developed, tested, and deployed throughout the grid. These technologies are divided into three basic categories [NSF 2011]:

Advanced ICTs (including sensors and automation capabilities) that improve the operation of transmission and distribution systems.

Advanced metering solutions, which improve on or replace legacy metering infrastructure.

Technologies, devices, and services that access and leverage energy usage information, such as smart appliances that can use energy data to start operating when energy is cheaper or renewable energy is available.

The Smart Grid vision increases the use of IT systems, networks, and two‐way communication to automate actions that system operators formerly had to perform manually.

Thus, the grid modernization is an ongoing process, and initiatives have commonly involved installing advanced metering infrastructure (AMI) (smart meters) in homes and commercial buildings that enable two‐way communication between the utility and customer. Other initiatives include adding smart components to provide the system operator with more detailed data on the conditions of the transmission and distribution systems and better tools to observe the overall condition of the grid (referred to as wide area situational awareness). These components include advanced smart switches on the distribution system that communicate with each other to reroute electricity around a troubled line and high‐resolution, time‐synchronized monitors, called phasor measurement units, on the transmission system. Concepts such as smart loads, smart generation distribution, smart electric vehicles (EVs), smart buildings, and smart switch are enabling a smarter grid [DOE 2015a]. Figure 1.7 illustrates a Smart Grid configuration, with common smart components (smart meter, smart appliances, phasor measurement unit, wind turbines, electric vehicle, smart switch, two‐way communication lines), although utilities making Smart Grid investments may opt for alternative configurations depending on cost, customer needs, and local conditions.

Figure 1.7 Common Smart Grid components.

Source:[GAO 2011]. Public Domain.

To deliver electricity more cost effectively in response to consumer needs and at the same time with less damage to the climate, the Smart Grid uses distributed energy resources (DERs), advanced communication, and control technologies.

1.2.4 Smart Grid Communication Infrastructure

Communication infrastructure is the backbone of the communication system upon which various broadcasting and telecommunication services are operated. The infrastructure is the core component that connects upstream production, such as voice, data, and audiovisual services, with downstream consumers. In basic terms, communication infrastructure involves technology, products, and network connections that allow for the transmission of communications over large distances. According to [P2030 2011], the facilitation of Smart Grid consists of these following aspects: power engineering, communication technology, and information technology. A Smart Grid is characterized by the bidirectional connection of electricity and information flows to create an automated, widely distributed delivery network.

A communication infrastructure is an essential part to the success of the emerging Smart Grid [Yan 2013]. Through a communication infrastructure, a Smart Grid can improve power reliability and quality to eliminate electricity blackout.

As described in [Chen 2010], Smart Grid supports two‐way power flow and information flow to reach optimal electric power operation. Smart Grid shall consequently collect all kinds of information of electricity generation (centralized or distributed), consumption (instantaneous or predictive), storage (or conversion to energy in other forms), and distribution through the communication infrastructure. Then, the optimization of electricity utilization can be realized through appropriate information technology such as grid or cloud computing to allow appropriate actions in the entire Smart Grid through communication infrastructure again.

Communication infrastructure is a complex ecosystem of separate yet interconnected systems. It consists of a variety of networks, including the broader Internet, cellular networks, optical backhaul networks, and local area networks. A scalable and pervasive communication infrastructure is crucial in both construction and operation of a Smart Grid [Yan 2013].

For the purpose of planning and organization of the diverse, expanding collection of interconnected networks that will compose the Smart Grid, NIST adopted the approach of dividing the Smart Grid into seven logical domains, known as Smart Grid Conceptual Reference Model. The model includes the following domains [NIST SP1108r1]:

Generation – Includes traditional generation sources and DERs; may also store energy for later distribution; generation includes coal, nuclear, and large‐scale hydrogeneration usually attached to transmission; DERs are associated with customer and distribution domains providing generation and storage and with service provider aggregated energy resources.

Transmission – Carriers of bulk electricity over long distances; may also store and generate electricity.

Distribution – Distributors of electricity to and from customers; may also store and generate electricity.

Customers – End users of electricity (residential, commercial, and industrial); may also generate, store, and manage the use of energy.

Operations – Managers of the movement of electricity.

Markets – Operators and participants in electricity markets.

Service providers – Organizations providing services to electrical customers and to utilities.

Figure 1.8