Slashdot Mirror

← Back to Stories (view on slashdot.org)

Securing the Smart Grid

Posted by samzenpus on from the protect-ya-neck dept.

brothke writes "Securing the Smart Grid: Next Generation Power Grid Security, authors Tony Flick and Justin Morehouse provide a comprehensive and first-rate overview of smart grid technology and what is needed to ensure that it is developed and deployed in a secure and safe manner. An issue is that smart grid has significant amount of hype around it, including the promise that it will make energy more affordable, effective and green. With that, promises around security and privacy are often hard to obtain." Read on for the rest of Ben's review. Securing the Smart Grid: Next Generation Power Grid Security author Tony Flick and Justin Morehouse pages 320 publisher Syngress rating 9/10 reviewer Ben Rothke ISBN 1597495700 summary Excellent overview on smart grid technology and its related security, privacy and regulatory issues While the books notes early on that there is no singular definition of what defines smart grid, a generally accepted definition is that it is a "network of technologies providing real-time two-way communication that delivering electricity from utilities to consumers".

Most importantly, it is crucial to understand that the smart grid is an evolving environment, not a single entity or technology.

As important as the smart grid and security is, roughly 80% of Americans claim to know little or nothing about the smart grid, while 76% lack knowledge or understanding of smart meters, according to results of the latest Market Strategies International E2 Study.

From a security perspective, securing the smart grid is a complex endeavor. When you combined this with a public that is oblivious to the security and privacy issues, it gets worrisome quite fast.

The books 14 chapters provide a good overview of the various aspects of smart grid, energy and utility transmission, security, privacy attack vectors and more. The book offers a good balance of the topics, in a very readable format.

In chapter 1, the authors note that a smart grid is not a single device, application, system network, or even idea. And that there is no single authoritative definition for what a smart grid is. With that, the initial chapter sets and defines the various aspects to smart grid.

Chapter 2 provides an overview of the threats and impacts of smart metering at the consumer level. A large part of smart grid technologies is advanced metering infrastructure (AMI), which is a set of systems that measure, collect and analyze energy usage, and interact with advanced devices such as electricity meters, gas meters, heat meters, and water meters, through various communication media. Once smart grid is ubiquitous, AMI will be a hacker's platform of choice.

With all those benefits of AMI come security and privacy issues, and those open the metering infrastructure to smart thieves, stalkers, and a broad range of other threats and attacks. AMI also opens up a new set of privacy issues in that the AMI devices will be collecting significant amounts of personal energy data, which may or may not be transmitted over a secure channel.

Unfortunately, leaving security to vendors of home-based products has traditionally not been met with much success. Let's hope the smart grid vendors learn from the security debacles of the past and build effective and strong security into their products.

Chapter 4 notes that smart grid security is a matter of national security and that the US government is playing a large role in directing the effort. Numerous groups have efforts in place to secure smart grids, including DOE, FERC, DoC, DHS and more.

An important group working on this is the NIST Cyber Security Working Group (CSWG). The primary goal of the CSWG is to develop an overall cyber security strategy for the smart grid that includes a risk mitigation strategy to ensure interoperability of solutions across different domains/components of the infrastructure. This strategy addresses prevention, detection, response, and recovery.

The CSWG recently created NISTIR 7628 — Guidelines for Smart Grid Cyber Security, which complement everything detailed in this book. It also has the added benefit of being free. At 577 pages, it is also much more comprehensive.

Chapter 11 is especially fascinating, which deals with the topic of social networks and smart grid. While smart grid can leverage the power of social networking, it is inevitable that people will start tweeting about their energy usage. While that energy data may seem like an innocuous tweet, that information can be used to determine if the people are at home, on vacation, using specific appliances, etc.

For example, the Lyceum is the oldest building on the University of Mississippi campus. The Lyceum also has a twitter feed about its energy usage. While this is more informational, when individuals start sharing their energy usage, without effective social media controls, the security outcome is quite predictable. With that level of information disclosure, it is quite easy to determine if a family is home, not home, sleeping, entertaining guests, etc.

As to users who in the future will integrate tweets and other energy data into their social networking, the chapter illustrates how much of a security risk this can pose by detailing vampire energy cost estimates for over 75 different types of electronic products. Attackers can use the energy data and extrapolate what products are in use, when, and more.

The chapter concludes with a smart grid social networking security checklist. The smart grid social networking security checklist contains five categories for implementing basic security controls, name around: identity, authentication, information sharing, networking and usage.

The book also includes a number of sidebar Epic Fail stories, which detail major failures and catastrophes in various energy topics.

Overall, Securing the Smart Grid: Next Generation Power Grid Security provides an excellent overview on the state of smart grid technology and its related security, privacy and regulatory issues. The book provides an excellent introduction for anyone looking to understand what smart grid is all about, and its security and privacy issues.

You can purchase Securing the Smart Grid: Next Generation Power Grid Security from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

97 comments

  1. Maybe it's a bad idea to have a "smart grid" by Animats · · Score: 1

    From a security perspective, securing the smart grid is a complex endeavor. When you combined this with a public that is oblivious to the security and privacy issues, it gets worrisome quite fast.

    If residential end users have to worry about the security of the power grid, the "smart grid" is a bad idea.

    1. Re:Maybe it's a bad idea to have a "smart grid" by Anonymous Coward · · Score: 0

      You mean you (as a residential end-user) are not already worried about the security of the power grid? With all the government fuckwits we have in power, it's a wonder there hasn't been a catastrophic breach of security in that respect.

    2. Re:Maybe it's a bad idea to have a "smart grid" by RapmasterT · · Score: 3, Insightful

      Say what you will about the security or reliability of our current power grid, but it's got uptime measured in a whole shitload of 9's.

    3. Re:Maybe it's a bad idea to have a "smart grid" by Desler · · Score: 0

      There have been more than a dozen major power outages in the US since the 1960s. That's far from having even a single 9.

    4. Re:Maybe it's a bad idea to have a "smart grid" by mswhippingboy · · Score: 5, Informative

      "Smart grid" technologies should not to be confused with the power grid. The nation's power grid is in the hands of "transmission" companies which are, for the most part separate organizations from the "distribution" companies which deal with residential/commercial service delivery.

      Smart grid is the name given to technologies that provide advanced capabilities to these "last mile" customers.

      Cost savings can be had in a number of ways including the ability to read, turn-off or turn-on meters remotely without dispatching a truck, ability to provide customers wiht up-to-date usage, down to 5 minute intervals so they can track their usage patterns. Device manufacturers will also play in this arena offering "smart" appliances that can feed usage information back up the line to give an even more accurate picture of where the power you are using goes. Most likely, utilities will offer plans that reward you (with lower rates) if you manage your usage around peak periods. This in turn saves the utilites money because they can better manage and levelize power generation facilities.

      --
      Sometimes the light at the end of the tunnel is the headlight of an oncoming train.
    5. Re:Maybe it's a bad idea to have a "smart grid" by minorproblem · · Score: 1

      I work for a large electrical engineering company that develops technology that could be classified as smart gird technology. I think that the big game changer in the next 20 years is mainly going to be HVDC links using Voltage Source Conversion technology. This will allow a lot of low cost HVDC links to be constructed (this technology is perfect for offshore windfarms). Another technology that my company is involved in is Energy market management. So we run the servers that predict the loads from the network and also can predict future supply such as from power stations, stand by spinning loads, wind farms and solar stations (using weather data as input) using all these inputs the market can predict the wholesale price of power over the next 5 minute period. This combined with more HVDC links between networks will allow much more efficent power management from the generators perspective. This is the low hanging fruit of the next 20 years, and at the same time you will see consumer level optimisations as well such as smart meters etc.

    6. Re:Maybe it's a bad idea to have a "smart grid" by Tickety-boo · · Score: 1

      Smart grid is the name given to technologies that provide advanced capabilities to these "last mile" customers

      I think you are thinking of Advanced Metering (AMI). Smart Grid is the integration of Generation, Transmission, Distribution, Retail, and Consumer technologies.

      --
      Reading made Don Quixote a gentleman. Believing what he read made him mad.
    7. Re:Maybe it's a bad idea to have a "smart grid" by onionman · · Score: 1

      My primary concern is that most of the components for the U.S. "smart grid" are going to be manufactured overseas in countries which we (the U.S.) might have a conflict with in the next several decades. This will give potential adversaries ample opportunities to install backdoors and logic bombs in the components to bring down critical infrastructure in the event of a conflict. Without better control over the supply chain, I fail to see how the "smart grid" could ever be secure.

      Even the lowly residential meter needs to be secured since the generator controllers will be relying on information from those meters (I can imagine a scenario where several million residential meters simultaneous switch on or off causing havoc with the transmission network). Certainly the large industrial systems, generating facilities, and power routing stations should have high levels of security. That level of security isn't possible when you're purchasing all of your components overseas.

    8. Re:Maybe it's a bad idea to have a "smart grid" by Anonymous Coward · · Score: 0

      I have not heard of an entire grid going dead, just areas/zones within the grid. A single grid zone can/will definitely go down in modern day USA... Thankfully Tier 4s have multiple and separate grid connections, plus heavy duty diesel generators.

      I think it is very rare for a hydroelectric, coal, or nuclear plant to go dead and kill it's entire grid.

    9. Re:Maybe it's a bad idea to have a "smart grid" by MichaelKristopeit343 · · Score: 0
      welcome to the new slashdot... logically provable ignorance = the highest level of insight.

      slashdot = stagnated.

    10. Re:Maybe it's a bad idea to have a "smart grid" by mswhippingboy · · Score: 1

      You're right in that I'm primarily referring to AMI regarding the potential for security threats. However, while the term "smart grid" does encompass Generation and Transmission as well, these are not (and hopefully never will be) open to threats from hackers. The generation and transmission organizations take security to the extreme (e.g. not allowing ANY systems to connect to them) so the real threat potential is limited to distribution organizations. Even there however, companies are aware of the threats and security is a major concern that must be addressed prior to the implementation of AMI in any jurisdiction.

      --
      Sometimes the light at the end of the tunnel is the headlight of an oncoming train.
    11. Re:Maybe it's a bad idea to have a "smart grid" by Anonymous Coward · · Score: 0

      Shifting the goalposts.

    12. Re:Maybe it's a bad idea to have a "smart grid" by Orne · · Score: 1

      Well, the bulk electric system is designed to "one event in 10 years", which works out to about 99.95% uptime.

    13. Re:Maybe it's a bad idea to have a "smart grid" by Anonymous Coward · · Score: 1

      unless you've lived in the northeast over the last decade and suffered through DAYS of downtime... or anywhere else for that matter, unless you define "shitload" as "less than 6" as 99.9999% uptime allows for only 30 seconds of downtime per year... something no power company in the nation has universally achieved.

      The United States as 3 grids: The Western Interconnection; The Eastern Interconnection and the Electric Reliability Council of Texas grid. My google-fu turned up one quote that could maybe be used to corroborate your claims:

      One such was observed during a major breakdown in November 1965 in the eastern part of the nation. This catastrophe enveloped an area of more than 80,000 square miles, from New York to Massachusetts, merely on account of the failure of an automatic control device in Queenston, Ontario. A similarly massive failure occurred in the U.S. and Canada in August 2003, when a loss of 61,800 MW of electrical power resulted in a severe blackout in an area covering 50 million people.

      Northeast Blackout 1

      Northeast Blackout 2

      That particular grid was started ~1915, so I can't say that it indeed counts as "a whole shitload of 9s"; I can say that literally less than ~48hrs of total downtime out of ~840,960hrs of operation is spec-fucking-tacular, IMHO.

    14. Re:Maybe it's a bad idea to have a "smart grid" by Anonymous Coward · · Score: 0

      That is a good point.

      You need to build in the security, but also educate the people using the systems.

    15. Re:Maybe it's a bad idea to have a "smart grid" by Anonymous Coward · · Score: 0

      coal plants go down quite frequently. They are only available about 95% of the time. Users rarely see this because all of the other plants pick up the instantaneous load and extra capability is spinning. It is why the transmission grid exists.

    16. Re:Maybe it's a bad idea to have a "smart grid" by Anonymous Coward · · Score: 0

      your refusal to use absolute scientific terms in your absolute scientific claims is very telling. by your provided figures "shitload" = 4

      you're a hypocritically ignorant marketeer.

      go make your false claims while cowering in someone else's shadow.

      you're completely pathetic.

      This.

      Your lack of google-fu to provide a single link to support your claims leads you to unfounded personal attacks.

      My claims are that ~48hrs of downtime (that I could come up with using google to search for entire grid blackouts) stacked against ~840,000hrs of uptime is good. I even added the customary "In My Humble Opinion".

      What other scientific terms should I have used other than "grid", "hours", and "downtime"? You are the one that improperly used the term "grid", you lied and said it was down for "days" when a simple google search shows that to false.

      Sorry, I might actually be pathetic, for other reasons not displayed in this thread. However, your response speaks volumes about your knowledge and research capabilities...

    17. Re:Maybe it's a bad idea to have a "smart grid" by Tuoqui · · Score: 1

      No they wont. The only thing utilities are there for is to gouge you as much as they can before they become obsolete.

      Do you really think they have power savings on their mind when they install smart meters? No. They're using them to cut costs to improve profit, the price of electricity is just going to keep increasing because power companies can never ever run at a loss unless everyone cuts the power cord simultaneously.

      --
      09F911029D74E35BD84156C5635688C0
      +2 Troll is Slashdot's way of saying groupthink is confused
    18. Re:Maybe it's a bad idea to have a "smart grid" by plover · · Score: 1

      There have been more than a dozen major power outages in the US since the 1960s. That's far from having even a single 9.

      Then I don't think you understand the whole 9s concept. Uptime is referred to in terms of the percentage of time the resource is available. If a thing is there when you go to it half the time, its uptime is 50%. If the thing is there when you want it 999 times out of a thousand, its uptime is 99.9% That thing can be said to have "three nines" of uptime, because there are three nines in 99.9%.

      It's often easier to think of the resource in terms of how often it goes away. Five nines (99.999%) equates to just over five minutes per year of downtime. Six nines is only about 31 seconds of downtime per year. The more nines, the exponentially more reliable the thing is.

      The power grid in this country is extremely reliable. At my house, we lose power perhaps once per year, for just a few hours or so. I haven't measured, but I would estimate I have "five nines" of uptime.

      So now let's take any one of the major blackouts that you're talking about, and assign an average value of 24 hours of downtime for each incident. Let's further assign an average value of 25% of the country was impacted by each incident. You claimed there were more than a dozen. Let's call it 20 incidents from 1960 to today. Those estimates are deliberately high, but that's OK for this purpose. Now we just do the math.

      2011-1960 = 51 years, which is 51y * 365.25d/y * 24h/d = 447,066 hours.

      24 hours * 20 incidents = 480 hours of downtime incidents.

      480 is divided by the percent of the country affected, so 480 hours * 25% = 120 hours of downtime, total.

      1 - (120 / 447,066) = .999731, * 100% = 99.9731% uptime. That's at least three nines of uptime. To an entire country of over 300 million people!

      It's almost impossible to properly appreciate that level of reliability. I suggest spending some time in countries that have poor electrical grids, where rolling blackouts due to power shortages are scheduled daily.

      --
      John
    19. Re:Maybe it's a bad idea to have a "smart grid" by mswhippingboy · · Score: 1

      No they wont. The only thing utilities are there for is to gouge you as much as they can before they become obsolete.

      Do you really think they have power savings on their mind when they install smart meters? No. They're using them to cut costs to improve profit, the price of electricity is just going to keep increasing because power companies can never ever run at a loss unless everyone cuts the power cord simultaneously.

      This all depends on your local power utility. Some are investor owned (i.e. "for profit"), operating under a government issued "franchise", and many are publicly owned or cooperatives (i.e. "not for profit"). In either case, they are normally tightly controlled by the local PUC (Public Utilities Commission) which sets the allowable "profit margin". Therefore, these companies generally want to keep power consumption at a manageable level so that they don't have to invest in new mega-million generating plants.

      While I do think there are abuses that occur regularly, electric utilities are some of the most tightly regulated industries we have.

      --
      Sometimes the light at the end of the tunnel is the headlight of an oncoming train.
    20. Re:Maybe it's a bad idea to have a "smart grid" by Ungrounded+Lightning · · Score: 1

      Well, the bulk electric system is designed to "one event in 10 years", which works out to about 99.95% uptime.

      Depends on the duration of the event.

      --
      Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
    21. Re:Maybe it's a bad idea to have a "smart grid" by Ungrounded+Lightning · · Score: 1

      Say what you will about the security or reliability of our current power grid, but it's got uptime measured in a whole shitload of 9's.

      Funny you should mention that. I had an outage at my San Francisco Bay area townhouse just this morning. (While I was reading the electric bill. B-) ).

      I'm in "rotating outage block 50" - i.e. I don't get rotating outages because I'm on the same chunk of the grid with some essential services. Like the local City Hall, cop shop, and fire station (which also went down), serving several miles of the major commute routes for this side of the bay. And maybe the west coast air traffic control center, which is just a few blocks away.

      Of course the rural "vacation / retirement cabin" in Nevada has outages every month or so, often lengthly. Power there comes from the nearest substation via several tens of miles of elevated wiring (at an altitude of over a mile in the passes of the Sierras).

      --
      Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
    22. Re:Maybe it's a bad idea to have a "smart grid" by Anonymous Coward · · Score: 0

      it doesn't change the fact that you claimed the power grid's uptime rate had a "shitload of 9s" when the figures you've supplied suggest a 99.995% uptime rate... 4 9s... to you "shitload" = 4. your ability to put things in relative terms is questionable.

      considering my own power was disrupted for 5 minutes this week, and many homes across america have suffered WEEKS of downtime over several different massive outages over the past many decades, you're an ignorant hypocrite.

      why do you cower? what are you afraid of?

      you're com-fucking-pletely pathetic.

      Well, I'm afraid you don't understand what the power grid is. Your house, neighborhood, city, or even county is not the grid. You make spurious claims.

      I told you we in the USA have three, interconnected, power grids.

      You mad? Why you mad?

      How many 9s is a shitload to you? Do you know what kind of technology was around in the early 1900s? For seriously, 1915-2011... how many 9s does it take to get a "shitload" from Mr. MichaelKristopeit345?

    23. Re:Maybe it's a bad idea to have a "smart grid" by MichaelKristopeit349 · · Score: 0
      i'm afraid you haven't comprehended my plainly stated point YOUR DECLARATION THAT 4 UNITS CONSTITUTES A "SHITLOAD" OF UNITS IS IGNORANTLY FLAWED

      ur mum's face mad?

      a "shitload" is significantly more than 4.

      it only takes one idiot spouting "shitload" with ignorant hypocrisy to get me to point out their hypocritical ignorance.

      why do you cower? what are you afraid of?

      you're completely pathetic.

    24. Re:Maybe it's a bad idea to have a "smart grid" by plover · · Score: 1

      Holy crap, I just saw below that San Francisco has rolling blackouts, and that California still has occasional power emergencies! I live in one of those countries!

      See, there's one advantage to living in a flyover state. We still have adequate power.

      --
      John
    25. Re:Maybe it's a bad idea to have a "smart grid" by SHP · · Score: 1

      The US average annual interruption per customer is 1.36 hours. I think that is from 2008. That's 99.98% uptime. That number would obviously be a bit lower for, say, 2003, but it's a good general indicator of overall grid reliability.

    26. Re:Maybe it's a bad idea to have a "smart grid" by Anonymous Coward · · Score: 0

      i'm afraid you haven't comprehended my plainly stated point YOUR DECLARATION THAT 4 UNITS CONSTITUTES A "SHITLOAD" OF UNITS IS IGNORANTLY FLAWED

      ur mum's face mad?

      a "shitload" is significantly more than 4.

      it only takes one idiot spouting "shitload" with ignorant hypocrisy to get me to point out their hypocritical ignorance.

      why do you cower? what are you afraid of?

      you're completely pathetic.

      Yeah but apparently I like feeding trolls... Mr. MichaelKristopeit345... or is it 349? WHY DO YOU COWER? WHAT ARE YOU AFRAID OF?

    27. Re:Maybe it's a bad idea to have a "smart grid" by Anonymous Coward · · Score: 0

      However, while the term "smart grid" does encompass Generation and Transmission as well, these are not (and hopefully never will be) open to threats from hackers.

      Sure they could be. What about synchro-phasors?

    28. Re:Maybe it's a bad idea to have a "smart grid" by MichaelKristopeit349 · · Score: 0
      i am michael kristopeit.

      you are exactly what you've claimed to be: NOTHING.

      cower some more, feeb.

      you're completely pathetic.

    29. Re:Maybe it's a bad idea to have a "smart grid" by MichaelKristopeit349 · · Score: 0
      demonstrably false claims = the highest level of insightfulness

      slashdot = stagnated.

    30. Re:Maybe it's a bad idea to have a "smart grid" by MichaelKristopeit346 · · Score: 0
      the truth = troll

      slashdot = stagnated.

    31. Re:Maybe it's a bad idea to have a "smart grid" by seaton+carew · · Score: 2

      Maybe that is so in the US. In Europe, "Smart Grid" technology embodies the whole thing i.e. right the way up to transmission level.

      Power systems are highly interconnected and operate in real-time. There's relatively little economic benefit in just making the last mile "smart". The big wins come when the whole supply chain is smart, enabling real-time pricing, despatch, outage management, etc.

      Even if this technology starts out by being deployed at the last mile, it *will* end up influencing and/or controlling the higher level distribution and transmission systems. So it's important to get the security right at this stage. Otherwise we'll end up with millions of insecure nodes out there and no way to actually gain any genuine benefits from the technology.

      --

      As technology accumulates, the hatred between people tends to decrease. - Steven Pinker
    32. Re:Maybe it's a bad idea to have a "smart grid" by Anonymous Coward · · Score: 0

      i am michael kristopeit.

      you are exactly what you've claimed to be: NOTHING.

      cower some more, feeb.

      you're completely pathetic.

      No. I'm pretty sure you're just a troll. It became really obvious when you failed to produce any citations to back up your statements.

      I'll keep feeding you though, trolls amuse me.

    33. Re:Maybe it's a bad idea to have a "smart grid" by mswhippingboy · · Score: 1

      At a high level, Smart grid refers to the entire infrastructure here in the US as well. However, the the same level of automation does not apply to all levels.

      Most of this technology (aka AMI) applies to the last mile only and involves remote control of the meters. Obviously, there is reporting that crosses the transmission and generation systems that is used for planning, pricing and trading, but there is no danger of someone hacking a transmission system or generation facility and shutting it down because that capability does not (and hopefully never will) exist at that level. These facilities are highly secure and don't allow any connection to the outside world. There is simply no reason to have the ability to shut down a transmission or generation facility remotely, which is what scares most people.

      I agree, security at all levels, even the last mile is very important and any technology vendor that wants to play in this arena will have to provide secure systems. This is the case with the vendors I've worked with (Elster, Sensus, Itron) as all communications are heavily encrypted.

      --
      Sometimes the light at the end of the tunnel is the headlight of an oncoming train.
    34. Re:Maybe it's a bad idea to have a "smart grid" by Anonymous Coward · · Score: 0

      4 9s = shitload
      6 9s = fuckton
      1 michael kristopeit = asshat
      burma shave

    35. Re:Maybe it's a bad idea to have a "smart grid" by Anonymous Coward · · Score: 0

      uptime and security r 2 different things....

    36. Re:Maybe it's a bad idea to have a "smart grid" by MichaelKristopeit347 · · Score: 0
      ur mum's face're just a troll.

      you want citations for math? you're an idiot.

      cower some more, feeb.

      you're completely pathetic.

    37. Re:Maybe it's a bad idea to have a "smart grid" by MichaelKristopeit348 · · Score: 0
      ur mum's face = asshat

      cower some more, feeb.

      you're completely (0 9s) pathetic.

    38. Re:Maybe it's a bad idea to have a "smart grid" by Anonymous Coward · · Score: 0

      0 9s = 0% = not at all

      which is the opposite of completely (infinite 9s)

    39. Re:Maybe it's a bad idea to have a "smart grid" by Anonymous Coward · · Score: 0

      100% = 1 = 0.999... = infinite 9s
      lrn2calculus

      >trollface.jpg

    40. Re:Maybe it's a bad idea to have a "smart grid" by Anonymous Coward · · Score: 0

      for 0 values of completely

    41. Re:Maybe it's a bad idea to have a "smart grid" by RapmasterT · · Score: 1

      you want citations for math?

      hah! awesome.

  2. The smart grid by Scareduck · · Score: 0

    is about making people feel the capital costs needed at peak times. Currently this is not the case. I fail to see how this will make energy more affordable.

    --

    Dog is my co-pilot.

    1. Re:The smart grid by Anonymous Coward · · Score: 0

      Time of Use billing can potentially make the power cheaper if people shave the peak by putting low-priority loads off to non-peak times. The motivation for the consumer is that non-peak times will be cheaper power than peak times.

      The real difficulty I see is in the distribution operator calculating a "fair" set of ToU prices vs. the current flat-rate prices. For a non-profit utility, such as many smaller irrigation districts have, this is their goal: they're really looking to break even at the end of the day (clearly after all support costs are factored in), not to gouge customers.

      For profit-driven utilities this is not the case - they are driven by profit (and typically charge 15-20% more). They are the ones I would be concerned with as ToU billing goes forward.

      The power industry is not an easy one to exist in. In California 33% of power must come from renewable "Green" sources by 2020, and hydro doesn't count as "green." Guess what, "Green" power sources such as wind and solar are not anywhere near as reliable as traditional sources as they're very weather dependent. This means all "Green" power must be backed up somewhere with traditional power, so you still have all those operation costs just to have generators sitting idle.

      Folks selling "green" power want the biggest bang for their buck, so often their contracts are such that a utility must buy when the "green" generator can produce. This presents challenges in the power industry where you schedule a day ahead where you'll be buying from and for what costs. Plan to buy too much and then have a large amount of wind power that you're forced to buy under contract and now you're dumping your more expensive power for less than you've scheduled to buy it for the day before. Plan to buy too little (due to increased load or less than average wind power) and now you're having to buy or generate potentially more expensive power during the real-time market where most likely there is becoming a shortage causing prices to go up.

      Utilities don't get to pass any of this direct real-time cost on to the consumer which might make them think twice about running their A/C during peak loads. Utilities only get to pass on their average costs, and currently at a flat rate. But with ToU billing they can at least set it up so that traditionally peak times will have higher rates than non-peak. Customers who plan can benefit by shifting their load, which in turn reduces the peak which reduces the utilities more expensive power buying.

      In the end all customers either benefit or suffer depending on how well the rest of the customers are shaving the peak as it puts the utility in a better or worse financial position. ToU billing just helps to put more of the burden where it belongs, and if done fairly, is a good thing.

    2. Re:The smart grid by b0bby · · Score: 2

      is about making people feel the capital costs needed at peak times. Currently this is not the case. I fail to see how this will make energy more affordable.

      I'd think that, as people avoid the peak-priced energy, there should be a leveling of demand, which should reduce the need for more power plants in the longer term, controlling costs. Right now they need to build plants to meet a few peaks (around here, the hottest summer days). Pepco came and installed a thermostat for me which can turn off my central ac at peak times (I noticed it once last summer) and I get a little money back for being part of the program. If enough houses have these types of devices (and the smart grid would be much better than this) then power companies can better spread the load & avoid adding natural gas plants which are rarely used.

    3. Re:The smart grid by Nefarious+Wheel · · Score: 1

      is about making people feel the capital costs needed at peak times. Currently this is not the case. I fail to see how this will make energy more affordable.

      Actually that turns out not to be the case. The idea of the smart grid was two-fold; It provided a vehicle for upgrading infrastructure that hasn't been upgraded since it was built in (mostly) the middle of the last century, and by giving the generators more fine-grained knowledge of when to apply secondary generation facilities for peak load. The latter would provide sufficient savings to bankroll the entire project.

      Or at least that was the opinion of the 20 or so C-level energy execs we interviewed in 2009 when I wrote our company's smart grid report. The concept may have drifted since then (and I'll admit I'm out of touch, I no longer work for that company) but I don't think by that much.

      --
      Do not mock my vision of impractical footwear
    4. Re:The smart grid by plover · · Score: 1

      It's not about making energy affordable. It's about modifying demand by holding consumers accountable.

      There is no effort to build new power plants in this country. We're not adding new coal plants, because they pollute. We're not adding new nuclear plants, because we don't know how to handle nuclear waste. We're not building new dams, because we might kill an endangered fish, or wreck some historic valley. At most, we're adding tiny little windmills and tidal generators and solar farms that have no practical chance of keeping up with the growth of the population. As things stand today, we're in a bind.

      So if we can't figure out how to build more generating capacity, our options are to either restrict growth, improve efficiency, or curb demand.

      Restricting growth is not a realistic option. Improving efficiency is. The utilities do what they can from a generating standpoint to try to squeeze every watt from every therm they produce. They encourage us to improve efficiency economically, through rebates for replacing inefficient devices with energy star devices. And they curb demand by raising rates.

      Because electrical plants have a finite capacity, as the plants reach their peak of production the utilities have one more trick. They fire up auxiliary generators to supply additional power to the grid. These are diesel or natural gas generating plants, often owned by large businesses as disaster recovery generators. They are very, very expensive to fuel and run. This only happens at times of peak demand, but the cost of peak generation is about ten times that of regular generation. The smart grid will allow utilities to charge higher rates to consumers during peak times, in order to encourage energy saving during peak times.

      The smart grid can pass that information to consumer appliances. The grid can tell your dryer that "peak pricing is from 3:00 PM until 8:00 PM." Your dryer can then tell you "if you dry them now it will cost $3, but if you wait until 8 PM it will only cost $0.15." Or if you hit the "cheap" button, it will automatically delay operation until the peak period has ended.

      Today we all pay peak rates 24x7, for everything. The peak charges are amortized across all the electricity we buy. The smart grid will let them keep from raising the prices for non-peak electricity. And it puts the information in your hands so you can make the decision.

      --
      John
  3. Wow I'm amazed. by Anonymous Coward · · Score: 0

    Wow a book review that isn't a shill review from Packt Publishing. I'm amazed. Was Packt late on its last check to CmdrTaco?

    1. Re:Wow I'm amazed. by RapmasterT · · Score: 1

      Maybe someone needs to check CmdrTaco's apartment.

  4. We know the stupid grid... by digitaldc · · Score: 0

    ...which is burning stuff with huge inefficiency and high cost, and ruining our environment and our standing in the world with unnecessary wars in the process.

    Green, renewable energy is LONG overdue.

    --
    He who knows best knows how little he knows. - Thomas Jefferson
    1. Re:We know the stupid grid... by Anonymous Coward · · Score: 0

      wow, consspriacy theory.

    2. Re:We know the stupid grid... by Anonymous Coward · · Score: 0

      wat u bin smokin?

  5. We're too stuck in the now by Anonymous Coward · · Score: 0

    I often feel the reason we don't really make a push towards green energy is simply because we look at the situation at hand rather than the situation two or three years ahead. Yeah, right now it might still cost more this year to upgrade buy a vehicle that gets 50mpg city and highway, and can haul everything you use the truck / suv for today.

    It might cost more to install solar panels and central air and high-efficiency appliances ( even with the tax credit ) than it does to continue paying the electric / gas company or get another storage tank full of kerosene for the oil stove.

    It might cost more to eat healthy than it does to eat unhealthy.

    If we thought about the future instead of instant gratification, the world would be a better place.

    captcha: smothers

  6. C'mon people - "Smart Grid" != "Power Grid" by mswhippingboy · · Score: 1

    Smart grid has nothing to do with the power grid (as in the nation's power grid / infrastructure). This has only to do with the "last mile" customers and making information available to customers to help them and the power companies better manage usage.
    While there are security implications, these are limited to maybe a hacker getting in and shutting down a bunch of meters or generally being a nuisance to customers and the power company.

    --
    Sometimes the light at the end of the tunnel is the headlight of an oncoming train.
    1. Re:C'mon people - "Smart Grid" != "Power Grid" by Yold · · Score: 0

      Ummm.... no

      http://www.technologyreview.com/energy/26472/?p1=A1 (How to hack the energy grid for fun and profit)

    2. Re:C'mon people - "Smart Grid" != "Power Grid" by mswhippingboy · · Score: 2

      Ummm.. no. The article you reference is bullshit.

      This guy is just spreading FUD. Typical academia crap that seems to think - "Oh geez, I wonder if those guys with decades of experience in the power distribution business ever thought of this?" It may be hard to believe, but sometimes the smartest people work in the business sector and not in education. As the old saying goes, "those than can, do; those that can't, teach".

      I've been working with AMI (aka smart grid) for years now and am in fact right now in the middle of a rollout of a pilot to a major US city. This technology is only currently being used in the last mile (which, yes, includes substations - but is not considered part of the "power grid" in the sense that it's being discussed here). The nation's power grid is managed by legally separate "transmission" companies (not "distribution" companies like your local utility).
      The infrastructure in the transmission world is far more secure and it will be a long time (if ever) before the transmission companies allow their systems to be connected to any outside entities due to the potential threats.

      --
      Sometimes the light at the end of the tunnel is the headlight of an oncoming train.
    3. Re:C'mon people - "Smart Grid" != "Power Grid" by commodore64_love · · Score: 0

      No you are spouting bullshit. "Smart grid" is about meters for the customer. True. But it is ALSO about giving the company control to do rolling blackouts during peak times, or lowering the temperature during peak times. How do I know? It's already happening.

      Some smart gird technologies also include high-speed internet (although it is atypical). That's both good and bad. Good for the internet access, but bad for Shortwave, AM, FM/HD Radio, and VHF TV customers since they generate spurious noise that interfere with reception.

      --
      "I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
    4. Re:C'mon people - "Smart Grid" != "Power Grid" by mswhippingboy · · Score: 1

      But it is ALSO about giving the company control to do rolling blackouts during peak times, or lowering the temperature during peak times. How do I know? It's already happening.

      More FUD. Rolling blackouts have been going on for years. The utilities don't need smart meters for that. They may choose to perform blackouts using smart meters, but it simply allows them to do what they are already doing at a more fine grained level. Now exactly how is the utility "lowering the temperature during peak times" unless you have a thermostat that you put in your house and given the utility the ability to control it? Do you think the utilities are releasing little gremlims to go around adjusting your thermostat? Get real.
      High speed internet (I assume by this you mean IP over powerline technology) has nothing to do with "smart grid", even if it is offered by your utility, that's a separate, unrelated issue. Most smart meters communicate via microwave, cell phone technologies, or via RF using a repeater-collector scheme. IP over powerlines has always proven to be difficult to reliably operate, although that may well change in the near future.

      --
      Sometimes the light at the end of the tunnel is the headlight of an oncoming train.
    5. Re:C'mon people - "Smart Grid" != "Power Grid" by Golddess · · Score: 1

      Now exactly how is the utility "lowering the temperature during peak times" unless you have a thermostat that you put in your house and given the utility the ability to control it?

      That does seem to be how BGE Peak Rewards operates, yes. But even without it, if they can cut power to individual appliances (say, the AC or furnace), that too could alter the temperature without ever needing to touch the thermostat dial.

      --
      "I'm not sure I like the fugnutish tone you used in your post!" -RogL (608926)-
    6. Re:C'mon people - "Smart Grid" != "Power Grid" by commodore64_love · · Score: 1

      >>>Now exactly how is the utility "lowering the temperature during peak times" unless you have a thermostat that you put in your house and given the utility the ability to control it?
      >>>

      That's why it's called a SMART meter.
      It can be controlled remotely.
      The company can adjust the temperature.

      --
      "I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
    7. Re:C'mon people - "Smart Grid" != "Power Grid" by mswhippingboy · · Score: 1

      I think you are missing my point. A smart meter is just that - a meter - the thing that sits outside your house with the numbers spinning on it.

      The power company can close the switch (giving your house power) or open the switch (turning off the power to your house), or it can obtain the current consumption and/or demand readings and use it for billing and/or load management. It can't change your thermostat. This is not to say that you can't install a thermostat in your house, tie it in to your smart meter and give your power company the authority to adjust it - but it does imply that you are choosing to give that authority to them - usually in return for a lower per kWH rate.

      --
      Sometimes the light at the end of the tunnel is the headlight of an oncoming train.
    8. Re:C'mon people - "Smart Grid" != "Power Grid" by commodore64_love · · Score: 1

      Oh I see.
      You're being pedantic with the word "meter". Stop it. When BGE offered to install "smart metering" in my home it wasn't JUST the meter. It also included an upgrade of the thermostat which could record my temperature, report the results to BGE, and even give BGE control to adjust it up or down. Smart metering is an all-inclusive term just like "PC" or "Mac" is inclusive of both the actual hardware AND the software (windows and OS X).

      --
      "I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
    9. Re:C'mon people - "Smart Grid" != "Power Grid" by mswhippingboy · · Score: 1

      Sorry, I wasn't trying to be pedantic but your post implied (at least that's how I read it) that somehow BGE was nefariously altering thermostats against peoples' will or without their knowledge. The fact is you are agreeing to allow them to do this for (I assume) some discount in your kWH rate or some other perk. The term "Smart Grid" does encompass all things related to it, but it's not an all or nothing proposition. Your utility can offer only smart metering (with nothing else included), or it can offer a set of features (thermostat, hot water heater, etc.) all the way to full home automation, but (I don't think) it can force this down your throat or do it without your consent. That was my point.

      --
      Sometimes the light at the end of the tunnel is the headlight of an oncoming train.
    10. Re:C'mon people - "Smart Grid" != "Power Grid" by commodore64_love · · Score: 1

      >>>(I don't think) it can force this down your throat

      Not yet, no. But time will tell. If Congress can force me to buy hospital insurance that I don't want (I pay cash), then they can also force me to accept external control (either by BGE or the USC) of my thermostat.

      --
      "I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
  7. Too bad they can't contend with the biggest threat by dkleinsc · · Score: 2

    Skimping on line and generator maintenance in an attempt to boost profits, but which knocks out power for a significant section of the Northeast US and Canada when the chickens come home to roost. (All completely hypothetical, of course)

    --
    I am officially gone from /. Long live http://www.soylentnews.com/
  8. Oh no! by sunking2 · · Score: 1

    I'd be ticked if someone were to remotely keep my coffee maker from turning on in the morning! The horror!

  9. Securing The Stupid Grid ! by Anonymous Coward · · Score: 0

    Delete all Crapware.

    Yours In Vancouver,
    Kilgore Trout, C.I.O.

  10. Generic security info by losttoy · · Score: 2

    "In chapter 1, the authors note that a smart grid is not a single device, application, system network, or even idea. And that there is no single authoritative definition for what a smart grid is. With that, the initial chapter sets and defines the various aspects to smart grid."

    Read - we took generic security concepts and replaced "computer network" with "smart grid" in the text.

    As someone who has worked for a successful smart grid company, there is very little known outside of these start-ups about how smart grids work. Most talks you see around *smart grid* security at blackhat or defcon are centered around decade old meters and technology. Those are ancient!

    1. Re:Generic security info by Anonymous Coward · · Score: 0

      So the first chapter is basic intro, what wrong with that? many books do chapter 1-3 to get the basic/fundamental ideas down.

    2. Re:Generic security info by Anonymous Coward · · Score: 0

      so what?

  11. I've never understood by sxltrex · · Score: 3, Interesting

    As someone who has worked on distribution automation for a large electric utility for the past 13 years, I've never understood the fascination with the cyber aspect of securing the grid. It would be far easier to cause a major outage with a 4x4 truck and a few pounds of high explosive, yet I don't recall a single attack of any type against a transmission tower anywhere in the U.S.. As for intercepting and deciphering meter data (a truly non-trivial task), it would be far easier for thieves to simply watch the houses in a given neighborhood, a la Home Alone.

    The residential meters do have disconnect capability, but by design this functionality ignores broadcasts. Therefore a hacker could only affect a single residence at a time, and even then only if they knew the encrypted disconnect command. An insider attack is the only real threat, and that is not addressed here.

    1. Re:I've never understood by Anonymous Coward · · Score: 0

      One of the substations i have worked on in the past comes under attack all the time, some yokels climb under the fence with a hack saw and cut off the earth tape with a hack saw...

    2. Re:I've never understood by odin84gk · · Score: 1

      The fascination is based on an attack with X country. If they knew of a crippling zero-day exploit (For example, a "recloser- Open" command, or a "MV Switch ON/OFF" command), they could theoretically disable portions of the grid from the safety of their own home.

      Heaven forbid they can download custom firmware. Then they could tell every Smart Car Charger to charge their electric automobiles at the same time. Think about it. A neighborhood full of electric cars charging at the same time. Makes most utility guys cringe just thinking about it.

    3. Re:I've never understood by Orne · · Score: 1

      Yeah, but the utility companies are paid to design the network to handle the worst-case load scenario. It's the one thing they are totally allowed to pass the cost on to the consumers .. reliability. If the whole neighborhood upgrades to electric vehicles, the distribution company puts in a larger transformer and ups their rates.

    4. Re:I've never understood by Dare+nMc · · Score: 1

      > As for intercepting and deciphering meter data (a truly non-trivial task), it would be far easier for thieves to simply watch the houses in a given neighborhood
      Your assuming some security that's not likely there, the point of the article, it need to be done right for that to remain true. Power lines are un-shielded so intercepting it is as simple as a small antenna. These systems also currently work by having a reader download what is stored in all meters for a building/neighborhood on demand (trust me the data will not be deleted on read, too easy to lose your usage.) So once the system is cracked, a attacker could walk up to a apartment building, or entire block with a Laptop, download the history for a month for all apartments in the building in less than a second, and have a analysis program that tells him immediately which apartments are empty and for how long, and of them which have the most smart devices...

    5. Re:I've never understood by jeffstar · · Score: 1

      the idea is that the cars will be smart grid enabled and only charge when you aren't running the dishwasher and the dryer and the oven and 3kw of lighting already, thereby maximizing the use of the existing infrastructure's capability.

    6. Re:I've never understood by goudan · · Score: 1

      They named these shoes Fools cheap jordans for sale air max 1 Gold, perhaps because bright yellow color, contains these sneakers. Thi s yellow on the insole, lining, side Nike Air Max 95 uk panels and displays in front of shoe with a very distinctive look. Besides this color, a shade of brown field and pulling at the neck found, while the dark brown hues and Nike logo on the sides. This sneaker also has a black rubber washers and heel tab, with the logo of Nike Air. This shoe is designed with a midsole with gray and black cloud over it.

    7. Re:I've never understood by atengyuer · · Score: 1

      yes.i agree with you really.

      --
      Thomas Sabo shop
  12. zombies by cab15625 · · Score: 1

    Will it stay on after the zombie apocalypse? Stupid context, but seriously, if the smart grid is going to be able to talk to my fridge and potentially let some hacker melt my icecream, that means it will have a lot of complexity to it. With that level of complexity (and invested time/money) it damn well better stay on for a bit if it has to be left unattended.

    1. Re:zombies by jnpcl · · Score: 0

      Best not to use electronic locks for your stronghold/bunker/panic room, then.

    2. Re:zombies by Anonymous Coward · · Score: 0

      Not exactly sure of the point of your comment please xplain....

    3. Re:zombies by Anonymous Coward · · Score: 0

      what is a zombie?

  13. Re:Too bad they can't contend with the biggest thr by Anonymous Coward · · Score: 1

    Enter FERC/NERC which then mandates and fines utilities for not doing the right thing. The bad thing is this puts a burden on utilities already doing the right thing as they now have to deal with NERC audits. In the end, it's they way to go, but it would have been better of the power industry policed itself (but responsibility without authority is pointless, which is where FERC authority to fine millions per day gives NERC the ability to carry out this responsibility).

  14. Review of book, not commentary on Smart Grid by TXISDude · · Score: 1

    Trying to avoid getting off-topic and digressing into yet another diatribe on Smart-Grid technologies and focusing on the content of the book. . . This is a good introductory book on the topic. Not very deep, nor will you find the technical details on the wide range of technologies, but then again - the technical details of Smart Grid technologies would fill thousands of pages and the discussion of all the security implications, thousands more. So, this book is a good 50,000 foot view, and it fills a void as I know of no other general introductory text. I agree with some of the comments, that the actual analysis is a bit weak, that at times it seems like they just substitute "smart grid" for "network" before security and do mass replace function. And, in reality, this will not be the path to securing this technology, as it has different purposes and characteristics than a standard TCP/IP network. That said, it is still a decent book and worth the read if you want to learn about the ideas behind the new technologies coming to us like a out of control freight train. Mandatory Disclaimer: I am not, nor do I know the authors. I have read the book (cover to cover) and bought several for people on my Smart Grid team.

    --
    Hope is the worst of evils, for it prolongs the torment of man. -- Friedrich Nietzsche
    1. Re:Review of book, not commentary on Smart Grid by Anonymous Coward · · Score: 0

      TXISDude, you are the first person to focus on the book and not the topic. Thank you!!

    2. Re:Review of book, not commentary on Smart Grid by Anonymous Coward · · Score: 0

      wow.....over 70 comments, and not a single one about the book.

      hey...thats the /.way. :)

  15. Playing the security theatre card.... by Anonymous Coward · · Score: 0

    On a system that has up time metrics to give your organization's sysadmin a hard-on while he desperately tries to deceive you with network downtime metrics hidden behind routine maintenance and such kinda doesn't make any sense.

    Real security is achieved only with constant hard questions with regards to cost/risk analysis and lots of critical thinking. And in my experience some of the cheapest ideas are some of the best.

    Utilities don't need this crap, and they don't even actually need metering to ensure their utility, they just work. And if they didn't work, you can be sure that would be remedied, immediately.

  16. Already out of date. by Anonymous Coward · · Score: 0

    Too bad that regulatory and security considerations change so rapidly that the book is probably already out of date.