Securing the Smart Grid

brothke writes "Securing the Smart Grid: Next Generation Power Grid Security, authors Tony Flick and Justin Morehouse provide a comprehensive and first-rate overview of smart grid technology and what is needed to ensure that it is developed and deployed in a secure and safe manner. An issue is that smart grid has significant amount of hype around it, including the promise that it will make energy more affordable, effective and green. With that, promises around security and privacy are often hard to obtain." Read on for the rest of Ben's review. Securing the Smart Grid: Next Generation Power Grid Security author Tony Flick and Justin Morehouse pages 320 publisher Syngress rating 9/10 reviewer Ben Rothke ISBN 1597495700 summary Excellent overview on smart grid technology and its related security, privacy and regulatory issues While the books notes early on that there is no singular definition of what defines smart grid, a generally accepted definition is that it is a "network of technologies providing real-time two-way communication that delivering electricity from utilities to consumers".

Most importantly, it is crucial to understand that the smart grid is an evolving environment, not a single entity or technology.

As important as the smart grid and security is, roughly 80% of Americans claim to know little or nothing about the smart grid, while 76% lack knowledge or understanding of smart meters, according to results of the latest Market Strategies International E2 Study.

From a security perspective, securing the smart grid is a complex endeavor. When you combined this with a public that is oblivious to the security and privacy issues, it gets worrisome quite fast.

The books 14 chapters provide a good overview of the various aspects of smart grid, energy and utility transmission, security, privacy attack vectors and more. The book offers a good balance of the topics, in a very readable format.

In chapter 1, the authors note that a smart grid is not a single device, application, system network, or even idea. And that there is no single authoritative definition for what a smart grid is. With that, the initial chapter sets and defines the various aspects to smart grid.

Chapter 2 provides an overview of the threats and impacts of smart metering at the consumer level. A large part of smart grid technologies is advanced metering infrastructure (AMI), which is a set of systems that measure, collect and analyze energy usage, and interact with advanced devices such as electricity meters, gas meters, heat meters, and water meters, through various communication media. Once smart grid is ubiquitous, AMI will be a hacker's platform of choice.

With all those benefits of AMI come security and privacy issues, and those open the metering infrastructure to smart thieves, stalkers, and a broad range of other threats and attacks. AMI also opens up a new set of privacy issues in that the AMI devices will be collecting significant amounts of personal energy data, which may or may not be transmitted over a secure channel.

Unfortunately, leaving security to vendors of home-based products has traditionally not been met with much success. Let's hope the smart grid vendors learn from the security debacles of the past and build effective and strong security into their products.

Chapter 4 notes that smart grid security is a matter of national security and that the US government is playing a large role in directing the effort. Numerous groups have efforts in place to secure smart grids, including DOE, FERC, DoC, DHS and more.

An important group working on this is the NIST Cyber Security Working Group (CSWG). The primary goal of the CSWG is to develop an overall cyber security strategy for the smart grid that includes a risk mitigation strategy to ensure interoperability of solutions across different domains/components of the infrastructure. This strategy addresses prevention, detection, response, and recovery.

The CSWG recently created NISTIR 7628 — Guidelines for Smart Grid Cyber Security, which complement everything detailed in this book. It also has the added benefit of being free. At 577 pages, it is also much more comprehensive.

Chapter 11 is especially fascinating, which deals with the topic of social networks and smart grid. While smart grid can leverage the power of social networking, it is inevitable that people will start tweeting about their energy usage. While that energy data may seem like an innocuous tweet, that information can be used to determine if the people are at home, on vacation, using specific appliances, etc.

For example, the Lyceum is the oldest building on the University of Mississippi campus. The Lyceum also has a twitter feed about its energy usage. While this is more informational, when individuals start sharing their energy usage, without effective social media controls, the security outcome is quite predictable. With that level of information disclosure, it is quite easy to determine if a family is home, not home, sleeping, entertaining guests, etc.

As to users who in the future will integrate tweets and other energy data into their social networking, the chapter illustrates how much of a security risk this can pose by detailing vampire energy cost estimates for over 75 different types of electronic products. Attackers can use the energy data and extrapolate what products are in use, when, and more.

The chapter concludes with a smart grid social networking security checklist. The smart grid social networking security checklist contains five categories for implementing basic security controls, name around: identity, authentication, information sharing, networking and usage.

The book also includes a number of sidebar Epic Fail stories, which detail major failures and catastrophes in various energy topics.

Overall, Securing the Smart Grid: Next Generation Power Grid Security provides an excellent overview on the state of smart grid technology and its related security, privacy and regulatory issues. The book provides an excellent introduction for anyone looking to understand what smart grid is all about, and its security and privacy issues.

You can purchase Securing the Smart Grid: Next Generation Power Grid Security from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Maybe it's a bad idea to have a "smart grid"

[Animats]

From a security perspective, securing the smart grid is a complex endeavor. When you combined this with a public that is oblivious to the security and privacy issues, it gets worrisome quite fast.

If residential end users have to worry about the security of the power grid, the "smart grid" is a bad idea.

Re:Maybe it's a bad idea to have a "smart grid"

[RapmasterT]

Say what you will about the security or reliability of our current power grid, but it's got uptime measured in a whole shitload of 9's.

Re:Maybe it's a bad idea to have a "smart grid"

[mswhippingboy]

"Smart grid" technologies should not to be confused with the power grid. The nation's power grid is in the hands of "transmission" companies which are, for the most part separate organizations from the "distribution" companies which deal with residential/commercial service delivery.

Smart grid is the name given to technologies that provide advanced capabilities to these "last mile" customers.

Cost savings can be had in a number of ways including the ability to read, turn-off or turn-on meters remotely without dispatching a truck, ability to provide customers wiht up-to-date usage, down to 5 minute intervals so they can track their usage patterns. Device manufacturers will also play in this arena offering "smart" appliances that can feed usage information back up the line to give an even more accurate picture of where the power you are using goes. Most likely, utilities will offer plans that reward you (with lower rates) if you manage your usage around peak periods. This in turn saves the utilites money because they can better manage and levelize power generation facilities.

Re:Maybe it's a bad idea to have a "smart grid"

[minorproblem]

I work for a large electrical engineering company that develops technology that could be classified as smart gird technology. I think that the big game changer in the next 20 years is mainly going to be HVDC links using Voltage Source Conversion technology. This will allow a lot of low cost HVDC links to be constructed (this technology is perfect for offshore windfarms). Another technology that my company is involved in is Energy market management. So we run the servers that predict the loads from the network and also can predict future supply such as from power stations, stand by spinning loads, wind farms and solar stations (using weather data as input) using all these inputs the market can predict the wholesale price of power over the next 5 minute period. This combined with more HVDC links between networks will allow much more efficent power management from the generators perspective. This is the low hanging fruit of the next 20 years, and at the same time you will see consumer level optimisations as well such as smart meters etc.

Re:Maybe it's a bad idea to have a "smart grid"

[Tickety-boo]

Smart grid is the name given to technologies that provide advanced capabilities to these "last mile" customers

I think you are thinking of Advanced Metering (AMI). Smart Grid is the integration of Generation, Transmission, Distribution, Retail, and Consumer technologies.

Re:Maybe it's a bad idea to have a "smart grid"

[onionman]

My primary concern is that most of the components for the U.S. "smart grid" are going to be manufactured overseas in countries which we (the U.S.) might have a conflict with in the next several decades. This will give potential adversaries ample opportunities to install backdoors and logic bombs in the components to bring down critical infrastructure in the event of a conflict. Without better control over the supply chain, I fail to see how the "smart grid" could ever be secure.

Even the lowly residential meter needs to be secured since the generator controllers will be relying on information from those meters (I can imagine a scenario where several million residential meters simultaneous switch on or off causing havoc with the transmission network). Certainly the large industrial systems, generating facilities, and power routing stations should have high levels of security. That level of security isn't possible when you're purchasing all of your components overseas.

Re:Maybe it's a bad idea to have a "smart grid"

[mswhippingboy]

You're right in that I'm primarily referring to AMI regarding the potential for security threats. However, while the term "smart grid" does encompass Generation and Transmission as well, these are not (and hopefully never will be) open to threats from hackers. The generation and transmission organizations take security to the extreme (e.g. not allowing ANY systems to connect to them) so the real threat potential is limited to distribution organizations. Even there however, companies are aware of the threats and security is a major concern that must be addressed prior to the implementation of AMI in any jurisdiction.

Re:Maybe it's a bad idea to have a "smart grid"

[Orne]

Well, the bulk electric system is designed to "one event in 10 years", which works out to about 99.95% uptime.

Re:Maybe it's a bad idea to have a "smart grid"

unless you've lived in the northeast over the last decade and suffered through DAYS of downtime... or anywhere else for that matter, unless you define "shitload" as "less than 6" as 99.9999% uptime allows for only 30 seconds of downtime per year... something no power company in the nation has universally achieved.

The United States as 3 grids: The Western Interconnection; The Eastern Interconnection and the Electric Reliability Council of Texas grid. My google-fu turned up one quote that could maybe be used to corroborate your claims:

One such was observed during a major breakdown in November 1965 in the eastern part of the nation. This catastrophe enveloped an area of more than 80,000 square miles, from New York to Massachusetts, merely on account of the failure of an automatic control device in Queenston, Ontario. A similarly massive failure occurred in the U.S. and Canada in August 2003, when a loss of 61,800 MW of electrical power resulted in a severe blackout in an area covering 50 million people.

Northeast Blackout 1

Northeast Blackout 2

That particular grid was started ~1915, so I can't say that it indeed counts as "a whole shitload of 9s"; I can say that literally less than ~48hrs of total downtime out of ~840,960hrs of operation is spec-fucking-tacular, IMHO.

Re:Maybe it's a bad idea to have a "smart grid"

[Tuoqui]

No they wont. The only thing utilities are there for is to gouge you as much as they can before they become obsolete.

Do you really think they have power savings on their mind when they install smart meters? No. They're using them to cut costs to improve profit, the price of electricity is just going to keep increasing because power companies can never ever run at a loss unless everyone cuts the power cord simultaneously.

Re:Maybe it's a bad idea to have a "smart grid"

[plover]

There have been more than a dozen major power outages in the US since the 1960s. That's far from having even a single 9.

Then I don't think you understand the whole 9s concept. Uptime is referred to in terms of the percentage of time the resource is available. If a thing is there when you go to it half the time, its uptime is 50%. If the thing is there when you want it 999 times out of a thousand, its uptime is 99.9% That thing can be said to have "three nines" of uptime, because there are three nines in 99.9%.

It's often easier to think of the resource in terms of how often it goes away. Five nines (99.999%) equates to just over five minutes per year of downtime. Six nines is only about 31 seconds of downtime per year. The more nines, the exponentially more reliable the thing is.

The power grid in this country is extremely reliable. At my house, we lose power perhaps once per year, for just a few hours or so. I haven't measured, but I would estimate I have "five nines" of uptime.

So now let's take any one of the major blackouts that you're talking about, and assign an average value of 24 hours of downtime for each incident. Let's further assign an average value of 25% of the country was impacted by each incident. You claimed there were more than a dozen. Let's call it 20 incidents from 1960 to today. Those estimates are deliberately high, but that's OK for this purpose. Now we just do the math.

2011-1960 = 51 years, which is 51y * 365.25d/y * 24h/d = 447,066 hours.

24 hours * 20 incidents = 480 hours of downtime incidents.

480 is divided by the percent of the country affected, so 480 hours * 25% = 120 hours of downtime, total.

1 - (120 / 447,066) = .999731, * 100% = 99.9731% uptime. That's at least three nines of uptime. To an entire country of over 300 million people!

It's almost impossible to properly appreciate that level of reliability. I suggest spending some time in countries that have poor electrical grids, where rolling blackouts due to power shortages are scheduled daily.

Re:Maybe it's a bad idea to have a "smart grid"

[mswhippingboy]

No they wont. The only thing utilities are there for is to gouge you as much as they can before they become obsolete.

Do you really think they have power savings on their mind when they install smart meters? No. They're using them to cut costs to improve profit, the price of electricity is just going to keep increasing because power companies can never ever run at a loss unless everyone cuts the power cord simultaneously.

This all depends on your local power utility. Some are investor owned (i.e. "for profit"), operating under a government issued "franchise", and many are publicly owned or cooperatives (i.e. "not for profit"). In either case, they are normally tightly controlled by the local PUC (Public Utilities Commission) which sets the allowable "profit margin". Therefore, these companies generally want to keep power consumption at a manageable level so that they don't have to invest in new mega-million generating plants.

While I do think there are abuses that occur regularly, electric utilities are some of the most tightly regulated industries we have.

Re:Maybe it's a bad idea to have a "smart grid"

[Ungrounded+Lightning]

Well, the bulk electric system is designed to "one event in 10 years", which works out to about 99.95% uptime.

Depends on the duration of the event.

Re:Maybe it's a bad idea to have a "smart grid"

[Ungrounded+Lightning]

Say what you will about the security or reliability of our current power grid, but it's got uptime measured in a whole shitload of 9's.

Funny you should mention that. I had an outage at my San Francisco Bay area townhouse just this morning. (While I was reading the electric bill. B-) ).

I'm in "rotating outage block 50" - i.e. I don't get rotating outages because I'm on the same chunk of the grid with some essential services. Like the local City Hall, cop shop, and fire station (which also went down), serving several miles of the major commute routes for this side of the bay. And maybe the west coast air traffic control center, which is just a few blocks away.

Of course the rural "vacation / retirement cabin" in Nevada has outages every month or so, often lengthly. Power there comes from the nearest substation via several tens of miles of elevated wiring (at an altitude of over a mile in the passes of the Sierras).

Re:Maybe it's a bad idea to have a "smart grid"

[plover]

Holy crap, I just saw below that San Francisco has rolling blackouts, and that California still has occasional power emergencies! I live in one of those countries!

See, there's one advantage to living in a flyover state. We still have adequate power.

Re:Maybe it's a bad idea to have a "smart grid"

[SHP]

The US average annual interruption per customer is 1.36 hours. I think that is from 2008. That's 99.98% uptime. That number would obviously be a bit lower for, say, 2003, but it's a good general indicator of overall grid reliability.

Re:Maybe it's a bad idea to have a "smart grid"

[seaton+carew]

Maybe that is so in the US. In Europe, "Smart Grid" technology embodies the whole thing i.e. right the way up to transmission level.

Power systems are highly interconnected and operate in real-time. There's relatively little economic benefit in just making the last mile "smart". The big wins come when the whole supply chain is smart, enabling real-time pricing, despatch, outage management, etc.

Even if this technology starts out by being deployed at the last mile, it *will* end up influencing and/or controlling the higher level distribution and transmission systems. So it's important to get the security right at this stage. Otherwise we'll end up with millions of insecure nodes out there and no way to actually gain any genuine benefits from the technology.

Re:Maybe it's a bad idea to have a "smart grid"

[mswhippingboy]

At a high level, Smart grid refers to the entire infrastructure here in the US as well. However, the the same level of automation does not apply to all levels.

Most of this technology (aka AMI) applies to the last mile only and involves remote control of the meters. Obviously, there is reporting that crosses the transmission and generation systems that is used for planning, pricing and trading, but there is no danger of someone hacking a transmission system or generation facility and shutting it down because that capability does not (and hopefully never will) exist at that level. These facilities are highly secure and don't allow any connection to the outside world. There is simply no reason to have the ability to shut down a transmission or generation facility remotely, which is what scares most people.

I agree, security at all levels, even the last mile is very important and any technology vendor that wants to play in this arena will have to provide secure systems. This is the case with the vendors I've worked with (Elster, Sensus, Itron) as all communications are heavily encrypted.

Re:Maybe it's a bad idea to have a "smart grid"

[RapmasterT]

you want citations for math?

hah! awesome.

Re:Wow I'm amazed.

[RapmasterT]

Maybe someone needs to check CmdrTaco's apartment.

C'mon people - "Smart Grid" != "Power Grid"

[mswhippingboy]

Smart grid has nothing to do with the power grid (as in the nation's power grid / infrastructure). This has only to do with the "last mile" customers and making information available to customers to help them and the power companies better manage usage.
While there are security implications, these are limited to maybe a hacker getting in and shutting down a bunch of meters or generally being a nuisance to customers and the power company.

Re:C'mon people - "Smart Grid" != "Power Grid"

[mswhippingboy]

Ummm.. no. The article you reference is bullshit.

This guy is just spreading FUD. Typical academia crap that seems to think - "Oh geez, I wonder if those guys with decades of experience in the power distribution business ever thought of this?" It may be hard to believe, but sometimes the smartest people work in the business sector and not in education. As the old saying goes, "those than can, do; those that can't, teach".

I've been working with AMI (aka smart grid) for years now and am in fact right now in the middle of a rollout of a pilot to a major US city. This technology is only currently being used in the last mile (which, yes, includes substations - but is not considered part of the "power grid" in the sense that it's being discussed here). The nation's power grid is managed by legally separate "transmission" companies (not "distribution" companies like your local utility).
The infrastructure in the transmission world is far more secure and it will be a long time (if ever) before the transmission companies allow their systems to be connected to any outside entities due to the potential threats.

Re:C'mon people - "Smart Grid" != "Power Grid"

[mswhippingboy]

But it is ALSO about giving the company control to do rolling blackouts during peak times, or lowering the temperature during peak times. How do I know? It's already happening.

More FUD. Rolling blackouts have been going on for years. The utilities don't need smart meters for that. They may choose to perform blackouts using smart meters, but it simply allows them to do what they are already doing at a more fine grained level. Now exactly how is the utility "lowering the temperature during peak times" unless you have a thermostat that you put in your house and given the utility the ability to control it? Do you think the utilities are releasing little gremlims to go around adjusting your thermostat? Get real.
High speed internet (I assume by this you mean IP over powerline technology) has nothing to do with "smart grid", even if it is offered by your utility, that's a separate, unrelated issue. Most smart meters communicate via microwave, cell phone technologies, or via RF using a repeater-collector scheme. IP over powerlines has always proven to be difficult to reliably operate, although that may well change in the near future.

Re:C'mon people - "Smart Grid" != "Power Grid"

[Golddess]

Now exactly how is the utility "lowering the temperature during peak times" unless you have a thermostat that you put in your house and given the utility the ability to control it?

That does seem to be how BGE Peak Rewards operates, yes. But even without it, if they can cut power to individual appliances (say, the AC or furnace), that too could alter the temperature without ever needing to touch the thermostat dial.

Re:C'mon people - "Smart Grid" != "Power Grid"

[commodore64_love]

>>>Now exactly how is the utility "lowering the temperature during peak times" unless you have a thermostat that you put in your house and given the utility the ability to control it?
>>>

That's why it's called a SMART meter.
It can be controlled remotely.
The company can adjust the temperature.

Re:C'mon people - "Smart Grid" != "Power Grid"

[mswhippingboy]

I think you are missing my point. A smart meter is just that - a meter - the thing that sits outside your house with the numbers spinning on it.

The power company can close the switch (giving your house power) or open the switch (turning off the power to your house), or it can obtain the current consumption and/or demand readings and use it for billing and/or load management. It can't change your thermostat. This is not to say that you can't install a thermostat in your house, tie it in to your smart meter and give your power company the authority to adjust it - but it does imply that you are choosing to give that authority to them - usually in return for a lower per kWH rate.

Re:C'mon people - "Smart Grid" != "Power Grid"

[commodore64_love]

Oh I see.
You're being pedantic with the word "meter". Stop it. When BGE offered to install "smart metering" in my home it wasn't JUST the meter. It also included an upgrade of the thermostat which could record my temperature, report the results to BGE, and even give BGE control to adjust it up or down. Smart metering is an all-inclusive term just like "PC" or "Mac" is inclusive of both the actual hardware AND the software (windows and OS X).

Re:C'mon people - "Smart Grid" != "Power Grid"

[mswhippingboy]

Sorry, I wasn't trying to be pedantic but your post implied (at least that's how I read it) that somehow BGE was nefariously altering thermostats against peoples' will or without their knowledge. The fact is you are agreeing to allow them to do this for (I assume) some discount in your kWH rate or some other perk. The term "Smart Grid" does encompass all things related to it, but it's not an all or nothing proposition. Your utility can offer only smart metering (with nothing else included), or it can offer a set of features (thermostat, hot water heater, etc.) all the way to full home automation, but (I don't think) it can force this down your throat or do it without your consent. That was my point.

Re:C'mon people - "Smart Grid" != "Power Grid"

[commodore64_love]

>>>(I don't think) it can force this down your throat

Not yet, no. But time will tell. If Congress can force me to buy hospital insurance that I don't want (I pay cash), then they can also force me to accept external control (either by BGE or the USC) of my thermostat.

Too bad they can't contend with the biggest threat

[dkleinsc]

Skimping on line and generator maintenance in an attempt to boost profits, but which knocks out power for a significant section of the Northeast US and Canada when the chickens come home to roost. (All completely hypothetical, of course)

Oh no!

[sunking2]

I'd be ticked if someone were to remotely keep my coffee maker from turning on in the morning! The horror!

Generic security info

[losttoy]

"In chapter 1, the authors note that a smart grid is not a single device, application, system network, or even idea. And that there is no single authoritative definition for what a smart grid is. With that, the initial chapter sets and defines the various aspects to smart grid."

Read - we took generic security concepts and replaced "computer network" with "smart grid" in the text.

As someone who has worked for a successful smart grid company, there is very little known outside of these start-ups about how smart grids work. Most talks you see around *smart grid* security at blackhat or defcon are centered around decade old meters and technology. Those are ancient!

I've never understood

[sxltrex]

As someone who has worked on distribution automation for a large electric utility for the past 13 years, I've never understood the fascination with the cyber aspect of securing the grid. It would be far easier to cause a major outage with a 4x4 truck and a few pounds of high explosive, yet I don't recall a single attack of any type against a transmission tower anywhere in the U.S.. As for intercepting and deciphering meter data (a truly non-trivial task), it would be far easier for thieves to simply watch the houses in a given neighborhood, a la Home Alone.

The residential meters do have disconnect capability, but by design this functionality ignores broadcasts. Therefore a hacker could only affect a single residence at a time, and even then only if they knew the encrypted disconnect command. An insider attack is the only real threat, and that is not addressed here.

Re:I've never understood

[odin84gk]

The fascination is based on an attack with X country. If they knew of a crippling zero-day exploit (For example, a "recloser- Open" command, or a "MV Switch ON/OFF" command), they could theoretically disable portions of the grid from the safety of their own home.

Heaven forbid they can download custom firmware. Then they could tell every Smart Car Charger to charge their electric automobiles at the same time. Think about it. A neighborhood full of electric cars charging at the same time. Makes most utility guys cringe just thinking about it.

Re:I've never understood

[Orne]

Yeah, but the utility companies are paid to design the network to handle the worst-case load scenario. It's the one thing they are totally allowed to pass the cost on to the consumers .. reliability. If the whole neighborhood upgrades to electric vehicles, the distribution company puts in a larger transformer and ups their rates.

Re:I've never understood

[Dare+nMc]

> As for intercepting and deciphering meter data (a truly non-trivial task), it would be far easier for thieves to simply watch the houses in a given neighborhood
Your assuming some security that's not likely there, the point of the article, it need to be done right for that to remain true. Power lines are un-shielded so intercepting it is as simple as a small antenna. These systems also currently work by having a reader download what is stored in all meters for a building/neighborhood on demand (trust me the data will not be deleted on read, too easy to lose your usage.) So once the system is cracked, a attacker could walk up to a apartment building, or entire block with a Laptop, download the history for a month for all apartments in the building in less than a second, and have a analysis program that tells him immediately which apartments are empty and for how long, and of them which have the most smart devices...

Re:I've never understood

[jeffstar]

the idea is that the cars will be smart grid enabled and only charge when you aren't running the dishwasher and the dryer and the oven and 3kw of lighting already, thereby maximizing the use of the existing infrastructure's capability.

Re:I've never understood

[goudan]

They named these shoes Fools cheap jordans for sale air max 1 Gold, perhaps because bright yellow color, contains these sneakers. Thi s yellow on the insole, lining, side Nike Air Max 95 uk panels and displays in front of shoe with a very distinctive look. Besides this color, a shade of brown field and pulling at the neck found, while the dark brown hues and Nike logo on the sides. This sneaker also has a black rubber washers and heel tab, with the logo of Nike Air. This shoe is designed with a midsole with gray and black cloud over it.

Re:I've never understood

[atengyuer]

yes.i agree with you really.

zombies

[cab15625]

Will it stay on after the zombie apocalypse? Stupid context, but seriously, if the smart grid is going to be able to talk to my fridge and potentially let some hacker melt my icecream, that means it will have a lot of complexity to it. With that level of complexity (and invested time/money) it damn well better stay on for a bit if it has to be left unattended.

Re:The smart grid

[b0bby]

is about making people feel the capital costs needed at peak times. Currently this is not the case. I fail to see how this will make energy more affordable.

I'd think that, as people avoid the peak-priced energy, there should be a leveling of demand, which should reduce the need for more power plants in the longer term, controlling costs. Right now they need to build plants to meet a few peaks (around here, the hottest summer days). Pepco came and installed a thermostat for me which can turn off my central ac at peak times (I noticed it once last summer) and I get a little money back for being part of the program. If enough houses have these types of devices (and the smart grid would be much better than this) then power companies can better spread the load & avoid adding natural gas plants which are rarely used.

Re:Too bad they can't contend with the biggest thr

Enter FERC/NERC which then mandates and fines utilities for not doing the right thing. The bad thing is this puts a burden on utilities already doing the right thing as they now have to deal with NERC audits. In the end, it's they way to go, but it would have been better of the power industry policed itself (but responsibility without authority is pointless, which is where FERC authority to fine millions per day gives NERC the ability to carry out this responsibility).

Re:The smart grid

[Nefarious+Wheel]

is about making people feel the capital costs needed at peak times. Currently this is not the case. I fail to see how this will make energy more affordable.

Actually that turns out not to be the case. The idea of the smart grid was two-fold; It provided a vehicle for upgrading infrastructure that hasn't been upgraded since it was built in (mostly) the middle of the last century, and by giving the generators more fine-grained knowledge of when to apply secondary generation facilities for peak load. The latter would provide sufficient savings to bankroll the entire project.

Or at least that was the opinion of the 20 or so C-level energy execs we interviewed in 2009 when I wrote our company's smart grid report. The concept may have drifted since then (and I'll admit I'm out of touch, I no longer work for that company) but I don't think by that much.

Review of book, not commentary on Smart Grid

[TXISDude]

Trying to avoid getting off-topic and digressing into yet another diatribe on Smart-Grid technologies and focusing on the content of the book. . . This is a good introductory book on the topic. Not very deep, nor will you find the technical details on the wide range of technologies, but then again - the technical details of Smart Grid technologies would fill thousands of pages and the discussion of all the security implications, thousands more. So, this book is a good 50,000 foot view, and it fills a void as I know of no other general introductory text. I agree with some of the comments, that the actual analysis is a bit weak, that at times it seems like they just substitute "smart grid" for "network" before security and do mass replace function. And, in reality, this will not be the path to securing this technology, as it has different purposes and characteristics than a standard TCP/IP network. That said, it is still a decent book and worth the read if you want to learn about the ideas behind the new technologies coming to us like a out of control freight train. Mandatory Disclaimer: I am not, nor do I know the authors. I have read the book (cover to cover) and bought several for people on my Smart Grid team.

Re:The smart grid

[plover]

It's not about making energy affordable. It's about modifying demand by holding consumers accountable.

There is no effort to build new power plants in this country. We're not adding new coal plants, because they pollute. We're not adding new nuclear plants, because we don't know how to handle nuclear waste. We're not building new dams, because we might kill an endangered fish, or wreck some historic valley. At most, we're adding tiny little windmills and tidal generators and solar farms that have no practical chance of keeping up with the growth of the population. As things stand today, we're in a bind.

So if we can't figure out how to build more generating capacity, our options are to either restrict growth, improve efficiency, or curb demand.

Restricting growth is not a realistic option. Improving efficiency is. The utilities do what they can from a generating standpoint to try to squeeze every watt from every therm they produce. They encourage us to improve efficiency economically, through rebates for replacing inefficient devices with energy star devices. And they curb demand by raising rates.

Because electrical plants have a finite capacity, as the plants reach their peak of production the utilities have one more trick. They fire up auxiliary generators to supply additional power to the grid. These are diesel or natural gas generating plants, often owned by large businesses as disaster recovery generators. They are very, very expensive to fuel and run. This only happens at times of peak demand, but the cost of peak generation is about ten times that of regular generation. The smart grid will allow utilities to charge higher rates to consumers during peak times, in order to encourage energy saving during peak times.

The smart grid can pass that information to consumer appliances. The grid can tell your dryer that "peak pricing is from 3:00 PM until 8:00 PM." Your dryer can then tell you "if you dry them now it will cost $3, but if you wait until 8 PM it will only cost $0.15." Or if you hit the "cheap" button, it will automatically delay operation until the peak period has ended.

Today we all pay peak rates 24x7, for everything. The peak charges are amortized across all the electricity we buy. The smart grid will let them keep from raising the prices for non-peak electricity. And it puts the information in your hands so you can make the decision.