What is cybersecurity and why is it so important to the energy system?
“Cybersecurity” refers to the protection of information systems (hardware, software and associated infrastructure), the data on them, and the services they provide, from unauthorized access, harm or misuse. The cyber breaches or attacks are not rare events, and they could be more frequent and severe than you thought. According to the recent UK’s annual survey, 46% of businesses report having cyber security breaches or attacks in the last 12 months in 2020. As to individuals, situations are also not very optimistic. During 2018-2019, it was estimated there were about one million (966,000) incidents of computer misuse experienced by adults.
With “smarter” devices, the users are already part of the energy system via mechanisms like Demand Side Responses (DSR). An adversary could target the users who have access to the system to launch cyber attacks to the whole energy system. The common attacking methods include malware, phishing email, ransomware and crypto-jacking. The campaign by the National Cyber Security Center showed that 14 out of 1800 malicious emails successfully triggered the malware installation.
Depending on the user’s role in the energy system, the attack can lead to a range of consequences: from mild privacy leakage of individual users to a nation-wide power cut. The most well-known example is the malware attack on Ukrainian power grid, where the Ukrainian power distribution company was attacked after users opened a malware-rigged attachment in a phishing email. The attackers exploited and committed a series attack on Ukrainian power grid, including uploading malicious framework at substations, stealing user information and obtaining VPN credentials.
It is worth noticing that with the increasing use of smart devices, new attacking methods are widely reported targeting at the user’s mobile operating system. In particular, for the DSR system, many smart devices (such as smart meters, home gateways and controllers) are providing mobile access/control methods to the home appliances.
What can be done to address the cybersecurity challenges in the energy system?
The most general principle to address the cybersecurity challenges is always staying alert! There are no 100% invincible solutions to all cyber attacks, but we do have mitigation countermeasures depending on your role in the energy system. Here are some general guidelines to Cyber Security via National Cyber Security Centre.
Figure 1: General guidelines to Cyber Security, Source: National Cyber Security Centre.
In the USER project, we are working in a consortium to demonstrate how domestic buildings can participate in the DSR markets through automated DSR combined with hot water storage cylinders. The key idea is to use hot water storage cylinders as thermal storages to support the firm frequency response service — a National Grid service that helps to maintain the stability of our power grid and rewards benefits to its participants.
The consortium consists of 5 companies, including Levelise, Baxi Heating, Ecuity Consulting, Energy Systems Catapult and Durham University. Currently, Durham University team is focusing on the Cyber Security provisioning from a system design aspect.
The research activities are carried out in the Smart Grid Laboratory at Durham University, which consists of an experimental low voltage distribution network, a Real Time Digital Simulator (RTDS), and renewable energy generation emulators. The RTDS contains the necessary operational hardware, and analogue & digital communication cards, for linking the modelling system to physical equipment in a low voltage network. It gives the Smart Grid Laboratory unique analytical capabilities in terms of real-time power systems simulation and Power-Hardware-In-the-Loop (PHIL) testing.
With these hardware and software resources, the Durham University team has built models in the lab environment for the DSR system with power grids, hot water storage cylinders, renewable energy resources and user appliance loads. The flexible models are capable of evaluating the coupled DSR services and firm frequency response services in a safe and practical environment, where potential cyber attacks can be simulated and analyzed.
Current research activities also include the evaluation of security challenges due to bad data injection, where the compromised smart devices are manipulated to send false or altered data to attack the provided DSR services and/or firm frequency response services. Advanced techniques such as Artificial Intelligence and statistical analysis have been investigated as countermeasures. Initial results show that the system’s resilience to the bad data injection can be improved with an integrated day-ahead scheduling and real-time dispatching design.
Building on the model and obtained data in the lab environment, Durham team will develop a strategic vision of residential demand response services which include the areas of improvement for current products, the priorities for future development, and the policy needs for encouraging demand response programmes whilst improving system/user cyber security.