Smart Grid Status According to the DOE, and Security According to (eep!) Black Hat

power lines on gray sky photo

Photo via Secret Pilgrim CC BY-SA 2.0

If you ever want to get freaked out about how vulnerable our technology is to the (let's face it) brilliant hackers out in the world, check out Black Hat. This year's event will look at the smart grid, the security of which has been strongly questioned since hackers could potentially do anything from grabbing customer's private information to shutting down the grid itself. The Department of Energy has also released the very first status report on the smart grid. So let's see how it's fairing, and how it might fail. Status of the Smart Grid According to the Department of Energy
The DOE has just released a state of the smart grid report as part of a directive in the Energy Independence and Security Act of 2007 that tells the Secretary of Energy to " report to Congress concerning the status of smart grid deployments nationwide and any regulatory or government barriers to continued deployment." So, here we have it. The report as a whole is a really interesting and worth a full read, but key findings include:

Distributed energy resources: The ability to connect distributed generation, storage, and renewable resources is becoming more standardized and cost effective...

Electricity infrastructure: Those smart grid areas that fit within the traditional
electricity utility business and policy model have a history of automation and advanced
communication deployment to build upon...

Business and policy: The business cases, financial resources, paths to deployment, and models for enabling governmental policy are only now emerging with experimentation. This is true of the regulated and non-regulated aspects of the electric system...

High-tech culture change: A smart grid is socially transformational. As with the Internet or cell phone communications, our experience with electricity will change
dramatically. To successfully integrate high levels of automation requires cultural

In other words, we're getting there, and momentum is building, but we still have a ways to go, especially when it comes to that cultural change they mention. This is necessary both among consumers, who will need to get used to monitoring and being monitored, and making changes in habits. But it will also be necessary among utilities, who are notoriously slow to change and are very wary of adopting new technologies, especially when it holds any risk of disrupting service to consumers. If a utility puts in smart meters and adopts renewable power, and then experiences a fail on any scale, consumers will be upset, and so will the utilities. Smart grid tech is new and the start-ups are mostly unproven, which requires a leap of faith.

Should We Be Worried About Smart Grid Security?
But there's a reason why that leap of faith is so difficult to latch on to. It's more than just a system fail because of a technical glitch. It's also about security. Next week, that security concern will be addressed at Black Hat, an event that discusses security issues in technology.

According to eWeek, "In separate presentations next week at the Black Hat security conference, researchers Mike Davis and Tony Flick will be making the case that the energy industry has work to do when it comes to security.

'A lot of the security issues that are popping up are kind of frightening, and we're sort of pushing the idea of more security review, more generalized security engineering reviews, source code audits, the whole sort of works has to apply to these meters as well as they apply to everything else,' said Davis, senior security consultant at IOActive."

There's no doubt security is vital, and it has to be emphasized that if we're revamping the entire grid, we'd better go about it intelligently and prepare for anything that it is possible to prepare for. However, we still say the same thing as we did when security concerns were raised a few months ago...proceed with caution, but by all means, keep proceeding!

Flick states that the National Institute of Standards and Technology has already released a three-phase plan for developing standards for the technology but they'll have to address security concerns that mirror that of PCI- DSS (Payment Card Industry Data Security Standard), and the standards for security need to be built into the entire system and standards.

Follow Jaymi on Twitter: @JaymiHeimbuch
More on Smart Grid Technology
The Next Big Oil: Big Smart Grid?
Green:Net 2009: Smart Grid Standards According to the Experts (Video)
Smart Grid Cyber War Games Test Security Risks
Report States Smart Grid Hackers May Cause Blackouts

Related Content on