Grid Innovation: One Step Forward, Two Steps Back

The U.S. Senate recently passed the Securing Energy Infrastructure Act, endorsing a two-year pilot program to identify new security vulnerabilities and to research and test solutions. Included is specific research on “analog and nondigital control systems.” In his press announcement, Angus King, co-chair of the Cyberspace Solarium Commission, explained the objectives of the bill, saying, “Specifically, it will examine ways to replace automated systems with low-tech redundancies, like manual procedures controlled by human operators.”

An overreaction for certain. However, left unchecked, we could be heading decades backward in our progress in utility grid innovation. It’s like returning to the age of horse drawn carriages in response to carbon emissions.

Transmission systems aside, I’m concerned about the potential overreach into the distribution grid and its growing penetration of dispersed, intermittent generation sources. Today more than ever, the distribution system will require “forward” innovation in its control systems.

Distribution grids have never been “test beds” for trying new things. Rather, as designers have carefully managed risk, we now have a highly customized system and a large legacy of installed technology. In this environment, rip and replace is costly.

An innovative approach and an example of forward-looking problem-solving, some utilities have tied their Information Technology (IT) infrastructure NERC-CIP systems to their operating technology (OT), feeling they can control, monitor, and detect threats more efficiently.

Use of good cyber hygiene and best practices not only for NERC-CIP/OT systems but also for their distribution control systems and automation devices will reduce the cyber threats that exist and make the overall system more difficult to penetrate and compromise.

Rather than operational mandates, more funding should also be given to utilities to implement cyber-hardened devices and systems so they can not only reduce their overall threats but also better monitor, detect, and mitigate cyberattacks when they occur.

Prescribed answers such as “… manual procedures controlled by human operators” stifles the very innovation that we require if cyber threats are to be managed.
Distribution systems are changing to account for distributed generation, which requires protective systems that recognize outages of any length and respond closest to the fault with dispersed, intelligent devices out into the ends of the grid. Layered atop that is a cyber-secure restoration system that optimizes reconfiguration and restoration at speeds that meet the expectation of our new digital economy.

Having a horse to commute to work is not how to advance society. Similarly, manual operation of control systems limits our overall reliability and resiliency goals as we prepare for tomorrow’s modern grid.

I’d be interest in learning your thoughts on this issue in the Comments section below.