An Integrated Grid at the Intersection of IT and OT
By Matt Wakefield, Director of Information, Communication & Cyber Security Research, Electric Power Research Institute
The U.S. electric power system and its many assets have performed remarkably well in the last 130 years, providing just-in-time electricity across America. Built on a hub and spoke model, the system integrates the physics of electricity generation and delivery with the know-how of system operators to provide reliable service.
As the power system evolves to meet changing consumer needs and to integrate new distributed energy resources such as solar photovoltaics, electric vehicles and other loads and energy resources, information technologies are an increasingly important part of electric grid operations.Utility operations groups must effectively leverage both Information Technology (IT) and Operations Technology (OT)—and the CIOs role is playing a very important part in this new paradigm. A smarter system depends on smart managers who can live at the intersection of IT and OT in the areas of data analytics, communication infrastructure, cyber security and through actual smart grid deployments.
Dealing with Little Data
Data analytics can be a challenging issue for utilities as a myriad of “little data”—an increased number of smaller datasets that were designed for single business functions such as billing, grid operations, planning, SCADA or GIS, etc.—becomes more prevalent. Significant value can be obtained by integrating these disparate data systems that are acquiring data from an increasing number of sensors and systems, both internal and external. For example, meter data historically has been used for billing purposes. But as these meters provide more information about use and power quality, utilities can use this data to monitor the performance of their power system as well. Before, power quality and use were monitored on two different systems at a utility; now there is an opportunity to integrate that data.
One piece of the solution to integrating disparate data at the enterprise level is the use of standards such as the Common Information Model (CIM), including standards IEC 61968 and 61970. The CIM is an abstract information model that identifies relationships within a utility enterprise. The CIM provides standard semantic models in which various data, from disparate systems and external entities, can exchange information. When utilities implement a CIM, they must make it a strategic part of their enterprise strategy and then collaborate with industry to continue to make improvements to the standard. Because utilities generally don’t compete with one another, they can find significant benefit from collaborating together to advance standards for the benefit of the electric grid and society as a whole. That collaborative-building is a natural role for the Electric Power Research Institute (EPRI), which has been involved since the beginning of CIM development and continues to participate in the development of standards and in interoperability testing with electric utilities.
Meshing with Communication Infrastructure
Little datasprings form the variety of smart meters, devices, switches and monitors installed on the transmission and distribution system. Today, it is not uncommon for a utility to have completely separate
• NSM monitoring provides the capability to acquire information about the operational aspects of a communication infrastructure. This information can be used for network design optimizations, security event detection, communication anomaly detection, and other purposes.
• NSM management provides the capability to control key aspects of the communication infrastructure and to resolve detected problems. An example of management is the ability to remotely disable a communications port on a switch.
As technology scales, these networks will become smarter, easier and more self-healing. Until then, NSM monitoring and management and associated technologies are must-learns for any utility operator looking to meet the challenges of integration. One thing is very clear: The utility communications infrastructure is also a strategic investment and must be built to the same reliability, robustness and security as the electric grid. Poor communication infrastructures have been one of the most significant challenges in a number of recent smart grid demonstrations around the world; where they have been robust, those demonstrations have been the most effective.
Byte-ing into Cyber Security
System security presents another integration challenge. As the grid becomes more complex, so does the risk of sophisticated cyber and physical attacks on the grid.
An intelligence-driven approach to cyber defense that uses threat indicatorsfrom multiple domains such as IT, OT, physical and external threats can get ahead of attackers while quickly responding to incidents as they occur. Today, the security monitoring necessary to execute this approach typically happens in different parts of organizations. Security Operations Centers (SOCs) are common in physical security, business, and industrial control environments. Many utilities have one or more of these individual SOCs responsible for defined physical regions or business functions.
EPRI has found that utilities can realize security benefits by integrating these information silos to create integrated security operations centers, or ISOCs. An ISOC brings together the many isolated security monitoring and response functions into a unified framework. Benefits include:
• Real-time intelligence
• Improved analyses of vulnerabilities and threats across organizational domains
• Efficient forensics and root cause analyses
• Unified (corporate information technology [IT] and operations technology [OT]) security incident management
• Centralized configuration and patch management
• Optimization of security resources
• Strong workforce relationships across business functions
Making the move from technology or business unit SOCs to an enterprise ISOC requires significant planning and investment. Several internal stakeholders must be engaged to reach consensus on the business drivers, potential challenges, and high-level phases of the effort. In 2013, EPRI published ‘Guidelines for Planning an Integrated Security Operations Center’, which focuses on the initial steps of setting up an ISOC—developing the business case, identifying potential organizational challenges, determining tradeoffs for different ISOC architectures, and planning the implementation process.
Putting Knowledge to Practice
Perhaps the most challenging of the IT/OT convergence discussions is putting the combined knowledge to work in realtime through smart grid demonstrations. Earlier this year, EPRI concluded a seven-year series of smart grid demonstration projects. A report, “EPRI Smart Grid Demonstration Initiative: Final Update,” documents 48 case study results as of mid-2014 and marks the culmination of tests and the results of the demonstration projects, which involved 24 utilities from Australia, Canada, France, Ireland, Japan and the United States.
At a high level, the demonstrations confirmed many devices and smart assets of an integrated grid have tremendous potential to deliver significant benefits, but they must be deployed in a strategic, secure way and integrated with the existing infrastructure. That requires an understanding of the interaction between IT and OT.
A utility operations executive’s ability to combine IT and OT in the areas of data analytics, advanced communication infrastructure, cyber security and real-world pilots is paramount in gleaning full value from system upgrades. Many of these technologies are the responsibility of the utility CIO.
In 2015, EPRI will launch a series of Integrated Grid pilots to further evaluate the costs and benefits associated with deploying these advanced technologies. We look forward to better understanding consumer behavior, the information and communication technology need for demonstrating an integrated approach, and the potential that distributed energy resources can bring.