An Integrated Grid at the Intersection of IT and OT

commu­nication infrastructures for different sys­tems—SCADA, field crew, capacitor bank controllers, demand response, advanced metering, and so on. To maximize value, utilities should treat communication infra­structure as a strategic investment with a focus on building secure, IP-based systems (either private, public or a hybrid). Manag­ ing this infrastructure takes time, patience and skill. Network and System Manage­ment (NSM), which combines monitoring and management, can address this chal­lenge:

• NSM monitoring provides the capa­bility to acquire information about the op­erational aspects of a communication in­frastructure. This information can be used for network design optimizations, security event detection, communication anomaly detection, and other purposes.

• NSM management provides the ca­pability to control key aspects of the com­munication infrastructure and to resolve detected problems. An example of man­agement is the ability to remotely disable a communications port on a switch.

As technology scales, these networks will become smarter, easier and more self-healing. Until then, NSM monitoring and management and associated technologies are must-learns for any utility operator looking to meet the challenges of integra­tion. One thing is very clear: The utility communications infrastructure is also a strategic investment and must be built to the same reliability, robustness and secu­rity as the electric grid. Poor communica­tion infrastructures have been one of the most significant challenges in a number of recent smart grid demonstrations around the world; where they have been robust, those demonstrations have been the most effective.

Byte-ing into Cyber Security

System security presents another integra­tion challenge. As the grid becomes more complex, so does the risk of sophisticated cyber and physical attacks on the grid.

An intelligence-driven approach to cyber defense that uses threat indicators­from multiple domains such as IT, OT, physical and external threats can get ahead of attackers while quickly responding to incidents as they occur. Today, the secu­rity monitoring necessary to execute this approach typically happens in different parts of organizations. Security Operations Centers (SOCs) are common in physical security, business, and industrial control environments. Many utilities have one or more of these individual SOCs responsible for defined physical regions or business functions.

EPRI has found that utilities can real­ize security benefits by integrating these information silos to create integrated secu­rity operations centers, or ISOCs. An ISOC brings together the many isolated security monitoring and response functions into a unified framework. Benefits include:

• Real-time intelligence

• Improved analyses of vulnerabilities and threats across organizational domains

• Efficient forensics and root cause analyses

• Unified (corporate information tech­nology [IT] and operations technology [OT]) security incident management

• Centralized configuration and patch management

• Optimization of security resources

• Strong workforce relationships across business functions

Making the move from technology or business unit SOCs to an enterprise ISOC requires significant planning and invest­ment. Several internal stakeholders must be engaged to reach consensus on the business drivers, potential challenges, and high-level phases of the ef­fort. In 2013, EPRI published ‘Guidelines for Planning an Integrated Security Opera­tions Center’, which focuses on the initial steps of setting up an ISOC—developing the business case, identifying potential organizational challenges, determining tradeoffs for different ISOC architectures, and planning the implementation process.

Putting Knowledge to Practice

Perhaps the most challenging of the IT/OT convergence discussions is putting the combined knowledge to work in realtime through smart grid demonstrations. Earlier this year, EPRI concluded a seven-year se­ries of smart grid demonstration projects. A report, “EPRI Smart Grid Demonstra­tion Initiative: Final Update,” documents 48 case study results as of mid-2014 and marks the culmination of tests and the re­sults of the demonstration projects, which involved 24 utilities from Australia, Can­ada, France, Ireland, Japan and the United States.

At a high level, the demonstrations confirmed many devices and smart assets of an integrated grid have tremendous po­tential to deliver significant benefits, but they must be deployed in a strategic, secure way and integrated with the existing infra­structure. That requires an understanding of the interaction between IT and OT.

In Conclusion

A utility operations executive’s ability to combine IT and OT in the areas of data analytics, advanced communication infra­structure, cyber security and real-world pilots is paramount in gleaning full value from system upgrades. Many of these tech­nologies are the responsibility of the utility CIO.

In 2015, EPRI will launch a series of In­tegrated Grid pilots to further evaluate the costs and benefits associated with deploy­ing these advanced technologies. We look forward to better understanding consumer behavior, the information and communica­tion technology need for demonstrating an integrated approach, and the potential that distributed energy resources can bring.