Carbon-Pros Analyst BlogSmart grid privacy and security
Electricity is fundamental to modern life. It fuels our government, the military, our hospitals, businesses, and homes. In the future it may power significant parts of our transportation fleet. Glancing at the figure, it's hard to imagine social continuity without a reliable supply of electricity.
Concern about grid security is nothing new. There has long been a danger from terrorists blowing up key substations and taking out large blocks of electricity consumers. The US federal government admits that the legacy grid is also susceptible to electronic attacks from cyberspace. In 2009, reports surfaced that unidentified assailants had infiltrated the U.S. electrical grid and left behind programs that could be used to disrupt the system.
The vulnerability of the grid represents a threat to national security and business continuity. Maintaining electrical service in the event of a crisis is crucial. Major military bases can isolate themselves from the grid and run off their own private generators and microgrids. But even the military would experience disruptions from civilian supply breakdowns in the event of regional blackouts. Businesses are the lifeblood of the economy and need to be able to continue operations. The economic impact of a grid failure can be enormous. The economic losses attributed to the 2003 blackout were at least $10 billion.
Given its reliance on digital networks, there is concern that smart grid will be even more vulnerable to cyber attack. Massive power outages caused by a cyber attack, could disrupt the economy, camouflage a military attack, or spread fear and panic. Bruce Willis' movie Die Hard 4 brought the specter of grid hijacking to the mass Hollywood audience. When designed properly, nothing like the movie will ever happen.
The Energy Independence and Security Act of 2007 directs federal agencies to support the modernization of the grid, including cyber security. The Department of Homeland Security (DHS) works with the utility industry to identify and minimize grid vulnerabilities. They are also working to ensure that security is built into the smart grid as it develops. The top-level regulator, Federal Energy Regulatory Commission (FERC), coordinates work across agencies. The Department of Energy (DOE) specifically requires all smart grid projects funded with stimulus dollars to include privacy and security measures in their proposals. The Electric Power Research Institute (EPRI) is working with the National Institute for Standards and Technology (NIST) to set standards for smart grid development. Together, they are responsible for leading the effort to establish electronic security standards.
The building blocks of smart grid include advanced meter infrastructure (AMI), transmission and distribution automation, distributed generation, electric vehicle charging, and dispatchable renewable energy generation.AMI ties together the meters on the smart grid for a given utility and a given service territory. One of the things that makes a new digital meters “smart” is the ability to transmit and receive information from its (private) digital network connection. The network connection is used to read the meter remotely. In older designs, utility meter readers would drive down the street with a digital receiver automatically recording data from each meter. In the smart grid, these readings will be sent upstream through the grid's digital overlay network for permanent recording at the utility operation center. Data capture, transmission, and recording leads to concerns about privacy.
Privacy. Smart Grid technology potentially lets your utility know who, what, when, where, how much electrical stuff you are doing inside your home. Instead of simply logging a running total for electricity usage, smart meters will log data with a date, time, and usage every 15 to 60 minutes. They will also collect power quality data such as voltage, phase, and frequency. They can also gather detailed operating information from networked thermostats, smart appliances, vehicle chargers, and anything else on the home area network.
This is all for the good. The utility can use this information to help its customers reduce their energy use and save money. Appliance manufacturers will be able to remotely diagnose problems so they can send a repair professional with the right parts. Medical device manufacturers will do the same. Over time, the scope and scale of organizations wanting access to meter data will grow (think law enforcement, public safety, social services, insurance companies, etc.). But where there is light, there is dark. And it's the bad guys we worry about.
Smart grid surveillance will be a concern to consumers wishing to maintain a high degree of privacy. But it should be a concern to anyone who might not want the bad guys to know when they are away from home. Access to meter data gives potential burglars an electronic profile of daily activities otherwise hidden inside the home. The bad guys would be able to “case the joint” remotely. In competitive electricity markets, competing utilities could try to get this data for industrial espionage to attract and retain the most profitable customers. Just as the Internet enabled new threats such as identity-theft, the future will bring new ways to exploit meter data.
Security. Going beyond privacy, the current generation of smart meters have much more functionality than old ones. Burglars, terrorists, and others with political agendas could use unauthorized access to AMI command and control systems to disrupt the delivery of services, create blackouts, disrupt load balancing commands, or create fear and panic. Crackers may be interested in breaking into command and control systems for personal satisfaction and/or bragging rights.
Some utilities will use the meter network connection to connect and disconnect electrical service. It's a money-saving extension to meter reading. This leads to speculation about the potential for “drive-by blackouts” in which a vehicle-mounted device could break into a wireless meter network and send commands to shut-off service. Since the meter network is localized at the neighborhood level, these would be relatively small-scale problems. If the attackers were to break into the network at the utility operations center, disconnect commands could (theoretically) be issued system-wide. Even still, electricity distribution is highly decentralized across thousands of utilities. So an attack on one utility will not necessarily take out other utilities.
With proper security in place, smart meter deployments and grid optimization should make the grid stronger and more resilient. Much of the grid is already automated but with older technology that may not be able to withstand new types of electronic threats. The smart grid's advanced capabilities will allow utilities to anticipate problems and mitigate its effects on the system. It will support broad use of distributed generation and storage. These will give some customers the capability to operate in island mode, isolating themselves from the public grid.
There is a lot of work to do in the area of grid security and privacy. It is crucial to confront and solve problems during the development phase. It won't be easy, but given that we successfully run our government, the military, our hospitals, and businesses on computer and communications technology, we have the intelligence and the technology to surmount similar challenges on the smart grid.
Stay tuned for continuing in-depth analysis of grid security. Carbon-Pros is pleased to announce that we are partnering with Securosis for in-depth security research on the smart grid. These guys are good! This is an exciting collaboration, details will be announced soon. Meanwhile check out their blog at securosis.com/blog.
ZigBee is a suite of radio frequency (RF) communication protocols designed for low cost, ultra-low power radio transceivers. It is based on IEEE 802.15.4 standards and engineered for use in short-range wireless communication. ZigBee targets low-bandwidth applications where cost, battery life, and security are at a premium. It works for large-scale, low cost deployments such as monitoring and control. Sensors don't require high bandwidth, but they require low latency (i.e. minimal delay in signaling) and low battery drain. Connection speeds are in the range of 10 to 250 kilobits. Batteries can last for years because the protocol is designed to minimize the time the radio is on. ZigBee includes standards for full-function devices and end-point devices, with the latter designed to absolutely minimize device footprint and cost. Within a few seconds, ZigBee nodes can wake, connect to the network, transmit a sensor reading, and go back to sleep to conserve power. 
My local utility was looking to backslide into old ways of thinking about distributed electricity such as rooftop solar. Xcel had proposed a “capacity tax” on customers with solar panels such that net-metered customers would pay additional charges for generating their own power. The new minimum charges would have been determined by the highest monthly usage during the year. 
Globally, every major car manufacturer is developing EVs or plug-in hybrid electric vehicles (PHEVs). Next year 
Right now, pumped hydro is our most cost-effective system. Coming up fast are compressed air energy storage (CAES) and massive batteries (flow and sodium sulfur).
At your request, the home display gets mounted on the kitchen wall where your phone used to be, back when you still had a landline. The display does not need the phone line, but it covers up the scar left from the old wall jack. Your installer inserts a chip-card into your dishwasher authorizing it to communicate with the utility. And one of the smart plugs gets inserted between your old electric dryer and its 240V outlet. The plug automatically connects to your home network, just like the new dishwasher. The installer also leaves behind a handout giving you the web address for a customized energy portal where you can monitor and control your electrical usage from any PC or smart phone. 
Time goes by and demand response is providing your utility with better load control each year. At the same time, another revolution is sweeping across the grid. During stage one, while your utility was installing two-way meters, it was also installing sensors, relays, voltage regulators, circuit breakers, and other grid devices. And each one of these is connected to the utility's digital network. As the utility's enterprise software capabilities have matured, its operations staff now has a real-time view of where the power is flowing, at what voltages, where the bottlenecks are building, and which lines are getting overheated (and therefore in danger of sagging into nearby trees). They know where power is needed and where an excess is being generated from rooftop solar systems. This so called “grid optimization” lets your utility: 
The second gigantic step toward becoming a smart home is when your utility offers, and you opt-in, to a demand-response program. Hopefully they won't call it by that name. These programs will be infinitely more marketable if they have a catchy name like eco-power-saver or super-moms-home-efficiency-program or sooper-smart-consumers or you get the idea. Marketers will do their thing. At this stage, the utility will send someone out to your home to install one or more devices. The major reason people will join these programs is because utilities will open their pocketbooks and pay you to join. They will give you a rebate, a monthly discount, or some other incentive. That's right, they will pay YOU. 
I'm a big believer in continuous quality improvement. Keep refining your business processes and they become effective and efficient. One of my projects at home is getting to net zero energy (NZE). I'm always looking for places to save a few watts. My low-voltage yard lights have been bugging me because the photocell was turning them on too early in the evening and turning them off too late in the morning. I was wasting electricity. I looked into it and found that the location of the photocell had become heavily shaded by mature trees and bushes. It was no longer getting a clear reading of ambient light. In addition to staying on too long, the other problem is that the low-voltage transformer draws 16 watts on a 24x7 basis. My solution was to add a digital timer to turn the transformer on at dusk and then turn it off at 1AM. As a watt-pincher, I decided I did not really need dusk-to-dawn lighting. The timer automatically calculates the time for dusk, correcting for seasonal variation and daylight savings. With a 1AM shutoff, the transformer is on for an average of six hours per day. After making the change, I did a quick calculation of the savings. I was stunned. Eliminating the transformer load for 18 hours/day saves 105kWh per year (the digital timer draws a negligable amount). Shortening my lighting time from an average of 14 hours/night to 6 hours, saves 385kWh. These add to 490kWh. That's as much electricity as used by a refrigerator! Put in the context of my NZE project, this turned out to be a high-impact project. It represents about one-third of the power we had been drawing from the grid (the rest of our power comes from rooftop solar PV). I spent less than an hour setting this up and used a timer I already owned. There were no capital costs, just a little time and attention to detail. Plus the willingness to question a long-standing habit. What took me so long to make the change? This is where the true value of data monitoring comes in. Had I known how much power that circuit was drawing, I would have made the change ten years ago. The smart grid can't come soon enough! --JCB
I have used gasoline lawn mowers all my life. I never liked them. They stink, they make too much noise, they are hard to start, and they pollute the air. But my lawn looks a lot nicer when it's cut regularly. Now that our household energy comes from the solar PV on our roof, my wife and I see electric power in a new light. When our 10-year old 3.5HP gas mower died this spring, we decided to look into battery-electric mowers. We researched the market and selected a model from 
ay on climate mitigation, we need to radically reduce our carbon emissions. We're not talking about slight pull-backs, we're talking about 50-80% reductions over the next few decades. For energy security, it means we need to find alternatives for running our transportation fleet; something other than gas and diesel. The US military already spends upwards of $100B annually to protect Middle Eastern oil shipping lanes (
using about 4,500 kWh. It also eliminates our very old central air conditioner saving up to 1,000kWh. Geothermal (ground-source) heat pumps are hyper-efficient. Whereas our "high-efficiency" gas furnace is 95% efficient, the heat pump will be 400-500% efficient. Instead of needing 22,000 kWh it needs only 4,500. Subtract 1,000 kWh for eliminating our air conditioning load and we're within reach of generating that much power on our roof. The other major gas user is our big fat hot water tank. It's oversized because we had three kids living at home until recently. Now it's just a hog. It burns about 22 therms/month for hot water including 12 therms/month wasted in standby loss. Standby loss from heating water 24x7 kills efficiency. That's a big reason why more people are switching to tankless, on-demand hot water heaters. We have two clean-tech options. First and most obvious living in Colorado is solar hot water. Second, and lesser known, is using geothermal to preheat our water to about 90 degrees. From there we can use either solar thermal or solar electric to bring the water temperature up to 120 degrees. That leaves us with a few more decisions which I'll cover in a future post. --JCB
We chose the latter option because it was the most flexible approach. From the web portal, we can see real-time and cumulative statistics. And we can view it on any device from our PCs and Macs to our iPhones. Therefore we know what's going on whether we are at home or traveling. Data monitoring has been more valuable than we anticipated. If not for the data monitor, we'd have no idea how much power is coming off the roof. Solar PV is totally silent and because our panels are installed flat to the roof, they are virtually out of sight. The SMA web portal sends us a daily email with production statistics and provides web access to accumulated data. Last May, we had a defective breaker shut off the power feed from the roof. Fortunately, our installer receives the same daily emails, noticed that our production had dropped to zero, and quickly fixed the problem. Without monitoring, we may not have noticed the outage until our month-end utility statement. 
We hired a local company, 
