An Integrated Grid at the Intersection of IT and OT

Matt Wakefield, Director of Information, Communication & Cyber Security Research, Electric Power Research Institute
Matt Wakefield, Director of Information, Communication & Cyber Security Research, Electric Power Research Institute

Matt Wakefield, Director of Information, Communication & Cyber Security Research, Electric Power Research Institute

The U.S. electric power system and its many assets have per­formed remarkably well in the last 130 years, providing just-in-time electricity across America. Built on a hub and spoke model, the system integrates the physics of electricity generation and de­livery with the knowhow of system opera­tors to provide reliable service.

As the power system evolves to meet changing consumer needs and to integrate new distributed energy resources such as solar photovoltaics, electric vehicles and other loads and energy resources, infor­mation technologies are an increasingly important part of electric grid operations. Utility operations groups must effectively leverage both Information Technology (IT) and Operations Technology (OT)—and the CIOs role is playing a very important part in this new paradigm. A smarter system de­pends on smart managers who can live at the intersection of IT and OT in the areas of data analytics, communication infrastruc­ture, cyber security and through actual smart grid deployments.

Dealing with Little Data

Data analytics can be a challenging issue for utilities as a myriad of “little data”—an increased number of smaller datasets that were designed for single business func­tions such as billing, grid operations, plan­ning, SCADA or GIS, etc.—becomes more prevalent. Significant value can be obtained by integrating these disparate data systems that are acquiring data from an increas­ing number of sensors and systems, both internal and external. For example, meter data historically has been used for billing purposes. But as these meters provide more information about use and power quality, utilities can use this data to monitor the performance of their power system as well. Before, power quality and use were moni­tored on two different systems at a utility; now there is an opportunity to integrate that data.

One piece of the solution to integrat­ing disparate data at the enterprise level is the use of standards such as the Common Information Model (CIM), including stand­ards IEC 61968 and 61970. The CIM is an abstract information model that identifies relationships within a utility enterprise. The CIM provides standard semantic models in which various data, from disparate systems and external entities, can exchange infor­mation. When utilities implement a CIM, they must make it a strategic part of their enterprise strategy and then collaborate with industry to continue to make improve­ments to the standard. Because utilities generally don’t compete with one another, they can find significant benefit from col­laborating together to advance standards for the benefit of the electric grid and so­ciety as a whole. That collaborative build­ing is a natural role for the Electric Power Research Institute (EPRI), which has been involved since the beginning of CIM devel­opment and continues to participate in the development of standards and in interoper­ability testing with electric utilities.

Meshing with Communication Infra­structure

Little data springs form the variety of smart meters, devices, switches and monitors in­stalled on the transmission and distribution system. Today, it is not uncommon for a utility to have completely separate commu­nication infrastructures for different sys­tems—SCADA, field crew, capacitor bank controllers, demand response, advanced metering, and so on. To maximize value, utilities should treat communication infra­structure as a strategic investment with a focus on building secure, IP-based systems (either private, public or a hybrid). Managing this infrastructure takes time, patience and skill. Network and System Management (NSM), which combines monitoring and management, can address this challenge: • NSM monitoring provides the capability to acquire information about the operational aspects of a communication infrastructure. This information can be used for network design optimizations, security event detection, communication anomaly detection, and other purposes. • NSM management provides the capability to control key aspects of the communication infrastructure and to resolve detected problems. An example of management is the ability to remotely disable a communications port on a switch. As technology scales, these networks will become smarter, easier and more self healing. Until then, NSM monitoring and management and associated technologies are must learns for any utility operator looking to meet the challenges of integration. One thing is very clear: The utility communications infrastructure is also a strategic investment and must be built to the same reliability, robustness and security as the electric grid. Poor communication infrastructures have been one of the most significant challenges in a number of recent smart grid demonstrations around the world; where they have been robust, those demonstrations have been the most effective.

Byte-ing into Cyber Security

System security presents another integration challenge. As the grid becomes more complex, so does the risk of sophisticated cyber and physical attacks on the grid. An intelligence driven approach to cyber defense that uses threat indicators from multiple domains such as IT, OT, physical and external threats can get ahead of attackers while quickly responding to incidents as they occur. Today, the security monitoring necessary to execute this approach typically happens in different parts of organizations. Security Operations Centers (SOCs) are common in physical security, business, and industrial control environments. Many utilities have one or more of these individual SOCs responsible for defined physical regions or business functions. EPRI has found that utilities can realize security benefits by integrating these information silos to create integrated security operations centers, or ISOCs. An ISOC brings together the many isolated security monitoring and response functions into a unified framework. Benefits include:

• Real-time intelligence
• Improved analyses of vulnerabilities and threats across organizational domains
• Efficient forensics and root cause analyses
• Unified (corporate information technology [IT] and operations technology [OT]) security incident management
• Centralized configuration and patch management
• Optimization of security resources
• Strong workforce relationships across business functions Making the move from technology or business unit SOCs to an enterprise ISOC requires significant planning and investment. Several internal stakeholders must be engaged to reach consensus on the business drivers, potential challenges, and high level phases of the e fort. In 2013, EPRI published ‘Guidelines for Planning an Integrated Security Operations Center’, which focuses on the initial steps of setting up an ISOC—developing the business case, identifying potential organizational challenges, determining tradeoffs for different ISOC architectures, and planning the implementation process.

Putting Knowledge to Practice

Perhaps the most challenging of the IT/ OT convergence discussions is putting the combined knowledge to work in realtime through smart grid demonstrations. Earlier this year, EPRI concluded a seven year series of smart grid demonstration projects. A report, “EPRI Smart Grid Demonstration Initiative: Final Update,” documents 48 case study results as of mid2014 and marks the culmination of tests and the re sults of the demonstration projects, which involved 24 utilities from Australia, Canada, France, Ireland, Japan and the United States. At a high level, the demonstrations confirmed many devices and smart assets of an integrated grid have tremendous potential to deliver significant benefits, but they must be deployed in a strategic, secure way and integrated with the existing infra structure. That requires an understanding of the interaction between IT and OT.

In Conclusion

A utility operations executive’s ability to combine IT and OT in the areas of data analytics, advanced communication infra structure, cyber security and realworld pilots is paramount in gleaning full value from system upgrades. Many of these technologies are the responsibility of the utility CIO. In 2015, EPRI will launch a series of Integrated Grid pilots to further evaluate the costs and benefits associated with deploying these advanced technologies. We look forward to better understanding consumer behavior, the information and communication technology need for demonstrating an integrated approach, and the potential that distributed energy resources can bring.

Read Also

The Digital Utility: New Value and Risks

The Digital Utility: New Value and Risks

Matt Wakefield, Director, Information, Communication and Cyber Security, EPRI
Cloud Computing for Advanced Power System Monitoring

Cloud Computing for Advanced Power System Monitoring

Eugene Litvinov, Chief Technologist, ISO New England
Realizing Real Dollar Savings with Right IT Choices

Realizing Real Dollar Savings with Right IT Choices

Tom Bland, Director, Business Technology Services, Cobb EMC