Wednesday, September 30, 2009

Smart Grid: Greener but no Greenfield

It is good to see the attention that the new NIST draft directives for the Smart Grid are getting in the press. Ordinarily, this type of draft release is not interesting enough to the general public to merit any real press, and ends up being a conversational target to the few who arrive interested in the space. Any mainstream attention comes much later in the cycle, as affected parties either applaud or complain.

One impression that I would like to correct is that the Smart Grid itself, and therefore, the challenges of Smart Grid security, is something being developed from scratch.

In Federal Computer Week, Bill Jackson calls out the following:
Deployment of a Smart Grid offers a greenfield opportunity because the existing grid, parts of which are 50 years old or older, was not designed to support alternative energy sources such as wind and solar power, and the two-way flow of energy and data. But this wholesale upgrade also makes it imperative that security be built in now, because the grid lifecycle is measured in decades rather than years, as it is for much of the rest of our information infrastructure. Equipment being designed for deployment now might not be replaced for decades.
There are so many capabilities within the Smart Grid that are new, and there is so much investment going into it, that it is completely understandable to conceive of the Smart Grid as the "new" grid, as opposed to the evolution of the "old" grid. The Smart Grid as a replacement is a misperception that we have seen often in our work on evangelizing smart grid security. The Smart Grid is not a greenfield, not a replacement infrastructure, and most definitely not a new grid. We always have to remember that the Smart Grid is a new way of leveraging, stabilizing, advancing, and enhancing, the OLD Grid.

The billions that have been made available through the Smart Grid Investment Grant Program, the additional billions that are pouring into development of renewables, transmission and distribution advancements, PEV's, and storage, are only a small fraction of the total picture when the nation's power infrastructure is viewed in its eventual entirety. As a result, when we are considering the security of the Smart Grid, we must always consider (as the NIST work does ) the existing grid. Whether we work to create more secure means to connect to it, or to actual revisit the older technologies and improve their protections, those challenges will likely be the most pressing, and the most complicated, that we need to solve.

No comments: