Security at the Edge of the Grid

We used to be very concerned about traveling too close to the edge of the world, remember?  Then some smart math and science guys figured out, surprisingly, Earth has no edge, so we were free to move about about the globe.

Now as we approach the end of the beginning of the Smart Grid era, what began as an initiative to add visibility, flexibility, and yes, smarts all over the grid is now seeing change accelerate close to the points of consumption.

Of course, amid all the excitement about innovation in distributed generation, distribution automation, energy efficiency, demand management, microgrids, storage, etc., one could forget that there's some basic housekeeping to attend to in the categories of power regulation and security.

The former, which includes maintaining the quality of electricity and keeping dangerous phenomena like harmonics in check, has been the province of utilities and ISO/RTOs and that's not going to change.  Ever increasing percentages of distributed generation are, in anything, going to make utilities' capabilities in this area even more essential to safe and reliable power delivery.

The other housekeeping item, now that it's 2013/2014 and not 1963/1964, is that all the new edge devices have several attributes in common:

• They send, receive and store data
• They constrain access to their data and/or services to certain other systems
• They receive control signals, sometimes from humans (think: iPhone apps) and sometimes from other systems (think: Nest thermostats)

Of course this is an oversimplification, but astute readers will notice that the integrity of all of these activities depends entirely on capabilities from the security domain.  My job as part of Greentech Media's new Grid Edge Executive Council (see my humble logo above nestled among the titans) is to ensure less-than-sexy security attributes are baked into the functional requirements of all the new products that plan to participate in this edgy arena.

That way, when 2023/2024 arrives, we'll be powering our homes, businesses and country with power we can depend upon.

An Industry Starts to Pivot: Electric Utilities' Shifting Business Models in the Rise of Solar

Amory Lovins and Karl Rabago saw this coming a long time ago.

Now the Wall Street Journal (not Grist, not Mother Jones, not Rolling Stone) references the EEI distributed solar dispatch from earlier this year and runs with it. Not just early/first mover NRG, but the old guard is chiming in too: AEP, Duke, Southern Co, Nextera, Dominion, PG&E ... you get the
picture.

First up is Nick Akins, American Electric Power CEO:

On its face you would look at it and say distributed generation is a threat. But on the other hand we see it as an opportunity because our business is changing. There's no getting around it.

Other big utility CEOs join the chorus and soon the message is unmistakable.

More on the Model: are Utilities Planning for the Future or Hoping it Doesn't Come?

A few weeks ago I posted about threats to the traditional investor owned utility (IOU) business model and I'm still soaking in what EEI and others are saying. Since then, I:

• Attended a presentation on the future of renewables at MIT given by energy futurist Dr. Eric Martinot. You can download Martinot's full 2013 report HERE and follow his periodic updates HERE
• Also had a great conversation with another energy futurist, Chris Nelder, after reading his Greentech Media Article titled "Adapt or Die: Private Utilities and the Distributed Energy Juggernaut". Nelder's personal site is HERE
• Read THIS from Bloomberg, a name not normally associated with wild or starry eyed cleantech visions. Bloomberg analysts are predicting very strong gains with renewables comprising up to 37% of total power produced by 2030

I'm not a self proclaimed futurist, nor do I play one on TV or the Web. And I know if I was on a debate team, I could find plenty of arguments (e.g., low cost natgas, end of renewables subsidies, slow updake of EVs, etc.) for thinking it'll be business as usual for IOUs for decades to come.

It's Hard for Utilities to Improve Security when Their Business Models are Increasingly Insecure

This one's not about security, unless you consider the well-being of the utilities who own and operate most of the grid to be security related.  In which case this post is completely about security!

Greentech Media (GTM) has just written a short piece highlighting some of the take-aways of a new Edison Electric Institute (EEI) report called "Can the Utility Industry Survive the Energy Transition?" and I'd say both the GTM article and the full EEI report are well worth your attention.

Woolsey Ominous at GigaOm re: Smart Grid Security

I'm a fan of former CIA Director and energy security "Green Hawk" James Woolsey and find myself on the same page at least nine times whenever he voices ten opinions. But at a recent energy tech conference he weighed in pretty heavily against electric utilities taking security challenges nearly seriously enough.

Two links coming at you. In this one, from the SmartPlanet blog, the primary impression seems to be that Woolsey wants to move the US as quickly as possible to more distributed forms of generation as a means of diversifying and decentralizing our sources of power.  Hard not to agree there's goodness in that idea; it's the matter of expeditiously implementing that type of change on a large scale that's a grand challenge.

But in this post, from conference host GigaOm, it sounds more like Woolsey has an ax to grind against the utilities. This is a paraphrase I'm sure, but the point gets through:

Right now they’re more concerned with adding fun new features, but it won’t be so fun if the electric grid goes down for a few days.

"Fun new features" doesn't sound like the goal of any utilities I've been in contact with. Not even close. I assume that's his attitudinal short hand for modernization activities a la the Smart Grid. But nobody I've talked to is doing anything for the fun of it: not Smart Meters, not AMI networks, not distribution automation, not demand management, not efficiency.

Woolsey's been known to call the Smart Grid "dumb" and belittle new capabilities as if they were gadgets for consumers (e.g., saying people can turn down their AC with their phones on hot days, for instance, and then China-baiting by saying somebody in Beijing or similar can also reach your AC the same way).

To me this sounds like another voice in the growing chorus for more Federal regulation along the lines of the 2012 Cybersecurity Act. NPR had decent, relatively balanced feature on the looming legislation this morning, HERE. And we discussed the pro's a little and the con's a lot of this type of action on an SGSB post a few weeks ago, HERE.

I'm sure most would agree that improving the overall security of the electric system is desirable and doable. For example, perhaps adding a few carrots to the menu that's currently comprised of sticks might foster some better results.

While I'm confident their intent is constructive, IMHO, I'm not sure government is equipped to bring about the types of change Woolsey, CSIS's James Lewis, and many others think (or hope) they'll achieve through legislation. It would be great to see more utilities start taking the lead on this topic and control their own destiny, versus having it set for them.