Interview with Maik Seewald
In this wide-ranging interview, Maik Seewald explains that a sound architecture is needed to bring coherence to Smart Grid systems and facilitate effective stakeholder participation in Smart Grid projects. He emphasizes the role IP technologies will play in Smart Grids, discusses strategies for deploying security and cybersecurity solutions, and notes recent developments in grid automation. He also discusses the importance of distributed intelligence in the Smart Grid.
Question: What are the key architectural considerations utilities should keep in mind as they evolve to Smart Grid?
A sound architecture is needed to tame the complexity of Smart Grid because we are talking about a really large system and connecting different domains. The architecture should foster an end-to-end Smart Grid paradigm, especially from the communication perspective, and it should use a layered model to integrate existing systems, build new systems, and spur innovations.
I would like to add that non-functional requirements or quality attributes, such as interoperability, manageability and robustness, are especially important in the architecture because the Smart Grid is all about extensibility and scalability. It is a growing thing. It's not static. We need to make sure that we can integrate new systems, new technologies, and new devices easily and therefore the architecture should be based on open standards. The architecture is also important because it can facilitate a common understanding of the whole system. We have a lot of different stakeholders in the system, and a coherent architecture enables businesses and technologies to work together.
What are you observing in Smart Grid implementations today that signify new progress or advancements?
Progress varies from domain to domain. We’re seeing more and more connectivity within and between domains and the adoption of the Internet Protocol as a platform to achieve interoperability and end-to-end communications. The use of IP is a good thing because the technology is generally media independent and can connect different types of networks.
The industry and its stakeholders are concerned about security and we are seeing more and more efforts to address security as a crucial service requirement. This is to be expected with increasing connectivity. Another trend is that utilities are adopting technologies that give them more visibility into their systems so they can to achieve better control of the distribution network and integrate distributed generation. Utilities are also using high-performance network technologies such as MPLS more and more to connect different entities within the power grid.
I would like to mention IEEE P1901.2™, the forthcoming standard for narrowband power line communications, which is designed for middle-mile infrastructure and distribution automation. We really think it will help achieve more end-to-end connectivity. The standard has a lot of flexibility because is fully based on IPv6 and a new open routing protocol, RPL (IPv6 Routing Protocol for Low-Power and Lossy Networks). IEEE P1901.2 will help utilities connect more and more endpoints to the Smart Grid in an efficient and scalable manner.
Do you have general advice for power industry experts and ICT professionals who are working on Smart Grid?
The Smart Grid requires the involvement of people from both the power and ICT industries. It's important for everyone to understand the full picture, especially when it comes to defining new protocol stacks and architectures. People must always look at the whole stack to understand the type of network used, the network’s topology and capabilities.
For example, field area networks are restricted by their need to connect to battery-powered devices that have limited processing power, so utilities need to address these restrictions in the protocol stack and in security implementations.
It’s important to pick the best layer in the architecture for the security application. It’s also important to use existing infrastructure. It doesn’t make sense to rebuild everything. Finally, it’s also important to keep the new integrated networks and endpoints manageable from the customer’s perspective.
What are some of the business practicalities of implementing security technologies?
In the power industry each stakeholder comes to a project with different amounts of money to spend, different policies, and different interests. The stakeholders can include utilities, transmission system operators, distribution system operators, service providers, and end users.
Integrating security solutions that satisfy all of these stakeholders is a challenge. The equipment we use in this industry, especially in substation automation, has a long life span. We are talking about 10, 15 or more years, which is unheard of in the ICT industries. We also see a greater variety of PC operating systems and databases. As a result, software patch management is a serious thing.
Also, as more commercial off-the-shelf computing technologies have been adopted, we have more and more issues with viruses and worms. These challenges also need to be addressed.
What are the security implications of merging the enterprise IT network with a facility maintenance network? How would you advise utilities to address this?
It's very important to separate the networks physically and also logically and this means using virtual local-area networks or network separation technologies over the wide-area network. The goal is to have strong physical and logical network segmentation, strong perimeter security, such as firewalls, and strong access control in order to achieve what we call security zones. At substations, for example, each typical function in the network, such as controls, data, maintenance or engineering, should have its own zone. The idea of security zones is not new and has been used in other industries, but it needs to be applied by utilities as they evolve to Smart Grids.
How should utilities implement Smart Grid cybersecurity solutions?
The problem is that we have a large attack surface because of the grid’s distributed infrastructure. The issue is especially important in the United States, where cyber attacks on the utility grid are defined as the number one threat to national security.
Taking into account the security specifics I mentioned earlier and all the considerations about different stakeholders, policies, and the age of the equipment, I think the most important thing is to develop the security architecture to protect power grid installations. Utilities should also employ important security paradigms such as a layered security and security-in-depth. This means that not only should utilities have one security control in place but a set of security controls. The architecture should include strong network separation, which I already mentioned, and also use intrusion prevention and detection systems.
For the Smart Grid it is also important to plan and design for inevitable breaches. It’s not advisable to say that a system is 99-percent secure and has no chance of being hacked; this is probably never true and we have to plan how to anticipate, monitor, and detect an attack on the network. We have to build defenses so that if an intrusion occurs, the network can isolate the intrusion and reroute services to prevent disruptions.
What new advancements in power grid automation should the industry pay attention to?
The IEC 61850 communications standard, which was defined for substation automation, is being used more and more outside the substation. It is being applied, particularly, for distribution automation. We are also seeing the adoption of IP-based profiles in this industry, especially for IEC 61850, to connect substations to control centers.
IEC 61850 is also now the basis of a new interoperability standard, called IEC 61850-90-5, which is related to and harmonized with IEEE C37.118. The IEC 61850-90-5 standard was jointly developed by IEC and IEEE to create a common solution to support data communications over large-scale, wide-area synchrophasor networks.
Work on IEC 61850-90-5 was initiated after the 2003 blackout in the northeastern United States. The goal of the standard was to create better grid visibility and situational awareness in order to prevent widespread power outages. The standard, which is a fully IP based, connects the synchronized phasor management units that have been installed across the country.
While IEC 61850-90-5 emphasized monitoring PMUs, it turns out that the standard can also be used to establish new applications based on PMU measurements and output data to trigger protection functions, like switching, within the power grids.
How important is distributed intelligence in the Smart Grid?
Many people in the industry are starting to think about the need for distributed intelligence. While the grid today still largely functions according to traditional concepts and installations, advancements such as wide area synchrophasor measurement technologies, and the generally increasing use of sensors to get more data from the field, mean that it's basically not possible anymore to make decisions and control this network of networks from one central point in the grid. It is no longer a practical to use centralized control and monitoring. We really need distributed intelligence.
In fact, intelligence should be distributed at several layers of the grid. This will keep the grid scalable, controllable and observable and make it possible to respond to events in real time for automation and also security purposes. Distributed intelligence and control are also important capabilities to have for microgrids. With microgrids, it can be fairly easy to isolate the microgrid from the rest of the network and keep it running, but it needs distributed control to achieve this.
Maik Seewald has more than 20 years of engineering, security and technical architecture experience. Today, as Technical Business Development Manager for Cisco, he focuses on power grid automation, Smart Grid architecture, and cybersecurity for the company’s Connected Energy Networks Group. He is also Cisco’s representative for standards development activities pertaining to communications, security and energy automation. He is based in Nuremberg, Germany.