Ieee Cyber Security for the Smart Grid

IEEE
SMART GRID
RESEARCH


IEEE 3 Park Avenue New York, NY 10016-5997 USA

IEEE CYBER SECURITY FOR THE SMART GRID

Page | 1

Trademarks and Disclaimers
IEEE believes the information in this publication is accurate as of its publication date; such information is
subject to change without notice. IEEE is not responsible for any inadvertent errors.









The Institute of Electrical and Electronics Engineers, Inc.
3 Park Avenue, New York, NY 10016-5997, USA
Copyright © 2013 by The Institute of Electrical and Electronics Engineers, Inc.
All rights reserved. Published September 2013. Printed in the United States of America.
IEEE is a registered trademark in the U. S. Patent & Trademark Office, owned by The Institute of Electrical
and Electronics Engineers, Incorporated.
PDF: 978-0-7381- 8517-0 STDVA98299
Print: 978-0-7381-8518-7 STDVAPD98299
IEEE prohibits discrimination, harassment, and bullying. For more information, visit
http://www.ieee.org/web/aboutus/whatis/policies/p9-26.html.
No part of this publication may be reproduced in any form, in an electronic retrieval system, or otherwise,
without the prior written permission of the publisher.
Find IEEE standards and standards-related product listings at:
http://standards.ieee.org/


Page | 2

IEEE SmartGrid Research has been obtained from sources believed to be reliable. Neither
IEEE nor its authors guarantee the accuracy or completeness of any information published
herein, and neither IEEE nor its authors shall be responsible for any errors, omissions, or
damages arising out of the use of this information. References made to products, technology,
solutions, trade names, vendors, or otherwise, do not constitute or imply its endorsement or
recommendation by IEEE or its authors.
The information identified in this report are based on discussions with industry participants
and Zinnov’s ongoing research in smart grid and related markets. Conclusions drawn are
anticipated only, and do not imply prediction of events in the future. Information provided in
all segments is based on availability, and the willingness of participants in sharing these
within the scope, budget, and allocated time-frame of the project, and reflects the views of
industry participants.
Likewise, while the author and publisher believe that the information and guidance given in
this work serve as an enhancement to users, all parties must rely upon their own skill and
judgment when making use of it. Neither the author nor the publisher assumes any liability to
anyone for any loss or damage caused by any error or omission in the work, whether such
error or omission is the result of negligence or any other cause. Any and all such liability is
disclaimed.
This work is published with the understanding that IEEE and its authors are supplying
information through this publication, not attempting to render engineering or other
professional services. If such services are required, the assistance of an appropriate
professional should be sought. IEEE is not responsible for the statements and opinions
advanced in the publication.


Page | 3
Table of Contents
Executive summary ................................................................................................................................... 5
Introduction ....................................................................................................................................................... 5
Cyber security assessment of the Smart Grid ................................................................................................... 5
Country analysis................................................................................................................................................ 6
Conclusion ........................................................................................................................................................ 7
Overview .................................................................................................................................................. 8
Introduction to Smart Grid ................................................................................................................................ 8
Smart grid representation .................................................................................................................................. 9
Issues with Smart Grids .................................................................................................................................. 10
Cyber security threats and agents.................................................................................................................... 11
Smart Grid cyber security market size ............................................................................................................ 13
Case studies ..................................................................................................................................................... 13
Case studies ..................................................................................................................................................... 14
Cyber security assessment of Smart Grid ................................................................................................. 15
Cyber security framework ............................................................................................................................... 15
Communication ............................................................................................................................................... 16
Advanced metering infrastructure ................................................................................................................... 21
Control room ................................................................................................................................................... 29
Substation ........................................................................................................................................................ 39
Electric vehicles .............................................................................................................................................. 48
Country analysis ..................................................................................................................................... 52
United States ................................................................................................................................................... 52
Germany .......................................................................................................................................................... 59
India ................................................................................................................................................................ 62
China ............................................................................................................................................................... 69
South Korea .................................................................................................................................................... 73
Japan ............................................................................................................................................................... 80
Conclusion .............................................................................................................................................. 90
Cyber security framework ............................................................................................................................... 90
Country summary............................................................................................................................................ 94
Present investments in cyber security for Smart Grid ..................................................................................... 98
Future outlook for cyber security in Smart Grid ........................................................................................... 100
Action items for cyber security in Smart Grid .............................................................................................. 103
Acknowledgements............................................................................................................................... 104


Page | 4
Abbreviations ....................................................................................................................................... 105
References ............................................................................................................................................ 109
Authors ................................................................................................................................................ 120


Page | 5
Executive summary
Introduction
Countries across the globe are implementing smart grids in order to achieve reductions in emissions, increased
grid efficiency, increased usage of renewable energy sources, increased consumer control over their energy
consumption, and other economic benefits. Despite the promised benefits of the Smart Grid, there are various
concerns that need to be addressed such as security threats, privacy concerns, high infrastructure costs, and
increased tariffs for effective implementation.
A large number of possible threat scenarios and threat agents make it imperative for Smart Grid cyber security
to be adequately addressed. This report details the cyber security vulnerabilities that exist in the Smart Grid
value chain, the efforts undertaken by certain countries to mitigate these vulnerabilities, and the measures that
need to be implemented going forward. Four such instances of cyber security breaches are highlighted in this
report.
Cyber security assessment of the Smart Grid
This section of the report examines the cyber vulnerabilities that exist within the value chain, the existing
standards and protocols for cyber fortification, and various technologies that can mitigate the threat. Five
different components of the Smart Grid value chain are covered in detail, namely communication, Advanced
Metering Infrastructure (AMI), control room, substation automation, and electric vehicles.
The communication layer is the backbone of the Smart Grid and is vulnerable to cyber attacks. In the past,
utilities carried out communication operations over their networks. However, to meet the communication needs
of a larger number of end points (namely the customer base), third-party communication service providers are
now playing a more active role in rollout plans. This report details the different types of communication media
(wired and wireless) that are used in each segment of the Smart Grid value chain. The cyber security threats for
some of these technologies are also detailed.
This report discusses the architectural layout and information flow within the AMI, and the standards and
protocols that ensure the cyber security of the AMI network. Various types of cyber attack intrusion methods,
and the motives behind them, are discussed. The different types of security breaches in AMI are categorized
according to the threat level of each of them, and are also categorized by the type of impact that they can have
(based on three security parameters: confidentiality, integrity and availability). This report also highlights
detection technologies that can help fortify the AMI network.
The Demand Response Automation Server (DRAS), used for automating dynamic pricing and messages, is
also vulnerable to several breaches. This report showcases the varying levels of impact of these cyber
vulnerabilities associated with the Demand Response Management System and the DRAS, based on the
security parameters of confidentiality, integrity, availability, or a combination of these.
The wide deployment of networking technologies in Supervisory Control and Data Acquisition (SCADA), and
its high connectivity with other networks such as corporate networks exposes it to a plethora of cyber attacks.
This report details the general layout of the SCADA system and its various interactions with other entities. It
discusses multiple cyber threats faced by SCADA systems, and determines their impact on confidentiality,
integrity, and availability.


Page | 6
A substation is one of the most critical components of the grid as it is exposed to both cyber and physical
vulnerabilities. A compromised substation can result in power outage, grid instability, loss of SCADA control,
and loss of SCADA related information. This report discusses the primary and secondary components and
architectural layout of an automated substation, and examines substation cyber threats and preventative
security measures, including protocols and standards that have been framed and established by the IEEE, IEC,
and NERC in order to secure substations.
Electric vehicles will form an important component of Smart Grids, especially due to the proliferation of
vehicle-to-grid (V2G) technologies, which enable electric vehicles to be used as distributed energy sources.
The current investments in cyber security for electric vehicles, the growth rate of these investments over the
next few years, and the focus areas for cyber security investments for electric vehicles are detailed in this
report.
Country analysis
This report showcases the various endeavors undertaken by six countries—United States, Germany, India,
China, South Korea, and Japan—with respect to cyber security for the Smart Grid.
In the U.S., the implementation of a Smart Grid was given priority in 2007 with the passing of the Energy
Independence and Security Act. In 2009, the American Recovery and Reinvestment Act further reinforced the
efforts to build a modern, secure Smart Grid system. This report details some of the prominent challenges
being faced by the U.S. with respect to cyber security of its Smart Grid in particular, and critical infrastructure
in general. It also speaks of the need to have a federal body leading the effort of cyber fortification, the
NERC’s transmission planning standards for evaluating the system under myriad conditions, and the executive
order on cyber security signed by President Barack Obama in February 2013.
Germany’s Smart Grid road map can be broadly divided into three distinct phases by the German BDEW
(German Association of Energy and Water Industries): preparation phase (2012 to 2014), implementation
phase (2014 to 2018) and marketing phase (2018 to 2022). This report lists the standards framed by the IEC to
secure, regulate, and standardize the adoption of the Smart Grid in Germany. It also showcases the security
portfolio for Smart Grids that the BSI is working on in order to ensure cyber security and data protection.
India intends to implement a Smart Grid nationally by 2027, in three five-year stages. Under the National
Smart Grid Mission (NSGM), India envisages investment of more than INR 314 billion from 2012 to 2017,
with 14 pilot projects dealing with multiple Smart Grid technologies. Smart Grid implementation in India is
overseen by the India Smart Grid Forum (ISGF) and the India Smart Grid Task Force (ISGTF). This report
highlights the objectives and roadmap of the ISGF’s Working Group on Cyber Security, which aims to
conduct a security audit of Indian electricity organizations.
China envisages the Smart Grid to be implemented in a three-stage process, culminating in 2020: planning and
trial phase, all-round construction, and monitoring phase. A total of 228 pilot projects have been commissioned
across China to analyze different aspects of Smart Grid deployment, challenges, and solutions. This report
sheds light on certain security-specific standards for Smart Grids that China has released. With China’s heavy
focus on cyber security for Smart Grids, its cyber security market is estimated to reach USD 50 billion by
2020, largely driven by measures to fortify Smart Grid systems.
South Korea pursues their Smart Grid initiative as a national policy in order to achieve their vision of “low
carbon, green growth.” The Korea Smart Grid Institute (KSGI) was launched in August 2009 as the Secretariat
of Smart Grid Initiatives and Projects in South Korea. Its Smart Grid implementation is broadly segmented
into three phases:

Page | 7
• Phase 1: Construction and operation of the Jeju (an autonomous island) test bed
• Phase 2: Expansion into metropolitan areas
• Phase 3: Completion of a nationwide intelligent power grid
The national South Korean Smart Grid roadmap is composed of five implementation areas: smart power grid,
smart place, smart transportation, smart renewables, and smart electricity service. This report discusses some
of the protocols that ensure cyber security for AMI for Jeju and highlights the security requirements of the
AMI system and the guidelines for AMI security protocol.
Japan’s Smart Grid deployment is guided by its long-term “Smart Community” roadmap. Four large-scale
pilot projects—Kyoto Keihanna district, Yokohama city, Toyota city, and Kitakyushu city—have been
commissioned in Japan to study different aspects of the Smart Grid. Japan’s New Energy and Industrial
Technology Development Organization (NEDO) has collaborated with various institutions across the world to
run pilot programs that were selected on the basis of their geographic, environmental, and economic
resemblance to regions in Japan. Japan released “Information Security Strategy for Protecting the Nation” in
2010, which is supplemented by an annual Information Security Review. This report highlights the policies,
background, and key actions of the strategy. It also highlights certain specific measures that need to be
undertaken to secure critical infrastructure in Japan per its 2012 Information Security Review.
Conclusion
Through this study, it has been concluded that the different players within the Smart Grid ecosystem need to
interact closely and establish a framework in order to facilitate a standardized security model. In order to
realize a secure, stable, and efficient Smart Grid system, it needs to be equipped with self-healing features,
which are discussed herein. This report also details the technologies and architectural guidelines for a five-step
security framework: prevention, detection, response, recovery, and communication. Highlighted are the
existing standards of cyber security for Smart Grids in the U.S., Germany, India, China, South Korea, and
Japan, and the requirements for the future.
This report takes a look at the amount invested in Smart Grid cyber security by venture capitalists compared to
other Smart Grid technologies, as well as a comparison of a number of venture capital deals by different Smart
Grid technologies. Thus, the future outlook for the Smart Grid cyber security is determined. Stakeholders
across the Smart Grid value chain believe that the industry is adapting to the prospect of increased debilitating
cyber attacks and taking appropriate measures. This report highlights the action items that need to be addressed
collectively by all stakeholders in the Smart Grid ecosystem for security to be effectively realized.



Page | 8
Overview
Introduction to Smart Grid
Driven by various factors, Smart Grid deployment is a key focus area across the globe

Various drivers are pushing countries toward Smart Grid adoption, broadly classified under the drivers shown
in Exhibit 1:

Exhibit 1: Drivers for Smart Grid adoption
Emission reduction: Countries are looking at the Smart Grid as a means to comply with treaties such as the
Kyoto Protocol, and other binding and non-binding pledges to reduce greenhouse gas emissions. Reduction in
the carbon footprint is another intended outcome of Smart Grid adoption.
Increase in efficiency: Smart Grid technologies permit electrical grid operations to become more efficient,
reducing losses found in the conventional grid. The quality of power being delivered is also higher and more
consistent.
Focus on renewables: With mechanisms for better integration of variable renewable sources of power such as
wind and solar, Smart Grid deployment allows countries to increase the percentage of power produced by these
sources, and correspondingly reduce dependence on conventional sources of power such as hydrocarbon and
nuclear energy.
Economic benefits: Apart from the savings due to reduced losses, accelerated Smart Grid deployment allows
countries to reach the forefront of standards development, achieving dominance in engineering. Exporting
Smart Grid equipment and expertise is another value proposition, as countries across the globe direct efforts
toward Smart Grid deployment. It also puts the control of energy utilization based on demand in the hands of
the consumer.

The Smart Grid can be defined as an upgrade to the existing electrical grid infrastructure,
making it more sustainable, economical, efficient, and reliable, and incorporating information
and communication technology to allow two-way communications between all components.

Page | 9
Smart Grid representation
The Smart Grid can be visualized as a network that permits bidirectional flow of data and power
among its various elements
Consumer premises, which may or may not have renewable energy generation units, may employ Advanced
Metering Infrastructure (AMI) devices such as smart meters, which 1) Gather consumer consumption
information and relay it to the utility, and in some cases 2) Relay information from the utility to the consumer.
These premises may also have other systems to manage consumption, which can then connect to a
neighborhood aggregation point that ultimately transfers collected data to a utility data center. Public electric
vehicle charging stations may also be directly connected to the utility data center. The utility data center may
use analytics solutions to forecast demand and relay this information to the utilities, which are interconnected
to better manage supply and demand over large geographical areas. These utilities may be individually or
collectively connected to the energy generation units, whether conventional or large-scale renewable.

Exhibit 2: Smart Grid visualization



Page | 10
Issues with Smart Grids
Four major issues need to be addressed for effective deployment of Smart Grids
Security threats: Given the interconnected nature of Smart Grids, there are multiple points of possible breach.
Apart from the need to physically secure different equipment, securing the data flow is of utmost importance.
Privacy issues: Smart Grids will periodically generate extremely large quantities of consumer data. Concerns
regarding access to this data and its potential misuse by malicious agents needs to be addressed. For example,
consumer data confidentiality can be compromised when it is used by advertisers or third-party vendors
without the consent of the consumer. Consumer concerns regarding data privacy has impacted the rollout of
Smart Grid across countries.
High expense: Smart Grid deployment involves large amounts of expenditure in installing various devices,
systems, and solutions. Securing these funds, along with research funding in various domains. will increase the
cost of implementation.
High tariffs: Utilities and governments may be constrained in terms of expenditure for Smart Grid
deployment, causing them to pass the cost to consumers. This may cause consumers to opt out, thus impeding
Smart Grid rollout.

Exhibit 3: Four issues with Smart Grids
These four issues are the dominant impediments to the rollout of Smart Grids across all nations. The social
concern regarding consumer data security is very high in Germany and has deterred the timely installation of
smart meters. In the U.S., high tariffs and consumer data privacy issues are the major roadblocks. However,
across the globe, the most critical issue is the lack of a holistic, robust, and standardized security framework
and the cost of attaining it. This framework includes protecting the infrastructure and consumer data,
safeguarding the grid from theft and/or manipulation of electricity and data, and ensuring reliable power
supply for consumers.

Page | 11
Cyber security threats and agents
A large number of possible violations and threat agents make it imperative for cyber security to be
addressed urgently

Exhibit 4: Cyber security threats and agents
Cyber security threats
Cross-site scripting: When a user accesses a malicious website or link, certain scripts may be executed in the
browser, permitting the agent to gather information about the data entered (e.g., in the form of keystrokes) and
use it to gain remote access to the machine.
Denial-of-service (DoS): Overwhelming a network, application, or system by flooding it with services or
other requests that prevent or hinder normal usage.
Distributed denial-of-service: A form of denial-of-service whereby multiple agents simultaneously launch an
attack.
Logic bomb: A malicious piece of code that is deliberately added to software in order to execute when certain
conditions are met.
Misconfiguration: Incorrect configuration, either deliberate or unintentional, that comprises the security or
functionality of a system. With the increase in system automation, misconfiguration can have a cascading
effect on other devices, with the potential for large-scale outages.


Page | 12
Passive wiretapping: Accessing data while it is being transmitted without modifying it.
Phishing: Obtaining confidential information from users under a false pretext. This information can be used
by malicious (e.g., identity thieves) or non-malicious agents (advertisers) to financially or personally impact
the consumer. Phishing can result in the loss of confidentiality of consumer data.
Structured Query Language (SQL) injection: Alteration of search queries in a database, which can be used
to access confidential information contained in it.
Trojan horse or Trojan: An application that appears to be useful, but instead performs a malicious function
when executed by the user.
Virus: An application that, when activated through a user action, replicates itself on a user’s system and
performs malicious tasks without the user’s knowledge.
War driving: Driving through localities and accessing unsecured wireless networks via computers with
powerful wireless antennas.
Worm: An application that performs malicious tasks without any human action. Unlike viruses that require
human support for propagation, worms can do so by themselves, multiplying and spreading rapidly.
Zero-day exploit: An attack that exploits a security weakness that is not known, often initiated by the person
who discovers the same.
Malicious or accidental agents
Bot-network operators: Using a network of systems, these operators remotely launch a coordinated attack.
Criminal groups: Groups that undertake attacks for financial reasons.
Hackers: Individuals or groups that make use of their computing skills (or make use of attack scripts available
on the Internet) to breach networks.
Insiders: Disgruntled employees who may release confidential information or disable systems that they have
access to. Unintentional outages due to enhanced complexity of systems may also be precipitated.
Nations: Countries may conduct cyber-espionage activities to gather information or conduct attacks as an act
of war.
Phishers: Groups or individuals that use phishing schemes, spyware, or other malware to gather information
for identity duplication and financial gain.
Spammers: Groups or individuals sending unsolicited e-mails in order to promote products, gather
information, or propagate malware.
Spyware or malware authors: Individuals or groups that create and distribute malware.
Terrorists: Individuals or organizations that wish to cause harm (financial or otherwise) by attacking
infrastructure to detrimental effect.

Page | 13
Smart Grid cyber security market size
Expenditure on cyber security for Smart Grid systems is expected to grow at a compounded annual
growth rate (CAGR) of nearly 30% through 2020


Exhibit 5: Global cyber security spends (all figures are in USD million)
It is estimated that the global Smart Grid cyber security market will grow at nearly 30% CAGR, from USD 7.8
billion in 2011, to USD 79 billion in 2020 [56].
China’s spending for cyber security for Smart Grid will outpace the global levels, growing at 40% CAGR over
the same period [56]. Seeking to meet its goal of completely deploying the Smart Grid by 2020, China is
actively strengthening its systems to mitigate possible threats.


Page | 14
Case studies
There have been several notable instances of cyber security breaches that exemplify the threats
faced by the grid










When: February 2013
Who: Central Hudson Gas & Electric
What: Hackers gained access to customer information, including bank details, for nearly 110,000
consumers of the utility. Access to infrastructure was not compromised.
How: Exploiting the vulnerabilities in the communication system, hackers gained access to the central
database of customer data. It is claimed that information may not have been downloaded or misused.
The attack was discovered during routine control procedures.
When: November 2012
Who: 50 Hertz Transmission GmbH
What: Facing a DoS attack, the internal communication system was disabled, leading to no Internet
access. Distribution, however, was not affected.
How: A botnet, which is a computer running a malicious application, sent multiple requests to the
company’s server which overwhelmed it, causing the system to crash. Service was restored after
several hours, and the bot’s access was discovered and disabled after five days of attack.
When: September 2012
Who: Telvent Canada Ltd.
What: Project files of OASyS SCADA, which helps incorporate older IT systems with upcoming
Smart Grid technologies, were stolen. Telvent disabled client access to the parts of the system that
were compromised.
How: A breach of Telvent’s internal firewalls through an access point between the corporate and
SCADA networks allowed deployment of malware that stole the source code of the product. Experts
believe that it may be used to identify potential loopholes for further attacks.

When: 2009
Who: Puerto Rico Electric Power Authority (PREPA)
What: Per the U.S. FBI’s estimates, the utility was losing USD 400 million per annum due to
manipulation of smart meters by employees of the utility and the smart meter manufacturer.
How: 1) Using an optical converter device, a smart meter was connected to a computer. With software
available on the Internet, power consumption recording settings were altered. 2) Alternately, a strong
magnet placed on a smart meter caused it to stop measuring usage.

Page | 15
Cyber security assessment of Smart Grid
Cyber security framework
The following cyber security assessment framework acts as a benchmark to help determine cyber
threats and robustness of a system
Confidentiality:
Ensuring non-disclosure of sensitive data to unauthorized entities, and preserving authorized restrictions on
information access and disclosure.
Integrity:
Guarding information against unauthorized information modification or destruction, and ensuring non-
repudiation and authenticity in storage, during processing, and while in transit.
Availability:
Ensuring timely and reliable access to information for its use.

Exhibit 6: Cyber security assessment framework




Page | 16
Communication
Projected data transfer rates, reliability, and latency requirements help to determine the
appropriate communication technologies required for each element of the Smart Grid value chain
In the past, utilities preferred to perform communication operations over their own private networks due to the
following reasons:
• Following disruption of services, utility requirements are not given priority over other services
• Better chances of survival of network following a natural disaster
• Serviceability in the entire geographical region of the utility’s operation
• Cost of use
• Ease of control and management
However, as the need to communicate to more locations becomes imperative for Smart Grid implementation,
communication service providers are playing a more active role in rollout plans. In the near future, as
technologies continue to develop in line with existing requirements, collaboration with communication service
providers will play a crucial role.
At the consumer premises level, the data being transferred will consist of information about the time of use and
amount of energy consumed by devices. As devices multiply, as in the case of large homes and commercial
buildings, the bandwidth required for this data transfer will rise correspondingly. Latency, in this case, is the
delay between change in consumption of energy and its display, and a lag in the same is not critical to grid
operation. Reduction in energy consumption by users will also be independent of instantaneous information,
permitting higher latencies. On the basis of these requirements, low-power and short-distance communication
technologies, including wireless, wired, and power line technologies, can be deployed.
Information gathered from consumer premises may be aggregated, with bandwidth requirements per device
being similar. Broadband over power line, wireless broadband communications, and cellular technologies are
all viable technical options, although some regulatory barriers exist. Note that some power line
communications have low-cost options, but these options may contain restricted bandwidth limitations and
may not be able to meet all the requirements of Smart Grids.
Given the voluminous data gathered at each aggregation point, periodically transferring this data to utility data
centers will require communication technologies with large bandwidth, such as fiber optics or broadband
wireless.
Over large geographical areas, where individual utilities are interconnected to ensure optimized grid
operations, the need to reduce latency delays is very important. Synchrophasor readings, essential for
implementing wide-area situational awareness, will need to be connected via communication technologies such
as fiber optics, wireless microwave-based technologies, or broadband over power line.


Page | 17

Exhibit 6: Communication media for Smart Grid systems [61]



Page | 18
All wireless technologies share a common set of cyber security threats

Exhibit 8: Wireless communication cyber security threats
In addition to the cyber security threats shown in Exhibit 8, above, the following five methods also pose a
threat to cellular, wireless Ethernet, and mesh network technologies. However, the intensity of these five
threats varies across technologies. For instance, wireless Ethernet technologies are more prone to rogue access
points, evil twin, and authentication attacks, whereas mesh network technologies are more susceptible to
physical attacks and remote key access.
Rogue access points: A rogue device connected to an Ethernet port can act as a gateway to the network,
leading to the possibility of attacks. Though measures to detect and disable rogue access points are now
available, sophisticated agents can configure the devices in a manner that avoids detection.
Evil twin: A malicious access point that replicates another network or hotspot can gather network information
from a user who mistakenly signs in.
Authentication attacks: A malicious client may flood a protected wireless network with authentication
requests, leading to a DoS attack.
Physical attacks: If a device contains a transmitter that is physically compromised, the encryption key used by
the network can be obtained using widely available open-source tools, leading to interception and manipulation
of data.
Remote key attacks: Mimicking as a node on the ZigBee network, a device could intercept and decrypt the
data using open source hardware and software, thereby obtaining keys transmitted over-the-air (OTA) that
enable communication within the network.

Page | 19
Power line communication and wired Ethernet forms of wired communication can be
compromised through interception, interference, and passive monitoring

Exhibit 9: Power line communication cyber security threats
Wired Ethernet
Ethernet technology can be both wired and wireless. In the wired communication technology, which is
preferred for its low cost nature, Ethernet-based communication faces certain cyber security threats. MAC
address spoofing, wherein a rogue device can reconfigure its MAC address to replicate that of a legitimate
device, works in a form similar to the evil twin attack of Wi-Fi technology. Passive monitoring and man-in-
the-middle, two forms of data interception, are other forms of cyber attacks on Ethernet systems. A MAC DoS
attack is also based on the same concept as other DoS attacks, which involve overwhelming a certain device or
node in the network with service requests, which prevent it from functioning normally.







Page | 20
Used for high-speed data transfer over long distances, optical fibers face certain security threats
arising from physical access


Exhibit 10: Optical fiber cyber security threats
Unlike wireless or power line technologies, security breaches in optical fiber can occur only through physical
access of the cable. If publically accessible, these may be compromised; therefore, security of the physical
layer assumes critical importance.
If physical access security is not maintained, threats are significant. Software available on the Internet can
enable a malicious agent to tap relayed information packets to gain access to information. As this method does
not require breaching a secured network, non-encrypted or poorly encrypted data may be compromised easily.
It may also be possible for a breach to remain undetected by the end user, in which case, if the interception
takes place before the first switching center, the violation may remain unknown as the receiver will fail to
detect that the transmitted data has been compromised.






Page | 21
Advanced metering infrastructure (AMI)
Introduction to AMI

Exhibit 11: Layout of electrical network between consumer and utility
According to the U.S. Department of Energy, in a typical utility network, the following four tiers collect and
transmit information from consumers to utilities:
1. The backbone: The main path to the data center.
2. Backhaul distribution: The aggregation point for neighborhood data.
3. Access point: Typically the smart meter. A smart meter is an electronic device used by utilities to
record and communicate consumption, interval time of use, demand, and operational information to
and from the consumers.
4. Home area network (HAN).
Each house is equipped with a smart meter, which in turn may be connected to a load management device,
local energy generation sources, and smart appliances through the HAN. The data from different smart meters
is aggregated at a neighborhood aggregation point and is then sent to the utility. All of the meter data is stored
and managed by the meter data management system (MDMS), which is connected to the AMI through a head-
end.



Page | 22
Different components of an AMI

Exhibit 12: Primary components in an AMI
Load control devices at consumers’ homes are used to reduce the energy usage at residential sites. Messages
could be sent by the utility to control the energy usage at residential sites by switching off certain equipment
such as pool pumps, etc. during peak hours.
Home area network/local area network (LAN) is used for communication with residential sites or buildings.
The MDMS manages all meter-related information for consumers.










Page | 23
Existing AMI protocols and standards
.

Exhibit 13: Existing AMI protocols and standards






Page | 24
Types of AMI cyber threats

Exhibit 14: AMI cyber security threats
1. Data theft: Theft of private consumer information or sensitive information, including personal
information, consumption data, etc.
2. Energy theft: Energy theft and manipulation of power consumption information. This includes
modification of energy consumption data to be sent to utilities (i.e., making it less than actual
consumption) and theft of energy by illegal methods.
3. Service disruption: Disruption of power supply due to terrorism and vandalism. This includes
disrupting the power supply in a house, neighborhood, or other large area. This could be used as a
weapon for robbery in a particular neighborhood, or for terrorist activities on a large scale.
4. AMI network disruption: Disruption of the entire communication infrastructure due to criminal
reasons such as acts of terrorism.






Page | 25
Cyber security attacks through intrusion

Exhibit 15: Cyber security intrusion attacks in AMI
Some of the attack methods shown in Exhibit 15, above, can only be carried out by sophisticated hackers,
whereas others can be carried out by insiders. Some can be performed by both. Remote disconnection of power
supply can be carried out by an insider who has authorization to perform such an activity, or it can be carried
out through hacking. Hackers can gain access to encryption keys through insiders or can decrypt the keys
themselves if encryption is not strong enough.
The most common objective of manipulation of smart meters is power theft. Modification of system
configuration can potentially cause a system to malfunction. Devices can be targeted by sending malicious
codes and attachments to them. Denial of service attacks can be carried out, thus preventing critical
information from reaching its desired location.












Page | 26
Threat assessment and potential cyber vulnerabilities for AMI
In Exhibit 16, different types of security breaches in AMI are categorized according to their threat levels. They
are also categorized by the type of impact that they can have, based on three security parameters:
confidentiality, integrity, and availability.


Exhibit 16: Threat assessment and potential cyber vulnerabilities for AMI















Page | 27
AMI cyber security methodologies
There are three different types of AMI cyber security intrusion detection systems (IDS):
1. Anomaly based detection
2. Specification based detection
3. Signature based detection
Anomaly and specification based IDS use an approach based on training the system to identify deviations from
the correct or normal course of action, whereas signature based IDS uses an approach based on creating a
database of malicious activities. Both of these general approaches have advantages and disadvantages. The
first approach is generally more expensive, and is less successful at getting to the root cause of attacks.
However, the second approach generally fails to detect unknown attacks and requires regular updates.

Exhibit 17: Methodologies for securing AMI










Page | 28
Security solutions for AMI


Exhibit 18: Security solutions for AMI

There are many constraints, issues, and situations that need to be taken into consideration when deploying a
cyber security solution. A single layer of security such as data encryption will not be able to handle all of the
different security threats. Exhibit 18, above, shows some examples of security policies and technologies that
can be used to manage security requirements.









Page | 29
Control room
Primary components of a dispatch center and control center: Demand Response Management
System (DRMS) and Supervisory Control and Data Acquisition (SCADA)
A control room caters to data housing, real time monitoring, integrated incident management, and personnel
responses from systems, infrastructure, and applications. This section throws light on the cyber vulnerabilities
and threats associated with two control room components: Demand Response Management System, and
Supervisory Control and Data Acquisition.
DRMS enables utilities to manage consumer consumption of electricity in response to supply conditions. It
asks consumers to modify their electricity usage according to the supply available. Consumers can benefit
from time-based pricing by setting their pricing threshold and adjusting their usage to take advantage of
fluctuating electricity prices. This may require the use of a home energy management system (EMS) to control
appliances and equipment incentives, as well as access to a viable trading market.
SCADA is used to help to monitor and automate industrial processes at remote sites. The wide deployment of
networking technologies in SCADA and its high connectivity to other networks such as corporate intranets
may expose SCADA to a variety of cyber attacks.

Exhibit 19: DRMS and SCADA






Page | 30
DRMS reduces electricity demand in response to certain factors in order to maintain reliable
electric services or avoid high electricity prices
Confidentiality: Information such as control usage of meter, pricing and metering usage, and billing
information needs to be kept confidential and protected from unauthorized access. If compromised, it can
result in invasion of consumer data privacy and information leakage to an adversary.
Data integrity: Compromise can be effected through unauthorized manipulation of demand data, control
signals for EMS, and control usage of the smart meter by inducing an incorrect response (such as switching
on/off electrical devices at customer sections or shutting down demand response operations). This breach can
decrease power reliability and quality, and cause financial impacts as well as annoyance to consumers. In
addition, manipulating the pricing signal can adversely impact the consumer and market sections financially.

Exhibit 20: Data interactions of DRMS with other entities [61]



Page | 31
Demand Response Automation Server: A vital component for the automation of DRMS
The Demand Response Automation Server (DRAS) is an infrastructure component in automated demand
response programs. It is based on a client/server infrastructure, and distributes and receives information among
various entities such as utilities. It also integrates the utility demand response participants. Web Services
Description Language (WSDL) or Simple Object Access Protocol (SOAP) can be used to implement the
DRAS interface.
DRAS is used for automating dynamic pricing and messages from utilities to optimize the consumption of
electric power during peak hours. It notifies the consumers about real-time prices, demand response events and
related messages (dynamic pricing). DRAS interface functions are divided into the following three groups:
1. Utility operator interfaces
2. Participant operator interfaces
3. DRAS client interfaces

Exhibit 21: Attributes of DRAS







Page | 32
Cyber vulnerabilities can result in compromised confidentiality, integrity, availability, or a
combination of these
Exhibit 22, below, shows the different information exchanges or commands/requests and the impact of various
breaches on them.

Exhibit 22: Cyber security threat assessment for DRMS


Page | 33
Exhibit 23, below, highlights the different threats that may impact the confidentiality, integrity, and availability
of the DRMS information or commands/requests/bids.
Purpose Information transmitted Security concerns
To initiate or update
demand response event
information in DRAS.
Program type, data and time of the
event, date and time issued,
geographic location, consumer list
(account numbers), and load shed
event information.
Confidentiality (L): Eavesdropping
results in low impact as the information
may not be sent regularly. However, it
must be protected from unauthorized
access.
Integrity (H): Modification of the
configuration data in the DRAS (DR
program data, consumer list, and shed
event information affecting the DR
program behavior). False or malicious
demand response events can be
generated in DRAS, resulting in
blackouts and instability of the Smart
Grid. This may also impact consumers
financially.
To initiate bid request in
DRAS.
Program type, data, and time of the
event, date and time issued,
geographic location, consumer list
(account numbers), request for a bid
issue date and time, price offered
for load reduction per time block.
Confidentiality (H): Eavesdropping can
result in the leaking of bidding as well as
pricing information to the attacker.
Integrity (H): Unauthorized
manipulation can affect the bidding
program behavior.
To set accepted bids in
DRAS.
Participant list (account numbers)
accept or reject, load reduction bid
per time block (for verification).
Confidentiality (H): Eavesdropping can
lead to invasion of consumers’ privacy.
Integrity (H): Attacker modifies
consumer list resulting in an unstable
grid and financial impacts on consumers.
To send shed or event
information to trigger the
event client to shed or shift
loads at participant sites,
facilities or aggregator
sites.
Utility event information for smart
DRAS clients, such as date and
time of the event, date and time
issued mode and pending signals.
Mode and pending signals for
simple clients.
Event pending signals for simple
clients.

Confidentiality (H): Information shared
between DRAS and DRAS client can be
intercepted to gain knowledge of demand
response events, pricing information,
customer information. This can result in
exposed consumer data, unauthorized
modification of information,
manipulation of information, malicious
attacks. Such incidents in turn can lead to
instability of grid and financial impacts
on consumers.
Integrity (H): False/malicious demand
response events and time synchronization
can cause events to occur at the wrong


Page | 34
Purpose Information transmitted Security concerns
time. Inability to authenticate DRAS and
DRAS client can lead to a number of
attacks, such as authentication sniffing,
DoS, man-in-the-middle attack, etc.
Availability (H): Reduction of load can
be prevented by disabling DRAS clients
from receiving the incoming demand
response signals using DoS attacks.
To send request for bid to
participant or facility
manager or aggregator.

This information comes in the form
of an email, phone call, or page.
lntegrity (L): A malicious call, email, or
signal in any other form may result in the
operator taking the wrong decision.
To notify the acceptance or
rejection notification to the
participant or facility
manager or aggregator.
This information comes in the form
of an email, phone call, or page.
lntegrity (L): A malicious call, email, or
signal in any other form may result in the
operator taking the wrong decision.
Exhibit 23: Impact of various threats on DRMS commands








Page | 35
SCADA is an industrial control system that provides remote supervisory and control via
automation
Exhibit 24, below, illustrates the general layout of a SCADA system, and the various actors that comprise it.
SCADA is a system that measures, reports, and controls in real-time both local and geographically remote
distributed processes. The substation remote terminal unit (RTU) functionality continuously sends operational
data to the SCADA system head end. This operational data consists of volts, amps, MW, MVAR, circuit
breaker status, switch positions, and apparatus alarms. Message verification techniques should be used in order
to enhance the security of SCADA systems.

Exhibit 24: SCADA interactions with other entities









Page | 36
Cyber vulnerabilities can result in compromised confidentiality, integrity, availability, or a
combination of these

Exhibit 25: Potential cyber vulnerabilities for SCADA systems
Public information availability:
The availability of relevant information about a utility corporate network can lead to a more focused attack
against it.
Platform configuration vulnerabilities:
• Lack of maintenance of OS and application security patches.
• Inadequate or poorly specified access controls can result in giving a SCADA user less or more
privileges than required. It can result in either malicious configuration by the operator or inability to
take corrective measures in an emergency situation.
• Lack of password policies can lead to systems without appropriate password controls, making
unauthorized access to systems easier.

Page | 37

Exhibit 26: Potential cyber vulnerabilities for SCADA systems
Platform software vulnerabilities:
• Denial-of-service: A SCADA software vulnerable to DoS attacks can prevent authorized access to a
system resource or delay in system operations and functions. Cyber attacks based on DoS mechanisms
(called flood-based cyber attacks) can potentially shut down systems and cause disruption of services.
• Lack of intrusion detection/prevention software can lead to loss of system availability, capture,
modification, and deletion of data, and incorrect execution of control commands.
• Absence of a malware protection software, current definitions, and exhaustive testing before
implementation can result in performance degradation, loss of system availability, and modification or
deletion of data.
Network configuration vulnerabilities:
• The communications network architecture design should offer separation between Internet, a
company’s corporate network, and the SCADA network.
Network perimeter vulnerabilities:
• Improper network configuration (of TCP/IP networks) often results in inbound and outbound network
leaks between SCADA networks, corporate networks, business partners, regulators, outsourcers, and
even the Internet.
• Insecure connections deteriorate potential vulnerabilities in control systems. Unprotected and non-
encrypted access links left open by organizations (for remote diagnostic SCADA, maintenance, and
examination of system status) increase the risk of breach in control system.
• Improperly configured firewalls can permit unnecessary data to pass between networks.


Page | 38

Exhibit 27: Potential cyber vulnerabilities for SCADA systems
Network communication vulnerabilities:
• Passive network reconnaissance: An attacker with the appropriate access captures and analyses IEEE
1815™ (DNP3), IEC 61850, IEC 60870-5-101, or any vendor-specific protocol message. This leaks
information about network topology, device functionality, memory addresses, and other data.
• Rogue interloper: A man-in-the-middle device installed by the attacker between the master and
outstations can read, modify, and fabricate messages or network traffic.
• Length overflow and dynamic flow concept (DFC) flag attack: These attacks either insert an
incorrect value in the length field to affect message processing or set the DFC flag. This results in an
outstation device appearing busy to the master. This can result in data corruption, unexpected actions,
and device crashes.
• Reset function and unavailable function attack: This attack causes the targeted device to restart,
thereby making it unavailable for a period of time and possibly setting it to an inconsistent state
(interruption and modification of an outstation).
• Destination address alteration: A change in the destination address field by the attacker can re-route
requests or replies to other devices, causing unexpected results.
• Transport sequence modification: Any data can be injected by inserting fabricated messages into a
sequence of fragments.
• Rogue commands: Rogue command messages sent to out-station devices by hackers to cause
operation in a detrimental manner.

Page | 39
Substation
Primary components of a substation
A substation is a high-voltage electric facility containing equipment that regulates and distributes electrical
energy. The key functions of a substation include receiving power from a generating facility, regulating
distribution, stepping voltage up and down, limiting power surges, and converting power from direct current to
alternating current or vice versa.
• Transformer: A static electrical device used for transferring energy by inductive coupling between its
winding circuits. Current transformer, voltage transformer, and power transformer are the three kinds
of transformers.
• Line termination: Transmits electricity from the supply center to the demand center.
• Circuit breaker: An electrical device capable of interrupting both normal and fault level currents.
• Switch: An electrical device used for configuring the substation buswork. Substations typically have
two types of switches: disconnecting switches and grounding switches.
• Buswork: Array of primary and alternate conductor pathways through the substation.
• Power conditioning equipment: Improves the quality of the power that is delivered to and from the
substation.

Exhibit 28: Primary components of an electric substation








Page | 40
Secondary components of a substation are used for protection, control, and communication
The secondary components of a substation are as follows:
• Intelligent electronic devices (IED): These devices’ primary function is to receive data from sensors
and power equipment, and issue control commands (e.g., tripping circuit breakers, raise/lower voltage
levels). These devices provide interoperability and advanced communication supporting standards for
substation automation.
• Remote terminal unit: A specialized IED that monitors the status of substation devices. It collects
basic metering data and provides supervisory control capability from a remote SCADA or EMS.
• Substation gateway: Aggregates data from multiple IEDs and forwards it to a SCADA/EMS system.
It also allows engineers to log in and access the IEDs directly.
• Protective relays: Relays monitor operating conditions of an electrical circuit and trips circuit
breakers in case of fault detection by using current and/or voltage inputs. They also protect critical
equipment such as transformers, generators, substation buswork, and transmission and distribution
lines.
Secondary components can be divided into three different levels:
• Process level: The interface between substation automation system and switchgear. It includes
switchyard equipment (also primary equipment) such as actuators, merging units, etc.
• Bay level: Includes protection and control IEDs associated with a bay of circuit breakers, transformers,
and capacitor banks. Bay level consists of control, protection, and monitoring units. It communicates
with process level equipment via process bus.
• Station level: Provides an overview of the entire substation. Its key components include human
machine interface (HMI), communication unit, and backup station computer. HMI is the interface to
the operator at the substation. Communication unit is the interface between substation and SCADA
control center. The station level is connected to bay level devices via station bus.

Exhibit 29: Classification of secondary substation components per IEC 61850


Page | 41
Substation architecture and different data types and paths
A substation generates two kinds of data:
• Operational data: This data comprises instantaneous values of power system analog and status points
such as volts, amps, MW, MVAR, circuit breaker status, and switch position. This data is used to
control power system (e.g., opening circuit breakers, changing tap settings, equipment failure
indication, etc.) and is time-critical.
• Non-operational data: Consists of files and waveforms (e.g., event summaries, oscillographic event
reports, or sequential events records), apart from SCADA-like points (e.g., status and analog points)
that have a logical state or a numerical value.

Exhibit 30: Data categorization and layers of substation automation
Exhibit 30, above, above illustrates the five layers within the architecture of a substation. The three data paths
have been represented by arrows. Operational data is sent from the substation to the SCADA, and non-
operational data is sent to the data warehouse. The data warehouse must be separated from the substation by a
firewall to prevent unwanted access into the substation network. The third path is a remote access to IEDs by
“passing through” or “looping through” the substation integration architecture.




Page | 42
Protocols and standards
A number of protocols and standards have been framed and established by IEEE, IEC, and NERC in order to
automate, secure, and regulate substations. They are as follows:

Exhibit 31: Existing substation protocols and standards
IEC 61850: Deals with the design of electrical substation automation. It is a part of the International
Electrotechnical Commission’s Technical Committee 57 reference architecture for electric power systems.
IEC 62351: Deals with the security of TC 57 series of protocols (including IEC 60870-5 series, IEC 60870-6
series, IEC 61850 series, IEC 61970 series, and IEC 61968 series).
NISTIR 7628: Forms the guidelines for Smart Grid cyber security.
NERC Critical Infrastructure Protocol: NERC CIP 002-009 defines preventive measures to provide
protection against cyber vulnerabilities and enforce the security of the Bulk Electric System.
IEEE Std 1686™: Security standards for IEDs that establish requirements for IED security in accordance with
NERC CIP. They define functions and features of substation IEDs for CIP programs.
IEEE P1815.1™: IEEE Draft Standard for Exchanging Information between Networks Implementing IEC
61850 and IEEE Std 1815™.
IEEE Std 1815™: Specifies the DNP3 protocol structure, functions, and application alternatives.
IEC 60870-5: Part 5 (101, 103 and 105): Provides a communication profile for sending basic tele-control
messages between two systems that use permanent directly connected data circuits between the systems.

Page | 43
Understanding cyber risks and their impact
With increased automation within the substation and an ever-widening horizon of data, the access to
information is growing rapidly. This introduces a host of cyber vulnerabilities into the system, which may be
generally categorized under the following four areas:
• Unauthorized cyber intrusion by a hacker or a disgruntled employee.
• Unauthorized modification or theft of information by a hacker or a disgruntled employee.
• Non-malicious errors created unintentionally due to the increasing complexity of the system.
• Denial-of-service.
Exhibit 32, below, highlights the impact of cyber security breaches in substations. They are as follows:
• Power outage: Unwanted opening of an electrical device may result in loss of electrical power for a
targeted area. It may be executed via the SCADA or access to the protective relay.
• Grid instability: Fluctuation in voltage and frequency, which may result in a power outage. It can be
initiated via a compromised substation automation device.
• Loss of SCADA control: This may result from an interrupted communication channel between the
control center and the substation. It can be initiated via a compromised substation automation device.
• Loss of SCADA related information: Non-operational data or other stored data, if compromised, can
impact/disrupt company operations.

Exhibit 32: Impact of cyber security breaches in substations


Page | 44
Types of cyber vulnerabilities
Default passwords in substation IEDs: Unauthorized access to IEDs can compromise reconfiguration of the
devices, plant malicious code within the devices, and operate substation devices. This results in loss of
electrical power, damage to equipment, and grid instability.
SCADA LAN not separated from the corporate LAN: The corporate LAN has more exposure to the
Internet than SCADA LAN. It provides a potential path for a multi-stage cyber attack on the SCADA LAN.
Substation communications use local service providers’ telecom system: It does not inherently provide any
cyber security or protection of information and may be subjected to unauthorized exploit of the communication
channel.
Use of dual-ported RTUs and IEDs: Dual-ported devices can result in one compromised access point
cascading a hack to the next network access point.
Remote engineering access to IEDs: Unauthorized access to IEDs allows exposure of the IEDs to be
compromised.
Use of routable paths to end devices: Prevention measures include dial back modems, encryption, modems
that allow only designated number of access, and passwords to access the modem.
Disgruntled employee: One of the most common threats is a disgruntled employee who has inside knowledge
and access to test equipment designed to operate and configure the IEDs.
Non-malicious system and human errors: With the increasing complexity and automation of substations,
non-malicious human (operator) or system errors may occur.

Exhibit 33: Cyber vulnerabilities in substations

Page | 45
Authentication, authorization, and accounting (AAA): Commonly used technology for
strengthening cyber security for remote access to substations
General network cyber security mechanism is based on the AAA protocol: Authentication, authorization, and
accounting traffic and user access to network infrastructure devices.

Exhibit 34: General network cyber security mechanism
• Simple network management protocol (SNMP) is an Internet-standard protocol for managing
devices on IP networks. Version 3 includes security features, whereas previous versions do not. It
allows external monitoring of the content engine through an SNMP agent. Security features include
encrypted authentication and integrity, timeliness verification of messages, privacy through
encryption, and view-based access control security for protection against manipulation of information,
replay, spoofing, and sniffing.
• Remote authentication dial-in user service (RADIUS) is a client/server protocol that provides AAA
management. It offers background service to authenticate users or devices before allowing them access
to a network. Every gateway controlling the access to the network has an IEEE 802.1x RADIUS client.
• Secure shell (SSH) is used to log in to communication devices for secure data communication, remote
shell command execution, and other secure network services between two networked computers.
• Terminal access controller access-control system (TACACS) is a remote authentication protocol
that is used to communicate with an authentication server.
Apart from securing remote access to substations, aspects like HMI intrusion and IED security should also be
dealt with to ensure complete security.


Page | 46
The HMI of the substation is vulnerable to a breach of confidentiality and data integrity. Hence, embedding the
HMI applications and software with security tools is important for overall SCADA security. The following
security measures can be deployed to prevent breaches via the HMI:
• The HMI should be able to verify the IP address of any remote client requesting data, and take
necessary enabling or disabling action based on the authenticity.
• The HMI should be enabled to refuse any remote variable modification or configuration.
• Username and password should be applied at the application, screen, or data level of the HMI.
• Object protection should be enabled to allow object-property definitions based on process status,
remote user IP, and their IP address. These properties help restrict whether the object can be viewed
and edited.
The cyber security features of IEDs are typically specified by vendors. However, lack of consistency for
comparing features makes it difficult to understand the weaknesses of every IED. This in turn makes it difficult
to design an all-encompassing cyber security plan for mitigating any weakness. The IEEE Power and Energy
Society’s Substations Committee developed IEEE Std 1686™, Standard for Substation Intelligent Electronic
Devices (IED) Cyber Security Capabilities. It provides a method for the specification and evaluation of
IEDs—for the specification of new IEDs that will be installed, and for the evaluation of existing IEDs. It gives
the substation engineer the ability to evaluate all existing IEDs and then determine which ones selectively need
to be replaced due to cyber security shortfalls.
Another critical source of cyber security vulnerability in the substation is misconfiguration of IEDs.
Configuration management can help in preventing any such accidental misconfiguration that may result in a
detrimental consequence. Authorized substation personnel must notify each other in the event where any
changes in a component’s configuration has been made. This prevents duplication of commands as well as
programming of contradictory settings by different employees. It must be ensured that the configuration
software is centralized and capable of authenticating any change made (in terms of the employee making them
or the impact of those changes). It should be enabled to send notifications to the head-end in the event of a
change in configuration. Hence, a combination of effective standards, procedures, and technology can
minimize the possibility of accidental misconfiguration within a substation. IEEE PC37.240™ addresses many
of these concepts.


Page | 47
Other methods of cyber fortification of substations
The following technologies can address data security issues in a substation communication network:
• Router level security: When data is transferred, a router reads the address information in the packet to
determine the ultimate destination. The access control list (ACL) is a fundamental component of router
administration. It enhances security by preventing unauthorized access to the network. It can be used
as a packet sniffer to remove packets that do not meet specified requirements. ACLs should be defined
in routers between different communication interfaces in the substation automation network to enforce
cyber security.
• Firewall level security: Some routers also act as firewalls and help in creating secure cells of network.
A firewall enforces an access control policy between two networks. Transparent firewalls can be used
to add security to a network. Firewalls can create alerts during attacks or failures by logging,
administering, and auditing network access. Secure control functions include inspection, content
inspection, access control, user control, protocol and services control, and data control for secure
substation automation networking.
• Gateway level security: Gateways must be used to achieve cyber security against a variety of cyber
attacks when the substation network is connected to a wide area network (WAN) or remotely accessed.
A gateway collects metering, status, event, and fault report data from IEDs and RTUs. It establishes an
interface between substation automation systems and external connections like an enterprise resource
planning (ERP) system or web browser. It can be achieved by virtual private network (VPN) and
encryption.
• Virtual private network (VPN): A VPN is used to establish an encrypted, secure connection between
two points across an insecure network. IP packets are encrypted and encapsulated prior to being sent.
This is known as tunneling.


Exhibit 35: Methods for substation cyber fortification





Page | 48
Electric vehicles
Currently, electric vehicles account for a very small percentage of the total number of cars on
road, but their sales are expected to rise with the rollout of Smart Grids
According to an estimate by the International Energy Agency, as of 2012, electric vehicles (EV) comprise
50,000 of the of the global vehicle fleet of one billion cars. This figure is expected to reach 1.6 million by
2020, and 31 million by 2035. With government support and reduction in the price of EVs, these projections
are expected to increase. Market penetration and EV sales vary significantly among countries. In 2012, Japan
led the sales of pure electric cars with a 28% market share of global sales, followed by the U.S. with a 26%
share, China with 16%, France with 11%, and Norway with 7%. The proliferation of EVs is being increasingly
incentivized by governments of countries like China, Japan, the U.S., and a large number of European
countries such as Spain, UK, Netherlands, and Norway.
Vehicle-to-grid
The increased number of electric vehicles can be employed to act as distributed energy sources. When not in
use, EVs provide the opportunity to use the car batteries for a vehicle-to-grid (V2G) supply. V2G is a cost-
effective method of providing regulation services, spinning reserves, and peak shaving capacity. When owners
are not using their EVs, a charged EV battery can be used to supply power at an appropriate price.
For V2G to be operational, several challenges need to be overcome.
Even though V2G is technically possible, its feasibility will depend on overcoming certain challenges, as
follows:
• Availability: At peak commuting time such as early morning and evening, most EVs will be in use,
limiting their availability for V2G purposes. This could be a severe impediment, especially as peak
load times for the grid usually coincide with peak commuting time. Moreover, as EV users may intend
using the vehicle in the evening, they may be reluctant to share their vehicle for V2G supply.
• Battery efficiency: Current EV batteries will not be appropriate for V2G implementation, due to low
charging and discharging speeds. Moreover, frequent charging and discharging of electric cars will
lead to significant electricity losses, which need to be minimized.
• Cost of cycling power: Frequent charging and discharging of a battery reduces its efficiency and
lifetime. Hence, EV owners may be reluctant to participate in a V2G program unless they are suitably
compensated for depletion of their vehicles’ batteries.
• Complexity: For V2G to be a feasible concept, a large number of EVs will be required to participate.
However, managing a large number of EV connection points, metering and billing systems, and
securing all of these, will require tremendous investments and heightened complexity.

Page | 49

Exhibit 36: V2G implementation challenges




Page | 50
Various standards for electric vehicles have been developed

Exhibit 37: Existing electric vehicle standards
In addition to the standards shown in Exhibit 37, above, organizations such as the Society of Automotive
Engineers have also released specifications that are applicable to EVs and various related aspects.

Page | 51
By 2015, investments in cyber security for electric vehicles are expected to exceed USD 140 million
annually [112], largely driven by smart charging management systems.


Exhibit 38: Cyber security investments for electric vehicles


Exhibit 39: Focus areas for cyber security investments in electric vehicles
With the increasing focus on adoption of EVs among both policy makers and end users, it has become essential
that cyber security aspects be given consideration. Potential breaches could not only affect grid operations, but
also increase consumer reluctance to adopt EVs over fuel-powered vehicles.




Page | 52
Country analysis
United States
United States Smart Grid adoption timeline

Exhibit 40: Smart Grid adoption timeline in the U.S.
Constitutional initiation: framing of acts
1. 2007: Energy Independence and Security Act of 2007, Title XIII:
• USD 100 million funding per fiscal year from 2008 to 2012.
• Similar program for states.
• Grid Modernization Commission to assess the benefits of demand response and recommend the
required protocols.
2. In 2009, the American Recovery and Reinvestment Act (Recovery Act) allotted USD 4.5 billion to
the Department of Energy to modernize the country’s electric power grid and implement Title XIII of
the Energy Independence and Security Act of 2007. The funding focuses on the following four broad
areas:
• Smart Grid investment grants
• Smart Grid demonstration project
• Standards interoperability and cyber security
• Workforce training

Page | 53
3. On March 19, 2009, the Federal Energy Regulatory Commission (FERC) issued a proposed policy
statement and an action plan for standards governing the development of Smart Grids, leading to a
final rule issued on July 16, 2009.
4. Policy Framework for the 21st Century Grid: Framed by the National Science and Technology
Council Subcommittee on Smart Grid in 2011, it outlines policy recommendations that build upon the
Energy Independence and Security Act of 2007 and the Obama administration’s Smart Grid
investments to foster long-term investment, job growth, and innovation, and help consumers save
money.
5. In February 2013, an executive order was signed by President Barack Obama reinforcing the critical
need for cyber security.
Implementation phase: Smart Grid demonstration projects and other pilots, grid
modernization, and cyber security
This phase, as one of its focus areas, entails a host of pilot projects known as Smart Grid Demonstration
Programs (SGDP) under the Smart Grid Investment Grant (SGIG). The key focus areas include AMI, grid
modernization, critical price volatility, demand side management, energy storage, EVs, and transmission and
distribution automation.
The focus on modernization of the electric grid and its cyber fortification has also witnessed growth. The
following are certain cyber security-specific aspects:
• NERC Standards CIP-002-4 through CIP-009-4 were framed to provide a cyber security framework
for the identification and protection of critical cyber assets to support reliable operation of the Bulk
Electric System.
• In 2009, the DoE built the National SCADA Test Bed for identifying and rectifying vulnerabilities in
SCADA and distributed control systems. Its facilities include a cyber security test bed and a center for
cyber defenders.
• The DoE launched a program to advance cyber security for the grid: Cyber Security for Energy
Delivery Systems.
• The Smart Grid Cybersecurity Committee (SGCC) of the Smart Grid Interoperability Panel (SGIP)
was formed to develop cyber security requirements.
• In August 2009, NIST released a three-volume report on cyber security guidelines: NISTIR 7628.
• In May 2011, the SGDP, project managed by the National Rural Electric Cooperative Association
released “Guide to Developing a Cyber Security and Risk Mitigation Plan.”
• In August 2011, the DoE organized a meeting with SGIG and SGDP recipients to discuss the available
tools for accomplishing cyber security, identifying further requirements, and exchanging best
practices.
• In February 2013, U.S. President Barack Obama signed an executive order on cyber security.
• Going forward, resilience will be built into each element of the system as well as the overall system,
designed to deter, detect, respond, and recover from intentional or accidental disruptions, as well as


Page | 54
those from natural disasters. According to the DoE, this would require risk management methods to
prioritize the allocation of resources for security.
• The aim is to design Smart Grids at the component level to reduce:
- The threat of attack by concealing, dispersing, eliminating, or reducing single-point failures.
- The vulnerability of the grid to attack by protecting key assets from physical and cyber attack.
- The consequences of a successful attack by focusing resources on recovery.
• A collaborative utility task force, the Advanced Metering Infrastructure Security Task Force (AMI-
SEC), has partnered with DoE to develop a common set of cyber security requirements for AMI.
• In the near future, the U.S. and the Netherlands will collaborate on a number of topics around Smart
Grid, cyber security being one of the dominant ones.
Bodies at work
With the 2007 Energy Independence and Security Act (EISA) and the 2009 American Recovery and
Reinforcement Act (ARRA), a number of federal bodies were either engaged or formed to ensure effective
implementation of Smart Grids.

Exhibit 41: Smart Grid implementation bodies in the U.S.

Page | 55
Federal Smart Grid Task Force
The Federal Smart Grid Task Force was established under Title XIII of the EISA, and comprises experts from
11 federal agencies. The task force focuses on ensuring awareness, coordination, and integration of the myriad
activities of the federal government related to Smart Grid technologies, practices, and services. The members
of the task force include the following:
• Department of Agriculture (USDA)—Rural Utility Service (RUS)
• Department of Commerce (DoC)
• Department of Defense (DoD)
• Department of Energy (DoE)
• Department of Homeland Security (DHS)—Science and Technology Directorate
• Department of State
• Environmental Protection Agency (EPA)
• Federal Communications Commission (FCC)
• Federal Energy Regulatory Commission (FERC)
• International Trade Administration (ITA)
• National Energy Technology Laboratory (NETL)
• National Institute of Standards and Technology (NIST)
• National Oceanic and Atmospheric Administration (NOAA)
• Office of Electricity Delivery and Energy Reliability
• Office of Energy Efficiency and Renewable Energy (EERE)
• U.S. Trade and Development Agency (USTDA)
Smart Grid Interoperability Panel
The SGIP includes stakeholders from the Smart Grid community engaging in a participatory public process. It
focuses on identifying applicable standards, gaps in the present standards, and priorities for new
standardization activities for the evolving Smart Grid. It supports NIST in fulfilling its responsibilities related
to the EISA. In addition, the panel provides a framework for coordinating all Smart Grid stakeholders toward
an effort to accelerate standards synchronization and the interoperability of Smart Grid systems.
Smart Grid Demonstration Program
The SGDP is authorized by the EISA, Title XIII, Section 1304 and amended by the Recovery Act of 2009. It
comprises existing and emerging Smart Grid concepts innovatively applied and integrated to prove technical,
operational, and business-model feasibility. It demonstrates new and cost-effective Smart Grid technologies,
techniques, and system configurations aimed at significantly improving the commonly used ones.
SGDP projects are selected through a merit-based solicitation. These projects are cooperative agreements,
whereas Smart Grid Investment Grant projects are grants. SGDP projects are divided into the following two
categories:
• Smart Grid regional demonstrations (16 projects): These projects are focused on advanced
technologies for system sensing, communications, analysis, and power flow controls. Consequently,


Page | 56
these projects assess the integration of advanced technologies with existing power systems (including
those involving renewable and distributed energy systems and demand response programs).
• Energy storage demonstrations (16 projects): These projects are focused on grid-scale applications
of energy storage (advanced batteries, flywheels, and underground compressed air systems). They
demonstrate a variety of size ranges and system configurations, and their impact on electric
transmission and distribution grid.
Cyber security is the top priority for all pilot programs and projects. Prior to approval, it is mandatory for each
project to submit a cyber security plan to the DoE, which then conducts annual site visits for each of the
projects to review progress with budgets, timelines, milestones, and implementation of the project’s cyber
security plans.
Ongoing cyber challenges faced by the U.S.
Various entities such as NERC, NIST, FERC, DHS, and the DoE have made security of the electricity grid a
primary focus. However, various gaps still exist and will require concentrated efforts:

Exhibit 42: Cyber security challenges faced by the U.S.

Page | 57
The United States Government Accountability Office (GAO) has identified the following key cyber threats to
systems supporting Smart Grids:
• Jurisdictional issues and the issues associated with responding to continually evolving cyber threats are
a key regulatory challenge in ensuring the ongoing cyber security of Smart Grid.
• There is a lack of security features being built into every component of Smart Grid systems.
• The electricity industry lacks an effective mechanism for sharing information on cyber security
vulnerabilities, incidents, threats, lessons learned, and best practices in the industry.
With the rapid implementation of smart grid across the country, the government and other concerned federal
bodies are feeling the need for a more robust and effective framework that aims to improve the infrastructure.

Exhibit 43: Current cyber security implementation in the U.S.
According to FERC chairman Jon Wellinghoff, inadequate oversight for cyber security is one of the key
concerns for Smart Grid [146]. Due to the lack of required authority of any agency in this area, it is essential
that one of the federal agencies (FERC, NERC, DOE, and DHS) should be empowered to take the lead and
communicate concerns to the energy industry.
NERC Standards CIP-002-4 through CIP-009-4 provide a cyber security framework for the identification and
protection of Critical Cyber Assets to support reliable operation of the Bulk Electric System. NERC’s
transmission planning (TPL) standards are guidance for transmission planners for evaluating systems. The
standards focus on assessment of system conditions in the near and long term horizons under various
contingency conditions. They are designed to promote the widespread transmission system’s survival against
any single-element disturbance. They detect any potential reliability issues in advance in order to implement
proper mitigation measures before an outage situation. A safety net has been designed to protect the power
grid. The design ensures that different protective elements in Smart Grid function to isolate network


Page | 58
components under the circumstances of any disturbance and avoid the cascading impact and damage to
equipment. A scheme is designed to protect the Smart Grid and its components from possible fault events and
at the same time prevent conflicts to ensure that operation or faltering of multiple devices does not result in
unintended consequences. A safety net consists of the following two categories of components:
• Sensing devices (relays): These devices send signals to isolating devices to take action based on
predefined logic.
• Isolating devices (breakers, switches): These devices prevent a cascading effect that may be the
result of a malicious attack.
In February 2013, President Barack Obama signed an executive order on cyber security. The focus areas of the
order include:
• Increasing cyber defenses of the country’s critical infrastructure.
• Improving information sharing about cyber threats between public and private sectors.
• Establishing a framework of best practices in cyber security.
The sections of this executive order highlight areas such as policy, critical infrastructure, policy coordination,
cyber security information sharing, privacy and civil liberties protections, consultative process, baseline
framework to reduce cyber risk to critical infrastructure, voluntary critical infrastructure cyber security
program, and identification of critical infrastructure at greatest risk and adoption of framework.



Page | 59
Germany
The German Federal Association of the Energy and Water Industry presented a roadmap through
2022 for transforming existing grids into Smart Grids

Exhibit 44: Smart Grid implementation roadmap in Germany
Preparation phase (2012 to 2014): setting the framework conditions
In this phase, Germany aims to achieve a cost-efficient grid modernization. The following are the focus areas
within the legal and regulatory framework:
• The information exchange between market players in an “energy information network.”
• The possibilities of disconnecting consumer appliances from the distribution grids and the launch of
smart metering devices.
• Clarification for grid operators in the Incentive Regulation (ARegV) in order to understand the results
yielded from investments in Smart Grid technologies and research and development (R&D).
• Focus on R&D and pilot projects.
• Standards and standardization, data protection, and data security.

Implementation phase (2014 to 2018): adaptation of infrastructure and processes
This phase will focus on the deployment of technologies for grid automation. Local and global optimization of
the energy systems will be another focus area in this phase. This phase will entail efficient energy information
systems and regional market places, as well as target storages, electro mobility, and hybrid grids. A future
strategy will demonstrate the participation of storage facilities in cross-sector flexibility markets.


Page | 60
Market phase (2018 to 2022): creating transparency and new products
Flexible generation and flexible demand will be the goals of the third phase. The future will foresee interplay
of smart generation and load management. Legal aid will be provided to suppliers for a standardized, non-
discriminatory access to all market participants. This phase will also focus on developing a framework for
ensuring transparent tenders for system services.
Policies framed by the IEC have been implemented to regulate and standardize the adoption of
Smart Grid in Germany
Standard Area
IEC 61970/61968: Common Information Model (CIM) Semantic data model
IEC 61850: Substation Automation Systems and DER Integration of DER
IEC 62351: Security for TC57 IT security
IEC 62357: Seamless Integration Reference Architecture Reference architecture
IEC 60870: Transport protocols Legacy protocols
IEC 61334: DLMS (Device Language Message Specification)
and
IEC 62056: COSEM (Companion Specification for Energy
Metering)
Communications to households (meters)
IEC 62325: Market Communications using CIM Market communication
Directive 95/46/EC of the European Parliament Protection from data privacy

Exhibit 45: Smart Grid standards in Germany







Page | 61
The Federal Office for Information Security (BSI) in Germany is working on the security portfolio
for Smart Grids in order to ensure cyber fortification
Having realized the need for security, the German government initiated the development of a protection profile
for the “smart meter gateway”—a communications unit to be installed in households in the future as a portal
for domestic meters and devices. BSI’s protection profile specifies minimum security requirements based on
threat assessment for secure and privacy-friendly interoperability. It will be based on the Common Criteria.

Exhibit 46: Smart meter gateway per BSI specifications
Within the proposed domestic smart meter gateway system, smart meters will be connected to a smart meter
gateway with the metrology network (MAN). The gateway will interact with the external world via the WAN.
In addition, the system will have controllable logical functions in order to enable the management of smart
appliances managed via a different interface to the gateway using HAN. HAN will also communicate to the
consumer energy consumption information and messages from the utilities.
The gateway will be a meter data-storing entity in order to ensure data protection. It will enable various
stakeholders with different access rights to retrieve their data from the gateway. The gateway will verify the
authenticity of the stakeholders, process data according to the retriever’s access rights profile, and accordingly
encrypt it. It will also contain a security controller (security module) with a security profile currently under
development.
BSI assumes that a skilled hacker would attack the smart meter gateway by compromising the external
communication. Hence, the keys that have been distributed in the smart meter network must be protected. The
security authority stores the keys and executes critical authentication and signing procedures. It is imperative
to prevent internal theft of keys.


Page | 62
India
India plans to undertake Smart Grid implementation in three 5-year stages, and complete the same
nationally by 2027

Exhibit 47: Smart Grid rollout timeline in India
2012 to 2017:
• Implementation of Smart Grid pilots
• Smart Grid rollout in major cities
• Renewable integration of 30 GW
• Electric vehicle trials
• Standards development for Smart Grids including electric vehicles
• Customer outreach and participation
• Research and development
• Sustainability initiatives
2017 to 2022:
• Nationwide smart meter rollout by 2022
• Renewable integration of 70 GW
• 5% electric vehicle penetration nationally
• Standards development for Smart Grid infrastructure (SEZs, buildings, etc.) and smart cities
• 100% electrification by 2020
• Research and development
• Training and capacity building
• Sustainability initiatives and public safety
2022 to 2027:
• Renewable integration of 120 GW
• 10% electric vehicle penetration
• Smart cities and smart infrastructure deployment
• Export of Smart Grid products, solutions, and services
• Financially viable utilities
• Research and development
• Training and capacity building
• Sustainability initiatives and public safety

Page | 63
India plans to spend more than INR 314 billion for Smart Grid implementation from 2012 to 2017
Target Project Cost (INR million)
Electricity for all 500 medium sized microgrids (500 kW to 2 MW),
will result in up to 2500 MW peak load shaving
50,000
100 large sized microgrids including distribution
management systems (> 5 MW), projected to result
in a l0GW peak load shaving
60,000
Reduction of transmission
(>66 KV) loss to < 3%
Dynamic line ratings (optimal capacity utilization of
transmission lines through real time monitoring)
5,000
Wide Area Monitoring (WAM) through installation
of Phasor Measurement Units (PMU) at all 3500
substations > 110 kV, including grid connected
renewables
3,500
Reduction of distribution
losses to <15%
Real time condition monitoring and energy auditing
and accounting at each point of consumption for
one-third of all distribution transfonner meters
45,000
Network planning tools for 63 distribution utilities 630
Integration of Restructured Accelerated Power
Development and Reforms Programme (R-APDRP)
systems with Enterprise Resource Planning (ERP)
systems
6,300
Remote load control for 150,000 distribution
transformers
30,000
Aggregation of Power System Data (operational and
asset) at national level for better planning and
monitoring
2,000
Reduction in power cuts AMI for 50% of all customers with loads > 20 kW 40,000
Systems for grid connectivity for captive plans > 500
kW
5,000
Power quality
improvement
Fiber connectivity for all substations 33 kV and
above
20,000
Renewables integration Development of systems for load forecasting and
generation forecasting, storage option, and other
technologies
10,000


Page | 64
Target Project Cost (INR million)
Energy efliciency
programs
Mandatory building management systems for
commercial buildings and industrial units with loads
> 100 kW and its integration with utility distribution
management systems
1,260
Standards development Standards for Smart Grid systems, smart appliances,
public infrastructure, electric vehicles, etc.
50
Power exchanges Remote metering systems for all feeders at
transmission level enabling same-day settlement at
power exchanges
500
Training and capacity
building
Smart Grid focused courses in engineering colleges,
polytechnics and industrial training institutes;
training and skill development for utility personnel
16,260
Customer participation Consultation and involvement of customers in Smart
Grid initiatives, outreach programs, and grid
management through various programs (microgrids,
roof top photovoltaics, demand response schemes,
etc.)
1,260
R&D Fundamental and applied research, technology
absorption and diflusion; and technopreneurship
500
Smart Grid pilot projects First phase of 14 pilot plants 5,000
Smart Grid test bed and knowledge center 1,500
Low cost smart meter—specification finalization and
testing
250
Roll out of Smart Grid projects in all metros and
state capitals/largest 100 cities
1,000
Cost benefit analysis Societal impacts of Smart Grid and allied
enhancements, identification of benefits, generic
model pan-India
50
Total cost for 12-year plan: 314,190
Exhibit 48: Indian Smart Grid implementation goals and costs from 2012 to 2017

Page | 65
14 pilot projects dealing with multiple Smart Grid technologies are currently at the tendering stage

Exhibit 49: Smart Grid pilot projects and concerned technologies in India
These pilot projects are located in different states in India, and cover residential and industrial areas, as well as
varying populations. Once initiated, these pilots will operate for two to three years, and the results will be
monitored to arrive at better policies regarding Smart Grid systems in India.











Page | 66
India Smart Grid Forum and India Smart Grid Task Force are the two bodies supervising Smart
Grid implementation in India

Exhibit 50: Smart Grid implementation bodies in India
The India Smart Grid Forum (ISGF) is a public private partnership (PPP) initiative of the Ministry of Power,
aimed at accelerating Smart Grid development, along with all its encompassing aspects. Apart from
representatives of the government, electric utilities, power equipment manufacturers, policy experts, and
research institutions are also members of the body. Each of the ten working groups of the forum consists of
members from all stakeholder organizations pertaining to that working group. Further, the forum releases
reports, white papers, and other materials to act as reference for utilities and the government.
The India Smart Grid Task Force (ISGTF) is a government body having representatives from key ministries
and departments who act as focal points for Smart Grid activities. The task force coordinates and integrates
government efforts toward Smart Grid deployment, and reviews and validates recommendations made by the
ISGF.






Page | 67
Objectives and future roadmap of the ISGF’s Working Group on Cyber Security
Objectives
• Develop security requirements covering physical, operation, and cyber attacks in Indian Smart Grid
context.
• Propose a risk assessment framework to evaluate the risk of each Smart Grid component throughout its
lifecycle and ensure fast recovery measures in case of attack.
• Frame guidelines/standards for security compliance conformation testing.
• Develop cyber security approach and checklist useful for utilities.
• Prepare standards/guidelines to be followed for interconnections between various systems in the cyber
security context.
• Propose risk mitigation measures, regulatory, and policy measures for security, legal, and information
and privacy issues.
Future roadmap

Exhibit 51: Future roadmap for the ISGF’s Working Group on Cyber Security












Page | 68
The ISGF’s Working Group on Cyber Security intends to conduct a security audit of Indian
electrical utilities

Exhibit 52: Implementation roadmap for cyber security assessment of Indian utilities
In order to measure the cyber security preparedness of Indian utilities, the Working Group on Cyber Security
intends to conduct an audit. Through this exercise, it aims to obtain an understanding of the present challenges
and appropriate solutions for each, and make utilities aware about the criticality of securing their operations.
The assessment will be undertaken for the following domains:
• Asset management
• Management controls
• Personnel and training
• Physical security
• Network security
• Systems security
• Incident response
• Backup and recovery
• Audit and compliance
In May 2013, the national cyber security policy of India was approved by the Cabinet Committee on Security
(CCS). The policy will focus on issues such as cyber terrorism, cyber warfare, cyber espionage, critical
infrastructure protection, and cyber crisis management plan. It also aims at creating a cyber security framework
that will address all related issues over a long period.



Page | 69
China
China will undertake Smart Grid implementation in a three-stage process, culminating in 2020

Exhibit 53: Smart Grid implementation roadmap of China
2009 to 2010: Planning and trial phase
• Establish master plan
• Undertake key technology research
• Technical and management specification formulation
• Undertake key equipment development
• Proceed with pilot and demonstration projects

2011 to 2015: All-round construction
• Construct UHV grid
• Construct urban/rural distribution network
• Establish preliminary Smart Grid operation, control, and interactive service system
• Formulate standards and requirements
• Evaluate construction progress based on needs and technical development of Smart Grid
• Continuously amend development plan

2016 to 2020: Monitoring phase
• Complete construction of Smart Grid
• Enhance resource allocation ability, security level, and operation ability of Smart Grid
• Increase interaction among grid, power sources, and consumers
• Enhance grid capability based on application needs and technical development





Page | 70
228 pilot projects have been commissioned across China to analyze different aspects of Smart Grid
deployment, challenges faced, and possible solutions
Section Focus areas
Generation Coordination of conventional generation and power grid
Wind/photovoltaic/storage/transmission joint demonstration project
Large-scale wind power forecast, operation, and control
Transmission Helicopter/UAV patrol
Voltage source converter HVDC
Status monitoring system for transmission and transformation equipment
Transformation Smart substation
Distribution Distribution automation
Distributed photovoltaic generation integration
Microgrid operation and control
Consumption Advanced meterin infrastructure
Electric vehicle charging facilities
Smart communities and buildings
Smart industry parks
Consumer complaint call center and information website
Interactive business center
Dispatching Supporting system for dispatching
Central monitoring for power grid operation
Information
dissemination
Fiber-to-the-home by optical fiber composite low-voltage cable
Information platform and security
Information application support system
Overall Urban area Smart Grid
Optimization of rural grid management pattern
Shanghai Expo Smart Grid demonstration project
Tianjin Eco-city Smart Grid demonstration project
Exhibit 54: Smart Grid pilot project focus areas in China

Page | 71
China has already released a series of cyber security specific standards to complement its Smart
Grid rollout
Standard Description
GB/T 22239 Fundamental Requirements of Information System Security Level Protection
IEC 62351 Power System Management and Associated Information Exchange-Data and
Communications Security
GB/T 22080, GB/T 22081 Based on the ISO/IEC 27000 Standard Series on Information Security
Management System
GB/T 18336 ISO/IEC 15408 Information Technology Security Evaluation Criteria
DL/T 890 IEC 61970 Energy Management System Application Program Interface
GB/T 20279 Information Security Technology Security Techniques Requirements of
Separation Components of Network and Terminal Equipment
GB/T 14285 Technical Code for Relaying Protection and Security Automatic Equipment
DL/T 478 General Specifications for Static Protection, Security and Automatic
Equipment
Q/GDW 365 Security Techniques of Information Interchange Authentication Specification
for Smart Electricity Meters
GB/T 17246 Power System Communications Business Guideline
DL/T 524 Relay Dedicated Power Line Carrier Transceiver Technology Conditions
YD/T 1742 Security Protection Requirements for Access Network
YD/T 1744 Security Protection Requirements for Transfer Network
YD/T 1752 Security Protection Requirements for Supporting Network
Q/GDW 377 Safety Protection Specification for Power User Electric Consumption Data
Acquisition System and National Standard Guide to Cyber Security Controls
of Industrial Control SCADA Systems
IEEE Std 1686™ Substation Intelligent Electronic Devices (lEDs) Cyber Security Capabilities,
and Security Protection Specification on Secondary Electrical System
DL 755 Guidelines for Power System Security and Stability

Exhibit 55: Smart Grid standards formulated by China

The following standards for cyber security are currently under development:
• Series of Standards on Communication Network Security Protection Technology: to be completed by
2013
• Series of Standards on Information Systems and Devices Cyber Security Technology: to be completed
by 2014
• Series of Standards on Cyber Security Evaluation: nearing completion


Page | 72
China’s cyber security market is expected to reach USD 50 billion [21] by 2020, largely driven by measures
undertaken to secure Smart Grid systems
Given the geographical expanse of China, securing the Smart Grid requires significant investments to be
undertaken by the government. According to China’s National Computer Network Emergency Response
Coordination Center (CNCERT/CC), 8.9 million Chinese computers were attacked in 2011, as compared to
five million in 2010.

Exhibit 56: Cyber security challenges faced by China
These new cyber security guidelines deal with strengthening industrial control systems for the following
sectors:
• Nuclear facilities
• Aviation
• Oil and petrochemicals
• Electrical systems
• Transportation networks





Page | 73
South Korea
South Korea’s National Roadmap can be broadly divided into three phases as illustrated below.

Exhibit 57: Phases of South Korea’s Smart Grid rollout
South Korea is pursuing the Smart Grid initiative as part of its national policy in order to achieve the vision of
“low carbon, green growth.” The Korea Smart Grid Institute (KSGI) was launched in August 2009 as the
Secretariat of Smart Grid Initiatives and Projects in South Korea. The Smart Grid implementation in the
country has been driven by the following factors:
• Reduction in carbon emissions: The country aims to achieve 30% reduction in carbon emissions from
the projected level of 2020.
• Climatic changes: Drastic climatic change over the past few decades needs to be checked in order to
ensure sustainable development.
• Economic independence: South Korea imports coal, oil, and gas, which reduces its global
competitiveness. The country aims at mitigating this dependence by efficient energy usage.


Page | 74
Exhibit 58, below, shows the phase-by-phase rollout of Smart Grid infrastructure in South Korea.

Exhibit 58: South Korean Smart Grid implementation timeline
South Korean national Smart Grid roadmap focuses on five implementation areas

Exhibit 59: South Korean Smart Grid implementation roadmap

Page | 75
Smart Grid:
The Smart Grid aims to ensure a reliable and high quality power supply by mitigating malfunction and
enforcing automatic recovery system. The power transmission and distribution loss is expected to decrease
from 3.9% in 2012 to 3% by 2030. [73]
Smart consumer:
It encourages consumers to save energy by using real-time information and smart appliances that function with
respect to utility rates. AMI penetration is expected to reach 100% by 2030 from a mere 5.6% in 2012. [73]
Smart transportation:
It aims at building a nationwide EV charging infrastructure and establishing a V2G system in which EVs can
be charged during off-peak times. The total number of EVs is expected to reach 2,436,000 by 2030, from just
500 in 2012. The country is expected to have 27,140 EV charging stations by 2030. [73]
Smart renewables:
It aims to build a smart renewable energy power generation complex across South Korea by rolling out
microgrids. The renewable energy (for electricity) ratio is expected to rise from 3.1% in 2012 to 11% by 2030.
[73]
Smart electricity service:
It aims to implement a variety of energy-saving electricity rate plans. The service will also provide a plethora
of added electricity services through the interplay of electricity and ICT. The market participation rate of
consumers is expected to reach 30% by 2030. [73]



Page | 76
Case Study: Jeju will become the world’s largest Smart Grid community to allow the testing of the
most advanced Smart Grid technologies and R&D results
The South Korean government selected Jeju, in June 2009, as the Smart Grid test bed, and broke ground in
August 2009.

Exhibit 60: Attributes of South Korea’s Smart Grid test bed at Jeju [72]
The test bed aims to be the world’s largest Smart Grid ecosystem to allow the testing of the most advanced
Smart Grid technologies and R&D results. It will comprise five main showrooms and test facilities owned and
run by LG, GS Caltex, SK, POSCO, and KEPCO. In addition, it will include a fully functional Total Operating
Center (TOC).
The test bed will also help in the commercialization and industrial export of Smart Grid technologies.
About 10 consortiums in five areas will participate in testing technologies and building business models.
Within the test bed model, each household would have either a wind turbine or photovoltaic panels installed,
which will be connected to the main grid.
The participants in this project include the South Korean government, Korea Smart Grid Institute (KSGI),
KEPCO, the Jeju Special Autonomous Province, industry bodies, Korea Smart Grid Association, various
research institutes, and academia.
Being an autonomous island, Jeju forms an apt test bed for end-to-end testing of Smart Grid implementation.
Due to this uniqueness, faults and cyber breaches can be observed at a relatively smaller scale and the required
cyber security solutions can be designed. In addition, simulations would be easy to execute in order to test the
robustness and reliability of the Smart Grid against malicious attacks or errors.

Page | 77
The protocols followed by South Korea to ensure cyber security of AMI at Jeju test bed

Exhibit 61: AMI specific protocols for cyber security at Jeju test bed
KS X 4600-1:
KS X 4600-1 has the following two security features:
• 64-bit DES cryptography: Used to achieve security between communication nodes within the same
communication cell. However, this mechanism is vulnerable if a remote device in the cell is
compromised. The attack can lead to a cascading effect within the cell.
• Periodically changes the tonemap according to channel environment, which enhances security.
ZigBee:
Security features include cryptographic (based on 128-bit AES Encryption) key establishment, key transport,
frame protection, and device management. The security architecture enables security mechanisms at three
layers of the protocol stack: MAC, network, and application. The security service of MAC layer is based on
IEEE 802.15.4™, which consists of four security services including access control, data encryption, frame
integrity, and sequential freshness. Encryption, integrity, and authentication can be applied at the application,
network, and MAC layers to secure the frames. ZigBee uses three types of keys: master, link, and network.
Device Language Message Specification/Companion Specification for Energy Metering (IEC 62056):
DLMS/COSEM ensures confidentiality by using encryption algorithms (TDES, AES, MD5, SHA1, CBC, and
GCM), and encryption methods (AESGCM-128 authenticated encryption algorithm). It also facilitates user
authentication mechanism through password authentication.



Page | 78
Security requirements for the AMI system in the Jeju test bed
Purpose Information transmitted Security concerns
Confidentiality Secure key management • Key generation, distribution, renewal,
and discard
• Key storage inside AMI devices
Data encryption • End-to-end data encryption
Lightweight encryption algorithm • Guarantee of performance in
embedded device as well as security
strength
Integrity Secure key management • Key generation, distribution, renewal,
and discard
• Key storage inside AMI devices
Lightweight hash algorithm • Guarantee of performance in
embedded device as well as security
strength
Device authentication Mutual authentication • Hierarchy-independent bidirectional
authentication
• Automatic authentication procedure
without manpower
Simple authentication mechanism
Device certificate if PKI is adopted
Device management Automatic device management • Remote login, S/W upgrade, setting
based on access control
Relation to device authentication
Non-repudiation Justification of measuring and billing • At least once a month
Exhibit 62: Security requirements for AMI systems in Jeju test bed


Page | 79
Guidelines for AMI security protocol
Securing AMI becomes essential for fortifying the entire test bed. The guidelines issued to ensure the cyber
security of AMI consist of the following four procedures: device initialization, key configuration, meter
reading, and key renewal.

Exhibit 63: Guidelines for AMI security protocol
Device initialization: The first procedure highlights device initialization. Sound generation of unique keys and
their public key pairs is an essential security feature. Public key pairs along with their certificate should be
generated and plugged into the related devices.
Key configuration: The second procedure involves mutual authentication between devices using the already
shared key material and key sharing method.
Confidentiality of the metering data should be ensured by encrypting it throughout the pass. Security module is
used to encrypt metering data to ensure end-to-end privacy. Authenticated encryption mechanism protects
metered data and critical messages. In addition, digital signature ensures integrity and non-repudiation of
ciphered message.
The shared keys and certificates are valid for the following period:
• Session key: for a week
• Device certificate: for a half-year
• Shared secret key: for a year


Page | 80
Japan
Japan’s Smart Grid deployment is driven by its long-term “Smart Community” roadmap

Exhibit 64: Smart Grid implementation timeline for Japan
Up to 2020:
• Maintain quality of electricity alongside large-scale deployment of photovoltaic
• Installation of storage cells at substations
• Accumulation of know-how and technology
• Remote reading of smart meters
• Installation of home servers and home energy management systems (EMS)
• Rollout of zero-energy building guidelines and implementation
2020 to 2030:
• Realization of regional energy management systems, with energy storage capabilities
• Establishment of two-way communication facility in transmission and distribution networks
• Integration of home and regional EMSs
• Dissemination of services using home servers
• Usage of electric vehicles for energy storage
• All new public buildings to be zero-energy buildings
Beyond 2030:
• Establishment of EMS that can provide an optimized balance in terms of economy and security
between regional EMS and grid
• Realization of a fully-automated home EMS
• All new buildings to be zero-energy buildings, fulfilling their own energy requirements


Page | 81
Four large-scale pilot projects have been commissioned in Japan to study various aspects related to
Smart Grid

Exhibit 65: Smart Grid pilots in Japan
Kyoto Keihanna District
• The project aims to study nano-grid management of photovoltaics and fuel cells on the basis of
visualization of demand.
• Testing of “electric power virtual coloring” technology, which actualizes overall home (EMS), is also
being undertaken.
• Installation of solar panels in 1000 houses, and an electric vehicle car-sharing system to be
implemented.
Yokohama City
• The project aims to build a low-carbon society involving 400 smart homes.
• A five-year pilot, it has been undertaken by a consortium of seven Japanese companies.
• The focus is on developing EMS that integrates home EMS, building EMS, and electric vehicles.
• The aim is to install 27 GW capacity solar photovoltaic.
Toyota City
• Through the project, houses that have an IT network of electrical appliances and other household
equipment can develop household power leveling and optimize energy usage.
• Demand response will be implemented in more than 70 homes and through 3100 electric vehicles.
• Will seek to use heat and unused energy in addition to electricity.
Kitakyushu City
• Focuses on real time management in 70 companies and over 200 homes.
• To be implemented over five years, it involves 38 projects, and an investment of 16.3 billion yen, by
46 companies and organizations.
• Energy management will be controlled by home EMS and building EMS.
• Demand-side management will be coordinated with overall power system.


Page | 82
Japan’s New Energy and Industrial Technology Development Organization (NEDO) has collaborated with
various institutions across the globe to run pilot program in those respective areas. The areas are selected on
the basis of how closely they resemble geographic, environmental, and other conditions of regions in Japan.
Study Group on International Standardization for Next Generation Energy Systems released a
roadmap for Japan’s contribution

Exhibit 66: Standardization roadmap for Smart Grid in Japan
The following 26 focus areas have been identified:
• Wide Area Situational Awareness (WASA) in transmission systems
• Optimized control for system storage cells
• Optimized control for distribution storage cells
• Optimized control for building/community energy storage
• High efficiency power conditioners for storage cells
• Distribution automation systems
• Power conditioners for distributed power supplies
• Power electronic devices for distribution
• Factory Energy Management Systems (FEMS)
• Building Energy Management Systems (BEMS)
• Home Energy Management Systems (HEMS)
• Consumer Energy Management Systems (CEMS)
• Fixed energy storage systems
• Storage cell modules
• Methods of assessing the salvage value of EV storage cells
• Quick EV charger-vehicle communications
• Quick EV charger connectors
• Quick EV charger unit design
• Safety testing of lithium ion batteries for vehicles
• Vehicle to regular EV charger infrastructure communications

Page | 83
• Infrastructure control of regular EV chargers
• Wide area meter access communications
• Local meter access communications
• Gas metering for AMI systems
• Authentication methods between meter and high level systems
In 2010, Japan released the “Information Security Strategy for Protecting the Nation,” followed by
annual information security reviews

Exhibit 67: Information security strategy of Japan
The Information Security Review for 2012 lists certain specific measures that need to be
undertaken to secure critical infrastructure in Japan
The Information Security Review for 2012 lists the following specific measures:

• Strengthening of public-private sector partnerships for targeted attacks: The government
agencies will be equipped to handle sophisticated and targeted attacks by reinforcing the public-private
sector partnerships to facilitate information sharing. Computer Security Incident Response Team
(CSIRT) and other systems in the respective government agencies will be prepared, and alliances with
them will be strengthened to further fortification. In order to enhance the overall response capabilities,
the government will develop advanced analysis functions, build relevant databases, and analyze the
environment and promote R&D on sophisticated detection technology.


Page | 84
• Preparation for a potential large-scale cyber attack: Initiatives such as training concerning initial
response measures (upon the occurrence of a large-scale cyber attack) and the collection of
information will provide counteraction to large-scale cyber attacks. In terms of security-related
initiatives, based on the “National Defense Program Guidelines for FY2011 and beyond,” defense-
related systems against cyber attacks are to be reinforced for the stable use of cyberspace.
• Consolidation of government institutions: In order to increase responsiveness to targeted attacks or
information security-related threat occurrences, systems having CSIRT and other similar functions will
be created in the respective government agencies.
In order to enhance the government’s responsiveness to attacks or threats, the cross-sectional
Government Security Operation Coordination team (GSOC) will be enriched and equipped to enable
automatic support by personnel with specialist skills from other government agencies.
Efforts will be made to further increase the level of information security awareness of each staff
member of the value chain by initiatives such as education and training on targeted e-mail attacks.
In addition to this, cryptography, etc. will be used for preventing the identity spoofing of government
institutions, etc.
• Consolidation of critical infrastructure: The impact of the Great East Japan Earthquake has
encouraged people to assess the full anticipation of risks in information security in the business
continuity plan. Also, when analyzing and evaluating the safety standards, etc., attention will be given
to analyzing and verifying if these standards are in accordance with the latest environmental changes,
such as targeted attacks and attacks on control systems, etc.
• Response to the diversification and sophistication of information and communication
technology: Effective measures will be taken in order to ensure information security in the ever-
growing world of new services such as smart phones, cloud computing, and IPv6, through numerous
initiatives such as standardization and investigative research.
• Promotion of R&D and industry development: Based on the “Information Security R&D Strategy”
and its roadmap, research and development will be fostered on active and highly reliable information
security technology, such as establishing a new defense model and realizing a secure communication
environment.
• Development of information security human resources: Necessary measures will be taken for
developing four types of human resources: corporate information security personnel, information
security industry personnel, leading-edge researchers and technical experts, and government agency
information security personnel.
• Enhancement of information security literacy: Dissemination of information and education
activities will be enhanced in order to ensure that the users can voluntarily carry out information
security measures. It will be based on the “Information Security Outreach and Awareness Program.”
Also, consultation services on information security and initiatives for the protection of personal
information will be increased and improved.
• System organization: The safety and reliability of cyberspace (such as preparation toward the early
conclusion of the Convention on Cybercrime, the smooth enforcement of the Cyber Penal Code and
revised Anti-Unauthorized Access Law) will be improved and rendered more robust.
• Reinforcement of international alliances: Study and review of specific cooperation items will be
carried out through frameworks such as the Japan-UK Cyber Conference and other bilateral meetings
to reinforce bilateral ties, while deepening discussions in the Japan-U.S. Cyber Security Meeting and
Japan-U.S. Policy Cooperation Dialogue on Internet Economy. Cooperation will be promoted with the
European Commission and other relevant European countries for establishing alliance with Europe.

Page | 85
For the ASEAN region, alliances will be further strengthened through the promotion of joint
awareness and education activities on information security, development of human resources, technical
support, research cooperation, and the 5th Japan-ASEAN Information Security Policy Meeting to be
held in Tokyo.
• Information Security Policy Council: It is the highest decision-making body in charge of framing
security policies with representations from the following:
- National Police Agency: charged with combating cyber crimes
- Ministry of Internal Affairs and Communications: deals with communication and network policies
- Ministry of Economy, Trade, and Industry: deals with IT policies
- Ministry of Defense: deals with issues of national security
The National Information Security Center acts as the secretariat to the council and coordinates
government efforts.

Page | 86
Dashboard
Parameter U.S. Germany India China South Korea Japan
Phases of
rollout
• Constitutional initiation
• Implementation phase:
Pilot programs, grid
modernization and
security
• Preparation phase
• Implementation phase
• Market phase
• Initiation: 2012 to
2017
• Acceleration: 2017
to 2022
• Completion: 2022
to 2027
• Planning and trial
phase: 2009 to 2010
• All-round
construction: 2011
to 2015
• Monitoring phase:
2016 to 2020
• Construction and
operation of the Jeju
test bed
• Expansion into
metropolitan areas
• Completion of a
nationwide intelligent
power grid
• Phase 1: Up to 2020
• Phase 2: 2020 to 2030
• Phase 3: Beyond
2030
Current
status
• The Energy Independence
and Security Act of 2007,
Title XIII and the
American Recovery Act
of 2009 set the foundation
for Smart Grid
deployment by providing
monetary stimulus
• Pilot programs are being
conducted across the
country, with primary
focus on AMI
• The country is proactively
modernizing its grid to
support the Smart Grid
rollout

• New amendment for
the ‘Energiewende’
entails:
- Installing metering
systems for the
DSO
- Comprehensive
specifications for
the metering
systems with
respect to data
security and two
way data
transmission, and
specifications for
interoperability
and certification
- Protection profile
for smart metering
gateways by the
BSI
• India is at a very
nascent stage of
Smart Grid
implementation
• 14 pilot projects
dealing with
multiple Smart Grid
technologies, are
currently at the
tendering stage
• 228 pilot projects
have been
commissioned
across China to
analyze different
aspects of Smart
Grid deployment,
challenges, and
solutions
• Certain cyber
security specific
standards have been
released to
complement
China’s Smart Grid
implementation
• South Korea has
successfully
implemented Phase 1
of its Smart Grid
rollout
• The test bed is
equipped with end-to-
end Smart Grid
infrastructure and will
be replicated in the
metropolitan cities of
South Korea in the
second phase
• Four large scale pilot
projects have been
commissioned in
different parts of
Japan
• The NEDO has
collaborated with
various institutions
across the globe, to
run pilot program in
those respective areas
• A “Study Group on
International
Standardization for
Next Generation
Energy Systems”
released a roadmap
for Japan’s
contribution
• Japan released the
“Information Security
Strategy for
Protecting the
Nation” in 2010,
supplemented by an
annual Information
Security review

Page | 87
Parameter U.S. Germany India China South Korea Japan
Bodies
involved in
cyber
fortification
• Bodies include FERC,
NERC, NIST, SGIP
SGCC, DHS, and DoE
• Main official bodies
include the DKE, the
Federal Association
of the Energy and,
Water Industry and
the BSI
• Working Group 10
of the India Smart
Grid Forum is in-
charge of cyber
security
• Working Group 5
of the India Smart
Grid Task Force is
in charge of
physical cyber
security, standards,
and spectrum
• China’s State
Council is the body
that oversees the
cyber security of
China’s Smart Grid
• Korea Smart Grid
Institute (KSGI) acts
as the Secretariat of
Smart Grid initiatives
and projects
• Information Security
Policy Council is the
highest decision
making body in-
charge of framing
security policies
Cyber issues • Current regulatory
environment
• Focus of utilities on
regulatory compliance
more than comprehensive
security
• A lack of security features
consistently embedded
into every component of
smart grid
• Lack of an effective
mechanism for sharing
and dispensing
information on cyber
security
• Lack of metrics for the
evaluation of cyber
security
• Lack of coordinated
monitoring of industry
compliance with
voluntary standards
• Data privacy is the
key concern that
Germany faces
currently
• As the rollout is at a
very nascent stage,
no major cyber
security issues or
concerns have been
faced so far
• Disparity between
China and
developed countries
in broadband
infrastructure
• Control of core
technology by
foreign players
• Low degree of
information sharing
between
government and
industry
• Inadequate strategic
planning for
information security
• Weak basic
network defense
capabilities
• Rapid growth of
mobile internet and
other technologies
• Overall cyber security
of the Smart Grid
infrastructure in order
to protect it from any
cyber attack from
North Korea
• AMI security is the
key focus area in
South Korea
• Strengthening of
public-private sector
partnerships for
targeted attacks
• Consolidation of
critical infrastructure
• Promotion of R&D
• Development of
information security
human resources
• Enhancement of
information security
literacy
• System organization
and reinforcement of
international alliances


Page | 88
Parameter U.S. Germany India China South Korea Japan
Overcoming
challenges
and future
outlook
• NIST released a three-
volume report on cyber
security guidelines
(NISTIR 7628), which
forms the basis of the
cyber framework. It is
currently working on the
latest version of the
NISTIR 7628.
• Recently, President
Barack Obama signed the
Executive Order to
highlight cyber security
as a very critical problem.
• Smart Grid components
are now being ingrained
with cyber security
features right since the
inception.
• The overall grid system is
now being designed to
deter, detect, respond, and
recover from intentional
or accidental disruptions,
as well as those from
natural disasters.
• A collaborative utility
task force, the Advanced
Metering Infrastructure
Security Task Force
(AMI-SEC), has
partnered with DOE to
develop a common set of
cyber security
requirements for AMI.
• In the near future, U.S.
and Netherlands will
collaborate on various
topics around Smart Grid,
with cyber security being
a dominant one.
• Specific measures
apart from general
security provisions in
the BSI protection
profile should be
incorporated.
• A strong detailed
framework for
security architecture
is required.
• According to ENISA,
security should focus
on security
governance and risk
management, secure
lifecycle process,
personnel security,
awareness and
training, physical
security, information
systems security, and
network security.
• Future endeavors
include:
- Drafting of cyber
security
standards for
Indian power
systems
- Identifying
relevant
standards for
Indian Smart
Grid security
framework
- Detailed
comments on
BIS and ISGTF
report on cyber
security
- Collaboration
with academia
for curriculum
development on
cyber security
- Development of
technology
selection
guidelines
• China plans to
undertake huge
investments in
cyber security for
Smart Grids. With a
CAGR of 40%, its
Smart Grid cyber
security market is
expected to
overtake that of
U.S. by 2016
• The following
standards for cyber
security are
currently under
development:
• Series of Standards
on communication
network security
protection
technology—to be
completed by 2013
• Series of Standards
on information
systems and devices
cyber security
technology—to be
completed by 2014
• Series of Standards
on cyber security
evaluation is
nearing completion
• South Korea is
focusing on achieving
an end-to-end
security for its grid. It
expects to progress
into the next phase by
deploying the
practices proven
successful in the first
phase.
• Overcome IT risks to
realize safety and
security in the
nation’s life
• Implement a policy
that strengthens
national security and
crisis management
expertise in
cyberspace, and
integrity with ICT
policy as the
foundation of
socioeconomic
activities
• Establishment of a
triadic policy that
comprehensively
covers various
aspects of national
security, crisis
management, and
user protection
• Establishment of an
information security
policy that contribute
to economic growth
strategy
• Building up
international alliances

Page | 89
Parameter U.S. Germany India China South Korea Japan
Stimulus
investment in
Smart Grid
• Stimulus investment in
2010: USD 7.092 billion
[113]
• Smart Grid cyber security
spend is expected to reach
USD 7.25 billion by 2020
[113]
• Stimulus investment
in 2010: USD 397
million [113]
• Under the National
Smart Grid
Mission, India plans
to spend more than
INR 314 billion
from 2012-17 [120]
• Stimulus
investment in 2010:
USD 7.3 billion
[113]
• China will invest
close to USD 96
billion by 2020
[130]
• Stimulus investment
in 2010: USD 824
million [113]
• Stimulus investment
in 2010: USD 849
million [113]
Exhibit 68: Dashboard by country

Page | 90
Conclusion
Cyber security framework
Security framework to achieve a self-healing Smart Grid

Exhibit 69: Security mechanism
The step-by-step mechanism shown in Exhibit 69, above, should be followed by utilities in order to mitigate
cyber threats or address them at the earliest with least possible damage rendered to the consumers and the
utilities. The security mechanism can be employed by every component of the Smart Grid value chain in order
to render the overall system more secure.
The security mechanism can also provide a foundation for achieving a self-healing smart grid: A secure,
stable, and efficient Smart Grid system needs to be equipped with self-healing features. These features include
digital components and real-time secure communications technologies throughout the grid to monitor the
electrical characteristics continuously and accordingly adapt itself to operate at an optimum state. With
constant monitoring, a self-healing Smart Grid will be able to detect potential problems caused by storms,
catastrophes, human error, or sabotage. A self-healing Smart Grid should be competent enough to react to such
attacks/failures within a fraction of a second. Upon problem detection, a self-healing grid should instantly
isolate it in order to prevent the same cascading into major blackouts or affecting the rest of the grid. Post

Page | 91
isolation, the Smart Grid should be able to re-organize itself and re-route energy transmissions in order to
ensure continuous service to customers while the problem is physically repaired by line crews.
The following are the primary functions of a self-healing Smart Grid:
• Real-time monitoring and reaction: Allows the system to adapt itself to an optimal state.
• Anticipation: Enables the system to automatically detect issues that can potentially lead to a huge
impact.
• Rapid isolation: Allows the system to isolate parts of the network that experience failure from the rest
of the system. This prevents disruption and enables a more rapid restoration.
Consequently, the self-healing Smart Grid exhibits an end-to-end resilience that detects and overrides human
errors and malicious attacks that may result in devastating impacts. The mechanism illustrated in Exhibit 69,
above, suggests a step-by-step algorithm for ensuring a self-healing Smart Grid. It facilitates cyber fortification
of the grid as well as catalyzes a speedy recovery in case of a human error or an attack.


Page | 92
Prevention and detection mechanism helps in real-time monitoring and predicting cyber attacks
and failures
Real-time monitoring can be achieved through prevention and detection mechanisms, whereas anticipation can
be achieved through detection.

Exhibit 70: Monitoring and anticipation through prevention and detection
Exhibit 71, below, indicates the technologies that can be implemented as a part of prevention and detection
mechanisms. These two components (prevention and detection) of a framework act as a distributed brain of the
Smart Grid system and help in validation of incoming data for immediate coordination and adaptation of
various functions.

Exhibit 71: Prevention and detection processes

Page | 93
Response and recovery help in preventing the malware from spreading further and in restoring the
compromised component/facility/area
Within the security framework, shown in Exhibit 72, below, response and recovery are instrumental in
ensuring the isolation feature of a self-healing grid.

Exhibit 72: Response and recovery mechanisms
The response and recovery mechanism and approach, coupled with similar technologies, can help in enforcing
situation-based operational plans and system restoration.
Response mechanisms can help address the short-term direct effects of an attack or failure. Response also
includes execution of emergency actions plans and incident activities designed to curb the loss of life, personal
injury, and property damage.
Recovery mechanisms include framing, coordinating, executing service and site-restoration plans for affected
facilities and services.
Communication involves sharing information on cyber attacks, mitigation plans deployed to counter an attack
or human failure, and preventive measures for future. Authority needs to be vested with a federal agency at
both country level and continent level (e.g., Europe, North America, APAC, etc.) in order to facilitate the
sharing of knowledge and best practices.
As a whole, the security framework will help the self-healing Smart Grid provide its stakeholders pictures of
varying resolutions: macro picture for top executives, medium picture for individual operation and micro
picture for micro-grids, subsystems, and assets.


Page | 94
Country summary
The six countries considered in this study need to accelerate their efforts to ensure enhanced
security for Smart Grid
The United States has embarked on modernizing its existing electric grids. The requirements include blackout
prevention, cyber security, critical price volatility, renewables, relevant policies and standards, demand side
management, microgrids, energy storage, EV, AMI, and transmission and distribution automation. As a result,
the focus has been on AMI and demand managed systems, catalyzing policies and standards, and price
volatility. With AMI forming a major portion of the pilot projects, the U.S. needs to upgrade its security
measures for the same. Original Equipment Manufacturers (OEMs) and security firms are diversifying the
nature of their cyber protection offerings in terms of services offered, consulting, and products. Bodies such as
FERC, NIST, SGIP SGCC, NERC, DOE, and DHS together need to build a robust framework that not only
lays down regulatory compliance but also dispenses information on establishing comprehensive and
standardized security across the nation. A federal body should be nominated to lead the effort and ensure
standardization. In addition, best practices, prevention methods for cyber attacks or failure (based on research
or prior experience), and recovery mechanisms should be shared with all stakeholders of the Smart Grid
ecosystem in the U.S. This will result not only in a more secure grid infrastructure, but will also help in
determining the requirements of different key players involved.

Exhibit 73: Present standards and future requirements
of cyber security for Smart Grid in the U.S.
Germany has a strong focus on consumer data privacy. This has resulted in the development of a protection
profile for “smart meter gateway,” a communication unit that will be installed in households in the near future
as a portal for domestic meters and devices. Based on threat assessment, BSI’s protection profile will specify
minimum security requirements for secure and privacy-friendly interoperability. However, apart from general
security provisions, the protection profile will also include specific measures as well. Germany requires a
detailed and exhaustive framework for its security architecture. According to ENISA, the focus should be on
security governance and risk management, secure lifecycle process, personnel security, awareness and training,
physical security, information systems security, and network security.

Page | 95

Exhibit 74: Present standard and future requirements
for cyber security of Smart Grid in Germany
India plans to complete Smart Grid implementation by 2027. However, cyber security does not feature
prominently among the focus areas of grid implementation. In addition, the pilot projects that are being
planned to be implemented in the near future lack focus on cyber security. However, the Working Group on
Cyber Security in the India Smart Grid Forum is working toward increasing awareness on various aspects
related to cyber security by conducting an audit of Indian utilities and showcasing the findings as a state of
Indian utilities report. The group plans to work with the Bureau of Indian Standards to accelerate standards
development and publish white papers to make ecosystem players aware of the critical role that Smart Grid
cyber security will play. To complement the phased Smart Grid rollout, India needs to emphasize standards
development for cyber security in Smart Grids.

Exhibit 75: Present standard and future requirements
for cyber security of Smart Grid in India

Page | 96
In the near future, China is expected to emerge as one of the largest Smart Grid cyber security markets.
Standards development in the country is on pace with the Smart Grid rollout. However, compatibility with
international standards is essential. In addition, a national framework for Smart Grid cyber security that
enables two major utilities to work in tandem and better coordinate their efforts is also required.

Exhibit 76: Present standard and future requirements
for cyber security of Smart Grid in China
South Korea’s unique national roadmap for implementing Smart Grid involves building a complete Smart Grid
infrastructure in its test bed Jeju (an autonomous island). This end-to-end implementation will help South
Korea realize the many cyber vulnerabilities that a grid infrastructure can be exposed to. Cyber attacks can be
simulated at the test bed scale to ascertain the robustness of the Smart Grid without the danger of a large scale
impact. This can help the country in devising security solutions for various threats before implementing the
grid to metropolises and subsequently the entire nation.

Exhibit 77: Present standard and future requirements
for cyber security of Smart Grid in South Korea

Page | 97
Japan lacks Smart Grid specific cyber security guidelines. However, being a subset of the electricity grid,
which is categorized as a critical infrastructure, broader guidelines apply. The country needs to lay emphasis
on standards development.

Exhibit 78: Present standard and future requirements
for cyber security of Smart Grid in Japan
The Middle East faces an increased sense of urgency to meet the needs of a growing population and rising
energy demands. One of the major obstacles to early adoption of Smart Grids is the absence of effective
regulation. However, there has been a positive development in some countries, including the United Arab
Emirates (UAE) and Oman, where regulators are actively encouraging the utilities to evaluate their
performance and benchmark them against world-class utilities. Countries such as Oman, Jordan, and the UAE,
and specifically cities such as Dubai and Abu Dhabi, are moving forward with smart meter rollouts. Middle
East and North Africa (MENA) will attract capital investment of up to USD 525 billion from the private sector
in the next five years. [132]
The European Union (EU) has mandated that all member states deploy smart meters in 80% of households by
2020, if economically feasible. All EU countries planned to complete smart metering cost-benefit analyses by
September 2012, however less than half of the 10 central and eastern European (CEE) countries have done so.
Most CEE countries have not yet officially transposed EU regulations into their national legislation.
Australia has made significant progress within the Smart Grid industry with respect to the deployment of smart
technologies. It is estimated that approximately USD 200 billion will be invested in the national energy
structure (not restricted to Smart Grids). [13] The first results from projects such as Smart Grid and Smart City
have been successful. However, a holistic government policy is required to mitigate resistance and confusion
in the path of Smart Grid rollout.






Page | 98
Present investments in cyber security for Smart Grid
Less than one percent of the total amount invested by venture capitalists in Smart Grid
technologies caters to cyber security [99]

Exhibit 79: Venture capital investments in Smart Grid by technology (in USD million)
In the near future, the Smart Grid cyber security market is expected to grow at a compound annual growth rate
(CAGR) of 21% [30], with China expected to be one of the fastest growing markets, at a CAGR of 40%. [30]
In this area/segment, venture capital (VC) funding outside the US is not widely available, and even in the U.S.,
VC funding in this area is limited.
The DoE plans to invest USD 20 million in cyber security R&D and demonstrations. [35] With the executive
order recently signed by President Barack Obama, investment (both government aided and private) in cyber
security is expected to rise. Distribution automation, AMI, substation security, and SCADA protection will be
the key focus areas. OEMs and security firms will continue the trend of diversifying their cyber offerings in
terms of services offered, consulting, and products. Among the six countries, China, U.S., and Germany are
expected to undertake the largest investments in cyber security over the next few years.
The Alarm.com funding deal and the acquisition of Vivint for USD 2.2 billion [80] by Blackstone Group
reflects a growing trend in which home security companies have expanded into home automation. Security
companies, along with cable and telecom companies, are expanding their offerings to cover the entire
“connected or digital” home services.
According to the research firm Zpryme’s forecast, U.S. utilities are expected to spend a cumulative USD 7.25
billion in security from 2013 to 2020, with distribution automation assets as the core focus. North America

Page | 99
accounted for 42% of the global cyber security market in 2012, followed by Europe at 30% and Asia-Pacific at
17%. [34]
However, China is expected to emerge as the largest market by 2017, thereby pushing Asia-Pacific’s market
share to 35% by 2020. [129] During the same time period, China, Japan, South Korea, and Russia are expected
to witness growth rate of approximately 40%.
According to GTM Research’s “2010 Smart Utility Enterprise” report, the U.S. market for cyber security
products and services is expected to reach USD 237.6 million by 2015. Navigant Research predicts that the
market for Smart Grid industrial control system cyber security will account for USD 608 million by 2020.

Exhibit 80: Venture capital deals in Smart Grid by technology






Page | 100
Future outlook for cyber security in Smart Grid
Stakeholders across the Smart Grid value chain believe that the industry is adapting to the prospect
of increased risk posed by cyber attacks and undertaking appropriate measure
As the Smart Grid further gains acceptance and popularity, the nine technologies mentioned in this section will
become imperative for ensuring grid safety, and consequently witness global deployment. A few of the
following technologies are currently being deployed in certain parts of the world. However, countries that are
at nascent stage of Smart Grid implementation should embed these technologies in their roadmap from the
initial stage itself. On the other hand, countries that are undertaking huge investments in grid modernization
must ensure that these technologies become integral part of the upgraded grid.




Exhibit 81: Future outlook for cyber security in Smart Grid systems

Page | 101
1. Increased system resilience:
In the event of a cyber attack, systems should be enabled in such a way that they can be restored in the
minimum possible time. Cyber security of a Smart Grid is resilient if it always detects and responds to security
threats before performance and security requirements of other functions and/or components are violated. With
the emerging importance of increased system resilience, initiatives are being undertaken to ensure the same. In
2012, the U.S. entered into an agreement with the Netherlands on science and technology cooperation to
promote a secure and resilient cyber environment. The city of Hague in Netherlands, also known as the cyber
security capital of the world (the Hague Security Delta), has a number of international institutions. The
European Network for Cyber Security (ENCS) has been recently added to this group and focuses on cyber
resilience for Europe’s hyper-connected critical energy grids.
2. Innate security:
Security will feature as design criteria for devices, instead of being an added layer upon completion. All pilot
programs will be required to submit a detailed framework for cyber security features incorporated. A hierarchy
of command and order will be maintained while laying out the architecture and interaction of different
components of Smart Grid. For instance, there will be two-way communication between the smart meter and
smart appliances. However, the action-initiating commands can be sent only from the smart meter to the smart
appliances, and not the other way round.
3. Open standards:
The industry will shift to open standards and protocols to increase interoperability between devices. One of the
major issues being faced by Smart Grids is the absence of an agreed-upon specification that determines the
design of all components and how they should communicate with each other. This interoperability challenge
can be addressed by measures taken by key grid subsystems and consumer side systems to open platforms in
order to flexibly support a variety of standard interfaces.
4. Big data intelligence:
Smart Grids deal with real-time data flow in multiple forms: consumer data, meter heartbeat and configuration
data, real time pricing data, operational data, and data received from a number of sensors that monitor various
components and parts of a Smart Grid. Big data analytics provide an efficient way of real-time state
monitoring and situational awareness. Anomaly detection when compared with normal behavior of data
streams and context setting of any breach or failure can be executed to enhance robustness of the grid. With the
Smart Grid ecosystem becoming more complex in future, big data analytics will play a crucial role, both in
ensuring grid security and in understanding consumption patterns and behaviors. The U.S. plans to spend USD
1.4 billion on Smart Grid analytics by 2020. [128]
5. Self-healing systems:
A self-healing Smart Grid will provide end-to-end resilience and detect and override human errors and
malicious attacks. Through continuous monitoring, anticipation, and response to attacks, systems will limit the
damage inflicted. Once the problem detected, a self-healing grid will instantly isolate the infected component
in order to prevent the problem cascading into major blackouts or affecting the rest of the grid.
6. Best practices:
Best practices for cyber security from other industries will be deployed to the grid with suitable modifications.
These best practices will entail security mechanisms not only to address potential threats but also repair
methodologies to be deployed in the event of an attack or failure. Effective communication needs to be the
cornerstone of sharing best practices within and across industries.

Page | 102
7. Real-time intelligence and authentication:
With an increase in computing power, keys for authentication will be generated instantaneously and discarded
later. Real-time monitoring and authentication will use distributed autonomous cyber sensors throughout the
Smart Grid network to detect anomalies and quarantine compromised areas in order to prevent the problem
from cascading into other parts of the system. Cyber and physical (perimeter) security will be integrated
together into a unified module in order to provide real-time authentication and context of the breach and/or
failure if it occurs.
8. Spatial awareness:
Grid devices will monitor presence of potential threat agents, using information to anticipate threat. A
geospatial map of the network infrastructure is being used increasingly to spatially relate the numerous systems
of a Smart Grid. Integrating the erstwhile disparate system views into one consolidated environment gives
operators a complete picture of the entire system, thereby aiding their decision-making and decreasing
response time. It helps them filter, analyze, and interpret information in a spatial context by using data such as
location and authentication of field crew, display of customer trouble calls, automatic prediction of protective
device operation and outage isolation, and potential fault locations. The USD 14 million investments in
situational awareness and analytics solutions provider, Space-Time Insight, in late 2012 indicated further
convergence between IT and utility operations.
9. Complexity management:
Vulnerabilities increase with higher complexity; hence, authenticated users need to have simplified access.
However, this simplified access should not compromise the system and make it vulnerable to data theft or
attack. Hygiene factors like biometric identification or password protection or network segregation should be
deployed to ensure security while making access simplified.




Page | 103
Action items for cyber security in Smart Grid
The following action items need to be addressed collectively by all stakeholders in order to enhance
security in the Smart Grid ecosystem

Exhibit 82: Action items for Smart Grid ecosystem players
1. Security first:
Security requirements for each system need to be addressed from design stage up to deployment stage, and not
as an afterthought or at the overall grid level only. Components and end-devices of the Smart Grid system
should be embedded with security features and tools. Pilots programs must prepare their cyber security draft
before rollout. In addition, security should focus on not just individual components, but on end-to-end set-up.
Targeting the components solely might result in loopholes (e.g., network perimeter vulnerabilities, faulty
communication medium, etc.), which can render the grid vulnerable.
2. Focus on policy, procedure, and processes:
In order to ensure that technology advancement proves effective, appropriate policies, processes and
procedures need to be arrived at with consensus among all stakeholders. These policies and procedures should
be standardized across the country for effective adoption and deployment. Moreover, they should be
transparently communicated to all stakeholders. This will foster collaboration and result in improved end-to-
end security by increasing interoperability between devices. Agreed-upon specifications and procedures should
determine the design of all components and how they communicate with each other.
3. Training and education:
Utilities need to be trained on cyber security threats and method to overcome the threats. There is a need to
increase awareness on cyber security. Cyber threat is still considered to be a hoax by many ecosystem players,
resulting in insecure Smart Grid components. Knowledge should be dispersed in order to expedite actions that
secure the grid. Since it is end-to-end security that needs to be achieved, ignorance of any single ecosystem
player can result in loopholes. Education is also required to foster interest in the space and increase R&D
activities.
4. Increasing investments:
With the ever-widening horizon of the Smart Grid system, numerous vulnerabilities come into play. This
requires a continuous focus on infrastructure fortification accompanied with R&D to address cyber security
threats. Grid modernization should advance in tandem with increased investments by the government and other
stakeholders in order to foster research work.

Page | 104
Acknowledgements
Several persons and organizations have played a very important role in the creation of this report. We would
like to thank all of the individuals who participated in the interview process and imparted the knowledge that
was used to create this report. Those individuals are listed below. We would also like to thank the IEEE and
Zinnov teams for their hard work and commitment to this project.
Dr. Massoud Amin, Director/Chair/Professor, University of Minnesota
Subodh Belgi, Cyber Security Working Group, India Smart Grid Forum
Andres Carvallo, Proximetry
Sandro Etalle, Professor, TU Eindhoven, and CEO, SecurityMatters
Shailendra Fuloria, Cyber Security Working Group, India Smart Grid Forum
Terry Gardner, Infrax Systems
Srini Kakkera, AlertEnterprise, Inc.
Ganesh Kashyap, Landis+Gyr
Ryusuke Masuoka, Cyber security policy, CIPPS Japan
Jean-Pierre Mennella, Smart Grid Cyber Security, Alstom
Dr. Clifford Neuman, Professor, USC and ISI
Deven Patel, ISGF and TCS
Ravi Pradhan, Siemens
Abraham Samson, Cyber Security Working Group, India Smart Grid Forum
Laurent Schmitt, Alstom
Tatsuya Shinkawa, NEDO Japan
Michael Stuber, Itron
Marianne Swanson, NIST
John Verghese, Infrax Systems
David J. Wall, Energy practice, Navigant
Dr. Andrew Wright, CTO, N-Dimension Solutions

Page | 105
Abbreviations

Acronym Full form
AMI advanced metering infrastructure
AAA authentication, authorization, and accounting
ACL access control lists
APAC Asia Pacific
BEMS building energy management systems
BSI Federal Office for Information Security (Germany)
CAGR compounded annual growth rate
CEMS consumer energy management systems
CIM common information model
CNCERT/CC China’s National Computer Network Emergency Response Coordination Center
COSEM companion specification for energy metering
CSWG cyber security working group
DCS distributed control systems
DER distributed energy resources
DHS Department of Homeland Security
DLMS device language message specification
DoC Department of Commerce
DoD Department of Defense
DoE Department of Energy
DoS denial-of-service
DR demand response
DRAS demand response automation server
DRMS demand response management system
EERE Office of Energy Efficiency and Renewable Energy

Page | 106
Acronym Full form
EISA Energy Independence and Security Act of 2007
EMS energy management system
ENISA European Network and Information Security Agency
EPA Environmental Protection Agency
EV electric vehicle
FCC Federal Communications Commission
FEMS factory energy management systems
FERC Federal Energy Regulatory Commission
GAO Government Accountability Office
GW giga watt
HAN home area network
HEMS home energy management systems
HMI human machine interface
I/O input/output
IEC International Electrotechnical Commission
IED intelligent electronic device
INR Indian National Rupee
IP Internet protocol
IT information technology
ITA International Trade Administration
KEPCO Korea Electric Power Corporation
KSGI Korea Smart Grid Institute
LAN local area network
MAN metrology network
MDMS meter data management system
MVAR megavolt ampere reactive

Page | 107
Acronym Full form
MW mega watt
NEDO New Energy and Industrial Technology Development Organization
NERC North American Electric Reliability Corporation
NERC TPL North American Electric Reliability Corporation Transmission Planning
NETL National Energy Technology Laboratory
NOAA National Oceanic and Atmospheric Administration
OBIS object identification system
OS operating system
OTA over the air
PMU phasor measurement unit
POSCO Pohang Iron and Steel Company
PPP public private partnership
R&D research & development
RADIUS remote authentication dial-in user service
RTU remote terminal unit
SA substation automation
SCADA supervisory control and data acquisition
SEZ special economic zone
SGDP Smart Grid demonstration projects
SGIG Smart Grid investment grant
SGIP Smart Grid interoperability panel
SNMP simple network management protocol
SQL structured query language
SSH secure shell
T&D transmission and distribution
TACACS terminal access controller access-control system

Page | 108
Acronym Full form
TC technical committee
TOC total operating center
TCP transmission control protocol
UHV ultra high voltage
USD U.S. dollar
USDA U.S. Department of Agriculture
USTDA U.S. Trade and Development Agency
V2G vehicle-to-grid
VPN virtual private network
WAN wide area network
WASA wide area situational awareness

Page | 109
References
[1] “A Policy Framework for the 21st Century Grid,” National Science and Technology Council, USA,
[Online]. Available: http://energy.gov/sites/prod/files/White%20House%20Smart%20Grid%20
Report%20Presentation%207%2011%2011.pdf.
[2] Adekunle, O. V., 2012, “An Overview of Broadband Communication over Power Lines,” EIE’s 2
nd

International Conference on Computing, Energy, Networking, Robotics and Telecommunication.
November 21–23, 2012, Covenant University, Ota, Ogun State, Nigeria.
[3] Aloul, F., Al-Ali, A. R., Al-Dalky, R., Al-Mardini, M., and El-Hajj, W., 2012, “Smart Grid Security:
Threats, Vulnerabilities and Solutions,” [Online]. Available:
http://www.aloul.net/Papers/faloul_ijsgce12.pdf.
[4] “AMI Cyber Security Incident Response Guidelines,” 2012, Electric Power Research Institute,
[Online]. Available:
http://www.epri.com/abstracts/Pages/ProductAbstract.aspx?productId=000000000001026554.
[5] Amin, M., 1998, “Toward a Secure and Smart Self-Healing Grid,” EPRI Research Advisory
Committee, [Online]. Available: http://massoud-amin.umn.edu/presentations/CINSI_01-27-
1998_RAC.pdf.
[6] Amin, S. M., 2010, “Securing the Electricity Grid,” [Online]. Available: http://massoud-
amin.umn.edu/publications/Securing-the-Electricity-Grid.pdf.
[7] Amin, S. M., and Giacomoni, M., 2012, “Smart Grid—Safe, Secure, Self-Healing,” IEEE Power &
Energy, [Online]. Available: http://magazine.ieee-pes.org/january-february-2012/smart-grid-safe-
secure-self-healing/.
[8] “Approved & Proposed IEEE Smart Grid Standards,” IEEE Smart Grid, [Online]. Available:
http://smartgrid.ieee.org/standards/ieee-approved-proposed-standards-related-to-smart-grid.
[9] Armitage, S., 2011, “Known Wireless Attacks,” [Online]. Available:
https://community.ja.net/system/files/222/known-wireless-attacks.pdf.
[10] Arnold, G., 2012, “NIST Smart grid Program Overview,” National Institute of Standards and
Technology, [Online]. Available:
http://www.nist.gov/smartgrid/upload/Smart_Grid_Program_Review_overview_-_arnold_-_draft1.pdf.
[11] Arnold, G. W., 2011, “NIST Smart Grid Activities,” National Institute of Standards and Technology,
[Online]. Available: http://www.nist.gov/smartgrid/upload/Arnold-HouseSTbriefing08312011gwa.pdf.
[12] “Attacking the Smart Grid,” 2011, Ernst & Young, [Online]. Available:
http://www.ey.com/Publication/vwLUAssets/Attacking_the_smart_grid/$FILE/Attacking-the-smart-
grid_AU1058.pdf.
[13] “Australia—Smart Grid—Major Players and Projects,” [Online]. Available:
http://www.budde.com.au/Research/Australia-Smart-Grid-Major-Players-and-Projects.html.
[14] Baker, S., Filipiak, N., and Timlin, K., 2011, “In the Dark,” McAfee, Inc. and Center for Strategic &
International Studies, [Online]. Available: http://www.mcafee.com/us/resources/reports/rp-critical-
infrastructure-protection.pdf.

Page | 110
[15] Baumeister, T., 2010, “Literature Review on Smart Grid Cyber Security,” Collaborative Software
Development Laboratory, University of Hawai’i, [Online]. Available: https://csdl-
techreports.googlecode.com/svn/trunk/techreports/2010/10-11/10-11.pdf.
[16] Belgi, S., 2013, “State of Cyber Security in Indian Electricity Industry,” India Smart Grid Forum,
[Online]. Available: http://indiasmartgrid.org/en/Lists/Member/Attachments/18/ISGD%20
Plenary%20III%20Subodh%20Belgi.pdf.
[17] Bowers, B., 2012, “ZigBee Wireless Security: A New Age Penetration Tester’s Toolkit,” Cisco,
[Online]. Available: http://www.ciscopress.com/articles/article.asp?p=1823368&seqNum=4.
[18] Braendle, M., and Kunsman, S. A., “Balancing the Demands of Reliability and Security—Cyber
Security for Substation Automation, Protection, and Control Systems,” ABB, [Online]. Available:
http://www02.abb.com/global/abbzh/abbzh254.nsf/0/86bf36c9469666ddc125791200336283/$file/whit
epaper_balancingreliabilitysecurity.pdf.
[19] “China,” 2013, IEEE Smart Grid, [Online]. Available: http://smartgrid.ieee.org/resources/public-
policy/china.
[20] “China Takes the Initiative as World Smart Grid Sales Climbed 30% in 2012,” 2013, The Smart Grid
Observer, [Online]. Available: http://www.smartgridobserver.com/n2-27-13-1.htm.
[21] “China’s Cyberattack Fears To Spark Massive Defense Spending,” 2012, Dark Reading, [Online].
Available: http://www.darkreading.com/vulnerability/chinas-cyberattack-fears-to-spark-
massiv/240007265.
[22] “China’s Energy Conditions and Policies,” 2007, Information Office of the State Council of the
People’s Republic of China, [Online]. Available:
http://www.china.org.cn/english/whitepaper/energy/237089.htm.
[23] Choi, M. S., Kim, S. O., Kim, C. H., Ju, S. H., Lim, Y. H., and Baek, J. M., “A guide to Design of
Security Protocol for Advanced Metering Infrastructure,” [Online]. Available:
http://isaa.sch.ac.kr/wisa2011/papers/S4%20-%20017%20-%20A%20guide%20to%20
Design%20of%20Security%20Protocol%20for%20Advanced%20Metering%20Infrastructure.pdf.
[24] Clayton, M., 2013, “Secret U.S. cybersecurity program to protect power grid confirmed,” Christian
Science Monitor, [Online]. Available: http://www.csmonitor.com/USA/2013/0103/Secret-US-
cybersecurity-program-to-protect-power-grid-confirmed.
[25] Cleveland, F. M., 2008, “Cyber security issues for Advanced Metering Infrastructure (AMI),” 2008
IEEE Power and Energy Society General Meeting—Conversion and Delivery of Electrical Energy in
the 21st Century, July 20–24, 2008, Pittsburgh, PA.
[26] Coleman, D., Diener, N., 2007, “Protecting WiFi Networks from Hidden Layer 1 Security Threats,”
Cisco. [Online]. Available: https://www.cisco.com/en/US/prod/collateral/wireless/ps9391/ps9393/
ps9394/prod_white_paper0900aecd807395b9.pdf.
[27] “Communications Requirements of Smart Grid Technologies,” 2010, U.S. Department of Energy,
[Online]. Available: http://www.smartgrid.gov/sites/default/files/
Smart_Grid_Communications_Requirements_Report_10-05-2010.pdf.
[28] Cupp, J. G., and Beehler, M. E., 2008, “Implementing Smart Grid Communications,” [Online].
Available: http://www.burnsmcd.com/Resource_/Article/5445/PdfFile/article-smartgrid-part2-084.pdf.

Page | 111
[29] Cyber security for substation automation products and systems,” ABB, [Online]. Available:
http://www05.abb.com/global/scot/scot354.nsf/veritydisplay/a9f7d0382eed155ac1257b96003b90d8/$f
ile/1KHA001149_A_en_Cyber_security_for_substation_automation_products_and_systems.pdf.
[30] “Cyber Security in Smart Grid—Market Size, Key Issues, Regulations and Outlook to 2020,” 2013,
Wall Street Journal, [Online]. Available: http://online.wsj.com/article/PR-CO-20130423-906946.html.
[31] “Cyber Security of the Smart Grids,” 2012, Expert Group on the Security and Resilience of
Communication Networks and Information Systems for Smart Grids, [Online]. Available:
http://ec.europa.eu/information_society/newsroom/cf/dae/document.cfm?doc_id=1761.
[32] “Cybersecurity and the grid: How bad is it and how do we make it better?” 2012, Smartgridnews.com,
[Online]. Available: http://www.smartgridnews.com/artman/publish/Technologies_Security/
Cybersecurity-and-the-grid-How-bad-is-it-and-how-do-we-make-it-better-4968.html#.UjxZDT_hcbt.
[33] “Cybersecurity for electric vehicle recharging to get $432 million jolt,” 2011, Infosecurity Magazine,
[Online]. Available: http://www.infosecurity-magazine.com/view/20131/cybersecurity-for-electric-
vehicle-recharging-to-get-432-million-jolt-/.
[34] “Cybersecurity Smart Grid Systems Market $7.25 billion by 2020, Zpryme Reports,” 2013, [Online].
Available: http://www.prurgent.com/2013-04-16/pressrelease293687.htm.
[35] “DOE has $20 million to dole out for cybersecurity innovations,” 2013, Smartgridnews.com, [Online].
Available: http://www.smartgridnews.com/artman/publish/Technologies_Security/DOE-has-20-
million-to-dole-out-for-cybersecurity-innovations-5510.html#.UbGEddL7CSo.
[36] Dondossola, G., Szanto, J., Masera, M., and Fovino, I. N., 2008, Int. J. Critical Infrastructures 4, no.
½, [Online]. Available: http://www.cert.fi/attachments/hvk-
materiaali/automaatio/5llzxzj69/effects_of_intentional_threats_to_power_substation.pdf.
[37] “Dutch Experts in Smart Grids, IT and Cyber Security Visit United States,” Smart Energy Universe,
[Online]. Available: http://www.smartenergyuniverse.com/spotlight/13355-dutch-experts-in-smart-
grids-it-and-cyber-security-visit-united-states.
[38] “Dynamic Communications for the Smart Grid,” 2010, Alcatel-Lucent, [Online]. Available:
http://www.smartgrids-cre.fr/media/documents/10_Alcatel-Lucent_SmartGrid.pdf.
[39] El-Gammal, M., “Overview of WiMAX Security,” [Online]. Available:
https://courses.cs.washington.edu/courses/csep590/06wi/finalprojects/el-gammal.doc.
[40] “Electric Cars Need Cybersecurity Too,” 2012, Regis University, [Online]. Available:
http://web.archive.org/web/20120311160650/http://www.regisdegrees.com/articles/electric-cars-need-
cybersecurity-too.asp.
[41] “Electric vehicles & smart grid integration,” 2011, Qualcomm, Inc, [Online]. Available:
http://www.qualcomm.com/media/documents/files/smart-grid-city-brochure.pdf.
[42] “Electric Vehicles cyber security investment to touch $432 mln by 2015,” 2011, International Business
Times, [Online]. Available: http://www.ibtimes.com/electric-vehicles-cyber-security-investment-
touch-432-mln-2015-260997.
[43] Elliott, C., 2011, “6 wireless threats to your business,” Microsoft, [Online]. Available:
http://www.microsoft.com/business/en-us/resources/technology/broadband-mobility/6-wireless-
threats-to-your-business.aspx?fbid=hCX9I3NSXGV.

Page | 112
[44] “End Use: Electric Transportation,” 2013, smartgridnews.com, [Online]. Available:
http://www.smartgridnews.com/artman/publish/End_Use_Electric_Transportation.
[45] “European renewable power grid rocked by cyber-attack,” 2012, Euractiv.com, [Online]. Available:
http://www.euractiv.com/energy/european-renewable-power-grid-ro-news-516541.
[46] “Executive Order—Improving Critical Infrastructure Cybersecurity,” 2013, The White House—
President Barack Obama, [Online]. Available: http://www.whitehouse.gov/the-press-
office/2013/02/12/executive-order-improving-critical-infrastructure-cybersecurity.
[47] Federal Energy Regulatory Commission, 2009, 18 CFR Part Chapter I. [Docket No. PL09-4-000],
Smart Grid Policy, [Online]. Available: http://www.ferc.gov/whats-new/comm-meet/2009/071609/E-
3.pdf.
[48] “First Year Progress Report,” 2012, India Smart Grid Forum, [Online]. Available:
http://indiasmartgrid.org/en/Documents/ISGF%20Progress%20Report%20-%20Year%201.pdf.
[49] Gardezi, Al, “Security in Wireless Cellular Networks,” 2006, [Online]. Available:
http://www.cse.wustl.edu/~jain/cse574-06/ftp/cellular_security.pdf.
[50] Ghansah, I., 2009, “Smart Grid Cyber Security Potential Threats, Vulnerabilities and Risks,”
California Energy Commission, PIER Energy—Related Environmental Research Program, CEC-500-
2012-047.
[51] Goodin, D., 2012, “Hack attack on energy giant highlights threat to critical infrastructure,”
Arstechnica.com, [Online]. Available: http://arstechnica.com/security/2012/09/hack-attack-on-energy-
giant-highlights-threat-to-critical-infrastructure/.
[52] Greenberg, A., 2013, “President Obama’s Cybersecurity Executive Order Scores Much Better Than
CISPA On Privacy,” Forbes, [Online]. Available: http://www.forbes.com/sites/andygreenberg/
2013/02/12/president-obamas-cybersecurity-executive-order-scores-much-better-than-cispa-on-
privacy.
[53] Greenway, R., 2013, “The Smart Grid and Electric Car Charging,” Environmental News Network,
[Online]. Available: http://www.enn.com/pollution/article/45688.
[54] Gustavsson, R., “Security Issues and Powerline Communication,” [Online]. Available:
http://www.isplc.org/docsearch/Proceedings/2001/pdf/0723_001.pdf.
[55] “Has cybersecurity been forgotten in rush to get electric cars to market?” 2011, Infosecurity Magazine,
[Online]. Available: http://www.infosecurity-magazine.com/view/15355/has-cybersecurity-been-
forgotten-in-rush-to-get-electric-cars-to-market/.
[56] Hoffman, S., 2012, “Report: Smart Grid Security Set for Growth,” Channelnomics, The Business of
Technology, [Online]. Available: http://channelnomics.com/2012/09/19/report-smart-grid-security-set-
growth/.
[57] “How the Smart Grid Enables Utilities to Integrate Electric Vehicles,” 2013, Silver Spring Networks,
[Online]. Available: http://www.silverspringnet.com/pdfs/whitepapers/SilverSpring-Whitepaper-
ElectricVehicles.pdf.
[58] IEC 60870-5, 2013, [Online]. Available: http://en.wikipedia.org/wiki/IEC_60870-5.
[59] IEC 61850, 2013, [Online]. Available: http://en.wikipedia.org/wiki/IEC_61850.

Page | 113
[60] IEC 62351, 2013, [Online]. Available: http://en.wikipedia.org/wiki/IEC_62351.
[61] IEEE Std 2030™, IEEE Guide for Smart Grid Interoperability of Energy Technology and Information
Technology Operation with the Electric Power System (EPS) and End-Use Applications and Loads.
[62] “In China, local smart grid equipment suppliers trump foreign names,” 2012, The Indian Express,
[Online]. Available: http://www.indianexpress.com/news/in-china-local-smart-grid-equipment-
suppliers-trump-foreign-names/1030433/0.
[63] “India Smart Grid Forum and India Smart Grid Task Force,” 2012, [Online]. Available:
http://www.desismartgrid.com/2012/07/india-smart-grid-forum-and-india-smart-grid-task-force/.
[64] India Electricity 2013, Ministry of Power, Government of India, Federation of Indian Chambers of
Commerce and Industry, Jan 16–18, 2006, New Delhi, India.
[65] India Smart Grid Task Force, 2013, [Online]. Available: http://www.isgtf.in.
[66] “Information Security 2012,” 2012, Information Security Policy Council (Japan), [Online]. Available:
http://www.nisc.go.jp/eng/pdf/is2012_eng.pdf.
[67] “Information Security Strategy for Protecting the Nation,” 2010, Information Security Policy Council
(Japan), [Online]. Available: http://www.nisc.go.jp/eng/pdf/New_Strategy_English.pdf.
[68] “Intrusion Detection System for Advanced Metering Infrastructure,” 2012, Electric Power Research
Institute, [Online]. Available:
http://www.epri.com/abstracts/Pages/ProductAbstract.aspx?ProductId=000000000001026553.
[69] “Japan: Tsunami Wakens the Smart Grid,” 2012, Zpryme, [Online]. Available:
http://smartgridresearch.org/standard/japan-tsunami-wakens-the-smart-grid.
[70] Kikkert, C. J., and Reid, G. D., 2009, “Is broadband over power-lines dead?” 2009 Australasian
Telecommunication Networks and Applications Conference (ATNAC), Nov. 10–12, 2009, Canberra,
Australia.
[71] Klimke, M., and Shire, C., 2011, “Smart Grid cyber attacks—Germany steps up the protection,”
Silicon Trust, [Online]. Available: http://silicontrust.wordpress.com/2011/09/23/smart-grid-cyber-
attacks-%E2%80%93-germany-steps-up-the-protection.
[72] Korea Smart Grid Institute, 2013, [Online]. Available: http://www.smartgrid.or.kr.
[73] “Korea’s Smart Grid Roadmap 2030: Laying the Foundation for Low Carbon, Green Growth by
2030,” 2010, Korea Smart Grid Institute, [Online]. Available:
http://www.smartgrid.or.kr/Ebook/KoreasSmartGridRoadmap.PDF.
[74] Krebs, B., 2012, “Smart meter hacks likely to spread: FBI,” Sydney Morning Herald, [Online].
Available: http://www.smh.com.au/it-pro/security-it/smart-meter-hacks-likely-to-spread-fbi-
20120410-1wm84.html
[75] Lang, M., and Mutschler, U., 2013, “BDEW Presents Roadmap for Implementing Smart Grids in
Germany Until 2022,” German Energy Blog, [Online]. Available:
http://www.germanenergyblog.de/?p=12133.
[76] Ling, A. P. A., Kokichi, S., and Masao, M., 2012, “The Japanese Smart Grid Initiatives, Investments,
and Collaborations,” International Journal of Advanced Computer Science and Applications 3, No. 7,
[Online]. Available: http://arxiv.org/pdf/1208.5394.

Page | 114
[77] Lockhart, B., and Gohn, B., 2011, “Utility Cyber Security,” Pike Research.
[78] McDonald, J., 2003, “Substation Integration and Automation—Approaches and Best Practices,”
KEMA Consulting, [Online]. Available:
http://www.ece.iit.edu/~flueck/chicago_pes/2002/SA_Fund_BestPractices.pdf.
[79] “Microgrids: The BRICS Opportunity,” 2012, Zpryme Research & Consulting, [Online]. Available:
http://smartgridresearch.org/standard/microgrids-the-brics-opportunity/.
[80] Mishra, R., 2012, “Smart grid VC funding shows signs of life,” The Hindu Business Line, [Online].
Available: http://www.thehindubusinessline.com/industry-and-economy/smart-grid-vc-funding-shows-
signs-of-life/article4034272.ece.
[81] Mo, Y., Kim, T. H. J., Brancik, K., Dickinson, D., Lee, H., Perrig, A., and Sinopoli, B, 2011, “Cyber-
Physical Security of a Smart Grid Infrastructure,” [Online]. Available:
https://sparrow.ece.cmu.edu/group/pub/Mo-Kim-etal-ProcIEEE-2011.pdf.
[82] “Modern Grid Benefits,” 2007, Conducted by National Energy Technology Laboratory for the U.S.
Department of Energy, [Online]. Available: http://www.netl.doe.gov/smartgrid/referenceshelf/
whitepapers/Modern%20Grid%20Benefits_Final_v1_0.pdf.
[83] Morgan, T., 2012, “Smart Grids and Electric Vehicles: Made for Each Other?” International Transport
Forum, [Online]. Available:
http://www.internationaltransportforum.org/jtrc/DiscussionPapers/DP201202.pdf.
[84] Murrill, B. J., Liu, E. C., and Thompson II, R. M., 2012, “Smart Meter Data: Privacy and
Cybersecurity,” Congressional Research Service, [Online]. Available:
http://www.fas.org/sgp/crs/misc/R42338.pdf.
[85] “National Cyber Security Policy of India Cleared By Cabinet Committee on Security (CCS),” 2013,
Centre Of Excellence For Cyber Security Research And Development In India (CECSRDI), [Online].
Available: http://ptlb.in/csrdci/?p=122&goback=%2Egde_1842898_member_240170298.
[86] National Institute of Standards and Technology, “Smart Grid Interoperability Panel (SGIP),” [Online].
Available: http://www.nist.gov/smartgrid/priority-actions.cfm.
[87] National Institute of Standards and Technology, 2011, “Catalog of Standards,” [Online]. Available:
http://www.nist.gov/smartgrid/catalog_of_standards.cfm.
[88] National SCADA Test Bed, Energy.gov, [Online]. Available: http://energy.gov/oe/national-scada-test-
bed.
[89] “NISTIR 7628: Guidelines for Smart Grid Cyber Security, Vol. 1, 2, and 3,” 2010, Smart Grid
Interoperability Panel Cyber Security Working Group, [Online]. Available:
http://www.nist.gov/smartgrid/upload/nistir-7628_total.pdf.
[90] NRECA/CRN, 2011, “Guide to Developing a Cyber Security and Risk Mitigation Plan,” DOE Award
No: DE-OE0000222, [Online]. Available: http://www.smartgrid.gov/sites/default/files/doc/files/
CyberSecurityGuideforanElectricCooperativeV11-2%5B1%5D.pdf.
[91] O’Donnell, A., “How to Secure Your HomePlug Powerline Network,” About.com, [Online].
Available: http://netsecurity.about.com/od/perimetersecurity/a/How-To-Secure-Your-Homeplug-
Powerline-Network.htm.

Page | 115
[92] Parikh, P. P., Kanabar, M. G., and Sidhu, T. S., “Opportunities and challenges of wireless
communication technologies for smart grid applications,” IEEE Power and Energy Society General
Meeting, July 25–29, 2010, Minneapolis, MN.
[93] Paruchuri, V., Durresi, A., and Ramesh, M., “Securing powerline communications,” 2008 IEEE
International Symposium on Power Line Communications and Its Applications, April 2–4, 2008, Jeju
City, South Korea.
[94] Phifer, L., 2010, “Top Ten Wi-Fi Security Threats,” Esecurityplanet.com, [Online]. Available:
http://www.esecurityplanet.com/views/article.php/3869221/Top-Ten-WiFi-Security-Threats.htm.
[95] “Pike Pulse Report: Smart Grid Cyber Security Threat Management,” Navigant Research, [Online].
Available: http://www.navigantresearch.com/research/pike-pulse-report-smart-grid-cyber-security-
threat-management.
[96] Pipke, H., “Smart Metering in Germany: Merkel, EnWG and the energy transition,” Smart Grid
Sherpa, [Online]. Available: http://smartgridsherpa.com/blog/smart-metering-in-germany-merkel-
enwg-and-the-energy-transition.
[97] Pollock, Z., 2013, “Venture Capitalists Don’t Know How to Invest in the Smart Grid,”
Greentechmedia.com, [Online]. Available: http://www.greentechmedia.com/articles/read/Venture-
Capitalists-Dont-Know-How-to-Invest-in-the- Smart-Grid.
[98] “Power Line Communications,” Radio Amateurs of Canada, [Online]. Available:
https://www.rac.ca/en/amateur-radio/regulatory/threats/power-line-communications.php.
[99] Prabhu, R., 2013, “Smart Grid Receives $434 Million in VC Funding, $17 billion in M&A transactions
recorded,” Engineering Review, [Online]. Available:
http://www.engrreview.com/Editorial_pages/2013/02/ER0213_Client-Tech_22.html.
[100] Radford, B. W., “Wellinghoff Weighs In,” Fortnightly’s Spark, [Online]. Available:
http://spark.fortnightly.com/fortnightly/wellinghoff-weighs?page=0%2C0.
[101] “Report on Green Energy Corridor,” 2012, Power Grid Corporation of India Ltd., [Online]. Available:
http://www.indiaenvironmentportal.org.in/files/file/Report-Green%20Energy%20corridor.pdf.
[102] Sailor, J. C., Naik, H., and Kulkarni, S. U., “Substation Automation Integration & IEC 61850
Technical Issues in Indian Power Sector,” International Conference on Science & Engineering
Technology—April 2011, [Online]. Available:
http://www.bvucoepune.edu.in/pdf's/Research%20and%20Publication/Research%20Publications_201
0-11/International_Conference_2010-2011/Substation%20Automation%20Integration.pdf.
[103] Sanger, D. E., and Schmitt, E., 2012, “Rise Is Seen in Cyberattacks Targeting U.S. Infrastructure,”
New York Times, [Online]. Available: http://www.nytimes.com/2012/07/27/us/cyberattacks-are-up-
national-security-chief-says.html?_r=3&.
[104] “SCADA,” 2013, [Online]. Available: http://en.wikipedia.org/wiki/SCADA.
[105] Scarfone, K., Tibbs, C., and Sexton, M., 2010, “Guide to Securing WiMAX Wireless
Communications: NIST Special Publication 800-127,” National Institute of Standards and Technology,
[Online]. Available: http://csrc.nist.gov/publications/nistpubs/800-127/sp800-127.pdf.
[106] Schelmetic, T., 2012, “Future of Electric Vehicles May Ride on Smart Grid and Charging
Technologies,” Thomasnet News, [Online]. Available:

Page | 116
http://news.thomasnet.com/green_clean/2012/09/05/future-of-electric-vehicles-may-ride-on-smart-
grid-and-charging-technologies/.
[107] “Security at the LTE Edge,” 2012, Stoke, Inc., [Online]. Available:
http://www.stoke.com/GetFile.asp?f=773c699a3cd639530245b2ee5a4aa4ce.
[108] “Security for the Smart Grid,” 2009, Cisco, [Online]. Available:
http://www.cisco.com/web/strategy/docs/energy/white_paper_c11_539161.pdf.
[109] “Security Issues with Distributed Web Applications,” Indusoft.com, [Online]. Available:
http://www.indusoft.com.pl/article87a7.html?type=article&artid=30&lan=en/nternet/intranet/HMI.
[110] “SGCC Framework and Roadmap for Strong & Smart Grid Standards,” 2012, State Grid Corporation
of China, [Online]. Available: http://esci-ksp.org/?publication=sgcc-framework-and-roadmap-for-
strong-smart-grid-standards.
[111] Shinkawa, T., 2010, “Smart Grid and beyond,” NEDO, [Online]. Available:
http://bnef.com/InsightDownload/6928/pdf.
[112] “Smart Electric Vehicle Charging Will Necessitate Greater Utility Investment in Cyber Security
Systems,” 2011, Navigant Research, [Online]. Available:
http://www.navigantresearch.com/newsroom/smart-electric-vehicle-charging-will-necessitate-greater-
utility-investment-in-cyber-security-systems.
[113] “Smart Grid: China Leads Top Ten Countries in Smart Grid Federal Stimulus Investments,” 2010,
[Online]. Available: http://web.archive.org/web/20100203153413/http://www.zpryme.com/news-
room/smart-grid-china-leads-top-ten-countries-in-smart-grid-federal-stimulus-investments-zpryme-
reports.html.
[114] “Smart Grid Community Alliances and Stakeholders,” Quality Logic, [Online]. Available:
http://www.qualitylogic.com/Contents/Smart-Grid/Technology/NERC-CIP-002-009.aspx.
[115] “Smart Grid Cyber Security Market & Electrical Energy Storage Technology in the Intelligent Grid
Analyzed in New Market Research Reports,” 2012, PR Newswire, [Online]. Available:
http://www.prnewswire.com/news-releases-test/smart-grid-cyber-security-market--electrical-energy-
storage-technology-in-the-intelligent-grid-analyzed-in-new-market-research-reports-170005586.html.
[116] Smart Grid for India, 2013, [Online]. Available: http://smartgrid-for-india.blogspot.in.
[117] “Smart Grid Implementation & Standardization in China,” 2011, State Grid Corporation of China,
[Online]. Available: http://www.smartgrid.com/wp-content/uploads/2011/09/6___Changyi.pdf.
[118] Smart Grid Interoperability Panel, “Value Proposition,” [Online]. Available:
http://sgip.org/about_us/#SGIP-value-proposition.
[119] “Smart Grid Technology Market to Total $494 Billion in Cumulative Revenue from 2012 to 2020,”
2013, The Smart Grid Observer, [Online]. Available: http://www.smartgridobserver.com/n3-6-13-
1.htm.
[120] “Smart Grid Vision and Roadmap for India,” 2013, Ministry of Power, Government of India, [Online].
Available: http://indiasmartgrid.org/en/Lists/News/Attachments/154/India%20
Smart%20Grid%20Forum%20Booklet.pdf.

Page | 117
[121] “Smart Grid’s Utility Enterprise Market to Hit $8.2 Billion, Says GTM Research Report,” 2011,
greentechmedia.com, [Online]. Available: https://www.greentechmedia.com/articles/read/smart-grid-
asset-deployment-driving-need-for-utility-enterprise-overhaul/.
[122] “Smart grids: Best practice fundamentals for a modern energy system,” 2012, World Energy Council,
[Online]. Available: http://www.worldenergy.org/documents/20121006_smart_grids_best_practice_
fundamentals_for_a_modern_energy_system.pdf.
[123] “Smart Grids in Europe,” 2011, Navigant Research, [Online]. Available:
http://www.navigantresearch.com/research/smart-grids-in-europe.
[124] “Smarter Protection for the Smart Grid,” 2012, McAfee, Inc. [Online]. Available:
http://www.mcafee.com/us/resources/reports/rp-smarter-protection-smart-grid.pdf.
[125] Sodha, N. S., Kumar, S., and Wadhwa, K., 2013, “Smart Grid Processes, People and Policies,”
International Smart Grid Action Network, [Online]. Available: http://www.iea-
isgan.org/?r=home&m=upload&a=download&uid=1348.
[126] “South Korea blames North Korea for cyberattack,” 2013, CBC News, [Online]. Available:
http://www.cbc.ca/news/world/story/2013/04/10/cyberattack-south-korea-blames-north-korea.html.
[127] St. John, J., 2012, “Smart Grid Cybersecurity Alert: Telvent Reports Attack,” greentechmedia.com,
[Online]. Available: http://www.greentechmedia.com/articles/read/smart-grid-cybersecurity-alert-
telvent-reports-hack.
[128] St. John, J., 2012, “The Top Trends in Smart Grid Analytics,” Greentechgrid.com, [Online]. Available:
http://www.greentechmedia.com/articles/read/the-top-trends-in-smart-grid-analytics.
[129] St. John, J., 2013, “Report: US Smart Grid Cybersecurity Spending to Reach $7.25B by 2020,”
Greentechgrid.com, [Online]. Available: http://www.greentechmedia.com/articles/read/report-u.s.-
smart-grid-cybersecurity-spending-to-reach-7.25b-by-2020.
[130] “Technology Roadmap: Smart Grids,” 2011, International Energy Agency, [Online]. Available:
http://www.iea.org/publications/freepublications/publication/smartgrids_roadmap.pdf.
[131] Tewari, D., “Preventing Tomorrow’s Blackout,” Fortnightly’s Spark, [Online]. Available:
http://spark.fortnightly.com/fortnightly/preventing-tomorrows-blackout.
[132] The 2nd World Smart Grid Conference Middle East, [Online]. Available:
http://www.szwgroup.com/SGME2013.
[133] “The Second Action Plan on Information Security Measures for Critical Infrastructures,” 2009,
Information Security Policy Council (Japan), [Online]. Available:
http://www.nisc.go.jp/eng/pdf/actionplan_ci_eng_v2.pdf.
[134] Tung, A., 2011, “China beefs up its smart grid,” Chinadaily.com.cn, [Online]. Available:
http://www.chinadaily.com.cn/bizchina/2011-08/04/content_13052300.htm.
[135] Ungerleider, N., 2011, “Car Jack-Jacking: Cybersecurity Is The Next Challenge For Electric
Vehicles,” Fastcompany.com, [Online]. Available: http://www.fastcompany.com/1773951/car-jack-
jacking-cybersecurity-next-challenge-electric-vehicles.
[136] United States Department of Energy, 2012, “Smart Grid Investment Grant Program—Progress
Report,”[Online]. Available:

Page | 118
http://energy.gov/sites/prod/files/Smart%20Grid%20Investment%20Grant%20Program%20-
%20Progress%20Report%20July%202012.pdf.
[137] United States Government Accountability Office, 2012, “Cybersecurity—Challenges in Securing the
Electricity Grid,” [Online]. Available: http://www.gao.gov/assets/600/592508.pdf.
[138] Wang, Y., 2012, “China’s Smart Grid Program: One Goal, Two Main Lines, Three Stages and More,”
IEEE Smart Grid, [Online]. Available: http://smartgrid.ieee.org/october-2012/684-china-s-smart-grid-
program-one-goal-two-main-lines-three-stages-and-more.
[139] Wen, J., He, H., 2011, “China’s Approach to the Smart Grid,” IEEE Smart Grid, [Online]. Available:
http://smartgrid.ieee.org/july-2011/99-chinas-approach-to-the-smart-grid.
[140] “What the Smart Grid Means to America’s Future,” Prepared for the U.S. Department of Energy by
Litos Strategic Communication under contract No. DE-AC26-04NT41817, Subtask 500.01.02,
[Online]. Available:
http://energy.gov/sites/prod/files/oeprod/DocumentsandMedia/TechnologyProviders.pdf.
[141] “White Paper—Data Communication in Substation Automation System (SAS) (WP 1004HE – Part
5),” 2012, Hirschmann—A Belden Brand, [Online]. Available:
https://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&cad=rja&ved=0CC8QFjA
A &url=http%3A%2F%2Fwww.profiteksa.com%2Fpdfs%2Ftech-talk%2Fwhitepaper-5-cyber-
security-in-substation-communication-networks.pdf&ei=HvhjUbvhGaSSiAeK5IGgCA&usg=
AFQjCN G0s1Yi5mNvyWyOD6XdzXWFhmBJeg.
[142] “Wi-Fi
®
for the Smart Grid: Mature, Interoperable, Secure Technology for Advanced Smart Energy
Management Communications,” 2010, Wi-Fi Alliance, [Online]. Available: http://www.wi-
fi.org/knowledge-center/white-papers/wi-fi%C2%AE-smart-grid-mature-interoperable-secure-
technology-advanced.
[143] Wilson, T., 2012, “Study: Cybersecurity Market To Double In Next Five Years,” Darkreading.com,
[Online]. Available: http://www.darkreading.com/security/security-management/240003251/study-
cybersecurity-market-to-double-in-next-five-years.html
[144] Witcher, K., 2005, “Fiber Optics and its Security Vulnerabilities,” SANS Institute, GIAC Security
Essentials Certification (GSEC) Practical Assignment v. 1.4c, [Online]. Available:
http://www.sans.org/reading-room/whitepapers/physcial/fiber-optics-security-vulnerabilities-
1648?show=fiber-optics-security-vulnerabilities-1648&cat=physcial.
[145] Wollman, D., 2011, “NIST Smart Grid Program—Overview for Smart Grid Task Force,” National
Institute of Standards and Technology, [Online]. Available:
http://www.nist.gov/smartgrid/upload/NISTsmartgrid_overview_SGTF_wollman-Apr2011.pdf.
[146] www.fortnightly.com.
[147] Xu, D., Wang, M., Wu, C., and Chan, K., 2010, “Evolution of the smart grid in China,” [Online].
Available: http://www.mckinsey.com/~/media/mckinsey/dotcom/client_service/EPNG/PDFs/
McK%20on%20smart%20grids/MoSG_China_VF.ashx.
[148] “Yes it can happen here: Poughkeepsie utility hacked,” 2013, smartgridnews.com, [Online]. Available:
http://www.smartgridnews.com/artman/publish/Technologies_Security/Yes-it-can-happen-here-
Poughkeepsie-utility-hacked-5553.html#.UTXF3tadtja.

Page | 119
[149] Yu, Y., Yang, J., and Chen, B., 2012, “The Smart Grids in China—A Review,” Energies 5, [Online].
Available: http://www.mdpi.com/1996-1073/5/5/1321/pdf.
[150] Zhou, N., Fridley, D., McNeil, M., Zheng, N., Ke, J., and Levine, M., 2011, “China’s Energy and
Carbon Emissions Outlook to 2050,” Ernest Orlando Lawrence Berkeley National Laboratory,
[Online]. Available: http://eaei.lbl.gov/sites/all/files/LBL_4472E_Energy_2050.April_.2011_1.pdf.



Page | 120
Authors

Kishan Bhat
Ankur Kaul
Shravani Sinha
Vikram Sundarraj