Building in Security
AS WE ENGINEER THE SMART electric power grid, it may be tempting to look at grid security and reliability as an end-goal rather than a process. However, history is replete with examples suggesting that few things are truly secure or constant. We can count on the fact that today's electric grid is going to age, vegetation is going to encroach on the right of way, storms are going to pass through and the grid is likely to experience increased levels of malicious cyber and physical attacks. Today's secure design will surely be challenged followed by tomorrow's force majeure and vulnerability exploitation.
In the news, we have seen recent severe weather and geologic activity disrupt power. All too often we hear of another cyber breach. The reality is that we are operating in a harsh environment. Organizations with static defense systems are already in trouble. Organizations that actively refresh their operations, train their employees and work with new technologies are in the best position to keep their part of the electric grid robust, reliable and resilient.
History is rich with ideas that can help organizations shake off the tendency to think they have reached a secure grid design and shift over to a dynamic process perspective.
The Fort McHenry Metaphor teaches that technology and time render existing defenses useless. In 1812, Fort McHenry guarded the entry to Baltimore's Inner Harbor. Through the use of its people, technology and operations, the fort successfully repelled an attack on the city and prevented enemy access to assets critical to the young United States. Today, the same fort is irrelevant to the defense of critical national assets in the Mid-Atlantic region.
To prevent substations from becoming historical artifacts, we must continually incorporate new information. As microprocessor-based devices move deeper into the grid structure, vast volumes of data suddenly become available. The learning challenge is to figure out how to gather, qualify, organize and present that data in a timely way so that actionable information harmonizes with operational and organizational priorities. If technology and time render all defenses useless, then the moment we stop learning from the grid is the moment the grid is completely insecure.
The Shewhart/Deming Principle says that high-quality systems never stop improving, so gather data, make adjustments, update your plans and keep pushing toward constant improvement. This process model transformed industrial manufacturing and incorporated a methodology for continuous process improvement. If applied to the national grid, the Deming Cycle suggests that a secure, robust and resilient grid will require continuous improvement in order to ever more closely approximate total quality and reliability.
The Defense-in-Depth Concept says to think in layers, and constantly use people, technology and operations to form layers of defense around critical assets.
Military history teaches that there is no perfect defense. Some modern thought indicates that layers of defense, or defense in depth, are highly effective in deterring or delaying exploits. In a document prepared for the National Security Agency, defense in depth is described as being built on three pillars - people, technology and operations.
The North American Electric Reliability Corp. indicates that the reliability standards, as a whole, act as a defense in depth for the bulk power system. We are all familiar with NERC's reliability standards. Whether focused on vegetation management in the right of way, relay protection, or critical assets, these standards motivate continuous vigilance and measurable improvement.
Continuous improvement and learning, compliance with reliability standards and effective defense in depth all contribute to the process of making our electric power grid more robust, resilient and secure. When compliance with reliability and technology standards goes beyond simply avoiding penalties and adopting new protocols and becomes the foundation for improving our people, our technologies, and our operations, then we will more closely approach the ideal we seek.
No discussions yet. Start a discussion below.