The Digital Universe and the Smart Grid

Categories: IT Security

Among the materials associated with their just-released report on the Digital Universe, IDC has just posted a new Youtube video of John Gantz and David Reinsel, called “The Digital Universe and the Internet of Things,” discussing the implications of this massive explosion of data.

John mentions the Smart Grid as an example of machine-generated information. The conclusions he draws about the security implications of the data explosion in general regarding security and privacy certainly apply to Smart Grid. For example, he calls out the critical role that standards have to play in addressing security and privacy issues raised by the growth of the digital universe. But there are also unique security opportunities implied by the participation of the Smart Grid in the Internet of Things.

The Smart Grid is characterized by fundamental changes in process and in technology. For example, the old business process of collecting information on electric usage at discrete intervals, and typically by manual reading of individual meters, is replaced by continuous or semi-continuous connectivity between the meters and the data collection systems. This is supported by technological advances such as the smart meter, which further enables not just recording usage but also regulating usage (when agreed to by the consumer).  These changes in both process and technology contribute to the dramatic increase in data generated in the Smart Grid. The automated and continuous collection of usage information, for example, enables more complex communication between the meter and the operational systems that itself results in more data being generated about those conversations and the state of the system. This data in turn becomes the source of more information as a result of analytics, resulting in derived knowledge not only about risk of equipment failure, patterns of usage, predictions of load and so on, but also about potential areas of security vulnerability, privacy exposures and incursions by cyber attackers.

For example, the usage information propagated from smart meters to provider billing and operational systems provides a level of detail about the consumer that would have been to difficult to collect with the earlier generations of meters and data collection processes. What level of risk this implies for the consumer is still to be determined; is it really feasible, for example, for an attacker to use usage information to derive intelligence about when a family is on vacation or to plan social engineering attacks? But what is clear is that this information provides a significant opportunity for the energy provider, especially in collaboration with other providers and with national and international security organizations, to look for anomalies in usage patterns that indicate not only potential operational issues such as equipment failure but also cyber attacks on the infrastructure, such as attempts to use the Smart Grid communications mechanisms to propagate malware, create damaging demand patterns or mask compromised environments. It’s the participation of the Smart Grid in the Internet of Things that really enables this opportunity for improved security through analysis of Smart Grid data.

This is true in other areas of the Smart Grid as well. For example, data regarding user interaction with billing systems and customer support can be collected and abstracted by tools like Silver Tail Systems Streamview in order to create general patterns of user activity. Actual user activity, such as by new or un-recognized accounts, can then be compared against these patterns in order to detect anomalous behavior that could signal security and privacy risks. This derived security  intelligence is potentially of huge value both to consumers and to their energy providers in the protection of user identity, assets and privacy.

The explosion of data that IDC explores in this video and in the report that it references certainly has important security and privacy implications. But it is also an exciting opportunity for new models for providing security and protecting privacy.

Bob Griffin
Author:

Bob Griffin is Chief Security Architect at RSA, the Security Division of EMC, where he is responsible for technical architecture, standards and strategy, particularly for RSA’s data security products. He represents EMC to several standards organization, including as co-chair of the OASIS Key Management Interoperability Protocol (KMIP) technical committee. Bob has extensive experience in security strategy, corporate governance, business process transformation and software development. He has had the primary architectural responsibility for a number of production systems environments and for major software engineering projects at RSA, Entrust and Digital Equipment Corporation,. He is a frequently requested speaker for professional and industry conferences and has instructed courses within both professional and university settings.