Category Archives: cyber

Energy efficiency in smart grid communications – Dr Zoya Pourmirza

Data reduction algorithm for correlated data in the smart grid – an open access paper for the IET Smart Grid Journal

About the Lead Author

dsc01229

Dr Zoya Pourmirza, is a research associate at Newcastle University within the School of Electrical and Electronic Engineering. She was awarded her PhD in Information and Communication Technology (ICT) Architecture for Smart Grids from University of Manchester in 2015. Her research expertise includes Smart Grids ICT networks, cyber-security, communication energy efficiency, and data compression.

Zoya carries out a wide range of research for CESI in the area of cyber-security on energy and transport systems.

Contact:- Zoya.Pourmirza@newcastle.ac.uk

About the Co-authors

Dr Sara Walker, School of Engineering, Newcastle University, Newcastle upon Tyne, UK

John Brooke, Freelance Consultant, Manchester, UK

About the Paper

LINK TO THE PAPER

Smart grids are intelligent electrical networks that incorporate information and communication technology (ICT) to provide data services for the grid. In this work, we investigated an ICT architecture at the level of the electrical network where monitoring and control have not previously been deployed. Energy constraints are one of the major limitations of the ICT in the Smart Grid, especially where wireless networking is proposed. The main contribution of this paper is that we proposed a data reduction algorithm suitable for Smart Grid applications which significantly improves the energy efficiency of the communication network by minimizing the communication energy cost while maintaining the integrity and quality of data.

One approach to providing energy efficiency in the communication system is to use a data reduction algorithm to reduce the volume of data prior to transmission. Our survey of data compression algorithms showed that there is no single method that is superior for all forms of data streams. Therefore, we designed and developed a practical data reduction algorithm called DRACO (Data Reduction Algorithm for COrrelated data), on the basis of readings from monitoring devices that are typical of electricity network data patterns. In applications where the metering devices collect data with a high acquisition rate and transmit them to a control unit, a great degree of data correlation occurs. Taking this fact into consideration, we developed a data reduction algorithm that discards the redundant parts between each two consecutive measured values and transmits the changing parts only: these parts are a small portion of the binary representation. This algorithm can improve the energy efficiency of the communication network by transmitting a smaller volume of data while keeping data integrity.
DRACO is envisaged to be implemented on resource-constrained sensors, therefore simplicity in the design of the algorithm is a key issue. It also provides a low level of security for communication between devices since we are transmitting a modified or cipher data instead of raw data.

Validation

In this paper we examined the efficiency of DRACO on both simulated data and real data collected from the substation level of the Grid, which were produced at a very high sampling rate. We demonstrated DRACO can achieve compression ratios of 70%–99% depending on the data characteristics. Figure below shows compression efficiency over 70% for simulated data.

Figure 1 Effect of DRACO on simulated data

Experimentation

In this paper, we conducted several evaluations and comparisons. For example, we designed an experiment to assess the effect of various sampling rates on the efficiency of DRACO. We examined the data being logged with different frequencies. Figure 2 below shows that, as the frequency of the data acquisition rate increases, the original size of the data will increase. However, as we start to sample more frequently, the correlation between every two consecutive values is higher and DRACO performs best on data with stronger correlations. So, the difference between the original data size and the DRACO reduced data size also grows. Thus, with a higher sampling rate, we could transmit more data about the network, and with the use of the DRACOs we could send this data more efficiently in terms of data volume.

Figure 2 Data acquisition rate evaluation

The team also designed another experiment to examine the effect of DRACO on the bit rate. This experiment was carried out to determine the link between significant events in the actual data profile and the maximum/minimum bit rate. As shown in the figure below, the correlation between the two graphs indicates the dependency of the data transfer rate on the rate of change of the quantity being measured (e.g. total active power).

Finally, to assess the efficiency of the DRACO we compared its performance with other data reduction algorithms and showed it performs reasonably good in these comparisons.

Figure 3 Total active power (kW) (top figure) and the corresponding bit rate (bottom figure)

Conclusion

In this work, we focused on proving the communication energy awareness and concluded that DRACO is suitable for smart grid applications since it optimizes the network resource consumption and reduces the communication energy cost while maintaining the integrity and quality of data. In near future, the growth in the number of monitoring devices in the smart grid will lead to an explosion in data volume, which will cause storage and network congestion problems. DRACO could also be an initial point for addressing these problems.

The full paper is available to view online.

LINK TO THE PAPER

A CESI researcher’s secondment journey to the Government – Dr Zoya Pourmirza

The year 2020 will be remembered as an extraordinary year with the news of COVID outbreak. In January 2020, I started my one-year secondment as an advisor providing technical consultation to the UK Government Office for Zero Emission Vehicles (OZEV)”.

About the Author

dsc01229

Dr Zoya Pourmirza, is a research associate at Newcastle University within the School of Electrical and Electronic Engineering. She was awarded her PhD in Information and Communication Technology (ICT) Architecture for Smart Grids from University of Manchester in 2015. Her research expertise includes Smart Grids ICT networks, cyber-security, communication energy efficiency, and data compression.

Zoya carries out a wide range of research for CESI in the area of cyber-security on energy and transport systems.

Contact:- Zoya.Pourmirza@newcastle.ac.uk

The UK Government’s Office for Zero Emission Vehicles (OZEV) is a cross-government team between the Department for Transport and the Department for Business, Energy and Industrial Strategy, supporting the transition to zero emission vehicles (ZEVs). As soon as I started, following a warm welcome from the team, I was impressed by devotion and dedication of the team. Within a few months into the role, while I was enjoying working with the team and gaining new experiences, the UK went into the lockdown. In the following months, we moved all our activities to online platforms which are known to all of us.

This secondment was planned to assist shaping a more secure EV eco-system in future. In 2019, Government consulted on cyber security requirements for smart chargepoints. There is an intention to follow with legislation mandating requirements for smart chargepoints, including cyber security, in 2021. My work was intended to help informing Government approach in 2021 legislation.

My tasks during this Secondment was to support different workstreams with OZEV and wider work in BEIS on smart energy cybersecurity. This included:

Project 1 – EVHS grant scheme

Electric Vehicle Homecharge Scheme (EVHS) is a grant provided by the OZEV, designed to offer an additional incentive to EV drivers. EV manufacturers who wish to apply for authorisation for chargepoints under EVHS should confirm they comply with EVHS technical specifications. In terms of cyber security specifications, OZEV requires chargepoints to be accessed by using the Open Charge Point Protocol (OCPP v1.6 or above). During my time at DfT I assessed how many EVHS grant applications were likely meeting or not complying with requirements on cyber security, and if these applications are considering a similar level of cyber security measures provided in the OCPP. I also recommended some specific changes to be made to the scheme requirements, which are being considered by Government.

Project 2BSI PAS review

The British Standards Institution (BSI) has been sponsored by Government to develop two PAS standards. The PAS 1878 is for Energy Smart Appliances (ESA), including smart chargepoint cyber security requirements and PAS 1879 is for a Demand Side Response (DSR) framework. The DSR framework PAS is intending to develop the ‘environment’ within which ESAs can operate. Both PAS’s involved cyber security considerations. The cyber security approaches employed in these standards are encryption and Public Key Infrastructure (PKI). The end-to-end secure framework is intended to:

  • provide secure assets, these assets are such as Energy Smart Appliance (ESA) and Consumer Energy Manager (CEM)
  • verify the actors such as Demand Side Response Provider (DSRSP)
  • provide a secure communication between ESA and CEM, and between CEM and DSRSP

During my time at BEIS, I reviewed the draft PAS standards at different stages of their development and recommended a series of changes to improve the standard and better embed cyber security within them. These comments were welcomed by the standard leads, and it is expected to be reflected in the final version.

Project 3 Cyber risk assessments – I worked along the BEIS team and the PA consulting on cyber risk assessment for smart energy systems to identify the risks and shape appropriate mitigations techniques. This work is underway within the BEIS team and will be completed in 2021. In this study we realised that as the proliferation of smart energy devices including EV smart chargepoints and associated smart energy platforms increases, the cyber security risks will grow too. These risks will become material in 2025. For example, the ability for a large number of smart energy devices to be switched on or off at the same time, which will cause a large power swing on the electricity network, is one of the main risks identified by the team.

Project 4 – Reports and recommendations

I shaped a report for the Government discussing the cyber security challenges in smart energy system and EV chargepoints, the risks and mitigation techniques, and the future roadmap. The recommendation provided in this report could potentially inform the legislation this year.

Thoughts on the experience

All these tasks were carried out to pave the way for a more secure future of the EV ecosystem. My sincere thanks to both teams at the Newcastle University and the Government who provided this unique opportunity for me to get involved in Government’s policy development and legislation process and develop new skills. This was an extremely valuable experience working at the heart of civil service to provide consultation and apply my expertise to help meet the key government objectives for EV smart charging.

How concerned should I be about my smart meter security? – Dr Zoya Pourmirza

With Smart Grids comes data and communication infrastructure and the associated unease of how we keep this data and infrastructure safe.  This article aims to raise awareness, by sharing knowledge about cyber-security considerations behind the UK smart metering infrastructure and it’s rollout.


About the Author

dsc01229

Dr Zoya Pourmirza, is a postdoctoral research associate at Newcastle University within the School of Electrical and Electronic Engineering. She was awarded her PhD in The Information and Communication Technology (ICT) Architecture in the Smart Grid from University of Manchester. Her research expertise includes Smart Grids ICT networks, cyber-security, communication energy efficiency, and data compression.

Zoya carries out a wide range of research for CESI in the area of cyber-security on energy systems.

Contact:- Zoya.Pourmirza@newcastle.ac.uk


Smart Grids comprise a number of different networks that offer communication infrastructure at the various levels within the power grid. For example:

  • Supervisory control and data acquisition (SCADA)
  • Advanced Metering Infrastructure (AMI)
  • Customer Energy Management Systems

Amongst these communication networks, the AMI system has received significant concerns. These disquiets are mostly around security and privacy of consumers. Most of these concerns could be the result of negative media coverage or lack of knowledge of the AMI system operating as a whole system, while its components are interacting together.

A peace of mind for the Smart Grid customers

It is worth noting that the smart metering infrastructure is not a single component or function, but it is a whole system. This implies that looking into the cyber-security issues of a single component such as a smart meter, individually, would probably give invalid results.

Accordingly, the Department of Energy & Climate Change (DECC) and GCHQ designed the AMI system in such a way that no single compromise would offer a significant impact. The DECC/GCHQ security team developed practical cyber-security control by using the “trust modelling” and “threat modelling” approaches. The former model refers to understanding how different players in the AMI system interact, and where trust needs to be managed. The latter model considers a set of hypothetical intentional/unintentional attack model that could cause an impact. Therefore, cyber-security should not be viewed as a hindrance to the GB smart meter roll out.

Components of the Advanced Metering Infrastructure (AMI)

Organisations involved in the design of the whole smart metering system are:

  • Gas and electricity meters, and related equipment
  • Distributed Network Operators (DNOs)
  • Data Communication Company (DCC)
  • Communication Service Provider (CSP)
  • Third parties (e.g. price comparison websites)
How to curtail the impact of vulnerabilities in a Meter

Although it is not possible to build a 100% secure system, but the best practice is to minimise the impact of the vulnerabilities by providing a balance between security, affordability, and business needs, while meeting the policy and national security objectives.

The following chart visualises security concerns, potential attacks, and countermeasures in the AMI system through a number of phases where an attacker tries to gain access to the smart meter to create a negative impact on the power grid.

 

This article, however, does not suggest that it is impossible to compromise the AMI system, but it discusses it would be a relatively arduous process to cause severe impact on the power grid, and customers are not as vulnerable as what they think they are. Therefore, while researchers should take the security and data privacy into consideration, we can focus our energy and resources on cyber-securing other segments of the Smart Grid, which can cause greater negative impacts on the power grid infrastructure and customers.

 Reference:

Gov.uk. (2014). Smart Metering Implementation Programme: Great Britain Companion Specification version 0.8 – GOV.UK. [online] Available at: https://www.gov.uk/government/consultations/smart-metering-implementation-programme-great-britain-companion-specification-version-08.

Cyber-Security in Smart Grid: Fact vs Hype – Dr Zoya Pourmirza


About the Author

dsc01229

Dr Zoya Pourmirza, is a postdoctoral research associate at Newcastle University within the School of Electrical and Electronic Engineering. She was awarded her PhD in The Information and Communication Technology (ICT) Architecture in the Smart Grid from University of Manchester. Her research expertise includes Smart Grids ICT networks, cyber-security, communication energy efficiency, and data compression.

Zoya carries out a wide range of research for CESI in the area of cyber-security on energy systems.

Contact:- Zoya.Pourmirza@newcastle.ac.uk


Introduction

The Smart Grid has three main characteristics which are, to some degree, antagonistic. These characteristics are the provision of good power quality, energy cost reduction and improvement in the reliability of the grid. The need to ensure that they can be accomplished together demands much richer Information and Communications Technology (ICT) networks than the current systems available. The addition of the ICT to the legacy grid raises concerns among various stakeholders such as consumers, utilities, and regulators. Cyber security is emerging as an important and critical element of modern energy systems that could jeopardise the availability and reliability of energy systems if compromised.

Risks and vulnerabilities associated to cyber-security in Smart Grids

The modern cyber-physical energy system that couples the communication networks to the legacy grid introduces more cyber risks and vulnerabilities, which can seriously affect the energy systems in terms of operation and reliability. While dependability against relatively rare physical failures can be argued on a “one out of n” basis, cyber-attacks have the potential to damage “n out of n” systems simultaneously, because security vulnerabilities can be exploited in parallel. This is particularly worrying as the physical dimension of energy systems is prone to cause a cascading effect in case of targeted failures.

Some of the critical vulnerabilities of smart energy system have been identified as:

  • Physical vulnerabilities
  • Platform vulnerabilities
  • Policy vulnerabilities
  • Interdependency vulnerabilities
  • Information and Communication Technology (ICT) system vulnerabilities.

Impacts:

The full extent of these impacts is, however, hard to grasp due to their highly complex and interdisciplinary nature, and the interdependencies between energy systems and a fast-changing ICT landscape. Any attack on the ICT of the energy system will, therefore, have negative impacts of varying severity on energy system operation. There is a wide range of possible attacks against the ICT of the energy systems. According to the US National Institute of Standards and Technology (NIST), those targeting the availability, integrity, and confidentiality of the ICT are of the highest importance. Such attacks are usually undertaken to:

  • Mislead the operation and control of the utility provider
  • Manipulate market and misguide the billing systems
  • Compete with other utility service providers
  • Disturb the balance between demand and supply
  • Carry out terrorist activities to damage local and national power infrastructure
  • Convey distrust between people and government
  • Increase or decrease the cost of energy consumption and energy distribution

 Are we more vulnerable than before?

A number of cyber experts have already expressed their concerns about the digitization of legacy grids. While some say the energy industry is ignoring the risks associated with the smart energy system, some go further and argue that the security of the country is at stake, due to the possibility of cyber-attacks on digitized energy systems. This trend is transforming cyber security complications from a problem to a hype. However, the truth lies somewhere between these two extremes. Currently, there seems to be a lack of evidence in the form of particular incidents suggesting smart technologies can be held exclusively responsible for compromising the operation of energy systems. Traditional energy systems are already exposed to a range of cyber threats. Although smart technologies are not yet embedded in a large scale in energy systems, their deployment can increase the risk of vulnerabilities and introduce new ones. This is more likely to be associated with increased connectivity between various assets and with the internet.

Over past few years, a number of incidents have been reported in which legacy energy systems have been compromised due to their partial dependence on smart technologies. Based on these recent incidents it is envisaged that similar types of attacks could increase in numbers as smart technology deployment increases introducing additional access points (cyber and physical) for infiltrators. Potential attacks in equipment could lead to financial loss and disruption of services for buildings and households and possible safety concerns both for the owners/occupants and the broader network depending on the power ratings and role of the asset attacked.

In order to address the diverse cyber-security issues related to the smart energy systems, there is an increasing need for experts in multidisciplinary fields to work jointly in the identification and treatment of these. Newcastle University has recently launched a multi-disciplinary team comprising cyber security, and smart grid experts co-funded by EPSRC and working with other stakeholders from industry and academia offering a powerful collaboration of electrical power systems, ICT architecture and cyber-systems expertise to tackle this pressing problem.