Smart grids could soften the blow of cyberattacks, but make them more common

Experts say the trade-off could be worthwhile because it reduces vulnerabilities and the potential payoff for attackers.
article cover


· 4 min read

The promise of smart grids is decentralization: By pulling from a variety of dispersed power sources—versus the highly centralized model utilities rely on today—the tech could theoretically lead to fewer outages and mitigate the severity of outages that do happen.

Smart grids use a combination of AI and sensors to link, distribute, and conserve energy from a combination of legacy power sources—like coal plants—and renewable sources, like hydroelectric dams, solar farms, and even, eventually, individual vehicles or homes with surplus power. Utilities have implemented opt-in smart-grid tech in cities like New York and Los Angeles, and Congress is likely to allocate up to $3 billion more toward smart city projects via the bipartisan infrastructure bill. And beyond bolstering grid resilience with respect to outages, experts told us the tech can help shrink the scale and impact of potential cyber attacks.

The trade-off is that hackers could have easier access to (typically) less-secure local networks. That means we’d likely see smaller but more frequent attacks with more smart-grid projects deployed, but spreading the risk could be worthwhile in part because it reduces the monetary incentive for attacks—holding an individual household’s network ransom is less lucrative than, say, leveraging an entire region’s infrastructure.

“It’s impossible to secure any industrial control system, because they’re so complex there will always be a bug that could be exploited,” Yury Dvorkin, assistant professor at New York University’s Tandon School of Engineering told Emerging Tech Brew. “With a decentralized system, if you hack into, for example, a residential household, you will only be able to control this household...if you launch an attack, your impact is going to be marginal.”

The current North American power grid is divided into five distinct regions. The three major grids are the Eastern Interconnect, which stretches from the east cost to the eastern border of Colorado, the Western Interconnect, which covers the western half of the country, and the Texas Interconnect—the Lone Star State is also the lone energy state, relying on a standalone grid that received a lot of scrutiny following blackouts last winter.

Keep up with the innovative tech transforming business

Tech Brew informs business leaders about the latest innovations, automation advances, policy shifts and more to help them make smart decisions.

Each of these regions is based on a web of power substations, power plants, and renewable sources, like hydroelectric dams, wind turbines, and nuclear plants. Power is primarily centralized in power plants and substations before it gets distributed to homes. This setup can create a fragile interdependence that enables one outage to ripple across the entire grid.

Andres Carvallo, CEO and cofounder of smart grids and smart cities consulting firm CMG Consulting, thinks decentralization offers a clear advantage with respect to cybersecurity. CMG describes Carvallo as the “Godfather of the smart grid,” and he is known as one of the pioneers of Austin’s smart-grid project, which kicked off in 2003 as one of the first wide-scale applications of smart-grid technology in the world. It now serves more than 500,000 residential and commercial meters.

“It’s...sort of like how the internet is not built exactly the same way at every location… If you shut down a piece of the internet, you don’t shut down the whole internet,” Carvallo said. “Depending on how people invest in building pieces of the smart’ll have a lot of resiliency and a lot of backup and a lot of back roads. If the highway road is closed, you can take the back roads.”

And Mike Bates, global GM of energy at Intel, told us that with new smart-grid solutions, stronger and more resilient security systems could also be implemented by utilities. Utilities could section off parts of the smart-grid system via a software-based process called “containerization,” allowing administrators to see everything in one place without creating interdependencies that set the system up for a domino effect in the event of an attack.

“If we move all those workloads on to one common platform and then the data and the applications that run them are containerized with some of the new advanced container platforms, then I believe the security operations are even tighter,” Bates said.

Keep up with the innovative tech transforming business

Tech Brew informs business leaders about the latest innovations, automation advances, policy shifts and more to help them make smart decisions.