This Cybersecurity webinar, the second in a series, addresses issues of importance to executive, technical, and academic professionals involved with managing and protecting Electric Utilities and Smart Grids worldwide. Technology and market challenges will be addressed, followed by cybersecurity approaches (including those used in Europe and US) and best practices. Three case studies, and legal and regulatory constraints, for architecting smart grids in a secure way also will be presented.
The document discusses smart grids and their challenges. It defines a smart grid as a modernized electrical grid that uses communications technology to improve efficiency. Key aspects of smart grids include reliability, efficiency, load balancing, sustainability, and two-way power and data flows. However, challenges include inadequate existing infrastructure, intermittent renewable resources, and regulatory policies around pricing. Overall, smart grids aim to enable active consumer participation, accommodate diverse energy sources, and operate resiliently.
Smart Grid: Definition
• Need of smart grid
• Smart grid functions
• How Smart Grid Works
• Smart Grid: Benefits
• Smart grid components and its Benefits
• Issues and Challenges
• Opportunities in future
• Smart Grid Projects in India and Gujarat
• Question-Answer
• References
This document discusses the cyber security risks of smart grids and proposes an integrated security framework to address these risks. Smart grids integrate information infrastructure with electrical infrastructure, improving performance but also increasing vulnerability to cyber attacks. The framework features security agents, managed security switches, and a security manager to provide layered protection, intrusion detection, and access control across the power automation network in a scalable and extensible manner. This integrated approach is needed as power systems have different security needs than traditional IT networks.
The presentation discusses smart grid technology, including its attributes, reasons for use, components, users, and how it works. A smart grid uses information technologies to improve how electricity is delivered from power plants to consumers. It allows for two-way interaction between consumers and the grid and integrates new technologies. Key benefits include reduced costs, improved reliability, efficiency and capacity, enabling predictive maintenance and automated operations. Security and privacy are main concerns due to two-way communication and potential for hacking of automated meters. The future of smart grid is uncertain but may become widely used over the long run.
Artificial intelligence in power systemssunil babu
This document discusses applications of artificial intelligence technologies like expert systems to power systems. It notes that AI, in the form of expert systems, artificial neural networks, and fuzzy logic, can help address challenges in power system analysis due to large, complex data and computational requirements. Some key applications of AI in power systems mentioned include fault diagnosis in transmission lines, control of power systems and FACTS devices, and mobile robotics for remote monitoring and maintenance of power plants. The advantages of each AI technique for power systems are also summarized.
This PPT provides the contents related to the Smart Grid Introduction. It is created for catering the Unit I contents of the AU course EE8019 - Smart Grid
This document provides an overview of active power analysis for smart grids using MATLAB. It discusses key concepts like active power flow, smart grid attributes, and power quality issues. It also describes tools in MATLAB like Simscape Power Systems that can be used to model and simulate electrical power systems. Different types of power quality conditioners are explained, including DSTATCOMs, active power filters, and UPQC devices that can address issues like voltage regulation, harmonics compensation, and power factor correction in smart grids. In conclusion, the document discusses performing active power load analysis on a smart grid model in MATLAB to analyze stability and synchronous active power flow under varying load conditions.
The document discusses the electricity sector in India. It provides details on the current installed power capacity in India as of 2011-12, which includes thermal, hydro, nuclear, solar, wind, biomass and other sources. It also discusses the smart grid system which enables two-way communication between utilities and consumers to efficiently deliver power. Key components of a smart grid discussed include smart meters, distribution intelligence, and ability of appliances to communicate with the smart grid and each other. Technical issues in implementing a smart grid like proper network laying, short circuits, overloading etc. are also summarized.
This document discusses communications technologies for smart grids, including Zigbee, wireless mesh networks, cellular networks, powerline communication, and digital subscriber lines. It analyzes the advantages and disadvantages of each technology and describes smart grid communication requirements like security, reliability, scalability, and quality of service. Key smart grid standards are also outlined covering various areas such as revenue metering, building automation, powerline networking, device communication, cybersecurity, and electric vehicles.
This document provides an overview of artificial intelligence techniques and their applications in power systems. It discusses expert systems, artificial neural networks, and fuzzy logic systems as the three major AI techniques used. It describes how each technique works and its advantages/disadvantages. The document also gives examples of how these techniques can be applied in transmission lines, power system protection, and other areas like operations, planning, control, and automation of power systems. The conclusion states that while AI shows promise for improving power system efficiency and reliability, more research is still needed to fully realize its benefits.
- The smart grid extends power systems into homes and businesses, creating new security challenges as critical infrastructure connects to less secure networks.
- We need accurate models of the smart grid that consider both cyber and physical pathways between components in order to understand vulnerabilities and identify security weaknesses across the integrated system.
- A federated approach is needed to both secure the smart grid and model its complex interactions, as the system spans multiple organizations with critical and non-critical functions that must be isolated despite sharing physical infrastructure.
Advanced metering infrastructure (AMI) allows utility companies to gain more control and understanding of energy consumption through automated meter reading and demand response capabilities. One key part of realizing the benefits of AMI is meter data management, which Tieto has experience providing through solutions integrated with Powel that help reduce costs and increase customer loyalty. A holistic, end-to-end approach to smart metering implementation is needed to avoid losses from a fragmented approach.
Present power grids are getting replaced by smart grids, mainly for improving performance of existing power grid. Integration of electrical, electronics and computer science have led this technology more popular. Smart grid technology is characterized by full duplex communication, automatic metering infrastructure, renewable energy integration, distribution automation and complete monitoring and control of entire power grid. Wireless sensor networks WSNs are small micro electrical mechanical systems that are deployed to collect and communicate the data from surroundings. Security of wireless sensor based communication network is a major concern for researchers and developers. The address oriented design and development approach for usual communication network requires a paradigm shift to design data oriented WSN architecture. This paper is presents different communication protocols used in smart grid technology. Sahana V Sangam | Sahana S Kulkarni | Asst. Prof. Chaitanya K Jambotkar "Smart Grid Communication Protocols" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-2 , February 2019, URL: https://www.ijtsrd.com/papers/ijtsrd21344.pdf
Paper URL: https://www.ijtsrd.com/engineering/electrical-engineering/21344/smart-grid-communication-protocols/sahana-v-sangam
IoT Based Smart Energy Meter using Raspberry Pi and Arduino Bilal Amjad
This project, design and implemented a low-cost IoT based energy monitoring system (smart energy meter) for real-time monitoring of all electrical parameters i.e. AC voltage, AC current, active power, total energy consumption, power factor, frequency, and tariff. The design is based on a low-cost PZEM-004T, using a non-invasive Current Transformer
(CT) sensors, Arduino and Raspberry pi. Electrical measurements are done by PZEM-004T and CT sensors through Arduino. Raspberry pi communicates with Arduino through serial communication to retrieve these sensor’s data and send it to the server via internet. As a result, the developed energy monitoring system can successfully record the voltage, current, active power, power factor, frequency, accumulative power consumption and tariff. Consumers will be able to
see their electricity usage and the tariff according to the energy usage in real-time through web and mobile application. In case of any fault e.g., short circuit or power supply cut off, the consumer will receive a text message on his mobile number. Moreover, consumers will be able to receive the tariff on a weekly or monthly basis.
This document discusses cyber security concerns regarding smart grid technology integration. It outlines how increased data sharing and connectivity between new and legacy systems introduces new cyber vulnerabilities. It then summarizes existing cyber security standards from organizations like ISO, NERC, and IEC that can provide frameworks for addressing these vulnerabilities. Finally, it notes challenges integrating new technologies with legacy systems and the need for a strategic roadmap to help guide secure technology adoption.
The document discusses cyber security threats to the US power grid. It notes that the power grid consists of over 300,000 km of transmission lines operated by 500 companies. Cyber attacks on critical infrastructure like the power grid are increasing in frequency and sophistication, which could have severe consequences. For example, a DDoS attack costing just $40 could overwhelm network links and cause a blackout. The document also provides examples of past cyber attacks on energy systems like Stuxnet and the 2015 attack on Ukraine's power grid that left 700,000 residents without electricity for 7 hours.
The document discusses the development of a cyber security framework for Ontario's electricity distribution sector. It aims to establish consistent expectations for protecting privacy and ensuring reliable grid operations amid increasing cybersecurity risks from smart grid technologies. The proposed framework draws from NIST cybersecurity standards and incorporates privacy by design principles. It includes a risk profiling tool to help utilities assess cybersecurity preparedness needs based on risk levels. Reporting would involve self-assessments and board-level attestations to regulators. The framework is intended to guide utilities while allowing flexibility, and future engagement is planned with additional stakeholders.
This document discusses cyber security challenges for the smart grid and outlines NIST's efforts to address them. It provides background on the electric grid and goals of the smart grid. The smart grid will be more complex and interconnected, introducing new security risks. NIST published guidelines for smart grid cyber security to help integrate security during modernization. The guidelines provide a risk assessment framework and recommended security requirements but do not mandate specific solutions.
This document is the first Smart Grid System Report to Congress mandated by the Energy Independence and Security Act of 2007. It summarizes the key findings of the report, which assess the status of smart grid deployments nationwide and any barriers. The report finds that while distributed energy resources and advanced metering infrastructure are growing, penetration remains low. It also finds that modernizing the electricity infrastructure is progressing, but understanding the business cases and policies is still emerging. Overall, the smart grid represents a significant technological and cultural change for the electric system.
The document summarizes a microgrid testbed that demonstrates communication and control technologies for managing distributed energy resources (DER). The testbed provides a simulated smart grid environment to test protocols like Data Distribution Service (DDS), Open Field Message Bus (OpenFMB), and Time-Sensitive Networks (TSN). It is led by Cisco, RTI, and National Instruments and involves various energy providers. The testbed aims to help address challenges from increasing DER penetration like dynamic load balancing and power quality issues.
Show and Tell - Data and Digitalisation, Digital Twins.pdfSIFOfgem
The document summarizes several projects presented at a webinar on the Strategic Innovation Fund's "Data & Digitalisation" challenge.
- The EN-twin-e project aims to develop a digital twin of the electricity distribution network to provide greater visibility of distributed energy resources. This will help the ESO make more effective balancing decisions.
- The Digi-GIFT project seeks to build an integrated cybersecurity system and shared data infrastructure. This will help manage data quality, integrity and security while supporting applications like digital twins.
- Cost-benefit analyses were conducted for a shared data infrastructure, an integrated cyber intrusion defense system, and quantifying flexibility services. The analyses found savings from data sharing and
The document discusses NIST's role in coordinating smart grid interoperability standards to accelerate the development of a nationwide smart grid. It outlines NIST's three phase plan: 1) Identify initial standards and develop a roadmap, 2) Establish the Smart Grid Interoperability Panel, and 3) Develop a conformity framework. The panel brings together over 550 organizations to support NIST's efforts through open collaboration. International coordination is also vital as standards will facilitate global smart grid development and technology sharing.
Standards based security for energy utilitiesNirmal Thaliyil
The document discusses standards for cybersecurity in the energy sector. It notes that threats are increasing as energy infrastructure becomes more connected and data-driven. The document outlines some key cybersecurity standards for the energy industry including NERC CIP, IEEE1686, and IEC 62351. It maps these standards based on their level of technical detail and completeness. The document also discusses best practices for cybersecurity including technological and operational controls and how standards relate to controls for protection, detection and response.
The document discusses smart grids and opportunities for their development in Latin America. It provides definitions of smart grids and their key components like smart meters and substations. Benefits include enhancing reliability, efficiency and integrating renewable energy. Barriers include costs, regulatory issues and lack of standards. The document outlines smart grid maturity levels and a methodology for developing roadmaps. It also discusses renewable energy policies and opportunities in countries like Argentina and Brazil who are implementing smart grid technologies and modernizing their electric grids.
NIST Guide- Situational Awareness for Electric UtilitiesDr Dev Kambhampati
This document is a draft of a NIST special publication providing guidance on situational awareness solutions for electric utilities. It includes an executive summary, approach, architecture, and security characteristics for implementing situational awareness. The publication describes a NCCoE project that developed an example solution to converge monitoring across IT, operational technology, and physical access systems in order to improve utilities' ability to detect cyberattacks and security incidents. The solution is presented as a modular guide to help utilities implement standards-based technologies in a risk-based manner to gain efficiencies in monitoring, identification, and response to cyber incidents.
Dr Dev Kambhampati | Electric Utilities Situational AwarenessDr Dev Kambhampati
This document is a draft of a NIST special publication providing guidance on situational awareness solutions for electric utilities. It includes an executive summary, approach, architecture, and security characteristics for implementing situational awareness. The publication describes a challenge electric utilities face in gaining comprehensive visibility across separate IT, operational technology, and physical security systems. It then outlines a solution developed by NIST to integrate these systems using commercial and open source tools to improve detection of cybersecurity incidents and support regulatory compliance. The benefits of the solution include improved cybersecurity, faster incident response, and more effective risk management.
BUILDING SMART, RESILIENT CYBER-SECURE MICROGRIDSiQHub
This document discusses building smart, resilient, and cyber-secure microgrids. It begins with an introduction discussing the increasing reliance on renewable energy sources and the need for a more flexible electric grid. The presentation then outlines topics covering cyber attacks on microgrid infrastructure, different types of attacks, analyzing attack impacts, and building secure microgrids using machine learning. Case studies are presented on predictive solar energy modeling using neural networks and developing cybersecurity training programs for the energy industry. The document concludes by emphasizing the importance of technologies like energy storage and microgrids for grid resilience and reliability.
Distribution Automation - Emerging Trends and Challenges Providing an overview of challenges, further providing a detail by introducing IEC 61850 standard and finally concluding by discussing the need of a maker approach or workshops thus enabling better skills and development at institutions.
Creating a Step Change in Cyber Security | ISCF DSbD Business-led Demonstrato...KTN
John Goodacre, the Digital Security by Design (DSbD) Challenge Director at Innovate UK presents the background to the ISCF DSbD programme which aims to "Create a Step Change in Cyber Security".
Critical Information Infrastructure Systems WorldwideAngela Hays
The document discusses the training that the author underwent at Finetech Controls Pvt. Ltd., which covered the fundamentals of industrial automation including components like switches, sensors, controllers, drives, and programmable logic controllers. The training also included how to operate and program PLCs to remotely control industrial processes, as well as the basics of variable frequency drives for motor speed and rotation control. The author was educated on the principles, applications, and installation of automation equipment used in manufacturing and material handling processes.
The Security Research Unit at TSSG investigates topics in IT security including distributed trust and reputation management, access control for secure services, identity and privacy technologies, protection of critical infrastructures, and international coordination of research and policy related to trust and security. Sample projects described include Aniketos which aims to establish and maintain trustworthiness in dynamic service environments, PASSIVE which proposes an improved security model for virtualized eGovernment applications, and ENDORSE which provides open source tools to ensure data protection compliance. TSSG also partners with universities and companies and is involved with the European Commission to coordinate research in these areas.
The document discusses the key components and functioning of a smart grid system. It describes how a smart grid uses advanced sensing, communications and control technologies to monitor and optimize the entire electricity delivery network from generators to end users. The smart grid aims to improve reliability, efficiency and sustainability of the traditional grid through two-way communication between suppliers and consumers of electricity. It allows for better demand response and integration of diverse energy sources including renewables.
Using cloud services: Compliance with the Security Requirements of the Spanis...Miguel A. Amutio
Cloud Security Alliance EMEA Congress
Using cloud services: Compliance with the Security Requirements of the Spanish Public Sector
Text of the presentation by Miguel A. Amutio
The document discusses using the Technology Infusion and Maturation Assessment (TIMA) process developed by NASA's Jet Propulsion Laboratory to design and evaluate architectural options for the smart electric power grid in California. TIMA involves identifying key technologies, developing use cases, analyzing risks and barriers, and defining a technology roadmap. The goal is to meet California's energy and climate policy objectives through 2030 and beyond in a cost-effective manner.
The document summarizes a presentation about helping utilities prepare for cybersecurity. It discusses the Cybersecurity Capability Maturity Model (C2M2) developed by the Department of Energy (DOE) to help organizations assess their cybersecurity practices. The C2M2 uses a maturity model approach with 10 domains and 4 maturity levels to evaluate an organization's cybersecurity capabilities. It also discusses how the C2M2 can be used to support implementation of the National Institute of Standards and Technology's Cybersecurity Framework.
With my team (LKYSPP MPA), we presented the basic concept, advantages, case studies, and risk management of "Cloud Computing" to (potential) policy makers, in the framework of our "Governance Study Project". We'd like to help those policy makers to make their informed decision on integrating tech-solutions in their governance, business community, and the general public.
Similar to Cybersecurity for Smart Grids: Technical Approaches to Provide Cybersecurity (20)
A new generation of instruments and tools to monitor buildings performanceLeonardo ENERGY
What is the added value of monitoring the flexibility, comfort, and well-being of a building? How can occupants be better informed about the performance of their building? And how to optimize a building's maintenance?
The slides were presented during a webinar and roundtable with a focus on a new generation of instruments and tools to monitor buildings' performance, and their link with the Smart Readiness Indicator (SRI) for buildings as introduced in the EU's Energy Performance of Buildings Directive (EPBD).
Link to the recordings: https://youtu.be/ZCFhmldvRA0
Addressing the Energy Efficiency First Principle in a National Energy and Cli...Leonardo ENERGY
When designing energy and climate policies, EU Member States have to apply the Energy Efficiency First Principle: priority should be given to measures reducing energy consumption before other decarbonization interventions are adopted. This webinar summarizes elements of the energy and climate policy of Cyprus illustrating how national authorities have addressed this principle so far, and outline challenges towards its much more rigorous implementation that is required in the coming years.
Auctions for energy efficiency and the experience of renewablesLeonardo ENERGY
Auctions are an emerging market-based policy instrument to promote energy efficiency that has started to gain traction in the EU and worldwide. This presentation provides an overview and comparison of several energy efficiency auctions and derives conclusions on the effects of design elements based on auction theory and on experiences of renewable energy auctions. We include examples from energy efficiency auctions in Brazil, Canada, Germany, Portugal, Switzerland, Taiwan, UK, and US.
A recording of this presentation can be viewed at:
https://youtu.be/aC0h4cXI9Ug
Energy efficiency first – retrofitting the building stock finalLeonardo ENERGY
Retrofitting the building stock is a challenging undertaking in many respects - including costs. Can it nevertheless qualify as a measure under the Energy Efficiency First principle? Which methods can be applied for the assessment and what are the results in terms of the cost-effectiveness of retrofitting the entire residential building stock? How do the results differ for minimization of energy use, CO2 emissions and costs? And which policy conclusions can be drawn?
This presentation was used during the 18th webinar in the Odyssee-Mure on Energy Efficiency Academy on February 3, 2022.
A link to the recording: https://youtu.be/4pw_9hpA_64
How auction design affects the financing of renewable energy projects Leonardo ENERGY
Recording available at https://youtu.be/lPT1o735kOk
Renewable energy auctions might affect the financing of renewable energy (RE) projects. This webinar presents the results of the AURES II project exploring this topic. It discusses how auction designs ranging from bid bonds to penalties and remuneration schemes impact financing and discusses creating a low-risk auction support framework.
This presentation discusses the contribution of Energy Efficiency Funds to the financing of energy efficiency in Europe. The analysis is based on the MURE database on energy efficiency policies. As an example, the German Energy Efficiency Fund is described in more detail.
This is the 17th webinar in the Odyssee-Mure on Energy Efficiency Academy.
Recordings are available on: https://youtu.be/KIewOQCgQWQ
(see updated version of this presentation:
https://www.slideshare.net/sustenergy/energy-efficiency-funds-in-europe-updated)
The Energy Efficiency First Principle is a key pillar of the European Green Deal. A prerequisite for its widespread application is to secure financing for energy efficiency investments.
This presentation discusses the contribution of Energy Efficiency Funds to the financing of energy efficiency in Europe. The analysis is based on the MURE database on energy efficiency policies. As an example, the German Energy Efficiency Fund is described in more detail.
This is the 17th webinar in the Odyssee-Mure on Energy Efficiency Academy.
Recordings are available on: https://youtu.be/KIewOQCgQWQ
Five actions fit for 55: streamlining energy savings calculationsLeonardo ENERGY
During the first year of the H2020 project streamSAVE, multiple activities were organized to support countries in developing savings estimations under Art.3 and Art.7 of the Energy Efficiency Directive (EED).
A fascinating output of the project so far is the “Guidance on Standardized saving methodologies (energy, CO2 and costs)” for a first round of five so-called Priority Actions. This Guidance will assist EU member states in more accurately calculating savings for a set of new energy efficiency actions.
This webinar presents this Guidance and other project findings to the broader community, including industry and markets.
AGENDA
14:00 Introduction to streamSAVE
(Nele Renders, Project Coordinator)
14:10 Views from the EU Commission and the link with Fit-for-55 (Anne-Katherina Weidenbach, DG ENER)
14:20 The streamSAVE guidance and its platform illustrated (Elisabeth Böck, AEA)
14:55 A view from industry: What is the added value of streamSAVE (standardized) methods in frame of the EED (Conor Molloy, AEMS ECOfleet)
14:55 Country experiences: the added value of standardized methods (Elena Allegrini, ENEA, Italy)
The recordings of the webinar can be found on https://youtu.be/eUht10cUK1o
This webinar analyses energy efficiency trends in the EU for the period 2014-2019 and the impact of COVID-19 in 2020 (based on estimates from Enerdata).
The speakers present the overall trend in total energy supply and in final energy consumption, as well as details by sector, alongside macro-economic data. They will explain the main drivers of the variation in energy consumption since 2014 and determine the impact of energy savings.
Speakers:
Laura Sudries, Senior Energy Efficiency Analyst, Enerdata
Bruno Lapillonne, Scientific Director, Enerdata
The recordings of the presentation (webinar) can be viewed at:
https://youtu.be/8RuK5MroTxk
Energy and mobility poverty: Will the Social Climate Fund be enough to delive...Leonardo ENERGY
Prior to the current soaring energy prices across Europe, the European Commission proposed, as part of the FitFor55 climate and energy package, the EU Social Climate Fund to mitigate the expected social impact of extending the EU ETS to transport and heating.
The report presented in this webinar provides an update of the European Energy Poverty Index, published for the first time in 2019, which shows the combined effect of energy and mobility poverty across Member States. Beyond the regular update of the index, the report provides analysis of the existing EU policy framework related to energy and transport poverty. France is used as a case study given the “yellow vest” movement, which was triggered by the proposed carbon tax on fuels.
Watch the recordings of the webinar:
https://youtu.be/i1Jdd3H05t0
Does the EU Emission Trading Scheme ETS Promote Energy Efficiency?Leonardo ENERGY
This policy brief analyzes the main interacting mechanisms between the Energy Efficiency Directive (EED) and the EU Emission Trading Scheme (ETS). It presents a detailed top-down approach, based on the ODYSSEE energy indicators, to identify energy savings from the EU ETS.
The main task consists in isolating those factors that contribute to the change in energy consumption of industrial branches covered by the EU ETS, and the energy transformation sector (mainly the electricity sector).
Speaker:
Wolfgang Eichhammer (Head of the Competence Center Energy Policy and Energy Markets @Fraunhofer Institute for Systems and Innovation Research ISI)
The recordings of this webinar can be watched via:
https://youtu.be/TS6PxIvtaKY
Energy efficiency, structural change and energy savings in the manufacturing ...Leonardo ENERGY
- Structural changes in manufacturing have significantly reduced energy consumption in Denmark since 1990 through growth in lower intensity sectors like food production.
- Energy efficiency improvements also contributed, especially from 2010-2014, lowering consumption alongside structural changes.
- A decomposition analysis found that decreases in consumption from 2006-2014 were mainly from structural effects in the first half, and efficiency gains in the latter half.
- Reported energy savings from Denmark's energy efficiency obligation scheme align with estimated efficiency improvements, though some autonomous gains likely occurred too.
Energy Sufficiency Indicators and Policies (Lea Gynther, Motiva)Leonardo ENERGY
This policy brief looks at questions ‘how to measure energy sufficiency’, ‘which policies and measures can be used to address energy sufficiency’ and ‘how they are used in Europe today’.
Energy sufficiency refers to a situation where everyone has access to the energy services they need, whilst the impacts of the energy system do not exceed environmental limits. The level of ambition needed to address energy sufficiency is higher than in the case of energy efficiency.
This is the 13th edition of the Odyssee-Mure on Energy Efficiency Academy, and number 519 in the Leonardo ENERGY series. The recording of the live presentation can be found on https://www.youtube.com/watch?v=jEAdYbI0wDI&list=PLUFRNkTrB5O_V155aGXfZ4b3R0fvT7sKz
The Super-efficient Equipment and Appliance Deployment (SEAD) Initiative Prod...Leonardo ENERGY
The Super-efficient Equipment and Appliance Deployment (SEAD) Initiative Product Efficiency Call to Action, by Melanie Slade - IEA and Nicholas Jeffrey - UK BEIS
Breuckmann eMobility GmbH develops innovative rotor casting technology called Zero Porosity Rotor (ZPR) for electric vehicle induction motors. ZPR uses laminar squeeze casting to produce rotors with zero porosity, allowing for superior mechanical properties, higher electrical conductivity, and maximum process stability compared to industry standard rotors. Key advantages of ZPR rotors include up to 12.5% higher maximum rotational speed, 35% higher electrical conductivity, and ability to withstand 25% higher circumferential bursting speeds. Breuckmann has partnerships for motor testing, slot geometry design, and received EU funding to develop high-speed motor concepts using its ZPR technology.
dynamic E flow GmbH provides high-tech electric machines and solutions for extreme applications. Their capcooltech® motor features direct winding cooling that enables current densities up to 100A/mm2 and overload capacities. Testing shows the capcooltech® design maintains temperatures 40°C lower and heats 10 times faster than conventional cooling. The direct cooling test bench demonstrates capcooltech® motors can achieve maximum power density, temperature resistance, precision, and dynamics even in harsh conditions like vacuum or high temperatures.
The need for an updated European Motor Study - key findings from the 2021 US...Leonardo ENERGY
The document calls for an updated assessment of the electric motor system market in Europe, as the existing data is over 20 years old. It notes several changes in the market since then, including new efficient motor technologies, lower costs for power electronics, and increased digitization. The document highlights findings from a recent 2021 US motor study, which found motors to be older than previously estimated and significant improvements in load factors and variable speed drive penetration compared to past studies. It concludes that a new comprehensive assessment is needed to identify large potential electricity savings and inform policies to accelerate market transformation.
Efficient motor systems for a Net Zero world, by Conrad U. Brunner - Impact E...Leonardo ENERGY
1) The document discusses the need for efficient electric motor systems to achieve net-zero emissions by 2050, as electricity will be the main energy supplier without fossil fuels or nuclear.
2) It provides examples of how industry can achieve efficiency savings of 50-70% through measures like downsizing components, direct drive systems, and load control.
3) A case study shows how converting an oversized 10kW system to a smaller, variable speed, direct drive setup with efficient components achieves 82% energy savings and a payback period of just one year.
7 Most Powerful Solar Storms in the History of Earth.pdfEnterprise Wired
Solar Storms (Geo Magnetic Storms) are the motion of accelerated charged particles in the solar environment with high velocities due to the coronal mass ejection (CME).
Comparison Table of DiskWarrior Alternatives.pdfAndrey Yasko
To help you choose the best DiskWarrior alternative, we've compiled a comparison table summarizing the features, pros, cons, and pricing of six alternatives.
YOUR RELIABLE WEB DESIGN & DEVELOPMENT TEAM — FOR LASTING SUCCESS
WPRiders is a web development company specialized in WordPress and WooCommerce websites and plugins for customers around the world. The company is headquartered in Bucharest, Romania, but our team members are located all over the world. Our customers are primarily from the US and Western Europe, but we have clients from Australia, Canada and other areas as well.
Some facts about WPRiders and why we are one of the best firms around:
More than 700 five-star reviews! You can check them here.
1500 WordPress projects delivered.
We respond 80% faster than other firms! Data provided by Freshdesk.
We’ve been in business since 2015.
We are located in 7 countries and have 22 team members.
With so many projects delivered, our team knows what works and what doesn’t when it comes to WordPress and WooCommerce.
Our team members are:
- highly experienced developers (employees & contractors with 5 -10+ years of experience),
- great designers with an eye for UX/UI with 10+ years of experience
- project managers with development background who speak both tech and non-tech
- QA specialists
- Conversion Rate Optimisation - CRO experts
They are all working together to provide you with the best possible service. We are passionate about WordPress, and we love creating custom solutions that help our clients achieve their goals.
At WPRiders, we are committed to building long-term relationships with our clients. We believe in accountability, in doing the right thing, as well as in transparency and open communication. You can read more about WPRiders on the About us page.
Best Programming Language for Civil EngineersAwais Yaseen
The integration of programming into civil engineering is transforming the industry. We can design complex infrastructure projects and analyse large datasets. Imagine revolutionizing the way we build our cities and infrastructure, all by the power of coding. Programming skills are no longer just a bonus—they’re a game changer in this era.
Technology is revolutionizing civil engineering by integrating advanced tools and techniques. Programming allows for the automation of repetitive tasks, enhancing the accuracy of designs, simulations, and analyses. With the advent of artificial intelligence and machine learning, engineers can now predict structural behaviors under various conditions, optimize material usage, and improve project planning.
Fluttercon 2024: Showing that you care about security - OpenSSF Scorecards fo...Chris Swan
Have you noticed the OpenSSF Scorecard badges on the official Dart and Flutter repos? It's Google's way of showing that they care about security. Practices such as pinning dependencies, branch protection, required reviews, continuous integration tests etc. are measured to provide a score and accompanying badge.
You can do the same for your projects, and this presentation will show you how, with an emphasis on the unique challenges that come up when working with Dart and Flutter.
The session will provide a walkthrough of the steps involved in securing a first repository, and then what it takes to repeat that process across an organization with multiple repos. It will also look at the ongoing maintenance involved once scorecards have been implemented, and how aspects of that maintenance can be better automated to minimize toil.
Sustainability requires ingenuity and stewardship. Did you know Pigging Solutions pigging systems help you achieve your sustainable manufacturing goals AND provide rapid return on investment.
How? Our systems recover over 99% of product in transfer piping. Recovering trapped product from transfer lines that would otherwise become flush-waste, means you can increase batch yields and eliminate flush waste. From raw materials to finished product, if you can pump it, we can pig it.
UiPath Community Day Kraków: Devs4Devs ConferenceUiPathCommunity
We are honored to launch and host this event for our UiPath Polish Community, with the help of our partners - Proservartner!
We certainly hope we have managed to spike your interest in the subjects to be presented and the incredible networking opportunities at hand, too!
Check out our proposed agenda below 👇👇
08:30 ☕ Welcome coffee (30')
09:00 Opening note/ Intro to UiPath Community (10')
Cristina Vidu, Global Manager, Marketing Community @UiPath
Dawid Kot, Digital Transformation Lead @Proservartner
09:10 Cloud migration - Proservartner & DOVISTA case study (30')
Marcin Drozdowski, Automation CoE Manager @DOVISTA
Pawel Kamiński, RPA developer @DOVISTA
Mikolaj Zielinski, UiPath MVP, Senior Solutions Engineer @Proservartner
09:40 From bottlenecks to breakthroughs: Citizen Development in action (25')
Pawel Poplawski, Director, Improvement and Automation @McCormick & Company
Michał Cieślak, Senior Manager, Automation Programs @McCormick & Company
10:05 Next-level bots: API integration in UiPath Studio (30')
Mikolaj Zielinski, UiPath MVP, Senior Solutions Engineer @Proservartner
10:35 ☕ Coffee Break (15')
10:50 Document Understanding with my RPA Companion (45')
Ewa Gruszka, Enterprise Sales Specialist, AI & ML @UiPath
11:35 Power up your Robots: GenAI and GPT in REFramework (45')
Krzysztof Karaszewski, Global RPA Product Manager
12:20 🍕 Lunch Break (1hr)
13:20 From Concept to Quality: UiPath Test Suite for AI-powered Knowledge Bots (30')
Kamil Miśko, UiPath MVP, Senior RPA Developer @Zurich Insurance
13:50 Communications Mining - focus on AI capabilities (30')
Thomasz Wierzbicki, Business Analyst @Office Samurai
14:20 Polish MVP panel: Insights on MVP award achievements and career profiling
Scaling Connections in PostgreSQL Postgres Bangalore(PGBLR) Meetup-2 - MydbopsMydbops
This presentation, delivered at the Postgres Bangalore (PGBLR) Meetup-2 on June 29th, 2024, dives deep into connection pooling for PostgreSQL databases. Aakash M, a PostgreSQL Tech Lead at Mydbops, explores the challenges of managing numerous connections and explains how connection pooling optimizes performance and resource utilization.
Key Takeaways:
* Understand why connection pooling is essential for high-traffic applications
* Explore various connection poolers available for PostgreSQL, including pgbouncer
* Learn the configuration options and functionalities of pgbouncer
* Discover best practices for monitoring and troubleshooting connection pooling setups
* Gain insights into real-world use cases and considerations for production environments
This presentation is ideal for:
* Database administrators (DBAs)
* Developers working with PostgreSQL
* DevOps engineers
* Anyone interested in optimizing PostgreSQL performance
Contact info@mydbops.com for PostgreSQL Managed, Consulting and Remote DBA Services
Implementations of Fused Deposition Modeling in real worldEmerging Tech
The presentation showcases the diverse real-world applications of Fused Deposition Modeling (FDM) across multiple industries:
1. **Manufacturing**: FDM is utilized in manufacturing for rapid prototyping, creating custom tools and fixtures, and producing functional end-use parts. Companies leverage its cost-effectiveness and flexibility to streamline production processes.
2. **Medical**: In the medical field, FDM is used to create patient-specific anatomical models, surgical guides, and prosthetics. Its ability to produce precise and biocompatible parts supports advancements in personalized healthcare solutions.
3. **Education**: FDM plays a crucial role in education by enabling students to learn about design and engineering through hands-on 3D printing projects. It promotes innovation and practical skill development in STEM disciplines.
4. **Science**: Researchers use FDM to prototype equipment for scientific experiments, build custom laboratory tools, and create models for visualization and testing purposes. It facilitates rapid iteration and customization in scientific endeavors.
5. **Automotive**: Automotive manufacturers employ FDM for prototyping vehicle components, tooling for assembly lines, and customized parts. It speeds up the design validation process and enhances efficiency in automotive engineering.
6. **Consumer Electronics**: FDM is utilized in consumer electronics for designing and prototyping product enclosures, casings, and internal components. It enables rapid iteration and customization to meet evolving consumer demands.
7. **Robotics**: Robotics engineers leverage FDM to prototype robot parts, create lightweight and durable components, and customize robot designs for specific applications. It supports innovation and optimization in robotic systems.
8. **Aerospace**: In aerospace, FDM is used to manufacture lightweight parts, complex geometries, and prototypes of aircraft components. It contributes to cost reduction, faster production cycles, and weight savings in aerospace engineering.
9. **Architecture**: Architects utilize FDM for creating detailed architectural models, prototypes of building components, and intricate designs. It aids in visualizing concepts, testing structural integrity, and communicating design ideas effectively.
Each industry example demonstrates how FDM enhances innovation, accelerates product development, and addresses specific challenges through advanced manufacturing capabilities.
Kief Morris rethinks the infrastructure code delivery lifecycle, advocating for a shift towards composable infrastructure systems. We should shift to designing around deployable components rather than code modules, use more useful levels of abstraction, and drive design and deployment from applications rather than bottom-up, monolithic architecture and delivery.
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdfNeo4j
Presented at Gartner Data & Analytics, London Maty 2024. BT Group has used the Neo4j Graph Database to enable impressive digital transformation programs over the last 6 years. By re-imagining their operational support systems to adopt self-serve and data lead principles they have substantially reduced the number of applications and complexity of their operations. The result has been a substantial reduction in risk and costs while improving time to value, innovation, and process automation. Join this session to hear their story, the lessons they learned along the way and how their future innovation plans include the exploration of uses of EKG + Generative AI.
Choose our Linux Web Hosting for a seamless and successful online presencerajancomputerfbd
Our Linux Web Hosting plans offer unbeatable performance, security, and scalability, ensuring your website runs smoothly and efficiently.
Visit- https://onliveserver.com/linux-web-hosting/
An invited talk given by Mark Billinghurst on Research Directions for Cross Reality Interfaces. This was given on July 2nd 2024 as part of the 2024 Summer School on Cross Reality in Hagenberg, Austria (July 1st - 7th)
INDIAN AIR FORCE FIGHTER PLANES LIST.pdfjackson110191
These fighter aircraft have uses outside of traditional combat situations. They are essential in defending India's territorial integrity, averting dangers, and delivering aid to those in need during natural calamities. Additionally, the IAF improves its interoperability and fortifies international military alliances by working together and conducting joint exercises with other air forces.
論文紹介:A Systematic Survey of Prompt Engineering on Vision-Language Foundation ...Toru Tamaki
Jindong Gu, Zhen Han, Shuo Chen, Ahmad Beirami, Bailan He, Gengyuan Zhang, Ruotong Liao, Yao Qin, Volker Tresp, Philip Torr "A Systematic Survey of Prompt Engineering on Vision-Language Foundation Models" arXiv2023
https://arxiv.org/abs/2307.12980
Are you interested in dipping your toes in the cloud native observability waters, but as an engineer you are not sure where to get started with tracing problems through your microservices and application landscapes on Kubernetes? Then this is the session for you, where we take you on your first steps in an active open-source project that offers a buffet of languages, challenges, and opportunities for getting started with telemetry data.
The project is called openTelemetry, but before diving into the specifics, we’ll start with de-mystifying key concepts and terms such as observability, telemetry, instrumentation, cardinality, percentile to lay a foundation. After understanding the nuts and bolts of observability and distributed traces, we’ll explore the openTelemetry community; its Special Interest Groups (SIGs), repositories, and how to become not only an end-user, but possibly a contributor.We will wrap up with an overview of the components in this project, such as the Collector, the OpenTelemetry protocol (OTLP), its APIs, and its SDKs.
Attendees will leave with an understanding of key observability concepts, become grounded in distributed tracing terminology, be aware of the components of openTelemetry, and know how to take their first steps to an open-source contribution!
Key Takeaways: Open source, vendor neutral instrumentation is an exciting new reality as the industry standardizes on openTelemetry for observability. OpenTelemetry is on a mission to enable effective observability by making high-quality, portable telemetry ubiquitous. The world of observability and monitoring today has a steep learning curve and in order to achieve ubiquity, the project would benefit from growing our contributor community.
Cybersecurity for Smart Grids: Technical Approaches to Provide Cybersecurity
1. Cybersecurity for Smart Grids:
Technical Approaches to Improve
Cybersecurity
Presentation by Cyril W. Draffin, Jr.
Project Advisor, MIT Energy Initiative
Stefano Bracco
Knowledge Manager, Agency for the Cooperation of
Energy Regulators
David Batz
Security and Business Continuity, Edison Electric Institute
International Energy Agency’s International Smart Grid Action
Network (ISGAN) Academy – 2nd Cybersecurity Webinar
11 September 2017
1
2. ISGAN in a nutshell
International Smart Grid Action Network TCP (ISGAN)
‘Strategic platform to support high-level government attention and action for
the accelerated development and deployment of smarter, cleaner electricity
grids around the world’
An initiative of the Clean Energy Ministerial (CEM)
Organized as the Implementing Agreement for a
Co-Operative Programme on Smart Grids (ISGAN)
The CEM is the only multilateral forum dedicated
exclusively to the advancement of clean energy
technologies and related policies. ISGAN is the only
global government-to-government forum on smart grids
2
3. Geography of ISGAN
3
Swedish Energy Agency
Commonwealth Scientific
and Industrial Research
Organization
Government of Canada
Norwegian Ministry of Petroleum and Energy
New Energy and Industrial
Technology Development
Organization (NEDO)
Sustainable Energy
Authority of Ireland
Government of Belgium
Forschungszentrum Jülich GmbH
Government of the Netherlands,
Ministry of Economic Affairs,
Agriculture and Innovation
Union Fenosa Distribucion
Government of Austria
Government of France
Swiss Federal
Office of
Energy Government of Korea
European Commission
South African National
Energy Development Institute
Energy Market
Authority, Singapore
Government of India
MOP, NSGM,
POWER GRID, CPRI
Government of Mexico
U.S. Department of Energy
Ricerca sul Sistema Energetico (RSE S.p.A.)
Contracting Parties: 25
Invited: Malaysia
Expression of Interest: UAE
Ministry of Science and Technology
Department of High and New
Technology Development and
Industrialization
Russian Energy Agency
Tekes (Finnish Funding Agency for Technology and Innovation)
Danish Energy Agency
5. Topics for
Cybersecurity for Smart Grids Webinar #2:
Technical Approaches to Improve
Cybersecurity
1. Cybersecurity Challenges
2. Cybersecurity Approach and Best Practices
3. Case Studies
4. Cyber Professionals
5. Regulatory and Legal Constraints of architecting smart
grids in a secure way
6. Measures of Success
7. Conclusions
5
6. Market and Technology
• Smart Grid and digital evolution
• Highly inter-connected platforms with a number of actuators and
sensors (with wide geographical area)
• Decision-making delegated to machines (Distributed Control Systems)
• New intelligent control devices which have to cooperate with old
control devices (which are not easy to replace)
• Changing business models with more actors involved
• Distributed Energy Resources, with renewable resources that have
intermittent behaviour, with multiple ownerships and cybersecurity
practices
• Demand changes, dynamic pricing and need for inclusion of new actors
(for example “prosumers” and aggregators) with impact on electricity
systems
Electricity Market Challenges
affecting Cybersecurity
Cybersecurity Challenges
6
7. Management
• Evolving cyber threats
• Hacking groups trying to find vulnerabilities embedded in the existing
security measures, and seeking undiscovered vulnerabilities of control
systems
• Potential role of nation states
• Potential national or cross-border impact of attacks and incidents,
related to the “weakest link problem”
• Existing governance versus best practices
• Agility important-- impossible to predict what will happen
• Forensics methods and technologies (applicable to standard IT systems
and their security measures) may not work as well on Operational
systems
• How much cybersecurity expenditures are sufficient?-- cost of
cybersecurity
Management Challenges
affecting Cybersecurity
Cybersecurity Challenges
7
8. Cybersecurity Approaches
• Threat and risk management system
Pursue a harmonized, structured and comprehensive way to identify operators of essential
services for the energy sector at regional level
Structured risk analysis and risk treatment plan specific for the highly interdependent European
and US energy sectors
Cyber security maturity framework
Regional cooperation on cyber security topics
Control and secure disclosure of vulnerabilities and incidents affecting the energy sector in its
crucial role
• Effective cyber response framework
Define and implement a cyber response and coordination framework
Implement and strengthen regional cooperation for efficient handling of cyber emergencies
when energy is involved and affected
Improve cyber resilience in the energy sector
• Build-up adequate capacity and competences
Build competences
Provide knowledge, including frameworks and best practices
Promote research
Cybersecurity Approaches
8
9. A maturity model is a set of characteristics, attributes, indicators, or patterns that
represent capability and progression in a particular discipline.
Model content typically exemplifies best practices and may incorporate standards
or other codes of practice of the discipline. It provides a benchmark against which
an organization can evaluate the current level of capability of its practices,
processes, and methods and set goals and priorities for improvement.
When a model is widely used in a particular industry (and assessment results are
shared), organizations can benchmark their performance against other
organizations. An industry can determine how well it is performing overall by
examining the capability of its member organizations.
Maturity Model
Cybersecurity Approaches
9
10. 10 Domains In Maturity Model:
Logical grouping of cybersecurity practices
• Risk Management
• Asset, Change, and
Configuration Management
• Identity and Access
Management
• Threat and Vulnerability
Management
• Situational Awareness
• Information Sharing and
Communications
• Event and Incident Response,
Continuity of Operations
• Supply Chain and External
Dependencies Management
• Workforce Management
• Cybersecurity Program
Management
Cybersecurity Approaches
10
12. How the European Commission Clean Energy
Package acknowledges Cybersecurity
• The legislative proposals put emphasis on smarter and more
efficient management of the grid, by using digital technologies and
the flexibility of consumers and their electrical appliances
• Innovation is at the core of the package, from renewable energy
legislation, to energy efficiency and the new market design
proposals
• The package acknowledges the importance of cyber security for
the energy sector, and the need to duly assess cyber-risks and their
possible impact on the security of supply.
• It proposes the adoption of measures to prevent and mitigate the
risks identified as well as the adaption of technical rules for
electricity (i.e. a Network Code) on cyber-security.
12
Cybersecurity Approaches
13. Energy Expert Cyber Security Platform (EECSP)-
Expert Group
13
10 cyber security challenges in the energy
sector
(reference: EECSP Report)
Electricity Oil Gas Nuclear
1 Grid stability in a cross-border interconnected
energy
network.
x x x
2 Protection concepts reflecting current threats and
risks.
x x x x
3 Handling of cyber-attacks within the EU. x x x x
4
Effects by cyber-attacks not fully considered in the
design rules of an existing power grid or nuclear
facility
x x
5 Introduction of new highly interconnected
technologies
and services.
x x
6 Outsourcing of infrastructures and services. x x x
7 Integrity of components used in energy systems. x x x
8 Increased interdependency among market players. x
9 Availability of resources and their competences. x x x x
10 Constraints imposed by cyber security measures in
contrast to real-time/availability requirements.
x x x
Cybersecurity Approaches
14. Present Coverage In European Union
Regulation
14
Strategy and Legislation
Strategy papers
• EU Cyber Security Strategy
• Digital Single Market Strategy
• 50 national cyber security strategies
Legislation with
focus on cyber
security for critical
infrastructure
providers
• Network and Information Security (NIS)
Directive
• European Programme for Critical
Infrastructure Protection (EPCIP) Directive
• Contractual Public-Private Partnership
Legislation with
focus on security of
supply
• Security of Supply (SoS) Directive
• Security of Gas Supply Regulation
Legislation with focus
on data protection
and privacy
• General Data Protection Regulation (GDPR)
• Data Protection Impact Assessment
(DPIA) Template
Cybersecurity Approaches
15. Strategic Priorities (European perspective)
15
Strategic Priorities Strategic Areas Areas of Actions
I
Set-up an effective
threat and risk
management
system
European threat and risk landscape and
treatment
1. Identification of provider of essential
services for the energy sector at EUlevel.
2. Risk analysis and treatment.
3. Framework of rules for a
regional cooperation.
4. EU framework for vulnerabilities disclosure
for the energy sector.
Identification of provider of essential services
Best practice and information exchange
Forster international collaboration
II
Set-up an effective
cyber defence
framework
Cyber response framework 5. Define and implement cyber
response framework and
coordination.
6. Implement and strengthen the regional
cooperation for emergency handling
Crisis management
III
Continuously
improve cyber
resilience
European cyber security maturity framework
7. Establish a European cyber security
maturity framework for energy.
8. Establish a cPPP for supply chain integrity
9. Foster European and
international collaboration
Supply chain integrity framework for
components
Best practice and information exchange
Awareness campaign from top level EU
institutions
IV
Build-up the
required capacity
and competences
Capacity & competence build-up 10. Capacity and competence build-up.
Cybersecurity Approaches
16. Core European documents under review in
2017-2018
• EU Cyber Security Strategy is under review
• German EU Strategy and others were
reviewed in 2016
• Others strategies expected as a result of the
NIS (Network and Information Security)
Directive
16
Cybersecurity Approaches
17. Best Practices
• No comprehensive best practices, but:
– Big TSOs and DSOs are already applying existing standards
that may be helpful (e.g. ISO 27000 Series and NERC CIP)
– BSI is a reference in Germany (https://www.bsi.bund.de)
– ANSSI (The French CIIP Framework -
https://www.ssi.gouv.fr/en/cybersecurity-in-france/ciip-in-
france/) in France with two different approaches
– ENISA is working hard at EU Level with a number of
publications every year: most of them provide
recommendations and analysis at EU Level, and are
complemented by the work done by DG ENERGY and DG
JRC of the European Commission.
17
Cybersecurity Approaches
18. Case Study 1 – Advanced Metering Infrastructure
Background
The Advanced Metering Infrastructure (AMI) is now being rapidly deployed throughout
the power grid, and is an enabling technology for smart grid. Identifying the attack
surface is a necessary step in achieving cyber security in smart grids and AMI.
Source: https://arxiv.org/ftp/arxiv/papers/1607/1607.04811.pdf
Case Studies
An attacker may target an AMI in several ways, which may result in several/different
risks for the operator involved.
Main potential objectives for such an attack:
• Intelligence gathering;
• Infecting the target AMI systems;
• AMI exploitation (use for profit);
• AMI exfiltration (transfer of data);
• Maintaining control on this capability on short, medium, long run.
Needed definition: cyber attack surface can be defined by the methods an environment
or a system can be attacked by an adversary to introduce or retrieve data from that
environment or system.
Analysis
18
19. Case Study 1 – Advanced Metering Infrastructure
(continued)
Analysis
Surface is composed of:
Smart Meters
IR Port
Internal Link
Firmware
Micro Controller
Radio
AMI Information and Communication Network
Smart Meter Data Collector – SMDCs
Similar to Smart Meters
AMI-Head End
Interface with the Utility Infrastructure
Outage Management Systems (Restoration capability)
Energy Management System (Dispatch and monitoring)
Master Data Management Systems
Corporate WAN
Protocols and Software
Weak Encryption keys
Smart Energy Profile 2.0
KillerBee to hack AMI
Many attacks possible on 3G/4G/LTE
Case Studies
19
20. Possible Counter-measures
• Create closed and proprietary security solutions;
• Use Open Standards and architect things in a way that “red points” will be green (or
removed from the list);
• Interim measure is to analyse existing devices, to identify the surface, and to
mitigate the risks.
Global Smart Grid Federation’s Smart Meter Security Survey, August 2016
http://www.globalsmartgridfederation.org/wp-content/uploads/2016/08/smart_meter_security_survey.pdf
http://ics.sans.org/media/IT-OT-Convergence-NexDefense-Whitepaper.pdf
Cyber Attack Surface Analysis of Advanced Metering Infrastructure
AMI Surface https://arxiv.org/ftp/arxiv/papers/1607/1607.04811.pdf
https://www.sans.org/reading-room/whitepapers/forensics/forensic-analysis-industrial-control-systems-
36277
Proof-of-concept ransomware locks up the PLCs that control power plants
http://www.cap.gatech.edu/plcransomware.pdf
Case Studies
20
Case Study 1 – Advanced Metering Infrastructure
(continued)
21. Case Study 2 – Process and Tool Adoption- toward
a secure and resilient power distribution grid
Background
The tight interaction of the control applications with communication networks and
physical components, such as sensors and actuators in a complex cyber-physical system,
is of paramount importance in order to assure that the system can be introduced in a
working environment and can provide the certain level in respect to new risks deriving
from new components tools and processes.
In this respect more work has to be done to establish, well before the adoption, how
“secure” is a system in respect to the already existing and established operations, and if
a change in operations can impact the security of the system.
Source: http://ieeexplore.ieee.org/document/7778800/
Case Studies
21
22. Case Study 2 – Process and Tool Adoption- toward
a secure and resilient power distribution grid (continued)
Analysis
In the DERs, local controls are capable to keep grid voltage in a certain range. Additional central
controllers may implement high-level objectives such as loss minimization or minimum generator
shedding.
While most of the systems are robust enough to overcome issues such as a weak communication
channel, there is no assurance of non vulnerability to cyber-attacks.
In this context we have to consider that technical protection measures can be of two kinds:
• ICT Security Measures (e.g. Firewall, IDP, Authentication)
• System/control-theoretic measures (e.g. model-based attack/fault detection and isolation, robust
control strategies that maintain closed-loop stability and performance guarantees)
Several recommendations are already in place.
Attacks spans Data Integrity, DoS (Denial of Service), Delay Attacks.
Findings
• A workbench to assure and test that all possible technical measures are taken into
consideration is still needed, but a comprehensive tool is not available.
• This must be part of the tasks of a control engineer when developing similar
systems, who needs to apply a more holistic approach to the engineering phase of
similar tools.
Case Studies
22
23. Case Study 2 – Process and Tool Adoption- toward
a secure and resilient power distribution grid (continued)
Counter-measures
• Security by design is the first advice.
• ICT Measures and control theoretic protection measures have to work together to
properly address risks which may be hidden to a preliminary analysis.
• Should be a “mantra” for the procurement of new equipment.
• Same analysis must be performed when an interconnected ICT or control
theoretic protection measure is affected by any change.
Case Studies
23
24. Case Study 3 – Ransomware / Wipers for
Industrial Control Systems
Background
Georgia Institute of Technology released an academic paper on use of a cross-vendor
Ransomware worm working on Programmable Logic Controllers (PLCs).
Due to a weak authentication, attacker is capable to lock out an administrator, installing
a logical bomb.
Conficker and Stuxnet used MS08-067. It is not impossible that a virus for ICS will use
MS17-010 as WannaCry/WannaCrypt did. In this case we may face safety/critical
shutdown, or worse.
“US-CERT released the following documents that contain in-depth technical analysis on
the Petya malware, as well as indicators of compromise and additional
recommendations for mitigation….. The following product vendors have proactively
issued notifications with recommendations for users regarding the Petya ransomware
(ICS-CERT will update the list of vendors that have released customer notifications as
additional information becomes available):”
Source: http://www.cap.gatech.edu/plcransomware.pdf
http://iiot-world.com/cybersecurity/the-impact-of-wannacry-on-industrial-control-systems-ics/
https://ics-cert.us-cert.gov/alerts/ICS-ALERT-17-181-01C
Case Studies
24
25. Case Study 3 – Ransomware / Wipers for
Industrial Control Systems (continued)
Analysis
Ransomware (including WannaCry used in 2017) is a typical extortion crime on a
company, instead on a (more common) population of potential targets.
• To implement a similar attack in practice, you will need still to use a “Trojan horse”
to inject the Ransomware.
• The Georgia Institute of Technology paper describes the side effects: profit, which in
normal circumstances would be Population*Value-Cost, in this case will be difficult
to estimate. In Smart Grids, where data are imperative to continue business, the
damage may be huge, and the restoration may be difficult if not properly addressed
in existing procedure at any level of the company.
• Collateral damages may include downtime, Equipment Health, Human Safety.
• The negotiation phase may be particularly lengthy as the financial values may be
extremely high and the legal consequences may be extremely severe for the
company, in case it would be found guilty.
On NotPetya (used in 2017) there were several abilities put in a single worm, that can
shut down operating systems, and “wipe” away information in data bases.
Case Studies
25
26. Case Study 3 – Ransomware / Wipers for
Industrial Control Systems (continued)
Counter-measures
• End-point security
• Network security (including backups of all configurations)
• Adoption of proper policies, including software updates
• Proper selection and management of contractors, and proper hand-over if your ITs
and OTs are managed by a Third Party
• Safeguards to protect information assets related to IT and OT equipment
• Strict control on change management and supply chain
• Isolate or protect vulnerable embedded systems that cannot be patched from
potential network exploitation
• Locate control system networks and devices behind firewalls, and isolate them from
the business network
• Engagement with regional / national defence agencies
Case Studies
26
27. Cybersecurity Professionals
Basic Skills
• Sound knowledge of IT and OT;
• In depth knowledge of the Security Domains (including physical security);
• Being able to analyse emerging threats in complex and interconnected infrastructures with limited
or partial inputs, and without being able to stop operations;
• Both high level and low level knowledge (processes and protocols).
Possible certifications
• Several in the field of cyber security (e.g. CISSP, CEH, others at different levels);
• Smart Grid Maturity Model Navigator is example of a good start for specific field related
certifications (http://www.sei.cmu.edu/training/P109.cfm)
Advantages of certification
• Baseline on knowledge for network operators recognised and accepted by all;
• Trust among operators and their own staff;
• As in aviation, rules in case of crises are known and common to all the community;
• Staff can be recognised as part of a community system.
For the future
If we certify equipment which can operate on smart grids, why not to certify people?
A schema has to be developed. To make fast progress, there is a need for:
o Training
o Awareness campaigns in the sector
o Extensive cooperation to identify core skills and methods
Professionals
27
28. Regulatory and Legal Constraints in European Union
Smart Grids may be based on Best Available Techniques and
BREF (BAT Reference Document); This is very much depending
on the regulation; Right now it is just a reccomendation
Nation States, such as Germany and France, have very stringent
requirements (Catalogue of IT security requirements under
section 11(1a) of the Energy Act)
Regulatory Constraints
Electricity and gas network operators are required to implement a minimum level
of IT security. The core requirement is the establishment of an information
security management system (ISMS) with certification to DIN ISO/IEC 27001 by
31 January 2018.
https://www.bundesnetzagentur.de/EN/Areas/Energy/Companies/SecurityOfSup
ply/ITSecurity/ITSecurity_node.html
28
29. Regulatory and Legal Constraints in European Union
(continued)
GDPR will be applicable as from 25 May 2018 – It is already
having an impact on Smart Grid decisions (e.g. Time of retrieval
of the information from Smart Meters)
There is a general need to coordinate National Efforts and
European Efforts
When dealing with Standards, International efforts are needed
to make sure that standards and/or local legislations will not
collide, jeopardising the efforts of the communities producing
standards and of the international communities regulating the
cyberspace (having a standard which issues technical rules but
doesn’t take into consideration GDPR or NIS Directive may be
counterproductive)
29
Regulatory Constraints
30. Regulatory and Legal Constraints in United States
Regulatory and legal constraints of architecting smart
grids in a secure way
Bulk Electric System at a Federal level (1) vs. distribution
controlled by U.S. States/Territories (56)
30
Regulatory Constraints
31. Measures of Success for Cybersecurity for Smart
Grids
Smart Grids that are secure, reliable and protect
customer data and information require:
Engagement with National and International Authorities that
can play an important role in regulating, enforcing, monitoring
and protecting the grids from emerging risks.
Effective response plans to recover from cyber incidents or
attacks are completed and understood
Measures of Success
31
32. Conclusions
• Smart Grids will grow in size and achieve higher levels of efficiency through
the adoption of new intelligent devices (including Internet of Things, and use of
the Cloud)
• Cyber threats will continue
• Technical risk management work has to be done
– Efficient methods and processes needed to speed up the mitigation of all
cybersecurity challenges, using appropriate standards and best practices, using an
iterative approach to improvement
– Understand the issues and the full risk landscape (use Computer Security Incident
Response Teams and the implementation of European NIS Directive)
– Operators should think about Maturity Models to evaluate the status of their
cybersecurity preparedness.
• Cooperation needed between institutional, regulatory, research, and market
actors—both nationally and internationally
– Report when things do not work as expected
• Cybersecurity for energy is an essential investment for the future of our civil
society
– Cybersecurity for energy has to be addressed in the short, medium, and long term
– We have a chance to mitigate risks through the adoption of proper actions
Security is your responsibility 32
33. Questions & Comments
Contacts:
Cyril Draffin
Email: draffin@alum.mit.edu
Stefano Bracco
Email: Stefano.BRACCO@acer.europa.eu
David Batz
Email: dbatz@eei.org
Cyril W. Draffin, Jr.
MIT Energy Initiative, E19-307
77 Massachusetts Avenue
Cambridge, Massachusetts, 02139-4307, USA
Stefano Bracco
Agency for the Cooperation of Energy Regulators
Trg Republike, 3 - TR3 12/20
SI-1000 – Ljubljana, Slovenia
David Batz
Edison Electric Institute
701 Pennsylvania Avenue, NW
Washington, DC , 20004-2696, USA
ISGAN Academy coordination:
Institute for Research in Technology
Comillas Pontifical University
Santa Cruz de Marcenado 26
28015 Madrid, Spain
International Energy Agency’s (IEA) International Smart Grid Action
Network (ISGAN) Academy – 2nd Cybersecurity Webinar
Cybersecurity for Smart Grids: Technical Approaches to
Improve Cybersecurity
33
34. 34
This recorded cybersecurity webinar and previous webinars are available at ISGAN Academy platform:
http://www.leonardo-energy.org/resources/1070/isgan-academy-58ec8d2e7b9b0
ISGAN Academy Webinars
• Jeju Island Smart Grid Project (in Korea)
• Reference Network Models (tools for large scale distribution
network planning)
• TSO Reliability Management: a probabilistic approach for better
balance between reliability & costs (GARPUR project, Europe)
• Integration of RES in power systems: transmission networks
issues (Renewable Energy Sources)
• Cybersecurity for Smart Grids: Vulnerabilities and Strategies
to Provide Cybersecurity
(1st Cybersecurity Webinar; 28 June 2017)