Smart grids at risk

In the past, power grids were controlled according to known patterns: both consumption and production patterns were well known, and additional capacity was added when power demand increased. This worked well - in Austria, there were de facto no major disruptions to the power supply and no blackouts for decades.

Since more and more electricity from renewable energy sources has been fed into the grids, this has changed completely: The wind blows when it wants to, and the output of solar power systems only very rarely coincides with electricity consumption peaks. In order to ensure that there is always enough electricity and that the power grids are not overloaded, they need to be controlled much better and more finely. This is what so-called "smart grids" are supposed to do. Many sensors in the network, such as smart meters at consumers' homes, constantly supply data on the status of the networks (voltage, frequency, etc.). This data is collected in the control centers, analyzed and used to control the networks. Depending on the supply and consumption situation, plants or storage facilities are switched on or off at short notice, as are consumers - if possible ("demand management"). 

While this allows the power grids to absorb more renewable energy and still remain reliable, it is not the only way to do so. But the many new interfaces between the physical world (power plants, power grid) and the virtual world (digital systems) also bring new challenges: smart grids, for example, can become the target of cyberattacks. "A cyberattack has the potential to disrupt the supply over a large area," explains Paul Smith, a researcher at the Center for Digital Safety & Security at the AIT Austrian Institute of Technology.

One answer to this threat is the principle of "security by design". Today's all-encompassing networked and complex systems must be planned securely and reliably from the outset - as already in the conception phase - and built based on this. To do this, one examines what threats exist, how likely they are, and what effects they have. Once the risks are understood, the system is designed on the basis of existing guidelines and regulations. In Austria, an architecture for secure smart grids has been developed in recent years in the RASSA initiative (Reference Architecture for Smart Grids in Austria). This is intended to provide a smaller attack surface for targeted cyberattacks.

But that alone is not enough. Because systems are constantly changing during operation, and this results in new attack surfaces all the time. Ergo: "You have to be able to recognize an attack and react accordingly," says Smith. To do this, the entire system is constantly monitored by sensors - the data traffic in the network as well as the system behavior and the physical processes. "So-called intrusion detection systems are designed to detect when something unusual is happening," Smith explains. 

The challenge with this anomaly detection is that while you don't want to miss relevant events, you also want to prevent too many false alarms. To optimize the system, the relationships between the different detection systems are modeled and the relationships between events in the physical domain and events in the cyber domain are analyzed in detail. In this way, the intrusion detection systems learn how the overall system normally behaves and can distinguish between random commonalities and causal relationships. If a process deviates from the usual dynamics, an alarm is sent to the system administrator. And then everything has to happen very quickly: As soon as the system reports an anomaly, one must immediately start looking for the cause in order to be able to make the right decisions quickly. Otherwise, in the worst case, there is a risk of a "blackout".