One thing is clear: Power networks are considered critical infrastructures. Their conversion to digital smart grids increases the security of supply, but also results in new flaws. Secure smart grids are feasible as long as essential measures are taken into account.
The electrical energy network in its traditional form has a strictly hierarchical structure: On one hand, there are central power plants that feed electricity into the power grid, while the various consumers are connected at the distribution network level. Electricity only flows in one direction here and the grids can be well controlled. However, these rigid structures reach their limits with the integration of peripheral producers such as solar or wind plants. Their fluctuating feeding quantities can affect the stability of the grid and require more control work.
On the other hand, intelligent electricity grids, referred to as smart grids, are able to react to these fluctuations in real time. Smart grids are based on digital technology and components that continuously exchange data. Smart grids thus enable the quick identification of power shortages, the connection of producers or the temporary storage of surplus power. Ideally, smart grids are more stable and reduce the need for grid expansion. Such an expansion would actually be urgently needed, to also integrate the increasing number of small photovoltaic generation units that feed electricity into the power grid, which was not originally intended for this purpose.
Smart grids represent the key to the electrification and decarbonisation of the energy supply. They are an essential part of the Energy Strategy 2050 of the Swiss Federal Office of Energy . However, as much as this grid structure increases the security of supply, digitalisation results in new weak points - for example, vulnerability to cyber attacks at various different levels.
The central component of a smart grid is the “Smart Meter Gateway”. This communication module connects the consumer’s home system with the local grids of the providers and the wide area networks. The “Smart Meter Gateway” encrypts the entire data and seals off the grid from each other like a firewall. For this reason, the “Smart Meter Gateway” must be protected against external cyber attacks as well as physical attacks. Falsifying data must be just as impossible as the unauthorised reading or theft of data. Weak points in the grid architecture or the software used increase the vulnerability. As smart grids are interoperable with different systems and technologies, this can open the door for manipulation. Denial-of-Service attacks, fraudulent access, infiltration with malware or open ports also pose significant security risks.
And, last but not least, it is also about data protection: Smart grids collect large amounts of data, including the personal data of consumers. Therefore, the protection of this data is a crucial security aspect.
Smart grids can in fact be operated securely, provided compliance with a few important prerequisites is ensured. These include:
- Grid segmentation: The grid should be split up into different segments including micro grids. This makes it possible to isolate affected sub-grids and prevent an attack from affecting the entire system.
- Authentication and authorisation: Only authorised persons have access to critical systems and data. Such access requires multi-level authentication and authorisation.
- Data encryption prevents sensitive data from being read and utilised. The data must be encrypted both during transmission and while being saved.
- Ongoing monitoring and analysis in real time identify attacks or abnormalities in the system. A quick response to suspicious activities and appropriate emergency procedures help to minimise damage.
- Testing for weak points with appropriate tools that help to strengthen the systems and all components.
- Training of staff to increase awareness of risks and ensure rapid responses.
- Regulations and legislation ensure that all protagonists use the same security standards.
Smart grids contribute significantly to maintaining the energy supply with peripheral producers and therefore clearly belong to critical infrastructures. A comprehensive security strategy that includes both physical and digital security measures is essential to ensure the reliability and security of smart grids.