Cyber-Security: the benefits of OpenADR
Energy Managers are increasingly looking at strategies to mitigate their cost and reliance on fossil fuels. Thankfully, many strategies can target both of these objectives. Automated Demand Response (ADR) is one such strategy. However, as with any digital-enabled projects, Energy managers will need to consider the cyber-security with the provision of services.
Cyber-attacks are now commonplace among big brands. However, it is a little-known fact that energy infrastructure has also been targeted for many years. The first known attack on a power grid took place in December 2015 in Ukraine, where hackers remotely accessed computer systems to switch off substations. As a result, 225,000 people lost power for several hours. This was a coordinated ‘ransomware’ attack. The pipeline’s operator authorised a ransom payment of $4.4mn in cryptocurrency to the hackers after the attack.
Cyber Security is an important component of the Smart Grid. End to end encryption of data is of paramount importance to Pearlstone and was a principal reason it developed the Virtual Integrated Building (ViB) technology from the ground up using OpenADR protocols.
The OpenADR Alliance, a consortium of industry leaders in the global energy space, created protocols for uniformed data transportation, as well as market leading certification policies that governs it all. In an OpenADR world, cyber-security works like this:
The OpenADR Alliance maintains its own Public Key Infrastructure (PKI). The PKI uses digital certificates on both the controlling server (VTN or Virtual Top Node) and client-side technology (VEN or Virtual End Node). These certificates act as digital keys to ensure that only dedicated clients and servers are able to communicate and data transmission is secure from interruption or attack. These certificates use the latest in RSA and ECC security algorithms.
An additional layer of security throughout this process is provided by outsourcing the role of Certificate Authority to an independent entity that operates and manages the PKI on behalf of the Alliance. Kyrio, manages the PKI and issues production certificates to ensure that OpenADR devices and systems meet the highest security, encryption and data integrity standards are embedded on each end point.
Today, cyber-attacks could come from anywhere. Similar to the Pipeline example above, hackers looking to extract a quick ransom, targeting critical energy infrastructure or electricity distribution systems would be an effective strategy. Businesses will be keen to resume as fast as possible so will likely pay. Pearlstone is the only UK ADR aggregator that is recognised and approved by National Grid, using OpenADR and its security protocols. Our customers can rest easy, knowing that data use and security have been considered thoroughly and fortified.