Block ip Trap

The Pitfalls of Modernization

15 Mar 2020

By Michael Bennett

Over the next decade there will be millions of new points of presence on the national power grid. Each one of those make our grid smarter, more resilient, and cleaner. However, each one also represents a real and present danger to the nation’s Power Grid.

Short term actions on the part of Grid Operators (Utilities) will be essential for preparation to accept over 330 Gigawatts of electricity from new renewable power sources expected by the end of the decade. That’s a 1000 percent increase on current domestic renewable capacity.  Moreover, grid operators will need to accept and blend: legacy fossil fuels, (including natural gas), nuclear, utility scale solar, microgrid renewable resources, and (of course) storage for consistent power delivery. This herculean effort will require precise management down to the Kilowatt minute. Hospitals, emergency services, and more than a dozen other critical environments count on consistent power to fulfill their mission. In order to ensure this delivery, operators will be required to add millions of new smart connections to the grid.   

To accommodate this emersion - while securing the millions of potential grid exploitation points - grid operators, independent producers, and regulators will be obligated to do two things:

  1. Better define the potential threats that develop due to this expansion.
  2. Work to develop a coordinated plan to mitigate them.

Historic NERC classifications for potential points of exploitation were simple and condensed: Low, Medium, and High impact. For a transmission asset to even be considered one of these, it must first meet a size requirement, which is 70 MW. To clarify, there are many more assets below 70 than there are above. In today’s world of nefarious actors and the explosion of IoT, is there any doubt that any connection to the national power grid is a potential target? Well-kept firewalls and the hundreds and thousands of miles sitting between generation assets and the larger grid may seem like insulation, but in today’s IoT environment, they may be more of a peril to our national security. Recognizing the substantial threats of a modernized grid is the first step in overcoming them.  

My intention is not to advocate applying additional security measures on all assets; I work with regulated and non-regulated entities. Many of these, including the regulated utilities, are doing just fine with assets above 70 MW. Unfortunately, many are not. We need to use better technology across the board, regardless of the asset size. Why build a 500 MW renewable source, and secure it using technology that was invented centuries ago? 

NERC has created a concept to guide operators in securing those assets that fall under the size parameters, without encroaching on the “How” to achieve this goal. This is a time-tested model of private public partnership. Regulated utilities have not only embraced this plan, but have employed the necessary technology to ensure they are meeting it fully, and only allowing credentialed access.

Detect, Delay, Deter. The spirit of NERC CIP physical security can be achieved using basic security elements - fencing, lighting, and dead bolt locks.  


A basic alarm or lighting system can be used for this, but if I know how to bypass one of these, I’m betting the bad guys can, too.


A fence and lock work, but does anyone think that we should be securing the US Power Grid with technology that was invented during the Lincoln administration?


Lighting does a fantastic job of scaring off most predators. Knowing that you’ll be caught on video is even better.    

Audit trails

While using a notepad on the inside of a substation control room might provide you with access documentation, how do you know it’s not erroneous or, worse yet, fabricated by an inside threat?     

Without a doubt, we are in dire need of an update to the current substandard and antiquated methodologies used to secure assets. All substations, regardless of size, should have basic access control technology and minimal video footprint to ensure the security of their IT assets.  More importantly, we must keep the bad players away from the Grid, and strictly limit access only to those eminently qualified and credentialed.

You wouldn’t ask the Wright Brothers to protect our airspace, why ask Lincoln to protect the Grid?


Michael Bennett is Vice President of Critical Infrastructure Protection with AISG, a low voltage IT company engaged in all facets of physical security, structured cabling, and fiber operations. His work with Homeland Security, utilities, and independent producers has led to the absolute security of over 6 GW of production over the last decade. 


Author: Michael Bennett
Volume: 2020 March/April