The vulnerabilities of high-voltage transmission grids to cyberattacks and new operating stresses have overshadowed security risks at the other end of the power network — utilities’ distribution systems, according to researchers from MIT.

Microgrids, renewable power and demand-side power management, coupled with proliferating automated grid controls, offer increased efficiency but also spell greater exposure to serious trouble, said Saurabh Amin of MIT’s Department of Civil & Environmental Engineering. Amin is chief scientist for National Science Foundation-backed research on protecting critical infrastructure.

“Most prior work [on] grid failures is in the area of transmission system reliability. We are claiming that, thanks to newer developments on the distribution side, the security of distribution networks is also an important part of grid resilience,” Amin said.

In addition to its NSF support, the MIT team got a $50,000 grant this month from a new private foundation, the Siebel Energy Institute, founded by billionaire software entrepreneur Thomas Siebel. Launched with $10 million from Siebel, the nonprofit institute made the first in a planned series of grants to 24 research teams, including the MIT group. The institute seeks to employ advanced science and technology from researchers worldwide to manage the enormous flows of “big data” that will be generated from smart-grid sensors, meters and controls that are being deployed in power networks, Siebel said in an interview.

The two-track support from government and private-sector research for the MIT venture illustrates the urgency in the race to make the grid more secure and the potential commercial rewards for companies that wind up winners in the race. It is a priority area for the Department of Homeland Security and the Energy Department’s national laboratories (EnergyWire, July 13).

Siebel said the institute’s purpose is to move the entire starting line forward. The grant recipients “are developing core science as it relates to these topics,” Siebel said. “The resulting science will be available in the public domain.”

The institute strongly encourages grant recipients to offer their technology to all through royalty-free licensing, he added. “What I would hope to see is that in the next five years we have significantly moved the ball forward as a catalyst to drive … research projects that develop the analytical techniques that will be necessary for the operation of the smart grid,” he said.

The institute’s partners include researchers at MIT; Princeton University; University of California, Berkeley; Carnegie Mellon University; University of Illinois, Urbana-Champaign; University of Tokyo; Politecnico di Torino in Italy; and France’s École Polytechnique.

Motivated by blackouts

Siebel sold his automation software company, Siebel CRM Systems Inc., to Oracle Corp. in 2006 for nearly $6 billion and founded C3 Energy three years later. C3 focuses on managing smart-grid data flows in cloud computing environments, using machine-learning software that looks for cyber-intrusions or operating issues by “training” computers to flag out-of-the-ordinary patterns in operations. Siebel said that while the interests of the institute and the company are parallel, they are different kinds of organizations, one philanthropic and one commercial.

The MIT project, an example of the institute’s agenda, aims to create analytical models for controlling utility distribution networks that are threatened by malicious attacks or disruptions from distributed energy resources. The researchers will consider actual grid blackouts and simulated failure events to develop diagnostic software that will pinpoint parts of a power network that could cause the greatest damage or loss to equipment if they fail.

“We are of course motivated by the blackout events of the past decades,” Amin said. “But our motivation is also to move forward and prevent these situations from happening in the smart grid. We know we will have more solar energy deployment, more wind farms and other kinds of distributed energy resources.” These resources have unique vulnerabilities to potential attack by sophisticated cyber campaigns.

The range of vulnerabilities will expand, he said. An example can be a “dormant” form of attack that infects critical grid control systems and hibernates until the controls are needed in system emergencies. Then the malware may force the controls to malfunction. Safety monitors can be designed to predict and find such threats, and then automatic controls can be developed to prevent the malfunctions or limit their impacts, Amin said.

Siebel said the technology of predictive analytics is an example of an area for potential research breakthroughs. Today, grid operators typically wait until something breaks, and then they go fix it. New software systems will be able to examine operating conditions and see the tell-tale evidence of an approaching failure. “It’s an opportunity that is ripe for advancement,” he said.

“It is highly unlikely that there won’t be something out of this that no one anticipated,” Siebel said.