Amidincreasing concern about the vulnerability of the U.S. electric grid, theproliferation of customer-sited power systems such as rooftop solar panels iscreating new tools for enhancing security while at the same time openingcountless potential access points for cyberattacks, experts say.
The Wall Street Journal has reportedextensivelyon recent physical attacks on utility infrastructure. In one case, snipers tookdown 17 transformers that feed power to Silicon Valley. In light of suchthreats, the U.S. military, among others, has been investing in renewables anddistributed generation as a way to enhance energy security.
However,higher penetration of distributed generation is not without risks. A securitybreach on a customer-sited energy system "could have a dramatic impact"on the grid, Paul DeKleermaeker, head of the U.S. solutions team for FroniusUSA LLC, an energy technology company, said July 13 at the Intersolar NorthAmerica conference in San Francisco.
"[We]believe that security has to be an industry issue," DeKleermaeker said. "Weneed to come with standards that are [written] by the industry. It shouldn't bemanufacturer-based, and it shouldn't be just grid-operator based. We believethat multiple stakeholders need to work together, and it's a very, very realconcern."
Inits latest annual report, EdisonInternational warned that the installationof smart meters creates security risks for its utility subsidiarySouthern California Edison Co."This technology may represent a new route forattacks on [Southern California Edison's] information systems," the parentcompany wrote.
The U.S. Department of Energy on July 12 it will provide up to $15 millionto support efforts by the American Public Power Association and the NationalRural Electric Cooperative Association to bolster members' cyber and physicalsecurity.
"Security is a really important function for the utilities,"said Nangy Gul, sales director for energy technology company Itron. "Theyhave, literally, departments … just assigned to make sure every piece ofequipment they deploy on the network" has built-in security as part of itscommunication functions.
"Froma solar company standpoint, I have not heard any solar companies that are …concerned, but whatever we deploy on the solar side today and in the future, itautomatically comes with those security features built into it," Gul said,"because that's the same product that we're deploying in the utility"space.
Aspokeswoman for residential solar installer Sunrun Inc. said the company is not involved incybersecurity issues "on the broader grid front." , another rooftopdeveloper, did not immediately respond to a request for comment on July 13.
NeilMaguire, chief executive of energy storage company Adara Power, said the riskof a cyberattack on the systems his company deploys, which encrypt data usingvirtual private networks, is minimal. "I'm not saying we could never gethacked, but even if we get hacked there's no direct line into a utility,"he said on the sidelines of the Intersolar conference.