SmartGrid Implications of Cloud Computing New Technology in the - PowerPoint PPT Presentation

1 SmartGrid Implications of Cloud Computing New Technology in the Utility Environment

PG&E Territory Characteristics • 70,000 square miles of diverse topography • Approximately 20,000 employees • Energy Services to approximately 15 million people • Over 9 million SmartMeters (Electric & Gas) • 1,008,186 Transformers • 6,833 MW of Generation • 18,616 miles of electric transmission circuits • 120,000 miles of electric distribution circuits • Regulated by the California Public Utilities Commission (CPUC) 2

The Cloud – Data at Rest Utility Application Landscape Hosted off site today • SmartMeter Systems • Demand Response CAISO Electric Head End System Meter Data Management Hosted Gas Head End Vendor Hosted Customer PG&E Data Center 3

Security – Risk Management PG&E utilizes the following five information classifications: • PG&E Public Anything produced for public review and available to anyone inside or outside the company. This includes materials such as press releases, advertisements, or bill inserts. • PG&E Internal Information intended primarily for use within PG&E, such as organization charts, personnel numbers, and company email messages. Distribution should be limited based on business need to know, and access controls are required. • PG&E Confidential Information such as trade secrets, customer or employee information, and passwords that should be shared solely on a business need to know basis. PG&E Confidential data must be encrypted for storage and transmission if electronic and, if printed, protected through controlled physical access, such as a locked filing cabinet. • PG&E Restricted or PG&E Privileged (Law only) Information such as Social Security Numbers, undisclosed financial information, and protected health information should be shared solely on a business need to know basis. Data must be for storage and transmission encrypted if electronic and, if printed, protected through controlled physical access. Note that PG&E Privileged is only used by Law. 4

Networks - Critical Infrastructure ODN (air-gapped secure network) - SCADA UDN – Traditional IT MPLS – Physical Isolation and Connectivity Operational Data Utility Data Network Network Multiprotocol Label Switching – Packet Level Network Path 5

Volt / VAR on the test network Test Network Set Voltage 1 Set Voltage 2 Negotiating Network LabView Interface Set Voltage 3 Access in the test UPS #1 LabView Driver environment is Meter Farm not trivial LabView Driver TCP/IP Access UIQ System Point Node Simulator 4.1 Read Voltage UDN ODN Remote Access Firewall Line CVR Software Load Tap Capacitor Line Changer Regulator Adjust Voltage 6

Security is Physical Control of assets is critical to our business: • June 4 th , 2013 San Jose Mercury News In the early-morning hours of April 16, someone opened fire at the utility's substation on Metcalf Road near Highway 101. The gunshots damaged five transformers and caused cooling oil to leak from a transformer bank, and the damage prompted state regulators to urge electricity conservation in the ensuing days. AT&T phone service in the area was also affected. 7

Safety and Reliability SmartMeter™ The Cloud Performance Statistics Interval data supplied from SmartMeter™ systems for billing within 48 hours of expected delivery as a percentage of expected interval data. 8

9 Thank you Art Anderson arthur.anderson@pge.com

North American Electric Reliability Corporation Critical Infrastructure Protection (CIP) standards Version 5 now requires the following: • Encryption • Role-based instead of risk-based classifications • Multiple levels of compliance – Low, Medium and High Impact (in theory, a company could have 10 facilities of which six are low impact facilities, three are medium impact facilities, and one is a high impact facility) • New terminology (such as BES Cyber Asset) • All serial connections are to be considered • Multi-factor authentication requirements • Triggers are required to be defined for recovery plans • All software (COTS and custom) must be known • All security patches from the beginning of time on each device must be known 10