The group discussion focused on where opportunities exist to provide solutions to security challenges faced by Smart Utility Grids and Smart Metering with respect to emerging and expected future security threats. Threats discussed included both cyber and physical security threats and potential for technological threat mitigation and rapid recovery from attacks. These threats could be malicious or innocuous in origin but still have the potential for major impact up to and including ‘black out’.

Group members discussed how future applied research might include new forms of converged security technology, policies, standardisation, retrofitting and sun setting regimes for such technologies in an environment where components are expected to last up to 30 or 50 years.

Other opportunities and research drivers highlighted included the integration of dispersed generation sources, consolidation of utility providers (energy, water, gas), management of the ‘last mile’, the European target of 2022 for complete smart metering household coverage and the move from closed SCADA systems to those which are more integrated. Current firewall technology generally assumes an active regime of end point updating/patching which is not necessarily the case with smart meters and smart grid components.

The group recognised that there are many areas that should have a place on this applied research roadmap. Three of these practical steps are:

1. Smart Meter as a Platform

Solutions in the area of smart grids, smart metering and the protection of such technologies from cyber-attacks are in the first phase of uptake. Research needs to focus on the next generation of smart meters, the standardisation of such devices and platforms, authentication protocols, sensing technologies, Smart Meter as a Platform (SMaaP) and reverse integration with other devices and multiple utilities within the home and enterprise.

2. Intelligent smart grid protection

Breach of physical access security, especially theft, continues to be a major problem for utility companies in addition to emerging cyber threats. Smart grid protection requires further research into the mitigation of realistic threat scenarios, including the convergence of physical and cyber security, as well as the enablement of rapid recovery from network outages caused by malicious attacks. Research around intelligent surveillance systems and a different class of intrusion protection systems should also be taken forward.

3. Open SCADA

Opportunities exist to research threats enabled by a move from closed SCADA systems to those which are more integrated and open to access from less secure environments. Furthermore, research into SCADA attack vectors is required to ensure first, that the system can be recovered and second, that the attack surface is closed to prevent future attacks. When SCADA systems are taken down many utilities still depend on human intervention to physically man nodes. Research into autonomous recovery systems should be undertaken.

Key to the progression of this research roadmap is the commitment of all players; academic, solution providers and utilities, to participate in an open exchange of real world data and threat scenarios as well as granting access to testing facilities and proving grounds and technology to ensure the application and commercialisation of findings quickly and to the benefit of all.