The Double Life of Microgrids: Eaton’s Solution to a Cybersecurity Problem

Share Button

When it comes to cybersecurity, microgrids live a dichotomy. They can block the ill effects of a hacked power grid. But they also can invite trouble.

microgrids

Eaton establishes cybersecurity collaboration with UL.  Image courtesy of Eaton.

Because of their ability to island from the grid, microgrids offer protections to their customers during an attack on the grid. If a hacker causes a grid outage, the microgrid can separate itself from the trouble and use its onsite distributed generators. It’s safe from the hack, and its customers continue to receive power while others are in the dark.

But here’s the problem. Unprotected, microgrids also can offer an entry way for malicious code and viruses to make their way into the grid. They are among the many pieces of the internet-of-things now attaching themselves to the grid (as are smart thermostats, solar panels, and electric vehicles). Security experts worry about these potential portals for bad actors.

So the more protected the microgrid, the better for all – microgrid customers and everybody else.

That’s one the reasons Eaton and UL are embarking on a new cybersecurity collaboration, announced today. Eaton, a power management company, and UL, a global safety science organization, are partnering on creating cybersecurity standards for power management products.

The idea is to make sure all of the components within a microgrid meet the same high standard for cybersecurity. Microgrids often have many pieces – generation, storage, switches, controllers – that come from various manufacturers. Each manufacturer may have a different view of what makes a device cyber secure, leaving the microgrid customer confused and concerned about the safety of the installation.

“In the absence of a standard, the customer is inherently dependent on the practices, processes and procedures that a manufacturer has in place,” said Michael Regelski, senior vice president and chief technology officer for Eaton’s electrical business.

Bringing UL to the table creates an independent, third-party authentication that offers “peace of mind” for microgrid customers, said Regelski, in an interview.

“Cybersecurity starts when you conceive the product. You have to be thinking about cybersecurity as a vulnerability,” he said. This approach “leads to designing things that are built with the right costs, with the right capabilities.”

Together, Eaton and UL are working on setting measurable cybersecurity criteria – not just for microgrids – but for all network-connected power management products and systems.

Learn more about microgrid cybersecurity at Microgrid 2018, May 7-9, Chicago

The standards come as worry about cyber attack expands. Once largely a concern of government, military and the financial services sector, it has now made its way into the businesses community. In fact, large manufacturers rank cyber attacks as one of their highest critical risk factors within annual 10-K filings, according to a 2016 BDO Manufacturing RiskFactor Report.

“We seek to help manufacturers, their customers and other stakeholders mitigate security risks through science-based assessment and evaluation,” said Ben Miller, president of the commercial and industrial business unit of UL. “Our collaboration with experts at Eaton is providing some of the crucial inputs to developing the technical expertise for new standards, and it’s helping advance UL’s efforts to protect our world’s critical infrastructure against ever-increasing cybersecurity threats.”

Eaton testing lab earns UL credential

Eaton also announced today that its cybersecurity research and testing facility in Pittsburgh has become the first lab approved to participate in UL’s Data Acceptance Program for cybersecurity. Available on a limited basis, the program aligns Eaton’s testing methodologies and data generation with the UL Cybersecurity Assurance Program for UL Standards 2900-1 and UL 2900-2-2.

In addition, Eaton’s Power Xpert Dashboard recently became the first power management product certified to the UL 2900-2-2 Standard for cybersecurity in industrial control systems. This user portal to Eaton’s switchgear enables customers to monitor, diagnose and control equipment from a location outside the arc flash boundary.

Track news about microgrids and cybersecurity by subscribing to the Microgrid Knowledge newsletter. It’s free.

Share Button

Sign up for our newsletter and get the latest microgrid news and analysis.
Elisa Wood About Elisa Wood

Elisa Wood is the chief editor of MicrogridKnowledge.com. She has been writing about energy for more than two decades for top industry publications. Her work also has been picked up by CNN, the New York Times, Reuters, the Wall Street Journal Online and the Washington Post.

Comments

  1. Hi Elisa,
    Do you have any insights as to how the Eaton/UL initiative dovetails with (or not) NIST’s cybersecurity framework? https://www.nist.gov/cyberframework
    thanks!
    michael

    • Elisa Wood Elisa Wood says:

      Hi Michael,
      Max Wandera, director of Eaton’s Cybersecurity Center of Excellence, offered the following answer to your question: Eaton’s collaboration with UL aligns well with the NIST’s cybersecurity Framework; our collaboration builds on the strength and processes that Eaton has developed to help drive cybersecurity in its product development and deployment strategies, leveraging the core functions of the NIST Framework of identify, Protect, Detect, Response and Recover. The UL2900 Standards provides a testable and measureable criteria that aligns with Eaton’s approach to cybersecurity and covers the key cybersecurity elements of the Framework.

Leave a Comment

*