Introduction

Power Generation, Transmission, and Use

Markets, Regulation, and Oversight

Impacts of Power Generation and Transmission

Looking Ahead

Appendices

CEIR Report Map

PPRP Home

Maryland Power Plants and the Environment (CEIR-18)

5.5.3 Smart Grid and Cybersecurity

Smart grid proponents believe that electric infrastructure will evolve over the next few decades into a highly automated and interconnected network similar to the internet. The smart grid involves a network of two-way communications connecting electric meters and “smart” devices containing microprocessor or computer technology to transformers and centralized electric grid operations centers. This two-way communication enables grid operators to better respond to moment-to-moment variations in the electric system through real-time balancing of generation and electric delivery. The desire to make the grid smarter, safer, more reliable, and more cost-effective is driving the growth of smart grid technologies in the U.S. The smart grid of the future will be largely automated and self-correcting, efficiently balancing the needs of energy suppliers and users, and largely self-balancing to ensure reliability in real-time.

Advanced Metering Infrastructure (AMI) Initiatives

At the heart of a “smarter” electric grid lies the deployment of advanced technology at end-user locations. On the metering and communications front, these technologies are referred to as Advanced Metering Infrastructure, or “AMI.” AMI has multiple benefits:  utilities can “see” electrical outages based on clusters of unresponsive meters, costs for all parties are lowered as meters indicate (either directly or implicitly) the need for maintenance, and the meters themselves can be read remotely via wireless communications. However, the greatest potential benefit from AMI deployment comes from the new rate structures they enable. AMI provides the necessary technology for the dissemination of high-resolution (≤ 1 hour) prices to customers, who can then make decisions to curtail or defer electricity usage based on the prices and their personal preferences. These dynamic rates are expected to lower energy and capacity prices as customers shift energy use away from typical peaks to save money.

As of this writing, BGE, DPL, and Pepco have completed the installation of AMI meters in their respective service territories, and SMECO is in the process of implementing AMI. For customers who wish to opt-out of receiving the AMI meter, the PSC has established opt-out fees that vary by service territory. Until the AMI projects are proven cost-effective, each utility must defer incremental costs related to AMI in a regulatory asset. In November 2015, BGE filed a rate case in which it requested to transition the regulatory asset into base rates. In total, the BGE AMI project cost approximately $502 million, with $158 million of that cost offset by a DOE grant for smart meter deployment. BGE stated that its AMI project, which included dynamic pricing, would save customers $2.50 for every dollar invested. The savings comes from operational benefits, such as fewer truck rolls and market benefits from dynamic pricing events (see Section 5.1.2 for more information on dynamic pricing programs). DPL, Pepco, and SMECO have not filed to include AMI costs in rate base. At this time, PE has not filed plans to install AMI meters.

Elsewhere in PJM, the Commonwealth of Pennsylvania has mandated the full deployment of smart meters in all major utility footprints by 2025.

Smart Grid Integration

AMI and smart grid are often used synonymously. However, while AMI is a necessary precondition for the realization of full smart grid benefits, the concept of smart grid extends far beyond remote and dynamic meter communications. A smart grid integrates advanced technologies and communication by consumer-based resources, distribution companies, and transmission systems (see Figure 5-20). Better integration of these traditional elements of the electrical system may one day serve to reduce utility and power plant operations and maintenance and capital costs by improving load factors, lowering system losses, and improving outage management performance.

On the consumer side, the smart grid will provide information, control, and options that enable consumers to engage in new energy markets and allow for better home energy management. For example, intelligent control systems reading temperatures, weather forecasts, and real-time power system statistics, coupled with a high degree of automation for end-user electrical control (e.g., price-responsive thermostats, water heaters, lighting), can dynamically match customer price points with electrical system needs.

Figure 5-20 Smart Grid Integration

Figure 5-21 Graphic of smart grid with different connections

Cybersecurity

The increasingly digital and interconnected nature of the nation’s electrical grid exposes these crucial systems to the threat of infiltration and attack. Addressing cybersecurity is critical to enhancing the security and reliability of the nation’s electric grid. A resilient electric grid is a complex and critical component of the nation’s infrastructure that is required in order to deliver essential services.

For the past several decades, a significant portion of generation dispatch has become automated or been outfitted for remote control using Supervisory Control and Data Acquisition (SCADA) systems. Through the SCADA infrastructure, system operators communicate instructions from a central control facility to the generating units via automated generator control (AGC). Owing to this level of automation, the grid has always faced some threat from cyber-attacks. In particular, the protection of nuclear plants and large hydroelectric dams, and the potential large-scale consequences of their sabotage, has always been one of the key cornerstones of generating system infrastructure protection. However, the extension of grid intelligence beyond SCADA and AGC to the more robust network and ultimately more distributed smart grid increases these risks.

In February 2013, President Obama issued an Executive Order on “Improving Critical Infrastructure Cybersecurity’” in response to failed attempts at passing federal cybersecurity legislation in Congress. The Executive Order encourages information sharing between the federal government and private industry and puts voluntary cybersecurity standards in place for critical infrastructure. Two years later, the President issued an Executive Order on “Promoting Private Sector Cybersecurity Information Sharing” in an effort to allow private companies and the federal government to work together when responding to threats. Further strengthening those two efforts, in February 2016, the President directed his administration to implement a Cybersecurity National Action Plan (CNAP) to enhance cybersecurity awareness and projections through near-term actions and long-term strategy. The CNAP will benefit grid security through the establishment of a National Center for Cybersecurity Resilience, in which companies and sector-wide organizations can test system securities, such as replicating a cyber-attack on the electric grid.

Over the last several years, the FERC has adopted cybersecurity standards under the Critical Infrastructure Protection (CIP) standards. In early 2016, FERC Order 822 revised seven of NERC’s CIP standards. In addition, it requires the NERC to develop modifications to: (1) protect transient electronic devices used at low-impact bulk electric system cyber systems; (2) protect communication network components between control centers; and (3) refine the definition for low-impact external routable connectivity.

In addition to these legislative and regulatory activities, most observers recognize that grid operators and equipment manufacturers play a pivotal role in making systems less vulnerable by adopting good security practices and building security into their products and systems. This topic will continue to be relevant to electricity reliability in Maryland and nationwide as smart grid technology is adopted throughout the nation.

The PSC recognized the risks associated with AMI meters, stating that “as our distribution systems become more automated, and private customer data is increasingly being used in electronic format, we are keenly aware of the risks and rewards related to smart meter infrastructure build-out in Maryland.” The PSC approved BGE’s, DPL’s, and Pepco’s respective Cybersecurity Plans filed in October 2012. In addition, the PSC approved a Cyber-security Reporting Plan, which establishes the protocols for reporting incidents and providing annual updates to the PSC and other parties, such as the Governor’s office and the MEA. Additionally, the three utilities fund the PSC’s access to a cyber-security consulting firm which serves at the discretion of the PSC. The firm provides independent advice to the PSC regarding the process and sufficiency of the AMI-related cyber-security.

PSC Commission Order No. 85680.