Cyber Security for Federal Smart Grids

Brian P. Lenane

SRA International, Inc.

Fairfax, VA

8

8

ABSTRACT

Sustainability is the next significant trend to confront government agencies as evidenced by the world-wide focus on energy conservation and reducing green house gases. Recent environmental laws and legislation require agencies to address conservation in very specific ways.

Given this goal of sustainability, what strategies initiatives, and measures can be implemented? One answer is the adoption of a resource maturity model and implementation of a resource information system. Information and communication technology can be used to “see” resource consumption at a very detailed level. The Homeland Security Presidential Directive / HSPD-7 designated that energy and resources are part of the critical infrastructure of government which must be protected. Therefore, all resource data must be stored in a secure, central data warehouse with real-time secure interfaces to meters, sensors, utility companies and building automation systems. The resource maturity model and the resource information system together enable agencies to effectively utilize resource information to improve operational efficiencies, asset management, customer service, energy forecasting, regulatory compliance and sustainability.

The secure automation of resource management and a micro grid becomes an important method to ensure the protection, resilience and reliability of an agency’s critical energy infrastructure.

FEDERAL LAWS & REGULATIONS

There are several laws and executive orders directing federal agencies to achieve energy and water savings, to use smart grid technology and to ensure protection of critical infrastructure. While some of the legislation is redundant, it is summarized within this section.

There are several relevant sections of the Energy Policy Act of 2005.

Section 101 of EPACT 2005: Each Agency will reduce the energy consumption per gross square foot of the Federal buildings of the agency in fiscal years 2006 through 2015, as compared with the energy consumption per gross square foot of the Federal buildings of the agency in fiscal year 2003 …..” by the percentage specified in the following table:

‘‘Fiscal Year Percentage reduction

2006 ...... 2

2007 ...... 4

2008 ...... 6

2009 ...... 8

2010 ...... 10

2011 ...... 12

2012 ...... 14

2013 ...... 16

2014 ...... 18

2015 ...... 20” [i]

Section 103 of EPACT 2005: Federal Advanced Metering requirement “By October 1, 2012, ….Each agency shall use, to the maximum extent practicable, advanced meters or advanced metering devices that provide data at least daily and that measure at least hourly consumption of electricity in the Federal buildings of the agency.” [ii]

In addition, this section requires “each agency shall submit to the Secretary a plan describing how the agency will implement the requirements … including (A) how the agency will designate personnel primarily responsible for

achieving the requirements and (B) demonstration by the agency, complete with documentation, of any finding that advanced meters or advanced metering devices … are not practicable.’’[iii]

Section 203(a) of EPACT 2005: This section requires, in part, that the President, acting through the Secretary of Energy, shall seek to ensure that, to the extent economically feasible and technically practicable, of the total amount of electric energy the Federal government consumes during any fiscal year, the following amounts shall be renewable energy:

a) Not less than 3 percent in fiscal years 2007 through 2009

b) Not less than 5 percent in fiscal years 2010 through 2012

c) Not less than 7.5 percent in Fiscal Year 2013 and each fiscal year hereafter

The Energy Independence and Security Act of 2007 (EISA): The law requires improved energy efficiency in federal and commercial buildings. Federal agencies are required to reduce their energy consumption by 30 percent by 2015, thereby saving natural resources and taxpayer dollars. The new law also permanently authorizes Energy Savings Performance Contracts (ESPCs), an innovative financing tool for upgrading the energy efficiency of federal buildings. [iv]

EISA authorizes DOE to implement a new program, the Commercial Buildings Initiative (CBI), to be designed with input from an industry consortium. This program will combine research, development, and deployment activities designed to achieve the goal of making all new commercial buildings "zero energy" by the year 2030. Zero energy means that, on a net basis, the facility produces as much energy as it uses.

EISA, Section 434(b) amends Section 543(e)(1) of NECPA by inserting after the second sentence the following:

"Not later than October 1, 2016, each agency shall provide for equivalent metering of natural gas and steam, in accordance with guidelines established by the Secretary under paragraph (2). [v]

The Federal Energy Management Program (FEMP) provides specific guidelines and timelines for implementing advanced metering (smart grid) in Federal facilities. [vi]

Chapter 8 of the FEMP guidelines provides a template for agencies to use in developing their metering plans, and to be in compliance with the requirements of EPAct. [vii]

Executive Order 13423

Former President George W. Bush signed Executive Order 13243 on January 24, 2007. Executive Order 13243 revokes Executive Orders 13101 and 13148. E.O. 13423 requires Federal agencies to reduce energy intensity by 3% each year, leading to 30% by the end of fiscal year (FY) 2015 compared to an FY 2003 baseline. This goal was given the weight of lay when ratified by EISA 2007. [viii]

To comply with E.O. 13423, Federal agencies must ensure that at least half of all renewable energy required under EPAct 2005 comes from new renewable sources (developed after January 1, 1999).

To the maximum extent possible, renewable energy generation projects should be implemented on agency property for agency use. Agencies can also purchase renewable energy to help meet E.O. 13423 requirements.

E.O. 13423 requires federal agencies to use sustainable environmental practices when acquiring goods and services, including acquisition of biobased, environmentally preferable, energy-efficient, water-efficient, and recycled-content products.

Federal Leadership in Environmental, Energy, and Economic Performance

On October 5, 2009, President Obama signed Executive Order 13514 focused on Federal Leadership in Environmental, Energy, and Economic Performance. It sets sustainability goals for Federal agencies and focuses on making improvements in their environmental, energy and economic performance. The Executive Order requires Federal agencies to set a 2020 greenhouse gas emissions reduction target within 90 days; increase energy efficiency; reduce fleet petroleum consumption; conserve water; reduce waste; support sustainable communities; and leverage Federal purchasing power to promote environmentally-responsible products and technologies.

Executive Order 13514 also requires agencies to meet a number of energy, water, and waste reduction targets, including:

·  30% reduction in vehicle fleet petroleum use by 2020;

·  26% improvement in water efficiency by 2020;

·  50% recycling and waste diversion by 2015;

·  95% of all applicable contracts will meet sustainability requirements;

·  Implementation of the 2030 net-zero-energy building requirement;

·  Implementation of the stormwater provisions of the Energy Independence and Security Act of 2007, section 438; and

·  Development of guidance for sustainable Federal building locations in alignment with the Livability Principles put forward by the Department of Housing and Urban Development, the Department of Transportation, and the Environmental Protection Agency. [ix]

For general background on implementing renewable energy, see the Renewable Energy section of the FEMP Web site. Project implementation information is also available to help Federal agencies decide on a cost-effective renewable energy project for their facility. See FEMP's Renewable Energy Requirements Guidance for clarification and assistance in meeting statutory and executive order requirements. [x]

Homeland Security Presidential Directive / HSPD-7: This directive requires that “Federal departments and agencies to identify and prioritize United States critical infrastructure and key resources and to protect them from terrorist attacks.” [xi] “The term "critical infrastructure" means systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.” The term includes “the interdependent network of critical physical and information infrastructures, including telecommunications, energy, financial services, water, and transportation sectors.” [xii]

More energy conservation requirements are coming in the near future in the form of executive orders, legislation and regulations regarding resource conservation and sustainability for federal agencies. It is likely that OMB will initiate new strategies and reporting requirements to achieve greater documented energy efficiency and environmental sustainability.

CHALLENGES:

The current challenges confronting federal agencies in meeting the above laws and regulations can be grouped into several categories:

·  Infrastructure

·  Operations & Maintenance

·  Costs and Funding

·  Interoperability

·  Security

·  Organization

Infrastructure: To say that today the federal infrastructure is complex is an understatement. The federal facilities inventory comprises more than 500,000 buildings and structures, as well as the power plants, utility distribution systems, roads, and other infrastructure required to support them. Federal facilities are located in all 50 states, U.S. territories, and more than 160 foreign countries. They span decades, sometimes centuries, of building design and construction technologies, support a myriad of government functions, and represent the investment of more than 300 billion tax dollars. [xiii]

Operations and Maintenance (O&M):

While predictive and preventative O&M is the goal of an agency, too often it is reactive. This is due to several factors.

- Complexity with multiple buildings, locations and systems

- Lack of visibility into daily operations

- Lack of response to energy costs, supplies, and peak loads

- Older technology ‘locks-in’ obsolescence

In its O&M guide, FEMP highlights O&M programs targeting energy efficiency that are estimated to save 5% to 20% on energy bills without a significant capital investment. [xiv] Depending on the federal site, these savings can represent thousands to hundreds-of-thousands dollars each year, and many can be achieved with minimal cash outlays.[xv] There are even more savings to be achieved with appropriate investments.

Costs and Funding: The cost of operating and maintaining an infrastructure as complex as the Federal government is increasing as it ages. In addition, the costs for engineering are increasing. As the infrastructure ages and maintenance is deferred, energy is wasted In FY 2006, Federal agencies had three primary options for financing energy efficiency, water conservation, and renewable energy projects in buildings:

·  Direct appropriated funding,

·  Energy savings performance contracts (ESPCs), and

·  Utility energy service contracts (UESCs). [xvi]

In FY2009, The American Recovery and Reinvestment Act 2009 (ARRA) provided funds to support energy saving initiatives in the federal government. The savings derived through conservation measures can also be used as a source of funding, however there are barriers to transferring money saved for one purpose and spend for another purpose.

Interoperability: The major building systems are numerous and of various ages. FEMP has identified 10 major categories of equipment including boilers, steam traps, chillers, cooling towers, building automation systems (BAS), pumps, fans, motors, air compressors, and lighting. To this list, we would add IT equipment which is a major consumer of energy.

In an effort to collect information about these systems there are clear issues with protocol standards and interoperability. The equipment and software that can provide operational data utilize various standards and possess different degrees of interoperability, i.e. open standard building automation protocols such as BACnet and Modbus.

Any smart meter deployment will need to comply with the Smart Grid Interoperability Standards being written by NIST. There are eight priority areas including wide-area situational awareness, demand response, electric storage, electric transportation, cyber security (see security section below), network communications, advanced metering infrastructure, and distribution grid management.[xvii] Some or all of these priority areas could apply to an Agency depending upon the nature of their infrastructure.

Security: The National Infrastructure Protection Plan (NIPP) provides a risk management framework. “The risk management framework is structured to pro-mote continuous improvement to enhance critical infrastructure and key resource (CIKR) protection by focusing activities on efforts to: set goals and objectives; identify assets, systems, and networks; assess risk based on consequences, vulnerabilities, and threats; establish priorities based on risk assessments and, increasingly, on return-on-investment for mitigating risk; implement protective programs and resiliency strategies; and measure effectiveness.” [xviii] This process is summarized in Figure 2: NIPP Risk Management Framework below.

Organization: The three agency organizations most involved with managing resource costs are the facilities, information technology and financial functions. While facilities and the IT groups play a significant role in using and saving energy, the energy bills are typically handled by the financial group. Our observations show that the organizations critical to managing resources in agency are confronted with many pressing immediate issues, other than conservation and sustainability. The facility professionals are busy running the operation. The information technology professionals are busy meeting systems needs. The financial professionals are busy paying the bills and closing the books. In addition, there is no single place to capture all resource usage and costs in a meaningful way to help all three groups take specific action to reduce costs. In recognition of this situation, the EPAct 2005 requires agencies to designate personnel responsible for implementing the requirements of the legislation. Clearly, any solution will need to involve all three functions plus others to be fully successful.

Energy Surety is the goal:

Energy Surety: While Federal agencies are subject all the environment federal laws and regulations noted above, the challenge is more than compliance. The U.S. National Environmental Policy Act of 1969 declared as its goal a national policy to "create and maintain conditions under which [humans] and nature can exist in productive harmony, and fulfill the social, economic and other requirements of present and future generations of Americans." This goal will need to be adopted by all agencies is some form.

Incorporating sustainability into operations is part of a larger transformation that sustainability leaders such as McDonough and Braungart and Amory Lovins call “the next industrial revolution.” [xix] As with the first industrial revolution, the challenges are clear and present. While the goal of the first industrial revolution was to create financial value, the challenge in this next era is to simultaneously create financial, social, and ecological value. Government agencies will be required to address this challenge.