For many Americans, flipping a switch and knowing the lights will come on is a given. Electricity is something we take for granted, assuming that because we paid our electric bill the utility will be available—until it isn't.
But what if fallen trees or failed transformers are the least of our worries? Terrorism, natural disasters, and cyberattacks are much bigger threats to the power grid. The nature of the US electrical grid, a highly centralized system subdivided into three expansive territories, makes it susceptible to attack. A single outage at a substation can cascade into many.
"We imagine we're free to use as much energy as we can pay for," says Chelsea Schelly, associate professor of sociology. "But that's not entirely the case, because somebody else is determining the extent to which the energy is actually resilient and secure."
Researchers at Michigan Tech are envisioning a brighter future for the grid, building in resilience, so-called Plan Bs, and more equitable access to power.
Electrical grids include generation plants, transmission lines, central control centers, substations (more than 100,000 of them), homes and businesses, and increasingly, distributed energy production like solar panels and wind turbines. Each of these nodes is susceptible to failure from accidents, disasters, or attacks, and replacing them is expensive and time-consuming.
"Traditional terms of security used in the power industry means reliability and adequate power supply to meet demands," says Chee-Wooi Ten, associate professor of electrical and computer engineering. "It's N minus one contingency of a hypothesized component outage: Take one line out and see if the system can withstand a disturbance."
Ten says this contingency has been the norm for decades in planning and operation, but the complexities of cybersecurity complicate the equation. A physical attack could damage parts of the grid, but a cyberattack to interconnected substations could cripple the entire system simultaneously.
Much of the power grid was constructed through significant public investments although many utilities are privately held; major upgrades to the system to prevent hypothetical cyberattacks largely haven't gained traction with investors. But major cyberattacks, like the 2017 Equifax data breach and 2015 Ukraine blackouts, are now a reality.
Ten wants to incentivize investments in electrical grid cybersecurity before it's too late. Together with Yeonwoo Rho, assistant professor of mathematical sciences, and colleagues at the University of Wisconsin-Milwaukee, Ten proposes an actuarial framework of cyber risk management for power grids.
Currently, utilities are audited by the Federal Energy Regulatory Commission (FERC) based on standards set by the North American Electric Reliability Corporation (NERC). Ten and colleagues want to create a framework that includes actuarial accounting of physical threats and cybersecurity risks. Actuarial estimates would quantify the financial costs of an attack or natural disaster. Insurance against these attacks could give bond investors the confidence they need to make big investments to upgrade security measures for the grid.
Security product vendors would see a market for their products that hasn't been available due to lack of demand.
Such a framework would establish what Ten calls a "sustainable ecosystem" of improved security protection with technologies for utilities. He says the key impacts include increased social welfare because the risk of grid failure would decrease. It would stimulate actuarial research on challenging models such as insurance for high-impact, low-probability events. It would also provide educational activities and workforce development.
Reformatting the old utility model and using microgrids and renewables as Plan B will require significant policy shifts, however. Pearce thinks the private sector could solve a number of problems by allowing net metering and interconnection of renewable power sources.
"This will cost the taxpayers nothing, but will demand overcoming major lobbying efforts by special interests," he says. "The private sector will do it because wind and solar are far less costly than coal and nuclear, easier and faster to build, and avoid the unpleasant externalities."
In terms of building grid resiliency with renewables, Pearce says the military is the best place to start.
"A federation of microgrids using local sources of renewable power is far more secure and less costly in the long term," he says. "What the military is doing with solar-powered microgrids can be used as a model for the rest of us who want secure, inexpensive, and clean energy."
Emily Prehoda, a doctoral student in environmental and energy policy, studies how the military is using renewable energy sources to cut costs and piloting microgrids in the face of power failures, attacks, or natural disasters.
"Microgrids allow you to tie into the larger electrical grid, but if something happens to the grid, you can ‘island' yourself and you can keep producing because you're not connected to the cascading failure," she says.
"A federation of microgrids using local sources of renewable power is far more secure and less costly in the long term."
Prehoda says the military has a mandate that 25 percent of energy used on domestic bases will be generated by renewable sources by 2025. She notes that military leaders see climate change as a top threat, and securing bases makes sense environmentally, fiscally, and from a national security standpoint. Additionally, communities around military bases could tap into military microgrids for power in the case of a grid failure.
"With renewables, you have an up-front investment, but operation and maintenance is low on the back end," she says. "When storage—in other words, batteries—catch up, it's a done deal."
Chelsea Schelly, an associate professor of sociology, is working with Pearce and Prehoda on exploring how microgrids—civilian and military—could bolster the resiliency of the grid. Schelly argues that microgrids and alternative forms of energy are not environmentalist propositions, but just plain common sense solutions.
"I study how people in society think about their relationship to material things. If we're thinking about community well-being and resilience, it makes a lot of sense for us to be thinking about scaling down," she says. "Microgrids or energy systems that communities have more direct control over, and therefore can make more directly reliable and accessible for their own communities, does increase quality of life."
Cyberattacks often seem like a game of chance; playing roulette with the energy source millions of people rely on doesn't seem like a good bet.
"If you know cybersecurity threats are more unpredictable, more variable, you know it makes sense to design a system in which a cyberattack can affect one part of the system but not the entire system," Schelly says.
"Right now, it would take little to affect the entire system."
She says if the system was designed to handle cyberattacks, our electrical grid would look much different than it does now.
"Our electrical grid system in some ways is a magnificent feat of hubris," she explains. "To assume this was a system that was going to work for as long as people needed energy services—it took massive amounts of investment without concern for how it was going to be maintained or who was responsible for the upkeep."
Building resiliency now means acknowledging the system's shortfalls and thinking outside the fuse box for better security measures.
Michigan Technological University is a public research university, home to more than 7,000 students from 54 countries. Founded in 1885, the University offers more than 120 undergraduate and graduate degree programs in science and technology, engineering, forestry, business and economics, health professions, humanities, mathematics, and social sciences. Our campus in Michigan’s Upper Peninsula overlooks the Keweenaw Waterway and is just a few miles from Lake Superior.