Oct 11, 2019

Gridforward2019

Personal notes from GridForward2019.

I haven’t made any effort to clean these up other than to find relevant links that I’ll research later.

–Todd

OpenADR

Presenters: Rolf Bienert and Don Duichinos

  • Oasis Inter operation created by Oasis Open
  • Sends requests not commands, customers can opt in/out
  • Service events have start/end/intervals
  • Service events can be re-sent with updates (there’s a sequence number)
  • Security is PKI based
  • Security model vetted by:

Questions

  • How are certs revoked and/or updated (CRL for revocation)
  • Can organizations provide their own CA (Yes)
  • How are upgrades performed? OTA?
  • Are commands idempotent? Is every command ack’d or is this fire-and-forget?

Also discussed

  • 2030.5 IEEE 2030.5-2018 - IEEE Standard for Smart Energy Profile Application Protocol
  • CTA-2045 Port to dispatch (control) water heaters
  • CA Rule 21
  • R.A.T.E.S.org – I cannot find this site
  • Quality Logic has online learning for OpenADR

DERMS

  • What is DERMS? Where are you in that value chain?
  • Is it a distribution tool? A transmission tool?
  • 3 Forms/lineages
    • VPP Virtual Power Plant
    • ADMSAdvanced Distribution Management System
    • Hybrid
  • EMS/GMS ?
  • HEM
  • Australia soon 40% of their gen will be on the customer side
  • Advance forecasting, load flow, load management, asset use
  • Devices behind the meter: settlement, delivery, back office management
  • “We” have no idea how to change business processes when deploying DRMS:
    • interconnection permits, DR group, ops group
    • utilities actively looking at this
    • have to learn how to manage DERS
  • Capacity relief on a substation
    • forecast DERS, monitor, how is it registered?
    • ADMS registration? Need an interconnected update process
    • reactive power? interconnect agreements?
  • Operators need response on the system
  • Market structures, policies, programs
  • How to unify perspectives?

BC Hydro

  • Problem With Theft
  • Collecting 2M metrics on hourly/5/15minute intervals
  • Transformer impedance / voltage profile -> looking for anomalies
  • Energy balancing : reconciling billing vs generation, looking for theft or data quality errors
  • Drivers: large theft scenario of grow ops
    • secondary issues of safety
    • theft totalled 7% of load, equivalent to ~80K homes
    • leads to premature asset failure (transformer overload)
  • AMI - enhanced field investigation team
  • Over time, theft teams went from 60% to 5% of investigations resulting in identifying theft
  • Result: $732M in savings
  • Q: Does the result factor in the theft detection costs (system creation, maintenance, investigation teams, etc.)?
  • Used external solution to start, Data Raker, from 2011 to 2014
  • Used DR while developing in-house solution
  • Deployed DR and in-house solution side-by-side
  • A/B systems compared in final analysis
  • Key takeaways:
    • IT/OT bridge : the business and technical relationships were key
  • Maintenance system is at 78TB currently and grows by 6TB/month
  • Stack uses Greenplum and HortonWorks

Oh DER!

  • Status Quo is lacking framework for incentivizing storage
  • Opportunity to decarbonize / digitize / and democratize
  • Create monetization and value
  • Pricing and billing engine for TOD pricing took 10 years

Strategy across industry

  • Breaking down silos

  • What or the goals and objectives?

  • Evaluate framework / value streams / DOU / Rate designs

  • Need financing mechanisms to bring systems to people that cannot afford 10K for a battery system

  • Need confidence in data

What’s needed in the regulatory environment? …crickets.

Pathways to Deep Decarbonization

  • Northwest Power and Conservation Council

    • 2021 Power Plan
      • Next Meeting
      • Adequate power system
      • Protect fish and wildlife
      • Do this within the power plan process
        • energy efficiency
        • DR
        • geothermal?
        • transmission
      • 70M buildings using natural gas
      • CTA-2045 Port to dispatch (control) water heaters

  • PSE

    • transmission - IRP
    • distribution - planning is somewhat separate
      • generation
      • smart grid & AMI & batteries & self-healing -> increased reliability and flexibility
      • feeder deployments have decreased outages
      • trees lead to outages on the grid
      • w/o digitization decarbonization won’t happen
    • Analytics
      • Get To Zero
      • Multiple types of customers : low-income -> AWS/Nordstroms (data centers)
      • anticipate and proactively solve problems
      • Web/billing/payments/operational
      • AMI - 2023 Landis & Gyr
      • Used to be on their board of directors
      • Something about customer preferences
    • Resiliency/Micro-grid
      • Example 2MW in Glacier Whatcom County
      • 10mi long radial ~ 100" snow/year
      • difficult to restore power
      • battery installed allowing
      • restored power in August
      • large commercial / military customers
    • Pilots & Partnerships Ecosystem
      • Pilots allow controlled ecosystem w/ controlled costs
      • Responsible to customers and the environment
      • Game Changers
        • EV infrastructure
        • WA - 40% of carbon emissions are from transport
        • WA - 50K electric vehicles
        • WA - project 400K - 1M by 2030
        • UpNGo – can test drive EV vehicles? Cannot find link
        • Heavy transport / Maritime
        • Pro LPNG facility in Tacoma
    • Hoped for achievements in 5 years
      • No Cyber Security events
      • Cost effectively meet goals in clean energy
      • D&I - unconscious bias / trust / etc.

Cyber Cyber

What are the top Cyber risks?

Answer

  • build relationships before incidents happen
  • stuxnet
  • halvex
  • it’s an evolution
  • not going to see the exact same thing, cannot predict threat vectors
  • build resiliency models to detect, categorize, react to threats

Who faces Cyber attacks?

Answer

  • today, distribution
  • targets of opportunity, places w/ most potential for damage
  • as distribution becomes hardened, then attacks move
  • transmission is expected next

What about vendors? What role do they play?

Answer

  • recent attacks via vendor pathways
  • old devices w/ old vulnerabilities
  • new devices w/ vulnerabilities, un-encrypted firmware is easily examined and rooted
  • not signing firmware, even large firmware vendors
  • micro-grids with smaller companies in these spaces may not have resources to properly defend against these attacks (however it was also stated that the larger companies are also doing a poor job of defending, so seems a bit FUD).
  • STIG Open Source threat modeling software

What role do Regulations Play?

Answer

  • DOE
  • FERC
  • NIST
  • NERC
  • IC Level Chain
  • IC Level Chain
  • NERC - focus on legacy environments, on the cusp of engaging with the cloud
  • NERC - does not have language? for cloud cyber security
  • Threat Vectors
    • Infra
    • Operations
    • Data protection
  • Weakest link is humans
  • Employees must be aware of attack vectors
  • Leaders must start investing in employee awareness
  • Awareness training is a constant thing

What happened in March?

Answer

  • Fishing attack, stage 1 malware
  • Followed by lot’s of, trust us, sorry, we have to keep secrets, blah blah

What happened in the Ukraine?

Answer

  • Blackenergy3
  • not designed to attack the grid
  • stage 1 -> 4
  • found value
  • attacked SCADA
  • deleted stage 1 and started scavenging for VPN connections
  • managed routers and switches have VPNs into target environments

How to trust Vendors?

Answer

  • Segmented networks
  • 2FA
  • Scoped roles/access to the secure resources/networks
  • Verify vendor compliance
  • Do not blindly trust vendors or their compliance
  • Pen tasting?
  • Validate, check policies, use 3rd parties for risk management
  • Need to involve cyber-security from the beginning
  • ICS Kill Chain
  • Procurement process (RFP) needs to have cyber-security as part of the process

Threat Monitoring

  • visibility fabric devices
  • anomaly detection devices
  • what to do with alerts? need to invest in human capital to deal with alerts and make meaningful decisions
  • train from within
  • Gridex Government training for incidents
  • SANS.org Has paid training for ICS

Other resources

Public Power

Flathead Electric

  • relying on customer networks and modems was a disaster
  • water heater controller has high acquisition cost
  • BPA does not supply real time information (costs)
  • Degraded the battery installed at a youth home by 20% in 5 years by cycling from 0 -> 100% charge
  • TOD rates
  • Micro-grid an a 330 mile radial feed

Burbank

  • not part of CAISO, part of LADWP
  • cannot use market to help w/ intermittent resources
  • 100% smart meters
  • vertically integrated
  • EV charging TOU rates
  • fiber over the city
  • local gen

Fort Collins

  • biz cases
  • fund outcomes not departments -> 7 outcome areas
  • electric utility is under multiple departments -> outcome is safe community
  • 3x bottom line : economic / social / environmental -> changes how you think and do business

Flathead

  • need big thinkers, don’t be afraid, take chances

Burbank

  • costs now provide benefits later
  • hoover dam as an example
  • had vision and big thinking
  • integrating RE for the environment is new vocabulary
  • think in decades

Biggest Forward Thinking Investments?

Burbank

  • Inter-mountain Power Project (IPP) - 18MW Coal Plant
  • Online since the ’80s
  • working to accelerate plant shutdown and replacement with NG plant
  • Southern Transmission System
  • 50 year commitment to a gas plant
  • Renewable hydrogen?
  • the best of many imperfect solutions

Flathead

  • coop
  • know your audience / members
  • local gen was asked for
  • landfill to gas plant - first in Montana
  • timber manufacturer - biomass -> energy
  • community solar
  • members are willing

Ft Collins

  • One of 6 places of invention mentioned in a Smithsonian exhibit
  • 500K cost share was from community members
  • Collaboration and partnership
  • High-tech area
  • Climate economy

Key Takeaways?

  • No shareholders
  • No state regulations
  • Local control and accountability
  • Not mandated as investor owned utilities are
  • Taking shareholders & regulators out of the equation -> yields advantages and more resilient decision making process

GW of DER

Regulation and Innovation

“Regulators need the same level of detail as a CFO”

  • whole plan
  • future sunk costs
  • mitigating risks
  • societal benefits

Random Bits

  • IRP Integrated Resource Plan
  • WA State Bill 51162019 Senate Bill 5116: Supporting Washington’s clean energy economy and transitioning to a clean, affordable, and reliable energy future
  • WA State Bill 1444Concerning appliance efficiency standards.
  • In WA transport is 45% of our GHG emissions
  • AMI Smart Meters (bi-directional)