Utitility industry around the world is undergoing radical changes in its structure and business models. It is being reshaped by disruptive technologies, environmental pressures and social expectations. Traditional electric grids are now replaced with smart grids that are controlled by information and communication technology (ICT). In many cases, these utilities are managed through remote administration as well.
Power grids are also centrally connected and integrated in nature from the stage of power generation to it transmission and distribution. A compromise of such power grids can lead to power outages/blackout or even damage to power system devices and thereby huge loss to the utilities. This is also the stage and process that makes these utilities vulnerable to cyber attacks.
Naturally smart grids cyber security has become a top priority for governments around the world in these circumstances. The contemporary malware are very sophisticated in nature and they are easily defeating the cyber security products and services. As a result cyber attacks and malware have become a big nuisance for businesses and individuals alike. Smart grids are also facing sophisticated cyber attacks from around the world.
Cyber security issues in India are emerging day by day. Similarly, the cyber security awareness in India is also increasing. However, cyber security capabilities of India are still not up to the mark. Cyber security skills developments in India are urgently required so that both offensive and defensive cyber security capabilities of India can be developed. Keeping this fact in mind, critical infrastructure protection in India in general and cyber security of automated power grids of India in particular must be ensured with latest technology and international best practices. In the past Indian government declared that a Grid Security Expert System (GSES) of India would be developed in India. The same may be a reality very soon keeping in mind the focus upon Digital India project of Indian government.
There would be many cyber security challenges for future smart grids of India. The evolution of SCADA system, deficiencies and shortcomings of existing power devices and vulnerabilities of software managing SCADA systems are areas of special concern for India. Internet is full of unprotected and unsafe devices, SCADA systems and computers. Critical infrastructures protection has also become a major challenge with the SCADA systems still remaining exposed and unprotected. For instance, healthcare industry is facing increased cyber attacks against its critical infrastructures. Cloud computing is also facing low adoption and regulatory issues in India.
Further, renewable energy/distributed generation demands are the added feature of smart grid and due to networked control future power system will be much more vulnerable to cyber terrorism attacks, cyber warfare activities and cyber espionage attempts. Therefore, before switching to smart grids, India must consider cyber security challenges for them as well.
Although India has recognised the significance of cyber security yet its efforts in this direction are still scattered, unstructured and inadequate. Perry4Law Organisation (P4LO) has been advocating for establishing a strong, robust and resilient cyber security infrastructure in India for almost a decade. P4LO also believes that international legal issues of cyber security must be resolved on mutual cooperation basis among various countries. Countries may work in the direction of formulating international cyber law treaty and international cyber security treaty (PDF). Similarly, international legal issues of cyber security and conflict of laws in cyberspace must also be resolved by Indian government. We hope Indian government would resolve the cyber security issues related to smart grids very soon.