Hurricane Sandy and other recent events have shown how vulnerable the nation’s electrical grid can be – both to natural disasters and to potential acts of terrorism. It is time to find ways to use the patent system to stimulate investment in innovation that will help strengthen the grid and make it more secure.
It is hard to underestimate how crucial the grid system is to our nation’s continued security and productivity. One only needs to think about the devastation caused by Sandy last year in what was a disastrous yet far from worst-case scenario. Yet not enough thinking is being done about how to harden and protect the grid against storms and other disasters that are certain to come – and enemy attacks that, although far from certain, are easy to conjure up.
For decades, of course, much attention has been focused on so-called enterprise networks, which connect the computer systems used in a business, university, or government agency. Enterprise networks are vulnerable, as is well known, to hackers and other intentional wrongdoers, and to programming errors, mechanical failures, natural disasters, and other issues. Nearly every day, we read of a data breach or some other computer problem that puts at risk consumer information or the very ability of a computer network to run properly. There’s a lot of awareness of these issues, and a great deal of research into security solutions has been done.
But in addition to enterprise networks, the electrical grid runs primarily on industrial control system (ICS) networks, which pose unique security and resiliency challenges. ICS networks are the communication networks that connect and control the grid. ICS networks are used not only in the electrical grid, but are fundamental to other critical infrastructure systems, such as transportation, water, agriculture, and the like.
ICS networks have different requirements, demands, and vulnerabilities than enterprise networks do, and they require different security solutions.
ICS networks are vulnerable to hackers as well, as a recent Washington Post series of articles has shown. As a demonstration in 2007, U.S. government engineers at the Department of Homeland Security performed an experimental “hack” into a 5000 horsepower diesel engine. These engines are routinely used as backup generators in critical infrastructure systems that are part of the electrical grid. When the successfully hacked into the generator’s embedded control computer, the DHS engineers were able to repeatedly trigger circuit breakers and essentially destroyed the engine.
So innovation is clearly needed, and there are companies that are dedicated to creating ICS innovations and security solutions. However, most of these companies are start-ups or other early-stage ventures that lack financial capital and funding and receive little attention from the investment community, certainly when compared with the intense interest in companies that are working on security solutions for enterprise networks.
One reason for this lack of attention is that utility companies represent the primary customers for many ICS infrastructure technologies, such as security solutions and smart meters. However, despite the critical national need, technology investments by utility companies are hard for those companies to justify internally unless the investment costs can be recovered through rate adjustments.
It’s interesting that the one major technological upgrade to the grid that has caught on, namely smart meters, is one that provides immediate and tangible results, convenience, and potential cost savings to consumers. Clearly, utility companies have realized that they can easily recover the monetary investment in equipment upgrades like smart meters through rate adjustment (i.e., raising utility rates via state utility commissions).
While an investment in smart meters would be considered by most utility shareholders as prudent, necessary, and reflecting sound business acumen, a similar investment in pure infrastructure, such as ICS security, would not necessarily be received as well by shareholders. That is, if the costs of investment in ICS security cannot be recovered through rate adjustment, these costs will come out of the utility company’s profits. Obviously, utility companies are loath to invest in anything with costs that can only be recovered from their profits.
This leaves open the question of how to reduce the cycle time of economically feasible methods of helping these critical technologies make their way to development, production, commercialization, and implementation within the grid, while still presenting themselves as attractive purchases for utility companies.
Key issues include:
- What incentives can be created for utility companies to invest in security and resiliency infrastructure in ways that can be recovered through rate adjustments and thus will appeal to their shareholders?
- How can innovators and technology developers, many of whom are start-ups, be motivated to develop these technologies in commercially viable ways?
- What is the proper role of IP, IP policy, and IP commercialization to the development of security and resiliency technologies and solutions?
- How can newly developed technologies crucial to reducing grid vulnerabilities be quickly recognized, vetted, funded, and adopted?
- Can a rapid adoption model, which would help companies research, develop, pitch, and test commercially viable innovations, be developed that would bring security innovations to market in a speedy way that is appropriate to the national emergency?
Perhaps a simple patent incentive program might be one solution that could spur research and development, innovation, and investment in critical grid security systems. A key step would be streamlining the examination and costs of patent applications that focus on technical innovations that decrease grid vulnerabilities -- in effect, creating a “fast lane” for protecting inventions that can help secure our nation’s infrastructure. Other solutions could include more creative pricing strategies for IP legal services to make them more consistent with start-up budgets, as well as clearer paths to funding and commercialization. These are small steps, but they could help improve the revenue stream for innovators by increasing the development speed of their products and technologies. In turn, as innovators succeed in bringing ideas to market, there could be a “race to the top” for utilities that want to be national leaders in grid security and resiliency. In addition, state regulators could take the position that in view of the compelling national interest in grid security, such costs could be recovered through rate adjustments.
Creativity and innovation are the best way to protect the network, and leveraging intellectual property is one of the best ways to capture creativity and innovation. This work will require collaboration among computer science researchers, intellectual property professionals, and players in the infrastructure and energy industries to identify, protect, and develop the best intellectual property from the earliest stages of the innovation lifecycle to the latest. We have seen that increased interconnectivity and interoperability produces huge benefits in efficiencies. The smart grid that could emerge as a result of this innovation will be the next step in this interconnectivity and will increase the grid’s resilience to future threats.