Combating fraud and theft in the smart grid

Based on an article by NES for Smart Energy

The problem and its impact

Power theft in the smart grid is the menace of electric utilities from rural cooperatives to large investor-owned and municipal providers.

As early as 1899, the Association of Edison Illuminating Companies addressed the problem of tampering with screws that adjusted meter damping magnets. Over 36 years ago in 1984, the New York Times published an article citing ConEd and the potential of “1% of power customers of stealing services.”

According to estimates, theft and fraud of electricity costs the industry as much as $96 billion every year globally, with as much as $6 billion every year in the United States alone. This not only results in higher prices for paying customers and costly government subsidies but is also a public safety crisis in some countries with dangerous illegal power connections. In some countries, high non-technical losses threaten the financial sustainability of the energy utilities, with double-digit % energy losses through theft and fraud being estimated.

The financial losses, also known as non-technical losses, include metering inaccuracy, non-payment, billing and rate class errors, and simple to complex energy theft. Traditionally, the two dominant components of non-technical losses are non-payment and energy theft, and these are still relevant with smart grids. With increased intelligence in the new smart grids, there is now an opportunity for a more “systematic” approach to energy theft, in the form of billing record tampering, resulting from a cyber-attack.

Until recently, there were few effective solutions for these problems. Labour-intensive premise inspections and account auditing often cost more than the actual value of the losses and enforcement is always challenging.

Bringing it up to date

Modern AMI (Advanced Metering Infrastructure) solutions offer mechanisms to identify attempted and actual fraud and theft through increased intelligence. At the same time, this increased intelligence offers increased vulnerability to cyber-attack, often for the purposes of fraud or theft, and requires new forms of protection to be put in place.

Before examining the solutions that modern AMI bring to DSOs, lets first examine a little more about the various mechanisms of energy theft and fraud which are applied.

Types of energy theft and fraud

Generally, energy theft and fraud are grouped as follows:

  • Direct theft – the thief can simply take energy from the DSO without the DSO having the opportunity to meter the consumption. This is achieved through connecting spurs to the main supply and drawing energy directly, and consequently, this is often visible from the street.
  • Meter tampering – the meter is compromised in such a way that it delivers false readings. Again, often this is visible on the meter, but with most meters in cabinets or in buildings, this is less visible from the street. With the introduction of smarter meters, there is more opportunity for a cyber-attacker to tamper with the meter, or the data it holds, and this can be very hard to spot.
  • Billing irregularities – the human steps within the meter-to-cash process are points where consumption information can be changed. In traditional networks, this can span from the meter reader to the accounts team. In smarter grids, whilst the role of the human is massively reduced, the opportunity for cyber-attack to change consumption and account details increases. Both cases can only be spotted through sophisticated data analysis and audits.
  • Unpaid bills – customers simply do not pay their bill and make it hard for the DSO to cut off power supply.

Who is the thief?

There are many types of thief:

  • Consumer – this can be wide-spread and hard to police. Direct theft or meter tampering are the main mechanisms used. The consumer is the sole beneficiary of the theft.
  • Organised crime – this can range from a local technician helping local consumers steal energy or tamper with meters right through to organised criminals influencing the human steps in the meter-to-cash process. Both the criminal organisation and the consumer “employing” them benefit.
  • DSO insider – in this case, a human in the meter-to-cash process is using their influence to change metering, billing or account information. This is often connected with organised crime but could simply be a disgruntled employee.
  • Nation state – tampering with energy supply is a recognised way that hostile nations can engage each other. Whilst this generally revolves around disruption of energy supply, more insidious fraud and theft attacks can be employed to cause financial instability in the key infrastructure providers of the target country.
  • Cyber-criminal – in a sense, the cyber-criminal is an agent for all these types of thief. Their role is to evaluate opportunities for fraud and theft in the increasingly smart energy infrastructures by identifying weaknesses in IT security technology and process.

Modes of fraud and theft

The modes of fraud and theft on the physical infrastructure are illustrated in a summary diagram below.

Cyber-criminals use IT hacking methods to access and tamper with the meter, the networks between the meter and the back-end billing/accounts systems or the back-end systems themselves. One approach is for the cyber-criminal to reconfigure the meter so that its ability to record consumption accurately is compromised or impact those functions designed specifically to combat fraud and theft. Another approach is to access the meter data directly, either on the meter, in the network or at the back-end systems, and enter false consumption values. The second is far more insidious, as cyber-criminals can become adept at hiding the evidence of their tampering!

New means to detect theft and fraud

With traditional “non-smart” metering systems in the grid, it was hard to identify occurrences of theft and fraud without conducting audits – either in the streets and consumer homes, in back-end billing/accounting records or in process execution records.

The latest AMI bring significant improvements:

  • Meter tampering and supply alarms – the latest generation of smart meters provide a rich set of events and alarms to indicate both the preparation for and the actual execution of fraud and theft at the meter. In the most sophisticated smart meters, this can include events which indicate attempts to hack the meter or the communications network.
  • Complete automation of meter-to-cash – the human can be largely removed from the process. Often, reduction of theft and fraud is a major business driver for initiating a smart meter project.
  • Remote control and cut-off – smart meters allow the DSO to restrict access to energy and even cut off supply in the event of non-payment of bills. Not only is the remote control convenient and reduces costs – the energy cut off is faster, reducing the revenue leakage, and it avoids the need for physical confrontations with the thief.
  • Analysis of consumption in the low-voltage grid – in high quality deployments of smart grid, it is now possible to assess energy flows within the low-voltage grid allowing DSOs to spot the leakage of energy, possibly resulting from theft
  • Low-voltage grid topology analysis – a pre-requisite for analysis is to know the topology of the low-voltage grid. This is a challenge for many DSOs as records may be out of date or simply not exist. The latest AMI solutions allow the topology to be inferred from communications statistics
  • Usage statistics – some forms of illegal usage of energy, such as growth of drugs, can be detected from a deep analysis of consumption patterns and their correlation with other data, such as the weather.

These are very useful capabilities, but they need to be complemented by back-end systems which can display and make sense the new sources of information generated by the meter and make it easier to initiate actions. In modern AMI deployments, the role of operational tooling to provide monitoring and control features need to be carefully addressed, else all the new insight provided by the smart grid is wasted.

Finally, what about the cyber-criminal? The leading AMI solutions provide strong protection measures to make it hard for the cyber-criminal to gain access to systems. History has shown that “hard” does not mean “impossible”. The latest developments in smart grid security address threat detection and response – the ability to detect activities indicating a potential, actual and/or successful attack on the smart meters. This information, when acted upon, can be used to blunt the cyber-criminal when they attempt fraud or energy theft.

In summary, the mechanisms are now in place to combat theft and fraud close to its source with the new generation of Smart Meters. However, the selection of the right technology for the AMI is key. Only sophisticated, extendable, and agile technologies will be effective against the ingenuity of the fraudster, the thief, the cyber-criminal and the hostile nation agent.

End of original article by NES for Smart Energy

Due to climate change, wildfires are set to become an increasing problem

Millions of acres burn every year in wildfires across the United States, with the worst seasons on record occuring in the past two years. Climate change is blamed for making these fires increasingly worse year-on-year, making things tough for power grid engineers in an increasingly volatile climate reality.

The average wildfire season today is three and a half months longer than it was as recently as the 1980s. The number of annual large fires in the US has tripled — burning six times as many acres as in wildfire seasons only decades ago.

Orange dots show fires detected in the week prior to July 6, 2020. Source: National Geographic.

Wildfires are occuring where they were rarely seen before

Temperature averages in Siberia were nearly 10°C above normal for the first five months of 2020. Temperatures in the Russian Arctic region and Siberia continue to break records, thawing the tundra and contributing to an increase of hundreds in wildfires, most in areas inaccessible by firefighters. Siberian wildfires today are breaking out over nearly 3 million acres (1.2m hectares). The smoke cloud is unprecedented, extending over the United States and Canada.

Electrics companies are under pressure to mitigate the risk of power line induced fire.

How power lines contribute to wildfires

There is growing evidence that power lines themselves trigger wildfires.

High winds are a key contributing factor, vegetation contact, where high winds blow trees and branches onto power lines, sparking fires. In other cases, wind can snap wooden distribution line poles, causing live wires to fall onto nearby dry grass, setting it on fire.

California is particularly at risk because of drought conditions that have turned its forests into tinderboxes from August to November, when high winds are common. The Redwood Fire burned more than 36,000 acres, destroyed hundreds of homes and businesses, and lead to nine deaths.

Introducing VECTO System – real time notifications the moment problems arise

Developed in Cape Town, South Africa, VECTO System is an innovative grid management system developed to meet Africa’s steep energy challenges. It is a solution in two parts – a device installed across the network, and a software platform that visualises the data and provides real time notifications when network performance moves out of accepted safety thresholds.

Vecto 3 device

Each VECTO System device is a linux-based edge computer, which process data locally as it enters the device, while simultaneously streaming it onwards a central data store. With a built-in GPS clock that is time synchronised to within ±100ns from absolute time, the full fleet of devices work together in perfect harmony, delivering the full picture of network performance.  

VECTO 3 records and reports on a comprehensive set of RMS, phasor, harmonic, environmental & synchrophasor data, encompassing over 9,000 parameters.

VECTO System’s data visualisation platform — VECTO Grid OS — reports and interprets the data for the end user. Available for all smart devices, VECTO Grid OS will notify the appropriate team members at the moment anomalies occur on the network. If storm clouds suddenly begin to form over the city and solar supply drops rapidly, VECTO Grid OS will send emergency push notifications and emails in real time to the people who matter.  

Beyond emergency notifications, VECTO System’s unique capabilities can also:

  • Provide interaction and control down to the mini-substation level, providing engineers and operators with unprecedented visibility and remote management of the entire enterprise.
  • Predict, detect and prevent wildfires caused by high voltage power-lines.
  • Provide detailed information and insights through an ongoing forensic record, enabling long-term decision making and informed capital investments.

Keen to know more?

VECTO System is set to change the way the power grid is managed. If you’d like to see more of what the system is capable of, speak to us.

Table of Contents

Related Posts

Old style power generation power plant. Source: Pavel Neznanov (Unsplash)

Years, Months and Milliseconds

How long have we got to get our act together for renewable electricity? By Phil Kreveld One could be reassured by the leisurely acceptance with

Synchronous generator

The Subservient Synchronous Source

We are facing unknown unknowns By Phil Kreveld Going from old technology to new wind and solar electricity generation faces us with an interesting confrontation: