Once you remove the hype surrounding the \u2018Internet of Things\u2019, you seldom find large, real-world deployments of \u2018Smart, connected things\u2019 that forms it. You also don\u2019t co-relate the words IoT and Electric Grid. However, the Smart Electric Grid is actually one of the largest IoT deployments, with an estimated 500 million meters installed to date. This is expected to grow to 1 billion by 2020.\nThe smart grid infrastructure\nA Smart Grid is nothing but a network of electrical suppliers, which is managed by a system of digitally controlled interfaces that can dynamically alter the flow and supply of electricity in response to micro and macro changes in demand. One way to think about this complex web of systems is in layers:\n\nA physical layer consists of power generators, transmitters, substations, distribution units, and energy consumers.\nThe network layer sits on top of the physical layer and consists of communication and networking platform along with network gateway, head-units and smart meters.\nAn application layer is built on top of the network layer and automates core functions such as transmission, distribution and grid resiliency through various energy management systems.\nAn analytics layer generates value based on data generated from the application layer.\n\nWith the rise in grid-tied residential solar panel installations, the complexities in grid management have increased. Now, there are actual power generators at the end of the line.\nTraditionally, proprietary and vertically specific software by domain specialist vendors were used for this purpose. In the future, it is feasible to expect that general-purpose software will be used for MDM and analysis, along with the use of some newer techniques like machine learning. Indeed, utilities may utilize an energy specific version of IBM\u2019s Watson IoT or SAP\u2019s Hana IoT to collate data from multiple sites and that public cloud platforms like AWS IoT and Microsoft Azure would be used for Asset Lifecycle.\nThreat of cyberattacks\nAs with anything else, the implementation of connected \u2018software\u2019 solutions within OT leads to a sharp rise in the attack surface and threat vectors against AMI. Power is an essential commodity, and the non-availability of it can lead to catastrophic situations. A computer virus or worm can make its way from these systems and target smart meters, permanently disabling them. Or hackers can hack into a utility control system to turn off power to large sections of a city. This was seen very recently when the Russian hacker group Sandworm attacked a Ukrainian power grid, causing 220,000 people to lose power.\nSecure meter communications over Wi-SUN\nWhile a comprehensive analysis of AMI and Smart Meters is beyond the scope of this article, we can talk about one of the ways in which Smart Meter communications may be secured. Wireless Smart Ubiquitous Networks (Wi-SUN) is an IEEE 802.15.4g open-standards based technology, whose Field Area Network (FAN) specification was developed to address the need of low-power, long-range, peer-to-peer connectivity according to Gartner\u2019s 2017 Hype Cycle for IoT Standards and Protocols report. Even more interesting, is that beyond the IEEE and IETF, Wi-SUN has come together to form the Wi-SUN Alliance (200+ members and counting) which also has a certification program where vendors are required to go through a testing process by independent testing labs to ensure compliance with Wi-SUN standards and specifications. (Disclaimer: GlobalSign is a member of the Wi-SUN Alliance).\nUnlike competing standards (SigFox, LoRaWAN) Wi-SUN is a mesh network, and thus allows meter-to-meter communication. This reduces black spots compared to star networks, can better respond to outages by having multiple communication paths, and is cheaper to implement since you need fewer towers. Of course, because it is an open-standard there can be no proprietary vendor lock-in.\nMore importantly, Wi-SUN has several security features that set it apart from the competition. Some of these are:\n\nFollowing the IEEE 802.1AR spec for Device Identity.\nCertificate based authentication, including secure long-lived IDevID (birth certificates) as well as shorter-lived LDevID (operational certificates)\nDevice hardening, non-exportable keys using security chip or PUF (Physically Unclonable Functions)\nRole-based Access Control\nGroup-based key generation and management\nNetwork-layer encryption for WAN using IPSec (Internet Protocol security)\nOver-the-air upgrades for devices\n\nAs we can see, there have been various advancements within the electric grid infrastructure over the past several decades, and we\u2019ve reached an exciting time where IoT is disrupting yet another industrial segment. While this raises several cybersecurity concerns, it is heartening to know that industry experts are actively working to adopt stringent security measures to ensure the safety of the smart grid. As smart meters become more ubiquitous, and get installed in millions of homes, we can rest assured that they will soon carry the best-in-class security technologies and tools available.