• From the Women in Crisis Response Writers Hub

The Energy Biome – Understanding actors, interests, and interactions through the IoT/IIoT lens

The Energy grid faces several challenges through its many actors, interactions and the interfaces. A traditional grid provides energy services and although it is believed to be a centralized provider, it draws its resources from several other public and private suppliers. An example is well described in the NYC SIRR document ("A Stronger, More Resilient New York", 2013, pg. 108, 111).

Here’s a simplistic biome-like framework that I designed to help with that big picture.

It shows the different points in the day to day management of a typical grid, such as, the supply chain management, the safety and security control, the inventory system, and quality control. Within these four main areas lay hundreds of actions performed continuously by thousands of human and electromechanical capabilities. These actions have been learnt over the years through immense hard work, and trial and error, and documented to provide an almost seamless electricity supply to our daily needs.

Traditionally distributed control systems (DCS) helped with local administration and management, and supervisory control and data acquisition (SCADA) managed this across a geospatial area. These capabilities go as far as 1960’s and the software to support these systems have typically been proprietary and quite closed in their architecture. Distributed and remote data acquisition is nothing new to Energy grids.

Likewise, as the NYC SIRR report describes, distributed supply chain is also not a new phenomenon for energy grids. Internet of things merely takes these capabilities to another level, where now, DCS/SCADA systems use a combination of internet and the IT cloud services to acquire, store, and process their data. If we look at the diagram, the four vectors (Human, Internet, IoT, and Robots) depict four types of interactions modern energy grids are capable of. Four vectors mean four corners to watch out for potential threats to aspects inside the grid. DCS, SCADA, PLC and RTU systems (Slyke, 2015, pg. 9) can be fitted with small sensors that can now beam real-time data about the health of the systems to cloud-enabled monitoring and logging dashboards.

The four black arrows indicate the dark forces that could impact the efficient operations of the grids. When damaging forces such as cyberattacks and climate change cause destruction potentially including loss of lives, and if capital shocks and other resource scarcities such as lack of adequate human capital with technical know-how, squeeze the expectations, emphasis may be given to core or essential services that must keep the grid functioning to support life.

Given such a complex biome, it only makes sense to have a disaster recovery and business continuity plan that ensures seamless supply of electric services. Failure to do so could result in situations such as those described by NYC health data review after hurricane Sandy, “Failure or absence of emergency power systems required facilities to evacuate patients("New York City Healthcare Findings", 2013, pg. 12), and a matrix showing no backup or that the backup failed ("New York City Healthcare Findings", 2013, pg. 16). The report also shows how essential services such as emergency power, water and HVAC with a recovery need of less than a day could not be available ("New York City Healthcare Findings", 2013, pg. 20).

These four vectors could cause debilitating impact on the core functionality of the grid by disrupting demand or supply, taking over remote control, disabling key features such as logging and monitoring, sabotaging reactive, proactive, and predictive maintenance, thereby impacting response and recovery times. Malicious programs or bots in these distributed small internet of things could disarm the safety and security controls.

One famous example is the Stuxnet malware that infected PCs and aimed to damage the spinning rotors within the nuclear centrifuges with an intent to physically sabotage the reactors in Iran (Kushner, 2013). Securing grids therefore should be a collaborative effort from physical, electromechanical, electrical and socio-economic perspectives. Engineers and technicians become crucial to a successful safety and security strategy for an IIoT-based business and disaster recovery system for our energy grids. The key is to think beyond the traditional methods of looking at grids. Apply the Energy Biome model shown above to better understand the triad of actors, their interests, the interactions.



  1. A Stronger, More Resilient New York. (2013). Retrieved from

  2. About the Sustainable Development Goals - United Nations Sustainable Development. Retrieved from

  3. Access to electricity. (2017). Retrieved from

  4. Aggarwal, V. (2018). Calculate Your Solar Panel Payback Period | EnergySage. Retrieved from

  5. Brussels, 12.12.2006 COM(2006) 786 final. (2006). Retrieved from https://eur-

  6. Cost of Downtime. (2018). Retrieved from _/media/pdfs/one-microsite/bd-cost-of-downtime.pdf

  7. COUNCIL DIRECTIVE 2008/114/EC. (2008). Retrieved from https://eur-

  8. Countries with the highest number of internet users. (2018). Retrieved from https://www- selected-countries/

  9. Cuomo: Sandy cost NY, NYC $32B in damage and loss. (2012). Retrieved from


  11. Cybersecurity, Energy Security, and Emergency Response. Retrieved from response

  12. Fischhoff, B., Slovic, P., Lichtenstein, S., Read, S., & Combs, B. (1978). How Safe Is Safe Enough? A Psychometric Study of Attitudes Towards Technological Risks and Benefits. Retrieved from

  13. Fowler, J. (2017). Women must be central in disaster prevention - UNISDR. Retrieved from

  14. Framework for Improving Critical Infrastructure Cybersecurity Version 1.0. (2014).

  15. Retrieved from

  16. Hedvig, N., & Giulio, C. (2018). The JRC Statistical Audit of the Social Progress Index (SPI) - EU Science Hub - European Commission. Retrieved from

  17. Incident Response/Vulnerability Coordination. (2014). Retrieved from

  18. Introduction to NISTIR 7628. (2010). Retrieved from

  19. Karagiannis, G., Chondrogiannis, S., Krausmann, E., & Turksezer, Z. (2017). Power grid

  20. recovery after natural hazard impact. Retrieved from

  21. Kasperson, R., Renn, O., Slovic, P., Brown, H., Emel, J., & Goble, R. et al. (1998). The

  22. Social Amplification of Risk: A Conceptual Framework. Retrieved from https://onlinelibrary-wiley-com.ezp-

  23. Kushner, D. (2013). The Real Story of Stuxnet. Retrieved from

  24. Lewiner, C. (2017). World Energy Markets Observatory. Retrieved from


  26. Marcus, K. (2018). Rise of the Energy Prosumer. Retrieved from

  27. New York City Healthcare Findings. (2013). Retrieved from

  28. Newman, J. (2018). The Myth of Free. Retrieved from content/uploads/2018/06/86-Geo.-Wash.-L.-Rev.-513.pdf

  29. Obama, B. (2012). Remarks by the President at a Campaign Event in Roanoke, Virginia. Retrieved from office/2012/07/13/remarks-president-campaign-event-roanoke-virginia

  30. Rifkin, J. (2015). The zero marginal cost society (1st ed.). New York, N.Y.: St. Martin's Griffin.

  31. Sandy Impacts Final Report Ch 1. (2013). Retrieved from _SandyImpacts_FINAL_singles.pdf

  32. Schipper, E., Thomalla, F., Vulturius, G., Johnson, K., & Klein, R. (2015). Climate change

  33. and Disaster Risk Reduction - UNISDR. Retrieved from

  34. Sendai Framework for Disaster Risk Reduction 2015 - 2030. (2015). Retrieved from

  35. Slyke, D. (2015). The Heart of an Energy Management System. Retrieved from

  36. pesias/files/2016/03/SCADA_20150316_Slides.pdf

  37. Small retailers transact $19 trillion in cash annually. (2016). Retrieved from release/2016/06/27/small-retailers-transact-19-trillion-in-cash-annually-new-world- economic-forum-and-world-bank-group-study-shows

  38. Superstorm Sandy | Google Crisis Map. (2012). Retrieved from

  39. The Cost of Malicious Cyber Activity to the U.S. Economy. (2018). Retrieved from Cyber-Activity-to-the-U.S.-Economy.pdf

  40. Tse, T., & Esposito, M. (2017). Understanding How the Future Unfolds. Middletown, DE: Lioncrest Publishing.

  41. UNESCO Gender and Science. Retrieved from sciences/priority-areas/gender-and-science/cross-cutting-issues/gender-equality-and- disaster-risk-reduction/facts-and-figures/

  42. Utilizing Island Hopping in Targeted Attacks - Security News - Trend Micro USA. (2014). Retrieved from digital-threats/utilizing-island-hopping-in-targeted-attacks

  43. Weed, S. (2017). US Policy Response to Cyber Attack on SCADA Systems Supporting Critical National Infrastructure. Retrieved from _WEED_SCADA.PDF


Recent Posts

See All
  • Instagram

©2020 by Women in Crisis Response. Proudly created with