NewEnergyNews: SMART GRID SECURITY/

NewEnergyNews

Gleanings from the web and the world, condensed for convenience, illustrated for enlightenment, arranged for impact...

The challenge now: To make every day Earth Day.

YESTERDAY

THINGS-TO-THINK-ABOUT WEDNESDAY, August 23:

  • TTTA Wednesday-ORIGINAL REPORTING: The IRA And The New Energy Boom
  • TTTA Wednesday-ORIGINAL REPORTING: The IRA And the EV Revolution

    • THE DAY BEFORE

  • Weekend Video: Coming Ocean Current Collapse Could Up Climate Crisis
  • Weekend Video: Impacts Of The Atlantic Meridional Overturning Current Collapse
  • Weekend Video: More Facts On The AMOC

    • THE DAY BEFORE THE DAY BEFORE

    WEEKEND VIDEOS, July 15-16:

  • Weekend Video: The Truth About China And The Climate Crisis
  • Weekend Video: Florida Insurance At The Climate Crisis Storm’s Eye
  • Weekend Video: The 9-1-1 On Rooftop Solar

    • THE DAY BEFORE THAT

    WEEKEND VIDEOS, July 8-9:

  • Weekend Video: Bill Nye Science Guy On The Climate Crisis
  • Weekend Video: The Changes Causing The Crisis
  • Weekend Video: A “Massive Global Solar Boom” Now

    • THE LAST DAY UP HERE

    WEEKEND VIDEOS, July 1-2:

  • The Global New Energy Boom Accelerates
  • Ukraine Faces The Climate Crisis While Fighting To Survive
  • Texas Heat And Politics Of Denial

    • --------------------------

    --------------------------

    Founding Editor Herman K. Trabish

    --------------------------

    --------------------------

    WEEKEND VIDEOS, June 17-18

  • Fixing The Power System
  • The Energy Storage Solution
  • New Energy Equity With Community Solar
  • Weekend Video: The Way Wind Can Help Win Wars
  • Weekend Video: New Support For Hydropower
    • Some details about NewEnergyNews and the man behind the curtain: Herman K. Trabish, Agua Dulce, CA., Doctor with my hands, Writer with my head, Student of New Energy and Human Experience with my heart

    email: herman@NewEnergyNews.net

    -------------------

    -------------------

      A tip of the NewEnergyNews cap to Phillip Garcia for crucial assistance in the design implementation of this site. Thanks, Phillip.

    -------------------

    Pay a visit to the HARRY BOYKOFF page at Basketball Reference, sponsored by NewEnergyNews and Oil In Their Blood.

  • ---------------
    • WEEKEND VIDEOS, August 24-26:
  • Happy One-Year Birthday, Inflation Reduction Act
  • The Virtual Power Plant Boom, Part 1
  • The Virtual Power Plant Boom, Part 2

    Monday, June 22, 2009

    SMART GRID SECURITY

    The Security Vulnerabilities of Smart Grid
    Jude Clemente, 18 June 2009 (Journal of Energy Security)

    SUMMARY
    A Smart Grid is widely recognized to be urgently needed in the U.S. but instituting it will require facing many unknowns and conquering serious security challenges. According to authorities, the present state of knowledge is not up to fully securing a fully interactive Smart Grid.

    On the other hand, the present system is neither robust nor secure. There were recent media reports that cyber spies from China, Russia, and other countries may have penetrated the system and planted viruses that may cause future disruptions unpredictably.

    To simply provide the amount of electricity demanded by the country, there must be more carrying capacity. To provide the amount of New Energy the country must develop if it is to shift from imported to domestic power sources, it must have new carrying capacity where there presently is none. And to shift to the many New Energy sources and Energy Efficiencies needed to meet the urgency of global climate change, there must be a system smart enough to manage demand and integrate supplies.

    Electric transmission is on the verge of a revolutionary transformation - and it must be made secure. (click to enlarge)

    Security experts, utility management, transmission system operators and political leaders support what they see as the evolution of U.S. electricity delivery. President Obama's 2009 economic stimulus package allocates $4.5 billion to strengthen the system’s fragility, eliminate congestion and bottlenecks and speed Smart Grid upgrading.

    The Electric Power Research Institute (EPRI) has been picked by the National Institute of Standards and Technology to draw the roadmap to Smart Grid. EPRI says Smart Grid is one of the four infrastructures necessary to meeting climate change goals.

    The U.S. Department of Energy (DOE) National Energy Technology Laboratory (NETL) has 5 Smart Grid technology categories:
    (1) Integrated Communications connect grid components to an open architecture so that every part of the grid system can “talk” and “listen” in real time.
    (2) Sensing and Measurement technologies make response implementations (like (remote monitoring, time-of-use price adjustments, and demand-side management) faster and more accurate.
    (3) Advanced Components incorporate the latest advances in things like superconductivity, fault tolerance, storage, power electronics, and diagnostics.
    (4) Advanced Control Methods make monitoring, diagnosis and reactions faster and more accurate.
    (5) Improved Interfaces and Decision Support allow managers and grid operators to participate more quickly and efficiently.

    click to enlarge

    The Smart Grid has security issues – vulnerabilities – in 3 categories: physical, cyber, and open-source information. It must be “hardened’ in all 3 areas.

    Physical Security
    Adding New Energy to the U.S. power mix means adding new wires in unprecedented quantities. The DOE study finding it feasible that wind energy could supply 20% of U.S. power estimated that land-based wind will need to cover at least 20,000 square miles of dual-use terrain to do so. (All US nuclear power plants, which produce ~20% of U.S. power, occupy only 115 square miles - not counting how much land they render unuseable by their presence.)

    Smart Grid will, therefore, begin with extra-high-voltage transmission (345 and 765 kilovolt) lines spanning the country between generation centers, where there are abundant wind, sun, geothermal and hydrokinetic energy sources, and population centers, where there is or will be unmet demand. These power lines will increase the capacity, efficiency, and reliability of the grid but will be an enormous system to protect.

    Based on a New York University 2005 assessment of worldwide terrorist attacks, transmission systems are 6 times more common a target than any other part of a power system.

    click to enlarge

    Cyber Security
    Already an object of hacker attacks, the U.S. power grid will - without protective measures - likely be an easier target as it becomes more interconnected and interwoven into the Internet. Smart Grid will be based on 2-way communications between power suppliers and consumers. It will make consumption more efficient, reliable, and safe through the incorporation of Smart Meters by which consumers can monitor real-time usage.

    This 2-way communication makes grid security far more complicated. Every new node in the system is an opening for intruders. Computer security expert IOActive says it would only take $500 in equipment and a basic electrical background to control Smart Grid’s interactive communication system, manipulate services and even cause a blackout by controlling millions of meters and simultaneously dialing them up or down, on or off.

    Because Smart Grid will work through the Internet, it will require Internet security to be more robust. Unfortunately, the National Cyber Security Division of the Department of Homeland Security (DHS) has received letter grades of “F” from congressional overseers since its inception.

    click to enlarge

    There are 3 steps to Smart Grid risk management: (1) Threat assessment, (2) vulnerabilities detection, and (3) countermeasures. These all require complicated authentication of human factors (“something you are”), personal factors (“something you know”), and technical factors (“something you have”). Intrusions have so far been detected by U.S. intelligence agencies and not the companies in charge of Internet infrastructure. Cyber security, therefore, may require better implementation of federal programs in the private sector.

    Open-Source Information
    Terrorism experts say at least 80% of the information required to plot an attack on the present U.S. transmission system can be obtained through open sources. It may be even easier than that because publicly available trade journals report the locations of all new electrical facilities as well as their transmission capacities, switching stations and the geographic areas they cover. Switching stations are notoriously unprotected. With the introduction of Smart Grid, the switching stations will be even more crucial to the system’s function. At vulnerable switching stations, open source information can be manipulated to control or cripple targeted vital regions.

    For Smart Grid deployment, there must be an absolute certainty of physical security and cyber security protections of all that is available through open source information or the system will surely fail.

    It's a lot to secure. (click to enlarge)

    COMMENTARY
    With increased interconnection, there will inevitably be increased security concerns. A smarter system may be the only solution. An ability to resist attacks by identifying and responding to sabotage is one of Smart Grid’s crucial functions.

    Is the need for security so real? Terrorist networks specifically target power grids because electricity is so vital to everything else. Al-Qaeda has repeatedly announced intentions to come after such domestic targets.

    Why not bury the transmission lines for Smart Grid? Burying power lines makes them more expensive, more susceptible to weather damage and slows repair time. A 2006 study by the Edison Electric Institute (EEI) concluded that putting power lines underground costs ~$1 million a mile whereas overhead lines are ~$100,000 a mile. Statewide initiatives to bury power lines could drive electricity rates up 80-to-125%.

    click to enlarge

    EPRI and some U.S. utilities are considering the possibility of monitoring transmission lines by satellite. Though satellites with the high-resolution imaging capability to do this are not now numerous enough to do this effectively, it may soon be possible. On the other hand, if transmission interruption succeeds, the satellite monitoring system could be rendered impotent. The coming new national high voltage, highly exposed transmission system therefore remains a major Homeland Security worry.

    There are at least 4 layers of physical security that must work together in a Smart Grid: (1) environmental design, (2) mechanical and electronic access control, (3) intrusion detection and (4) video monitoring. It would appear that the builders of Smart Grid remain at layer 1.

    If the physical system is vulnerable, it is nothing compared to the system’s cyber vulnerability. To begin with, disrupting the information infrastructure is far less risky and far more crippling than any kind of traditional military assault. The Internet is mostly unguarded and attackers can hide their location, select their entryway, and mask their identity. A recent U.S. Army intelligence report argued that services like Twitter and MySpace, Global Positioning System maps, and voice-changing software are all possible terrorist tools.

    DoD is preparing for cyber warfare. (click to enlarge)

    According to the U.S. Institute of Peace, terrorist networks use the Internet to gather intelligence for planning and coordinating attacks for a list of reasons: (1) easy access, (2) little or no regulation, censorship, or other forms of government control, (3) potentially huge audiences spread throughout the world, (4) anonymity of communication, (5) fast flow of information, (6) inexpensive development and maintenance of a web presence, (7) a multimedia environment – the ability to combine text, graphics, audio, and video, and (8) the ability to shape coverage in the traditional mass media, which increasingly use the Internet as a source for stories. (Mostly the same reasons NewEnergyNews uses the Internet.)

    The U.S. Department of Defense (DoD) has disallowed Google Earth from making detailed street-level video maps of American military bases. An attack on civil liberties? Maybe, but clearly visible Google Earth images of British military bases were found in the homes of Iraqi insurgents in 2007. Last November's Mumbai, India, terrorists used Google Earth photos of the city to target and coordinate their multiple attacks. Such imagery was, until the advent of Google Earth a few years ago, only available to governments.

    On the other hand, Google Earth or some version of satellite imaging may turn out to be how the coming U.S. national Smart Grid will be protected. It is too early in the process of transformation to know the details. It is only possible to know the details will be crucial and it will be urgent for the many to keep the few devils out of those details.

    QUOTES
    - Bennie G. Thompson (D-MS), Chair of the US House Committee on Homeland Security, with the introduction of the "Critical Electric Infrastructure Protection Act" (April 30, 2009): “The electric grid is highly dependent on computer-based control systems. These systems are increasingly connected to open networks such as the Internet, exposing them to cyber risks. Any failure of our electric grid, whether intentional or unintentional, would have a significant and potentially devastating impact on our nation"

    - Objective 3.1, U.S. Department of Homeland Security (DHS) Strategic Plan Fiscal Years 2008-2013: “Protect and Strengthen the Resilience of the Nation’s Critical Infrastructure and Key Resources.”
    - Dan Reicher, Director of Climate Change and Energy Initiatives, Google: “[Smart Grid] is going to require literally thousands and thousands of miles of new transmission.”
    - Jon Wellinghoff, Chair, FERC: “[There must be] standards to ensure the reliability and security, both physical and cyber, of the electric system”.

    click to enlarge

    - IOActive researchers: “[We have already] created a computer worm that could quickly spread among Smart Grid devices, many of which use wireless technology to communicate.”
    - Brian Seal, senior project manager in power delivery, EPRI: “The more you push communications, intelligence [across the grid] ... you are adding some level of risk…”
    - William Sanders, principal investigator, National Science Foundation Cyber Trust Center: “I do not think we should stop deployment until we have it all worked out. But we have to be vigilant and address security issues in Smart Grid early on.”
    Captured Al-Qaida training manual: “Using public sources openly and without resorting to illegal means, it is possible to gather at least 80% of information about the enemy.”
    - Jude Clemente, Homeland Security Department Energy Security Analyst, San Diego State University: “Smart Grid will simultaneously expand the infrastructure for transporting electricity and present a more physically challenging infrastructure to protect. Smart Grid’s use of internet technologies makes its full protection prior to deployment a matter of national security, as America’s enemies work to exploit all channels of information…For Smart Grid to be successfully deployed, physical security and cyber security must succeed together, or both will fail.”

    posted by Herman K. Trabish @ 5:59 AM

    0 Comments:

    Post a Comment

    << Home