The DOD believes that "A significant, cross-sector vulnerability exists in the Nations's power grid that jeopardizes the availability and safety of electric power and the safety and reliability of many types of motors and generators connected to it."
See
I would think the billing systems have a greater vulnerability, and more of an effect on the companies. And it will only become greater with smart grid.
Most utilities have tightened things up so tight on the operations side, that only distribution systems can be effected.
I think hacking would be quite a ways down on the list of power system vulnerabilities if someone was up to serious mischief. And no, I don't want to be more specific. Of course, this would involve people who came out their parents' basement into the real world occasionally.
I think the anonymous crew should be rewarded. They are clearly exposing the fact that many security companies are really not doing what they are being paid (and paid heavily) for. They could have really destroyed people/companies but instead just went in and held the data high saying "hey look at what's possible".
The fibre optic cables carried with the phase conductors on the towers to interconnect substation data and control systems are significantly more difficult to "hack" than the phone lines.
Bill
--------------------
"Why not the best?"
Jimmy Carter
Aurora result: Closing a generator in out of sync damages same, something well known since the time of Tesla. Taxpayer funded researchers, without any hacking involved (they had direct access to the controls) destroyed a perfectly good taxpayer provided generator. Where's Rick Santorum when you need him?
The overreaction to all of this is security at whatever cost. Of course the ratepayers need to fund it all. Somewhere there should be a rational discussion regarding risk versus cost, but I have not yet seen that approach. Instead we see the sky is falling approach.
Isn't the Aurora project kind of bunk because you would probably have sync detection?
Isn't all this security kind of moot when there are so many ways you could take down the grid? The outage in California last summer was caused by maintainence personal by accident. I mean if you wanted to, you could easily short out line or destroy bushings and cause a black out if it was critical and how would anyone stop it.
At the same time i found this artical, I also found a artical on "Bully Adults in the Workplace", which sounds like what the goverment is trying to do to utilities. Release partial truths, to drum up public reactions, then follow with regulations that really don't hit the mark.
After all isen't a Fine simular to a Tax.
The normal synchronizing point may or may not have a backup sync check relay isolated from all communications. Not every breaker anywhere on the system has a sync check relay. Even locations with relays also have potential avenues for hacking some of those relays.
Given the recent example of the stuxnet virus damaging Iranian centrifuges, it seems quite possible that a persistent, determined group of hackers could cause at least one "limited power outage".
Is hacking a more efficient way to cause power outages than direct physical attack to critical assets? I don't know, but the ease of physical damage and the lack of it that occurs leads me to believe there has not been a determined group attacking the power grid yet.
No, there's not been a determined, competent, group attacking the power grid. There may have been determined, incompetent attacks though. ;-)
The thing I've never understood about the whole Aurora things is why bother? I could take out a large power plant and nobody will see their lights go out; it might make the business section of the paper; the stock-holders will immediately inconvenienced, and if the repair cost are great enough the rate payers may eventually be inconvenienced too.
But what if the lights in a major city went out at 3:00 every afternoon, or every few afternoons to throw in some anticipation factor. Even if things can be restored in 10-15 minutes people will be screaming for something to be done after the second or third event.
So true david. However some of us are under the microscope more than others. However, more power outages seem to occur because of bad drivers.
So is it possible for a group of really bad drivers to cause numbers of power outages in a single location? Or a coordinated number of outages in different cities?
In order to make a coordinated cyber attack of the power grid, would the hackers need to know something about the devices they are hacking into? If so where would they get that information?
A 'hacker' group managed to gain access to the network which controls the pump and valve system in the Netherlands which keeps that below-sea-level nation dry. No scope for mischief there...
So yes, IF they managed to breach the security and get onto the TSO's computers then it would be fairly easy to create chaos, even if they didn't actually destroy anything. Damaging stuff would be tricky as it usually has local protection, but disrupting operation of a large interconnected grid wouldn't be too difficult just by opening key breakers.
----------------------------------
If we learn from our mistakes I'm getting a great education!
"No, there's not been a determined, competent, group attacking the power grid. There may have been determined, incompetent attacks though. "
As I recall, 3 HV towers were brought down by bombs in 1968 and a corroded 4th bomb that never went off was found in 1969 in the SF Bay Area, all of which caused mass hysteria over power grid vulnerability and prompted massive expenditures on security measures all across the nation back then, nothing new.
It was speculated at the time to be the Weathermen but was never proven, later some people thought maybe it was the Unabomber who did it. I believe its still officially unsolved though.
"Dear future generations: Please accept our apologies. We were rolling drunk on petroleum."
— Kilgore Trout (via Kurt Vonnegut)
For the best use of Eng-Tips, please click here -> faq731-376
Kinetic energy solutions are always the most feared. Bombs so to speak do a fine job of really wrecking things.
The Aurora science experiment is just that, an experiment. What they don't discuss in the report is how many times they tried the experiment before something notable happened. Add in the fact that anti-pump devices DO exist and that breakers only have 3 to 4 operations in them before a "recharge" is needed and it is much ado about nothing. Like David says it isn't a big deal to loose generation, at least in the Pacific NW. I remember when ALL of Grand Coulee was lost due to a fire in the early part of this century...net operational impact was ZERO. The markets got a little froggy though.
I offer up the analogy of getting into the flight control software of an Airbus (for example). IF I knew what I was doing AND if I had UNFETTERED access to it I am sure I could make some pretty horrible things happen.
However, why would you need software to do any of that?
Sabotage is what is really afoot here, and I question the usefulness of a National Lab telling us to be alert to sabotage. I mean really? Seriously? Thanks for the hot tip! Regardless, I think Mother Nature is still the thing to watch out for...
