Archive

Posts Tagged ‘Power GRID’

High Impact, Low Frequency Risks to the NA Power Grid

June 9, 2010 Leave a comment

NERC issued a report that speaks about the challenges posed by ‘High Impact, Low Frequency Risks’ on the Power Grid.

Although the report is not exclusive to cyber attacks, I will try and highlight the areas of interest to people like me, cyber security fanatics.

Attack Window

Attack Window

Snippet from page 10/11

The risk of a coordinated cyber, physical, or blended attack against the North American bulk power system has become more acute over the past 15 years as digital communicating equipment has introduced cyber vulnerability to the system, and resource optimization trends have allowed some inherent physical redundancy within the system to be reduced. The specific concern with respect to these threats is the targeting of multiple key nodes on the system that, if damaged, destroyed, or interrupted in a coordinated fashion, could bring the system outside the protection provided by traditional planning and operating criteria. Such an attack would behave very differently than traditional risks to the system in that an intelligent attacker could mount an adaptive attack that would manipulate assets and potentially provide misleading information to system operators attempting to address the issue.

it also adds:

While no such attack has occurred on the bulk power system to date, the electric sector has taken important steps toward mitigating these issues with the development of NERC’s Critical Infrastructure Protection standards5, the standing
Critical Infrastructure Protection Committee6, and a myriad of other efforts. More comprehensive work is needed, however, to realize the vision of a secure grid. Better technology solutions for the cyber portion of the threat should be developed, with specific focus on forensic tools and network architectures to support graceful system degradation that would allow operators to “fly with fewer controls.” Component and system design criteria should also be reevaluated with respect to these threats and an eye toward designing for survivability. Prioritization of key assets for protection will be a critical component of a successful mitigation approach.

The report reflects a significant shift in industry specific standards by referencing active security monitoring, security intelligence and specially designed forensics tools.

You can download a copy of the (120 pages) report here

HILF- NERC Report

HILF- NERC Report

Power Grid – Interactive Simulation

March 28, 2010 Leave a comment

Power engineering experts and educators from the Office for Mathematics, Science, and Technology Education (MSTE) and the Information Trust Institute (ITI) have developed these interactive lessons for the NSF, DOE, and DHS funded Trustworthy Cyber Infrastructure for the Power grid (TCIP) project to help teachers and students learn about the system that delivers electricity and the challenges for the future.

This interactive model can help non-techies in understanding the power grid and how Supply Vs Demand works.

You can interact by increasing or decreasing supply from a certain generator or increase the consumption of a residential town and see how this affects the entire system.

The Energy Grid interactive lessons

Power Grid Sims

Power Grid Sims

CISCO and Google Going SMART

May 19, 2009 Leave a comment

Further news about IT big players entering the heavily funded SMART GRID market space, CISCO officially unveiled its first end-to-end smart grid solution and strategy (HERE) , The networks giant official press release states that :

“Cisco’s plan establishes a complete communications fabric from electrical generation to business and the home based on Internet-Protocol standards. This will build intelligence, resiliency and two-way communications into an electricity distribution system that has been traditionally fragmented”.

My Comments on the news:

– CISCO’s purchase of (Pure Networks allowed them to acquire the rights for the HNAP (Home Networks Administration Protocol) that will allow Home appliances to speak and connect seamlessly together. think about it as Upnp meeting Apple’s Bonjour.this helped them offer a complete end to end solution.

– Google’s recent Venture Investment in the much talked about , Smart Grid networking specialists SilverSpring , Signaled a genuine intention to compete in the SMART GRID lucrative space.

– Google and GE Partnership for the Smart Grid Plug in – Allowing you to Watch your Home appliances energy consumption online – (See my post on may 7th about the topic: IT-powerhouses-sees-the-smart-grid-as-a-booming-business)

– The US Stimulus Package will inject 11 Billion$ into the Smart Grid as research and implementation funds within the next few year

I can only say that a vulnerability in your chrome browser or IP softphone can make you loose all your money, But a vulnerability in mission critical systems running the energy sector can cause millions of people to suffer a complete blackout and perhaps human lives…are we as an IT industry ready and up to a challenge where patching might be just too late.

2003 US-Blackout

2003 US-Blackout