Print 24 comment(s) - last by phantom505.. on Oct 10 at 1:19 PM

  (Source: U.S. Department of Energy)

An old fashioned grid may be inefficient, but it may be easier to secure than a "smart grid". Much of the benefits of a smart grid come from internet connectivity, and that connectivity opens the door to attacks.  (Source: Shuttershock)

Lockheed Martin's Kenneth Van Meter  (Source: West Virginia University)
Coincidentally Lockheed Martin happens to sell security software

Lockheed Martin's General Manager of Energy & Cyber Services, Kenneth Van Meter, speaking with green-power site Smart Planet voiced some dire warnings about the United States' push to adopt a "smart grid".  According to Mr. Van Meter, the transition poses a glaring threat to the security of the U.S.

He comments, "Right now if I wanted to cut off the power to your house, I’d climb the pole, and there’s a manual switch. Everything’s physical. Once we have a smart grid in place I could do that from China."

"The sheer volume of interactive devices on two-way networks is the biggest risk. By the end of 2015 we will have 440 million new hackable points on the grid. Nobody’s equipped to deal with that today."

When asked about the worse case scenario he remarks:

There are three. The one everyone thinks about is the neighborhood kid or someone in another country turning off the power to the neighborhood or the hospital in the middle of night. While no one wants that to happen, it’ll be detected pretty quickly, so it’s not a disaster.

The second potential problem has to do with voltage control. If you want to optimize the amount of power the electrical company has, you want to engage in voltage control, where you have devices along the line from the substation. You can adjust the voltage, everyone gets the right voltage, and everyone’s appliances are running more efficiently. Putting in those devices is expensive, and now those become hackable points–because if you can control them, then someone else can control them. So if your power is out, that would be highly inconvenient. But what if they ran the voltage up and down on your house and when it was fixed, the voltage-sensitive equipment like your computer and high-definition TV didn’t work any more?

Third: If you can cause rapid problems in the grid to occur in the right places at scheduled times, you could destabilize the whole grid, black out whole cities or states and cause massive damage. Sometimes this happens accidentally, but it could also happen because someone makes it happen. Some of the devices are very expensive and therefore there are few spares. Substation-sized transformers, for example, aren’t even made in this country anymore and sometimes it can take two years to get one.

Coincidentally, Mr. Van Meter's company sells security solutions to utilities, so his reason for evangelizing about the smart grid's insecurity may not be purely altruistic.  And Lockheed Martin has had its own security woes recently, with Chinese spies reportedly breaking into servers used in the company's F-35 Lightning II fighter project.

Nonetheless, the points raised are largely valid.  Virtually every large piece of software (Windows, Linux, OS X, Internet Explorer, Safari, Firefox, Adobe Flash, etc.) created has had vulnerabilities that have been found and exploited.  Its unlikely to think that the software that governs the grid will be free of similar vulnerabilities.

A web-connected grid, like Google Grid or Microsoft Hohm, sounds great on paper, but it introduces a pressing need for security, as people from all over the world can now try to attack the power infrastructure remotely.  And where a typical cyberattack may merely deny people access to a website, or damage their personal computers, an attack on the grid could literally prove deadly.  So Lockheed Martin may be a bit biased, but they're probably right, in this case.

Comments     Threshold

This article is over a month old, voting and posting comments is disabled

RE: Separate important networks from the internet
By MrTeal on 10/5/2010 9:25:58 AM , Rating: 2
That's easy to say and expensive to do.

How would you go about connecting all the diverse substations, plants, meters, etc together? String out an entirely new network coast to coast in order to keep them physically separate? Realistically routing the signals over the internet is the only cost effective way of implementing a smart grid.

RE: Separate important networks from the internet
By saganhill on 10/5/2010 9:39:50 AM , Rating: 2
There is already technology that enables the electrical grid itself to be a "network" and data carrier. You could bypass the internet all together and just use the electrical grid thats already there as the "network".

By Iaiken on 10/5/2010 10:00:09 AM , Rating: 3
This is how the Canadian grid is networked.

The problem is, you can still get devices that you simply plug into the wall and gain access to this network.

Conversely, this allows power authorities to bring the grid up faster after a massive failure like the 2003 blackout. Operators were able to route power from black start facilities to the nukes and get them back online faster than any other part of North America.

Basically, they were able to ramp up power at the black starts and add/remove loads to create ever-lengthening lifelines of power that stretched across huge geographical areas.

By invidious on 10/5/2010 9:41:53 AM , Rating: 2
Yes, if its not worth doing right then its not worth doing.

By StevoLincolnite on 10/5/2010 9:45:03 AM , Rating: 1
How would you go about connecting all the diverse substations, plants, meters, etc together? String out an entirely new network coast to coast in order to keep them physically separate? Realistically routing the signals over the internet is the only cost effective way of implementing a smart grid.

Not at all, you can already buy Ethernet over Power networking gear to use your own homes electrical "grid" as a means to network your home.

Think of the electrical grid as a highly complex copper phone line network... And just like the copper phone line it can be potentially used for internet connections. (Please note: Neither the original copper phone line or the power grid was originally designed with broadband in mind, but it is still possible.)

RE: Separate important networks from the internet
By mmatis on 10/5/2010 10:17:15 AM , Rating: 2
Please note "Iaiken" above in the second paragraph. This "new" network is hackable from every electrical outlet, and therefor no more secure than the Internet. This article is about the bad guys being able to take down the US power distribution system due to the drive to make it "smart". Stuxnet, anyone?

By carniver on 10/5/2010 12:41:18 PM , Rating: 3
Still, the hacker will be local, so you may pinpoint his physical location and raid it. Compared that to somewhere out on another continent which is the case for the internet.

By Iaiken on 10/5/2010 12:57:50 PM , Rating: 2
There are still ways to make it secure, you can install filters at the line terminators where it splits off to each house to eliminate digital signals from passing. Then you use an obscenely strong (512-bit+) private key encryption system. Each device on the network would have it's own key that is known only to it and the system operator.

This basically makes it so that attacking the system as a whole is practically impossible and even attacking an individual device on the network is so impractical that it would be ineffectual. Of course, this is highly impracticable to put into place over large geographies and so only nations like France, Spain and Japan have AGC systems security of this magnitude.

I can't actually talk about how the Ontario grid systems security scheme works (because I am still under NDA for another 15 years), however, I can say that I certainly don't worry about it being vulnerable to attack any time within that period. I'll just say that it's a very effective compromise.

RE: Separate important networks from the internet
By knutjb on 10/5/2010 11:07:25 AM , Rating: 2
That's the technical side look at the logistics side. Food is delivered on a just in time plan. If you knock out the power grid for a few days you will have serious problems, rotting fresh food is very ugly.

Stores, and pretty much every business, are run electronically and they will shut down too. Fuel won't be shipped, no gas, no ac or heat. There are a number of potentially catastrophic outcomes from someone screwing with the grid.

Suck up the minor inefficiencies and keep the sparks flowing. To not do so will lead to very ugly situations. Look at the last brown or black out in NY...

By Iaiken on 10/5/2010 12:43:15 PM , Rating: 2
Most governments call this the "golden trinity" (or something to that effect) made up of energy, finance and agriculture.

Basically, if you interrupt any one of the above, the other two are affected. If you can affect all three long enough, the fabric of society will begin to break down.

"I'd be pissed too, but you didn't have to go all Minority Report on his ass!" -- Jon Stewart on police raiding Gizmodo editor Jason Chen's home

Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki