"The electric grid is highly dependent on computer-based control systems. These systems are increasingly connected to open networks such as the internet, exposing them to cyber risks. Any failure of our electric grid, whether intentional or unintentional, would have a significant and potentially devastating impact on our nation" – Bennie G. Thompson (D-MS), Chair of the US House Committee on Homeland Security, with the introduction of the "Critical Electric Infrastructure Protection Act" (April 30, 2009)
There is widespread agreement among energy security analysts, utilities, and policy-makers that the next evolution of the US electricity grid depends upon the reduction of transmission congestion and bottlenecks. Proposals to modernize the country’s increasingly fragile electricity system have largely revolved around the potential deployment of “Smart Grid.” This integrated electric network will incorporate advanced digital functions into the nation’s electrical infrastructure to enhance reliability, efficiency, flexibility, and security. The Electric Power Research Institute (EPRI) considers Smart Grid one of the four infrastructures necessary to meeting climate change goals. In fact, EPRI has been selected by the National Institute of Standards and Technology to be the facilitator of Smart Grid’s roadmap.
The current electricity system includes a series of independently operating regional grids that would greatly benefit from the optimization that comes with national interconnection. Smart Grid has strong support. President Obama's 2009 economic stimulus package allocates $4.5 billion to modernize the nation’s electricity system and put Smart Grid technologies on the fast track. The development of Smart Grid, however, takes the US into uncharted territory regarding the organization and operation of the transmission system. The transformation will require both quantitative and qualitative changes in the way electricity is moved around the country. The current state of knowledge is not sufficient to fully grasp the implications of Smart Grid. The analysis presented here focuses on a concept that will be central to Smart Grid: security of the system.
With increased interconnection, security concerns arise. Indeed, The Wall Street Journal recently reported cyber spies from China, Russia, and other countries may have penetrated the US electrical grid and implanted software programs that could be used to disrupt the system. Thus far, the focus to better secure the grid has understandably focused on the existing network, but Smart Grid’s unique infrastructure must now become the spotlight to secure the system. Going forward, the US Department of Energy (DoE) confirms the ability to resist attack – by identifying and responding to disruptions caused by sabotage – is one of Smart Grid’s seven crucial functions.
Objective 3.1 of the US Department of Homeland Security's (DHS) Strategic Plan Fiscal Years 2008-2013 aims to “Protect and Strengthen the Resilience of the Nation’s Critical Infrastructure and Key Resources.” Al-Qaida and other terrorist networks specifically target power grids because electricity has no substitute and virtually every other key infrastructure depends upon access to power. In their 2005 book, Messages To The World: The Statements Of Osama Bin Laden, Lawrence and Howarth report the Al-Qaeda leader warns that Americans “will not come to their senses unless the attacks fall on their heads and ... until the battle has moved inside America.” The asymmetrical warfare paradigm which terrorists explicitly adhere to must be taken into account by each Homeland Security policy enacted. Security vulnerabilities exist on three main fronts – physical, cyber, and open-source information. Smart Grid must become a hardened target.
Smart Grid will derive its electricity from a combination of renewable and conventional energy sources. Physically, fortifying Smart Grid’s critical infrastructure is a new and daunting challenge because renewable energy facilities in particular spread out over vast distances. Wind is generally viewed as the most likely renewable incremental electricity source over the next several decades. The American Wind Energy Association reports utility-scale turbines for land-based wind installations come with rotor diameters ranging up to 300 feet. DOE indicates typical turbine spacing is five to ten rotor diameters apart, leading to well over a half mile between turbines. DOE concludes generating 20% of electricity with land-based wind installations would demand at least 20,000 square miles. By comparison, all US nuclear power plants, which produce roughly 20% of power, occupy only 115 square miles.
Smart Grid will require a “backbone” of extra-high-voltage transmission lines, which carry between 345 and 765 kilovolts (kV) of electricity. These power lines will increase the capacity, efficiency, and reliability of the grid. To the extent wind is the source of new generation, tens of thousands of miles of new transmission lines and their support structures will need to be built. Most potential sites for large-scale wind (and solar) farms are removed from population centers. As Dan Reicher, Director of Climate Change and Energy Initiatives at Google, has pointed out on GreenBiz, Smart Grid “is going to require literally thousands and thousands of miles of new transmission.”
In his well-marketed wind energy plan, oil tycoon T. Boone Pickens calls for 100,000 wind turbines and 40,000 miles of new high-voltage (>230kV) transmission lines to be built in the Great Plains Region. The physical exposure of this infrastructure could compromise system security, however, as the bulk of new lines will need to be overhead transmission. Hendricks (2009) has suggested burying lines underground will improve Smart Grid’s security. Unfortunately, burying power lines is generally not feasible, as it makes them more susceptible to weather damage and slows repair time. Further, a 2006 study by the Edison Electric Institute (EEI) indicated putting power lines underground would cost about $1 million a mile compared with $100,000 to install overhead lines. EEI’s report, Out of Sight, Out of Mind?, estimated statewide initiatives to bury power lines could prompt electricity rate increases of 80 to 125%.
There are at least four layers of physical security that must work to complement each other in Smart Grid: 1) environmental design 2) mechanical and electronic access control 3) intrusion detection and 4) video monitoring. EPRI and a number of US utilities are now discussing the possibility of monitoring transmission lines by satellite. Currently, this security measure is not practical because satellites with high-resolution imagery do not pass overhead often enough to pick up sabotage attempts, and those satellites passing more frequently lack the necessary imaging capability. An extended (and exposed) transmission system is a major Homeland Security concern because it is a preferred terrorist target. In the 2005 report, Diagnostic Tools to Estimate Consequences of Terrorism Attacks Against Critical Infrastructure, New York University's Zimmerman et al examined international databases, maintained by the National Memorial Institute for the Prevention of Terrorism, tracking terrorist attacks on the world’s electricity sector from 1994-2004. Figure 1 illustrates, in terms of the total number of physical attacks, transmission systems are easily the most common target. Generation includes power stations and dams; Substations includes substations and transformers; Transmission includes power grids, pylons, and utility towers; All Others includes distribution, electric relays, human resources, and junction boxes.
Known as cyber-physical systems (CPS), G. Zonghua says the emergence of “physical and engineered systems whose operations are integrated, monitored, and controlled by a computational core” is creating new security complexities (Second International Workshop on Cyber-Physical Systems, https://lists.cs.columbia.edu/pipermail/tccc/2009-January/010092.html). As opposed to embedded systems that typically use standalone devices, CPS infrastructure optimizes interacting components. The internet powers the man-machine interaction and their “smart” communication. Unfortunately, the US power grid could become an easier target for hackers as more elements of it are connected to each other or to the internet. Smart Grid utilizes intelligent electricity transmission-and-distribution networks that use two-way consumption data to make power delivery more efficient, reliable, and safe. The installation of advanced metering infrastructure solutions, such as smart meters, help consumers monitor energy usage in real-time by measuring, collecting, and analyzing data.
Smart Grid features are intended to enhance the security of the national electrical infrastructure, but the extension of two-way digital communications could make protecting the power grid from a cyber attack a far more complicated mission – extra nodes on a network can become new openings for intruders. IOActive, a computer security services firm, reports an attacker with $500 in equipment and a basic electrical background could seize command of Smart Grid’s bilateral communication system to manipulate services to homes and businesses. Once the system has been penetrated, the saboteur could cause a blackout by: 1) gaining control of possibly millions of meters on the grid and simultaneously shutting them down or 2) disrupting the load balance of the local system by suddenly decreasing or increasing the demand for power.
In a recent brief to DHS, IOActive researchers announced they had “created a computer worm that could quickly spread among Smart Grid devices, many of which use wireless technology to communicate.” Hackers could cut power to those Smart Grid devices that use “remote disconnect,” a feature that allows utilities to stop power flow to customers. Industrial leaders articulated concerns to Congress earlier this year that a rush to establish Smart Grid without substantial security precautions could result in wasted resources if new technologies require replacement shortly after deployment. GridLAB-D and other power distribution simulation and analysis systems are using the most advanced modeling techniques to ensure that those technologies expected to play a long-term role are interoperable and secure. DOE’s National Energy Technology Laboratory groups Smart Grid technologies into five categories:
1. Integrated Communications – connect components to an open architecture for real-time information and control, to allow every part of the grid to both “talk” and “listen”
2. Sensing and Measurement – technologies support faster and more accurate response, such as remote monitoring, time-of-use pricing, and demand-side management
3. Advanced Components – apply the latest research in superconductivity, fault tolerance, storage, power electronics, and diagnostics
4. Advanced Control Methods – monitor essential components, enabling rapid diagnosis and precise solutions appropriate to any event
5. Improved Interfaces and Decision Support – amplify human decision-making, transforming grid operators and managers into knowledge workers
The deployment of these technologies should be a judicious process, as US success or failure, in all likelihood, determines the probability other nations will upgrade their own electrical infrastructure. “The more you push communications, intelligence [across the grid] ... you are adding some level of risk,” Brian Seal, a senior project manager involved in power delivery at EPRI, recently told the Associated Press. William Sanders, principal investigator for the National Science Foundation Cyber Trust Center, says, “I do not think we should stop deployment until we have it all worked out. But we have to be vigilant and address security issues in Smart Grid early on.” The North American Electric Reliability Corporation has created a number of cyber security standards, but recent Senate legislation, namely the Critical Electric Infrastructure Protection Act, makes it clear federal leadership needs consolidated. The authority of DHS and the Federal Energy Regulatory Commission (FERC) to secure the electric grid is expected to increase.
In the ever-expanding world of open-source information, Smart Grid’s greatest strength could also be its greatest weakness: modern technology. The growing ability of terrorists to readily collect intelligence and identify infrastructural weak spots makes electrical grids more susceptible to sabotage. For example, according to the US Department of Defense (DoD), a captured Al-Qaida training manual claims, “Using public sources openly and without resorting to illegal means, it is possible to gather at least 80% of information about the enemy.” Public sources, terrorism experts conclude, can be used to gain at least 80% of the information required to plot an attack on Smart Grid. When it comes to targeting the US electrical grid, however, it could be possible to collect all the information needed, as publicly available trade journals disclose where new electrical facilities are being constructed. These journals document the transmission capacity of switching stations and the geographic areas for which they are responsible.
Terrorists have long realized disrupting the US information infrastructure is a far less risky strategy than traditional military combat. The internet, for example, gives terrorists a readily available, mostly unguarded corridor where they can hide their location, select their entryway, and mask their identity. Indeed, a recent intelligence report by the US Army confirmed popular micro-blogging services, such as Twitter and MySpace, Global Positioning System maps, and voice-changing software are all possible terrorist tools. The internet is an ideal arena for fundraising, recruitment, and data mining. The US Institute of Peace points out the variety of reasons terrorist networks use the internet to gather intelligence for planning and coordinating attacks. It offers:
• easy access
• little or no regulation, censorship, or other forms of government control
• potentially huge audiences spread throughout the world
• anonymity of communication
• fast flow of information
• inexpensive development and maintenance of a web presence
• a multimedia environment – the ability to combine text, graphics, audio, and video
• the ability to shape coverage in the traditional mass media, which increasingly use the internet as a source for stories
DoD has banned the virtual globe, map, and geographic information program, Google Earth, from making detailed street-level video maps of American military bases. In January, 2007, clearly visible Google Earth images of British military bases were discovered in the homes of Iraqi insurgents. The terrorists that attacked numerous locations in India last November used Google Earth’s satellite photographs of the city to locate their targets and coordinate their attacks. A petition entered at the Mumbai High Court alleges Google Earth “aids terrorists in plotting attacks.” Google Earth routinely offers up digital satellite images of critical installations that, in previous times, would only have been available to government agencies. The real-time status of images depends upon the feature, but because Google Earth is viewed as an effective program to help identify the parts of the US electricity transmission system most vulnerable to extreme weather, terrorists realize an opportunity to exploit.
Smart Grid will simultaneously expand the infrastructure for transporting electricity and present a more physically challenging infrastructure to protect. Smart Grid’s use of internet technologies makes its full protection prior to deployment a matter of national security, as America’s enemies work to exploit all channels of information. Unfortunately, the National Cyber Security Division of DHS has been under fire since its inception and received letter grades of “F” from congressional overseers. Smart Grid risk management involves three crucial steps: 1) assess threats 2) detect vulnerabilities and 3) gauge the risk and identify countermeasures. Locking off potential access points with two-factor authentication systems, for example, includes human factors (“something you are”), personal factors (“something you know”), and technical factors (“something you have”).
The Chair of FERC, Jon Wellinghoff has called for “standards to ensure the reliability and security, both physical and cyber, of the electric system”. The fact many of the aforementioned intrusions were detected by US intelligence agencies and not by the companies in charge of the infrastructure indicates federal programs to protect computer networks must expand out to the private level. For Smart Grid to be successfully deployed, physical security and cyber security must succeed together, or both will fail.
Jude Clemente is an Energy Security Analyst with the Homeland Security Department at San Diego State University