Keeping the electricity grid running – 4 essential reads
- Written by Jeff Inglis, Science + Technology Editor, The Conversation US
On Aug. 14, 2003, a software bug contributed to a blackout[1] that left 50 million people[2] across nine U.S. northeastern states and a Canadian province[3] without power. The outage lasted for as long as four days[4], with rolling blackouts in some areas for days after that.
That event wasn’t caused by an attacker, but many of the recommendations of the final incident report[5] focused on cybersecurity[6]. Fifteen years later, the stakes of a long-term outage[7] are even higher, as American business and society are even more dependent on electronic devices. Scholars around the country are studying the problem of protecting the grid from cyberattacks and software flaws. Several of them have written about their work for The Conversation:
1. Attacks could be hard to detect
Though the software error that amplified the blackout was not the result of a cyberattack, power grid scholar Michael McElfresh[8] at Santa Clara University explains that a clever attacker could disguise the intrusion[9] “as something as simple as a large number of apparent customers lowering their thermostat settings in a short period on a peak hot day.”
2. Grid targets are tempting
Iowa State University’s Manimaran Govindarasu[10] and Washington State University’s Adam Hahn[11], both grid security scholars, noted that the grid is an attractive target for hackers, who could shut off power to large numbers of people: “It happened in Ukraine in 2015[12] and again in 2016, and it could happen here in the U.S., too.”
3. What to do now?
In another article, Govindarasu and Hahn went on to describe the level to which “Russians had penetrated the computers[13] of multiple U.S. electric utilities and were able to gain … privileges that were sufficient to cause power outages.”
The response, they wrote, involves extending federal grid-security regulations[14] to “all utility companies – even the smallest,” having “all companies that are part of the grid participate in coordinated grid exercises to improve cybersecurity preparedness and share best practices” and – crucially – insisting that power utilities “ensure the hardware and software they use are from trustworthy sources and have not been tampered with or modified to allow unauthorized users in.”
Those steps won’t prevent software bugs, but they could reduce the likelihood of attackers exploiting computer systems’ vulnerabilities to shut off the lights.
4. Restructuring the grid itself
To protect against all types of threats to the grid – including natural and human-caused ones – engineering professor Joshua M. Pearce[15] at Michigan Technological University suggests generating energy at many locations around the country[16], rather than in centralized power plants. He reports that his research has found that connecting those smaller power producers together with nearby electricity users would make supply more reliable, less vulnerable and cheaper. In fact, he found the U.S. military “could generate all of its electricity from distributed renewable sources by 2025 using … microgrids.”
At least that way a small problem with the grid would be less likely to spread and become a major problem for tens of millions of people, like the Northeast Blackout of 2003 was.
Editor’s note: This story is a roundup of articles from The Conversation’s archives.
References
- ^ software bug contributed to a blackout (www.securityfocus.com)
- ^ 50 million people (www.cbc.ca)
- ^ nine U.S. northeastern states and a Canadian province (www.energy.gov)
- ^ as long as four days (www.energy.gov)
- ^ final incident report (www.energy.gov)
- ^ focused on cybersecurity (www.securityfocus.com)
- ^ stakes of a long-term outage (theconversation.com)
- ^ Michael McElfresh (theconversation.com)
- ^ a clever attacker could disguise the intrusion (theconversation.com)
- ^ Manimaran Govindarasu (scholar.google.com)
- ^ Adam Hahn (scholar.google.com)
- ^ It happened in Ukraine in 2015 (theconversation.com)
- ^ Russians had penetrated the computers (theconversation.com)
- ^ extending federal grid-security regulations (theconversation.com)
- ^ Joshua M. Pearce (scholar.google.com)
- ^ suggests generating energy at many locations around the country (theconversation.com)
Authors: Jeff Inglis, Science + Technology Editor, The Conversation US
Read more http://theconversation.com/keeping-the-electricity-grid-running-4-essential-reads-101481