People are missing one of the most important parts in the entire discussion. There is an underlaying assumption that no one is address. In order to be hacked, the grid must be part of the internet.
Why does the smart grid need to be part of the internet? Why can't it be a private (completly not connected to the internet) powerline grid based network. The power cables themselves could be the physical medium.
If you remove the smart grid from the internet, you remove most of the threat.
Today, a saboteur can turn off your power by climbing a utility pole. With the smart grid, someone could interrupt your service—and that of your whole city—from China. What are utilities doing to protect us?
Lockheed Martin has partnered with several utility companies on projects that will upgrade the country’s existing electric grid to make it more secure against cyber attacks. I recently talked with Kenneth Van Meter, Lockheed’s general manager of Energy and Cyber Services. Excerpts of our conversation are below.
Why is there so much potential risk associated with the smart grid?
The sheer volume of interactive devices on two-way networks is the biggest risk. By the end of 2015 we will have 440 million new hackable points on the grid. Nobody’s equipped to deal with that today.
Right now if I wanted to cut off the power to your house, I’d climb the pole, and there’s a manual switch. Everything’s physical. Once we have a smart grid in place I could do that from China.
What are these 440 million new hackable points?
Every smart meter is going to be a hackable point. There are devices and routers in all of the substations that are hackable. Automated devices at home all become hackable points. We’re making the whole network from generation to distribution and meter fully automated, so that’s hackable. If you can communicate with it, you can hack it.
The smart grid is a tremendous idea, and we need to do it. We can’t not do it. We will never be able to manage and control our power usage at an efficient level unless we can mechanically control it, so it’s absolutely essential that we do it, given that. It’ll allow people to identify and correct outages much faster. Each transformer will be automated by a computer chip so it can send messages back when it’s in distress. Each smart meter has a little capacitor in there. If it loses power, before it dies, it sends a message that says, “help” so they’ll know real-time which houses are affected. Right now they only get that from people calling the power company.
What’s the worst-case scenario?
There are three. The one everyone thinks about is the neighborhood kid or someone in another country turning off the power to the neighborhood or the hospital in the middle of night. While no one wants that to happen, it’ll be detected pretty quickly, so it’s not a disaster.
The second potential problem has to do with voltage control. If you want to optimize the amount of power the electrical company has, you want to engage in voltage control, where you have devices along the line from the substation. You can adjust the voltage, everyone gets the right voltage, and everyone’s appliances are running more efficiently. Putting in those devices is expensive, and now those become hackable points–because if you can control them, then someone else can control them. So if your power is out, that would be highly inconvenient. But what if they ran the voltage up and down on your house and when it was fixed, the voltage-sensitive equipment like your computer and high-definition TV didn’t work any more?
Third: If you can cause rapid problems in the grid to occur in the right places at scheduled times, you could destabilize the whole grid, black out whole cities or states and cause massive damage. Sometimes this happens accidentally, but it could also happen because someone makes it happen. Some of the devices are very expensive and therefore there are few spares. Substation-sized transformers, for example, aren’t even made in this country anymore and sometimes it can take two years to get one.
What does that mean, when you talk about destabilizing the whole grid?
The best way to think about it is this: Let’s say you have nine substations in an area, and you’re moving voltages up and down and it’s all balanced. Let’s say you blow up a substation—a tornado takes one out; or a saboteur takes one out; or you send messages through the network that take it out. Then the substations around it and those who rely on it for power would be out. Someone’s generators will come on line and those things will start to happen. The big transmission lines could be affected. It’s a big domino effect, so the big risk is that someone would do a massive scale attack that could destabilize the grid.
You are partnering with some utility companies to make the smart grid safer. How are you working with them?
The utilities have been eager to resolve these issues, but it’s all new to them. There are 239 big utilities and over 3,000 little ones. The smaller ones don’t have a cyber security department, and they never will, but they have the same probably of being [sabotaged].
We’re doing a few things:
- Blocking and tackling. NERC CIP [North American Electric Reliability Corporation’s Critical Infrastructure Protection—a set of cyber security requirements] compliance. If they don’t comply, NERC can fine them up to $1 million a day. It’s pretty serious stuff—like putting locks on stuff or changing the password of a guy who left the company. You say, surely the utilities were doing these things before, but they weren’t. We help them get ready for the audit.
- Advanced cyber security best practices, which includes secure code reviews, security risk assessment, looking for process issues like code that’s out of date or devices that haven’t been approved for secure use.
- Threat and information sharing. We are building the first ever real-time cyber center that has been used for utilities. With AEP [American Electric Power], we are inviting leading utilities to participate. We think that will be essential to protecting the electric grid. Right now, if Southern Company, for example, identifies a threat and finds a bug, they fix it but don’t tell anyone else. So we share on a real-time basis and say we just saw this new thing and here’s the fix, and they implement that. There are 3,200 utilities in the U.S.; they’re not going to make 3,200 phone calls a day. We want to be the hub of that sharing.
- Advanced forensics and tools. We’d like to think we can work with the Department of Homeland Security and others so we can send them threat data. DHS can’t make 3,200 phone calls either.
