Slashdot Mirror
DHS To Review Report On US Power Grid Vulnerability
CWmike writes "The US Department of Homeland Security is looking at a report by a research scientist in China that shows how a well-placed attack against a small power subnetwork could trigger a cascading failure of the entire West Coast power grid. Jian-Wei Wang, a network analyst at China's Dalian University of Technology, used publicly available information to model how the West Coast grid and its component subnetworks are connected. Wang and another colleague then investigated how a major outage in one subnetwork would affect adjacent subnetworks. New Scientist magazine reported on this a week or so ago, and the paper has been available since the spring."
The US power grid is so ancient, convoluted and in such a massive state of disrepair that we can be sure we're safe from terrorists. They wouldn't even know where to begin to find a point in the system that could be used to trigger a catastrophic cascading failure like the one in the East Coast a few years ago.
Trees on the other hand... trees are truly evil.
Web2.0: I love when people Flickr my cuil and digg my boingboing until my google is reddit and I start to yahoo
Obviously you didn't read the article. They're talking about cascading failures due to the fact that they're connected via the electrical grid.
Basically the same thing that happened some years back on the eastern seaboard, but on the west coast and triggered on purpose.
The amazing thing is that nobody ever tried it or at least never succeeded. The US is apparently not that hated in the world since nobody ever does anything. We have hundreds of reports on how easy it would be to disable this or take that out of service. All it takes to black out the USA are some well placed charges or for somebody to hit a few poles hard enough but nobody does it. All we got was some measly hijacked plane (which has been done since the 70's) in a few buildings.
Custom electronics and digital signage for your business: www.evcircuits.com
you don't stop flying just because airplanes can crash.
No, you stop flying because you don't like having to bend over to get through the TSA security theater. Sorry, random offtopic rant because I just got back from a flight....
I want peace on earth and goodwill toward man.
We are the United States Government! We don't do that sort of thing.
The electric grid has already suffered multiple cascading failures from simple events that led to widespread outage. Look into the West Coast outages of 1996 and 1998 as well as the failure in the Northeast in 2003. There's a lot of interesting science going on around networks, graph theory, complexity and all. There's a really good book on teh subject, "Six Degrees" by Watts.
if terra were to plant a nuclear bomb in my apartment, thousands in my neighboorhood could be killed. that's worse than a mere blackout! please give me a large grant so i can upgrade my apartment to a more secure version. think of the children!
A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
Jian-Wei Wang has just been added to America's Top 10 Most Wanted Terrorist list, according to a DHS spokeperson. "We believe this person has been studying some of our infrastructure with the intent to identify inherent weaknesses. It is only a matter of time before this person, or someone else, uses the knowledge gained to attack the USA." A few moments later, a nearby open microphone caught the DHS official's candid statement "Anyone using information, public or private, to point out our own stupidity is automatically suspect. To go so far as to publish their findings is criminal. Besides, since we can't find any real terrorists, we have to demonize someone so we can continue justifying our astronomical budget in these difficult economic times." After a reporter on the scene brought this admission to the attention of the spokesperson, the reporter's name was also added to the list.
The NSA: The only part of the US government that actually listens.
There were economic issues with Edison's ideas. The biggest problem was his insistence with DC. DC only worked with local power stations. AC scaled and could transmit over much farther distances with much less loss. More fault tolerant, perhaps. More scalable? Not from an economic standpoint.
used to be, you had load dispatchers at switches in multiple areas. they had telephones and a small phone book of other dispatchers. under that system, the US became the world's dominant superpower and home of most wealth.
worth trying. not everything has to run on flash and crackberries.
if this is supposed to be a new economy, how come they still want my old fashioned money?
If you connect your PLC to the Internet, it can email you when a problem arises. If you haven't coded responses to incoming email, it simply won't respond. I didn't see any incoming email commands on the PLCs I've worked on, but that doesn't mean they don't exist.
So, you get error reporting and real-time data from your PLCs when you connect them to the Internet. Apparently that's stupid.
The programming ports on the ones I've used are physically separate from the ones used for communication, and the functions simply cannot be swapped.
There is also -- again, in the cases of all PLCs that I have used, which is not exhaustive of all that are on the market -- a physical toggle switch that switches the PLC from "run" to "program" mode.
I suppose that if the PLC was attached to the Internet, and then you had a guy flip the switch and swap the cables, and then put the cables back and flip the switch back later, then yes, you could reprogram a PLC online.
If you can figure out an easier way, Omron, Koyo, AB, and IEEE would like to have a word with you.
---
ECHELON is a government program to find words like bomb, jihad, plutonium, assassinate, and anarchy.
Not so fast. See the first paper in this bunch. The authors managed to hack a Koyo and AB PLC Ethernet interfaces. The AB Ethernet card had lots of useful stuff in it, including a symbol table. From the symbol table I saw many backplane calls that you could use to communicate with the PLC. How well do you trust a hacked Ethernet module on a PLC backplane?
Having a physically separate port is nice, but it is no substitute for secure coding. If you think that coding is poorly secured in the PC world, you'll be shocked at what often gets done in embedded system coding.
Some PLCs and Variable Frequency Drives have been noted for their inability to handle Denial of Service traffic. I've seen that demonstrated myself. This is the official cause of a reactor SCRAM at Browns Ferry a few years ago.
Try a port scan of your PLC some time and tell me how many ports it responds to (DO THIS ON A TEST-BENCH --NOT PRODUCTION EQUIPMENT!). If you can identify everything that critter responds to, congratulations. If not, be afraid. Be VERY afraid. I've heard quite a few PLC models that have mysterious responses to ports where you wouldn't expect them to respond.
Real Time embedded systems are not good candidates for direct internet exposure. They're too difficult to patch in a timely fashion. Often the windshield time alone is prohibitive. And if you have any notions of pushing patches to them remotely, remember, these things control some pretty high speed/high power processes. You don't just patch them. There are process and safety implications that you need to consider. This ain't some office application where you can say oops and restore from a backup. Real physical things will happen and real physical problems will be created that you can't clean up with a simple code reversion.
Most of our infrastructure today has not been engineered with security issues in mind. There is still lots of Gee Whiz "Let's Share Data" synergy crap going on. This leads to all sorts of direct interconnections that aren't absolutely necessary. Many controls can be made over links that weren't intended for that purpose. It's not easy to split the data flows up any more because many organizations have been very profligate with their use of SCADA information and it isn't easy to find all the sources and sinks.
I'd love to post data from a PLC directly to the public. But I just can't sleep at night with something like that waiting to screw things up.
Good luck with your security, and I mean that quite sincerely.
Nearly fifty percent of all graduates come from the bottom half of the class!
There were economic issues with Edison's ideas. The biggest problem was his insistence with DC. DC only worked with local power stations. AC scaled and could transmit over much farther distances with much less loss. More fault tolerant, perhaps. More scalable? Not from an economic standpoint.
The main reason AC scaled better than DC was that simple transformers could be used to boost the voltage or long-distance transmission on affordable diameter wire and back down to what could be safely handled in a home. Shifting DC, at the time, required rotary converters and was limited in voltage by the arcing and size of the commutators.
Since about the 1960s or so DC conversion for long-lines has been practical. And with modern semiconductors it's now economically competitive. With that, DC lines become practical for a makeover.
AC, unfortunately, introduces propagation timing effects that make things a bit more complex to keep running. DC doesn't have those failure modes AND it makes somewhat better use of a given amount of metal in the wire.
(A downside of DC vs AC is that a DC arc is harder to extinguish.)
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
I have conceived of a distributed attack involving timed/coordinated thermite devices placed on transformer housings at substations. Place the same devices on any emergency generator housings where first responders are located, and massive chaos would quickly ensue.
Thermite is easily made/sourced from the components, timing devices are trivial. Thermite is not an explosive, but it would easily burn a hole in the top of a oil filled transformer housing, drop inside the transformer, burning all the way. I'm sure it would short the xformer, and ignite the oil inside. Same with generators, a thermite device placed on top would easily burn into the engine block or generator windings.
I'll leave the details out for the terrorists to figure out, but I see this as an easy attack for small cities. Larger cities will have the infrastructure more secure, but it is a large grid to secure. Too large. Modern society needs electricity like humans need air. I see my plan of attack as cheap, not too sophisticated for dedicated attacker(s) and probably effective, depending on how large a coordinated attack could be. It is very scalable.
What, who's at my door? DHS?
I don't think so. I recognized his nick as the Ethernet channel on an PLC-5 system. His points are dead on.
***you don't stop flying just because airplanes can crash.***
I expect that you would stop flying if any sociopathic teenager in Belgrade or Sendai could crash your plane from his bedroom with fifteen keystrokes. Would it be rude to point out that cyber security is a disaster area and the situation seems to be deteriorating, not improving?
You can't see ANYTHING from a car, You've got to get out of the goddamned contraption and walk...Edward Abbey