Securing the Smart Energy Grid Is a National Concern
While emergency managers can’t control malicious actions on the grid, they can play an active role in safeguarding the system.
Sci-fi movies have warned us again and again: Sooner or later, our technology will destroy us.
The moment will come when machines become so smart, they will become a force for destruction rather than the engine of our general betterment.
Will it be the smart energy grid that pushes us over the line? There is growing concern that the automated, intelligent interplay between elements of the power grid could produce new and deeply hazardous vulnerabilities.
Consider first the upside. Smart grid technology enables two-way communication between disparate elements of the power generation, transmission and distribution chain. Constant feedback allows the system to detect and respond to local changes. As a result, lost power can be restored more quickly; systems can respond to peak demands; renewable sources can be integrated into conventional systems more easily.
“The downside is that with this higher degree of coordination comes a higher degree of vulnerability. If bad actors understand the new control paradigm, they can herd the grid to certain places, they can trick the grid operators or the automated equipment to respond in certain ways,” said Battelle Memorial Institute Research Leader Jason Black.
Within the complexity of the smart grid structure, these threats can take any number of forms.
Vulnerability begins at a mundane level, with the plain old physical attack, explosive or otherwise, targeted at the computing centers that run the smart grid. While power plants may have some level of physical security, data centers often do not have such protections. “Some of these major control centers are located in standard office buildings. They are not even located behind concrete barriers,” said Thomas Popik, chairman of the nonprofit Foundation for Resilient Societies, which conducts research into the U.S. power grid.
In addition to physical threats, more complicated attacks also are possible — attacks that seem to mirror Hollywood scenarios. Specifically, computer-based control systems also may be vulnerable to electromagnetic attack, the kind of mass shock wave that disrupts digital transmissions, as depicted in the movie Ocean’s Eleven. In that case, con artists use such a pulse to take a city’s grid offline for a few crucial moments.
“The same thing can happen to any vulnerable electronic component of the smart grid,” Popik said. Nor would the attackers be particularly noticeable. Such a disruptive device could easily fit into a standard van.
It’s a solvable problem, but the solutions have to be implemented early. One solution is a Faraday cage, an enclosure of conductive material that shields equipment from the pulse. You can cage individual pieces of equipment or enclose a whole room. Defense against electromagnetic attack also can be built into new energy facilities, adding 5 percent to the overall cost. Those who add such defenses as a retrofit typically find the costs to be about four times more.
The most widely recognized vulnerability in the smart grid lies in the software itself, the programming that directs the actions of the system. “We’ve tested around 30 different products from over 20 different vendors since April 2013 and we found 85 percent of those have low-hanging vulnerabilities,” said Adam Crain, a partner at Automatak. In examining energy industry software, Crain’s team has found a range of issues that may lead to possible exploitation.
While standards for security may be adequate, implementation is far less certain. Even with the security standards in hand, “now the coders have to take this complex standard — it’s 1,000 pages long — and translate it into software, and that is no easy task,” Crain said. While that software is then tested for functionality, it is seldom tested for security. Bad actors can slip in through security gaps and spread mass damage relatively easily.
“One of the things we found was that the master stations, the control centers, were vulnerable,” Crain said. All it takes is one unsecured power pole to get to the control center: Because everything is interconnected, even a small gap opens the door back to the master control system, giving a bad actor access to literally the entire system.
Where are the weak links? Virtually everywhere. Power poles, capacitors, voltage regulators, power quality meters, smart readers in people’s homes, electrical vehicle charging stations. Name it. Anything that isn’t locked down is a potential source for exploitation, an open window into the beating heart of the network.
All these cyberthreats are in a sense built into the very nature of the smart grid. “There is a huge culture gap, especially in the electrical power space,” Crain said. “The grid was designed for physical reliability, resistance to storms. It was not designed for resistance to cyberattacks. When you mention this issue to people in the field, the best they can say is that, ‘This is why we have redundancy.’ But redundancy doesn’t help you if that redundant asset has the same software and the same vulnerability.””
Now let’s start to think about the impact of all of this on the emergency management community. There’s the obvious threat of mass blackouts, and we’ll come to that. But consider first the “smartness” of the smart grid and all that it implies for people on the front lines of emergency response.
The smart grid depends on the intelligence of the devices to which it is connected. Diverse elements within the power chain must have some degree of awareness, as it were, if they are to communicate effectively up and down the line. This native hardware intelligence poses real risk as the power system becomes increasingly smart. The more intelligent the devices, the more widespread the risk.
At the Northern California Regional Intelligence Center, Cyber Intelligence Analyst Donovan Miguel McKendrick points to the innocuous-seeming Philips Hue light bulb. The bulb’s color can be adjusted to meet a range of settings, a nice feature for changing the mood in your living room. As the manufacturer describes it, users can “[e]xperiment with shades of white, from invigorating blue to soothing yellow. Or play with all the colors in the hue spectrum. … Relive your favorite memories. Even improve your mood.”
Hue is controlled by a smartphone app. Plug it into the smart grid, however, and it becomes theoretically possible to control the light from outside the app via software hack. Then the system’s own intelligence becomes a point of entry for destructive players. “Now suppose that light bulb is installed in an emergency room and someone shuts it off during a procedure,” McKendrick said. “That’s a worst-case scenario.”