Power Grid Insecurities Examined 248
Joe Barr writes "Chris Gulker has taken a long and careful look at the infrastructure of our power grids and has come to some rather unsettling conclusions." A good read that outlines where the current power grid is at, and suggests some paths for the future that may help avoid future blackouts.
Scared yet? (Score:5, Insightful)
"Microsoft - Big business ambition. Small business resources. Get your FREE 6-month trial now. Windows Small Business Server 2003".
The very fact that the power grid, atm's, so on and so forth -- hell, I worked on the power supply to a embedded PC today for a newspaper printing press that had NT on it
There I'll be sitting there in front of my OS X or Linux box. Can't be too smug I suppose with no power. No telephone. No gas. No cash to buy bread. Hell, the auto-checkout lanes (which I refuse to use on principle) at Jewel are Mickey-MouseSoft based. Certainly no Internet.
For my business' I absolutely refused to allow a Windows server of any type in the datacenter. I still say, "are you nuts?". Yet people still did it. Once again, Bill Gates will get a chance to screw us I guess.
So, when is the next worm due to hit? At least my TiVo will still work...
heh (Score:5, Insightful)
power plants worked long before the internet was created. no important computer controlling very important things should ever be put on the internet.
Security Vs Usability (Score:3, Insightful)
The lesson? Security is nice, but lets not go biometrics and 30 different passwords just to check the email.
Stock up on booze and smokes (Score:4, Insightful)
Is it any easier now then it has ever been? It always seemed pretty simple to me. Go down to your local, unmanned, power station and blow it up. Get your buddies and some trucks and knock down some high tension wires. wheeeeee.
Why do people get excited by this? It might be my misanthropic nihilism talking, but shit happens. Every day. Deal with it.
You might lose power, you might lose running water, you might get hit by a bus.
Even if you hole up in a shack to protect yourself from the script kiddies, psychopaths, terrorists and/or government... you're still gonna die!
Have fun!
Well, what did they spend all my payments on... (Score:5, Insightful)
Seriously consider the economic impact of the grid failure compared to the recent worm problems. Then think about a nasty combination of the two.
Re:heh (Score:5, Insightful)
Surely the only people who need to control a power plant (or dam release valves, or weapons sytems or whatever) are the people in the facility working at that time? So why have any type of network access to the system other than what is required within the grounds of the facility?
Of course I might be being naive, but I don't think so.
Spent on Enron-style energy trading companies (Score:5, Insightful)
Then along came degregulation, where the power seller and the power generator became two different things (which makes even less sense than the deregulated-but-shared local phone loop). Utility companies wanted out of the power generation arena -- too expensive, too many regulations, it was better to be in the new "commodity" end of the business, arbitraging power. So they split themselves into trading companies and generation companies, taking all the cash into the trading companies, who were deregulated and could spend it freely.
And then 10 years later, Enron and the whole deregulated power "market" has collapsed, and we wonder why we're 15-20 years behind the curve on power grid and other key infrastructure elements. All the money got spent on speculating in the newly deregulated power markets, and its all gone.
Nobody really pays any less for electricity, I don't have a bunch of people knocking on my door offering me their window electricity or biodiesel electricity or their pig shit methane electricity for that matter.
I only have the sheepish looking local utility trying to explain to me how they're trying to fix the power infrastructure built in the 1970s with the cash made in the 1980s which was spent in the 1990s on the promise of getting rich in the new millenium. When in fact, they actually need me to pay the prices of the next millenium for the service delivered in the 1990s, and, oh, would I please only use as much power as I did in the 1970s?
The case for remote control (Score:4, Insightful)
Remote monitoring is all but imperative. The plants are already in a cooperative network sharing their power. Everyone on the grid needs at least basic information about what's going on.
None of which is ANY excuse for a direct or indirect connection to the public Internet. This is a job for a private network, and I don't mean a VPN that can be DOS'ed when a worm spreads through the public network.
Re:heh (Score:3, Insightful)
So why have any type of network access to the system other than what is required within the grounds of the facility?
It is a matter of convenience to be able to access offices from other offices, as we as people have become so lazy due to the boom in computer usage. It is much easier to be able to perform tasks using computers rather than doing things manually, and depending on what job duties you have, it can actually be a bit safer for the worker. However, in my opinion, people have just become lazy as shit and choose to use machines as an excuse for avoiding working. I say this as coincidentally (while I watch the news) a reporter just stated that 90% of working people are unhappy at their jobs. So why take an extra step when a computer could eliminate five steps.
But first... (Score:3, Insightful)
First, you have to make fusion work. Just once.
+1 Interesting? Who's smoking the crack out there?
Re:Potential Social Implications? (Score:5, Insightful)
Haha, what grand scheme of things?
Humanity isn't trying to reach for the pinnacle of its capabilities, it's trying to find more comfortable ways to live and fuck.
People want more power so they can do more cool shit, and do it cheaper. That's it.
Leading in all forms of waste and corruption. Nice example for the future. Here's a primer on human nature -- more of anything doesn't make people use it smarter, it makes them squander it faster. Western society is terrible for this.
Your post is an attempt to be modded insightful by using big words to sound profound. Nothing you've said makes any sense.
Re:Scared yet? (Score:5, Insightful)
Hey, it's not just the power grid and atm's. There are command and control systems used by the department of defense that folks have migrated to Windows. Our Dept of Homeland security has standardized on Windows. Certain FAA traffic control systems are running on Windows. The Army's Landwarrior program is using Windows. Traffic control for trains and shipping are running on Windows. etc...etc...etc...
This should scare the hell out of a lot of people.
Re:Power Grid (Score:3, Insightful)
"Greedy utilities have brought this on themselves.Cutting jobs for the maintainence personell,doing nothing about aging lines, and then asking "WHY is this happening?"
There is nothing wrong with the "old" lines. The distribution grid carries some rated voltage and does it without much complaint. The problem is that there simply isn't enough of it, so most of the system is running at design capacity, and a small failure can cascade into a widespread failure.
There isn't enough distribution capacity primarily because of NIMBY. Power companies around the country want to build more capacity. Most of the time they must spend years battling the locals for right of way. Environuts are often blamed unfairly when locals couch their resistance in bogus environmental claims, but the truth is that it's just NIMBY.
And it's maintenance.
Data Networks & Realtime Requirements (Score:2, Insightful)
So they are imposing realtime requirements onto a shared medium (a computer network)? That's like not putting lights or sirens on emergency vehicles, and then complaining about not being able to get to the scene in time during heavy traffic.
No wonder virii can cause so much damage to the power grid. The whole thing was badly designed to start with!
Bored script kiddies would never do this... (Score:4, Insightful)
Re:The grid is over centralised (Score:3, Insightful)
Actually, a fundamental strength of the grid is its centralization. A central facility generating gigawatts of power can afford to spend millions of dollars ekeing the last few percentage points of efficiency out, and wiping out the last few percent of emissions, because the economies of scale kick in.
Local power schemes, since they will be purchase by The General Public, can not and will not spend the money on these extra niceties, and as a result will necessarily be less efficient and more polluting per watt then centralized power. There is no way around this, there is no argument that can wipe it away, it's a fundamental economic fact of life.
Local power generation is one of the boondogles [m-w.com] the bad environmentalists promote, without stopping for a moment to think that it's even worse then the alternative. (Altogether too many environmentalists aren't bothered by little things like "truth" or "evidence", which is why I can't call myself one, even though in theory I ought to be able to.)
Re:Scared yet? (Score:3, Insightful)
OK, let's do the math (Score:3, Insightful)
Well, the problem is, my 2 computers alone (400 watt power supply each), and my fridge use about 10 kWh a day. And they don't run 24h a day. So I'm afraid that after this use investment, I still need the grid.
And did I mention the snow storms that will put the contraption out of use for days?
Did I also mention that solar cells need to be replaced every 10 years at least, when they degrade? And that manufacturing a solar cell costs actually more power than the thing will ever generate?
Aaaah, so that is why there aren't solar cells on every roof. It's not a conspiracy by Exxon and the Bush family.
It's because when you do the math, you see it is not worth the trouble.
Of course, the solution is simple: don't do the math and keep pushing solutions that don't work, then blame the oil companies.
Alternately, you might want to wonder why France is generating 75% of its energy with nuclear plants licensed from Westinghouse and still doesn't glow in the dark. Naaah, wouldn't work elsewhere.
Poor analysis, but there are real problems (Score:5, Insightful)
We're starting to see a few problems appear more than once, though.
AT&T was determinedly independent of the power grid in the days of Ma Bell. Every central office ran on 48VDC storage batteries, with backup generators. The backup generators were started once a week, and run for several hours once a month. Once a year, each central office ran for 24 hours cut off from external power.
That was a long time ago, back when AT&T was a regulated monopoly common carrier. In the new, competitive era, that depth of backup can no longer be assumed. Carriers in trouble (WorldCom, Adelphia) tend to cut things like that.
The details aren't in yet, but it's beginning to look as if, during the recent big blackout, some comm links went down very early, so that the fault information that's supposed to divide the grid cleanly into islands didn't get through. Once all the logs have been correlated, it will be clear what happened.
A few weeks ago, CSX, the railroad, had a shutdown due to a virus. Railroad signalling has used "code lines" for decades, for remote control of switches and signals. These are basically serial links over which commands and responses are sent. The safety logic is local, but if you lose a code line, the dispatcher can't throw switches and route trains.
The tendency to centralize train control has resulted in a need to transmit code line signals hundreds or thousands of miles. So they tend to be multiplexed over telecom-like facilities. CSX apparently routed theirs over their in-house general purpose network. The routers in that network were managed by a network management system that ran on Windows. When the Windows machines went down, system management of the routers stopped, and, after a while, this apparently took some key routers down. So a "non-critical" system actually stopped train movements.
It's really convenient to be able to see what the plant is doing from your desktop. Order processing is more efficient if the sales network connects to the factory network. Energy traders need to be able to see what the power plants are doing, and give directions to power dispatchers. These things all create vulnerable paths.
Re:SACTA (Score:2, Insightful)
I still believe the security issue is not an issue. I think you can separate the worries in two:
In the end (see previous post about stolen servers), it would be easier to just, for example, tear down a line post with a truck, to short the line or to sabotage the facility...