Tomorrow, Kurt Yeager, the ex CEO of EPRI and current Executive Director of the non-profit Galvin Electricity Initiative will provide one of the keynotes at Connectivity Week in Santa Clara. The Galvin Electricity Initiative is focused on transforming the reliability and value of U.S. electricity service and is building Perfect Power — a system that will not fail — starting in Illinois and New Mexico.
According to the Galvin Electricity Initiative, the electric power system is insecure and susceptible to even relatively unsophisticated cyber attacks. The Illinois Institute of Technology (IIT) is one of the showcase demonstrations of the “Perfect Power” approach. The October 15th Final Report on the IIT project (http://www.galvinpower.org/files/IIT_Perfect_Power_Prototype.pdf) includes detailed Failure Modes and Affects Analyses (FMEAs). I am familiar with that approach having performed FMEAs on nuclear power plant instrumentation and control system while at EPRI. I am concerned that cyber security has not been adequately addressed within the FMEAs – the closest was:
Communications: Router failures were the only “cyber” failure identified; the impact of a router failure was deemed Moderate; it was viewed as Uncommon; and Redundancy was the solution.
To me, this is incomplete and inadequate. The Galvin Initiative is part of the “Smart Grid” initiatives meaning the power system has been “opened up” exposing multiple cyber vulnerabilities. There already have been many control system cyber incidents in utility applications including several at university power facilities. As a demonstration, I certainly would have expected more.
Joe Weiss
Leaders relevant to this article: