Hacking the grid may not be as difficult as the October 13, 2017 Wired article suggests

Oct. 18, 2017

Aurora, forced oscillations, and other types of incidents that can manipulate physics may not be a difficult to cause as previously believed and may not be detectable from network anomaly detection.

 

October 13, 2017, Andy Greenberg from Wired Magazine wrote an article: “Hacking a Power Grid in Three (Not So Easy Steps)”.  The gist of the article was that it would take a significant amount of work and even then it would be difficult to “turn off the power”. However, I don’t believe it would be as difficult as the Wired article suggests.

NERC issued the draft guideline “Forced Oscillation Monitoring and Mitigation”, dated June 2017. The report states that simulation studies show that if a forced oscillation interacts with a system mode that has weak damping, it can lead to wide-area resonant oscillations of large amplitude that can lead to potential blackouts such as the August 10, 1996 blackout in the Western Interconnection. The sustained presence of significant forced oscillations on the Bulk Power System could lead to long-term effects such as equipment fatigue and potential damage to rotor shafts exposed to such sustained, high magnitude oscillations. Power quality may also be a concern depending on the amplitude and frequency of the forced oscillations. The gist of the NERC report states:

- Forced oscillations can be either unintentional or malicious (Aurora can be viewed as a form of forced oscillations)

- The oscillations can be caused by systems outside NERC CIP scope and spread across large sections of the grid

- The oscillations can be caused by plants or substations outside NERC CIP scope (small or distribution) and spread across large sections of the grid

- There is no security in Level 0,1 devices which can be used to cause the forced oscillations or prevent early detection of the oscillations

- There have been numerous articles in IEEE and other periodicals on system disturbances (this is not an arcane subject to electrical engineers)

Recall that DHS declassified the INL Aurora report several years that identified details about the Aurora vulnerability, yet Aurora hardware mitigation, in general, is lacking. Additionally, Aurora, forced oscillations, and other types of incidents that can manipulate physics may not be detectable from network anomaly detection.

We were already scheduled to have a panel session on October 25th at the ICS Cyber Security Conference with Neil Holloran from Navy Mission Assurance Division and Ken Loparo from Case Western University on using cyber to manipulate physics to cause kinetic damage. The recent release of the NERC report makes the session even more important.

Joe Weiss

Sponsored Recommendations

Make Effortless HMI and PLC Modifications from Anywhere

The tiny EZminiWiFi is a godsend for the plant maintenance engineers who need to make a minor modification to the HMI program or, for that matter, the PLC program. It's very easy...

The Benefits of Using American-Made Automation Products

Discover the benefits of American-made automation products, including stable pricing, faster delivery, and innovative features tailored to real-world applications. With superior...

50 Years of Automation Innovation and What to Expect Next

Over the past 50 years, the automation technology landscape has changed dramatically, but many of the underlying industry needs remain unchanged. To learn more about what’s changed...

Manufacturing Marvels Highlights Why EZAutomation Is a Force to Be Reckoned With

Watch EZAutomation's recent feature on the popular FOX Network series "Manufacturing Marvels" and discover what makes them a force to be reckoned with in industrial automation...