Newly-declassified study says electric grid 'inherently vulnerable' to terrorist attack

 

A recently-declassified report says the U.S. electric power delivery system is vulnerable to terrorist attacks that could cause more damage to the system than natural disasters like Hurricane Sandy.

 

Global e-Solutions

Althara GCDA Road

Thottakkattukara PO

Aluva, Ernakulam Kerala 683 108

Ph: 0484-3206020, 3196020

Cell No. 09846970489, 09961602200

 

The report, released on Nov. 14 by the National Research Council (NRC), said such an attack could black out large regions of the country for weeks or months and cost billions of dollars.

The security of the U.S. electric power system is in urgent need of attention, said the report. Its vulnerability, it said, lies in its sprawling coverage across hundreds of miles with key facilities left unguarded. Its vulnerability was further exacerbated, according to the study, by a reorganizational shift in the mid-1990's, prompted by federal legislation that introduced competition for bulk power across the country. That move resulted in the transmission network being used in ways for which it was not designed, it said, heavily stressing many parts of the bulk high-voltage system, opening up the risk to multiple failures following an attack. Important pieces of equipment are decades old and lack improved technology for sensing and control that could help limit outages and their consequences -- not only those caused by a terrorist attack but also in the event of natural disasters, it said.

The report was completed by the NRC in the fall of 2007, but the sponsoring agency, the U.S. Department of Homeland Security, decided at that time that the report would be classified in its entirety, it said. After the NRC formally requested an updated security classification review, the report was cleared for public release in fall 2012, said the organization.

"Power system disruptions experienced to date in the United States, be they from natural disasters or malfunctions, have had immense economic impacts," said Granger Morgan, professor and head of the department of engineering and public policy at Carnegie Mellon University, Pittsburgh, and chair of the committee that wrote the report. "Considering that a systematically designed and executed terrorist attack could cause disruptions even more widespread and of longer duration, it is no stretch of the imagination to think that such attacks could produce damage costing hundreds of billions of dollars."

The report recommends ways to make the power delivery system less vulnerable to attacks, restore power faster after an attack or failure, and make critical social services less susceptible even if the delivery of conventional power is disrupted, according to the NRC.

According to the study, high-voltage transformers are particularly concerning because they’re vulnerable both from within and from outside the substations where they are located. The transformers are very large, difficult to move, often custom-built, and difficult to replace. Additionally, said the NRC, most are no longer made in the U.S., and the delivery time for new transformers could run from months to years.

The report said a new family of universal recovery transformers should be developed, manufactured, and stockpiled that would be smaller and easier to move. The recovery transformers would be less efficient than those normally operated and would only be for temporary use, but they could drastically reduce delays in restoring disabled electric power systems, it said. In line with this recommendation, the report said the Department of Homeland Security recently cooperated with the U.S. power industry on the RecX program to develop and test a recovery transformer.

Not surprisingly, the study said critical communications, sensors, and controls systems are also -- are potentially vulnerable to cyber attacks, whether through Internet connections or by direct penetration at remote sites. Cyber attacks on the systems have skyrocketed in recent years. The report said any telecommunication link that is even partially outside the control of the system operators could be an insecure pathway into operations and a threat to the grid.

Cyber security is best when connections with the outside world are eliminated, the report said. When interconnections are unavoidable, high-quality technical and managerial security systems should be in place, including systems that monitor for and help avoid operator error or intentional sabotage.

The report stated that although it isn’t reasonable to expect federal support for all local and regional planning efforts, DHS and/or the U.S. Department of Energy should initiate and fund several model demonstration assessments across cities, counties, and states. The assessments, it said, should systematically examine a region's vulnerability to extended power outages and develop cost-effective strategies that can be adopted to reduce or eventually eliminate such vulnerabilities.

Building on the results of these model assessments, it recommended that DHS develop, test, and disseminate guidelines and tools to assist other cities, counties, states, and regions to conduct their own assessments and develop plans to reduce vulnerabilities to extended power outages. To facilitate these activities, public policy and legal barriers to communication and collaborative planning will need to be addressed.