Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

US Preps Cyber Outfit To Protect Electric Grid

ScuttleMonkey posted more than 4 years ago | from the call-bruce-willis dept.

Security 58

coondoggie writes to mention that the US Department of Energy is planning to set up a new "National Energy Sector Cyber Organization" in order to protect the national bulk power electric grid. For the low, low cost of $8.5 million they will help integrate smart grid technology with the electric grid, speed research, and establish new policy and protocols. "It is paramount that smart grid devices and interoperability standards include protections against cyber intrusions and have systems that are designed from the start (not patches added on) that prevent unauthorized persons from gaining entry through the millions of new access points created by the deployment of smart grid technologies, Hoffman stated."

cancel ×

58 comments

Sorry! There are no comments related to the filter you selected.

Make the process open (2, Insightful)

teeks99 (849132) | more than 4 years ago | (#30782088)

Recently I saw that a bunch of stimulus funds were handed out [arst.ch] for bringing the nation's electrical grid into the 21st century. A big part of this is using computers to control various parts of the grid, from utility scale substations down into the home with smart meters and smart appliances.

Anytime you take infrastructure and connct it to computers you are opening it up to a whole new set of threats as well as bringing privacy implications.

Here's a couple great [wired.com] articles [arst.ch] that go into the details better than I can.

I believe that there is are a couple things that really need to be address for grid security:

- Open protocols and specifications
With all the new technology coming down the pike, all sorts of companies will be sprining up with their gadget or software that will solve some problem. They need to work towards making standards of interoperability so that all these entities could work together.

- Network security
Putting millions of new, network connected, devices out there could lead to a field day for hackers. I believe that they sould quickly develop security technologies that manufactures could then cheaply incorporate into their devices.
A lot of this could be easily (and cheaply) addressed with various communities already out there. For instance, SSL technology has already been built into products like OpenVPN that could easily and cheaply secure huge numbers of smart endpoints.

- Privacy
We need to provide software that is built from the ground up to give uses the privacy that they deserve, while still pushing forward great new technologies.

Re:Make the process open (5, Insightful)

Adambomb (118938) | more than 4 years ago | (#30782152)

Systems that control key infrastructure for your nations production and commerce should be on an completely separate network. End of story really.

For the information that needs to be distributed over the internet, make it eyes only transferred from the control network to the internet connected systems (double workstation setup). Then your only concern is direct espionage.

Re:Make the process open (3, Interesting)

teeks99 (849132) | more than 4 years ago | (#30782224)

I agree that it should be, however it is completely cost prohibitive to get a separate network run to the smart meter in everyone's home. Even running a separate network to all the utility substations would be challenging.

In reality, VPNs run all over the public internet, and can be extremely secure. DOD even allows parts of their classified networks to run over the commercial internet, provided they have the correct encryption gear at each end. The DOD gear is really expensive and tough to get setup, but there is no reason this needs to be the case existing Public Key and Symmetric Key crypto is plenty strong, and could even be implemented in dedicated (cheap) hardware.

Re:Make the process open (1)

macintard (1270416) | more than 4 years ago | (#30782532)

Encryption doesn't solve all problems. What about a DDOS attack? Think China could manage something quickly with tomorrow's 0-day attack with IE?

Re:Make the process open (1)

macintard (1270416) | more than 4 years ago | (#30782646)

Was the Interstate Highway System too expensive? It seems to me that this is something our country needs and could actually create jobs in a depressed economy. A "private" network to homes across the country could serve many useful government purposes (voting/motor vehicle registrations/census).

Re:Make the process open (0)

Anonymous Coward | more than 4 years ago | (#30783122)

Oh, and monitoring stuff they shouldn't be monitoring.

Re:Make the process open (1)

segin (883667) | more than 4 years ago | (#30783836)

Oh, and monitoring stuff they shouldn't be monitoring.

If the pipe was limited to government interaction alone, and all other data activity continues to run over current commercial pipes, then it would make sense.

As for them monitoring the data, if the "monitoring" process was open, that is, it could be scrutinized by the public, then it would not be bad.

For some people, they may be so poor that they use the government pipe for Internet. If they're going to use a service paid for by taxpayers, it's the responsibility of the government to make sure the pipe's not being abused (e.g. porn)

How would you like it if your tax dollars were going to bring pornography to people for free, and that, on top of it, there is no system in place to stop them. Their connections absolutely must be monitored, either automatically by software such as Websense, or by people, to even detect that they are surfing porn to begin with. So, you can't have your cake and eat it too.

Re:Make the process open (1)

StrategicIrony (1183007) | more than 4 years ago | (#30783292)

Yes, I want a government owned network piped into my house without my permssion.

That would make me a happy taxpayer.

mmmmhmmmmm

I love you, government. I would marry you, if you were a woman (so as to fit within the proper constitutionally defined government definition of marriage as "one man and one woman"). But you don't so that would be wrong.

Forgive my transgressions oh, government and deliver me from evil.

blah blah blah.

Re:Make the process open (1)

damien_kane (519267) | more than 4 years ago | (#30782950)

I agree that it should be, however it is completely cost prohibitive to get a separate network run to the smart meter in everyone's home. Even running a separate network to all the utility substations would be challenging.

The smart meter is already connected to a network of hard-lines which links it to every other smart-meter in its area, as well as the substations those houses draw power from.
How cost-prohibitive is that?

Re:Make the process open (0)

Anonymous Coward | more than 4 years ago | (#30785018)

The challenge for securing communications is rarely in the crypto, it's in securing the end stations.

Running VPNs over the Internet still exposes (some) devices to a hostile network. If compromised, they can be leveraged for additional badness down the line.

I'm not arguing for one solution over the other, but the idea of slapping crypto on something and assuming it to be more secure than it was before is common and often false.

The security of the entire solution, end-to-end, needs to be considered.

Re:Make the process open (1)

teeks99 (849132) | more than 4 years ago | (#30785180)

This is absolutely true...you have to look at it end-to-end. However, if you can get all the internet communication to be over the VPN, that leaves an impossibly small vector for penetration from the internet (just the server with its one VPN port could be attacked).

Obviously (or maybe not so), you'd need to also think about the security of all the devices out there...what happens if one gets physically compromised, etc., but getting them so they're not accessible to the public from the internet is a great first step and would make a HUGE difference.

Re:Make the process open (1)

Dr. Spork (142693) | more than 4 years ago | (#30782434)

Yeah, I totally agree with this. Hopefully that will be exactly the recommendation that these geeks make to the government. We simply cannot afford to take chances with the security of our power grid. If it's at all possible for hackers to knock it out, they will.

Future terrorism will be aimed at hollowing out national governments, to basically make them unable to control their territory. (This is already happening now in Mexico, Nigeria, Iraq, etc.) To do this, attacks disrupt the very services that provide money and legitimacy to the central government. Once the central institutions are weakened enough, militias and mafias step in to take over the services that they can no longer reliably provide. Smart terrorists will act to weaken governments in the most efficient way possible. This is measured by the standard return-on-investment metric, where you compare the cost of an attack with the monetary damage it does to the victim. Since hacking is cheap and power outages are economically devastating, the ROI on such attacks are enormous, potentially in the million% range.

So you can bet that all kinds of people who wish us ill, from domestic militias to Islamicists and foreign governments, will be trying to hack our power grid. Even a credible threat about such a hack profoundly constrains what we can do. Given the seriousness of this security issue, I suspect it's still not getting the amount of attention and funding that it deserves.

Re:Make the process open (2, Insightful)

Sandbags (964742) | more than 4 years ago | (#30782626)

They ARE. I serviced DR systems for serveral power companies. by LAW there is not even an internet connection allowed in the BUILDING (let alont the room) housing the grid switch control systems, not even a modem.

I was frisked each time entering, and had to go through 2-3 layers of security to get in the room. Even then, i could only touch the DR equipment once an employee physically disconnected it (for hardware repairs), or they had to enter all the keystoks personally, all i could do was watch and instruct.

This is NOT for the grid itself, it's for the "smartgrid" essentially, coming up with secure protocols to collect billing and use information from read-only devices at houses.

Idiot. (0)

Anonymous Coward | more than 4 years ago | (#30783276)

You're aware that the bulk grid isn't owned by just one entity? And that it doesn't just carry power from one power company?

Re:Make the process open (1)

mlts (1038732) | more than 4 years ago | (#30783478)

One of the better systems I've seen for doing this was one implemented for a company that had a private network that was disconnected fron the Internet just for embedded devices:

The internal network for reporting on embedded stuff had one machine that polled the embedded controllers and pulled data from them. The corporate intranet had another box which took the data and moved it to a Web server. Connecting the two was a serial cable, which was fast enough at 19200 BPS to move the small datasets, and a cronjob did this this every several minutes. The box on the embedded network had a custom kernel that had no SLIP/PLIP/PPP capabilities, and would poll the controllers, gpg sign the output and send it via the serial connection to the other machine. Even the serial cable was cut so data only flowed one way. The machine the data was pushed to would sit there, read the incoming serial connection and decode the gpg packets before pushing to the website.

This way, the worst that happens is the machine on the LAN gets compromised, with no physical way to jump across to the embedded network. This setup has worked for years with no reported incidents. It may sound like overkill, but it ensured that barring physical compromise, the chances of a remote attacker getting onto the network with the embedded stuff is very slim.

I'm sure there are faster ways to do a serial connection than this, but for what was needed, this got the job done well.

Make the sysem intrinsically secure (1)

Paul Fernhout (109597) | more than 4 years ago | (#30785822)

Security approaches: Intrinsic vs. Extrinsic; Mutual vs. Unilateral.

How about decentralizing the "brittle power" system more in the first place, so you have "intrinsic security" so it degrades slowly under attack rather than rely heavily on "extrinsic security" through guards or passwords for controlling some central system? For example, renewables such as solar panels and fuel cells at each home would make energy production in a country difficult to interrupt intrinsically (assuming there was no single point of failure like automatic software upgrades of embedded controllers).
    http://en.wikipedia.org/wiki/Brittle_Power [wikipedia.org]
"""
Brittle Power: Energy Strategy for National Security is a 1982 book by Amory B. Lovins and L. Hunter Lovins, prepared originally as a Pentagon study, and re-released in 2001 following the September 11 attacks. The book argues that domestic energy infrastructure is very vulnerable to disruption, by accident or malice, often even more so than imported oil. According to the authors, a resilient energy system is feasible, costs less, works better, is favoured in the market, but is rejected by U.S. policy. In the preface to the 2001 edition, Lovins explains that these themes are still very current.
"""

And while we're at it, how about a little "mutual security" too, instead of a "unilateral security" policy that as often as not seems to provoke attacks? From an interview with Morton Deutsch:
    http://www.beyondintractability.org/audio/morton_deutsch/?nid=2430 [beyondintractability.org]
"""
Q: You're starting to see the analogy to international conflict, or intractable conflict on a larger scale?
A: Yes. Well, I wrote a paper about preventing World War III. That was during the height of the cold war, I think I wrote it in 1982, it was called "The Presidential Address to the International Society to Political Psychology." And there I took the relationship between the United States and the Soviet Union and characterized it as a malignant relationship, which had some of the characteristics that I was talking about with the couple. It was right for both the United States and the Soviet Union to think that the other was hostile, would undo it, would damage it, you know, all of these things. The relationship was a malignant one. They had to become aware of the malignancy, and the only way out really was recognizing that it's hurting, recognizing that there is a potential better way of relating. And that better way of relating involves having a sense that one can only have security if there's mutual security. And that's true in most relationships. That's particularly true to recognize groups that have had bitter strife where they've hurt each other. They have to deal with the problem of how to get to where they can live together. It may be ethnic groups within a given nation or community. They can only live together if they recognize that their own security is going to be dependent on the other person's security. So each person, each side, each group has to be interested in the welfare of the other.
"""

Re:Make the process read-only (1)

seven of five (578993) | more than 4 years ago | (#30784098)

How 'bout not including any network commands that would actually change anything? I mean, the power grid was under manual control for decades. Was that such a bad thing?

Re:Make the process open (1)

hesaigo999ca (786966) | more than 4 years ago | (#30808732)

I agree purely with what you say, they must take into consideration the bruce willis factor, he might not be around next time to save the day, and we still have so many bad guys out there.
Seriously though, I do hope they do a better job this time around then last time to maintain the integrity of the power grid

"Cyber Outfit" (2, Funny)

Culture20 (968837) | more than 4 years ago | (#30782126)

Did anyone else imagine the "Greatest American Hero" suit?

Re:"Cyber Outfit" (1)

Arthur Grumbine (1086397) | more than 4 years ago | (#30782684)

I was more thinking a wizard robe and hat...

I guess they do not watch movies much (1)

Montezumaa (1674080) | more than 4 years ago | (#30782140)

This was covered in "Live Free or Die Hard". Hello!!! What if Timothy Olyphant were to go crazy one day and believe he is still on the set of Live Free or Die hard? We might actually be taken over by cyberpunk terrorist. God help us....

Whenever You See the Prefix "Cyber"... (2, Funny)

RobotRunAmok (595286) | more than 4 years ago | (#30782144)

...and you double-check the calendar, and you see that it is not 1996, you know you are in for some expensive government boondoggle or another.

Re:Whenever You See the Prefix "Cyber"... (0)

Anonymous Coward | more than 4 years ago | (#30782984)

I don't see how my not throwing away a calender in 14 years would affect government programs.

So in other words... (0)

Anonymous Coward | more than 4 years ago | (#30784698)

So in other words, from what we receive from the government..that "cyber" fits in this situation?

Small pricetag (3, Informative)

jwinster (1620555) | more than 4 years ago | (#30782240)

It should be noted that this initiative is just for the developing a plan or plans for integrating smart grid technology, not actually implementing anything; thus the small pricetag.

Wouldn't a Smart Grid be Less Secure? (2, Insightful)

gyrogeerloose (849181) | more than 4 years ago | (#30782242)

From the summary:

they will help integrate smart grid technology with the electric grid

It's pretty obvious to anyone familiar with computer networking that making the the electric power grid "smart" would make it more vulnerable to attack. After all, if the grid's control apparatus isn't online, there's no way to hack into it in the first place. I realize there are other advantages to a smart grid but to claim that making the current "dumb" grid smart would also make it more secure seems disingenuous at best.

Re:Wouldn't a Smart Grid be Less Secure? (1)

teeks99 (849132) | more than 4 years ago | (#30782308)

Word on the street is that the current grid is already dangerously insecure and extremely vulnerable to digital attacks. You're right that the "smarter" we make it the more vunerable it is, but we've got to do something to fix it already, so we might as well get some of the huge benefits of making it smarter.

Re:Wouldn't a Smart Grid be Less Secure? (1)

Sandbags (964742) | more than 4 years ago | (#30782616)

No,this is simply integrating PoE technology to smartgrid devices. It has absolutely NOTHING to do with managing the grid, grid switching systems, or other critical data that makes the grid stable (that's already a segregated system, actually even more secure than the ATM networks).

This is about policies for ensuring your home grid monitoring meter can access real-time info about local grid conditions, and to report usage information over the grid to the power company. It is NOT in any way about connecting our electric grid system to the internet.

Re:Wouldn't a Smart Grid be Less Secure? (1)

macintard (1270416) | more than 4 years ago | (#30782718)

So the power company can send a magic packet to my furnace. :)

Re:Wouldn't a Smart Grid be Less Secure? (1)

astar (203020) | more than 4 years ago | (#30783588)

so maybe it is not security they are really interested in

here are a few thoughts

most federal electric policy seems to be designed to make price gouging practical. from a certain point of view, the problem with last big electrical speculation frenzy is that the power transmission lines could not support the manipulation, so the big push was for more power transmission lines

so only authorized persons should have your data. think of the political and ideological advantages of knowing exactly what you were using energy for and being able to control how you used the electricity.

then there is ideology. I figure a lot of this effort involves at the heart energy conservation ideology. it is pretty easy to show this is ranges from dumb to evil

Hah, here is something interesting. Nuclear power is going in everywhere. Many slashdoters would find reasons to approve. I figure anyone who is serious is building nuclear power plants. Worldwide, there are 58 plants going in. In the US, there is one!. And it is an old mothballed plant being brought up by the TVA. So asia is very busy building. think of it as a nascent trans-pacific civilization. And the trans-atlantic civilization could go down at any time. oops, I forgot. I am obviously wrong. "The recession is over." On the other hand, BIS had an emergency meeting this past weekend. One insider characterized the situation as perhaps worse than 2007.

Re:Wouldn't a Smart Grid be Less Secure? (1)

CorporateSuit (1319461) | more than 4 years ago | (#30782882)

Best way to take out an enemy's catapult offensive is, obviously, to build your own squad of catapults!

Re:Wouldn't a Smart Grid be Less Secure? (0)

Anonymous Coward | more than 4 years ago | (#30784982)

sure there is a way to 'hack' it, with cutters..

read the soltion here (1)

viralMeme (1461143) | more than 4 years ago | (#30782284)

Create an array of devices running firewall/VPN and gateway on embedded hardware [prevelakis.net] and don't create 'millions of new access points' ...

Re:read the soltion here (1)

teeks99 (849132) | more than 4 years ago | (#30782364)

Yeah, that's totally the right idea. I just scanned through the PDF and it seems more geared towards desktop PC use, and it even talks about the gateway running on a commodity PC. Rather, I think we need to think more about cheap, single use computers. Take something small like a gumsitx board, put two ethernet ports on it and load OpenVPN and a key onto it, then plug in the existing smart device into one port and the existing internet connection into the other port...suddenly the device can't be seen (and hacked) by the world at large, and is on a private network for the utility.

Re:read the soltion here (1)

gmuslera (3436) | more than 4 years ago | (#30782742)

Firewalls and VPNs stop direct remote access from unauthorized parties. But "commodity PCs" could have rogue programs that enable thru it access to unauthorized people. Computer connected, any password typed captured, and most usual security is defeated.

Re:read the soltion here (1)

segin (883667) | more than 4 years ago | (#30784172)

Run your own OS, don't use the hard drive shipped with the PC without wiping it, and do unit testing with the hardware long before it's ever deployed to see if the BIOS runs everything in a VM. There was a virus reported a while back here on /. that ran Windows Vista in a VM, and there was a manner in which to detect it by detecting that the OS was running in a virtual machine.

deployment of smart grid technologies (1)

quangdog (1002624) | more than 4 years ago | (#30782288)

Personally, I'm glad that someone is finally getting around to dealing with the proper education of our grids. Just yesterday I was hearing all about education cuts in my state due to budget shortfalls, and how student achievement in my state was going to suffer as a result.

It is heartening to hear that though some facets of our educational system will have to tighten their belts, the dumb grids will still pop out the other side of their educational experience so much smarter (and deployed!) than before.

Is Bruce Willis involved? (2, Funny)

gestalt_n_pepper (991155) | more than 4 years ago | (#30782322)

I mean you just kind of figure he'd have to be.

How about a smarter grid defense... (0)

Anonymous Coward | more than 4 years ago | (#30782478)

Get residences and businesses OFF the grid. The best form of national defense.... much harder to target everybody.

Oh wait, that means the electric companies couldn't tax us...so they could raise money to fund national defense systems to protect the grid(s). Never mind, please move along - nothing to see here.

Re:How about a smarter grid defense... (1)

dwiget001 (1073738) | more than 4 years ago | (#30783164)

I have news for you, the electric companies *aren't* taxing us. They are just collecting for the local, county, state and federal governments that *are* taxing us.

terrorist don't use computers (1, Insightful)

Anonymous Coward | more than 4 years ago | (#30782556)

20 guys, 20 uhauls, 20 tons of explosive, 20 throw way cell phones all parked under the 20 biggest transmission lines and there's not a thing that technology can do to stop it.

We knew how to do this twenty years ago (1)

yttrstein (891553) | more than 4 years ago | (#30782582)

Securing the electrical grid is very, very simple. Do not allow remote access to it, *period*.

There, I just saved you 8.5 million dollars.

Re:We knew how to do this twenty years ago (1)

D Ninja (825055) | more than 4 years ago | (#30782800)

:: facepalm ::

Now, if it was *really* that simple, don't you think it would have already been done that way? The problem is, it's not that simple. For a variety of reasons (both technical, and non-technical), electrical systems can't just be disconnected from the grid. Too many other systems rely on this connection. And, even if it could, would that really be the answer? With more and more members of industry talking about smartgrid technologies, does it really make sense to do it this way? Then, of course, there's also the political nightmare of trying to get such a huge industry to agree and work together.

I personally don't have all the answers, but I just wanted to point out just a few of the problems to your very simplistic solution.

Re:We knew how to do this twenty years ago (1)

yttrstein (891553) | more than 4 years ago | (#30783906)

What are you talking about? Ten years ago, less than 20 percent of power stations were accessible remotely via any other method than analog modem via ISDN backtrace and caller ID. Now theres a web interface to every one of them, that any idiot can bust into and shut off a city.

And I mean that.

The breakage is recent, and can be rolled back. Roll it the hell back.

As always, the biggest problem here is the one that you're showcasing strongly: the "its just too HARD" modality. Yeah, its really hard. Do it anyway. Period.

Re: US Preps Cyber Outfit (0)

Anonymous Coward | more than 4 years ago | (#30782596)

In Washington DC, $8.5 million dollars a year gets you an office with an executive and a secretary and a pencil sharpener. Anything else costs waaaay more.

We can't get a real Cybersecurity Czar, but... (3, Interesting)

zero_out (1705074) | more than 4 years ago | (#30782608)

we are expected to have a secure smart grid? How hard is it to give some real powers to the Cybersecurity Czar so he's something more than a scapegoat, and get him to stay put long enough to complete his New Employee Orientation? We can't even do that, yet we're supposed to find a way to secure the smart grid?

Has the current Cybersecurity Czar even made a statement about the recent hacking invasion from the Chinese government?

We can't get a real Cybersecurity Czar (1)

SgtChaireBourne (457691) | more than 4 years ago | (#30797568)

Has the current Cybersecurity Czar even made a statement about the recent hacking invasion from the Chinese government?

Hell no. A former C-level executive at Microsoft [signonsandiego.com] is not going to touch that, it's an international incident that he helped cause [bbc.co.uk] . Look instead for smoke and noise about some other happy horseshit. It's bizarre how he could squeak past the employment interviews. Any background check should have turned up his employment at Microsoft, so either none was done or there is some serious corruption and a serious breach:

"Find and Lean on your insider friend, 'the fox' Having a trusted MSfriend in the account is critical...they are true believers [groklaw.net] "
Comes v Microsoft [slashdot.org] , Plaintiff's Exhibit 9346, p63

right link- We can't get a real Cybersecurity Czar (1)

SgtChaireBourne (457691) | more than 4 years ago | (#30797576)

(Let's try that again with the correct link.) http://www.latimes.com/news/nation-and-world/la-na-cyber-czar23-2009dec23,0,6636463.story [latimes.com]

Has the current Cybersecurity Czar even made a statement about the recent hacking invasion from the Chinese government?

Hell no. A former C-level executive at Microsoft [latimes.com] is not going to touch that, it's an international incident that he helped cause [bbc.co.uk] . Look instead for smoke and noise about some other happy horseshit. It's bizarre how he could squeak past the employment interviews. Any background check should have turned up his employment at Microsoft, so either none was done or there is some serious corruption and a serious breach:

"Find and Lean on your insider friend, 'the fox' Having a trusted MSfriend in the account is critical...they are true believers [groklaw.net] "
Comes v Microsoft [slashdot.org] , Plaintiff's Exhibit 9346, p63

So just remember: (1)

Chris Mattern (191822) | more than 4 years ago | (#30783036)

If you get in trouble on the Internets, just say, "Let's Cyber!"

Please, someone think of the meter readers! (1)

Vector7 (2410) | more than 4 years ago | (#30783354)

I'm surprised the current administration hasn't called the whole smart grid idea off. After all, won't it put tens of thousands of meter readers out of work? That probably hasn't occurred to them yet, but you just wait. Please, someone think of the meter readers!

The best protection is self sufficiency (1)

Bob_Who (926234) | more than 4 years ago | (#30783374)

If we all have our mini solar, wind, tidal, geothermal, chemical generators and trickle storage systems then we'll be smarter than the grid. If the grid remains smarter than us, then I guess we're not going to be very effective protection. Perhaps if we could just figure out how to stop people from trying to destroy our lives, our grids would endure, and we could avoid their crude oil and behavior.

Re:The best protection is self sufficiency (0)

Anonymous Coward | more than 4 years ago | (#30784900)

This is my plan. If you can live without the grid, and can get power/heat for little additional cost compared to renting power from a company, it will lead to greater economic security for myself as well.

I'm not worried about *cyber* attacks. (2, Insightful)

gmarsh (839707) | more than 4 years ago | (#30783750)

A nation's electrical infrastructure is everywhere and largely unguarded - there's really nothing stopping a single, determined individual from doing an extreme amount of *physical* damage to a power company via sabotage.

Theoretically, there's no reason I can't:

- Sneak into the woods with a gas angle grinder and start cutting guy wires on hydro towers. Cut down a few >300KV lines feeding a city and they'll have no power for days.
- Break into unmanned substations and open oil drains on transformers. Or shoot a hole in a transformer with a high caliber rifle for the same effect - oil spill, destroyed transformer, easily a week of no electrical service.
- You probably can't do much to a power station directly (lots of staff, security, etc) but there's plenty of other things. Sabotage a rail line feeding a coal power station, a pipeline feeding a natural gas station, an oil tank at a oil station, etc. Or the power lines exiting them.

Get a large, determined group of people doing this, and you've got a big problem. Especially since we depend on electricity so much nowadays for day-to-day things - phones (who owns a corded phone anymore?), light, refrigeration, heating, etc. You can secure a power company system against "cyber-attacks" by keeping the damn thing off the internet - but good luck securing the physical power grid, since it's so big.

The solution to all of this?

- Intelligence, and
- Not pissing the fucking world off such that they *want* to do this shit. (Yeah, cliche, whatever.)

Re:I'm not worried about *cyber* attacks. (1)

jeffstar (134407) | more than 4 years ago | (#30787248)

i bet it takes a lot longer than a week to get a 30-60 MVA transformer delivered and installed. oil/explosion clean up would take a week!

Re:I'm not worried about *cyber* attacks. (1)

FooAtWFU (699187) | more than 4 years ago | (#30787850)

- Not pissing the fucking world off such that they *want* to do this shit. (Yeah, cliche, whatever.)

So what got Al-Quaeda all interested in blowing up US buildings to begin with? It's not about Afghanistan or Iraq (those were post-911, after all). How was the US pissing off the Arab world? Oh! It's because the US was friendly with the Israel. Israelis are obviously deplorable monsters, as you can tell from their religion and their tendency to shoot back when you launch a bunch of rockets at them from across the border.

The answer is simple, and doable: if the US wants to be immune from terrorist Muslim extremists, we just need to nuke Israel. A fairly modest proposal, and with many benefits! Just think what that would do for world peace!

technology is false security (0)

Anonymous Coward | more than 4 years ago | (#30783946)

If security is the goal, smartgrid is the wrong direction. If security is the goal, we need implement dumbgrid. we don't need a 'skynet' grid that adjust itself to prevent outages. everywhere there is a computer making such decisions, put a human being. also, we need to discourage such heavy reliance on centralized electricity. hell, we need to fight centralization of everything!

only 8mil? (0)

Anonymous Coward | more than 4 years ago | (#30784240)

In today's times, budgets for any new gov't organization require multimillions, on order of 100+million.


$8.5mil will only run 10-12 people in R&D for a year, producing ZERO results and a bunch of far fetched papers/publications.

So I suspect this money will likely end up in a few CEO's (those pitching smart grid tech) pockets.

Funny. I see gov't is up to it's usual ways.
Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>