Feeds

Power grid scare stories a 'bunch of hooey'

Bloody difficult for your average villain to trigger blackout, say boffins

Internet Security Threat Report 2014

There have been a lot of scare stories in the media about electrical power grids in recent times, suggesting that it would be a simple matter to bring down a national transmission system by way of a minor cyber attack or physical sabotage - thereby bringing that nation's infrastructure to a grinding halt.

There's just one problem with that idea: it's "a bunch of hooey," according to power-engineering boffin Seth Blumsack.

Blumsack and his colleagues were moved to look into the matter of deliberate power-grid crashing after recent papers and studies in hefty journals - including some briefed to US politicians - painted a grim picture earlier this year. The perception was that making a targeted strike on a relatively minor electrical installation such as a neighbourhood substation (by bomb, arson or electronic/network sabotage) could easily bring down the whole grid to which it was attached.

According to Blumsack and his fellow 'leccy boffins Eduardo Cotilla-Sanchez and Ed Hines, the alarmist analyses are based on a particular type of mathematical modelling of power grids - so-called "topological" models.

"Some modellers have gotten so fascinated with these abstract networks that they've ignored the physics of how things actually work," Hines says.

"This can lead you grossly astray."

Blumsack, Hines and Cotilla-Sanchez decided to contrast the performance of a topological model with one based on actual physics - specifically on Ohm's and Kirchoff's Laws governing the flow of electricity in the real world. They tried out both kinds of model on an accurate representation of the North American Eastern Interconnect, the largest and one of the most trouble-prone portions of the US grid, using real-world data from a test case generated in 2005.

The three engineers say that the physics-driven model was much closer to reality, and that this verifies what physics models show. The results showed that in fact it is major grid components through which a lot of power flows - big generating stations and massive transformers - which are the main points of vulnerability, not the minor installations scattered across the country.

It isn't so much that a minor event on a minor line or installation can't crash the network: such things do happen. But in general there have to be huge numbers of such minor events before one of them happens to hit the miracle weak point and bring everything down. It would be an impossible task for terrorists or other malefactors to know in advance just where and when a minor pinprick could cause massive effects.

"Our system is quite robust to small things failing," says Hines.

Hitting a bigger installation or link, which would generally be better secured and more resilient, would be much more likely to work. Even then a well-resourced terror or sabotage unit with the ability to knock out bigger grid components would struggle to take down the whole thing as it is still very difficult to know exactly where and when to strike.

"It takes an incredible amount of information," says Hines, "to really figure out how to make the grid fail."

Hines and his colleagues' paper, Do topological models provide good information about electricity infrastructure vulnerability?, is published here by the journal Chaos. ®

Internet Security Threat Report 2014

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.