Intelligent power grids present vexing cyber security problems
Michael T. Burr is editor-in-chief of Public Utilities Fortnightly. Email him at burr@pur.com
The night Benazir Bhutto came out of exile, the streetlights went dark.
When the former prime minister returned to Pakistan on Oct. 18, 2007, her homecoming caravan was bombed. Nearly 140 people were killed, including 50 of Bhutto’s guards. Afterward, she suggested the darkened streetlights were no accident, but were part of an assassination plot.
“We need to have an inquiry as to why the streetlights have been shut [off],” she said in a press conference in Karachi.
In a world where streetlights can be used as a weapon, controlling local utility networks becomes more than just a matter of public convenience and necessity. It becomes a matter of public safety and even national security. And in that world, the idea of an inter-networked, automated distribution grid poses troubling questions about cybersecurity vulnerabilities.
“As soon as you connect a device to the communication network, and you can read and remotely control it, it’s subject to cyber attack,” says Joe Bucciero, senior vice president with KEMA Consulting in Philadelphia, Pa. “The real unknown is the potential for misuse, to deny service or do things that impact the grid. For a house it’s not a big deal, but for a power station or a transmission substation it becomes a big problem.”