The development of new smart-grid electrical distribution systems may be part of the answer to our energy problems, but they may represent additional vulnerability to hackers.

There are some cyber-security experts that believe deployments of smart grids should be slowed until certain security vulnerabilities are addressed. They cite security simulations that show that there is a vulnerability to hackers in such systems. They say that a hacker or group of cyber-terrorists can cause a major blackout after breaking into a smart-grid system.

For those without a scorecard, a smart grid is a system that delivers electricity from suppliers to consumers using digital technology to save energy, reduce cost and increase reliability. A smart grid incorporates consumer equipment and behavior in grid design, operation, and communication technologies. The Obama administration is advocating the use of such a grid as a part of their technology and conservation policies.

As one prong of the recently-passed U.S. economic-stimulus package, the Department of Energy is ready to invest $4.5 billion in smart-grid technology. Their enthusiasm is shared by a significant number of electrical production and delivery utilities. However, some cyber-security experts are saying that the country should not proceed with this technology until some security issues have been addressed. As a part of a special report, CNN had the following to say about security concerns:

Cybersecurity experts said some types of meters can be hacked, as can other points in the smart grid’s communications systems. IOActive, a professional security services firm, determined that an attacker with $500 of equipment and materials, and a background in electronics and software engineering, could “take command and control of the (advanced meter infrastructure), allowing for the en masse manipulation of service to homes and businesses.”

Experts said that once in the system, a hacker could gain control of thousands, even millions, of meters and shut them off simultaneously. A hacker also might be able to dramatically increase or decrease the demand for power, disrupting the load balance on the local power grid and causing a blackout. These experts said such a localized power outage would cascade to other parts of the grid, expanding the blackout. No one knows how big it could get.

“Industry is working to make meters more secure. They have done a good job,” said Joe Weiss, an expert on utility control systems.

Still, experts like Skoudis recommended that smart-grid deployment be slowed until security vulnerabilities are addressed. Otherwise, he said, smart-grid equipment deployed now may have to be replaced later.

“Before we go rushing headstrong into a Smart Grid concept, we have to make sure that we take care of business, in this case cybersecurity,” he said.

These seem like concerns that absolutely have to be addressed, but they are also concerns that the pro-smart-grid factions are surely already aware of and have already considered in their plans. The planet needs this technology, as does our economy and utility infrastructure. These concerns may have already been addressed by the smart-grid visionaries. If not, they will be addressed by the administration before full scale systems are deployed.

Related:

Entry was posted on Sunday, March 22nd, 2009 at 3:33 pm under Crime, Green Technology, Hacking, Politics, Science and technology, Security.

Read more entries by Michael W. Jones.
Stumble It!