The following activity is designed to prompt expression of your knowledge of and ability to apply engineering professional skills. Its purpose is to determine how well your engineering program has taught you these skills. By participating, you are giving your consent to have your posts used for academic research purposes. When your posts are evaluated by the program assessment committee, your names will be removed. In order to post, click on the Sign In button in the upper right hand corner of the blog page, then sign in using your gmail account and password.
Time line: You will have 2 weeks to complete the on-line discussion as a team. Use this blog to capture your thoughts, perspectives, ideas, and revisions as you work together on this problem. This activity is discussion-based, meaning you will participate through a collaborative exchange and critique of each other’s ideas and work. The goal is to challenge and support one another as a team to tap your collective resources and experiences to dig more deeply into the issue(s) raised in the scenario. Since the idea is that everyone in the discussion will refine his/her ideas through the discussion that develops, you should try to respond well before the activity ends so that the discussion has time to mature. It is important to make your initial posts and subsequent responses in a timely manner. You are expected to make multiple posts during each stage of this on-going discussion. The timeline below suggests how to pace your discussion. This is just a suggestion. Feel free to pace the discussion as you see fit.
Tuesday Week 1 Initial Posts: All participants post initial responses to these instructions (see below) and the scenario.
Thursday Week 1 Response Posts: Participants respond by tying together information and perspectives on important points and possible approaches. Participants identify gaps in information and seek to fill those gaps.
Tuesday Week 2 Refine Posts: Participants work toward agreement on what is most important, determine what they still need to find out, & evaluate one or more approaches from the previous week’s discussion.
Thursday Week 2 Polish Final Posts: Participants come to an agreement on what is most important, and propose one or more approaches to address the issue/s.
Discussion Instructions
Imagine that you are a team of engineers working together for a company or organization to address the issue raised in the scenario. Discuss what your team would need to take into consideration to begin to address the issue. You do not need to suggest specific technical solutions but identify the most important factors suggest one or more viable approaches.
Suggestions for discussion topics
• Identify the primary and secondary problems raised in the scenario.
• Who are the major stakeholders and what are their perspectives?
• What outside resources (people, literature/references, and technologies) could be engaged in developing viable approaches?
• Identify related contemporary issues.
• Brainstorm a number of feasible approaches to address the issue.
• Consider the following contexts: economic, environmental, cultural/societal, and global. What impacts would the approaches you brainstormed have on these contexts?
• Come to agreement on one or more viable approaches and state the rationale.
Power Grid Vulnerabilities
In 2010, the US power industry received $3.4 billion as part of the recent economic stimulus package to help modernize the country's electric power system and increase energy efficiency.
The nation’s security experts are concerned about the increased vulnerability of the operational systems used to manage and monitor the smart grid infrastructure. Supervisory Control and Data Acquisition (SCADA) systems are one of the primary energy management systems used to control the power grid. SCADA systems are susceptible to cyber attacks because many are built around dated technologies with weaker protocols. To increase access to management and operational data, these systems and their underlying networks have been progressively more interconnected.
Contemporary hackers may circumvent technical controls by targeting a specific user within the utility instead of hacking directly into the grid. For example, a person with intention to launch cyber attacks could be employed by a business that sells products or services to a company, allowing regular e-mail interactions with the internal procurement office. The hacker could circumvent the company’s firewall by sending emails with a Trojan horse or advanced malware, thus creating a virtual tunnel to the procurement office’s computers. This would give the hacker undetected direct access to the company's network which could be used to launch further attacks.
Since 2000, successful cyber attacks to the SCADA systems of a number of US power generation, petroleum production, water treatment facilities, and nuclear plants have increased by tenfold. In April 2010, a Texas electric utility was attacked from Internet address ranges outside the US. In late 2010 and early 2011, Iranian nuclear power plants and German-headquartered industrial giant Siemens witnessed the powers of Stuxnet, the sophisticated malware designed to penetrate industrial control systems. Experts warn that Stuxnet or next-generation worms could incapacitate machines critical to US infrastructure, such as electric power grids, gas pipelines, power plants, and dams. The worm circumvents digital data systems and thwarts human operators by indicating that all systems are normal, when they are actually being destroyed.
Official US governmental standards for power grid cyber security are not robust enough to ensure against such threats. According to a January 2011 Department of Energy audit, the current standards are not “adequate to ensure that systems-related risks to the nation’s power grid were mitigated or addressed in a timely manner.”
Sources
Audit Report: Federal Energy Regulatory Commission’s Monitoring of Power Grid Cyber Security. (January 26, 2011). U.S. Department of Energy, Office of Inspector General, Office of Audits and Inspections.
Computer Expert Says US Behind the Stuxnet Worm. (March 3, 2011). Agence France-Presse.
Cyberwar: In Digital Combat, U.S. Finds No Easy Deterrent. (January 25, 2010). New York Times.
Hacking the Smart Grid. (April 5, 2010) Technology Review.
New Breed of Hacker Targeting the Smart Grid. (June 1, 2010). Coal Power Magazine.
The first of two problems highlighted in the article (from paragraph 1) is targeting specific users in a utility instead of directly hacking. The second problem is the vulnerability of the US utility grid and its controlling equipment from outside access.
ReplyDeleteAlmost the entire United States has a stake in this article. Utility interruptions will affect residential and commercial consumers. From their perspective, an interruption could be a loss of service causing thousands of dollars (for commercial consumers). Utility companies and those vendors who provide the equipment to them are also primary stakeholders. From their perspective, a compromised system could cost them millions of dollars in equipment and cleanup costs, if a catastrophic event were to occur. Prevention is obviously in their key interests.
Finally the government has an interest in the stability of the utilities. Promoting an image of stability by keeping the lights on for businesses and the general population is in their best interest. Appearing stable to the international community is also important.
i think this problem has nothing to do with utility's because the same problem can come up in any industry. then saying this is the utility problem is wrong. this is just IT problem and information security. and i am not at all qualify to answer this question. but i can give some input about it.
ReplyDeletethe first problem is someone getting access to the data being transfered and the second problem is they try to control the power system and start shutting down the power.
the stake holder in this case is United State
as hole. but it can be any country around the world.
i can see why there is a lot of interest in the government to secure the system in utilities.
I agree with Carl. To add on to what Kam said, it is relatively easy to put up a new firewall or other hardware to act as the gateway to the dated protocols making more of an IT issue.
ReplyDeleteLets take another look at this, the problem which this audit and the government is putting emphasis on is the vulnerability of certain power related distributors. This goes beyond them and goes to those that work with those companies too. If new equipment is put in then they will have to retrain and updated what they can service. This vulnerability if exploited will leave people with out power, which is a main concern.
ReplyDeleteIt EM relays are still used we wont have an issue. With the new digital relays is where we are having problems. The newest of new relays can have security built up with little to no issues. That can be done internally with the power companies or it can be contracted out. This can either be done at the piece of hardware or, like the Nomad said, another piece of equipment can be used.
One issue more security can bring is locking out people who need access. Multiples levels and complexity can be used though.
This being an IT issue is accurate and having a new firewall is a simple and easy fix. This could go as far as to have continued laws passed to make it more secure.
I think Carl pointed out the problems pretty good. Targeting power utilities to gain access to the entire or part of the power grid, and the unprotected SCADA system that is highly vurnurable. According to the CIA, many cyber attacks caused blackouts and have caused at least one power outage affecting multiple cities outside and inside the United States in 2008.
ReplyDeletethe major stakeholders are Power utilities companies, commercial consumers and almost everyone one who uses electricity!.
I think government should put more money towards protecting the power grid. Also power companies can hire more advanced IT specialist who can control and monitor the security of their systems and prevent such cyber attacks that can cause loss of millions of dollars.
The article is correct that as the "smart grid" technologies move the grid towards a more integrated, automatically controlled (Relays, Meters, Governors, etc) system, that it will be a more attractive victim for cyber terrorists. These people will find vulnerabilities where ever they appear, which could be from the user level or from a direct attack.
ReplyDeleteIncreasingly complex firewalls are certainly a way to deter a large amount of hackers, but the protocols themselves may need to be reworked or updated.
This is not an issue to be taken lightly because almost everyone is a stakeholder here, from the customers, to the utilities, to the government. Because of this, maybe the government should standardize the way this is done similar to how government agencies are protected.
i think will is right about the "Increasingly complex firewalls are certainly a way to deter a large amount of hackers, but the protocols themselves may need to be reworked or updated."
ReplyDeletethis is good idea the see if we can change the protocols to increases the security. for example use coding and decoding data and putting the 32 bit code that is just know to the receiver HW. that way the hacker need to be at the receiving end to be able to read the data.
In terms of resources, this seems to be low equipment costs and high labor costs. Since it seems to be much programming that is mainly time.
ReplyDeleteI agree with both Kam and Will... i was reading a news article the other day and it states that The British Columbia Institute of Technology (BCIT) is one of a few groups to track industrial cybersecurity incidents. The BCIT Industrial security Incident Database (lSIO) contains information regarding security related
ReplyDeleteattacks on process control and industrial networked systems. The information stored; nature of attack,technology employed and equipment used, can help companies set up protection for their networks. I thought that was interesting!
as sum up we can come up with the following:
ReplyDelete1) we need IT company as contractor to secure the system( Cisco crop)
2) we need use data encryption ( like hash coding)
3) we need to have to system as much as possible in the intranet. this way hacker have to have physical appearance in the facilities to get acsess to the system.