Guarding the Grid

transmission_lineby James A. Bacon

It’s easy to spin nightmare scenarios leading to the collapse of the electric grid. North Korea detonates a nuclear weapon a mile overhead, sending out a super-charged electro-magnetic pulse that melts down transmission lines and blows out substations. The electricity overload races ahead of anyone’s ability to control it in a cascading effect that knocks out power for vast swaths of the country. Because key components of the grid take more than a year to manufacture and deliver, electric power takes interminably long to restore. The economy collapses. Millions die.

If you find that threat implausible, how about this one? A massive discharge of radiation from the sun overwhelms the earth’s magnetic field, melts down transmission lines, blows out sub-stations, and…. you know the rest. Or, this: In coordinated strikes, terrorists knock out vulnerable sub-stations, triggering the meltdown of electric lines…. Or cyber-terrorists infiltrate a utility network, overriding the power company’s controls, creating overloads and triggering a meltdown…

Such story-lines sound over-wrought, the stuff of grade B movies or pulp novels. They could never happen in real life, you say. Yet there have been enough deliberate physical and cyber attacks on a small scale, as if someone is probing the system, that many experts deem the threat to be very real. And most of us can still remember the great Northeast Blackout of 2003, caused by sagging electric lines coming into contact with overgrown trees, which demonstrated how a failure in one location can ripple across an entire grid. Fifty-five million people in the U.S. and Canada were effected.

The United States and the Commonwealth of Virginia have been moving in their slow, ponderous way to protect against those threats, and Garry Kranz has written an excellent article in Virginia Business magazine describing what Dominion Virginia Power and others are doing to safeguard against the disaster scenarios.

Writes Kranz:

Dominion plans to spend up to $500 million over the next five to seven years on a variety of security initiatives. The strategy is to harden its transmission substations and other critical infrastructure, add more mobile transmission equipment and boost stockpiles of backup gear. It plans to bolster perimeter security with ultramodern construction and use sophisticated technologies to pre-empt intruders. …

Dominion also is investing in increased grid reliability through the construction of a new systems operations center in Henrico County. Costing an estimated $100 million, the center will be able to perform real-time monitoring of the transmission grid to maintain electric reliability. Projected to open in 2017, the facility will replace Dominion’s current operations center at the Innsbrook Corporate Center in Henrico, which has been around since 1992.

Another tool in the security toolbox is penetration testing.  A standard security technique for utilities and related industries, it allows companies through what is known as a “pen test” to systematically try to defeat internal security controls and procedures to pinpoint any weaknesses.

“We give penetration testers an advantage by moving them inside our network to see how far they get. Sometimes we tell our people the tests will take place, but often we don’t tell them. We want to see if our processes help them detect abnormal activity and report it,” says Engels, who does not share any improvements Dominion has made as a result.

Micro-grid technology also promises enhanced grid reliability, according to Jason Nichols, director of Scitor Corp.’s iSpace lab. Scitor is part of McLean-based defense contractor SAIC. Some military bases in Virginia already deploy micro-grids. Dominion also is funding micro-grid demonstration projects using renewable fuels at several state universities.

“If a portion of Virginia’s public grid goes down, a micro-grid gives the military base the potential to provide local generation to keep hospitals and other critical services running in some sort of degraded state,” Nichols says.

As it happens, while attending freshman orientation earlier this week at a certain unnamed university my son will be attending this year, I encountered a cyber-security professor who had just arrived for his first day on the job. He and I struck up a conversation about this very topic: cyber-security on the grid. What he told me was alarming. Speaking from his personal experience consulting with a major electric utility in the Southeast U.S. (not in Virginia), he found that the control systems cobbled different generations of technology as far back as the 1950s. Vulnerabilities were rampant. I was left with the impression that the only thing preventing infiltration by cyber-enemies was the overwhelming complexity of the chewing-gum-and-bailing-wire system that only a handful of long-time company employees even understood. Whether senior management comprehends the magnitude of these vulnerabilities is an interesting question.

Bacon’s bottom line: Virginia needs to think about grid security as it plans the electric grid of the future. While it helps to harden sub-stations and conduct penetration testing, arguably the most important variable is how we structure the grid.

In Big Grid system, a centralized system of large power plants and large transmission lines, the first line of defense against a disaster scenario is to build significant redundancy into the transmission system — with enough slack that the electric grid can absorb multiple outages and still have enough capacity to re-route electrons through different transmission lines without melting them down. Every section of transmission system is watched by the local utility and a regional transmission organization (PJM Interconnection for our part of the country), which can balance an overload within seconds by taking power generation offline. The idea is that redundancy backed up by more sensors, faster computers and sophisticated algorithms can protect the system from experiencing another cascading blackout like the calamity of 2003.

By contrast, the Distributed Grid vision calls for more distributed power sources, such as residential solar and small wind farms, along with micro-grids like the one Kranz describes for the Norfolk Naval Station. By its very nature, the argument goes, such a system would have fewer choke points vulnerable to sabotage and meltdown. In a worst-case scenario, even if the larger grid collapsed, there would be self-sustaining islands of electricity production to keep parts of the economy functioning.

The question of which path to pursue will become all the more pressing if, as seems likely, the U.S. pushes forward with Clean Power Plan, curtailing coal-generated electricity, which, if nothing else, was reliable, and replacing it with some combination of nuclear, natural gas, wind and solar. The problem is that both wind and solar are inherently intermittent, creating wide swings in electricity generation depending upon season, time of day and weather conditions. It is not clear to me whether wind and solar will enhance or degrade grid reliability and safety. We need answers as we move forward.