By Manuel Cereijo
As the war on terrorism continues, security experts fear that the next battleground could be on the information infrastructure front. Such attacks could disrupt power systems, penetrate financial institutions and disable voice communications systems.
The United States is not producing the talent or investment needed to confront the threat. A shortage of trained information security specialists, poorly designed and tested software, and a lack of funding for security education and research poses serious risks to the country's infrastructure.
We have too few trained individuals who really understand the principles of security and there is almost no national investment in producing more. The incredible growth of our society's deployment of computing has too often been conducted with concerns for issues of safety, security and reliability.
The scope of infrastructure protection is larger than just computer security, and we should be concern with a broader scope, that could be called information assurance. Information assurance also involves issues of physical security, malicious software, privacy, software engineering, database security, network security, computer forensics, intrusion detection, and several other fields.
Anyone who produces computer code or build systems should be aware that some practices are more dangerous than others, could cause harm to the public and infringe on privacy. Engineers in particular should have an awareness that there are areas where their expertise does not reach and they need to call in specialists.
Information security specialists are a scarce commodity. Of the 23 leading U.S. universities involved in computer security research, only 20 Ph.Ds were granted in the last three years. There are probably fewer than 100 faculty in the United States who really have some experience on this field. There are very few who have a broad view and actually can address the whole area.
Instead of finding ways to design new systems resistant to attack, must of the effort is directed at how to apply new patches to the same old, buggy code. This does not serve to fix the long-term problems. The immediate problems of cyber systems can be patched by implementing best practices, but these will not address the fundamental problems of cyberterrorism.
Modification of service attack, by cyberterrorism, simply means that some portion of a legitimate message is altered, or that messages are delayed or reordered, to produce an unauthorized effect. The denial of service prevents or inhibits the normal use or management of communications facilities. This is a very important and serious possible attack. It could disrupt an entire network, either by disabling the network or by overloading it with messages so as to degrade performance. The attacker could target airports, financial centers, power companies, dams control centers, etc. It is quite difficult to prevent active attacks. The goal is to detect them and to recover from any disruption or delays caused by them.
Network security has assumed increasing importance. Individuals, corporations, government agencies, must heighten their awareness to protect data and messages, and to protect systems from network-based attacks. The disciplines of cryptography and network security have matured, leading to the development of practical, readily available applications to enforce network security.
The electrical power system grid
Electricity is generated as it is used; unlike fuels such as natural gas or coal, there is very little ability to store electricity. Because of this instantaneous nature, the electric power system must constantly be adjusted to assure that the generation of power matches the consumption of power. On the continental U.S. power grids, roughly 150 Control Area Operators serve this function, using computerized control centers to dispatch generators as needed.
Electric Control Area Operators - Continental United States, 1998. (Source: Energy Information Administration, Office of Coal, Nuclear, Electric and Alternate Fuels. Based on data contained in Form EIA-861, "Annual Electric Utility Report.")
To help the Control Area Operators, electrical generators are divided into three main categories:
· Baseload power plants, which are essentially run all the time to meet minimum power needs;
· Peaking power plants, which are only run to meet the power needs at maximum load (known as "peak loads"); and
· Intermediate power plants, which fall between the two and are used to meet intermediate power loads. Nuclear plants, for instance, are nearly always operated as baseload plants, because the systems are most stable at full power. Intermediate plants are well-suited toward adjusting to changing power loads (called "load following"); gas turbines can be used as intermediate plants. Peaking plants are generally the most expensive plants on the system to operate; in many cases these are small, older coal- or oil-fired plants, although gas turbines can also be used as peaking plants. While Control Area Operators run the grid within their control areas, on a larger scale the responsibility for electric grids has traditionally rested with electric utilities. Utilities would have responsibility for the operation of the electrical grid within their service area (coordinating the efforts of the Control Area Operators in their service area), as well as investment in new lines, maintenance, and control of access to the grid. However, with competition in wholesale power markets, and increasing competition in retail power markets, utility control of the grid has often been viewed as a conflict of interest. Some states have moved to pass the control of the grids to Independent System Operators, or ISOs. For example, the California ISO controls the transmission grid for all of California. ISOs also exist in Texas and New England. Ownership of the transmission and distribution systems may be retained by the utilities, or may be passed off to independent transmission companies ("TransCos"), in which case the utility effectively becomes a distribution company ("DisCo").
How the Electricity Grid Works
The traditional model of electric power generation and delivery is bases on construction of large, centrally located power plants. "Central" in this case ideally mean that the power plants are located on a hub surrounded by many electrical load centers. For instance, a power plant may be located close enough to serve the electrical loads in the city and its suburbs, or a plant may be located in the midpoint of a triangle formed by three cities. Regardless of where power plants are located, their power must be brought by the plants to the users, and that is the purpose of the electricity grid. The system actually consists of two separate infrastructures: the high voltage transmission systems-carrying electricity from the power plants and transmitting it,- hundreds of miles away-and the lower-voltage distribution systems, which is distributed to the individual customers.
Grid Architecture and Function
The transmission system is the central trunk of the electricity grid. Thousands of distribution systems branch off from this central trunk and fork and diverse tens of thousands of feeder lines reaching into homes, buildings, and industries. The power flow to the disribution systems is largely determined by the power through the transmission systems, and in fact, the "grid" really refers to the transmission system. The transmission system truly is a grid. Transmission lines run not only from plants to load centers, but also run from transmission lines to transmission lines, providing a redundant system that helps to assure the smooth flow of power when a transmission line is taken out of service in one part of the power grid, the power can usually be rerouted through other power lines to continue delivering power to the customers.
Economic issues vs. terrorism issues
Most modern day power systems have interconnections with all the neighboring systems. This allows the flexibility for any system to buy or sell interchange power simultaneously with several neighboring systems. The price for the interchange is settaking into account all other interchanges.
With the advent of competition and open access, an electric supplier not in a neighboring system could wheel power across an intermediate system or systems to a customer. Wheeling would result in transmission losses in the intermediate system. There are other types of interchanges that could be set up between utilities. These include capacity interchange, diversity interchange, energy banking, and inadvertent power exchange.
It should be mentioned that economy of operation is not the only possible consideration. If the optimal economic dispatch requires all the power to be imported from a neighboring utility through a single transmission link, considerations of system security-specially after 9/11- might preclude that solution.
With the advent of the competitive market structure and the flexibility to wheel power across the transmission network, several technical issues dealing with the network's capability to transfer power arise. These issues involve the physical capacity of the network to handle power flows reliable and SECURELY.
The transfer capability is a network number. It measures the ability of the interconnected electric systems to move or transfer power reliably and securely from one location to another. The electric systems must be capable of absorbing the dynamic power swings, and remain stable, following a disturbance-accidental or terrorist done- that results in the loss of any single electric system element, such as a transmission line, transformer, or generating unit.
A transmission reliability margin-the amount of transfer capability necessary to ensure that the interconnected transmission network is SECURE under a reasonable range of conditions must be established.
The function of power system protection is to detect and remove faults from the system as rapidly as possible while minimizing the disruption service.
To further this objective the system should be designed to incorporate some desirable general features, such as zones of protection, overlapping protection zones, backup protection, and relay(time) coordination. Relays should be microprocessor-based relays. They are cheaper, communicate better, may have their relay characteristics set by software, from remote locations, and can perform multiple functions within a single package.
There is also a great urgency to act, and yet at the same time there is a great need for clear thinking and specificity about which of the myriad of technological possibilities before us we should invest in to avoid large power failures.
Enhancing security is an intrinsically intrusive business, but there is no fundamental reasons why officials can not find a way to use technologies to anticipate and deter terrorism.
I. BEJUCAL BASE
Located in Bejucal, La Habana, Cuba. 20 square mile area. Cost: $ 750 millions. Built by the Russians from 1994 to 1997. Workforce: 1,100 engineers, computer scientists, technicians, staff. Three groups of antennas/satellites. First group to listen to general USA telecommunications. Second group to listen to pre designated phones and computers. Third group with the voice recognition capacity. It has 2 HPCs given by PRC. Operated now with the cooperation of PRC's military personnel. Utilizes PRC's satellites. It can interfere USA computer networks, and affect power systems, telecommunication systems, emergency systems, financial activities, and several other critical infrastructures.