In the January/February 2011 issue of Intelligent Utility, Mark McGranahan, Director of Distribution, Power Quality, and Smart Grid at EPRI was quoted in the article “SCADA Cyber Attack”. I tried to contact Mr. McGranhan to find out if his quotes were accurate and if he had any further comments. Unfortunately he has not responded to my questions.
The three quotes in question are:
- "SCADA has the control to open and close switches on the transmission grid. That's why the concern exists. When one thing happens in a power system, it can result in other things happening automatically from a protection point of view. It's unlikely that doing something at one switch, or even a number of switches, would be likely to result in a cascading outage. We have had a number of those over the years and every time we learn and put in additional protection to prevent the problem."
The 2008 Florida Outage was a control system cyber incident where one faulted switch and several layers of bypassed protection cascaded into an outage that affected about 3 million people. As this incident is not unique to FP&L and the Florida grid, it would be helpful if Mr. McGranahan would outline the additional protections added to the Florida and other grids to prevent this problem from recurring.
- "I don't know if the grid is vulnerable anywhere, but the further up in the chain you go, the more things that are affected by any potential problem that gets created. At the distribution level, you are affecting a much smaller number of customers than you are if something has been compromised at the SCADA transmission or generation level,"
There have been hundreds of vulnerabilities identified by the Idaho National Laboratory and others. Moreover, there have already been more than 20 control system cyber incidents in the North American electric industry. If there are no vulnerabilities, how have the identified vulnerabilities been mitigated? Can Mr. McGranahan explain why he thinks the number of customers in the distribution level being smaller implies a lesser threat since distribution is electronically connected to transmission? Does the lesser number of customers imply that Mr. McGranahan feels that securing distribution is less important than transmission and if so what does that mean to securing Smart Grid which is primarily distribution?
- "Utilities have security right at the top of the list. I can tell you from talking to executives that they are making sure they are addressing security concerns in every way possible. Some of it is a problem from an R&D point of view, really being able to understand and characterize all of the potential vulnerabilities and threats."
Per the NERC website (nerc.com), NERC CIP version 4 standards were approved by the NERC Board of Directors on January 24, 2011. NERC CIP version 4 contains specific cut-off points for facilities that can be excluded from the NERC CIPs and those that are considered NERC Critical Assets – a “brightline”. The brightline for generation is 1500 MW and above (this eliminates about 70% of the power generation in North America), 500 KV and above for transmission (this eliminates about 70% of the transmission in North America including transmission assets involved in the 2003 Northeast Blackout), and 0% for distribution (no distribution is included). How can Mr. McGranahan believe utilities are taking cyber security seriously when they have excluded most of their assets from cyber consideration?
It seems the higher you go in an organization (such as EPRI) the more difficult it is for leaders like Mr. McGranahan to keep their fingers on the pulse of the true state of affairs.
Joe Weiss
