Sunday, March 21, 2010

Grid Cascade Report: Trap or Training?

As the grid grows more complicated and more confusing, many of us are spending time thinking about the ways in which we can hopefully make it more secure, or at least more reliable, in the face of a new wave of threats and dangers. An article in the March 20th issue of the New York Times, "Academic Paper in China Sets Off Alarms in U.S." describes a new twist on an old distraction: state-sponsored attacks, in this case from China.

First off, I am not going to make any judgments about whether or not we are in the cyber-gunsites of any nations. I always assume that cyber-warfare/defense is now a common discipline in most technologically developed countries, some of which like the United States a lot, and some of which may like us a little less. If you are interested in some relatively comprehensive discussion on the topic of China's capabilities, you can take a browse at a Northrup Grumman Corporation report done for the US-China Economic and Security Review Commission, entitled, "Capability of the People’s Republic of China to Conduct Cyber Warfare and Computer Network Exploitation." There is a ton of information there, and a detailed analysis of practices, training, and competencies, but that is not really my issue here.

Cyber-attacks, their origins, purposes, etc. have always been notoriously difficult to divine. Once somebody is caught, there are occasional revelations; the ever-popular "disgruntled former employee", the "group of (pick a nationality) extremists", the "hackers associated with (pick a cause)". In general though, understanding the ultimate source of an attack or the mindset of the attacker is more like reading tea leaves than reading a bio. It even happens to the US, as is the case here in recent news from Iran, "Iran arrests 30 accused of U.S.-backed cyber war". That lack of real conclusive correlations in so many attacks has always led me to focus on the vulnerability, or the exploit, or the damage. What can we learn, what can we do, how can we help?

In this case, the Times' John Markoff and David Barboza are writing about the testimony given by Larry M. Wortzel, Commissioner to the afore-mentioned U.S.-China Economic and Security Review Commission, on March 10, 2010. In that testimony, there is mention made of a paper issued by two academics in China on:
" to attack a small U.S. power grid sub-network in a way that would cause a cascading failure of the entire U.S. west-coast power grid."
Now that sounds serious.

I am not going to pretend that I have taken the time to review the mathematics that underpin the researcher's report, entitled, "Cascade-based attack vulnerability on the US power grid", and I will assert up front that the formula they use in their abstract is enough to give me flashback memories of long mornings spent contemplating another vocation while in Troy, New York, but I have read it. And anyone can understand that even in their abstract, they are letting the cascade cat out of the bag, because they state that their research produced a "counterintuitive finding", that an attack on the lowest load nodes of a system would be more damaging than attacks on the highest load nodes. Who knew?

Giving away this kind of revelation seems to fly in the face of the sort of tone of the remarks that this article was a blueprint for attacks. This was a report on a surprising aspect of grid vulnerability, and for those who will actually read the report, it closes with a straightforward note on the writers' hope that these results described may "...have practical implications for protecting the key nodes selected effectively and avoid cascading-failure-induced disasters in the real world." To me that looks like well-meaning advice, not like a plot.

Back in 1982, Amory Lovins and L. Hunter Lovins published a book on cascading failures and more, entitled: "Brittle Power: Energy Strategy for National Security". It is rich in information on threats to US energy sources, and even offers relatively detailed anecdotes about the sources of risk in our national energy infrastructure. Much more recently, Amory has again written of the risks with a modern DoD-oriented view, in an NDU article entitled, "DOD’s Energy Challenge as Strategic Opportunity" where he relates that:
"the U.S. electric grid can be interrupted by a lightning bolt, rifle bullet, malicious computer program, untrimmed branch, or errant squirrel."

It would be difficult to find someone who has worked as long to elevate the discussion of energy security or its national importance, and yet many of his messages are also about inherent vulnerabilities that can topple our grid. Lovins helps us to see ways in which we are at risk, and to think about different ways to arrive at resolution.

While picking up the cited article on cascading failures, I browsed around to see what other related topics could be found there, particularly from China. There were plenty. The way I figure it, there is probably a ton of power needed in an industrializing economy growing as quickly as China's, and so they are probably investing a ton in understanding how to make that power reliable. There are a couple of other articles focused on attack strategies to exercise and understand the grid, and another about using power flow entropy as an early indicator of impending failure.

I am not so innocent as to believe that cyber warfare is not planned and practiced by nations all over the world, but there is also research and science that can be leveraged. I hope that our legislators, lobbyists, and scientists use these papers to inform the security of the Grid with at least the same enthusiasm that they present them to us as indicators of international threat.

Smiling Chinese Outlet Photo Courtesy of:

No comments: