Energy Security Postscript and Next Chapter

Long-time readers of the SGSB might have wondered if they'd ever see another post. Me too. After producing an average of 1+ posts per week since its inception 5 years ago, I cut way back after leaving IBM in 2013 to give myself more time to focus on consulting. And now there's a new development to report.

4 month ago I shuttered my security strategy business and began my first day on the job at Idaho National Laboratory (INL). It's one of the Department of Energy's national labs, and it's the one most squarely positioned at the intersection of energy infrastructure and national security. Let's call that energy security.

My INL title: Senior Cyber & Energy Security Strategist - may sound a little pretentious, but it pretty accurately captures what I was hired to do. If you visit the lab's home page or the INL Twitter feed it seems like nuclear energy research and related nuclear work are its dominant activities. But while nuclear energy research and fuels fabrication were its origin in the 1940's and its historic mission, with the help of its massive and remote test range that includes grid-scale transmission, distribution and communications assets, the lab I just joined does a ton of research and applied work on power and industrial control systems, Smart Grid and wireless communications, cyber and physical security and resilience, renewables, microgrids, energy storage and more.

Nuclear energy R&D, and full nuclear fuel lifecycle work (including non proliferation) will always be a significant part of that nation's requirements, and the INL mission, but nuclear energy is arguably the most reliable portion of our non fossil fuel baseload, but INL is quietly becoming something much more - and more important - than its nuclear legacy might suggest.

Without going into too much detail, the lab's customers now include not just DOE's nuclear energy organizations, but also DOE's renewables, resilience and cyber-physical security components too. DHS has become a major customer, as the lab hosts the ICS-CERT cyber security overwatch function for the US grid and other critical infrastructures, and performs other leading edge cyber and physical security roles as well. DoD is a very large customer too, for energy, security and communications test functions, rounded out by direct work with utilities and energy and telecom technology suppliers.

In short, INL in 2014 is not the lab many people think it is. While it's yet to update its image online, a visit to Idaho Falls quickly confirms that this is one of the nation's preeminent Energy Security lab resources. Nuclear energy is and likely always will be a key element, but without making much noise about it, INL has become so much more, and I'm very very lucky to be a part of it.

------------------------------

Postscript to the Postscript post: Though my blogs are in suspended animation, I continue to speak in public, and albeit more frequently and tersely, on Twitter @andybochman. As the Twitter profile reveals, I continue to work out of my home office in Boston while hitting the road most often for DC, and of course, now, Idaho.

Joe Weiss on a New (or Newly Discovered) Risk to Substations

Control Systems security guru Joe Weiss recently wrote up his observations of a problem reported at a nuclear power facility wherein a transformer load tap charger (LTC) malfunctioned, wasn't detected in a timely manner, and could have caused trouble.

LTCs are used in ALL (Joe's emphasis) substation transformers and are designed to be remotely accessible.  But his bigger point, as he wrote me separately is that:

This incident can affect EVERY (again) electric substation - I found it because it affected a nuclear plant and an unusual event notice was issued - and [note] the word "cyber" was never used.

Key words here: "remotely accessible." Not something you want to see too often in an incident at or near a nuclear plant. You can read his full post at the URL for his Control Global blog provided below.

Also, Joe was recently quoted in an MIT Tech Review article on an attack on a water plant honey pot. You'll find a URL for that piece piece below as well.

------------------------

URLs

Control Global

http://community.controlglobal.com/content/system-still-broken-failure-cyber-sensitive-substation-device-affecting-nuclear-plant

MIT Tech Review

http://www.technologyreview.com/news/517786/chinese-hacking-team-caught-taking-over-decoy-water-plant/

Sanity Check: Nuclear Cyber Security Should be the Best, Right?

A few recent missile launchings notwithstanding, you may recall a little over a month ago things were hot and heavy in the North vs. South Korea showdown. On April 15th Japan Times published this account: South Korea Bolsters Security of Nuclear Plant Network, which opened thusly:

SEOUL – The state-run operator of South Korea’s nuclear power plants has separated its internal computer network from the Internet in an effort to guard against possible North Korean cyber attacks, Yonhap News Agency reported Sunday.

and continued:

It said Korea Hydro & Nuclear Power Co. has also completely divided its nuclear plant control systems from its internal computer networks and restricted both systems’ access to the Internet, while USB ports of the plant control systems have also been sealed.