|Issue #149 • September/October, 2014|
Most of the electric substations, transmission lines, and electrical switchgear for any given utility are located in remote parts of the country.
It’s hard to know what to believe anymore. Some news outlets just repeat whatever their political handlers tell them, while others only print the stories they want you to hear. Many quote results of endless polls based on their biased questions, while federal agencies hide their real agendas and publish glowing reports concerning what a great job they are doing.
For example, did you know that last April 2013, 17 large PG&E transformers located inside a high-security fence were destroyed by a sniper team near San Jose, California? Just before the shooting started, they cut a fiber optic communications cable running near the facility which caused a total area-wide communications blackout. Although more than 100 shell casings were left behind, there were no fingerprints found and the multiple security cameras did not record anyone shooting — the snipers were well aware of the camera locations even in the dark. When this terrorist attack finally came to light almost a year later, it was called “old news” and chalked up to local vandalism, not terrorism. So just how safe is our electric grid?
First, there is no single electrical grid. The electric grid in the United States consists of hundreds of separate generating facilities and thousands of transmission lines owned and maintained by many different companies. Most existing power plants were built near reliable fuel supplies. Bodies of water that could be dammed determined where hydro-electric plants were built. Large rivers that could accommodate coal-barge traffic and provide a source of cooling water were ideal locations for coal-fired power plants. Nuclear power plants require lots of water for cooling and are also usually located near large bodies of fresh water. Gas turbine generator plants are usually located near major gas transmission pipelines.
Construction of any power plant attracts power-hungry industries to any area within reach of the new power transmission lines. Electric co-ops are then formed to extend this electrical power to the more rural areas of the country to serve homes, farms, and small businesses.
Over the years, the need to increase system capacity and improve reliability resulted in other types of generating facilities being added to existing grid networks to help balance out major swings in the hourly and seasonal electrical demand.
Although smaller gas-turbine generator facilities have a higher cost per kWh than the larger coal-fired plants, these turbine generators can be up and running in minutes to satisfy an unexpected peak load on the grid, while a coal-fired plant may take more than 24 hours to bring from idle to full production. Most of the independent electric grids today include a mix of generator plant types to help balance power production with power demand using the most economical mix of generating capacity.
In Bath County, Virginia, there is an artificial lake on the top of a mountain which has large pipes leading down to a lower storage basin and generator facility. This system can be operational in minutes by opening large valves and allowing up to 13.5 million gallons of water per minute to drop over 1,200 feet down to the lower water turbines which drive six separate 500 megawatt generators. Although this facility can provide an almost instant response to sudden peaks in power demand to six separate regional power companies, it can only produce this power for a limited time before the upper lake is drained into the lower storage basin. Later, when the power demand on the grid falls back to much lower levels, grid operators reverse the operation to pump the same water back to the upper lake where it will be ready for the next power surge.
Independent electric grid operators throughout the country have no control over what each of us plug in or turn on in our homes and businesses, so the power demand on the grid is constantly changing. Sometimes these changes are very rapid but expected, such as each weekday morning’s peak demand around 7:00 a.m. when offices, schools, and businesses start turning on lights and HVAC systems to prepare for another day. Seasonal spikes in the power demand are also anticipated when the weather forecasts indicate the next day will be extremely hot or cold. These advance warnings allow power plant operators time to bring additional capacity online just before it will be needed. There are also times when grid operators are caught totally off guard by a failed transformer or downed power line, which requires rerouting their generator output through other transmission equipment which bypass the trouble area.
As you might expect, all this switching of electric flows between generator facilities and transmission lines can be done without some power company employee getting in his truck and driving several hundred miles to manually switch a circuit breaker in some remote equipment shed.
Today everything is remotely controlled from central command centers utilizing computer controls and graphic system displays showing every part of their distribution system. The constant changes in voltage and current flows in each section of their grid can occur faster than a human operator can respond and correct, so most of the day-to-day system load-balancing is now totally under the control of sophisticated, automated computer programs, with human operators there to monitor normal system performance and respond to emergencies.
Since most of the electric substations, transmission lines, and electrical switchgear for any given utility may be located in remote parts of the country and are hundreds of miles apart, the central command center must rely on cellular, satellite, and Internet communication networks to link all these individual control systems together. Like two freight trains heading towards each other at full speed on the same track, if the full output of multiple power plants are routed into the same transmission equipment at the same time, or there is a major mismatch between the power being generated and the power being consumed, then serious equipment damage can occur.
Of course, these command centers have backup systems, and backups to these backups, but everything is still dependent on communication systems to carry the control commands to their remotely-located equipment. But what if these communication links are not broken, but overridden? What if system monitors display totally false information to the operators due to some software virus or hacker taking control? What if the central computer controls that remotely operate these large circuit breakers and transfer switches receive false control commands that did not come from the central control center?
Along these lines, consider that we now know the “Stuxnet” computer virus was designed to specifically target the specialized controls for Iran’s thousands of uranium enrichment centrifuges. This virus found its way through the Internet and into Iran’s local computer systems to finally reach the centrifuges, causing them to self-destruct due to erratic override of their speed control which was not detected until after the damage was done. The intelligence agencies of both the United States and Israel were implemental in creating this very specific virus which did not affect any computer systems outside Iran.
While everyone seems to be concerned about the damage caused by shooting up high-voltage transformers, my concern is the much more extensive damage that could be caused by some hacker sitting at a laptop thousands of miles away. At a time when our nation needs more and more electrical power, we have never been more dependent on the electric grid to work flawlessly. A power interruption in Silicon Valley lasting only a few seconds can destroy millions of dollars’ worth of microchips passing through highly-automated and sterile assembly lines.
Since most of today’s offices, schools, and hospitals are no longer built with windows you can open, a power outage will require evacuation due to the shutdown of all cooling and fresh air ventilation, not to mention loss of all lighting. Having to close all facilities that do not have generator backup causes billions of dollars in lost productivity and interrupted public services each year.
Although you may live or work in a rural area of the country, a power outage can still mean the loss of hundreds of dollars’ worth of frozen food in your freezer, the inability to pump water, and the inability to purchase fuel at the local gas station. Today’s highly-computerized world depends on a reliable and smooth flow of electrical power. Unfortunately, the fairly good past record of the U.S. electric grid may not be an indicator of its future reliability when facing these new problems.
At a time when the grid is at a higher risk from sabotage of high-voltage transformers and computer hacking of its control systems, we need to also recognize that a large percentage of these transmission lines, transformers, and sub-stations were built in the 1970s and are way past their design life. Many of these systems are located in areas only accessible by helicopter and will be extremely expensive to protect or upgrade. The failure of aging equipment is sure to contribute to more power outages in the future, and these will most likely take longer to bring back online as more geographic areas are being served by fewer and fewer generating plants.
As if the electrical utility industry does not have enough to worry about (aging infrastructure, damaging storms, hackers, and terrorist threats), it seems Washington is also anxious to add more to their worries. For example, the Environmental Protection Agency (EPA) just announced they are drastically lowering the discharge limits on carbon dioxide from coal-fired plants which has now been reclassified as a pollutant. Keep in mind this is the same “pollutant” we all exhale with every breath, and what every plant and tree must have in the atmosphere to live, which they convert back into oxygen.
In 2008, Obama said, “If somebody wants to build a coal-fired power plant they can, it’s just that it will bankrupt them because they’re going to be charged a huge sum for all that greenhouse gas that’s being emitted.” The Obama Administration’s heavy burden of new environmental regulations has already forced the closing of 175 coal-fired power plants since taking office. These plant closures will almost guarantee higher electric rates for everyone, while there has been no real proof these actions will have any effect on the environment.
To put the impact of these plant closings into a better perspective — the recent winter of 2013 was one of the coldest in years and, at times, almost all of the country was experiencing freezing temperatures for days. During this cold spell, almost 90% of the coal-fired plants which are now scheduled to be dismantled (since they cannot meet these stricter EPA regulations) were needed to operate at full capacity to assist the newer power plants to meet the huge power demand.
What happens when we face another unseasonably cold winter or hot summer after all these coal-fired plants have been scrapped, and how much will the new regulations raise your monthly electric bill? It can take up to 10 years to complete the engineering design, environmental impact studies, legal permits, and actual construction of a major new coal-fired power plant, and still there is always the uncertainty that it may not meet additional EPA regulations that could be enacted before it has even been completed. Due to this uncertainty and the extremely high costs involved, many electric utilities have decided to wait for more favorable economic conditions and more reasonable “pollution” regulations.
Once power demand exceeds the maximum output of any electric grid, the only way operators can protect the integrity of their system is to implement rolling blackouts or equipment-damaging brownouts if additional capacity cannot be transferred from other grid operators. Ask California businesses what happens when energy consumption exceeds the generating capacity in their state, as they have recently faced repeated power outages.
In May 2013, a congressional study titled, “Electric Grid Vulnerability” was released. It highlighted some of these concerns and noted that some electric utilities are receiving up to 10,000 cyber attacks per month. Some grid command centers reported continuous attempts to remotely probe their computer systems, most likely by hackers searching for vulnerabilities. The report also noted that less than one-third of all electric utilities currently own any spare high-voltage transformers, even though these high-voltage transformers require months to manufacture and ship. Many of these large transformers are no longer manufactured in the United States, and foreign manufacturers report having up to a year of backlogged orders.
SCADA-controlled electrical switchgear
National security concerns
All of the 200,000 miles of power lines and more than one million megawatts of power generating capacity in the United States are privately or corporately owned. This means 99% of the power to operate all of our U.S. military bases and government installations is totally dependent on the reliability of this collection of independent power producers working together. While some critical military installations do have generator backup, on-site fuel storage is typically limited to only a few days and resupply lines could be interrupted by storms or terrorist attacks.
The North American Electric Reliability Corporation (NERC) issues mandatory regulations that all electric utilities must follow. In addition, the NERC has issued recent voluntary regulations suggesting the need for increased cyber security. A recent NERC status report noted most of these utilities have not implemented any of these voluntary security upgrades. In addition, only a small percentage of these utilities have made any system improvements to reduce the risk of transformer and control damage that could be caused by a solar storm or electromagnetic pulse (EMP) attack which would take months to recover.
Earlier this year, the Wall Street Journal published an article summarizing a Senate hearing on the vulnerability of the electric grid. This study reviewed how a coordinated attack on only nine of the most critical sub-stations in the U.S. would cause a nation-wide blackout lasting up to 18 months. The hearing participants were strongly chastised for allowing this type of information to be made public.
So what is SCADA?
Before the advent of micro-electronics and low-cost computer systems, almost all industrial processes, heating and cooling systems, and the operation of large electric switchgear were controlled by pneumatic control devices. These systems were almost indestructible, easy to repair, but did require occasional recalibration. While fairly simple to maintain, this type of system control had limited ability to interact with other control systems, or provide complex control strategies involving multiple sensors and controlled devices.
During the 1980s, many of these pneumatic control systems were replaced with direct digital controls (DDC). These electronic control systems could now be programmed using software instead of pneumatic tubes to carry out complex control interactions of multiple system inputs and outputs. Unfortunately, all of these early DDC control systems utilized proprietary software requiring special training classes for operators. In addition, the control devices installed by different manufacturers would only work with their software and communication signals. It was not uncommon for multiple control systems to be installed in the same building by different suppliers with each only controlling part of the facility, while builder operators had to train to use totally different systems. These older pneumatic control systems and their replacement DDC systems may have had their limitations, but they did not need the Internet or phone systems to function, so they were totally immune to outside computer hacking.
Demand of the marketplace forced manufacturers of industrial control devices to finally create a standard and non-proprietary program language that could be used to send commands and receive feedback from any control device made by any supplier. They called this new standard “Supervisory Control and Data Acquisition” (SCADA) and this has become the most popular programming language used for almost every industrial control device in this country.
Whether controlling the operation of a large discharge valve on a chemical tank or switching millions of amps of electrical power from one transformer to another, off-the-shelf SCADA devices from any manufacturer can now be easily interconnected and “speak” the same language, which does not require access codes to transfer control data. As Internet, cell phone, and satellite communications took off in the 1990s, these wireless communication systems allowed SCADA control equipment in one plant or distribution center to communicate with SCADA control equipment in other locations. For comparison of how easy hardware can be controlled remotely, almost anyone using their cell phone can now control almost anything without learning any computer programming. Building supply outlets sell wall thermostats, door locks, security cameras, and lighting controls that can be remotely operated from any cell phone or laptop computer using the Internet. Most of these control devices do not require entering any passwords to access.
While this conversion to Internet-based communications has also simplified the interconnectivity of all these separate control systems, it is becoming clear that this standardization of SCADA-based control devices offers almost no security protection. SCADA system designers never dreamed of a world where a 12-year-old kid in a foreign country could hack into almost any Internet-connected computer system using a cheap laptop computer. Their goal was to create an open communication protocol to be used by all control devices to communicate with each other regardless of the manufacturer.
After most of these computerized control systems were connected into wireless or Internet communication networks, it didn’t take long for the military and spy agencies in other countries to recognize that it is far easier to hack into the computers of their adversaries than to carry out a physical attack to achieve the same equipment damage. Today’s hackers are no longer just targeting our major computer networks to steal credit cards and classified information. Sophisticated hackers are constantly trying to penetrate the computer networks controlling all of our country’s infrastructure to search for weak links, steal passwords for future use, and map out which computer systems are controlling what equipment.
It is not unreasonable to conclude that these hackers are just waiting for the command to trigger simultaneous disruptions to our communication systems, and take down all utilities including electricity, water, sewer, and gas. The electric utility industry has not faced the same public pressure to make security improvements that most retail chains had to deal with, when inundated with thousands of calls from irate customers after losing millions of credit card numbers.
No doubt this lack of priority for making security and reliability improvements will continue until some hacker finally takes down a large section of our power grid. Of course, it is also possible that if somebody actually does, the general public will be told the power outage was caused by some squirrel biting into a wire in Canada — nothing to see here, move along.
Utility experts claim this type of cascading grid failure could never happen since the utility grid is not a single entity, but a collection of hundreds of totally separate power plants and power lines, each having their own command centers. While I must defer to their extensive experience related to utility grid operation, I fear they vastly underestimate the sophistication of today’s state-sponsored hackers who may have already penetrated their individual utility control systems without detection, and are just waiting for the command to take all of the systems down at one time.
Desktop computers that monitor SCADA-controlled industrial systems are also used by the same operator to regularly access e-mail accounts and “surf” the net. This connection to the outside world makes hacking into the unencrypted SCADA systems on the same local area networks extremely easy. It was recently acknowledged that SCADA programming manuals were found during raids at multiple Al-Qaeda training facilities.
In addition to being used to control our electric grid, SCADA devices are now used to adjust the flow and pressure in thousands of miles of natural gas and oil pipelines, remotely open and close gates on large flood-control dams, adjust pressures in oil and gas pumping stations, and control almost all of the processing equipment and valves in oil refineries and assembly lines. It appears we may have more to worry about than just losing our electric grid!
Whether the next power outage in your town is caused by a major storm, transformer sabotage, computer hacking, aging transmission lines, sun spots, operator error, or an EMP weapon, the result will still be the same — you will be without power for an extended period of time. Many of today’s power outages are impacting much larger areas of the country than in the past, and can take weeks to restore power to everyone.
There has never been a more urgent need for each of us to reevaluate our emergency power requirements, and realize that generators have a limited supply of fuel and should not be the only source of backup power. There are readily available solar-powered lights, radios, and communication equipment. There are also low-tech emergency backup devices including hand-operated well pumps, kerosene lanterns, water filters, clotheslines, coffee percolators, candles, and woodstoves, which do not need electricity and can operate indefinitely without the utility grid. With additional investment, there are dedicated solar systems sized to power refrigerators, freezers, and even well pumps, in addition to some critical lighting.
I hope you will take this as a wake-up call and add solar power to your emergency plans. Over the past few years, Backwoods Home Magazine has offered a do-it-yourself solar project in almost every issue. Please check these back issues for additional guidance.
[weaver_widget_area id=’articles_about_yago’ class=’text3′]