Few would argue with the belief that we need to revitalize our nation's power infrastructure, but numerous challenges complicate the deployment of smart grids.
Is the Smart Grid a Dumb Idea? - Security and Privacy
Security and Privacy
While distributed computing may have brought us the Internet, it also ushered in a new age of security and privacy headaches. The same will hold true for the smart grid—only worse.
“Security is a huge issue with the smart grid; it’s on such a scale that it makes security within IT look simple,” says Ralph Martinez, chief scientist at BAE Systems, a defense, security and aerospace contractor.
Certainly the stakes are higher. Last April, The Wall Street Journal reported that spies from China, Russia and other countries had penetrated the U.S. electrical grid, leaving behind software that could be used to disrupt the system. “The Chinese have attempted to map our infrastructure, such as the electrical grid,” a senior intelligence official told The Journal. “So have the Russians.”
Scaremongering? There’s precedent to think not. According to the Government Accountability Office, in 2002, 70 percent of energy and power companies experienced some kind of severe cyber-attack to their computing or energy management systems. (Read “A Systems View of the Modern Grid,” a report published in 2007 by the National Energy Technology Laboratory for the U.S. Department of Energy.)
The big question then is, “What level of cyber-security is needed for various types of smart grid technologies, especially AMI?” asks consultant Silverstein. “To what degree is extending the two-way communications perimeter extending the grid’s vulnerability to attack?”
IT pros know that answer firsthand: substantially. At the 2009 BlackHat conference, Mike Davis, a senior security consultant at IOActive, a Seattle-based research company, demonstrated a proof-of-concept attack in which a malware was designed to propagate from meter to meter, enabling attackers to remotely shut down meters.
Assuming the same meters at each home, within one day, the malware could infect 15,000 residences. Such an attack could open the way to service disruptions and extortion attempts against the service providers.
Implicit in the concern over the security of the meters is also how the information gathered from them will be used. Smart meters gather detailed time-of-use information on customers. This concern will only grow as smart devices enter the home, providing detailed insight into the home’s power usage.
Confidentiality and privacy are critical—and not just when there are security breaches. IT vendors, such as Google and IBM, are creating applications for managing and using data from smart meters. With Google PowerMeter, for example, users can add a Home Energy gadget to their iGoogle home page and receive historical data and forecasts for energy spending.
The Big Brotherish implications are apparent. To its credit, Google says that with PowerMeter, “No personally identifying information will be shared between Google and the user’s utility.” Clearly, though, standards and consistent privacy practices need to be enacted if consumers are to be protected.
Perhaps the greatest risk that privacy and other technology challenges pose to the development of smart grids isn’t the actual loss of information. It’s the risk that utilities will continue to be overly cautious, reverting to their age-old practices of closed, secured systems.
At the Smart Grid Summit in September, the question turned to open or closed AMI interfaces. Fears about the security and privacy concerns surrounding AMI led EnerNex’s Gunther to say that he would not recommend having an open AMI interface.
To which SIP pundit Shockey retorted, “If the DoD [Department of Defense] can use open standards, then why not with the AMI?”
Shockey isn’t alone. In a recent editorial, Bob Metcalf, the inventor of Ethernet, urged consumers to petition the Federal Communications Commission to get involved in creating an open smart grid.
The shift toward a truly open and effective smart grid will hinge on people listening to experts like Shockey and Metcalf. If we, the consumers and businesses, are going to foot the bill for this new Internet revolution, then we might as well reap the full benefits of that investment.
Smarter Grid no solution to the problemPosted on: 01-04-10 | By: ZotGreen technology (solar & wind) are figments of the imagination of people who don't know anything about technology. Power from windmills actually screws up the grid (as they are finding out in Europe) and the sun is an unreliable grid source since it doesn't produce grid compatible (i.e. Base Load power) and requires storage and conversion. Further, if you treat all the alternate energy sources like a battery the energy output will never equal the cost of producing the hardware. Take away the subsidies and they would disappear. Same with bio-fuels - dumb idea to convert food to fuel when people are starving and we are sitting on 1,000 years of coal, gas and oil.
The Smart Grid isn't a bad idea but the reasons outlined in the article for the smart grid are flawed. Wheeling power long distances is very inefficient. You can't beat the laws of electricity and the losses are a fact of life. Relying on the grid to move lots of power long distances make it a failure point. That is a bad system design as it will eventually fail knocking out much more than it needs to.
There is a better answer but the techno-illiterate politicians are keeping it from happening. The answer is nuclear plants closer to the users so the grid isn't doing all the work. Nuclear energy is clean (green), safe (despite what the media says) and the next generation of small pebble bed reactors can't run away, don't represent a bomb making source of plutonium and can be ganged to run larger towns. Nuclear fuel is recyclable so there is almost no waste. Thorium is he next nuclear fuel to watch. Unfortunately, the current administration doesn't appear to want the US to be energy independent with abundant, cheap energy to run our factories, data centers, homes & cars.
Smart Grid,Risk Leverage, and GrowthPosted on: 12-31-09 | By: AnonymousIf the motivation of Smart Grid were overtly stated to be,
"To create the opportunity for private enterprise to invade your privacy, profit from your power needs, and by extension exert more government control over your daily life," would you be in a hurry to agree?
Probably not.
If the goal was stated "To modernize the generation and distribution of power, including alternative energy, to provide greater energy security against interruption and crashes, and to the further effect that Consumers have more choices about how and when to pay for their power needs, and manage their energy usage, and power generation companies, and distributors, have more ability to choose sources and methods of managing energy on behalf of consumers."
More believable and desirable?
How about if both are saying the same thing?
The logic of using technology to evolve the distribution,control and security of energy is inescapable.
The potential for harm to consumers and businesses without realistic security of the system is also apparent. The more you systemically allow for centralization of procedures and controls, the greater the leverage of risk factors; unwanted interference by "hacking" the system by those who want to disrupt, like terrorists; those who want to profit through blackmail threats of interruption, and those whose management of the system could be construed as a threat through profiteering.
Any further discussion of Smart Grid has to include how energy producers and distributors will insure complete security of their operations and consumer and business privacy.
It will do no good to improve efficiency of operations if the risk increases disproportionately to the reward.
The intent is control and profitPosted on: 12-22-09 | By: AnonymousThe "smart grid" is in the end a way to charge more for electricity based on time of use and what is available on the grid. "Customers will become savvier in how they use electricity by gaining real-time insight into their energy costs." In other words, use less or you will pay more. Those who cannot shift demand into lower cost times (base loads such as refrigerators and medical equipment) will pay more. Right now we cross-subsidize within the pool of electricity users; residentials pay more than industry, densely populated areas help pay for facilities in rural areas. It works. The "smart grid" will make sure that utilities increase their profit.
PutzPosted on: 12-13-09 | By: TJ"Privacy concerns are for nonthinkers," You're a mole.
To: Dave GreenfieldPosted on: 11-13-09 | By: Bob P CEOA well written article but typically the same old references coupled with perhaps a ten year plan + but no security solution immediately or whenever. I too am a security expert but we at least are delivering solutions today as well as yesterday. As an experienced professional like yourself knows that the Goliaths know M&A's but no security solutions.If your interested in a story of success, as America deserves better, please contact me directly: continuump@gmail.com. Here is an advanced copy of our PR- Contact: Ted Faraone 212-489-1313 (ted.faraone@verizon.net)
FOR IMMEDIATE RELEASE
WORLD’S ONLY SECURE CYBER PROTECTION AGAINST HACKERS LAUNCHED COMMERCIALLY – CONTINUUM PARTNERS DEBUTS SNI
NEW YORK – In a development with major implications for the security of nations and businesses dependent on computer networks to function, the world’s only trusted commercial system for protecting networks from cyber assaults is being made available to new clients.
Secured Network Infrastructure (SNI), the only network protection that uses a hardware gate in addition to our Open OS to intercept hackers and keep a protected network up and running during a cyber attack, SNI will become available in quantity for the first time according to Continuum Partners LLC. As a “Standards” based enhanced network security protection system, SNI has been proven effective both scientifically and in the field.
SNI is a patented plug and play system compatible with all networks currently in use. It complies to the standards for “Trusted” systems as defined by the “Common Criteria Recognition Agreement” an international protocol. The National Security Agency (NSA) recognizes and supports Common Criteria.
SNI was developed following the 9 -11 attacks. “I worked as a volunteer at Ground Zero,” says Continuum Partners CEO Robert S. (Bob) Pollock. “I saw the destruction, and I realized that America is far more vulnerable to cyber attack than it is to another kamikaze attack from the air.” Pollock, a long time New York businessman and IT technology consultant, re-structured Continuum Partners to that of a developer/manufacturer and bring to market this remarkable invention of his Partner, Pierre Bergeron.
“Until Pierre created SNI, every network, no matter how critical, was vulnerable to cyber attack,” says Pollock. “All previous security systems used only software. Software alone as every security expert in the trade knows can be breached. Our solution is to augment the software firewall with a physical barrier called the SNI Matrix Unit. It’s a hardware device placed between the Internet and the network one needs to protect. The Matrix Unit, using proprietary autonomic software that is compatible with all computer systems, detects an intrusion attempt at the point of entry to the protected network. Then, in less than a millionth of a second, it dumps the hacker into a mirror of protected network, giving time for the hacker to be traced while preventing the protected network from going down. We estimate that this will cut network down time by up to 95% as well as protect sensitive data from theft or compromise.”
The need for protection offered by SNI cannot be overstated. Since 2007, China breached with the help of university computers a large US national security defense contractor over a long period of time. Hackers shut down Los Angeles International Airport, stole credit and debit card data of 130 million customers of Heartland Payment Systems, and Hannaford Brothers Co., a supermarket chain, and 7-11, etc.
Express Scripts has to date 700,000 records held for ransom. In October 2009 an ex-Ford Motor Company engineer was indicted for stealing more than 4,000 documents containing automotive trade secrets from a protected Ford computer. The US General Accounting Office reported recently that NASA (The National Aeronautics and Space Administration) was successfully hacked 1,120 times over the past two years. The government systems of Estonia were brought down by a massive hacker attack. In 2008, Panama’s Electrical Grid was held for ransom and brought down by a breach for four days. And in April 2009 a report surfaced in The Wall Street Journal that the electrical grid of the United States had been infiltrated by cyber-spies who left behind software that could shut it down. Such “cyber-warfare” could give an enemy an advantage in a future conflict that no fifth-column has ever been able to achieve.
“The security of the civilized world is at stake,” Pollock said. “If you can shut down the US electrical grid, you can put the country out of business. Our mission is to keep the critical networks of the US and its allies up and running.”
SNI has been sold to select customers, who have used it with great success. They include the US Navy and Air Force, Canada’s Department of Public Safety (DHS), Passaic County (NJ) Data Centers, L-3, the New York Board of Trade and Allied Irish Bank. The customer base reports “tech support” cost savings from 60 to 80 percent as well as increased network “up” time.
For its commercial roll-out, Continuum will launch a licensing program for major manufacturers in North America who are in good standing with the governments of the US and Canada. “We are offering the only commercially priced system to prevent network breaches. We can deliver it now,” Pollock says.
In the near term, Continuum will also be releasing it’s new “Real Time Administrator” which sits over all the popular network management systems (IBM’s Webshere, HP Oven View, etc) Additionally, there universal interface for Systems Controls (i.e., Johnson Controls, Trane, etc.) and any other physical security nets, etc.
The company is turning its attention to burgeoning military and civilian wireless networks, including emergency services which use new software-based narrow band radios. The company has developed and patented a line of “High-Assurance End Point” wired and wireless products to protect these new networks from attack. These same devices will be also used for End Point devices in the IT & SCADA networks.
We can't possibly scale up our manufacturing capability fast enough to harden up North America's alone. Therefore, we will soon be announcing a Licensing Program for all North American OEM's initially, provided that is in good standing with the Canadian and US Governments. Early next year we will expand this program to the countries that implement the Common Criteria Standards. Contact: Ted Faraone 212-489-1313 (ted.faraone@verizon.net)
FOR IMMEDIATE RELEASE
WORLD’S ONLY SECURE CYBER PROTECTION AGAINST HACKERS LAUNCHED COMMERCIALLY – CONTINUUM PARTNERS DEBUTS SNI
NEW YORK – In a development with major implications for the security of nations and businesses dependent on computer networks to function, the world’s only trusted commercial system for protecting networks from cyber assaults is being made available to new clients.
Secured Network Infrastructure (SNI), the only network protection that uses a hardware gate in addition to our Open OS to intercept hackers and keep a protected network up and running during a cyber attack, SNI will become available in quantity for the first time according to Continuum Partners LLC. As a “Standards” based enhanced network security protection system, SNI has been proven effective both scientifically and in the field.
SNI is a patented plug and play system compatible with all networks currently in use. It complies to the standards for “Trusted” systems as defined by the “Common Criteria Recognition Agreement” an international protocol. The National Security Agency (NSA) recognizes and supports Common Criteria.
SNI was developed following the 9 -11 attacks. “I worked as a volunteer at Ground Zero,” says Continuum Partners CEO Robert S. (Bob) Pollock. “I saw the destruction, and I realized that America is far more vulnerable to cyber attack than it is to another kamikaze attack from the air.” Pollock, a long time New York businessman and IT technology consultant, re-structured Continuum Partners to that of a developer/manufacturer and bring to market this remarkable invention of his Partner, Pierre Bergeron.
“Until Pierre created SNI, every network, no matter how critical, was vulnerable to cyber attack,” says Pollock. “All previous security systems used only software. Software alone as every security expert in the trade knows can be breached. Our solution is to augment the software firewall with a physical barrier called the SNI Matrix Unit. It’s a hardware device placed between the Internet and the network one needs to protect. The Matrix Unit, using proprietary autonomic software that is compatible with all computer systems, detects an intrusion attempt at the point of entry to the protected network. Then, in less than a millionth of a second, it dumps the hacker into a mirror of protected network, giving time for the hacker to be traced while preventing the protected network from going down. We estimate that this will cut network down time by up to 95% as well as protect sensitive data from theft or compromise.”
The need for protection offered by SNI cannot be overstated. Since 2007, China breached with the help of university computers a large US national security defense contractor over a long period of time. Hackers shut down Los Angeles International Airport, stole credit and debit card data of 130 million customers of Heartland Payment Systems, and Hannaford Brothers Co., a supermarket chain, and 7-11, etc.
Express Scripts has to date 700,000 records held for ransom. In October 2009 an ex-Ford Motor Company engineer was indicted for stealing more than 4,000 documents containing automotive trade secrets from a protected Ford computer. The US General Accounting Office reported recently that NASA (The National Aeronautics and Space Administration) was successfully hacked 1,120 times over the past two years. The government systems of Estonia were brought down by a massive hacker attack. In 2008, Panama’s Electrical Grid was held for ransom and brought down by a breach for four days. And in April 2009 a report surfaced in The Wall Street Journal that the electrical grid of the United States had been infiltrated by cyber-spies who left behind software that could shut it down. Such “cyber-warfare” could give an enemy an advantage in a future conflict that no fifth-column has ever been able to achieve.
“The security of the civilized world is at stake,” Pollock said. “If you can shut down the US electrical grid, you can put the country out of business. Our mission is to keep the critical networks of the US and its allies up and running.”
SNI has been sold to select customers, who have used it with great success. They include the US Navy and Air Force, Canada’s Department of Public Safety (DHS), Passaic County (NJ) Data Centers, L-3, the New York Board of Trade and Allied Irish Bank. The customer base reports “tech support” cost savings from 60 to 80 percent as well as increased network “up” time.
For its commercial roll-out, Continuum will launch a licensing program for major manufacturers in North America who are in good standing with the governments of the US and Canada. “We are offering the only commercially priced system to prevent network breaches. We can deliver it now,” Pollock says.
In the near term, Continuum will also be releasing it’s new “Real Time Administrator” which sits over all the popular network management systems (IBM’s Webshere, HP Oven View, etc) Additionally, there universal interface for Systems Controls (i.e., Johnson Controls, Trane, etc.) and any other physical security nets, etc.
The company is turning its attention to burgeoning military and civilian wireless networks, including emergency services which use new software-based narrow band radios. The company has developed and patented a line of “High-Assurance End Point” wired and wireless products to protect these new networks from attack. These same devices will be also used for End Point devices in the IT & SCADA networks.
We can't possibly scale up our manufacturing capability fast enough to harden up North America's alone. Therefore, we will soon be announcing a Licensing Program for all North American OEM's initially, provided that is in good standing with the Canadian and US Governments. Early next year we will expand this program to the countries that implement the Common Criteria Standards.
EfficienciesPosted on: 11-05-09 | By: Steve KirchnerThe benefit to reshaping our power grid would be focused on the points you described; however, with less than 50% of the power getting to the end user there is definitely a tremendous upside to efficiencies. Provided the result of reshaping our power grid includes efficiencies the program ROI would be relatively short.
