If vandals can do so much harm, what can determined terrorists accomplish
Ever since The Wall Street Journal published an article on the threat that a few vandals with assault rifles inflicted on a critical substation, there has been heightened concern about grid security. The 18 Feb 2014 article titled Assault on California power station raises alarm on potential for terrorism by Rebecca Smith described a scary incident involving a critical Pacific Gas & Electric Company (PG&E) substation in Metcalf, South of San Jose, CA that serves the Silicon Valley.
Is the North American grid vulnerable?
Source: Securing the US electric grid, Center for the Study of the Presidency and Congress (CSPC), July 2014
In April 2013, a number of assailants, not apprehended to date, fired over 100 shots at giant transformers from outside the unattended facility’s perimeter fence allowing the cooling oil to leak. PG&E was able to avoid serious interruptions to Silicon Valley by diverting power around the critical substation. It took roughly a month to repair the damage.
In the controversial article, Jon Wellinghoff, the former chairman of the Federal Energy Regulatory Commission (FERC) suspected an act of terrorism, a claim disputed by the Federal Bureau of Investigations (FBI), who assumed vandalism. Regardless of how the incident is categorized, the attack showed just how vulnerable the grid really is.
If a critical component of the grid, such as the Metcalf substation can be so easily molested by a few vandals with assault rifles, what could determined terrorists with better equipment accomplish? It is estimated that knocking off as few as 10 critical components of the grid simultaneously could bring the entire network down – one can argue about the numbers but you get the gist of it.
Mr. Wellinghoff was criticized by some within FERC and the industry for saying more than was necessary given the sensitivity of the subject. The more that is revealed about an incident such as this, the more likely it is that copycats try similar tactics elsewhere. In late August, PG&E reported another incident, not as serious as the first, at the exact same substation.
When it comes to grid security and cyber-security, those who know a lot generally say little and those who say a lot generally know little. Mr. Wellinghoff clearly belongs to the former category. He learned about the incident while he was still at FERC, and chose to publicize the incident after he had left FERC to the WSJ.
Future grid more secure
Source: Securing the US electric grid, Center for the Study of the Presidency and Congress (CSPC), July 2014
What is especially scary is that many critical grid components, including major transformers, are custom-made with virtually no replacement inventory or spare parts. It may take couple of years, if not more, to build replacements and months more to move the bulky pieces into place. Replacements cannot be found on Amazon or eBay for next day delivery. Moreover, there are only a limited number of manufacturers for some of the key components.
Since the incident, a number of task forces have been established to identify which grid components are most vulnerable and what may be the best way to provide additional protection. FERC has been contemplating additional mandatory requirements if it is deemed that the industry will not deliver on its own.
Grid security alphabet
Source: Securing the US electric grid, CSPC, July 2014
A wordy report published by Center for the Study of the Presidency and Congress (CSPC) examined the vulnerability of the North American grid, suggesting that there is plenty of room for improvements. Not only is the grid vulnerable to extreme weather, as was experienced during super-storm Sandy, but now we must worry about vandals and terrorists poking holes at transformers and critical grid infrastructure.
Extreme weather more common than previously believed
Source: Securing the US electric grid, CSPC, July 2014
The 180 page long report not only covers the vulnerabilities of the of the grid from all forms of physical and cyber-attacks but also includes recommendations to policy makers from the President and the Congress down to the guy who locks down the gate at the substation at the end of the day, an everyone in between.
The result is mostly high-level policy verbiage given the institutional focus of the group that produced the report relying on a number of stakeholder workshops held on various threats: real and imagined, physical and natural, intentional and accidental. If nothing else, it is encyclopedic.
It says that as the grid evolves from the Edison to the Google era, grid security must move accordingly.
Published Originally in EEnergy Informer: The International Energy Newsletter October 2014 Issue.
