Politicians and cybersecurity experts agree that critical infrastructure can be hacked. What can be done?
Is the U.S. power grid vulnerable to Chinese attack? According to recent hearings by the U.S. House Energy and Commerce Subcommittee on Oversight and Investigations, the answer is, “yes.” The committee is concerned about vulnerability of cloud connected systems to cyberattack, but also noted that physical infrastructure attacks in the form of terrorism or vandalism increased 77 percent in 2022 over the previous year. The timing of these hearings, during a time of negotiations over Chinese access to American technology, isn’t a coincidence. But from an engineering perspective, the vulnerability of a nationwide interconnected power distribution system is hardly front-page news. There are three basic approaches to security and resiliency: predictive analytics and defensive measures to thwart attacks before they happen, hardening of the physical infrastructure and system redundancy.
Access all episodes of This Week in Engineering on engineering.com TV along with all of our other series.
* * *
Episode Transcript:
Is the U.S. power grid vulnerable to Chinese attack? According to recent hearings by the U.S. House Energy and Commerce Subcommittee on Oversight and Investigations, the answer is, “yes.”
The committee is concerned about the vulnerability of cloud connected systems to cyber-attack, but also noted that physical infrastructure attacks in the form of terrorism or vandalism increased 77 percent in 2022 over the previous year.
The timing of these hearings, during a time of negotiations over Chinese access to American technology, isn’t a coincidence. But from an engineering perspective, the vulnerability of a nationwide interconnected power distribution system is hardly front-page news. Security of cloud connected systems is an expensive and difficult problem for multiple industries from defence companies handling sensitive information to Internet platforms concerned about security of customer data.
While cyber security isn’t a strictly engineering problem, protecting critical grid infrastructure against terrorism and vandalism is. There are three basic approaches to security and resiliency: predictive analytics and defensive measures to thwart attacks before they happen, hardening of the physical infrastructure and system redundancy.
Prediction and defense can be anything from security cameras to AI-driven facial recognition systems at vulnerable sites, while physical hardening starts with security fencing and can include engineering for blast and heat tolerance, as well as physical separation of critical devices such as transformers and switches.
Ukraine faces this problem right now, as drone attacks on their power grid have become a regular feature of Russian military operations. But by definition, power grids are too large to be 100 percent secure, so system redundancy is the cornerstone of overall resiliency. The ability to reroute current through intact system elements to maintain customer supply not only keeps the lights on, but also buys time for maintenance crews to repair system damage. And with the continued supply chain disruption from COVID-19, plus an unprecedented demand for equipment caused by the Ukraine war, the availability of things like power transformers and advanced switchgear is definitely a factor.
Politicians may point a finger at China, but any determined and well-planned terrorist attack on U.S. soil could create extensive regional outages, and consequences capable of pushing the economy into recession. The combination of security, durability and redundancy are the key elements of system resiliency, at a time when the increasing number of electric vehicles require a significant expansion of generating capability and distribution.
This is a good time to be an electrical, mechanical or civil engineer in the power industry.
