Smart Grid offers savings, vulnerabilities
A bill to be presented in Congress today aims to stop utility hackers; experts, legislators call for regulations on smart power meters to reduce new grid’s vulnerability to hacking
When it comes to the power grid, the debate between smart and secure may be about to heat up (see “Smart Grid Vulnerable to Hackers,” 23 March 2009 HS Daily Wire). Today, Senator Joe Lieberman (I-Connecticut) and Representative Bennie Thompson (D-Mississippi) plan to release a draft of the Critical Electric Infrastructure Protection Act (CEIPA), a bill aimed at tightening the cybersecurity of the U.S. power grid. The new legislation responds to growing political attention to the lack of digital security surrounding the U.S.’ power system, including revelations earlier this month that cyberspies had penetrated American utility networks and may be capable of causing massive blackouts.
Forbes’s Andy Greenberg writes that older generations of power systems are not the only ones vulnerable to hackers. So are the new smart metering systems slowly being rolled out in pilot programs across the country, cybersecurity researchers argue. Under the CEIPA bill, those technologies, aimed at responding to changing energy supplies in real-time and integrating wind and solar power, could also face new cybersecurity regulations.
In a statement, the House Committee on Homeland Security said the new bill requires the Federal Energy Regulation Commission, “to assess and establish interim standards deemed necessary to protect against known cyber threats to critical electric infrastructure.” A source familiar with the draft text of the bill adds that the “critical electric infrastructure” would include “any system assets used for generation, transmission, distribution or metering of electric energy.”
Including “metering” technology in that energy infrastructure definition puts smart-grid technology squarely in the regulatory spotlight—the systems use wireless “smart meters” to adjust energy demand and relay power-use data back to utilities. This smart-grid addendum is timely: Advocates of the smart grid argue that a power system revamp is necessary to deal with ballooning energy prices, which are estimated to increase 20 percent over the next 10 years. President Obama’s economic stimulus package includes $4.5 billion devoted to implementing smart-grid technologies.
Greenberg writes that even as enthusiasm around the smart grid grows, several cybersecurity researchers have warned about the potential for exploiting smart meters to disable or take control of electric networks. In January, for instance, independent cybersecurity researcher Travis Goodspeed gave a presentation at the S4 conference in Miami, describing a method for bypassing the encryption on Zigbee wireless chips, the same sort of technology that some metering systems would use to communicate with a smart grid.
By inserting a hypodermic needle into a meter’s circuit board and using