On Countering Multi-pronged Evolving Systemic Threats: Covid-19 and Beyond

By Massoud Amin

In 1990, the U.S. Office of Technology Assessment (OTA) issued a detailed report, Physical Vulnerability of the Electric System to Natural Disasters and Sabotage.  It concluded that terrorists could “destroy critical [power system] components, incapacitating large segments of a transmission network for months. Some of these components are vulnerable to saboteurs with explosives or just high-powered rifles.”

In the 30 years since the OTA report, the situation has become even more complex.  It has now been recognized that accounting for and protecting all critical assets of the electric-power system, which include thousands of transformers, line reactors, series capacitors, and transmission lines dispersed across the continent, is and probably always was impractical.  Meanwhile, with the addition of biological warfare, pandemics, electromagnetic and geomagnetic pulse (EMP, including intentional attacks, or due to solar flares), increasing stressors due to climatological change, along with increasing complexity and connectivity of cyber, communications, and control layers… and more, new families of security threats and dynamic risks have surfaced.

As a practical matter, electrical systems must be structured to withstand temporary loss of physical components, just as they must operate through spontaneous local outages; but that depends on defending against attacks and systemic risks/threats, be they natural/environmental, pandemics, terroristic, military, or criminal.

Before and after 9/11 (when I became responsible for R&D on infrastructure security and grid operations and planning, at EPRI), we reached out to utilities and their vendors to share relevant information and develop action plans. We conducted "red team" studies of simulated multipronged cyber-physical attacks, distributed EMP attacks, larger detonations, and biological warfare on a variety of grid assets and developed protocols for system security and resiliency.

In [1], without providing a blue print for attackers, three types of attacks to electricity infrastructure that must be prevented are described:

  • Attacks upon the power system – where the electricity infrastructure itself is the primary target with outages spreading into the customer base.  The point of attack could be a single component such as a critical substation or a transmission tower, or there could be a simultaneous, multipronged attack intended to bring down an entire regional grid.  Moreover, the attack could target electricity markets, which are highly vulnerable because of their transitional status.
  • Attacks by the power system – where the ultimate targets are the population, and parts of the electricity infrastructure is used as a weapon.  For example, terrorists could use power plant cooling towers to disperse chemical or biological agents.
  • Attacks through the power system – where the targets are the civil infrastructure.  Utility networks include multiple conduits for attack, including lines, pipes, underground cables, tunnels, and sewers.  For example, terrorists could couple an electromagnetic pulse through the grid to damage computer or telecommunications infrastructure.

Key recommendations included:

Distribution Systems, Disaster Mitigation

An attack on key portions of a distribution system could be used to cause power outages at critical loads, such as hospitals, emergency response centers, and financial hubs. Conversely, distribution systems are also likely to sustain major damage as the result of attacks on civilian targets, particularly in urban centers. The 9/11 assault on the World Trade Center, for example, knocked out power to five distribution networks in New York City and destroyed two distribution substations. Technology developments that could help prevent or reduce distribution system damage from terrorist attacks include:

  • Distribution Vulnerability Assessment (DVA). DVA represents a bottom-up approach to vulnerability assessment and thus complements the top-down approach of PVA, described above. Specifically, DVA will be a computerized self-assessment tool that distribution utilities can use to identify vulnerabilities of their own systems and critical loads, and to estimate the potential financial impact of terrorist attacks.
  • Underground gas sensors. A system of gas detectors and warning alarms should be installed at critical points in the underground infrastructure of electric and other utilities.  This detector-and-alarm system should be protected from disablement by terrorists.

Generation Systems

Nuclear power represents a unique set of vulnerabilities that are being separately addressed by the Nuclear Energy Institute, and are not a part of this assessment.  In terms of fossil plants (coal, gas, oil), the most significant threat is considered to be the potential use of cooling towers to disperse chemical or biological agents. Despite dispersion over a limited geographical area, the agent could infect a small number of victims, either human or animal, who could then serve as disease vectors to the larger population. Furthermore, introduction of the agent might not be detected until dispersion had been accomplished. A two-step approach is recommended to countering this threat:

  • Develop and install sensors to detect dangerous agents. Work is underway in government and private laboratories to identify and characterize both chemical and biological agents that could be used in a terrorist attack.  This knowledge should be immediately applied to determine which agents might exist at the temperature, moisture, and chemical conditions of a cooling tower, and then to develop sensors for detecting such agents.
  • Identify methods to destroy dangerous agents. Countermeasures might involve the addition of treatment chemicals to destroy or de-activate the agent within the cooling tower, as well as in the surrounding environment. Procedures need to be developed to specify exactly what steps should be taken on discovery of the presence of an agent in cooling tower water.

Threats to Energy Markets

The power industry should be prepared to deal with significant market disruption following physical destruction of supply.  Current emergency procedures utilizing rolling blackouts are not likely to be sufficient for prolonged shortages ranging from weeks to months.   Protocols and procedures to allocate remaining power in the absence of market-based pricing should be developed ahead of time, in conjunction with regulatory agencies and local and state governments.  Such procedures and delegation of authority would minimize social disruption and speed the recovery of local economies.  Preparation could also conceivably act as a deterrent to attack.

Proposed Actions

Short-term to long-term technologies, training, policies, protocols – that would support the development and deployment of technologies needed to protect local-, regional-, national- and continental-scale power systems are being addressed.

The scenarios range from natural disasters to supply-chain disruptions be it intentional cyber-physical attacks, bio-terror, or widespread pandemics (including scenarios where 20-50% of work force is disabled) and other multi-pronged terrorist attack.

In summary, I have had the privilege of working on and developing countermeasures for probable or even “black swan” emerging Issues, future challenges, trajectories and precursor detections – Focused on Homeland Security, including Cyber-physical Security and Emergency Management for 2020-2030 (not limited to bio-warfare, or to annual influenza outbreaks whether it’s the flu, Ebola, H1N1, West Nile, Methicillin-resistant Staphylococcus aureus (MRSA) or COVID-19). These are a few “samples,” as there is a lot more on wide-spread use and impacts of toxins, bio-warfare, and pandemics as well as their proactive countermeasures, noted above that my team and I have worked on since the  9/11 tragedies -- including disablement of the workforce or their families, supply chains disruptions, and a lot more (which becomes rather sensitive fast and thus classified) – within organizations I have served and coordinated with including EPRI, NERC, DHS, DIA, DOD, DOE and more.

In summary, this article is based on a working draft chapter “On countering multi-pronged evolving systemic threats” of my book -- Covid-19 too shall pass. We will overcome, together; sadly with massive loss of life, with many adverse primary/secondary impacts.

In the weeks, months and years to come there will be in-depth analyzes, investigations, lessons learned, preparedness drills and more.

From past lessons learned, as with any major destabilizing systemic threats, including multi-pronged coordinated terrorist attacks or even natural disasters, we can often:

  1. prevent,
  2. delay,
  3. limit/localize impacts,
  4. slow the spread of the virus,
  5. recover and self-heal

Only if we (and our governments) act collectively, intelligently, based on early actionable/validated intelligence, proactively, and aggressively. The is an opportunity to effectively and fundamentally help our power, energy and water utilities, industries and interconnection supply chains and lives that depend on these critical infrastructures - locally,  regionally, nationally and globally. To start this transition, rapid innovation funds such as the processes discussed at https://massoud-amin.umn.edu/sites/massoud-amin.umn.edu/files/2020-03/mro_newsletter_9-2011_p1-4.pdf, and at https://massoud-amin.umn.edu/sites/massoud-amin.umn.edu/files/2020-03/global_transition.pdf, or the U.S. DoD (http://digital.nationaldefensemagazine.org/publication/?m=46185&i=657783&p=24) could be considered.

However, we often ignore early indictors of major threats, routinely think tactically and with a short attention span, often with insufficient data, or any room for proactive strategic risk mgmt./avoidance [2]:

“While limiting panics & coping are essential in the short term; however, coping as a primary strategy is ultimately a defeatist strategy.”

Some of the specific short-term to longer-term technology development opportunities being assessed and are outlined in this article.

References:

  1. Amin, Massoud, "Security challenges for the electricity infrastructure," Supplement to Computer, vol. 35, no. 4, pp. 8-10, April 2002.
  2. Amin, Massoud, “Powering the 21st Century: We can -and must- modernize the grid,” IEEE Power and Energy Magazine, pp. 93-95, March/April 2005

 

This article edited by Geev Mokryani

For a downloadable copy of May 2020 eNewsletter which includes this article, please visit the IEEE Smart Grid Resource Center.

Security Resilience Dr AMIN resized
Dr. Massoud Amin, IEEE and ASME Fellow, is a professor of electrical & computer engineering (ECE), and a University Distinguished Teaching Professor at the University of Minnesota (https://massoud-amin.umn.edu/). He is widely credited as being the father of the smart electric power grid (https://tli.umn.edu/tli-blog/inspiration-behind-smart-grid-series-defining-moments), and a cyber-physical security leader, who directed all security-related R&D for North American utilities after the 9/11 tragedies.

Past Issues

To view archived articles, and issues, which deliver rich insight into the forces shaping the future of the smart grid. Older Bulletins (formerly eNewsletter) can be found here. To download full issues, visit the publications section of the IEEE Smart Grid Resource Center.

IEEE Smart Grid Bulletin Editors

IEEE Smart Grid Bulletin Compendium

The IEEE Smart Grid Bulletin Compendium "Smart Grid: The Next Decade" is the first of its kind promotional compilation featuring 32 "best of the best" insightful articles from recent issues of the IEEE Smart Grid Bulletin and will be the go-to resource for industry professionals for years to come. Click here to read "Smart Grid: The Next Decade"