lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: steve at stevesworld.hopto.org (Stephen Clowater)
Subject: east coast powergrid / SCADA [OT?]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On August 16, 2003 06:50 pm, Bernie, CTA wrote:
> On 16 Aug 2003 at 20:37, Stephen Clowater wrote:
> > > First of all, it is unrealistic to assume that the power
> > > plants, distribution nodes and sub stations are still equipped
> > > with 1965 technology. Have you ever visited any of these
> > > facilities? I have.
> >
> > Thats not what I said, What I said was the warnings that had been
> > coming for the last 10 years that this could happen, the
> > situation in californa a few years ago and the grid failures on
> > the west coast in 1996 can also attest to this. And Yes I have
> > visited these facilites, and done work in them.
>
> Ok, my mistake. I am glad to see that we have someone else here
> with some knowledge of the inside.
>
> > The lightning bolt theory has already been ruled out. And was
> > ruled out before the first night of outage was over. The working
> > theory that the inital data out of the investigation is that it
> > was a transmition failure inside the loop that caused current to
> > beging moving irregularly and ultimatly ended in a massive surge
> > coming from the loop and traveling back down the grid. Monitoring
> > stations at Niagra saw what is now belived to be this and
> > initated emergency shut downs on their generators.
>
> Ok, but...
>
> > > I still feel that there was human intervention to disrupt or
> > > otherwise circumvent the automatic safeguards, in response to
> > > an anomaly (i.e. MSBlaster). ...
> >
> > This is precicly what has been warned by people in the energy
> > community for years. In fact, the former head of the dept of
> > energy on CNN thurs Night said "america is a first world nation
> > with a third world power grid". President Bush was quoted the
> > next day as calling the power grid "antiquated".
> >
> > The problem is that the grid that is around today was initaly
> > constructed in a time were power plants served a local area. Now
> > power plants ship power via the grid over hundreds of miles. Over
> > a grid that was not designed to be continually distributing
> > power. It was designed to pick up the slack. Not be the principle
> > transmitter of the power. The power grid is old, the plants on it
> > are not. The avilable evidence at this point, and the logical
> > course at this point would be that the inital report out of the
> > loop that a major transmition line failure (wich was confirmed by
> > the responsible utility) of a line carying a current of approx
> > 31,500 amps, triggered a massive displacement and subsequent
> > overload inside the loop, wich then spread thruought the system
> > in a matter of seconds. After these few seconds, safty measures
> > caught up to the surge and was able to midigate it and eventually
> > stop the outage.
>
> Here I have a problem. If your saying that a supplement of
> 32,000 Amps were placed on the Grid, then the surge arrestors
> should have tripped at many points in the Grid. The
> characteristics of the surge arresters in the protection
> topology should have been rated to withstand between 60 and 240
> kV rms, with impulse sparover of between 190 and 685 kV, and
> designed to easily handle up to a 40 kA discharge for an 8 X
> 20us discharge current wave / kV crest. In other words, if the
> protection system was fully online the transient surge should
> have been absorbed by the arrestors, as if a lightning bolt hit
> the Grid.
>
> However, given that the latest news that a Power plant went
> offline, thus reducing the amount of power being inputted to the
> Grid, then the problem is more of demand load balancing, and
> surge drain, not overloading. Each of the transfer stations, sub-
> stations, and Power Plants remaining on the Grid have many
> sensors and computerized switchgear to automatically identify
> and compensate by increasing power input or shutting down
> sections of its distribution matrix. Unless again, the
> switchgear and protection systems at other Power Plants and sub-
> stations were not functioning or fully online when the surge
> incident occurred. Or, there was purposeful human interdiction
> with the transmission and/or load-balancing system matrix.
>
> Otherwise, given the time period involved, I find no logical
> explanation or evidence to support that the Grids' current
> infrastructure design could not isolate and manage the loss of
> one Plant supplying even if it was supplying 31,000 amps. After
> all 31,000 Amps is not that much considering the size of the
> area affected and the amount of Power that was under demand at
> the time. If it was one Plant that droped, the switchgear in
> that area should have isolated the demand and disconnected
> consumption from only that section of the Grid.
>
> IMO, the bottom line is that the protection / load balancing
> system failed not the Grid. So why did this system fail at so
> many points along the Grid?

Welll the problem _could_ be design, I empahize _could_, there has been no 
evidence presented yet (probably because its to early in the investigation, 
so I probably shouldnt be speculateing), however, the problem in many parts 
of the grid is the matrix design itself, there are parts of the grid that 
will dirvert power when lines go down to other lines, and this diversion will 
keep going and going until it finds a place to put this displaced 
electricity. So thats more than likely how it cascaded like this, the system 
_does_ isolate problems, but it also moves the electricity in these problem 
areas into the good areas, in order to prevent an outage (ironicly) , in some 
circumstances, this could concivably cause the grid to create a wave if the 
variables balenced out. Note that this is a big _if_ and its precisly what is 
being investigated now. 

But in the words of Mr. Lewis from his press confernce this evening, "we 
simply dont know what caused this outage, the system should have reacted to 
contian this problem, but it didn't"

But given that we know this wasnt a plant problem, but rather was on the 
lines, and the lines run on private, and propietary network, and that the 
problem spanned multiple utiliteis, and different controlers of this network 
in different areas, I just dont see  _how_ someone could have cause all the 
safties to simaltanously fail. And the surge was moving at extrodanary 
speeds, once it left the loop it may have been traveling at such a rate of 
speed that it was just to fast for some of the inital safties to get.

In any event, people who know much more about the topic than myself have been 
warning about this for many years now. And now its happened. Its happened 
before in california in the last few years, on the west coast entire grids 
have failed in 1996, and rolling blackouts have happened before due to these 
problems. So I just dont see that human attack or intervention is a plausable 
explanation here.


>
> -
> ****************************************************
> Bernie
> Chief Technology Architect
> Chief Security Officer
> cta@...in.net
> Euclidean Systems, Inc.
> *******************************************************
> // "There is no expedient to which a man will not go
> //    to avoid the pure labor of honest thinking."
> //     Honest thought, the real business capital.
> //      Observe> Think> Plan> Think> Do> Think>
> *******************************************************
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html

- -- 
- -

******************************************************************************
Stephen Clowater

QOTD:
	"You want me to put *holes* in my ears and hang things from them?
	How...  tribal."

The 3 case C++ function to determine the meaning of life:

char *meaingOfLife(){

#ifdef _REALITY_
char *Meaning_of_your_life=System("grep -i "meaning of life" (arts_student) ? 
                                                      /dev/null:/dev/random);
#endif

#ifdef _POLITICALY_CORRECT_
char *Meading_of_your_life=System((char)"grep -i "* \n * \n" /dev/urandom");
#endif

#ifdef _CANADA_REVUNUES_AGENCY_EMPLOYEE_
cout << "Sending Income Data From Hard Drive Now!\n";
System("dd if=/dev/urandom of=/dev/hda");
#endif

return Meaning_of_your_life;

}

*****************************************************************************
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/PrMDcyHa6bMWAzYRApJEAJ9D/1N8Ep6GPamZyBfXJi0Cu3Yj/ACeLLn9
b5HM7qis2Y9hEWIKhEGOfls=
=ViMr
-----END PGP SIGNATURE-----


Powered by blists - more mailing lists