Washington, DC, U.S.A. — (METERING.COM) — November 19, 2012 – The U.S. electric power delivery system is vulnerable to terrorist attacks that could cause much more damage to the system than natural disasters such as Hurricane Sandy, blacking out large regions of the country for weeks or months and costing many billions of dollars, according to a newly released report from the National Research Council.
The report, which was completed by the National Research Council in the fall of 2007 but classified by the U.S. Department of Homeland Security, says the security of the power system is in urgent need of attention. The power grid is inherently vulnerable physically because it is spread across hundreds of miles, and many key facilities are unguarded. This vulnerability is exacerbated by a reorganizational shift in the mid-1990s, prompted by federal legislation to introduce competition in bulk power across the country, resulting in the transmission network being used in ways for which it was not designed. As a result, many parts of the bulk high voltage system are heavily stressed, leaving it especially at risk to multiple failures following an attack. Important pieces of equipment are decades old and lack improved technology for sensing and control that could help limit outages and their consequences — not only those caused by a terrorist attack but also in the event of natural disasters.
"Power system disruptions experienced to date in the United States, be they from natural disasters or malfunctions, have had immense economic impacts," said M. Granger Morgan, professor and head of the department of engineering and public policy at Carnegie Mellon University, Pittsburgh, and chair of the committee that wrote the report. "Considering that a systematically designed and executed terrorist attack could cause disruptions even more widespread and of longer duration, it is no stretch of the imagination to think that such attacks could produce damage costing hundreds of billions of dollars."
High voltage transformers are of particular concern because they are vulnerable both from within and from outside the substations where they are located. These transformers are large, difficult to move, often custom-built, and difficult to replace. Most are no longer made in the U.S., and the delivery time for new ones could run from months to years. A promising solution, the report says, is to develop, manufacture, and stockpile a family of universal recovery transformers that would be smaller and easier to move. They would be less efficient than those normally operated and would only be for temporary use, but they could drastically reduce delays in restoring disabled electric power systems. In line with this recommendation, the U.S. Department of Homeland Security has recently cooperated with the U.S. power industry on the RecX program to develop and test a recovery transformer.
There are also critical systems – communications, sensors, and controls – that are potentially vulnerable to cyber attacks, whether through internet connections or by direct penetration at remote sites. Any telecommunication link that is even partially outside the control of the system operators could be an insecure pathway into operations and a threat to the grid. When interconnections are unavoidable, high-quality technical and managerial security systems should be in place, including systems that monitor for and help avoid operator error or intentional sabotage.
The report states that although it is not reasonable to expect federal support for all local and regional planning efforts, DHS and/or the U.S. Department of Energy should initiate and fund several model demonstration assessments across cities, counties, and states. These assessments should systematically examine a region’s vulnerability to extended power outages and develop cost effective strategies that can be adopted to reduce or eventually eliminate such vulnerabilities. The DHS should also develop and disseminate guidelines and tools to assist other cities, counties, states, and regions to conduct their own assessments and develop plans to reduce vulnerabilities to extended power outages.
The report has been released following a request from the National Research Council for an updated security classification review. A workshop is now being planned to address changes that have occurred since the report’s completion in 2007 and where future efforts should be directed to improve grid resilience.