Tuesday, June 16, 2020

This is (maybe) my final post on the WAPA transformer!



Note from Tom: If you’re only looking for today’s pandemic post, please go to my Pandemic Blog. If you’re looking for my cyber/NERC CIP post, you’ve come to the right place.

I’ve been in communication with several people on the WAPA transformer question since my last post on that topic, including Kevin Perry and a very knowledgeable engineer from a major municipal utility. They have convinced me that there are a number of ways that a cyber attack could be launched on a transformer like the one WAPA ordered from China, which is now being pulled apart and inspected at Sandia National Laboratory. I had previously said I didn’t see a way to do that, since transformers aren’t operated by commands but by the laws of physics.

However, while I now admit that the operation of an individual transformer could be changed - or the transformer might even be destroyed - by a cyber attack, I simply don’t see a way that this could have a serious impact on the Bulk Electric System. There could be a local outage, but as I’ve mentioned previously, the best way to reduce local outages is to go after the devious miscreants behind a large percentage of them: squirrels and chipmunks.

In order for a Chinese supply chain attack to succeed, there would have to be multiple transformers deployed in geographically diverse substations with exactly the same implant; and there would need to be some method of signaling to all of these transformers, presumably by satellite. This is also theoretically possible, but now we have to raise the question of motive: Why would the Chinese be at all inclined to do this?

The supplier(s) involved in this supposed nefarious plot (there are about six transformer suppliers in China, and since orders for transformers like this one don’t come in every week, more than one would probably have had to be in on the conspiracy) would need to have been working on this plan for years, and agreed on the exact attack and the signaling protocol to make it happen (perhaps they might have made this an IEC standard? 😊).

But why on earth would the suppliers want to do this? Presumably because the Chinese government made them an offer they couldn’t refuse. It’s hardly the royal road to commercial success to deliberately try to destroy your best customers, so it’s not likely any of these companies thought this up on their own.

Then why would the Chinese government force the suppliers to do this? Presumably because they wanted to have this as a weapon in their arsenal in case they found themselves in outright war (a bang bang war, not a metaphorical war like a trade dispute) with the US. And they’d need to already be at war to send the dreaded signal to the transformers, since as soon as they did that, the attack on the grid would immediately be traced to China – and there would almost certainly be a real war after that.

I certainly don’t idealize the Chinese government, but they’re not a terrorist organization. And they’re definitely not into collective suicide, since there isn’t much question who would come out on the losing end of a war between China and the US.

I still see close to zero chance that there’s any sort of attack implanted in the WAPA transformer. But if there were no other problems nowadays – like say a pandemic or something like that – I can see why it might be justified to invest the time in pulling the WAPA transformer apart for the sake of satisfying whoever dreamed up these fears. After all, I used to have to go look under my son’s bed every time he was sure there was a monster there. I never once found a monster.


Any opinions expressed in this blog post are strictly mine and are not necessarily shared by any of the clients of Tom Alrich LLC. If you would like to comment on what you have read here, I would love to hear from you. Please email me at tom@tomalrich.com. Are you working on your CIP-013 plan and you would like some help on it? Or would you like me to review what you’ve written so far and let you know what could be improved? Just drop me an email!



No comments:

Post a Comment