Note from Tom: If you’re only looking for
today’s pandemic post, please go to my Pandemic Blog. If you’re
looking for my cyber/NERC CIP post, you’ve come to the right place.
I’ve been in communication with several
people on the WAPA transformer question since my last post on that topic, including Kevin Perry and a very
knowledgeable engineer from a major municipal utility. They have convinced me
that there are a number of ways that a cyber attack could be launched on a
transformer like the one WAPA ordered from China, which is now being pulled
apart and inspected at Sandia National Laboratory. I had previously said I
didn’t see a way to do that, since transformers aren’t operated by commands but
by the laws of physics.
However, while I now admit that the
operation of an individual transformer could be changed - or the transformer might
even be destroyed - by a cyber attack, I simply don’t see a way that this could
have a serious impact on the Bulk Electric System. There could be a local
outage, but as I’ve mentioned previously, the best way to reduce local outages
is to go after the devious miscreants behind a large percentage of them:
squirrels and chipmunks.
In order for a Chinese supply chain attack
to succeed, there would have to be multiple transformers deployed in
geographically diverse substations with exactly the same implant; and there
would need to be some method of signaling to all of these transformers,
presumably by satellite. This is also theoretically possible, but now we have
to raise the question of motive: Why would the Chinese be at all inclined to do
this?
The supplier(s) involved in this supposed nefarious
plot (there are about six transformer suppliers in China, and since orders for
transformers like this one don’t come in every week, more than one would
probably have had to be in on the conspiracy) would need to have been working
on this plan for years, and agreed on the exact attack and the signaling
protocol to make it happen (perhaps they might have made this an IEC standard? 😊).
But why on earth would the suppliers want to
do this? Presumably because the Chinese government made them an offer they
couldn’t refuse. It’s hardly the royal road to commercial success to
deliberately try to destroy your best customers, so it’s not likely any of
these companies thought this up on their own.
Then why would the Chinese government force
the suppliers to do this? Presumably because they wanted to have this as a
weapon in their arsenal in case they found themselves in outright war (a bang
bang war, not a metaphorical war like a trade dispute) with the US. And they’d
need to already be at war to send the dreaded signal to the transformers, since
as soon as they did that, the attack on the grid would immediately be traced to
China – and there would almost certainly be a real war after that.
I certainly don’t idealize the Chinese
government, but they’re not a terrorist organization. And they’re definitely
not into collective suicide, since there isn’t much question who would come out
on the losing end of a war between China and the US.
I still see close to zero chance that
there’s any sort of attack implanted in the WAPA transformer. But if there were
no other problems nowadays – like say a pandemic or something like that – I can
see why it might be justified to invest the time in pulling the WAPA
transformer apart for the sake of satisfying whoever dreamed up these fears.
After all, I used to have to go look under my son’s bed every time he was sure
there was a monster there. I never once found a monster.
Any opinions expressed in this blog post are strictly mine
and are not necessarily shared by any of the clients of Tom Alrich LLC. If you would like to comment
on what you have read here, I would love to hear from you. Please email me at
tom@tomalrich.com. Are you working on your CIP-013 plan and you would like some
help on it? Or would you like me to review what you’ve written so far and let
you know what could be improved? Just drop me an email!
No comments:
Post a Comment