Yesterday, I was asked by a couple of reporters how the NC attacks differ from the 2013 sniper attack on the Metcalf substation in California, and whether the NERC CIP-014 standard (which was developed as a result of that attack) was applicable to the NC substations – as well as whether it would have prevented the attacks if it was applicable. Here is my take on this situation, acknowledging there still isn’t a lot of information available on the NC attacks:
There’s a big difference between
the attacks in NC on Saturday and the 2013 sniper attack on the Metcalf substation
near San Jose, California:
1.
Metcalf is an
important high-voltage transmission substation. The NC substations appear to be
much lower voltage and were primarily for power distribution, not transmission
(although a lot of substations combine transmission and distribution
functions).
2.
The Metcalf attack was
meticulously planned
and executed by the team of snipers that carried it out, using military
grade weapons. There seems to have been much less planning in the NC attacks,
although there’s not enough known yet to say that for certain.
3.
While there were some
short local outages after the Metcalf attack, power was quickly restored. However,
since the interstate power transmission system (known as the Bulk Power System)
has redundancy built into it at all levels, there was no widespread or
prolonged outage at all.
4.
On the other hand, the
power distribution system is very localized and has much less redundancy built
into it. Thus, even though there was probably much less damage to equipment in
NC, the fact that the distribution system was damaged led to a widespread and
continued outage, since there wasn’t enough redundancy to prevent this (and
since it seems multiple substations were attacked, the fact that similar
equipment might have been damaged in those substations may have reduced the redundancy
that would otherwise have come into play).
5.
After the Metcalf
attacks, federal regulators ordered rigorous (and expensive) protections for
certain strategic transmission substations, including Metcalf. It’s just about
certain that the NC substations were not in scope for that standard, called
NERC CIP-014.
6.
However, even if the
NC substations had been in scope, it’s doubtful these attacks could have been
prevented, although they might have had less impact. NERC CIP-014 is designed to
protect against large-scale coordinated attacks, not impulsive ones by
individuals who don’t consider risk carefully before going ahead. Probably the
reason that there haven’t been any attempts (that have been publicized, anyway)
to build on the Metcalf attack template is that whoever planned that attack
(and it had all the earmarks of just being a trial run – a proof of concept, if
you will) realized that CIP-014 had turned the odds against them in general. However,
a couple of average guys, who are perhaps motivated by the desire to make a point
on a culture war issue, aren’t likely to carefully balance risks and benefits
in this way.
Local outages happen all the time.
One of the biggest causes of these is squirrels chewing on the conductors. Another
important cause is thieves stealing copper. The main goal with local outages is
to minimize their impact and quickly remediate them. The biggest question about
the NC attacks is why these measures didn’t work. I’m sure there will be an
investigation to answer that question.
Any opinions expressed in this
blog post are strictly mine and are not necessarily shared by any of the
clients of Tom Alrich LLC. If you would
like to comment on what you have read here, I would love to hear from you.
Please email me at tom@tomalrich.com.
No comments:
Post a Comment