Is the Smart Grid Smart Enough?

Emily Holbrook


February 1, 2010

smartgridIn June 2003, the National Academy of Engineering warned that the U.S. power grid "is unnecessarily vulnerable in its capacity, reliability and security, as well as its capability to meet consumer expectations in the twenty-first century." Two months later, the largest blackout in American history left an estimated 55 million people without power, some up to a week, from Cleveland to Long Island and from Baltimore to Toronto.

After investigation by U.S. and Canadian authorities, the cause of this unthinkable outage was determined to be overstressed power lines in Ohio, which went out of service after coming into contact with overgrown trees. What seemed like it should only have caused a minor, local disruption caused a massive domino effect throughout the entire Northeast.

Though the 2003 blackout was monumental due to its sheer size, smaller-scale blackouts can have similarly crippling effects for companies. The annual cost of lost business due to blackouts, which have been increasing at an alarming rate for the past quarter century, is now estimated at $150 billion a year, giving rise to concerns that today's outdated power grid cannot keep pace with the future energy demands from a growing population.

For years, engineers, energy industry groups and various political organizations have spread the word about America's decaying grid, with the National Research Council warning the White House directly on several occasions that the system is overstressed and, in essence, an electrical time bomb.

Critics will argue that Washington has been slow to act, but for its part, the federal government has sped its efforts to implement a better way to power the nation. Enter the smart grid.

This innovative, more efficient power distribution system will be an intelligent, electronically controlled grid, as opposed to today's antiquated, electromechanically controlled power lines. Proponents praise the benefits of the smart grid-and there are many. First and most important, it will have the ability to meet the needs of an ever-evolving digital economy. As more and more processes become computerized and as computers are continuously constructed with faster functions and larger memories, the digitally dependent workforce will require more electricity. And the smart grid will provide.

But there are also potential weaknesses. Many fear that the rush to implement a digital distribution system may create security vulnerabilities, namely computer hacking. "The smart grid is theoretically a closed network, but one with an access point at every home, business or other location where a 'smart meter' is installed," said Ira Winkler, president of the Baltimore-based Internet Security Advisors Group. "Those devices are essentially tiny computers with access to the entire electrical network."

And though the smart grid and its smart meters will undoubtedly be equipped with the best available security measures, it will still likely be no match for the most intelligent cyber scoundrels. Hackers may manipulate the grid in many ways: they could completely cut power to users, causing a blackout; they could electronically tell the computers that less electricity is needed, thus causing a brownout; or they could initiate a denial-of-service attack in which the smart grid is made to attack itself.

IOActive, a Seattle-based computer security firm, was hired to test the security of smart meters already installed in homes and businesses across the Pacific Northwest. Mike Davis, a security consultant with the firm, and his team of researchers created a malicious worm that was able to disrupt power in more than 15,000 homes over 24 hours during a simulated attack. "While it would do great things for my ego to believe that this was an attack impossible for others to reproduce, the reality is that this attack is not all that different from what goes on today when hackers attack hardware platforms like the Nintendo Wii or the iPhone," said Davis. "All that is really required is some knowledge of software exploitation and electronics."

The threat of hacking is not the only concern. A current class action lawsuit between Pacific Gas and Electric and some of its customers claims that smart-grid monitoring devices cause overbilling. A group of 200 citizens of Bakersfield, California, claim that their newly installed smart meters have caused very high discrepancies in their bills, with one plaintiff even saying that his new meter logged 791 kilowatt-hours in July, up from 236 a year earlier.

While the California controversy has caused other states to rethink the installation of such smart meters, can they stop the momentum? In mid-December, Vice President Joe Biden promised smart meters in 40 million homes by 2015. The rollout of the smart meters is happening fast-maybe too fast, according to critics.

Others, however say that the benefits of a new grid far outweigh the risks. A report by the National Academy of Engineering states that by 2020, a transformed electricity/information infrastructure could conceivably spur as much as $2 trillion a year in additional GDP for the U.S. economy.

But is it possible to build a smart grid that is completely secure against the threat of hackers? "Absolutely not-it's just not possible," said Winkler. So while society welcomes a new, more efficient electric grid, we also have to accept the possibility of another blackout like the one that darkened the Northeast in 2003-or worse.
Emily Holbrook is the founder of Red Label Writing, LLC, a writing, editing and content strategy firm catering to insurance and risk management businesses and publications, and a former editor of Risk Management.