http://www.computerworld.com/s/article/print/9138017/DHS_to_review_report_on_vulnerability_in_West_Coast_power_grid?taxonomyName=Disaster+Recovery&taxonomyId=160 DHS to review report on vulnerability in West Coast power grid Well-placed attack on small subnetwork could bring down entire West Coast power grid, researcher says Jaikumar Vijayan September 14, 2009 (Computerworld) The U.S. Department of Homeland Security is looking at a report by a research scientist in China that shows how a well-placed attack against a small power subnetwork could trigger a cascading failure of the entire West Coast power grid. Jian-Wei Wang, a network analyst at China's Dalian University of Technology, used publicly available information to model how the West Coast power grid and its component subnetworks are connected. Wang and another colleague then investigated how a major outage in one subnetwork would affect adjacent subnetworks, according to an article in New Scientist. The aim of the research was to study potential weak spots on the West Coast grid, where an outage on one subnetwork would result in a cascading failure across the entire network. A cascading failure occurs when an outage on one network results in an adjacent network becoming overloaded, triggering a similar set of failures across the entire network. The massive blackouts in the Northeast in August 2003, which affected about 50 million people, were the result of such a cascading failure. Wang's research was expected to show that an outage in a heavily loaded network would result in smaller surrounding networks becoming overwhelmed and causing cascading blackouts. Instead, what the research showed was that under certain conditions, an attacker targeting a lightly loaded subnetwork would be able to cause far more of the grid to trip and fail, New Scientist reported, quoting Wang. The article does not describe Wang's research (paid subscription required) or any further details of the attack. Wang did not reply to an e-mailed request for comment seeking details on the report. Wang's report, which appears to have been largely overlooked until the publication of the New Scientist article last week, was completed last November and has been available online since March. John Verrico, a spokesman for the DHS's science and technology directorate, said the DHS has not reviewed the research but is "very interested in the findings." In an e-mailed comment, Verrico said the DHS is working on a "self-limiting, high-temperature superconductor" technology that is designed to prevent power surges in one network from affecting surrounding networks. The so-called inherently fault current limiting (IFCL) superconductor technology is part of the DHS's Resilient Electric Grid project. According to a DHS description, the technology is capable of carrying 10 times as much power as current copper wires of the same size, while also being able to automatically adapt to massive power surges and outages. A single such IFCL cable will be capable of replacing 12 copper cable bundles. The effort, which is funded by the DHS's science and technology directorate, involves teams from American Superconductor Corp., Southwire Co. and Consolidated Edison Co. The technology was successfully tested at the Oak Ridge National Laboratory in Tennessee earlier this year. Pilot tests of the IFCL cable in New York are expected to start in 2010, Verrico said. News about Wang's research comes at a time when there are considerable concerns about the security of the U.S. power grid. In April, The Wall Street Journal, citing anonymous national security officials, reported that cyberspies from China, Russia and elsewhere had gained access to the U.S. electrical grid and had installed malware tools that could be used to shut down service. Though the access hasn't been used to disrupt service, the concern is that the malicious hackers could do so with relatively short notice during a time of crisis or war. In a letter sent to industry stakeholders in April, Michael Assante, chief security officer at the North American Electric Reliability Corp., drew attention to the need for operators, suppliers and distributors in the power sector to properly identify and protect critical assets and associated critical cyberassets. The letter lamented the apparent lack of awareness within the power sector of the cyberassets and noted how the horizontal nature of networked technology could allow attackers to take down multiple power sector assets at once, and from a distance.