Home > Studies > Security and the North American Supergrid

Lead author: Matthew Acho

Co-authors: José Alfredo Durand Cárdenas, Rachel Levine
Dwight Macomber

 

Electric grid security has moved to the forefront of policy discussions at nearly all levels of government. At present, the U.S. electrical grid is outdated and prone to damage from sources as varied as squirrels nibbling on power lines to threats from terrorist organizations and rogue states. The North Korean (DPRK) regime’s testing of multiple missiles and testimony that the DRPK possesses electromagnetic pulse weapons, which could bring down portions of our electric grid, should rightfully alarm policy makers. Naturally occurring threats such as geomagnetic disturbances can also bring down large portions of the grid in a similar manner as electromagnetic pulse (EMP) attacks. Additionally, physical attacks on electrical infrastructure have been increasing in severity, with the 2013 Metcalf incident being a particularly alarming example. Lastly, cyber threats on electrical infrastructure evolve every day, with assaults on grid systems becoming increasingly effective. Societal recovery times from any of these threats could be very long considering the extensive lead time needed to replace larger transformers and power equipment, causing widespread loss of life and economic damage.

The North American Supergrid (NAS or the Supergrid) could play a strong role in solving these problems. The following report outlines various avenues for improving the security and resiliency of the grid:

  • Electromagnetic Pulse Attacks and Naturally Occurring Threats: The North American Supergrid would feature a fault detection system as well as protective shielding around the cables that enclose the system’s wires. The fault detection system ensures that if one portion of the grid goes down it would not affect the entire system. A failure in one section of the grid would be detected as a “fault”, and the system would compensate by rerouting power away from the affected components and, subsequently, retaining system stability. This system would be effective against both EMP and naturally occurring threats such as geomagnetic disturbances. Protective shielding would ensure that the cables protecting the wires are safeguarded against physical tampering and extreme temperatures.
  • Threats to Structural Integrity: The NAS makes use of underground cables to counteract purposeful tampering by threat actors and to prevent animals from destroying the wires. These improvements strengthen the structure of the grid system.
  • Threats Originating from Weaknesses in Cyber Defense: The NAS would possess measures that protect against the hacking of the Supervisory Control and Data Acquisition systems (SCADA), Distributed Network Protocol Version 3.3 (DNP3) systems, and attacks on the Industrial Control Systems (ICS) of the grid. Some protections against these types of assaults come in the form of better employee vetting/monitoring, daily password randomization, limiting access to important areas of substations to a small set of individuals, and better segmenting of grid network systems.

This chapter also discusses the role of federal oversight for the initial building of the grid overlay and the role of federal oversight in creating the NAS more broadly. The security upgrades presented in this chapter would aid in protecting our nation against attacks on the electrical grid. It is our opinion that the NAS is perhaps our country’s best option for updating and hardening our aging and vulnerable electrical grid infrastructure.

 

Introduction

The grid’s importance to our nation’s economy and way of life cannot be overstated; the grid is the common denominator that underlies all other critical infrastructure–water, food, transportation, homeland defense, and more, yet it is also the weakest component of our infrastructure. This report will summarize solutions to the four major security challenges confronting our grid: manmade electromagnetic disturbances, natural electromagnetic disturbances, structural integrity, and cybersecurity. The much-needed improvements laid out in the North American Supergrid Initiative would enable us to meet these challenges.

 

Manmade Electromagnetic Threats

The electrical power transmission grid in the United States is largely made up of a series of many long and highly conductive metallic cables. These cables have the potential to be impacted by electromagnetic waves. A commonly referenced potential source of such disturbances is an EMP attack (brought about by high altitude detonation of a nuclear device). This form of attack is becoming an increasingly likely threat to modern civilization given the current security climate. The EMP electric field waveform has three components referred to as E1, E2, and E3 waves.[1] The short, high-intensity E1 wave couples large currents to disrupt operational power and communication lines.[2] The E2 wave is much lower in energy than E1, with the E3 wave having the lowest energy of the three waves, and possessing characteristics similar to solar geomagnetic disturbances (GMD).[3] The E3 wave can produce significant currents on long electrical lines.[4] E1 waves can damage both smaller electrical devices, and distribution transformers.[5] E3 waves have the potential to destroy larger transformers causing damage requiring replacement.[6]

The High Altitude Electromagnetic Pulse (HEMP) threat is a type of EMP that is intensified by being detonated over a large geographic coverage area, exceeding the capability of conventional grid protection equipment to isolate the disturbance to a single region.[7] In either scenario of solar storm or HEMP, the combined strength of the three waves could shut down the electrical grid for months to years, causing unprecedented economic disruptions and loss of life.[8] The duration of the outage can also be greatly increased based on the availability of replacement transformers, and the especially long lead times needed for installation and start-up of these transformers.[9]

Threats from a HEMP are likely to come from North Korea or any other actors with hostile intent towards the United States. However, it should be noted that any nation with hostile intent that possesses nuclear weapons with EMP enhancement capabilities poses a threat to all other nation states. In a Washington Times article on North Korea’s rumored development of EMP weapons, a Chinese military commentator is quoted as saying that the North Koreans possess EMP weapons.[10] North Korean motives are uncertain, but they appear prepared to attack the United States with an EMP style weapon, whether by satellite or by nuclear missile. North Korea tested an intercontinental ballistic missile in early July 2017[11] and has continued to ramp up these tests in recent months.[12] The threat posed by North Korea as a potential perpetrator of a HEMP attack has also been confirmed by former Director of Central Intelligence, R. James Woolsey. In a report from the National Review, he pleads with Congress to seriously consider the threat from EMP.[13]

Whether this attack occurs likely depends on the delicate political situation within and outside North Korea, and the success of potential target states to “harden” their electric grids and other key infrastructures against EMP attack hazards. China, though acting as a moderating force, may be unable to stop North Korea from initiating an attack. Economic hardships in North Korea may keep the DPRK focused on domestic issues, but this is unlikely considering the leadership’s bellicose maneuvers in the last few months.

A new and more resilient grid could bolster our defenses against a nationwide blackout caused by a HEMP attack. HEMP attacks can be executed using various means depending on a country’s level of technological sophistication. Delivery platforms for these devices can include unguided missiles and balloons. The usage of balloons to transport airborne weaponry was utilized by the Japanese during World War II.[14] During the war, the Imperial Army launched balloons carrying bombs across the Pacific and into U.S. territory.[15] Today, delivery means have evolved. In a February 2017 article from the Washington Times, James Oberg, a distinguished astronaut and space expert who visited the DPRK’s satellite launch facility, stated that satellites armed with small nuclear warheads may very well have become a major part of North Korea’s space program and that they seek to use it as a threat against the United States.[16] As the options to deliver these types of weapons continue to increase, it has become increasingly imperative that the United States arm itself against these types of attacks.

Non-nuclear EMP (NNEMP) attacks are also causes for concern, especially when considering non-state actors. Individuals, terrorists, or criminal groups wishing to interrupt or destroy communication systems can execute intentional electromagnetic interference (IEMI) attacks. However, these effects are generally limited to smaller areas since the energy from IEMI emitters diminishes with distance.[17] For this reason, the non-nuclear EMP threat is not as serious for entire critical infrastructures as the hazards posed by high-altitude nuclear EMP. However, NNEMP devices can be used to take down segments of the electrical grid. They can be utilized by both the military and criminal or terrorist groups for their own purposes. During a Congressional hearing with the Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies on May 8, 2014, it was said that a malicious individual armed with what is called an “EMP suitcase” could disable the grid of a major city if the perpetrator knew the location of a main plant or transformer farm that routes electricity to the area.[18] The EMP suitcase is a type of NNEMP and can be effective if the individual or team of individuals using these devices are skilled operators.

Threat actors (especially non-state actors such as ISIS) seeking to execute this sort of attack can create their own IEMI devices.[19] The relevant components are inexpensive, and such devices are easy to build. According to the Congressional Research Service’s final deliverable in 2008, a short range, small scale device could be created for less than $2,000.[20] The material to create the device is also easily found and is commercially available.[21] Although the device has a much smaller range than a HEMP, if one were to be used in Times Square in New York City, the results could be deadly and the psychological effects would be profound. Such an attack is very possible as demonstrated by the recent explosion of a handmade bomb in New York City on 17 September 2016.[22] As terrorists become more resourceful, the threat from a small scale IEMI device has become a major cause for concern.

The effects of large-scale man-made electromagnetic disturbances have previously been demonstrated by nuclear weapons testing on Johnston Island in the Pacific Ocean. The Starfish Prime nuclear tests occurred on the unincorporated U.S. territory of Johnston Island. The tests, conducted on 9 July 1962, were part of a series of “high-altitude nuclear bomb tests” used to gather information about EMP effects by the United States.[23] The nuclear warhead used at the time was equivalent to “1.4 million tons of TNT exploding”.[24] Following a blast of this magnitude, electrons quickly move away from the area of the blast, and are deflected by the Earth’s magnetic field, creating an electromagnetic pulse.[25] The effects of the explosion were immediate and led to effects from the EMP being felt hundreds of kilometers away in Hawaii, where it caused the blackout of “…hundreds of streetlights, and caused widespread telephone outages…other effects included electrical surges on airplanes and radio blackouts.”[26] The radiation’s effects in the atmosphere were long-lasting and damaged several space satellites.[27] A weapon of similar size to the Johnston Island tester could cause even more damage if detonated above populated areas like New York City or Washington DC.

 

Naturally-Occurring Electromagnetic Threats

The grid faces not just manmade, but also natural threats.  Random solar flares, can lead to rapid and drastic changes in the Earth’s magnetic field through the ejection of solar coronal mass, and these geomagnetic storms can induce impulsive currents in bulk power systems around the globe; the sequence of events caused by geomagnetic storms has been thoroughly documented and studied. These currents, referred to as geo-magnetically induced currents (GICs), can be large enough to disrupt normal operation and possibly damage or destroy portions of bulk power systems.

We will consider three types of geomagnetic solar storms in this section: auroral electrojets, coronal hole disturbances, and sudden storm commencement (SSC) events. Each can impact different portions of the globe, as well as different components of the nation’s electric grid.

Auroral Electrojets originate in the Earth’s ionosphere, which is an electrically conductive atmospheric layer situated in altitudes from 40 miles above the Earth’s surface.[28] More specifically, auroral electrojets originate in the two lowest of the three regions of the ionosphere: D and E.[29] Most activity in the D region (in the form of radio wave absorption) occurs during the day, with the region disappearing during evening hours.[30] The E region follows the same temporal pattern, yet absorbs x-rays.[31] In the D and E regions, electrojets are produced by horizontal electric fields, which can be extremely destructive.[32] Importantly, it should be noted that these electric fields and the associated conductivity of the ionosphere are strongest and most prevalent at higher latitudes[33], making the Northern Hemisphere particularly susceptible to this type of solar storm. One effect of such storms is visible to the naked eye in the form of the Aurora northern lights. The storms can last several hours to several days; the Carrington events of 1859, for example, impacted telegraphic systems over a period of 12 days.[34] Pipelines and similar infrastructure may also be affected.[35]

The Sun’s corona (as with other stars) is a layer of plasma material that surrounds the Sun.[36] Coronal Hole disturbances form when movement of low density sun plasma creates gaps in the coronal layer.[37] Unlike the rest of the sun, magnetic fields originating from coronal holes leave the Sun’s surface in a “high speed solar wind stream”[38] and extend into outer space, where they may come into contact with Earth and create fairly severe geomagnetic solar storms.[39]

Lastly, perhaps the least understood type of geomagnetic disturbance is referred to as a Sudden Storm Commencement. There is some debate in the scientific community regarding the classification of these events. Some believe that SSCs are merely the beginning phase of a larger geomagnetic event, while others believe SSCs should be denoted separately, as they are not always followed by a larger solar storm.[40] Currently, the accepted classification of SSCs dictates that a SSC solar event occurs due to a sharp change in the vertical component of the Sun’s magnetic field,[41] due to “a sudden increase of … solar wind dynamic pressure.”[42] Such storms do not affect any single portion of the Earth; instead, every part of the globe is susceptible to SSCs.[43] SSCs, even of brief durations, have been suggested to cause transformer failures.[44]

The most widely regarded modern example of a natural geomagnetic disturbance was one that caused a shutdown of a Quebec Hydro Plant. It involved a moderate amplitude GMD that caused the regional grid to shut down within 2 minutes, resulting in power outages to 6 million customers for approximately 9 hours.[45] Another less well-known incident in 2012 involved a massive solar storm that missed the earth by a week.[46] The storm would have created electronic disruption effects similar to or perhaps even larger than the Carrington Event of 1859, causing blackouts on a large scale.[47]

 

Threats to Structural Integrity

Power and utility companies spend a great deal of their time on guard against any and all cyber intrusions to the electrical grid. This is an important task, but it also may divert their attention away from attacks on the physical structure of the grid itself that can result in power outages of a similar duration.[48] Recent attacks on transmission stations and other parts of the electrical infrastructure make it imperative that our grid be updated to withstand attacks from physical destruction. At present, the grid and its structures are outmoded and so prone to damage that even squirrels can take down an entire electrical line by nibbling the wires. Due to the fact that many of the cables are above ground, they are highly susceptible to damage from extreme weather conditions, threat actors (who need little technical know-how to inflict damage), and animals, creating a high risk of power disruption. Physical destruction of substations, especially those containing large transformers, can result in electricity outages over wide areas lasting from one month to over a year.[49]

Security at electrical substations tends to be very limited and unsophisticated. A coordinated attack on multiple substations could accordingly cause a large-scale blackout. An article from the Wall Street Journal regarding the coordinated assault on Metcalf substation discusses the incredibly limited security measures that many electrical substations tend to possess. Indeed, most stations have little beyond cameras (which may not be consistently monitored) and barriers as basic as a chain link fence.[50] Such limited monitoring and security makes the need to upgrade the grid even more imperative.

The most notable past incident involving an attack on physical grid infrastructure was the Metcalf substation attack on April 16th 2013.[51] This incident was executed by a small group of individuals armed with long range rifles and an impressive degree of advanced preparation. The operation began at 1AM when the attackers cut telephone cables to prevent raising an alarm.[52] The attackers appeared to have done a great deal of preparation before conducting the attack. A small pile of rocks left near certain areas of the substation seemed to serve as indicators of where fellow attackers should take their shots in order to effectively cause a shut down.[53] The attackers then started to fire on these locations, causing significant damage.[54] The individuals responsible for the attack have never been caught.

The Metcalf incident was referred to by former Chairman of the Federal Energy Regulatory Commission Jon Wellingnoff as “the most significant incident of domestic terrorism involving the grid that has ever occurred”.[55] There is reason to believe that an attack on the components targeted in this incident could have resulted in prolonged blackouts ranging from months to years; again, due to the difficulty to replace and build more transformers.[56] The attack, aimed at a station that routes power to Silicon Valley, also makes clear how realistic the possibility is of a mass blackout in one of the nation’s economic powerhouses, something that could do massive economic damage to the nation.[57] The location of the Metcalf substation (in San Jose, California near the South Valley Freeway)[58] is also significant, and illustrates the all too common practice of placing substations in areas with low foot traffic and relatively little security (making them even more vulnerable to attack by cover of night).

In addition to domestic threat actors, foreign terrorists are interested in attacking electrical grids. According to the Wall Street Journal the Electric Power Research Institute found that, “overseas, terrorist organizations were linked to 2,500 attacks on transmission lines or towers and at least 500 on substations from 1996 to 2006.”[59] Alarmingly, terrorists are very much aware of grid vulnerabilities in target nations and considering the low-level of skill required to carry out an attack similar to the Metcalf incident, there is reason for concern. Analysis by the Wall Street Journal found that there had been 274 incidents of intentional damage done to the grid by individuals in the three years prior to 2014.[60] Threats to the structural integrity of the grid are very real and require little beyond preliminary surveillance and planning. A threat actor need not be incredibly sophisticated or affiliated with any specific nation or non-state group; threats may emanate from disgruntled employees, eco-terrorists, or even simply bored hunters.[61] The extent of the threat and the simplicity in which to execute it make upgrades to the grid imperative and well overdue.

 

Cybersecurity

The current grid possesses minimal cybersecurity measures against hacking, and the system is still quite vulnerable to attacks. These types of attacks may vary, and in the grid’s current manifestation, are executable through a variety of different means. Indeed, there have been many cyber-attacks on grid infrastructure in recent years; the three major threat actors of note in this arena being Russia, North Korea, and Iran. All three countries have either committed acts of sabotage against the United States, or have shown that they have the capacity and intent to carry out these attacks. Non-state actors like ISIS and other terrorist groups, while not as immediate a threat as conventional state actors, have still shown that they intend to carry out attacks on the grid through cyber sabotage.[62] At present, conventional state actors are likely the most probable culprits for attacks on the U.S. electrical grid. However, given the long lead time required to secure and upgrade the U.S. grid, there is ample time for independent threat actors to develop–or hire or purchase–sophisticated cyber capability.[63]

Electrical companies are inundated with new and evolving cyber threats every day. Indeed, according to U.S. News and World Report, there has been a major spike in cyber-attacks on energy and electrical utility companies in recent years.[64] In fact, of the 150 employees at various companies surveyed, more than 75 percent said that there had been at least one “successful attack”, meaning that hackers were able to breach at least one of the company’s firewalls.[65] Although, few, if any have been able to affect the actual Operational Technology (OT) network of the respective systems, the number of attacks is still substantial and could eventually breach the OT network, leading to attacks that could affect both monitoring and control systems of the electric grid.[66] Attacks can be executed in a variety of ways. For example, attacks can come in the form of the insertion of new code into an existing system to cause a disturbance, or as manipulation attacks.[67] Other common examples include denial of service, rerouting of power, and tampering with temperature controls.[68] All could possibly lead to a brownout or blackout situation.[69]

Russia appears to have the capability to use cyber-attacks on electrical systems as a means of political leverage and tactical advantage. The Russian annexation of Crimea and its rather aggressive dealings with Ukraine have been a focal point of U.S. and Russian foreign policy. Particularly noteworthy is Russia’s likely involvement in the hacking of the Ukrainian electrical grid in December 2015 and again in December 2016.[70] The hacks shut down portions of Ukrainian electrical infrastructure and left hundreds of thousands without power.[71] The Ukrainian attacks were possibly used to gain tactical advantage over the country by Russia.

North Korea illustrated its ability to execute cyber-attacks during the Sony Pictures hack of 2014. Although the North Koreans did not fully admit to being behind the hacking, there is evidence suggesting that the DPRK’s Unit 121 was the force that led the attack.[72] Unit 121 is the cyber warfare component of the Korean People’s Army.[73]  Mr. Kim Heung-Gwang, a professor at North Korea’s Hamhung University of Computer Technology, told the Washington Times that “North Korean hackers are targeting nuclear power plants, transportation networks, electrical utilities and all major government organizations abroad…”.[74] Mr. Heung-Gwang’s remarks show that the North Koreans appear to be actively interested in sabotaging electrical utilities and by extension, the grid. It should be noted that North Korea’s closest allies are fellow rogue states Iran and Syria, who they regard as confidants due to their mutual opposition to the United States.[75]

Iranian and U.S. relations have rested on very fragile foundations for some time. Both states have actively used cyber sabotage against one another and diplomatic relations are still strained following the Iran Nuclear Deal carried out during the Obama Administration. A cyber intrusion of particular importance occurred in 2013, when Iranian hackers gained access to the back-office systems of the Bowman Avenue Dam, 30 miles north of New York City.[76] Although, the intrusion was not substantial, it illustrated the ability of external actors to gain access to critical infrastructure, an issue of growing concern to policy makers. Earlier in 2013 and 2014, the hackers in question also executed denial-of-service attacks against major U.S. banks such as J.P. Morgan and Wells Fargo.[77] Cyber-attacks such as this can cause major economic interruptions and loss of money. A grand jury in the Southern District of New York ruled that both intrusions were committed by Iranian nationals who were “…manager[s] or employee[s] of ITSecTeam or Mersad, private security computer companies based in the Islamic Republic of Iran that performed work on behalf of the Iranian Government, including the Islamic Revolutionary Guard Corps.”[78] This shows that not only are these attacks essentially state sanctioned, but that they can do immediate damage to the U.S. economy and its people.

Modern cyber-attacks can be inflicted on the SCADA systems which are the Industrial Control Systems (ICS) that operate the grid. For our purposes, there are three main security concerns that are associated with SCADA systems. One problem is policy and procedure vulnerabilities (holes in security that can be exploited by an external source). According to the Public Interest Energy Research Group (PIER), these usually are caused by a “lack of security audits, disaster recovery plan etc”.[79] Another concern is platform configuration vulnerabilities (involving inadequate upkeep of effective password policies and ineffective security patch policies).[80] Yet another is platform software vulnerabilities (i.e. the lack of intrusion detection and prevention software as well as an absence of malware protection software).[81]

Other notable types of vulnerabilities can allow the hacker to take large-scale control over many different components within the SCADA system. Network configuration vulnerabilities, for example, are weaknesses in the security of the system’s network architecture (in other words, effective data control is not applied).[82] Network perimeter vulnerabilities, or weaknesses in network security architecture in the form of a lack of firewalls or segmented architecture, can lead to insecure connections with outside sources that can exacerbate or lead to more system problems.[83] Finally, network communication vulnerabilities are the broad holes that exist in the communication architecture of a SCADA system, allowing an attacker access to sensitive components.[84]

Attacks that impact grid network architecture itself are also of concern. According to PIER, “network architecture design is critical in offering the appropriate amount of segmentation between the Internet, the company’s corporate network, and the SCADA network”.[85] In the context of the NAS, the “company’s corporate network” is the utility company, providing electricity through the Supergrid. When discussing network configuration vulnerabilities, the primary concern is that server connections may not be protected by firewalls when contacting corporate partners and other outside sources. This connection can then become insecure, leaving a backdoor open for potential adversaries to take advantage of when given the chance. Moreover, a lack of firewalls within a company’s segmented network architecture can lead to openings that can be exploited as well. Such issues can lead to concern regarding network perimeter vulnerabilities. Without protective mechanisms like firewalls and proper network configuration, SCADA systems can be left open to attacks from worms, viruses, and hackers.[86] Indeed, network connections provided over wireless system architecture are especially vulnerable to attack. Despite this, many control systems (and many SCADA systems) make use of WIFI, exacerbating security and system recovery issues.[87] Network communication vulnerabilities primarily involve threats to the system’s security protocols.[88] For our purposes, inter-connected systems such as the Distributed Network Protocol Version 3.3 (DNP3) are of the most importance for evaluation. [89]

DNP3 systems are designed to make it easier for macro system architecture to communicate with smaller units like Regional Transmission Units. However, interoperability at this level comes with risk. Threat actors can initiate cyber-attacks in the form of “Length Overflow and DFC [(Device Fence Control)] Flag Attacks”, “Reset and Unavailable” function attacks, and “Outstation Data Resets”.[90] Length Overflow and DFC Flag Attacks insert data into the length field, which can cause outstations to receive a false message that causes it to shut down.[91] The “Reset and Unavailable” function allow an attacker to take control of an outstation, allowing them to reset it or deactivate it for an extended period.[92] An “Outstation Data Reset” falls under the same category, and can cause an outstation to suddenly become inactive and inoperable.[93]

The last major type of attack that the NAS should be defended against is an Advanced Persistent Threat (APT) attack, a method of cyber-attack where the threat actors (which could be a nation-state or other nefarious individual) monitor and target a component of the transmission architecture over an extended period.[94] The attack on Ukraine’s electric grid could be categorized as an APT, considering that the initial infiltration occurred 9 months before the grid system blackout.[95] But APTs are executable through any system equipped with network capabilities. This type of attack is typically used for intelligence gathering rather than for outright exploitation and sabotage.[96] However, it could serve as a prelude to a larger cyber assault. Hackers could theoretically use APT methods to monitor the operations side of the system, keeping a low profile as they search for ways to breach security protocols in the Operations Technology area of the grid system.[97] Strategies for mitigating the threat from APT do exist (such as daily password randomization), and measures for preventing these types of attacks will be put in place in the new grid.

Coordinated assaults where actors attack both the physical and cyber components of the grid are becoming a major cause for concern.[98] An intelligent attack of this sort could cause devastating damage to the grid, especially if inflicted on multiple major transmission sources at once. The updates proposed in this brief should help in alleviating these concerns. However, cyber threats evolve every day and utility operators and policy makers must remain vigilant in their surveillance of these systems.

 

Mitigation of Threats by HVDC Cable Construction

The North American Supergrid will utilize shielded HVDC cables, which contain a metallic sheath between insulation layers that acts as an absorbent for excess charge that may come into contact with a cable during an EMP or GMD event.[99] Since currents and voltages from electromagnetic disturbances can be extreme and destructive, the outer screen of shielded cables in the proposed system could be physically “broken” at regular intervals to limit the induced currents. At these break points, one end of the electrically isolated cable screen section is grounded to the soil to provide an alternate path away from the center conductor for the EMP-induced current. The impulsive nature of EMP causes currents induced on the outer screen to couple energy into the center utility load-bearing conductor of the HVDC cable.[100] How much energy of the EMP wave is coupled into the center conductor is a complicated function of the EMP wave-shape and its angle of arrival, soil conductivity and burial depth, cable geometry and the length of the section of outer screen.[101][102] The interval placement of the grounding arrangements is dependent on the soil conductivity and the effectiveness of the EMP suppression that is desired. Since these grounds are only effective during an extraordinary EMP event, they would not need to be on the scale of those designed for continuous use in a unipolar ground-return type system. Ultimately, rolling blackouts due to cable malfunction or transformer explosions can be avoided or lessened if these steps are followed.

Similarly, some cross-linked polyethylene (XLPE) HVDC cables, such as those which will be utilized in this system, can also contain a tamper resistant outer shell, which can prevent accidental or malicious tampering incidents with little upkeep.[103] This thermoset resin can withstand abrasions as well as contact with extreme temperatures, moisture, and most chemical compounds without losing rigidity.[104] Since cables will be placed underground, this casing will provide a crucial first line of defense against tampering or naturally caused abrasions. This will be installed along with the cable itself for no additional cost.

 

Mitigation of Threats by Federal Oversight and Software Monitoring Systems

The North American Supergrid will require cooperation between federal, state, private, and likely local entities if it is to be effective. Regional counterparts would continue to monitor the various sections of the existing grid. However, a group within the Federal Energy Regulatory Commission (FERC) should play a role in overseeing the bulk monitoring of the NAS overlay. As illustrated by the Defense Science Board’s 2017 paper concerning the Task Force on Cyber Deterrence, mitigation of cyber threats at the federal level is already occurring.[105] However, the Department of Homeland Security (DHS), Department of Energy (DOE), and utilities should increase their information sharing between one another so as to ensure an effective and unified response to any and all attacks on the NAS.[106] Moreover “…data definitions, databases, and communication protocols…” need to be standardized within the entirety of the grid system to prevent confusion.[107] Currently, the grid is too disconnected to effectively manage its many components. The North American Supergrid would allow for a coordinated cyber security partnership that would be resilient against manipulation attacks as well as other types of cyber threats.

On the most basic level, the cornerstone of effective cybersecurity is the proper conduct of the employees who directly interact with the system. Employees in charge of monitoring the electricity transmission process must be thoroughly vetted to ensure that they are not a security liability. This process should include thorough background checks for all employees, with strict punishments in place should an employee knowingly allow a hacker into the system. Leaders of regional teams should also be well-versed in cyber security threats and the measures currently in place to guard against said threats. Employees should also have specialized training with a focus on pertinent threats and be encouraged to think creatively. Finally, access to the physical control center of the transmission substations should be limited to one or few employees to decrease the likelihood of a security incident.[108]

The intelligence community (IC) should also play a vital role in the development of the North American Supergrid security mechanisms. It is imperative that the IC remains well connected with like-minded professionals and seeks help from cyber security experts and companies in monitoring threats to the grid.[109] Utility companies are ill-equipped to deal with cyber threats as they increase in seriousness because of differences in the utility ICS architecture across companies.[110] As such, utilities cannot be expected to handle the problem on their own.[111] The IC should help the DOE and DHS in standardizing data definitions, databases, and communication protocols so as to enable an effective response to evolving cyber threats.[112] Standards derived from the North American Electric Reliability Corporation’s Critical Infrastructure Protection (or NERC CIP) plan should continue to be used, and continuously updated to remain in line with the newest security advancements. However, as underlined in the National Association of Regulatory Utility Commissioners (NARUC) report on cybersecurity issues concerning the grid, utilities must also continuously take part in “risk assessment” to effectively combat cybersecurity threats.[113] Moreover, there should be a sustained recruitment campaign to procure exceptional talent in the field of cyber security into the IC.[114] Furthermore, red team scenarios involving the creation of novel ways to attack the grid using hacking should be designed and undertaken on a regular basis (perhaps even more so than the GridEx exercise that is currently only held every two years). Cybersecurity experts should be used continuously as the members of the red team. This activity will ensure that the grid is up to date and prepared for attacks. However, regardless of preparations we cannot possibly account for every single vulnerability. The IC should remain diligent in keeping information concerning grid vulnerabilities confidential and limited to people immediately involved in its upkeep.

The North American Supergrid will also feature secure firewalls to protect against attacks within the network system infrastructure itself. Moreover, utility companies in each of the Regional Transmisson Organizations (RTOs) must have experts on hand to monitor the system at all times in order to make certain that the system is monitored for any of the above attacks against inter-connected systems like the DNP3 protocol system. Connections to outside sources should require that the other entities or individuals make use of a password to engage in the trade of information. Internet used for major SCADA networks and systems should be provided via wired connection only to avoid security issues associated with WIFI. Indeed, WIFI security issues are serious, especially if the network employs a simple password or none at all. Researchers at Kaspersky Labs and elsewhere have found that, without such safeguards, a hacker can disguise himself as the WIFI hotspot, giving access to all information that is being sent over the network.[115]

A secured gateway to the electrical system to protect the grid from malware should also be ensured to further aid the utilities in proper monitoring of the system. The gateway is the parameter through which messages are given to and received by the control room of the utility company.[116] If attackers were to exploit this flaw they would “…have the ability to directly manipulate all communications to and from the substation.”[117]  This would allow attackers to have direct control over any Transmission SCADA (T-SCADA)/Energy Management Systems (EMS) systems the substation is connected to at the time.  This is a substantial vulnerability that must be removed,[118] since T-SCADA/EMS systems regulate energy transmission for utilization in substations and lines[119] and are in charge of preventing load overload and other electrical line problems.[120] To protect against this threat, the grid must be monitored 24/7 and staffed by alternating individuals to reduce the chance of any employee being susceptible to coercion or threats.

To be applied in conjunction with improvements to the SCADA and ICS system, a fault detection system should also be implemented. Faults, or electrical-flow failures that occur within the grid, may arise from a variety of causes throughout the system. The detection and clearance of faults is important for safe and optimal operation of any HVDC system. If a power line goes down or short circuits, the new grid system will be able to detect these faults before they can affect the macro system. This would reduce or eliminate the chance of a power outage by notifying a utility that a fault has occurred and, consequently, would allow for an affected substation to be isolated before it can affect the rest of the system. There are three main techniques for identifying and detecting potential system faults in so-called “hybrid” HVDC systems (in which AC distribution is linked with DC transmission). The fuzzy logic method is the strongest detection system of the three, as it is based on human reasoning. This means that the variables used in this case are words rather than numbers. The fuzzy logic method does not require an iteration process, and studies have proven that either AC and DC faults can be detected in a HVDC system. It is a rule-based approach where a set of rules represent decision making, making it the most comprehensive fault detection choice for the NAS. The model used in this report[121] considers two AC voltage sources with the same specifications are interconnected by a HVDC cable. Following this structure, different faults can be produced in the two AC sides of the HVDC system, and in the DC link itself. When analyzing only one side, five faults can be considered. However, for mathematical purposes, the normal operation of the HVDC system is considered a sixth fault.

This survey of the different faults that can occur in the HVDC systems[122] makes clear that multiple lines of the same configuration can be affected by the same type of fault. It is accordingly necessary to implement a detection system which considers this and other issues. In total, ten faults in the AC left side of the system can be found, and another ten in the AC right side. Along with the DC fault, the whole HVDC system presents 21 types of faults.[123] Unlike the analysis performed for 6 electrical faults, a twenty-one-fault detection system will require data from both AC sides of the HVDC system, since a fault can occur at any point. The healthy condition for the system occurs when all the output values are nulI. All the outputs will be zero except for the DC output in the case of a DC fault. By implementing a detection system that will not produce a rigid binary output, a wider net can be cast to detect and eliminate more types of faults that may be present in the NAS’s hybrid electric system. Regardless of where a fault originates, having the tools to quarantine problem areas will contribute to both reliability and resilience.

 

Concluding Thoughts

The North American Supergrid presents a new and innovative way of securing our nation’s future. While ambitious, the security updates contained in this report are not without precedent. Federal Agencies such as the DOE and DHS have already conducted substantial amounts of research on the updates being proposed, and Congress has also shown great interest in updating the grid to withstand threats from outside hostile actors. Additionally, the Trump Administration has stated its intent to overhaul electrical infrastructure, and the North American Supergrid Initiative offers an affordable and effective proposal for doing so.

The innovations suggested in this report allow the U.S. to lower electrical costs, increase penetration of multiple types of electrical sources (including renewable electric sources), and strengthen national security. In this way, the North American Supergrid will help the U.S. elevate itself as the leader and torchbearer for grid security.

 

Citations

[1] “An Introduction to Nuclear Electromagnetic Pulse.” Future Science, LLC, accessed on 13 November 2017, http://www.futurescience.com/emp.html.

[2] Savage, Edward, James Gilbert, William Radasky. The Early-Time (E1) High-Altitude Electromagnetic Pulse (HEMP) and Its Impact on the U.S. Power Grid. Oak Ridge, Tennessee: Oak Ridge National Laboratory, January 2010. p. 7-1 and 7-2.

[3] National Academies of Sciences, Engineering, and Medicine. Enhancing the Resilience of the Nation’s Electricity System. (Washington, DC: The National Academies Press, 2017). https://doi.org/10.17226/24836. p. 3-17

[4] “An Introduction to Nuclear Electromagnetic Pulse.” Future Science, LLC, accessed on 13 November 2017, http://www.futurescience.com/emp.html.

[5] Savage, Edward, James Gilbert, William Radasky. The Early-Time (E1) High-Altitude Electromagnetic Pulse (HEMP) and Its Impact on the U.S. Power Grid. Oak Ridge, Tennessee: Oak Ridge National Laboratory, January 2010. P. 7-7.

[6] Ibid. p. 8-2.

[7] Foster, Dr. John S, Earle Gjelde, William R. Graham, Dr. Robert J. Hermann, Henry (Hank) M. Kluepfel, Gen. Richard L. Lawson, Dr. Gordon K Soper, Dr. Lowell L. Wood Jr., Dr. Joan B. Woodard. Report of the Commission to Assess the Threat to the United States of Electromagnetic Pulse (EMP) Attack: Critical National Infrastructures. McLean, Virginia: Electromagnetic Pulse Commission, April 2008. P. vi.

[8] Ibid.

[9] The U.S. Department of Energy. Strategic Transformer Reserve: Report to Congress. Washington, D.C.: United States Department of Energy, March  2017. p. v.

[10] Peter Vincent Pry. “PRY: North Korea EMP attack could destroy U.S. — now.” The Washington Times, 19 December 2012, http://www.washingtontimes.com/news/2012/dec/19/north-korea-emp-attack-could-destroy-us-now/ .

[11] Choe Sang-Hun. “U.S. Confirms North Korea Fired Intercontinental Ballistic Missile.”

The New York Times, 4 July 2017. https://www.nytimes.com/2017/07/04/world/asia/north-korea-missile-test-icbm.html .

[12] Al Jazeera and News Agencies. “North Korea fires ballistic missile over Japan”. Al Jazeera, 15 September 2017. http://www.aljazeera.com/news/2017/09/north-korea-fires-missile-japan-170914221944101.html.

[13] R. James Woolsey, William R. Graham, Henry F. Cooper, Fritz Ermarth, and Peter Vincent Pry. “Underestimating Nuclear Missile Threats from North Korea and Iran.” The National Review, 12 February 2016. http://www.nationalreview.com/article/431206/iran-north-korea-nuclear.

[14] “Japan’s Secret WWII Weapon: Balloon Bombs.” National Geographic. 27 May 2013, http://news.nationalgeographic.com/news/2013/05/130527-map-video-balloon-bomb-wwii-japanese-air-current-jet-stream/.

[15] Ibid.

[16] Peter Vincent Pry. “North Korea, the real threat.” The Washington Times, 14 February 2017. http://www.washingtontimes.com/news/2017/feb/14/north-korea-missile-strike-remains-a-real-threat/.

[17] William Radasky. “HEMP, IEMI, and Severe Geomagnetic Storms on Critical Infrastructures.” Presentation for IEEE EMC Santa Clara Valley Chapter, Santa Clara Valley, CA, January 2011. http://www.scvemc.org/archive/012011WilliamRadasky.pdf. Slide 37.

[18] “Electromagnetic Pulse (EMP): Threat to Critical Infrastructure: Hearing Before the Subcommittee on Cybersecurity, Infrastructure Protection,

And Security Technologies of the Committee on Homeland Security House of Representatives, 113th Cong. p. 17 (2014) (statement of Peter Vincent Pry, member of the Congressional EMP Commission). https://www.gpo.gov/fdsys/pkg/CHRG-113hhrg89763/pdf/CHRG-113hhrg89763.pdf.

[19] Ibid. p. 17.

[20] Wilson, Clay, High Altitude Electromagnetic Pulse (HEMP) and High Power Microwave (HPM) Devices: Threat Assessments, (Washington, D.C., Congressional Research Service 2008). p.21.

[21] Ibid.

[22] Mallory Simon and Tim Hume. “New York explosion that injured 29 was ‘intentional act,’ mayor says.” CNN.com, 18 September 2016. http://www.cnn.com/2016/09/17/us/new-york-explosion/.

[23]The 50th anniversary of Starfish Prime: the nuke that shook the world.” Discover Magazine. 9 July 2012. http://blogs.discovermagazine.com/badastronomy/2012/07/09/the-50th-anniversary-of-starfish-prime-the-nuke-that-shook-the-world/#.WCI05NwsHR0

[24] Ibid.

[25]The 50th anniversary of Starfish Prime: the nuke that shook the world.” Discover Magazine. 9 July 2012. http://blogs.discovermagazine.com/badastronomy/2012/07/09/the-50th-anniversary-of-starfish-prime-the-nuke-that-shook-the-world/#.WCI05NwsHR0

[26] Ibid.

[27]The 50th anniversary of Starfish Prime: the nuke that shook the world.” Discover Magazine. 9 July 2012. http://blogs.discovermagazine.com/badastronomy/2012/07/09/the-50th-anniversary-of-starfish-prime-the-nuke-that-shook-the-world/#.WCI05NwsHR0

[28] “Ionosphere.” World of Earth Science, 2003. http://www.encyclopedia.com/earth-and-environment/atmosphere-and-weather/atmospheric-and-space-sciences-atmosphere/ionosphere.

[29] Ibid.

[30] “Ionosphere.” World of Earth Science, 2003. http://www.encyclopedia.com/earth-and-environment/atmosphere-and-weather/atmospheric-and-space-sciences-atmosphere/ionosphere.

[31] Ibid.

[32] Hysell, D. L., J. L. Chau, and C. G. Fesen, Effects of large horizontal winds on the equatorial electrojet, J. Geophys. Res., 107(A8), doi:10.1029/2001JA000217, 2002. p. 27-1.

[33] “Ionosphere.” World of Earth Science, 2003. http://www.encyclopedia.com/earth-and-environment/atmosphere-and-weather/atmospheric-and-space-sciences-atmosphere/ionosphere.

[34] Green, James, and Scott Boardsen. “Duration and extent of the great auroral storm of 1859.” Advances in Space Research 38, no. 2 (2006): 130-35. doi: 10.1016/j.asr.2005.08.054. p. 1.

[35] “Space Weather: Sunspots, Solar Flares & Coronal Mass Ejections” Reference, Space.com, last modified March 16, 2017, http://www.space.com/11506-space-weather-sunspots-solar-flares-coronal-mass-ejections.html.

[36] Ibid.

[37]  “Space Weather: Sunspots, Solar Flares & Coronal Mass Ejections” Reference, Space.com, last modified March 16, 2017, http://www.space.com/11506-space-weather-sunspots-solar-flares-coronal-mass-ejections.html

[38] “Coronal Hole Front and Center.” NASA, last modified October 14, 2015, https://www.nasa.gov/image-feature/goddard/coronal-hole-front-and-center.

[39] Ibid.

[40] J.J. Curto, T. Araki, and L. F. Alberca. “Evolution of the concept of Sudden Storm Commencements and their operative identification.” Earth Planets Space 59, no. 11 (November 2007): I-Xii. doi:10.1186/bf03352059. P. i.

[41] “Geomagnetic Sudden Commencements.” IAGA, Kevin Ivory, last modified April 29, 1997. http://wwwuser.gwdg.de/~rhennin/ssc.html.

[42] J.J. Curto, T. Araki, and L. F. Alberca. “Evolution of the concept of Sudden Storm Commencements and their operative identification.” Earth Planets Space 59, no. 11 (November 2007): I-Xii. doi:10.1186/bf03352059. P. ii.

[43] “Geomagnetic Storms.” INGV, Instituto Nazionale di Geofisica e vulcanologia, accessed on 12 November 2017. https://www.oa-roma.inaf.it/cvs/tempeste_ev.html.

[44] Kappenman, John. Geomagnetic Storms and Their Impacts on the U.S. Power Grid. Goleta, CA: Oak Ridge National Laboratory, January 2010. p. 4-7.

[45] Government Accountability Office, CRITICAL INFRASTRUCTURE PROTECTION: Federal Agencies Have Taken Actionsto Address Electromagnetic Risks, but Opportunities Exist to Further Assess Risks and Strengthen Collaboration, GAO-16-243 (Washington, D.C. : March 2016) p. 8.

[46] Near Miss: The Solar Superstorm of July 2012. NASA, 23 July 2012. https://science.nasa.gov/science-news/science-at-nasa/2014/23jul_superstorm/.

[47] Ibid.

[48] Rebecca Smith. “Assault on California Power Station Raises Alarm on Potential for Terrorism” The Wall Street Journal. 5 February 2014. http://www.wsj.com/articles/SB10001424052702304851104579359141941621778.

[49] Ibid.

[50] Rebecca Smith. “Assault on California Power Station Raises Alarm on Potential for Terrorism” The Wall Street Journal. 5 February 2014. http://www.wsj.com/articles/SB10001424052702304851104579359141941621778.

[51] Ibid.

[52] Rebecca Smith. “Assault on California Power Station Raises Alarm on Potential for Terrorism” The Wall Street Journal. 5 February 2014. http://www.wsj.com/articles/SB10001424052702304851104579359141941621778.

[53] Ibid.

[54] Rebecca Smith. “Assault on California Power Station Raises Alarm on Potential for Terrorism” The Wall Street Journal. 5 February 2014. http://www.wsj.com/articles/SB10001424052702304851104579359141941621778.

[55] Ibid.

[56] U.S. Department of Energy, Large Power Transformers and the U.S. Electrical Grid (Washington, D.C.: Infrastructure Security and Energy Restoration Office of Electricity Delivery and Energy Reliability, 2012). p. 31.

[57] Jose Pagliery. “Sniper attack on California power grid may have been ‘an insider,’ DHS says” CNN. 17 October 2015. http://money.cnn.com/2015/10/16/technology/sniper-power-grid/index.html.

[58] Rebecca Smith. “Assault on California Power Station Raises Alarm on Potential for Terrorism” The Wall Street Journal. 5 February 2014. http://www.wsj.com/articles/SB10001424052702304851104579359141941621778.

[59] Ibid.

[60] Rebecca Smith. “Assault on California Power Station Raises Alarm on Potential for Terrorism” The Wall Street Journal. 5 February 2014. http://www.wsj.com/articles/SB10001424052702304851104579359141941621778.

[61] Ibid.

[62] Jose, Pagliery. “ISIS is attacking the U.S. energy grid (and failing).” 16 October 2015. http://money.cnn.com/2015/10/15/technology/isis-energy-grid/index.html.

[63] Ibid.

[64] Cyberattacks Surge on Energy Companies, Electric Grid. U.S. News and World Report, 8 April 2016. http://www.usnews.com/news/blogs/data-mine/2016/04/08/cyberattacks-surge-on-energy-companies-electric-grid.

[65] Ibid.

[66] National Academies of Sciences, Engineering, and Medicine. Enhancing the Resilience of the Nation’s Electricity System. (Washington, DC: The National Academies Press, 2017). https://doi.org/10.17226/24836. p. 4-24.

[67] Eric D. Knapp and Raj Samani, Applied Cyber Security and the Smart Grid (Syngress, 2013), <http://www.myilibrary.com?ID=472131> ( 22 November 2016). p. 60.

[68] Ibid.

[69] Eric D. Knapp and Raj Samani, Applied Cyber Security and the Smart Grid (Syngress, 2013), <http://www.myilibrary.com?ID=472131> ( 22 November 2016). p. 60.

[70] Natalia Zinets. “Ukraine hit by 6,500 hack attacks, sees Russian ‘cyberwar’.” Reuters. 29 December 2016. https://www.reuters.com/article/us-ukraine-crisis-cyber/ukraine-hit-by-6500-hack-attacks-sees-russian-cyberwar-idUSKBN14I1QC.

[71] Evan Perez. “First on CNN: U.S. investigators find proof of cyberattack on Ukraine power grid” CNN. 3 February 2016. http://www.cnn.com/2016/02/03/politics/cyberattack-ukraine-power-grid/

[72] Bill Gertz. “Defector: North Korean hackers threaten West”. The Washington Times. 4 March 2015. http://www.washingtontimes.com/news/2015/mar/4/inside-the-ring-north-korea-cybersecurity-hackers-/

[73] Ibid.

[74] Bill Gertz. “Defector: North Korean hackers threaten West”. The Washington Times. 4 March 2015. http://www.washingtontimes.com/news/2015/mar/4/inside-the-ring-north-korea-cybersecurity-hackers-/.

[75] Ibid.

[76] Evan Perez and Shimon Prokupecz. “U.S. charges Iranians for cyberattacks on banks, dam” CNN. 24 March 2016. http://www.cnn.com/2016/03/23/politics/iran-hackers-cyber-new-york-dam/

[77] Ibid.

[78] Evan Perez and Shimon Prokupecz. “U.S. charges Iranians for cyberattacks on banks, dam” CNN. 24 March 2016. http://www.cnn.com/2016/03/23/politics/iran-hackers-cyber-new-york-dam/

[79] Ghansah, Isaac. Smart Grid Security Potential Threats, Vulnerabilities and Risks. California Energy Commission, PIER Energy-Related Environmental Research Program. CEC-500-2012-047. p. 50.

[80] Ibid. p. 50.

[81] Ghansah, Isaac. Smart Grid Security Potential Threats, Vulnerabilities and Risks. California Energy Commission, PIER Energy-Related Environmental Research Program. CEC-500-2012-047. p. 50.

[82] Ibid. p. 50.

[83] Ghansah, Isaac. Smart Grid Security Potential Threats, Vulnerabilities and Risks. California Energy Commission, PIER Energy-Related Environmental Research Program. CEC-500-2012-047. p. 50.

[84] Ibid. p. 45-50.

[85] Ghansah, Isaac. Smart Grid Security Potential Threats, Vulnerabilities and Risks. California Energy Commission, PIER Energy-Related Environmental Research Program. CEC-500-2012-047. p. 47.

[86] Ibid. p. 47.

[87] National Academies of Sciences, Engineering, and Medicine. Enhancing the Resilience of the Nation’s Electricity System. (Washington, DC: The National Academies Press, 2017). https://doi.org/10.17226/24836. p. 4-23.

[88] Ghansah, Isaac. Smart Grid Security Potential Threats, Vulnerabilities and Risks. California Energy Commission, PIER Energy-Related Environmental Research Program. CEC-500-2012-047. p. 48.

[89] Elizabeth Weise. “Malware discovered that could threaten electric grid.” USA Today. 12 June 2017. https://www.usatoday.com/story/tech/news/2017/06/12/malware-discovered-could-threaten-electrical-grid/102775998/.

[90] Ghansah, Isaac. Smart Grid Security Potential Threats, Vulnerabilities and Risks. California Energy Commission, PIER Energy-Related Environmental Research Program. CEC-500-2012-047. p. 49.

[91] Ibid.

[92] Ghansah, Isaac. Smart Grid Security Potential Threats, Vulnerabilities and Risks. California Energy Commission, PIER Energy-Related Environmental Research Program. CEC-500-2012-047. p. 49.

[93] Ibid.

[94] Sorebo, Gib and Michael C. Echols. (2012). Smart Grid Security: An End to End View of Security in the New Electrical Grid. Boca Raton: CRC Press. p. 148.

[95] National Academies of Sciences, Engineering, and Medicine. Enhancing the Resilience of the Nation’s Electricity System. (Washington, DC: The National Academies Press, 2017). https://doi.org/10.17226/24836. p. 3-26.

[96] Symantec. Advanced Persistent Threats: A Symantec Perspective. (Mountain View, CA: Symantec World Headquarters, 2011). http://www.symantec.com/content/en/us/enterprise/white_papers/b-advanced_persistent_threats_WP_21215957.en-us.pdf. p.1.

[97] Edison Electric Institute. Frequently Asked Questions About Cybersecurity and the Electric Power Industry. (Washington, D.C.: Edison Electric Institute, October 2015). http://www.eei.org/issuesandpolicy/cybersecurity/Documents/Cybersecurity_FAQ.pdf. p. 2.

[98] National Academies of Sciences, Engineering, and Medicine. Enhancing the Resilience of the Nation’s Electricity System. (Washington, DC: The National Academies Press, 2017). https://doi.org/10.17226/24836. p. 3-22.

[99] Conrad L. Longmire, “On the Electromagnetic Pulse Produced by Nuclear Explosions”, IEEE Transactions of Antennas and Propagation, Vol. AP-26, No. 1, January 1978, pp 3–13.

[100] Savage, Edward, James Gilbert, William Radasky. The Early-Time (E1) High-Altitude Electromagnetic Pulse (HEMP) and Its Impact on the U.S. Power Grid. Oak Ridge, Tennessee: Oak Ridge National Laboratory, January 2010. P. 2-35.

[101] E. Petrache, et al.,”Lightning-induced currents in buried coaxial cables: A frequency-domain approach and its validation using rocket-triggered lightning”, Journal of Electrostatics, 65 (2007), pp 322–328.

[102] Sunitha K. and M. Joy Thomas, “HEMP Field Coupling With Buried Power Distribution Cables”, IEEE International Symposium on Electromagnetic Compatibility, EMC 2009, August 2009.

[103] Nigel Hampton, Rick Hartlein, Hakan Lennartsson, Harry Orton, Ram Ramachandran, Long-Life XLPE Insulated Power Cable, Accessed on 13 November 2017, http://www.neetrac.gatech.edu/publications/jicable07_C_5_1_5.pdf. p. 4.

[104] “Application of PEX/XLPE (Cross-Linked Polyethylene)” Performance Wire and Cable, accessed on 13 November 2017, https://www.performancewire.com/applications-of-pex-xlpe-cross-linked-polyethylene-cable/.

[105] Office of the Undersecretary of Defense for Acquisition, Technology, and Logistics. Defense Science Board: Task Force on Cyber Deterrence. (Washington, D.C.: Department of Defense, 2017). https://fas.org/irp/agency/dod/dsb/cyber-deter.pdf.

[106] National Academies of Sciences, Engineering, and Medicine. Enhancing the Resilience of the Nation’s Electricity System. (Washington, DC: The National Academies Press, 2017). https://doi.org/10.17226/24836. p. 3-22.

[107] Ibid. p. 4-36.

[108] Sorebo, Gib and Michael C. Echols. (2012). Smart Grid Security: An End to End View of Security in the New Electrical Grid. Boca Raton: CRC Press. p. 153.

[109] Office of the Undersecretary of Defense for Acquisition, Technology, and Logistics. Defense Science Board: Task Force on Cyber Deterrence. https://fas.org/irp/agency/dod/dsb/cyber-deter.pdf. p. 26.

[110] National Academies of Sciences, Engineering, and Medicine. Enhancing the Resilience of the Nation’s Electricity System. (Washington, DC: The National Academies Press, 2017). https://doi.org/10.17226/24836. p. 6-26.

[111] Ibid.

[112] National Academies of Sciences, Engineering, and Medicine. Enhancing the Resilience of the Nation’s Electricity System. (Washington, DC: The National Academies Press, 2017). https://doi.org/10.17226/24836. p. 4-37.

[113] National Association of Regulatory Utility Commissioners. Cyber Security: A Primer for State Utility Regulators. (Washington, D.C.: NARUC, 2017). https://pubs.naruc.org/pub/66D17AE4-A46F-B543-58EF-68B04E8B180F.  p. 11.

[114] Office of the Undersecretary of Defense for Acquisition, Technology, and Logistics. Defense Science Board: Task Force on Cyber Deterrence. https://fas.org/irp/agency/dod/dsb/cyber-deter.pdf. p. 25.

[115] Kaspersky Labs. How to Avoid Public Wifi Security Risks. (Woburn, MA: AO Kaspesky Labs, 2017). Retrieved from: https://usa.kaspersky.com/resource-center/preemptive-safety/public-wifi-risks.

[116] Eric D. Knapp and Raj Samani, Applied Cyber Security and the Smart Grid (Syngress, 2013), <http://www.myilibrary.com?ID=472131> ( 22 November 2016). p. 38.

[117] Ibid. p. 36.

[118] Eric D. Knapp and Raj Samani, Applied Cyber Security and the Smart Grid (Syngress, 2013), <http://www.myilibrary.com?ID=472131> ( 22 November 2016). p. 36.

[119] Ibid. p. 38.

[120] Eric D. Knapp and Raj Samani, Applied Cyber Security and the Smart Grid (Syngress, 2013), <http://www.myilibrary.com?ID=472131> ( 22 November 2016). p. 38.

[121] B. Paily, S. Kumaravel, M. Basu, and M. Conlon, “Fault analysis of vsc hvdc systems using fuzzy logic,” 2015 IEEE Int. Conf. Signal Process. Informatics, Commun. Energy Syst., 2015.

[122] A detailed description of the methodology used to explain the 6 and 21 fault detection systems outlined here is available from paper authors upon request.

[123] B. Paily, “HVDC Systems Fault Analysis Using Various Signal Processing Techniques Signal Processing Techniques to the Dublin Institute of Technology Dr Malabika Basu and Prof Michael Conlon,” 2015.