Energy and cyber security conference highlights grid weaknesses and solutions

There are two types of people in the U.S. One type has been hacked and they know it. The other type of person has been hacked and does not know it. “I would further postulate a third category: those who have been hacked, know it, but are in denial,” said John Juhasz in his opening remarks at the recent EnergyTech2015 conference. Juhasz was the conference chair and is the head of the International Council of System Engineers, the organizer of the cyber security and energy conference.

He went on to say that the stark reality is that we have all been hacked in some fashion or another and it will continue as a raging battle in our electronic age. “Whether it is cybercrime, espionage, or cyber warfare or hacktivism, these assaults will continue and the trends are not good. The number one target continues to be the USA, according to the website, hackmageddon.com,” said Juhasz.

The website says it has been compiling stats on the problem for more than five years. “The targets are not just individual but companies, institutions, public entities, enterprises of any size, private sector, as well as government,” he said.

What does all this have to do with an energy conference? “The sad reality is that cyber-attacks, which are often targeting energy-sector institutions, are just the tip of iceberg, and the enemies and adversaries of this country are relentless as they try to impose a death by a thousand cuts.” But there is more to worry about, he suggested. For instance, the attacks in Paris apparently caught a well-regarded intelligence service complete off guard. “There was no noise on the web, nothing on Twitter. So these attacks and our enemies are getting smarter and stealthier in their approaches.”

The threat spectrum to our aging grid is more severe and deadly today and includes cyber and physical assaults. Also, space-weather phenomena have come into the fore. NASA says space weather comes from sun-based storms that impact the Earth’s magnetosphere. The Agency says energy and radiation from solar flares and coronal mass ejections can create blackouts on Earth when solar storms cause surges in power grids.

Juhasz said the threats are aimed at critical infrastructure, the core of which is electrical power. “Energy is as vital to our modern economy as air is to living things. Across the globe, societies have made tremendous advances in technology, lifting many societies out of grinding poverty because of the availability of low cost, efficient power and energy. And with the advancements have come the development of new energy sources such as wind and solar power. But in spite of these innovations, we find ourselves in this high vulnerable and fragile state that seems one disaster away from serious consequences to our way of life. That sounds ominous, but it is fair to ask with all these technological advancements, how did we become a nation at risk?”

There are several theories. Juhasz proposed one that gets to the heart of the conference: that is while we as a nation have done a terrific job of engineering, innovating, and developing, “we have been abysmal at systems engineering,” he said.

What is the difference? Regular or classical engineering aims to get things to work, get something done quickly, efficiently at low cost, and with a focus on better, faster, and cheaper. “So entrepreneurs and innovators in this free-market system were rewarded for getting things to market quickly with the best features and at low cost. Considerations such as risk, reliability, survivability, and others were afterthoughts that someone else would worry about,” suggested Juhasz.

By contrast, he said, systems engineering focuses on meeting all stakeholder needs under a full set of conceivable scenarios for the full life cycle of the system. “Risk factors by necessity are integrated and exposed to a system process that includes a thorough assessment of failure modes that all threats present.”

This is not to impugn the innovators, said Juhasz. “In this age, we cannot rely on the same methods to designs complex systems that make up critical infrastructure. Risks are too great. Our key stakeholders, which includes the entirety of modern society, deserves better. The coalition of EnergyTech sponsors will use the platform to establish a roadmap in that direction.”