EEE会議（北米大停電とコンピュータ・ウィルス）..............................................2003.8.28


北米大停電の原因調査の過程で判明したことの１つは、米国の送電網がコンピュー
ター・ウィルスの攻撃に弱く、もっと安全保障対策を強化する必要があるということ
だそうです。例えばオハイオ州のDavis-Besse原発（圧力容器の上蓋の腐食事件など
問題原発として有名）でも今年初め、ウィルスにやられたが、たまたま運転停止中
だったので大事に至らなかったということで、今回の大停電も、こうしたコンピュー
ター・ウィルスの仕業である可能性を全く排除できない由。　詳しくは、New
Scientistsの最新号(8/27)の記事をどうぞ。
--KK

******************************************

Electricity grids left wide open to hackers

27 August 03

The revelation that a computer worm disabled a safety system in a US nuclear
power station in January has led to fresh calls for security on electricity
grids to be overhauled. Experts say much of the grid's critical
infrastructure is too accessible to the virus-ridden public internet.

News of the safety flaw came as teams investigating the North American
electricity blackout on 14 August said they still could not rule out
computer problems as a contributory cause of the outage. Control system
experts warn that it is only a matter of time before worms like MSBlaster or
Sobig.F - which uses spamming technology to amplify its presence on the
net - cripple a power station or grid.

When the Davis-Besse nuclear power plant in Ohio was hit by the Slammer worm
earlier in 2003, the reactor happened to be offline. But the worm disabled a
safety monitoring system for nearly five hours. "We are still working
through the information to find out what happened," says a spokesman for
Akron-based FirstEnergy, which owns the plant.

Some sources suggest the worm may have entered the plant's network via a
connection to an insecure network. But critical systems like power stations
should be cut off from the outside world and the internet, says Joel Gordes,
a grid expert at Environmental Energy Solutions in Riverton, Connecticut.
But this is not seen as a practical option in today's cost-conscious and
highly competitive energy market.


Integrate or isolate


It was cheaper to integrate these systems than to isolate them, says Bill
Flynt, former director of the US Army's Homeland Security Threats Office and
now with TRC Infrastructure Security in Connecticut. "It was a different
security environment," he says.

It is not just nuclear power stations we should be worried about, says Joe
Weiss, a control systems expert with KEMA Consulting of Fairfax, Virginia.
Weiss is concerned that although the PC-based software used by operators to
monitor power stations and transmission lines is usually protected by
firewalls, the real-time control electronics that they oversee is not. "The
technology currently does not exist to protect them," he says.

These real-time systems tend to be embedded in non-PC based customised
electronics in power plants and substations, but their behaviour can be
affected because at some points PCs are used to switch them on and off -
with potentially disastrous consequences for the grid.

"So far we've been lucky," says Weiss. "These embedded systems were designed
to be open to easy, remote access." This was appropriate before the rise of
the internet, when grids operated on a dedicated, closed infrastructure -
but today this level of openness poses a serious threat.

In June, the North American Electric Reliability Council described how a
worm brought down another network designed to allow operators to control
parts of the grid in remote areas. Known as Supervisory Control and Data
Acquisition systems, or SCADAs, these are heavily relied upon to keep grids
running round the world.

"It's a genuine problem," says Flynt. "We have to redesign the grid." Weiss
says he has tried raising awareness of the issue in Congress. "We have spent
a very large amount of money to secure the internet and our IT
infrastructure," says Weiss. "But there has been no money spent to protect
[utility] control systems."

However, the US Department of Energy is spending $114 million on a
large-scale mock-up of the US grid, in a 900-square-mile block of desert in
Idaho. The aim of its "SCADA Testbed" project is to boost control-system
security.