http://cryptome.org/hack-power.htm http://groups.yahoo.com/group/coldwarcomms/message/12951 To: coldwarcomms@private From: Date: Sat, 1 Mar 2008 10:40:46 -0800 (PST) Subject: [coldwarcomms] Re: Terrorists hacking power systems [was RE: Genset from AT&T site Hello All: I need to weigh in here. Address a couple points. Sorry this is not so much comms related. Somehow I missed "the" video, could someone point me to it. [Video] - I am a Chief Powerplant Operator at a mainstem Columbia River dam, in the northwest. I have worked in hydro powerplants, and high voltage switchyards for 27 years. All large generators are protected by vsarious protective relay schemes, and are well protected. They are protected for manyconditions, such as loss of excitation, generator ground, generator differential, phase imbalance, negative sequence current, overvoltage, and the list goes on. In the old days, these relays were descrete relays for each function, but now, they are basically microprocessors, and one box has many functions, and the "relays" as we still call them, have sophisticated comms between them, and the control systems. It would be hard to damage a large generator from hacking into the network, but you could certainly casue problems if you go it, such as opening the spillway, or shutting down the generators. - Not all large bulk power generators are the same, steamers turn very fast (3600 RPM) and depending on head of water, and type of turbine, etc, hydro units turn slow (100-400 RPM) so synchronizing these is very different. I have many seen "bad shots" taken on synchrnizing on different sizes of hydro units, with varying results. Anything from, the unit pulled into synchronism (slower unit) to the protective relays operating, and shutting the down the unit. I have never heard of a large generator "self-destructing" although damage is possible, especially if the protective relays failed, or breaker failed. You have to remember, these large generators are made to feed huge electrical faults, and the breakers are made to interrupt such faults. For the record, for manual synchronism, we use a synchroscope, which looks at the phase angle between the power system "grid" and the generator to be synchronized, we can determine if the generator is too fast or slow, and when the moment of synchronism occurs, that is when you close the breaker. This happens in a nice controlled operation, no slamming, or banging, if it is accomplished correctly. There is a noise that occurs on a shot that is not right on, can it can be anything from a thump sound, to a heightened buzzing (transformer type hum) from the stator, I believe this is from the slight physical movement of the coils, it quiets down after the generator is warmed up. We also have an automatic synchronizer, it can produce various quality of synchronism. And, yes, even in a hydro plant, we have "pre-heated" diesel generators sets, both for the spillway, and for the powerhouse. - In the Northwest, we have a lot of generation, and in the Southwest, they have a lot of load, the "normal" flow of power is from the North to South, along the west coast, if that tie separates, we in theNorthwest are left with a large excess of generation, and, there is a remedial action scheme, which includes tripping large generators off line, and (I am not kidding) a very large load bank (read giant resistor here) that switches in for just long enough to help brake the system, and then switches out before it over-heats. It is nicknamed the "toaster". So, yes, it exists. - As far as comms go, I do know our "computer engineers" both for the security system, and the plant control system, and power system control computers, can get in from home, over the public network, and that access is "deeper" that my access running the plant. Not sure of the security but, there is also a modem that can be called over a public phone line, so the manufacturer can get in if needed. I feel we are lacking on security, and it would be easy to get in if you wanted to. - Plant physical security is better than before 9-11, but it is still horrible, you can "tag in" or follow someone in through a security gate, and we have so many contractors working on site, that anyone could walk in or out, and no one would notice, how could we? - OK, this is way to long, sorry. ___________________________________________________ Subscribe to InfoSec News http://www.infosecnews.org/mailman/listinfo/isn
This archive was generated by hypermail 2.1.3 : Sun Mar 02 2008 - 22:06:49 PST