A catastrophic failure compounded by a lack of failover strategies and an inability to think the unthinkable.  These are the main reasons for the sinking of the Titanic. Could these also be the post-mortem conclusions for the next large-scale electric grid failure?  Even as we note the 100 year anniversary of that maritime tragedy, we need to consider the fragility of another highly-regarded engineering marvel –our electrical grid, which is often called the most complex machine ever built. 

It has worked remarkably well for the past 130 years, but if the grid was a ship sailing in the Atlantic now, it has to dodge dangerous icebergs ahead.   Here are three of the most dangerous risks that electric utilities, regulators, and citizens must prepare for:

Catastrophic failure.  The existing grid lacks sufficient security tools and practices to defend against disruptions caused by cyber attacks, since it was built on “security through obscurity”.  As the grid evolves into the Smart Grid, obscurity fades away.  Devices that are capable of remote communications may fall victim to remote cyber attacks by lone hackers, terrorist groups, or unfriendly foreign governments.  There are multiple efforts underway to help secure the grid, and these activities will help “harden” the grid against cyber attacks.  However, the Titanic disaster could have been avoided if the crew had not been lulled into a false sense of complacency in their advanced ship designs and if the captain had not put a priority on speed over safety in iceberg-laden waters.   Smart Grid initiatives need to embed secure technologies and practices into their plans.

Lack of failover strategies.   The Titanic didn’t carry enough lifeboats to hold all its passengers and crew, because an unsinkable ship didn’t need them.  Our current grid is structured in a pyramid shape with the fewest assets, relatively speaking, in generation, more in transmission, and most in distribution.  Remove a source of generation and large numbers of customers may be impacted.  For instance, the nuclear power plant at San Onofre in southern California is indefinitely sidelined for safety reasons.  Southern Californians are facing the prospect of a long, hot summer without this reliable energy source.  The future Smart Grid can support a highly distributed renewables generation structure that reduces the impacts of loss of centralized sources.  We need as many “lifeboats” as possible to ride out any catastrophic failures. 

Inability to think the unthinkable.   Electric utilities have a fairly unique role to play in our modern society and economy that can be summed up in four words – keep the lights on.  They’ve done it well.  But the Smart Grid is changing the electricity ecosystem, and utilities have to create a number of new “what if” scenarios and test their responses to them.  Their scenarios have to include “what if a concerted cyber attack disables our main generation sources AND transmission facilities?”  This type of thinking exposes the unthinkable – the grid’s reliability is threatened by its lack of resiliency.  The US military has already asked this question, and we see their answer – microgrids.  They are building resiliency into their bases and operations through distributed generation with renewables, energy storage, and strategies to manage their electricity needs.  Smart utilities should adopt similarly aggressive microgrid plans and timelines for critical infrastructure such as hospitals, communications centers, industrial facilities, and government centers to ensure that a catastrophic event doesn’t wholly disable civil and economic operations.   

For many security experts, it is not a question of if, but rather when the grid will be the victim of a major cyber attack.   Will our electric utilities and policy makers learn to avoid or minimize failures based on the lessons from past catastrophes, or are we doomed to sit in the dark because we failed to think the unthinkable?