What is Aurora and Why is it a Risk to Grid Reliability?

Thursday, March 29, 2012

Joe Weiss

201d6e4b7cd0350a1a9ef6e856e28341

There are a number of issues about Aurora that are confusing including its name, what it does, how to detect it, and what could be vulnerable.

As Aurora is still classified as "For Official Use Only", I will not go into any technical details.

First, I would like to address the confusion in the name Aurora. The Aurora I am referring to is the test the Idaho National Laboratory did for DHS in 2007 that destroyed a diesel generator with the consequent CNN tape.

The reason DHS performed the test was to demonstrate that a cyber attack could destroy large rotating equipment (remember this was in 2007 long before Stuxnet). This is not the same as the Chinese attack on Google also named Aurora which has caused confusion.

Aurora is a gap in the protection of the electric grid that can be caused by cyber. It is a basic physics property - an out-of-phase condition - that cannot be seen by the operator and can NOT be mitigated by any traditional IT cyber mitigation. The only means to prevent an Aurora event is by physical hardware mitigation.

Aurora was demonstrated to be able to cause damage to a diesel generator. However, Aurora can cause damage to any load connected to the grid. Yet, Aurora is not addressed by the NERC CIPs or by the nuclear industry in NEI-08-09 - a second gap in protection of the electric grid.

I believe that if the Aurora vulnerability was discovered as part of a reliability test and the disclosure made to industry through traditional reliability channels, this problem would have been addressed.

Because it was called a "cyber security" problem, it was sent through the security channels and effectively indefinitely deferred. This is probably one of the most glaring examples of the discontinuity between the NERC CIPs and grid reliability.

Cross-posted from ControlGlobal.com's Unfettered Blog - copyright 2012 and ff by Putman Media Inc. All rights reserved.

Possibly Related Articles:
7026
SCADA
Industrial Control Systems
SCADA Vulnerabilities Attacks Hardware Smart Grid DHS Mitigation ICS Industrial Control Systems Aurora
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.