North American Electrical Grid Dynamics.

Lust-Risk Containment.





Report : Electrical Grid Vulnerability.
Industry Responses Reveal Security Gaps,
A report written by the staff of Congressmen
Edward J. Markey (D-MA) and Henry A. Waxman (D-CA)
May 21, 2013 -- 35 pages

A five-year old National Academy of Sciences report declassified and released in November 2012 found that physical damage by terrorists to large transformers could disrupt power to large regions of the country and could take months to repair, and that "such an attack could be carried out by knowledgeable attackers with little risk of detection or interdiction." 2

Current efforts to protect the nation's electric grid from cyber-attack are comprised of voluntary actions recommended by the North American Electric Reliability Corporation (NERC), an industry organization, combined with mandatory reliability standards that are developed through NERC's protracted, consensus-based process. Additionally, an electric utility or grid-related entity may take action on its own initiative.

... requested information in January 2013 from more than 150 investor-owned utilities (IOUs), municipally-owned utilities, rural electric cooperatives, and federal entities that own major pieces of the bulk power system. ...

  1. 1. The electric grid is the target of numerous and daily cyber-attacks.
    ... One utility reported that it was the target of approximately 10,000 attempted cyber-attacks each month. ".. we see probes on our network to look for vulnerabilities in our systems and applications on a daily basis. Much of this activity is automated and dynamic in nature -- able to adapt to what is discovered during its probing process."

  2. Most utilities only comply with mandatory cyber-security standards, and have not implemented voluntary NERC recommendations. ...

  3. Most utilities have not taken concrete steps to reduce the vulnerability of the grid to geomagnetic storms and it is unclear whether the number of available spare transformers is adequate. ..

.. (few) have taken specific mitigation measures to protect against or respond to geomagnetic storms.

Most utilities do not own spare transformers. ..


The Importance of the Electric Grid
The U.S. bulk-power system serves more than 300 million people and is made up of more than 200,000 miles of transmission lines, and more than 1 million megawatts of generating capacity, and is valued at over $1 trillion. ... The components of the grid are highly interdependent and, as history has shown, a line outage or system failure in one area can lead to cascading outages in other areas.

For example, on August 14, 2003, four sagging high-voltage power lines in northern Ohio brushed into trees and shut off. Compounded by a computer system error, this shut-down caused a cascade of failures that eventually left 50 million people without power for two days across the United States and Canada. This event, the largest blackout in North American history, cost an estimated $6 billion and contributed to at least 11 deaths...

"critical (Department of Defense) missions ... are almost entirely dependent on the national transmission grid. About 85% of the energy infrastructure upon which DOD depends is commercially owned, and 99% of the electric energy DOD installations consume originates outside the fence.... Power outages and power quality disturbances are estimated to cost the U.S. economy between $119 to $188 billion per year. 8 Single events can cost $10 billion or more.


Cyber-attacks can create instant effects at very low cost, and are very difficult to positively attribute back to the attacker. ...

There also has been growing attention to physical vulnerabilities of the grid.
For example, the replacement of large transformers essential to the reliable operation of the grid may require twenty months or longer.

... electromagnetic pulse (EMP) and geomagnetic disturbance (GMD).
EMPs can be generated intentionally by utilizing portable equipment to produce high-power radio frequency or microwave or other electromagnetic pulses that destroy or disable electronic equipment. Such weapons can vary in size from a hand-held device to a large vehicle-borne device, can be used at a distance from a target, and can penetrate walls or other obstacles -- making detection and attribution of an attack to a specific source difficult. More than a dozen countries have conducted research on such weapons, and DOD has demonstrated that such weapons can be developed with modest financial resources and technical capability. Such weapons have been used to defeat security systems, commit robberies, disable police communications, induce fires, and disrupt banking computers.

GMDs occur naturally through geomagnetic storms resulting from solar activity.
A 2008 National Academy of Sciences report 13 estimated the effects of a geomagnetic storm of the magnitude of the 1921 storm on the current electrical grid, concluding that such a storm could cause permanent damage to more than 350 transformers, leaving as many as 130 million people without power. Impacts from a large geomagnetic storm could last for several years and cost in the range of several trillion dollars per year.

... America's bulk power system was not designed to withstand the effects of a severe solar storm.
It also noted that the effects of an EMP are significantly more extensive than a GMD ...

Of the (few) utilities that responded 24 to the request for information regarding attempted and successful physical attacks, most indicated that the only physical attacks experienced on their systems seemed linked to acts of vandalism and thefts of copper. Most incidents appeared unrelated to terrorism. ...

Utilities were also asked whether they undertake background checks of employees.
This is especially important in light of recent reports by the Department of Homeland Security and private security companies documenting numerous cyber-attacks by the Chinese government over the past few years. ...

Geomagnetic Storms
Utilities were asked to describe steps they have taken to mitigate against the impact of geomagnetic storms.
Geomagnetic disturbances occur when solar storms on the surface of the sun send electrically charged particles towards Earth, where they interact with the planetary magnetic field. These events are relatively frequent and can cause extensive damage to global power grids.

In 1859, a massive geomagnetic storm wreaked havoc with telegraph lines across the United States and the world.

In 1921, a similar geomagnetic storm destroyed American infrastructure.

A much smaller storm that lasted only 92 seconds in 1989 disabled Quebec's power grid for nine hours 43 44. Electro- magnetic pulse (EMP) events result from a burst of electromagnetic radiation and can similarly damage or destroy critical infrastructure.



SELECTED TIMEFRAME NOTES from the Report:

April 10, 2009: Secretary of Homeland Security Janet Napolitano acknowledged publicly 49 that the electric grid was hacked and is vulnerable to cyber-attacks.

April 21, 2009: NERC issued an alert 50 regarding the conficker worm, a type of virus that targets Microsoft Windows operating systems and was first discovered in 2008. The worm has proven very difficult to eradicate, as it is known to hide in numerous places on host machines, and has the ability to regenerate itself.

January 2010: The Operation Aurora cyber-attack (2006) was publicly disclosed by Google in January, 2010. Operation Aurora is thought to have been created by the Elderwood Group based in Beijing to gain access to and potentially modify source code repositories at high tech, security, and defense contractor companies.

June 2010: The Stuxnet computer worm, which is believed to have been designed by the United States and Israel and used in 2007 and 2010 to damage Iran's nuclear program, became public after accidentally escaping from the Natanz nuclear plant in Iran, making it the first known malware that spies on and subverts industrial systems. The worm initially spread indiscriminately, but included a highly specialized malware payload that is designed to target only Siemens supervisory control and data acquisition (SCADA) systems that are configured to control and monitor specific industrial processes

February 18, 2011: NERC issued an alert 54 regarding the Night Dragon targeted cyber-attacks.
Night Dragon attacks employ a combination of social engineering (used to trick a user into performing an act that provides the attacker with confidential or unauthorized access to the user's network) and well-coordinated, targeted cyber-attacks using Trojan horses, remote control software, and other malware.

October 27, 2011: Secretary of Homeland Security Janet Napolitano stated that there have been instances in which hackers came close to shutting down parts of the nation's critical infrastructure, which could potentially cause loss of life and massive economic damage

May 28, 2012: The existence of Flame, malware that attacks computers running the Microsoft Windows operating system, was publicly announced by multiple cyber defense teams 59. Estimated to have been operating since February 2010, Flame attacks and spreads to computer systems over a local network or via USB stick.

June 2012: Gauss, a virus with properties similar to Stuxnet and Flame, is discovered by the Russian Kapersky Lab 60. It appears to be intended to gather information on banking transactions and steal login information from email and social networking websites.

August 16, 2012: Shamoon, a computer virus that attacks computers running the Microsoft Windows "NT" line of operating systems, was discovered 64. The virus has been used for cyber espionage in the energy sector and is unique for having differing behavior from other malware cyber espionage attacks. ... a Shamoon attack conducted against Saudi Arabia's national oil company, Aramco. While the attack failed to disrupt oil production, it is considered one of the most destructive hacker strikes against a single business.

December 2012: DHS revealed an "alarming rate" of increase in attacks against power, water, and nuclear systems in fiscal year 2012 71. In fiscal year 2012, the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) received and responded to 198 cyber incidents as reported by asset owners and industry partners, with 41% of these attacks being against the energy sector.

May 6, 2013: Middle East and North Africa-based criminal hackers launched OpUSA, cyber-attacks directed towards high-profile U.S. government agencies, banks, and other companies 75. The Department of Homeland Safety warned against the attacks, which are considered particularly dangerous as they represent a developing alliance between criminal hackers and violent Islamic extremists. ...



Low-Tech: Is Sophistication Enough?
Sophisticated but low-tech power grid attack baffles authorities.
http://www.latimes.com/nation/la-na-grid-attack-20140211-story.html
By Richard A. Serrano and Evan Halper
richard.serrano@latimes.com --- evan.halper@latimes.com
Times staff writers Brian Bennett in Washington and Marc Lifsher in Sacramento contributed to this report.
Copyright © 2014, Los Angeles Times

WASHINGTON
They came after midnight, two or more armed individuals so deft that they cut telecommunication cables in an underground vault and outsmarted security cameras and motion sensors at the power substation in a remote corner of Santa Clara County.

At daylight, FBI agents began poring over time-lapse photographs from the surveillance cameras.
But the photos revealed only staccato muzzle flashes from a semiautomatic weapon and sparks as shots hit rows of transformers. There was not a face, not a shadow, of who was doing the firing.

The shooters disappeared into the gloom minutes before the first police car arrived.

The military-style raid on April 16 knocked out 17 giant transformers at the Metcalf Transmission Substation, which feeds power to Silicon Valley. The FBI is still working the case, and agents say they are confident it was not the work of terrorists. ...

Utility officials quickly rerouted power around the site, and nearby power plants picked up the slack, so there was no major blackout. And no one was injured. But it took utility crews nearly a month to repair the damage.

Law enforcement sources and others briefed on the investigation say the gunmen fired 120 rounds from a high-powered rifle and that nearly every shot hit the transformers 40 yards away in a 20-minute period.

The transformers began to leak tens of thousands of gallons of oil.
They overheated and shut down, but did not explode.

The attackers managed "to disable these transformers without blowing them up and attracting attention," Rep. Adam B. Schiff (D-Burbank) said on "Fox News Sunday."

Officials say the attackers brought night-vision scopes for their weapons, used heavy wire cutters to snip fiber-optic cables in a below-ground bunker and knew the specific manholes to open to reach the right cables.

The team briefly disabled the 911 emergency system and phone lines.
They set off a motion detector by the fence before leaving, but the facility sits beside U.S. 101, a convenient escape route.

They were "clearly knowledgeable" about the layout of the substation and its communication systems, said one federal official, who, like others, was speaking confidentially because the investigation is continuing.

The perpetrators arrived shortly before 1 a.m. and were gone 52 minutes later.
Apparently the first call to authorities came from a driver speeding by on U.S. 101. He alerted police in Gilroy, about 20 miles south. "Fireworks" were coming from the substation, he said.

An operator at the Metcalf Energy Center, beside the substation, placed an emergency call about the same time.

"These guys took pains to make sure they would not be detected," a federal official said. "And they got away."

Sources said investigators had found no fingerprints on the shell casings, no matchable boot prints and no tire tracks from getaway vehicles.

A four-minute black-and-white surveillance video, which the Santa Clara County Sheriff's Office posted online, shows little more than a line of trees and flashes of light along a chain-link perimeter fence, possibly including a waving flashlight.

Dozens of facilities linked to the nation's three major electric grids, including transmission towers and substations, are vandalized each year. But those incidents generally involve disgruntled workers, bored target shooters, copper wire thieves or disturbed individuals. ...

In 1990, the U.S. Office of Technology Assessment warned that utilities were "vulnerable to saboteurs with explosives or just high-power rifles." ...

R. James Woolsey, who headed the CIA from 1993 to 1995, ... noted it occurred in mid-April, the same month as the 1993 Waco siege, the 1995 Oklahoma City bombing, the 1999 Columbine High School and 2007 Virginia Tech massacres, as well as the Boston Marathon bombing, which killed three people and wounded more than 260 others a day earlier.



Report : Cybersecurity in Texas.
Public Utility Commission of Texas
By Alan Rivaldo,
2012, November 30 --- 109 pages, pdf

(01) Maintaining the reliability of the state's electric infrastructure is a challenge for many reasons, such as being subjected to extreme weather events. What brings this challenge to a higher level is the covert presence of intelligent adversaries who relentlessly attempt to infiltrate and subvert the electric grid. At the same time, power systems are becoming increasingly complex. They are more reliant on advanced technologies and communications infrastructures and this has led to a corresponding increase in vulnerability to cyber-attacks. The worlds of conventional information technology (IT) and the operational technology used to make facilities function are beginning to converge.

(05) This should be viewed as a living document; cybersecurity is a field that is very dynamic and fluid.
New threats (including thousands of computer viruses) arise daily and several common vulnerabilities come to light each week, all while swift progress is being made on the development of new standards for Smart Grid and cybersecurity. New initiatives in the realms of energy and/or security could be launched by the federal government at any time, taking many people by surprise and causing a diversion in course. In contrast to this, many pieces of U.S. legislation have been debated for several years, some seeming to be on the verge of being released, only to ultimately not make it out of committee. All this makes it a challenge to follow current developments and to craft policy accordingly.

(07) Power systems are becoming increasingly complex and rely more on the deployment of information technology and communications infrastructures that generate, transmit, and consume large volumes of data and information. 1 Their presence, along with the power system's increased reliance on them, has led to a corresponding increase in vulnerability to cyber-attacks. Texas is ultimately competing with other states and nations in that it endeavors to remain a hospitable place for businesses to operate, provide its residents abundant opportunities for a good quality of life, and foster a secure environment for their interactions with each other and those who deliver utility services.

(16) .. the Texas Department of Information Resources (DIR).
DIR provides the PUC and many other Texas state agencies with a uniform set of information security policies, standards and general guidelines. 22 The DIR services used by the PUC are: 24/7 Network Security Monitoring, Alerting, and Analysis; State Enterprise Intrusion Prevention Service; Controlled Penetration Testing; Web Application Vulnerability Scan and online Cyber Security Training sponsored by the US Department of Homeland Security.

(18) Advanced Metering Infrastructure (AMI) is typically implemented as a pilot project before the company installing it does a full-scale deployment or incorporates an extensive amount of distribution automation (DA). Using a staged approach helps a utility gain a greater understanding of the impact of increased bandwidth demands on more localized communications systems that are used to gather and transport data to be processed and to assess potential operational issues associated with deploying a new technology. Initially concentrating on meter deployment helps to isolate any issues to a smaller and more contained area rather than allowing them to propagate "upstream" and system-wide since DA dictates a broader or more complex deployment than metering alone.

(19) If the AMI meters being deployed have a remote disconnect feature, the Transmission and Distribution Service Provider (TDSP) installing them should include mechanisms that will throttle the number of simultaneous connects and disconnects and limit how often these actions can happen to any one particular meter. All commands from the back office to the customer premises should be authenticated and all actions logged. This information should be audited frequently but at odd intervals to ensure that outputs conform to expected results while somewhat randomizing when the sampling will occur. TDSPs will also need to secure any interfaces to Retail Electric Provider (REP) data and their interfaces to ERCOT to ensure that one REP cannot see another REP's data.

(20) There have been general concerns about the security of our nation ever since the terrorist attacks of September 11, 2001. As a result, many different bills have been introduced in the U.S. Congress over the past several years, but to date, none has resulted in legislation. ...

(21) Risk can be defined as the potential that a chosen action (or inaction) will lead to an undesirable outcome. If this is to be expressed in financial terms for a company, it would equate with monetary loss.

(23) Companies tend to be judged by potential investors based on the performance of their stocks, as well as the risks to which they are being subjected in order to reap the desired gains. ... A company desires to borrow at the lowest possible interest rate, and in order to do so, it must have good credit. A large part of credit worthiness is determined by the perceived risk of a company defaulting on its debt obligations. ...

(24) Cisco estimates that by 2016, there will be 4 billion Internet-capable mobile devices globally. ...
Almost everyone has the ability to establish a remote connection to a public network while some users have the additional capability of connecting to one or more private networks (such as those inside a company) and therefore have the potential to access any devices on those networks.

(25) Shodan -- http://www.shodanhq.com -- is an Internet search engine that allows a user to find specific Internet-connected equipment including routers and servers and creates an index of these devices. A variety of filters is available on the site to narrow the search which can be used to find computers that are running a certain piece of software. A search engine with this capability is of particular concern to almost every industry including electrical utilities because almost all of them utilize ICSs. The Shodan search engine 39 will enable potential hackers to locate control systems which are connected to the Internet and then can also be used to identify which of those discovered systems have known vulnerabilities.

(26) Stuxnet was a computer worm discovered in mid-2010 which spread indiscriminately via Microsoft Windows, but whose ultimate target was certain industrial control system software and equipment. The malware was designed to subvert the Siemens Step-7 software application in particular, which is used to monitor and control Siemens S7 programmable logic controllers (PLCs). PLCs are primarily used to automate processes, and are typically used to control a smaller, more localized operation, such as Balance of Plant. PLCs have become increasingly sophisticated and more capable over the years, and the potential compromise of such systems is worrisome. ... Most remarkable is that Stuxnet employed an unprecedented four vulnerabilities of the Windows operating system which were unknown to virtually anyone including Microsoft, the developer of the exploited software. Such unknown vulnerabilities are commonly referred to as "zero-day" vulnerabilities.

A BOP (Balance of Plant) design depends on the specific kind of power generation, or requirements that are specific to the facility's site, and which are integrated into the power system. Thus, any disruption of BOP may result in any number of consequences, ranging from relatively benign to catastrophic.

(27) One of the greatest dangers to a utility is presented by intentional or unintentional acts committed by people within the company. ... The weakest link in cybersecurity is not necessarily the technology or equipment - it is the human beings who operate such systems. People may take errant actions or otherwise cause failures, or they may simply not adhere to established policies. What one may not consider is that people can also be tricked into performing unwanted behaviors through "social engineering."

(30) n July 2011 Avast Software, a Czech antivirus company, stated that Windows XP computers are infected with rootkits out of Figure 5: Windows XP accounts for a disproportionate share of rootkit infections. proportion to the operating system's market share. At the time, Windows XP accounted for about 58% of all Windows systems in use but 74% of the rootkit 46 infections found by Avast were on machines running on Windows XP.

(30) A rootkit is malware designed to hide the existence of certain processes or programs from normal methods of detection and enables continued access to a computer at a highly-privileged level.

(31) Windows XP (XP) still commands a 20% market share in the U.S.
The operating system was made available to customers by way of being "preinstalled" on computer systems for a period of over 9 years, starting from August 24, 2001 until October 22, 2010. This long period of deployment means that in addition to having a large installed base in the traditional end-user and IT markets, the operating system was also widely embraced by industrial customers in their OT infrastructures and by the original equipment manufacturers (OEM) who supply them. 

(37) Examples of chaos made manifest are ... 
relays being triggered for no discernible reason,
switching equipment being disrupted or 
a generator rapidly switching its phases, causing it to tear itself apart.

The latter event was demonstrated in the "Aurora Experiment" which was conducted by the Idaho National Labs (INL) in March 2007 and was publicized by cable news channel CNN. The experiment consisted of a simulated hacker attack on a control system commonly found in use throughout bulk electric systems.

A report INL created on behalf of the DOE's Office of Electricity Delivery and Energy (OE) National SCADA Test Bed (NSTB) program is the "Vulnerability Analysis of Energy Delivery Control Systems", which describes common vulnerabilities found in assessments performed by the lab in the time period between 2003 and 2010. The top 10 general control system vulnerabilities it listed were:

  1. Unpatched Published Vulnerabilities
  2. Web Human-machine Interface (HMI) Vulnerabilities
  3. Use of Vulnerable Remote Display Protocols
  4. Improper Access Control
  5. Improper Authentication
  6. Buffer Overflows in SCADA Services
  7. SCADA Data and Command Message Manipulation and Injection
  8. SQL Injection
  9. Use of Standard IT Protocols with Clear-text Authentication
  10. Unprotected Transport of SCADA Application Credentials

(38) Cyber-attacks may be perpetrated by an individual for a number of reasons
- for the purposes of entertainment, as a point of pride or personal challenge, or to exact revenge.
Large-scale attack operations are executed by some type of organization, which may be motivated by the opportunity to exact illicit economic gains, to terrorize a populace, or as a form of covert warfare against a nation.

(40) Some people who were formerly a part of the U.S. military or who have a position of influence with the federal government have recently called for policies that would make a kinetic response (e.g. bombing) a possibility in the event of a full scale cyber-attack on our country's infrastructure. This is troublesome, because in addition to knowing how to obfuscate their identities, adversaries can throw off computer forensic investigators and make it look like an attack had come from a third party that is both innocent and unwitting. Having such a policy may put our country at risk by introducing the possibility of going to war against the wrong country.

(42) CSs have ramifications in the physical world and work in real-time so deployed systems must be handled differently than IT systems used in the business/office part of an enterprise. For example, anti-virus programs that are installed on office PCs and enterprise servers with no adverse effect may cause computational processes in a functioning control system to bog down, increase network latencies, and delay the responsiveness of field devices, all of which may result in disaster for an energy management system.

(42) Another difference between a typical IT system and an ICS is expected lifetime.
IT systems are refreshed on a 3- to 5-year cycle, while control systems have an expected lifetime measured in decades. Smart Grid initiatives have introduced evolving technologies into the energy production environment, which has made product obsolescence more of an issue than it has been. The useful lifetimes of most industrial technology is also anticipated to shorten.

(47) Another challenge of implementing cybersecurity in utilities is related to the industry's culture.
Utility operations have traditionally been dominated by engineers, who are educated and trained to understand the underlying science behind electricity, as well as the systems and instrumentation used to measure, control, and direct it. Over the years, the engineering environment has incorporated an increasing amount of computer systems, and work processes have also been adapted to accommodate the use of IT. Many utility operations people typically have years of experience in the field, many having come into the industry at some point during the 1970s or 1980s with long tenure at the same utility.

It has been widely acknowledged in the United States that qualified engineers are increasingly difficult to come by. Finding the kind of engineers that either already have or would develop specialized knowledge to potentially become a utility operator ... Students ... other career paths generally have become more attractive to them. ... many utilities typically have facilities scattered across rural territories that are sparsely populated. A graduating student pursuing employment would likely be required to relocate to such an area or commute long distances, which may be a deterrent to accepting a job offer.

(47) The distinctions between the OT and IT workforces are important to note, because as OT continues to automate, it is taking on more of the characteristics of IT. As a result of this convergence, management at utilities leans on their IT staffs for support in functions that would be ideally handled by someone with operational (i.e. OT) knowledge and experience. The problem with this is that IT staffers tend to be computer-focused in approach and do not possess the understanding of real-world processes that an engineer would have.

(54) The vulnerability disclosure framework paper was motivated by what had become a somewhat controversial subject in the ICS cybersecurity community -- the public disclosure of discovered system vulnerabilities. Since Stuxnet came to light, many ICS vulnerabilities have been revealed by "security researchers," the latest descriptive name given to those who purposely look for vulnerabilities in ICS. This name is used in place of ICS "hacker," a term that has a stigma attached to it.

Many in the community would prefer that such disclosures only be revealed to the government (i.e. ICS-CERT) and to the vendors of the software or hardware that is affected. The vendor can then notify its affected customers and work toward solving the problem, or if the problem is intractable, at least mitigating any threats and devising a longer-term product strategy. Some researchers have become impatient with government efforts in regard to rectifying the situation or feel that vendors do not have enough motivation to actually resolve the found issues. As a result, some researchers had resorted to setting deadlines for receiving satisfactory resolutions before they publicly disclose the vulnerabilities that they had discovered.

(66) The Challenges of Cybersecurity Standards Development.

... The first difficulty is that much of the efforts are based on volunteerism - many of the participants are not being paid to do the work, or alternately, their company has voluntarily offered up their time to perform work for the benefit of the various groups in which they are involved. Another challenge is the level of knowledge possessed by participants. Many of the efforts taking place require those who are involved to explore a new realm with which they may not be familiar. There are new terms, concepts, and processes to learn. For cybersecurity standards, one must know bits about electric grid componentry, computer systems, cybersecurity, and several standards development processes. Those who may be intimately familiar with the technologies used in the electric grid might not know much about the standards development process, for example, or vice versa.

(80) Cryptography is a critical element of cybersecurity because in the event that adversaries are able to intercept a data stream, robust encryption prevents them from knowing the contents. While cryptographic controls may be eventually "broken," new encryption algorithms are always being developed. One must be mindful that in the event that a new method of encryption needs to be installed in deployed capital equipment, the equipment must be able to accommodate the installation of the new encryption technology.

(84) In order to be most effective, security needs to be built into acquired products and systems from the beginning rather than just being "bolted on" after the fact. It is vital that a utility clearly specify its security requirements to vendors. Any software and system must utilize fully- implemented security standards. This can only be accomplished if a customer is familiar with the terminology that demands demonstrable and thus contractually enforceable results. DHS has created a product that defines these terms as well as other guidance in its document, "DHS Cyber Security Procurement Language for Control Systems." 152 The National Cyber Security Division of DHS also sponsors a website called "Build Security In" 153 which is a collaborative effort that provides practices, tools, guidelines, rules, principles, and other resources for software developers, architects, and security practitioners to build security into software in every phase of its development.

(85) Utilities must find a way to secure their supply chains, and at the same time there is only a limited universe of companies that are capable of the supplying the sophisticated products which are a part of the electrical infrastructure. Utilities are therefore somewhat at the mercy of their vendors whether these vendors manufacture products, provide software, or supply services. A way of addressing this quandary is through standards that focus on secure product design and certification. One caveat must be mentioned before proceeding -- namely, that any certification does not necessarily guarantee a product is completely secure. A certification is similar to taking a snapshot -- it is a representation of a moment in time, but the threat landscape is ever-fluid and dynamic.

(87) The acronym IACS stands for "Industrial Automation and Control Systems", which is interchangeable with "Industrial Control System" or ICS, but from my experience, not as commonly used.

(88) Computer-based threats to the nation's critical infrastructure are manifold and the consequences of electrical utilities being exploited by attackers can be dire, such as widespread or long-term power outages. Attack methods have become more sophisticated while simultaneously requiring less knowledge and skill to be successful. Maintaining a strong cybersecurity posture in the face of increasing threats is important to the reliability of the electrical infrastructure. Utilities are not defenseless; they can take action today to mitigate these issues. Utilities and vendors can work together to eliminate vulnerabilities from existing installations and prevent them in future products, making security a standard part of the feature set. The solutions to deter, detect, and respond to cybersecurity threats must also be cost-effective.

(96) Another measure that can ensure a greater level of security is using hardened network equipment, officially known as the National Information Assurance Partnership Common Criteria Evaluation Validation Scheme for IT Security but more commonly referred to simply as "Common Criteria." Common Criteria is a partnership between the public and private sectors implemented to help end-users select commercial off-the-shelf (COTS) products that meet their security requirements and to assist manufacturers of those products in gaining acceptance in the global marketplace. Being able to readily find secure COTS products is of importance to the industry because the use of COTS has been mandated by many businesses and government agencies, thanks to their potential of delivering significant savings in procurement, development and maintenance.

(98) Many other sectors outside of electrical utilities are prone to the same types of computer and control system mayhem and industrial espionage committed by adversaries. Further, attackers are opportunistic; they will attack if they know an intended victim is distracted or weakened by other events that are occurring. ...



Fracking: Facilitating Earthquakes.
Did You Feel It? Fracking Earthquakes Are Less Intense.
http://www.bloomberg.com/news/print/2014-08-20/did-you-feel-it...html
By Bebe Raupe Aug 20, 2014

Earthquakes and tremors from hydraulic fracturing shake the ground less than naturally occurring earthquakes of the same magnitude, therefore causing less damage, according to new U.S. Geological Survey research.

USGS seismologist Susan Hough analyzed 11 induced earthquakes in the central and eastern United States from 2011-2013, evaluating the ground tremors these events generated.

Using a USGS database known as the "Did You Feel It?" system, Hough said the observations of those who experienced the quakes were "very straightforward -- in every single case the intensities are low."

Hough's study, published online Aug. 19 in the "Bulletin of the Seismological Society of America," concludes that the hazards of these quakes are lower than what might be expected, chiefly because induced events are 16 times weaker than natural earthquakes with the same magnitude.

The earthquakes associated with fracking also tend to lose energy about six miles from their epicenter, Hough said, presumably because the fault is lubricated by the injected wastewater, making it easier to slip.

Earthquakes have become a concern for states experiencing hydraulic fracturing, or fracking, of their shale reserves, with some reporting a significant increase in seismic activity, possibly due to deep water injection associated with this type of drilling

Hough's study looked at fracking-related quakes in Arkansas, Colorado, Oklahoma, Ohio and Texas using data from the "Did You Feel It" questionnaires completed online by people who felt the earthquakes and went to the USGS site to report them.

She compared the induced quakes to 10 tectonic earthquakes from 2002 to 2011.
The natural earthquakes had magnitudes between 4.0 and 5.8; the magnitude of the induced earthquakes was between 3.9 and 5.7.

System Provides Shaking Intensity Characterization

While instrumental recordings of injection-induced quakes are scant, the DYFI system provides an "excellent characterization of shaking intensities caused by induced earthquakes," Hough said.

The way an induced quake felt was equivalent, on average, to a natural quake that was of a magnitude 0.8 or less, Hough said.

For the 11 events studied, estimated intensities were lower by 0.4-1.3 units than the event magnitudes, she said, with an average difference of 0.8 units.

The largest, a 5.7 magnitude quake in Prague, Okla., in November 2011, felt like a 5.1 magnitude natural quake, Hough said, noting that the effective intensity magnitude for each induced quake was less than natural tectonic events.

Based upon the USGS scale, a drop in 0.8 magnitude translates to about 16 times less strength or energy released, she said.

Force of Energy Called Shallow

Along with lower energy levels, Hough said the data suggest that the force of energy is shallow, perhaps due to the presence of fracking fluids, and the tremor's force tends to dissipate at around six miles from the quake's epicenter.

Hough's results suggest that damage from injection-induced earthquakes will be especially concentrated in the immediate epicentral region.

Induced earthquakes may have lower stress drops than natural ones because the fluids injected into the ground lubricate geological faults and allow them to slip more smoothly, Hough said.



U.S. Electrical Grid Vulnerable
to Cyberthreats and Physical Attack, Study Finds.
http://complex.foreignpolicy.com/posts/2014/07/15/
us_electrical_grid_vulnerable_to_cyber_threats_and_physical_attack_study_finds
BY Shane Harris --- JULY 15, 2014

The United States' electrical grid is vulnerable to disruptive attacks by computer hackers that could shut off power to vital sectors of the economy and key public utilities, giving potential adversaries a new way of hitting the United States, according to a new study by a Washington think tank.

The report by the nonpartisan Center for the Study of the Presidency and Congress comes as lawmakers on Capitol Hill consider legislation that would beef up cybersecurity standards for critical infrastructure like the power grid while also encouraging the government and private sector to share more information about cyberthreats and thwarted attacks. That legislation has been in the works for years but has been blocked by business interests that see mandatory security standards as an improper attempt by Washington to dictate how companies manage privately owned facilities in industries ranging from telecommunications to the financial and transportation sectors.

Cyberattacks on the power grid have long been seen as a kind of doomsday scenario that could cripple large swaths of the U.S. economy and society, leading to lengthy power outages and wide-scale panic. The new report identifies a range of potential cyberattackers that have both the motive and the capability to take down portions of the power grid, from countries like China and Russia to terrorist organizations and organized criminals.

"For countries like Iran and North Korea, grid vulnerabilities serve as targets for attacks aimed at disruption or asymmetric effects in terms of national, economic, and civil security," the report's authors write, referring to the idea that a country that will always be outmatched militarily by the United States will look for unconventional ways to attack. Cyberweapons, which can include malicious programs written by individual hackers, offer just such a relatively cheap and easier way of hitting the United States.

U.S. intelligence officials are increasingly concerned about the threat that Iran poses to critical infrastructure, including the power grid and the financial sector, because of rapid advances in Tehran's cyberattack capabilities. In 2012, U.S. intelligence officials say, hackers in Iran launched a series of debilitating assaults on the websites of major U.S. banks. Disabling an electrical grid would require a more sophisticated kind of attack, but U.S. officials and security experts say that Iran is on a path to acquire the means and the know-how to target the power grid.

"Although Iran does lack technological sophistication when compared to other threat actors, such as China or Russia, Iran's diligence and tenacity make it just as formidable an opponent," the report's authors write. "Overall, Iran and government sponsored organizations throughout the country are continuing to expand their ability to conduct a major cyberattack."


The report emphasizes that it's not just cyber-intruders that threaten the U.S. power grid. Electrical systems are also vulnerable to "physical attack, electromagnetic pulse (EMP), geomagnetic storm, and inclement weather. -- Focusing on one event or one type of attack fails to account for the overlapping nature of many of these threats," the report's authors write.

The threat of a physical attack was underscored in April 2013 when at least one gunman used a high-powered assault rifle to disable 10 transformers at an electrical facility near San Jose, California, which had few protective measures in place to deter potential intruders.

During the attack, cooling oil leaked from a transformer bank, causing it to overheat and shut down.
State regulators urged customers in the area to conserve energy over the following days, but no long-term damage was reported at the facility and there were no major power outages.

Still, the attack gave policymakers in Washington a vivid reminder that electrical facilities are vulnerable to both cyberattacks and physical attacks. In response, the report's authors call on Barack Obama's administration to use more executive actions -- such as presidential orders and recommended industry standards -- to heighten cybersecurity and to work with Congress to pass laws that make it easier for companies to share information about vulnerabilities in their networks with each other and with the government.

Many companies are concerned that if they do share information about potential hacker activity on their computer networks with U.S. law enforcement or intelligence agencies, they could violate privacy laws. That's because monitoring networks for cyberthreats may require examining information about a company's customers, and companies may not be authorized to voluntarily give such information to the government.

The Obama administration has recently tried to assuage companies' concerns and encourage them to share more information with each other, which officials say is essential to preventing attacks. In April, the Justice Department and the Federal Trade Commission announced that companies sharing cyberthreat information, so that they could learn from each other and cooperate on putting defensive measures in place, would not violate federal anti-trade laws.

"Cyberthreats are increasing in number and sophistication, and sharing information about these threats, such as incident reports, indicators, and threat signatures, is something companies can do to protect their information systems and help secure our nation's infrastructure," Assistant Attorney General Bill Baer, who heads the Justice Department's antitrust division, said at the time. "With proper safeguards in place, cyberthreat information sharing can occur without posing competitive concerns."



Assault on a California Power Station.
http://online.wsj.com/article/SB10001424052702304851104579359141941621778.html
April Sniper Attack Knocked Out Substation, Raises Concern for Country's Power Grid
Rebecca Smith at rebecca.smith@wsj.com -- The Wall Street Journal

SAN JOSE, Calif.
The attack began just before 1 a.m. on April 16 last year, when someone slipped into an underground vault not far from a busy freeway and cut telephone cables.

Within half an hour, snipers opened fire on a nearby electrical substation.
Shooting for 19 minutes, they surgically knocked out 17 giant transformers that funnel power to Silicon Valley.
A minute before a police car arrived, the shooters disappeared into the night.

With over 160,000 miles of transmission lines, the U.S. power grid is designed to handle natural and man-made disasters, as well as fluctuations in demand. How does the system work? WSJ's Jason Bellini has The Short Answer.

To avoid a blackout, electric-grid officials rerouted power around the site and asked power plants in Silicon Valley to produce more electricity. But it took utility workers 27 days to make repairs and bring the substation back to life.

Nobody has been arrested or charged in the attack at PG&E Corp.'s Metcalf transmission substation.
It is an incident of which few Americans are aware. But one former federal regulator is calling it a terrorist act that, if it were widely replicated across the country, could take down the U.S. electric grid and black out much of the country.

The attack was "the most significant incident of domestic terrorism involving the grid that has ever occurred" in the U.S., said Jon Wellinghoff, who was chairman of the Federal Energy Regulatory Commission at the time.

The Wall Street Journal assembled a chronology of the Metcalf attack from filings PG&E made to state and federal regulators; from other documents including a video released by the Santa Clara County Sheriff's Department; and from interviews, including with Mr. Wellinghoff.

The 64-year-old Nevadan, who was appointed to FERC in 2006 by President George W. Bush and stepped down in November, said he gave closed-door, high-level briefings to federal agencies, Congress and the White House last year. As months have passed without arrests, he said, he has grown increasingly concerned that an even larger attack could be in the works. He said he was going public about the incident out of concern that national security is at risk and critical electric-grid sites aren't adequately protected.

The Federal Bureau of Investigation doesn't think a terrorist organization caused the Metcalf attack, said a spokesman for the FBI in San Francisco. Investigators are "continuing to sift through the evidence," he said.

Some people in the utility industry share Mr. Wellinghoff's concerns, including a former official at PG&E, Metcalf's owner, who told an industry gathering in November he feared the incident could have been a dress rehearsal for a larger event.

"This wasn't an incident where Billy-Bob and Joe decided, after a few brewskis, to come in and shoot up a substation," Mark Johnson, retired vice president of transmission for PG&E, told the utility security conference, according to a video of his presentation. "This was an event that was well thought out, well planned and they targeted certain components." When reached, Mr. Johnson declined to comment further. ...

Utility executives and federal energy officials have long worried that the electric grid is vulnerable to sabotage. That is in part because the grid, which is really three systems serving different areas of the U.S., has failed when small problems such as trees hitting transmission lines created cascading blackouts. One in 2003 knocked out power to 50 million people in the Eastern U.S. and Canada for days.

Many of the system's most important components sit out in the open, often in remote locations, protected by little more than cameras and chain-link fences.

Transmission substations are critical links in the grid.
They make it possible for electricity to move long distances, and serve as hubs for intersecting power lines.

Within a substation, transformers raise the voltage of electricity so it can travel hundreds of miles on high-voltage lines, or reduce voltages when electricity approaches its destination. The Metcalf substation functions as an off-ramp from power lines for electricity heading to homes and businesses in Silicon Valley.

The country's roughly 2,000 very large transformers are expensive to build, often costing millions of dollars each, and hard to replace. Each is custom made and weighs up to 500,000 pounds, and "I can only build 10 units a month," said Dennis Blake, general manager of Pennsylvania Transformer in Pittsburgh, one of seven U.S. manufacturers. The utility industry keeps some spares on hand.

A 2009 Energy Department report said that "physical damage of certain system components (e.g. extra-high-voltage transformers) on a large scale -- could result in prolonged outages, as procurement cycles for these components range from months to years."

Mr. Wellinghoff said a FERC analysis found that if a surprisingly small number of U.S. substations were knocked out at once, that could destabilize the system enough to cause a blackout that could encompass most of the U.S. ...

The utility industry has been focused on Internet attacks, worrying that hackers could take down the grid by disabling communications and important pieces of equipment. Companies have reported 13 cyber incidents in the past three years, according to a Wall Street Journal analysis of emergency reports utilities file with the federal government. There have been no reports of major outages linked to these events, although companies have generally declined to provide details.

"A lot of people in the electric industry have been distracted by cybersecurity threats," said Stephen Berberich, chief executive of the California Independent System Operator, which runs much of the high-voltage transmission system for the utilities. He said that physical attacks pose a "big, if not bigger" menace.

There were 274 significant instances of vandalism or deliberate damage in the three years, and more than 700 weather-related problems, according to the Journal's analysis.

Until the Metcalf incident, attacks on U.S. utility equipment were mostly linked to metal thieves, disgruntled employees or bored hunters, who sometimes took potshots at small transformers on utility poles to see what happens. (Answer: a small explosion followed by an outage.)

Last year, an Arkansas man was charged with multiple attacks on the power grid, including setting fire to a switching station. He has pleaded not guilty and is undergoing a psychiatric evaluation, according to federal court records.

Overseas, terrorist organizations were linked to 2,500 attacks on transmission lines or towers and at least 500 on substations from 1996 to 2006, according to a January report from the Electric Power Research Institute, an industry-funded research group, which cited State Department data. ..

To some, the Metcalf incident has lifted the discussion of serious U.S. grid attacks beyond the theoretical. "The breadth and depth of the attack was unprecedented" in the U.S., said Rich Lordan, senior technical executive for the Electric Power Research Institute. The motivation, he said, "appears to be preparation for an act of war."

The attack lasted slightly less than an hour, according to the chronology assembled by the Journal.

At 12:58 a.m., AT&T fiber-optic telecommunications cables were cut -- in a way that made them hard to repair -- in an underground vault near the substation, not far from U.S. Highway 101 just outside south San Jose. It would have taken more than one person to lift the metal vault cover, said people who visited the site.

Nine minutes later, some customers of Level 3 Communications, an Internet service provider, lost service.
Cables in its vault near the Metcalf substation were also cut.

At 1:31 a.m., a surveillance camera pointed along a chain-link fence around the substation recorded a streak of light that investigators from the Santa Clara County Sheriff's office think was a signal from a waved flashlight. It was followed by the muzzle flash of rifles and sparks from bullets hitting the fence.

The substation's cameras weren't aimed outside its perimeter, where the attackers were.
The shooters appear to have aimed at the transformers' oil-filled cooling systems.
These began to bleed oil, but didn't explode, as the transformers probably would have done if hit in other areas.

About six minutes after the shooting started, PG&E confirms, it got an alarm from motion sensors at the substation, possibly from bullets grazing the fence, which is shown on video.

Four minutes later, at 1:41 a.m., the sheriff's department received a 911 call about gunfire, sent by an engineer at a nearby power plant that still had phone service.

Riddled with bullet holes, the transformers leaked 52,000 gallons of oil, then overheated.
The first bank of them crashed at 1:45 a.m., at which time PG&E's control center about 90 miles north received an equipment-failure alarm.

Five minutes later, another apparent flashlight signal, caught on film, marked the end of the attack.
More than 100 shell casings of the sort ejected by AK-47s were later found at the site.

At 1:51 a.m., law-enforcement officers arrived, but found everything quiet.
Unable to get past the locked fence and seeing nothing suspicious, they left.

A PG&E worker, awakened by the utility's control center at 2:03 a.m., arrived at 3:15 a.m. to survey the damage.


Grid officials routed some power around the substation to keep the system stable and asked customers in Silicon Valley to conserve electricity. ...

Mr. Wellinghoff, then chairman of FERC, said that after he heard about the scope of the attack, he flew to California, bringing with him experts from the Joint Warfare Analysis Center in Dahlgren, Va. After walking the site with PG&E officials and FBI agents, Mr. Wellinghoff said, the military experts told him it looked like a professional job.

In addition to fingerprint-free shell casings, they pointed out small piles of rocks, which they said could have been left by an advance scout to tell the attackers where to get the best shots.

"They said it was a targeting package just like they would put together for an attack," Mr. Wellinghoff said.

Mr. Wellinghoff, now a law partner at Stoel Rives LLP in San Francisco, said he arranged a series of meetings in the following weeks to let other federal agencies, including the Department of Homeland Security, know what happened and to enlist their help. He held a closed-door meeting with utility executives in San Francisco in June and has distributed lists of things utilities should do to strengthen their defenses.

A spokesman for Homeland Security said it is up to utilities to protect the grid.
The department's role in an emergency is to connect federal agencies and local police and facilitate information sharing, the spokesman said.

As word of the attack spread through the utility industry, some companies moved swiftly to review their security efforts. "We're looking at things differently now," said Michelle Campanella, an FBI veteran who is director of security for Consolidated Edison Inc. in New York. For example, she said, Con Ed changed the angles of some of its 1,200 security cameras "so we don't have any blind spots."

Some of the legislators Mr. Wellinghoff briefed are calling for action.
Rep. Henry Waxman (D., Calif.) mentioned the incident at a FERC oversight hearing in December, saying he was concerned that no one in government can order utilities to improve grid protections or to take charge in an emergency.

As for Mr. Wellinghoff, he said he has made something of a hobby of visiting big substations to look over defenses and see whether he is questioned by security details or local police. He said he typically finds easy access to fence lines that are often close to important equipment.

"What keeps me awake at night is a physical attack that could take down the grid," he said. "This is a huge problem."

Tom McGinty contributed to this article.

Corrections & Amplifications
Federal experts who examined a California substation after an attack last April were attached to the Joint Warfare Analysis Center at Dahlgren, Va. An earlier version of this article misidentified the men's command as the Surface Warfare Center in Dahlgren, and incorrectly said it trains Navy SEALs.

The Federal Energy Regulatory Commission (FERC) concluded (in a previously published report: ) that the three electrical systems that serve the entire nation could go dark if as few as nine of the country's 55,000 electric-transmission substations were knocked out in the East, the West and in Texas, according to the report.

The memo suggested that an attack-induced blackout could be particularly long, in part because each of the three regional electric systems -- the West, the East and Texas -- have limited interconnections, limiting their ability to assist each other in the event of an emergency, The Journal reported.

Law enforcement sources and others briefed on the investigation say the gunmen fired 120 rounds from a high-powered rifle and that nearly every shot hit the transformers 40 yards away in a 20-minute period.



Report : Power generation: costs.
Why the cost matters to you.
Natural gas. The clear energy choice.
http://www.encana.com/ -- 2 pages -- pdf

Natural gas -- lowest cost and reliable.

Natural gas is the lowest total cost, cleanest, and most efficient thermal baseload power generation technology.

Advances in technology have unlocked vast reserves within North America, and we now have over a 100 year supply of natural gas at current usage rates. The U.S. Energy Information Administration (U.S. EIA) recognizes the significant new supplies of natural gas, forecasting growing demand for natural gas and sustained lower prices far into the future.


Coal -- shrinking market share.

U.S. coal prices increased 76 percent from 2004 to 2011, according to the Department of Energy (DOE).
Coal's market share in Canada and the U.S. has decreased 10.6 percent from 1997 to 2011 bringing coal's share of the power market down to 39 percent (its lowest level in decades). In addition to rising coal extraction and transportation costs, compliance with environmental regulations is projected to dramatically increase costs. The Brattle Group estimates compliance costs for some coal plants to be as high as an additional 4.6 cents per kilowatt-hour (kWh), leading to a significant increase in the cost of coal-fired power generation5. As a result of cost pressure, Barclays Capital estimates 42 Gigawatts (GW)* of antiquated underutilized coal-power plants to be shutdown by 2015.

Nuclear -- reliable but expensive.

Nuclear power generation is a reliable baseload energy source without greenhouse-gas emissions; however, the cost to construct a new nuclear plant exceeds nearly all other generation types. A nuclear power plant can cost over five times the cost of constructing a natural gas plant. A long-term solution has not yet been developed to address safety concerns stemming from the safe handling and disposal of radioactive waste. Although a few units are expected to come on line in the next decade, cost and safety considerations have stopped nuclear plant construction in North America for the past 15 years.

Wind -- subsidy dependent and intermittent.

The largest challenge with wind is its intermittent nature, making it unreliable for baseload service without being backed-up by an existing power source such as natural gas or hydro-electricity. U.S. taxpayers have funded subsidies to develop wind energy systems costing approximately $5 billion in 2010. Barclays Capital estimates the cost of wind generation can be up to 60 percent greater without subsidies.


Guided Evaluation:

The comments in this section were added with Spiritual Guidance.

Timing can be important in Relevancy.
Reality is influenced by the attitudes, actions, and prayers of each human and Visitor.

Caution: As many spiritually oriented texts advise, and as accumulated personal experience teaches or encourages us to learn: "What is obvious, is often a deception by or to us, or, an intentional manipulation of us." Only God deserves, earns, rewards our TRUST .. constantly.

In human history, "ADVANCES" in Technology have frequently been accepted with lustful enthusiasm, which later, often much later, is demonstrated to introduce new, more impactful/devastating, and complex difficulties/challenges. The NEW technology noted here is almost exclusively that of FRACKING. This process, within 6 years of its introduction has received growing concerns about its likelihood of toxification of drinking water aquifers, earthquake frequency enhancement, and, loss of already scarce water resources ... in addition to the pollution of surface soils and rivers. It has been conveniently excluded that many of the natural gas well-heads require the venting of sulfur dioxide into the local atmosphere prior to the decanted gas being pipelined to a refinery - collection and distribution point. This gas has been known for DECADES to adversely influence the health of local animals (livestock) in addition to unborn and physically interacting humans.

Statistical certainties expressed in PROMOTIONAL literature are often based upon estimates and projections.

In historical experience, the greater the time span of the forecast, the greater the inaccuracy & irrelevancy.

Quoting MARKET SHARE over a period of Market Growth is very deceptive.
It provides NO indication if the actual total production of the product has decreased, or perhaps, increased ... yet the suggestion is one of decrease. The period referenced for Coal is actually identical to that of government support of coal mining and processing GROWTH in the USA. There have also been technologies introduced during that period which convert coal into oil products by an application of heat and pressure. Would this Result be included with which product assessment?

As a Canadian Report, global realities of nuclear generated electrical power are absent here.
This skews the larger relevancy of this information. Globally, ALL of the nuclear plants which have been built have exceeded, or soon will, their designed lifetime. Some have already been closed. Some have had catastrophic failures. ALL have experienced maintenance problems. The safest designs, including the Canadian CANDU, are neither numerous nor popular. Political corruption and economic manipulation has favored the other, more risky designs ... which have a clearer termination cycle. There are no indications of any strategies being considered or in place for the replacement of this current form of power generation once these units are closed .. for any of many reasons.

Wind generation of electricity has, as indicated, has proven to be poorly applied, in terms of location selection.
Numerous units have been constructed in areas with intermittent wind velocity according to time of day and season of the year. There has been little caution considered in decisions in regard to the health degradating influence of them to some persons living near the base of the towers. These "Failures of Relevancy" are repeated with ALL forms of power generation and transmission such that immediate and long-term health influences, primarily through eventual environmental degradation, are left in denial.

The FORM of Electric Power Generation absent from ALL similar reports, proposals, and plans, is that of CULTURAL Practice Adjustment (CPA). By way of POLITICAL leadership, economic benefits can be provided to individual consumers for their CONSCIOUS Reduction of energy use. Persons could be rewarded for using lower demand appliances, using energy at new hours of routine, and, by the encouragement to develop new forms of technology which require LESS power demand to provide an identical or improved service. Residential water heaters present a high demand and high waste result which could be designed to minimize the waste (heat-on-demand vs constant-heat, plus, shorter plumbing runs of insulated pipe) and to reduce demand. Voluntary, cost-plus applications have been available for decades. They typically cost penalize the concerned active consumer.

The COST of Transmission of electrical power is conspicuously absent.
Regardless of generation system and the resources required, almost ALL such power is NOT used at source (generating facility). Transmission by electrical cables often results in a LOSS of up to 17% or more of the power generated. In addition, the transmission of fuels through pipelines (natural gas and petroleum) and by way of railroads (coal, oil, LPG) additionally contributes a COST that reduces the efficiency of the electrical power eventually consumed. Almost EVERY document and discussion of electrical power dynamics demonstrates a Political and Cultural COMMITMENT (Addiction) to the Denial of any context of future human presence which excludes or challenges the continuance of an EXPANDING population demanding an EXPONENTIAL increase in energy use.





Research: LINKS to Internet resources.
(Many of these are from the Texas Report, noted above.)