img

NOTES:

Authorization violation: Access by an entity that lacks the proper access rights.

Bypassing controls: Exploitation of system flaws or weaknesses by an authorized user in order to acquire unauthorized privileges.

Denial of service: Deliberate impedance of legitimate access to information.

Eavesdropping: Acquisition of information flows, sometimes by “listening” to radio or wireline transmissions, sometimes by analyzing traffic on a local area network.

Illegitimate use: knowingly or unknowingly intruding on system resources.

Indiscretion: Indiscriminate opening of information files and so on.

Information leakage: Unintentional provision of information to a disguised third party.

Integrity violation: Messages and the computer infrastructure subjected to unauthorized modification or destruction.

Intercept/alter: Intercepting and altering information flows, usually by accessing databases and modifying data.

Masquerade: Posing as an authorized user on a network, the most common method used by hackers to gain access to networks, often enabled by having other users’ passwords. A masquerader can view secret information, alter or destroy data, use unauthorized resources, and deny legitimate users access to services.

Replay: Use of information previously captured without necessarily knowing what it means.

Repudiation: Denial by an entity that it undertook some action such as sending a message or receiving information.

Spoof: Occurs when a user or application believes it is using one of the legitimate computer services, while actually performing some different function.

FIGURE 4.1 Perceived threats to power system control centers as reported in a survey of electric utilities conducted by EPRI in 2000. SOURCE: Adapted from EPRI (2000).

cies), and to calculate possible operational changes that could improve the operational condition (i.e., more optimized in terms of cost and less vulnerable to contingencies). A very important automatic function of an EMS is automatic generation control (AGC), which involves measurements of system frequency interchange power flows, and power plant outputs to regulate system frequency and net power interchange via commands sent to power plants. An EMS always works in concert with a SCADA system, with the SCADA as the front-end component connected directly to the grid and the EMS as the back-end component with the heavy computational capabilities; this combination is referred to as the EMS-SCADA (or just EMS) or simply, the control center. Communication connections between EMSs in neighboring grids are common for the exchange of data describing the real-time conditions in the nearby interconnected system. More details on EMSs and their use in systems monitoring and control are provided in chapter 6 of this report.

Supervisory Control and Data Acquisition

SCADA systems provide three critical functions in the operation of an electric power system: data acquisition, supervisory control, and alarm display. It consists of computers and display units with appropriate applications software, and is connected by a communications system to remote terminal units (RTUs) placed at substations that collect data and perform control of electrical system devices. The SCADA system polls the RTUs periodically to gather the real-time measurement data from all the substations and sends out control signals to the RTUs to control specific equipment. These supervisory control signals can be automatically generated by the SCADA computers or be manually initiated by the operator. The controls can be for operations of many types, such as the opening and closing of circuit breakers and the adjustment of control set points for transformer taps, generation of unit power outputs and voltage levels, DC transmission line flows, and so on. (It should be pointed out that SCADA is a generic name for this class of equipment, which is used for similar applications in many industries, including natural gas pipeline transmission and chemical plants.)

Most power system legacy SCADA systems operate in a several-second sample or polling rate. A separate SCADA system may be used for AGC. Modern SCADA systems may be networked using private Internet protocols, and may use faster sampling rates.

Remote Terminal Unit

RTUs are special-purpose microprocessor-based elements that are located at substations or power stations to interface with all the substation equipment. An RTU is connected to the SCADA system through a communication channel that



The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement