Attacks & Accidents Policy to Protect the Power Grid's Critical Computing and Communication Needs
Abstract/Contents
- Abstract
Critical infrastructure protection is challenging because these systems are complex, interdependent, and influenced or controlled by multiple organizations that have conflicting or ill-defined responsibilities. The power grid is critical infrastructure and its reliability and security is being degraded by the drive for increased economic efficiency which has led to increased pressure on an outdated transmission grid. This has led to the use of advanced computing and communication infrastructure to manage this pressure at the cost of new challenges posed by these technologies, including the possibility of malevolent cyber attack—a new and perhaps significant risk.
The key policy question is how to make the best decisions regarding the development, implementation, operation, and maintenance of these new technologies. Industry deregulation now underway makes corrective policy difficult because companies do not have a competitive incentive to invest in security and the current reliability oversight of the power grid is ambiguous and voluntary. This paper proposes some steps that can provide for an organizational structure to support better security policy formulation and implementation, while also preserving the current goals of deregulation.
Since no computing or communication resource can be made totally secure, it is imperative that risk analysis and policy formulation use advanced methods and be an iterative process that addresses newly discovered vulnerabilities as well as emerging technologies and threats. Additionally, this policy planning must be done without any previous experience of a cyber attack on the power grid. Therefore, policy should be directed, in the near to middle term, at improvements in reliability of both the grid's power and cyber infrastructure. This would have the concomitant effect of making the power grid more survivable against attack. Finally, a disconnect in perception must be addressed—industry insiders and policy makers view electric power as the ultimate focus of the power grid, but it is essential that this perception be shifted to accommodate the growing and almost equal importance of the power grid's critical computing and communication needs.
Description
| Type of resource | text |
|---|---|
| Date created | May 21, 2004 |
Creators/Contributors
| Author | Cieslewicz, John |
|---|---|
| Advisor | May, Michael |
Subjects
| Subject | infrastructure |
|---|---|
| Subject | power grid |
| Subject | security |
| Subject | cyber attack |
| Subject | Stanford University |
| Subject | Center for International Security and Cooperation |
| Genre | Thesis |
Bibliographic information
Access conditions
- Use and reproduction
- User agrees that, where applicable, content will not be used to identify or to otherwise infringe the privacy or confidentiality rights of individuals. Content distributed via the Stanford Digital Repository may be subject to additional license and use restrictions applied by the depositor.
- License
- This work is licensed under a Creative Commons Attribution Non Commercial 3.0 Unported license (CC BY-NC).
Preferred citation
- Preferred Citation
- Cieslewicz, John. (2004). Attacks & Accidents Policy to Protect the Power Grid's Critical Computing and Communication Needs. Stanford Digital Repository. Available at: http://purl.stanford.edu/bb390wn9224
Collection
Stanford University, Center for International Security and Cooperation, Interschool Honors Program in International Security Studies, Theses
View other items in this collection in SearchWorksContact information
- Contact
- cieslewicz@gmail.com
Also listed in
Loading usage metrics...