Monday, April 12, 2004


Blackout!

BlackoutFrom SecurityFocus comes this excellent technical recap of the problems that resulted in the "Big Blackout" of 14 August 2003. Interestingly, one of the key failures was that of a GE Energy automated alarm system (and, no, it wasn't running Windows :-). Read on...

...To nobody's surprise, the final report on the blackout released by a U.S.-Canadian task force Monday puts most of blame for the outage on Ohio-based FirstEnergy Corp., faulting poor communications, inadequate training, and the company's failure to trim back trees encroaching on high-voltage power lines. But over a dozen of task force's 46 recommendations for preventing future outages across North America are focused squarely on cyberspace...

...That may have something to do with the timing of the blackout, which came three days after the relentless Blaster worm began wreaking havoc around the Internet -- a coincidence that prompted speculation at the time that the worm, or the traffic it was generating in its efforts to spread, might have triggered or exacerbated the event. When U.S. and Canadian authorities assembled their investigative teams, they included a computer security contingent tasked with looking specifically at any cybersecurity angle on the outage...

...In the end, it turned out that a computer snafu actually played a significant role in the cascading blackout -- though it had nothing to do with viruses or cyber terrorists. A silent failure of the alarm function in FirstEnergy's computerized Energy Management System (EMS) is listed in the final report as one of the direct causes of a blackout that eventually cut off electricity to 50 million people in eight states and Canada.

"There [were] a couple of processes that were in contention for a common data structure, and through a software coding error in one of the application processes, they were both able to get write access to a data structure at the same time,' says Unum. 'And that corruption led to the alarm event application getting into an infinite loop and spinning.'"


SecurityFocus: Tracking the blackout bug

No comments: