Besides steel, the typical car of 2010 has over 200 million lines of software code. That’s far more software, according to Smart Grid security ace Andy Bochman, than it takes to run a space shuttle. Andy has some concerns about the security implications when EVs loaded with code start plugging into the grid – and you probably should too.">
Click to Print This Page

Back to Article


SmartGridNews.com
The insider's guide to the modernization and automation of electric power

V2G Hacking and Other Worries from the Smart Grid Edge
By Andy Bochman
Jun 8, 2010 - 9:57:31 AM

Thanks to Forrester analyst Usman Sindhu for zeroing in on risks emerging from new sources on the Smart Grid edge. Namely, those related to our increasingly (wirelessly) wired automobiles. At the IBM Innovate conference Jack and I are attending this week, cars came into focus in a way I don't think they have before. You see, this is a conference devoted almost fully to the art and science of software, and cars are made out of steel, right?

Well, for the time being, yes. But that's not the end of the story. Besides steel, the typical car of 2010 has over 200 million lines of code. And though ferrying payloads to low earth orbit and docking with the International Space Station are beyond most 2010 models' capabilities, this is far more software than it takes to run the space shuttles. With dozens of applications and interfaces, not only is each one a highly complex system in itself, but if you think about it, each is an intelligent node in a system of systems. Improvements are now rolling out with increasing frequency to safety, navigation and propulsion systems, among others.

Jack has recently developed an auto-fixation, and as he said in a presentation earlier today, the ability to monitor, diagnose, and repair many vehicular problems without expensive, inconvenient trips to the repair shop is a major win for car makers and customers alike. The way he described it, it was almost like techno-nirvana. Until, that is, he mentioned the likely frailty of the software upon which all of this great new functionality depends.

As recent recalls have demonstrated, the cost of loving what software enables is realizing what happens when it goes wrong, whether by accident or from malicious intent. For a drill down, I recommend you see this from the Economist on cars and software bugs, as well as the Discovery Channel's "This Car Runs on Code". Karl Koscher et al from the University of Washington spell it out in plain English in their recent paper: "Experimental Analysis of a Modern Automobile:” 

.

While the automotive industry has always considered safety a critical engineering concern (indeed, much of this new software has been introduced specifically to increase safety, e.g., Anti-lock Brake Systems) it is not clear whether vehicle manufacturers have anticipated in their designs the possibility of an adversary. Indeed, it seems likely that this increasing degree of computerized control also brings with it a corresponding array of potential threats.

 

Threats from bad guys are one thing; threats from poor coding, configuration errors and other unintentional companions of complexity are likely a bigger challenge in the near term. Nevertheless, could an attacker work his/her way through less-than-secure automotive communications networks to put drivers in harm's way or adversely impact a utility? Sounds exotic, but when Vehicle-to-Grid (V2G) dreams start becoming reality, and electric cars draw their power from the grid while fulfilling important energy storage functions upon which we come to rely, this is one area we want to make sure doesn't get overlooked. In fact, just like in everything else, we'd recommend minimizing the drama and designing security in from the word go.

Andy Bochman and Jack Danahy are authors of the Smart Grid Security Blog.

   

You might also be interested in …

Distribution Side: Grid Needs to Plan for Plug-in Vehicles

V2G a Smart Grid Blessing or Curse?

Smart Grid Lite: Is a Simple Grid a Better Grid?

Add Nukes, Solar Flares and Pandemic Disease to the List of Potential Threats to the Electric Grid

A Controlling Interest in Securing Utility Control Systems

Warning: The New Security Demands That Utilities Can't Afford to Ignore

 

Related SGN channels …

Smart Grid Security

Electric Transportation

 

Stay connected with SGN …

Smart Grid Discussions: Get LinkedIn with Jesse

Smart Grid on Facebook

Follow Us on Twitter

Try our RSS feed

Get our email digest

Subscribe to our FREE eMail News Alert!
Smart Grid Newsletter (SGN) is the insider's guide to the Smart Grid revolution. It consists of a FREE bi-monthly email summary, along with a companion Web site that contains the full stories and other helpful materials.

Benefits of subscribing: SGN is the only central source for all of the news, trends, research and marketplace information relevant to grid automation. In it, you will read about cutting edge technologies; successful pioneers and how they got ahead; regulatory changes that could unleash new markets; the latest research; and new opportunities for sales of grid-related products and services.


© Copyright 2009 SmartGridNews.com