Recently the Securing Energy Infrastructure Act (SEIA) bill passed the Senate floor. This act calls for the US to improve power grid security by using analog and manual technologies as a defensive measure against foreign cyber-attacks. At this time, the bill needs the approval from the US House of Representatives.
If the SEIA bill is approved, it would establish a two-year pilot program with the National Laboratories where researchers would study power grid operators and their vulnerabilities. They would also develop new analog devices.
How this works is that the analog technology would allow the US to isolate the most important control systems in the grid which would help limit any catastrophic outages. This “new” system would design ways to replace any automated systems with human operators. The whole point is to make cyber-attacks much more difficult. By using a manual operation approach, an attack would require someone to physically touch the equipment instead of hacking into an online grid.
There have not been any large-scale attacks that lead to this approach, it is a preventative measure. The SEIA bill was inspired by an attack on Ukraine’s power grid back in 2015. Russian hackers crashed a part of the power grid and more than 225,000 Ukrainians were left without power. However, because Ukraine operates its grid with manual technology the attack was less catastrophic than it could have been with automated operations.
The other motivation comes from a 2017 report showing a Russian-linked hacker group that was going after power grid operators, and the US was on its targeted list.
As it stands, experts and industry insiders believe that SEIA is a good step forward in preventing and protecting against future cyber-attacks. Though they also believe that it is not the end-all, but only one step in the whole approach.