to manufacture, conduct conduct finance, communication, medical care, turns out that even our ability to generate in -- and access other sources of energy are connected to the grid. when hurricane rita missed the oil refineries on the gulf cost, we all breathed a sigh of relief that the physical assets were not damaged. turns out the hurricane took out most of the power lines to the refineries and shut down 20% of our nation's ability to refine fossil -- oil products for about a week. so even things that would -- you would think are not connected really are. and our ability to maintain those connections are vital. our national defense depends directly on our ability to maintain a robust electrical grid. therefore -- air force, military

bases are connected directly to the public grid, and their critical operations depend on that as well. so, it turns out there is probably no better way to cut the lights out from under a modern society than to interrupt the power grid. impacts everything we do. so, as we look at that it is important to understand the context of the grid. it is really an evolving beast of sorts. today's grid is based on the centralized dispatch of power. that is evolving to something that involves much more distributed, both control of the utilization and the generation, and as we move down that road, it is driven by certain demands on the system. first is to improve the

efficiency of the power distribution and power dispatch and that greater efficiency is calling for more sensors, more monitoring on the grid to more tightly control the balance between generation and use. it's important to note that increasing the efficiency of the distribution system by 5% would be equivalent in energy to removing 50 million cars from the highways so it's an important piece of this moving forward is to increase the communications and sensing needed to improve that efficiency. the next step is really engaging this end use for strongly in the control of the system and i think you have heard of things

like the time of day pricing, smart meters, these are in addition to the grid that would allow the end user to play a more actively role in how the power distribution is managed. now, when you look at that it immediately opens many, many more penetration points into that communication network. and greatly increases the complexity of the cyber network, and its vulnerabilities. the next step of evolution is moving from a solely central power dispatch to more distributed and intermet tent sources and this is really driven by our interest in moving to a lower carbon sources of energy and more distributed

renewable energy sources on the grid. this it's a mainly evolution to the grid which really changes the model of operations from one where probation theory can manage the distribution to one where we now have a random generation and random use going on at the same time and they require different control approaches much more complex, much more monitoring and sensing and communication across the grid to maintain a stable architecture and of course the broader communications again puts more and more points of vulnerability for cyber penetration into the system and we think about moving the vehicle transportation fleet from fossil fuels to the electric grid. and that opens a truly two-way

power distribution network where we not only have generation locally but actually storage could be distributed throughout the network and we're moving to higher and higher levels of communication and control as we go forward and more dependence on the cyber network that supports that. so the challenge really is to take a whole system perspective of something which is evolving in time. there isn't any such thing as the smart grid. it's something moving forward in these incremental steps and we think it will be important that we really take an enterprise perspective as we look at solutions to this. in other words, really understanding what are the critical functions that must be maintained, and how do we develop a system that has an inherent security against those threats and vulnerabilities and that means, you know, assessing

the vulnerabilities, analyzing consequences, developing forensics, and providing the kind of resiliency needed for the application, enterprise that -- that specific enterprise and it isn't just cyber, we have to looks at all this dimensions of security that support this. the grid is susceptible to physical attack and responding to one security threat will not get us to the intrinsic level we need to ensure the success of that enterprise. it is also important to understand that security is not free. it is actually extensive add-onto the system. and, so we want to make sure the level of security is tailored -- tailored to the criticality of the enterprise. as an example a military base, they need a much different

security approach than for a residential community. 'hospital versus an office complex. and the challenge is how do we build that kind of an inherent security into the evolving grid that meets those specific needs without overencumbering parts of this enterprise which really don't need much security. probably the most -- while security is expensive, the most is what you had on at this end. having the models and consents that allow you to build this security in up front, is going to be the key challenge that we face. >> thank you. i want to make quickly four points. the first point is from about the mid '90s forward those of us in the sort of cyber business call indicated that if you wanted to carry out an attack on the u.s. and figure out where to

do the most damage it's fairly clear the electric power sector would be the most critical in the sense that if you lost 48 hours, 72 hours, a week's worth of proower it would do more economic damage than any other sector you would think of at least in the civilian realm and this is largely still true, to the point where if our cyber czar was able to make progress in the field of electric power security and in no other sector he'd earn his pay several times over. it is that important. the second thing i want to say about surt and the electric power sector is that in terms of the whole scale cyber attack, the electric power sector may be a tough nut to crack. for several reasons. the first reason is the electric power sector is heterogenous, to get most of the country you need double-digit and depending on your did he have next of most,

triple digit number of companies which are independently run and which have independent security policies. now it's true they are in the connected and also true in 2003 we saw the problems of one power company shut the lights of 50 million others -- people. i would believe -- and leave to it engineers to tell me if i'm right or wrong, that was a chasening experience and we've learned to govern the grid to guard against cascading effects better but i don't know. the second aspect which ex makes the electric power industry a tough nut to crack is it is an industry that is concerned, in some cases obsessed by restoration and resiliency, natural events take place all the time and take out power, an industry that knows how to restore power relatively quickly and has that mindset and in a world of cyber dangers is a good mindset to have. the third reason the industry is a tough nut to crack is that

internet connectivity of the electric power networks, the information networks of the electric power sector is not intrinsic to its business model in the same way internet connectivity is intrinsic to the business model of the phone company, e-commerce and, these days, banking. in other words if it turns out the condition were a lot worse than people think they are, maybe than i thank they are, it is possible to roll back some of the connectivity without harming the basic business model. it wouldn't be free and may not be the best way to go but the possibility exists. the third point i would like to make is that we really don't know how vulnerable the electric power industry is, and in this case the intelligence community is more of a hindrance than a help. one of the reasons that there is a great deal of concern about the electric power industry was an article in the "wall street journal" back in april which

suggested -- actually stated is that a rogue code, mal wear was found within the control systems of the electric power industry. i had a chance to find out what the source of the article was. how did you learn this and thought maybe a security company had found that, or the fbi had found it or -- p no. wasn't that. it was intelligence. our intelligence agencies spend their time looking at foreigners and look at foreigners convinced them there was malware in the electric power industry and i'm not saying that is impossible but it caused me to scratch my head. let me tell you another story, in the '90s there was a story circulating within the cyber community in washington that a 14-year-old was this close to taking out the roosevelt dam in arizona but the story circulated within washington and arizona is about 2,000 miles from washington until this point,

maybe 5 to 10 years ago where the story got to the "washington post." and finally got the attention of the folks that ran the roosevelt dam in arizona and their reaction was sort of like, what the health care is going on? and this story they are coming back was there was no way that kid was ever close to those sorts of controls. some of you may have seen a "60 minutes" show, which basically followed rumors from the intelligence community that someone got into a power station and shut off the power, maybe yes, and maybe no and the brazilians said it may not have been a hacker and may have been a -- problems with the drought and the bad smoke stacks and, we find these guys early -- fined them several million dollars. true? not true? i don't know, i'm reminded of the testimony given by a fellow, asan tay, the security head of the north american electric reliability corporation and pleaded congress and said, guys

if you in the intelligence community know about our vulnerabilities, tell us. they are not telling the electric power industry what is this point of the intelligence in the first place? i will leave that up in the air and go to number 4. number 4 is, it is easy to write scenarios in which a nation state takes down the american public infrastructure. as a sort of, you know, strategic ploy but when think about it really closely, will it make sense for them sth let me spin you out a scenario. you have a great big country with a capacity to hire a lot of of hackers, and they want to create mischief against' small neighbor, call it taiwan, georgia, names aren't important here, okay? but they know the u.s. will not take it lightly and want the u.s. not to intervene, so what do they do, take down the american electric grid. we can cause you damage, don't intervene. i would maintain that is the

stupidest thing they could do. why? listen to the narrative, before they could basically say, this is an internal affair, halfway around the world, not a harbinger to anything else, we will not march off in our combat boots, we want to take care of a local problem, the minute they attack the u.s. electric grid it is no longer a local problem, it is a strategic problem and our reaction would be you cannot do this to us and coerce us by daycare taking done the electric power grid and what happens to the narrative they were saying it was a local problem? it is out the window and when you think of that, it is security and relationship to national security all i would suggest is a great deal of skepticism is warranted here. it ain't necessarily so. unfortunately, it ain't necessarily not so, either. >> good morning and thank you for being here. i will back up and bring kind of our customers utility

perspective to the discussion. so the utility industry has been around for more than 100 years and their mantra is to provide safe, reliable, continuous service to their customers. i think though we are at a tipping point if you will where there has been significant technological advances that are coming to play with things like advanced metering and infrastructure and smart grid that will change the face of the utility going forward and creates an opportunity. so, with these unprecedented technology changes, you know, historically utilities have been largely operated on proprietary networks with closed communication protocols and many cases, the communication system that operated the grid was fesscally and logically separate from the communication system or network that ran the back office

systems as well but over the past two decade, through substation automation, workforce automation, advancement in technology and upgrade of technology it created for a more and interconnected power grid. i think there is also, you may have heard the phrase that is popular, i.t. and ot convergence taking information technology and operational technology and it is more of a blending and less of a black and white and separate study of signs. so from or clients' perspective there is more than 3,000 units in the u.s., varying sizes from rural co-ops to some of the largest utilities in the country. i used to work at one of those based in california. all of them have security as a priority as they take on these new initiatives. but i will tell you that the

level of maturity differs greatly from utility to utility. so while everybody believes it is important and absolutely a sea-level imperative, there again, in varying stages of implementation, and some of that is because of frankly some of the things we're here to talk about today. there is a lack of standard for security in the utility industry. and also many mus market entrants as well so as we look at advanced metering infrastructure there is a new meter vendor in place and many of the meter vendors implement security in different ways, there is no consistency or standard across meter technology for example for security. there is, though if you break up the advanced meter infrastructure problem into three components, there are devices in the home or the field, network that carries

information back and forth to those devices, and back office, or other systems that operate, you know, analyze that information, act on that information. two components, network and back office have been secured, you know, over decades of time and take advantage of the security techniques that we have done across many different industries. it is really end point devices where we need some additional help, consistency -- and standards, and though it is a sea-level imperative, we are facing policy and legislation that differs from state-to-state and many utilities operate across multiple states and as a result have to deal with different forms of legislation and regulation in the states they pretty in. and our utility client have to

get more consistency across the states to allow them to cost effectively address the security requirements. and another ask, from a policy statement is to make cost recovery easy. or easier, many states have, you know, embraced the ability to recover costs or rates for both fiscal and logical secure, cyber security but is inconsistent from state-to-state and nor ask from our utility clients and is again something that can be dealt with from a policy standpoint is to create greater collaboration. i had responsibility for the year 2000 program in southern california edison and one thing i think made us successful -- and there were absolutely y2k issues that needed to be remediated and to prevent a widespread power outage, one thing that allowed us in the utility industry to be

successful in that is there was a great deal of collaboration amongst utilities and sharing of information. i think we need to promote that not only amongst utilities dealing with cyber security defenses but with the federal agencies as well as my colleagues have expressed. one of the barriers there is freedom of information fact and many times utilities are reluctant to share information about security needs or weakness because they potentially expose that to those that would seek to do us harm and we need some ability to exit out the information sharing from the freedom of information act to better improve the security of the utility infrastructure. i mentioned consistency in standards. and perhaps there is something like an underwriter's laboratory that can certify meter vendors

and meters and security techniques deployed in them like we do with certain other standards, agencies, like automated teller machines and people don't question the security of that anymore and used to be a major issue. and has become less of an issue as we have got a higher degree of standards across those and it is important to strike the balance between regulation and legislation and ability to operate the utility in a cost-effective manner. because at the end of the day -- at the end of the day the customer foots the bill for initiatives and regulation and legislation and we have to find a good balance, getting the consistency and giving the ta t ability to be creative and serve

their customers with the service that they deserve. and just as a last point while talk about cybersecurity resilience or disaster recovery is absolutely important as well. sometimes i think it gets lost but i think it's important in this situation. >> good morning. you're in for a real treat now. i'm not a soosh security expert and i'm not in the utility. i'm going to give you a case study because as terry mentioned, the utility is our lifeblood. what we do and taramark, we design build and trait data centers and take or facility in miami, 750,000 square feet ofn we're only half built out and fully powered our utility bill at current rates exceeds $2

million a month and we use and need the utility. and what kind of customers are our facilities, single cabinet customers with a few serves and customers with hundreds of cabinets and thousands of servers and commercial customers, and the u.s. federal government has their most critical i.t. infrastructure inside or facilities and why do customers move their critical i.t. infrastructure into a facility like ours? one of the biggest reasons is i.t. is not one of their core competencies and want to get out of it and give to it somebody who can, can protect it and take care of it. i'd liken it to the electric power industry and it wasn't long ago, 150 years ago, everybody had their own private generators and power -- private generation and learned by having a large power generation plant and services lots of different users, they could outsource that ability, get rid of their mechanical and electrical staff and actually achieve efficiencies, after that came the grid, the power generation

plants would feed power into the grid and the grid would power the users and you get higher reliability. we're seeing the same sort of thing in the data center industry, a convergence, from a lot of little ones from your banks, law firms, hospitals, who have server farms and i.t. plants and moving them into a larger facility and where you saw the electrical utility you saw small plan go to fewer large plant and the grid and order is changed here, the small data centers then the grid, the internet, and now you see this larger data centers. so are we exposing the critical i.t. plants to additional cyber security risk by putting them all in one place? in our facility in miami we have 170 carriers and the farms are served by the same networks as before coming into the facility. if you want to breach one of their systems, you still have to come in through the network and defeat all of their security

features, et cetera, to get in there, you have to come across the logical network. we have a team of i.t. security experts headed up by chris day who is sitting in the back and he'll speak on the next panel and who take care of that and design and build detection and protection systems and fire walls, et cetera, and also design the methods and procedures we take when it's breached and how we handle that and that is a very important point you'll hear me repeat in a second. then you ask why am i here? my team designs and builds the organs of these mission critical facilities. we design the power, cooling, the security, layer zero, layer one systems, life safety systems and instrumentation and control systems, and i can't emphasize enough how sophisticated the power and cooling systems and other systems in these facilities really are. in our facility in miami only half built out, we monitor more than 120,000 points inside that

facility. we collect all that data and bring it back to a control algorithm, computers, who orchestrate all the sensors and data and a number of control valves, switches, switch gear, fdfs on punches, et cetera, that make the facility operate and if you want to take down our facility that is the network you want to breach and we're careful about how to design the network that connects all the computers and sensors and everything and orchestrate the large facility operating all those controls. now some things we don't do, is use wireless devices, we could use wireless sensors and motorized vafs blves but that i entry point for them to get inside our facility and we have a benefit in that all the systems, these sensors and controls are inside a building or facility still we have a

perimeter, and on that precipitate we have electronic trip wires, closed circuit television, access controls, biometrics, and those are points somebody can get on the network and more importantly we have remote capability and you can get on the network as well and you get on that network and you can throw or main breakers and turn off pumps, fuel systems and do a lot of bad things to bring the facility down in a hurry and i look at the public utility, the public utility is physical. all of their devices are strewn out across thousands of miles of open area. you can take out a substation and a transmission system and it will do some damage but to do the real damage is if you get on the control network for the public utility and then you own it and you can do anything to it and that is something we're very, very sensitive of. so when we look at the smart grid and public utility which is our lifeblood for mission

critical facility, that is really what we're looking at is this control system and how well, they are locked down and can somebody breach that and get in there and turn it down, much the same way as we do for our own facilities when we design and build those. >>. >> good morning. i am going to be talking a little bit out providing you qualitative background on some of the pointerry brought up t-beginning of the session. -- to inter, terry brought up at the beginning of the session. this is a diagram from a study we did at the electric power research institute that says if we want to bring done the level of carbon dioxide in the atmosphere in the next 40 years

what are some of the technological challenges that we face? you can see there is an 83% drop in carbon dioxide over the next 40 years relative to 2005 levels and the question is, how do we achieve that kind of target. the energy information a0sation have forecasts for energy consumption. and this was part of our 2009 addition we did to the study that shows the positive contributions the various technologies can make to reducing the carbon footprint and this also shows you this complexity the utility industry faces being the second largest producer of co2 in the economy. as you can see, there is no panacea. in order to bring the carbon levels down you have to have a

combination of many things that includes energy fiefficiencies, and expanded nuclear fleet and introducing plug in electric vehicles and increased electro technologies and industrial process. the national institute of standards and technology embarked on a project last year to address the issue of the utility industry facing this downward trend for carbon and the way you can do that is by introducing a lot of those technologies i listed in the previous slide and you can't really have that unless you have smart grid and terry mentioned there will be a lot of points of entry and exit from the grid

that requires a network grid with proper sensing. so the smart grid initiative from nist which started april of last year is to develop a set of interoperability standards so that independent of vendor the smart grid would work together and the ability to secure it. so looking at this smart grid, if you look at the 7 domains, the key thing here is that within each of these domains there are environments and within those environments there are transactions that need to occur between environments, which creates it faces. some of those interfaces are logical, some of them are physical, and some of them are temporal and so each one of them needs to have certain policies in place in order to protect

this assets. and as you can see, we are moving -- a major paradigm shift is occurring in the utility sfri from the highly ken centralized way with a single autonomous domain to this environment where you have multiple domains and instead of master-slave-type relationship we'll have a peering-type relationship and this adds a lot of complexity in the way we'd do cyber security so the trend as we're moving forward is towards creating a more democratic flow of information. it's not just electricity but also the information to control the electricity. and so in addition to having interoperability standards there also needs to be a set of standards for protecting the assets. now protecting the assets, there

are three areas we need to focus on and one is this technology issues, hardening issues, like putting fire walls and access control list and having anti-virus and things like that. then there is something called managing the residual risk. if you had put up a big wall it will not protect you. eventually this hacker will find a way to compromise a trusted system and get past all the authentication. the question is, how do you detect a person doing something like that? that person by the way, in the financial services industry, in the country, seven out of ten acts were internal and while our focus is across borders and oceans, 7 out of ten times it may be internal and the internal may be sometimes deliberate and sometimes unintentional. but having a good intrusion detection and production -- prevention system is going to be key across all aspects of this

grid. so within the electric utility industry community, i would welcome you to participate in two forums that are at a national level now. one of them is under the nist smart grid in the opt ability panels there is a cyber security coordinating task group and we meet every monday on a conference call for an hour and you can go to nist.gov/smartgrid and sign up for that and is a good place to learn about the issues the utility industry is facing and we're working towards developing those in the opt ability standards and -- interoperability standards and cyber security standards and i'd also like you to visit the utility communication architecture, uca international user group. within that there is a working group, utility-sec focused on

security for the utility industry and they are currently on a project called the advanced security acceleration project, smart grid. looking at detailed use cases from this, identifying requirements and figuring out where the gaps are and giving the vendor community clarity on what kind of enhanced security features they need to add. so through the organizations and the work going on you'll have a better understanding of what the issues are and will find that, a, it is not as bad as some of the media would like you to believe. but at the same time we cannot ignore the complexity that the smart grid is bringing us. thank you. >> the good thing about being at the conclusion of a panel is you can refer back to what the other speakers have said and i'll start with a few comments. future trends.

terry mentioned the overall importance of the electric grid. the ieee, institute of electrical and electronic engineers in the u.s., actually a global organization, ranked i think the 100 top innovations of the 20th century, once we were done with the 20th century. and guess what was number one? not the ipod but the electric grid itself. and the reason is, many of the other in vegetables from cat sans, -- inventions from cat sans, would not be possible without the reliable electric grid and to refer to something eric mentioned before about the states having some consistent policy about security, it is not just the public tell you commission, for example in canada, as more and more wifi is being used for smart grid applications, the canadian government, their equivalent of our fcc, federal communication

commission, gave 1.8 gigahertz spectrum space for utilities only and wifi because as ben said while you could get nervous when you have an rf you will never wire everything in the electric grid it is way too geographically disbursed but by giving a separate frequency to the utilities it keeps off of public infrastructure, and of course i don't know that anybody actually said it but smart grid is not, i repeat synonymous with putting it on the electric internet and you may use some of the same protocols, tcip and so forth but does not mean you are using the internet with a capital "i" meaning anybody anywhere in the world can connect to it. all right? so let me go on with some comments about future trends. one of the trends about security is to make each individual device more self-defensive.

and irfan indicated having one firewall is not the answer and the alternative then is individual devices, hiding behind a firewall, can't give up and say, someone got behind it, i'm doomed and i'll listen to anybody and do anything somebody says as long as i have the right commands. right? that is not really acceptable and we have to think of security at the individual device levels, so you have some other defenses. all right. i mean, in a colonial times we looked at i guess the second amendment and right to bear arms. and it was the same kind of idea. people, individuals could have some of their own defenses, not just a border, you pass the border, everything is lost. another important future area, we're looking at, to be looked at, i should say, is what the electric industry called wide area situational awareness. an interesting effort afoot using what is called phaser

measurement unit and that is technical but i am allowed to say technical things but it is introducing devices that monitor disturbances in the electrical grid and there is an interesting web site naspi.org, north american synchro aphasia initiative, and this is a grassroots effort by the utilities to interconnect their so-called phaser measuring devices so one can see the kind of electrical tsunami that happened in august 2003, coming at you. and while this is intended to be focused on operational, we're also looking at it as this tells you if there is an ashanomaly o the grid, and that is probably

not a cascading grid failure that could be coordinated cyberterrorism and when we are monitoring things for operational purposes and maintenance purposes, we should look at this investment in the systems and say, why don't we also categorize some of the vents as potential security issues and have someone look at that, if it is not an operational or maintenance issue and there is evolving technologies, stream computing that can look at millions of events simultaneously and make judgments. the financial industry does this all the time, you can go to california and charge up a fortune at nordstrom's under your credit limit and that's good but if five minute later you are doing it in london is not good, that is situational awareness, you are in two places at the same time. all right. i mean, this kind of thing goes back to what michael wynne said about recognizing patterns, which is good for several areas

including security. another future topic is a system integration. a lot of work is done by ibm and accenture and others in this room has to do with it grating systems to form the smart grid and when you integrate and do things standard based things connect together better and therefore the security risk is lower and everybody knows how it is supposed to plug together. so interoperability, sometimes people say everybody knows the standard things can communicate with, and of course the hackers will know that and makes the grid less vulnerable. or experience is, by having things work on standards, and you don't need systems that are one of a kind and one of a kind tend to be where people make approaches let's say in the -- an illicit fashion and some things irfan mentioned about standards organizations are quite important. another concept that we see coming is called trusted virtual

domains. we see this happening even in the physical security of substation. for example if somebody has a car key, a technician driving around in a line bucket truck can get to any substation at any time, anywhere in the whole service territory, leaving the car behind at dunkin doughnuts may be a problem and you trust the virtual domain might be if the main system says there is a problem at a substation, someone's access card works and if there is no problem at a substation no one is supposed to have access at that point. and simply by -- a common term in d.c., connecting some of the dots between systems, one can effect a better control. one also need to look at security as risk management. now, risk management is something maybe a utility makes an acquisition or something but security is basically risk management. you cannot have a $5,000 smart

meter and roll out the smart grid because no one will pay $5,000 for the smart meter and doesn't solve this begin case and if you go out in the hallway at the break and find a custodian's closet you'll find an inch and 3/4 metal or wooden door with a $200 lock on it in a metal frame. i guarantee your loved ones at home, while you are enjoying yourself at this conference are not as well protected as the janitor closet protecting a mop and broom and that is called risk management. why is one door set a thousand dollar protecting a sink and your family has a $200 lock -- door set. you look at the risks and you buy the right equipment and security for the risk. somebody kind of mentioned this. but not actually at this level, one thing we have to look is the source code. when one writes software and compiles it, and it end up with microsoft terminology, exe file

90% of the code is not what you wrote and came from various libraries and vendors and sub vendors and i believe the financial industry they do a thorough source code analysis of where does offer bit of functioning software come from that goats es into an applicati and we may want to have a discussion about this, controlling the electrical industry and where did all the executable code come from and there are tools by companies that can scan source code and look for common coding errors that lead to buffer overflows and the types of things you tend to see in people's weekly security bulletins. nor aspect of smart grid that may help overall security is the advent of the micro grid, an island of, say green community that is running on solar and wind and has the ability to generate and operate their on grid locally and detach itself from grid if seminar.

and those ideas come from world of green and one could look at that as the more micro grids, more self-islandings one can do, if there is a security breach in the utility industry. all right? so that's one of the murphy's law of unintended consequences, has a positive consequence to it. on the research side of things, we are looking at large scale simulation. right now, there is okay simulation of the electric grid people do for operational scenarios and we're looking at massive real time simulation of the whole u.s. electric grid. which would not only give you a good situational awareness but when the power flows differ drastically from what is predicted, by the simulation, then one can call that an anomaly and they usually fall into three categories, operational problem, maintenance problem and security problem. so that is something that may be

of interest or should be pursued in terms of future security trends. jeff, let me ask you to wrap up. we need to get to the question in. >> that is a hazard of inviting me to a conference and one other area this is context of social media. as consumers become more involved in the electric grid, consumers can also be some of the early warning system about patterns of outages and if that is aggregated when also helps the utility get better awareness. thank you. >> thank you. chris, let me go to the visual that i have, the next slide. yeah. we have heard a common theme throughout today's panel discussions and that is the notion that innovative, putting up fire walls, others have been phrased it the same way, those of us who come from the

community of vulnerabilities, love to find those things and if one targets your system they look at what you put in place as a challenge, so, understand that adversaries think outside the box. i'd like to move into the questions and answers session, we have a microphone up front, those of you who have questions, please come up to the front, self-identify, and then state your question clearly. chris, if you would advance one more slide, perhaps to get this ball rolling. we asked our panel to consider a number of questions as that he put their remarks together, and these are a few of them, up here on the chart. we have heard a lot of discussion this morning about vulnerabilities, and concerns of vulnerabilities to systems, and a bit about how we'd protect. one of the topics we have not addressed and let me ask the panel to speak to this a little bit is the whole international aspect of lshg power

distribution. for example, the u.s., the national border is not the end of the power grid. they are sharing across the border with canada and in europe this is even a broader phenomenon. let me ask the panel how do we think about the international aspects of power distribution and cyber security associated with that? sn>> >>, you know, the electric grid is remarkably homogeneous, some people have 2 20 volt and 60 hertz and the security issues are similar, and connectinger grid when you have a, you know, to a state that is not necessarily friendly do you is not a good political decision, period. i don't think we have that problem with canada. some countries in the middle east do run for example pretty isolated. the french are now very --

germans are very dependent on french nuclear power. and aren't at war but culturally don't always see eye-to-eye. and the real issue is, the same control systems are made by what, less than half a dozen major manufacturers, and there are probably 4 manufacturers that owe all the world's electric, outside japan, siemens, abb, in no particular order, if anybody is listening and the real issue becomes, the international aspect, only has to do with the politics of your relationship from a technology viewpoint, everybody is just as vulnerable and faces the same story. do you have a comment. >> yes. a couple of things. first of all, in this bunz you have to think global but act local. and when it comes to a lot of different countries, having their grid and inter-- and they

are interconnected you have to create contingency plans, you can't rely on one source of energy that is coming down, the other thing is that you have to have very active demand response programs in your area. so that if there are unforeseen circumstances and the capacity dropped significantly, that you have the capacity to throttle down. we have that in commercial and industrial sectors here in the country, a pretty good method but we need to expand it to residential because the residential energy consumption is growing with increased electrification. and that is one area. the other area that has to do with developing proper process, and proper training of people, we tend to focus a lot on technology, but a lot of the future problems are going to be where we will be tripping on ourselves, because of this tsunami of data that is going to

be coming from the smart grid we have to figure out how to turn that into actionable intelligence. and the other one, about training and dealing with social conditioning, there are a lot of global cyber crime type of what i call espionage type of organizations that work on people and there are a lot of employees, they are legitimate people but they have two w-2 forms, not one and these are the things we'll deal with more than people in caves. >> second aspect of this question, has to do with the role of government. one of the features of our critical infrastructure is this public/private aspect of these. the infrastructure is -- are privately owned and there is a role of government in terms of regulation and policy-setting, let me ask this panel to comment a little bit, more deeply, we have touched on policy and

regulations a bit in some of the comments but as we think about from maybe the national defense perspective, let me have your thoughts on how the public/private aspects play out. >> let me suggest that i believe this strict accountability in this matter. if there is a national event, power goes out and people lose power and business, you generally aren't in a position to sue the power company. it is called an act of god. if a hacker comes into your system and lose power and people lose money, i think it needs to be under a different legal regime. because unlike an act of god, hacker attacks, it is an act the owner of the infrastructure is -- i wouldn't say caused, but i think liable for, because everything related to the defense of an infrastructure is owned by the folks who own the infrastructure themselves. there is no such thing as forced

entry in cyber space, if somebody got into your system they did it through routes that exist within the structure that you haven't got ep to the trouble of closing, and i think a regime of strict accountability in the electric power industry would be salut y salutariy, and it is more than their rev lose that is at stake if they cannot deliver power. >> perhaps another in the face between the government patrol and the private sector is an energy policy. and we talked about the penetration of distributed and renewables into the grid is going to drive the grid into a more communication intensive regime. each of the states has a different policy for implementing renewables into their energy portfolio and a different time scale yet all of this is connected to a more or

less three national grid components. and so, really understanding how what may seemingly be a policy independent from how we operate the grid, suddenly, is driving the grid operations in a very real way and creating confusion across the different players on the grid. so i think we have to again take a more system view of how we move forward with this. but right now, we have policies that are driving very different behaviors in different states across the grid. >> a brief comment, too, and i'll reiterate within i think i said previously. there has to be a balance between regulatory and legislative oversight and the ability for companies to run themselves as effectively as they can and in some cases, be competitive. that said, though, it is a critical infrastructure and

having a proper set of incentives for utilities to work under i think is a way into influence utilities from a policy standpoint. and help it keep it in balance. >> key have one question and that is, what is the top three things that you think that a national class either regulator or legislator could offer even to straighten out some things that you see to make the electric grid or smart grid far more secure? >> i couple of things that are happening, so, recently, the federal government gave out over $4 billion in stimulus funding, for smart meter and smart grid types of initiatives. and they did specify though that there -- security has to be a part of those programs, and i think that that is a good thing, and i mentioned being able to get cost recovery for security,

i think that is related to that. that said, $4 billion in the scheme of things that we're talking about hear is really not a lot of money. the state of california, three investor owned utilities, are going to spend over $4 billion just on advanced metering infrastructure and they'll spend two or three times that on smart grid in the future, so, i think again, making it easy or giving companies in incentive to do the right thing from a cyber security standpoint is important and without exhibiting too much control we've had some clients that were going to turn down some of the stimulus funding, because the government wanted to take control of some of the assets, or wanted to own some of the assets themselves and this utilities feel that they are better at owning and operating those assets. >> i might also suggest that all we've talked about so far is government regulation/policy/interference,

depending on your point of view and maybe we should look at government assistance to utilities, since they already have a lot of security by the nature of their operations and it could be a government centered like nist or someone that actually helps -- or a part of ferc that helps facilities with security engineering to avoid replication and ensure consistency, and possibly to better leverage some of the stimulus dollars eric referred to. >> thank you. this concludes panel a. are we going to a break, joe? >> the panelists are good to go but i wanted to make sure to tell everybody that your esteemed general chairman, forgot the script when he came up, about introducing ann campbell of sandia laboratories and we'll have panel b come up after that, right, joe.

>> yes. >> thank you, i'm sorry about that. >> no problem. >> let's thank ann and the panel. >> thank you. [applause]. >> ed is currently -- ann is the director for the cyber security strategy at sandia national laboratories and in this role she develops and implements strategies to strengthen the lab cyber workforce and capabilities to provide increased support for sandia's national security sponsors and cyber mission, and previously, at sandia she was deputy for technical programs and, the strategic management unit and from '030 '07, led the assessments technologies groups, and -- group at -- at the information systems and analysis center. and she was responsible for the development, coordination an oversight of programs focusing on vulnerabilitieses and development of national security solutions an information technologies for multiple government sponsors. and, i had the pleasure of working with sandia during that time period on some of these

things and it is really an awesome capability, and from 1999 to '03 she was manager of the micro systems partnership department, which assessed an addressed microelectronics vulnerabilities for a variety of government sponsors and you talk about where did the source code and wires come from on your chip and in that role, ann led sandia's program to develop the dod anti-tamper initiative and serves on the national academies of science and engineering, standing committee, on technology in sight, called in sight, technology in sight gauge, evaluate and review, or tiger, and, from '09 to 2010, an mit seminar 21 fellow, thank you very much, ann. >> thank you. [applause]. >> okay, now we have a few minutes, to change panels from energy to law enforcement and privacy. so, those of you who would like to take