Alternative and renewable energy
sources have become more important and visible over the last few years. This is
due to many factors, including the price in oil fluctuating, oil being a finite
resource, the nation focusing on being less dependent on oil from other
countries, and the clear view of the environmental concerns.
As the alternative energy sources
have been produced to a greater level, there are more choices for consumers.
Early on, there was solar and wind. As time passed more products within each
were added and to a greater extent. For instance, there were consumers and
users using a few of these on their property. Now there are solar farms across
the U.S. and wind farms on land and in the sea. As a bi-product with the
increased number of products is the security testing. There are by far more
products available, and security has been applied at a rudimentary level or
brushed aside.
Target
This testing methodology was put
into place with a recent product. With solar panels, an essential piece of the
equipment is the inverter. This allows the solar panel to convert the DC
(direct current) to AC (alternating current). With the subject solar panels,
this was connected to the internet. The vulnerability noted was researched and
published by the Dutch InfoSec firm ITsec.
Exploit
The security researcher found 17
vulnerabilities. With this attack, the security researcher was able to take
control of the solar panel. If the attacker were able to gain control over a
significant number of solar panels, much like the IoT bot army, the solar
panels could be turned off or on at the same time. Individually, this seemingly
would not appear to be a significant issue. The integral portion of this is
that the solar panels are connected to the grid. If this were to be done with a
large number, there would be a significant fluctuation in the power grid. This
would cause a rather large and nearly instant power imbalance, which could
force the grid to power off.
From a third party’s view, this
would not be an issue. The additional component not noted in significant
numbers in the U.S. is the connectivity. With this factor, a large number of
solar panels being turned off or on at any distance would be a rather
significant detriment for the utility.
No comments:
Post a Comment