|PDH Online Course Description||PDH Units/
Learning Units (Hours)
Dale Wuokko, P.E.
The United States (U.S.) electrical power grid is critical infrastructure consisting of electrical power generating plants, transmission and distribution lines, transformers, structures, systems, and devices that create and bring electrical power to the end-user. The power grid functions as critical infrastructure so vital to the U.S. that its incapacity or destruction would have a significant debilitating impact on the Nationís security, public health, safety, and economy. The design, construction, operation, and maintenance of the power grid depends on multiple engineering disciplines, including electrical, civil, mechanical, industrial, computer, hydrological, environmental, and others.
The risk environment of the power grid is complex with threats, vulnerabilities, and consequences continuing to evolve on a daily basis. The power grid has long been subject to risks associated with physical threats and natural disasters, and it is now increasingly exposed to cyber risks due to the integration of information and communication technologies with its operation. A cyberattack perpetrator need not be located within U.S. national boundaries. Adversaries world-wide are now focused on exploiting cyber vulnerabilities of the power grid in various counties. For example, a remotely-perpetrated December 2015 cyberattack on Ukraineís critical power control centers infrastructures affected the electrical distribution grid for more than 225,000 people. Although there has not yet been a successful cyberattack on the U.S. power grid, as early as 2001, for at least 17 days, a cyberattack was targeted against the California Independent System Operatorís (CAISO) computer system that controlled the transfer of electricity throughout California on its vast electrical power grid. During this timeframe, although unrelated to the attack, the CAISO grid was already in a vulnerable condition, experiencing rolling blackouts. By infiltrating a poor security configuration, the attackers compromised two web servers then under development to access the CAISOís computer network.
Furthermore, an attack on the power grid need not be excessively extensive to be effective. A study by the U.S. Federal Energy Regulatory Commission (FERC) concluded that coordinated attacks on only nine key U.S. interconnected electric transmission substations on a hot summer day while the electrical grid is under a strained load demand could cause a coast-to-coast blackout lasting months.
As informational technology and operational technology systems are expanded on the electrical power grid and increasingly accessible from the Internet, there is a greater potential that the integrity of these systems can be undermined by cyberattacks, and their industrial control systems and associated digital infrastructures threatened. A successful cyberattack on the grid would not only affect the utilities concerned but would also have a significant impact on the Nationís security, public health, safety, and economy. Implementing strong cyberattack defensive strategies is crucial for the control systems that manage the electrical power grid in order to achieve grid security and resilience.
This course presents an overview of the electrical power grid, examples of cyberattacks on electrical power grids, and the management of cybersecurity for the U.S. electrical power grid to achieve security and resilience.
This course includes a multiple-choice quiz at the end, which is designed to enhance the understanding of the course materials.
NY PE & PLS: You must choose courses that are technical in nature or related to matters of laws and ethics contributing to the health and welfare of the public. NY Board does not accept courses related to office management, risk management, leadership, marketing, accounting, financial planning, real estate, and basic CAD. Specific course topics that are on the borderline and are not acceptable by the NY Board have been noted under the course description on our website.
AIA Members: You must take the courses listed under the category "AIA/CES Registered Courses" if you want us to report your Learning Units (LUs) to AIA/CES. If you take courses not registered with AIA/CES, you need to report the earned Learning Units (not qualified for HSW credits) using Self Report Form provided by AIA/CES.