Homeland security? It’s a nonsense unless the USA gets to grips with its electricity supply issues, Mark Mills of the US Critical Power Coalition tells Gerry Woolf.
This is aimed mainly at our American readers, although it should be a wake-up call to Europeans as well. The problem with legislators is that, on the whole, they tend not to be very practical people… i.e. not terribly adept with screwdrivers, hammers and probably computers.
Under American Homeland Security legislation there’s now a federal requirement for businesses to ensure there is continuity after some dastardly act of terrorism. But you’re much more likely to be hit first by a tornado, hurricane and massive power outage that could put you out of business. That’s also part of the Department of Homeland Security’s massive responsibilities.
And of course there’s not even a mention of the word ‘electricity’ in the highly illustrated and management-speak ridden document ‘Securing Our Homeland’, which you can download from the Department of Homeland Security’s website.
Like any developed and complicated society, the USA is an extremely vulnerable place because its infrastructure – especially its electricity – is more vulnerable than most, because of its size, complexity, location and age. And electricity is really the ‘glue’ that holds America and pretty much everywhere else together. Knock out the power and everything else from transportation, communications, commerce and eventually law and order fall apart.
This has worried Mark Mills – a physicist by training and now a venture capital partner.
The massive blackout in the North East of America in August 2002 was one of the triggers of his concerns. And it’s motivated him to take action at business’s grass roots level.
“You only get to hear about the power going off, but for some customers it can be days before they’re back on supply again. The restoration of power in massive outages is simply about where you are placed on the critical list.” Unless you run a hospital (or a jail), it’s a lottery as to when you are reconnected.
Mills and others believe that major power interruptions in the US are likely to become more frequent, with increased power demand, more violent weather patterns and the inevitable technical failures that occur in a system which is so complex. Terrorism is low down on his list of concerns. But if it helps to focus officials attention on the issue, so be it.
In August 2004, Mills and others formed the Critical Power Coalition (CPC) – essentially a lobbying group to get business (your business) to force US Congressional committees and others to start taking the problem seriously. And it’s not simply out of altruism – Mills sees a massive business opportunity there for the taking which would benefit companies in standby power, distributed generation and, let’s not forget, batteries!
Putting it simply, if your Government expects you to carry on when the walls have fallen in and the lights have gone out, then surely it can organise the tax breaks, grants, etc which will enable you (and especially your customers) to invest in the necessary equipment to do so. Not to mention rule on technical standards.
But first it has to educate, persuade and cajole, and to do that it needs critical mass and more support from the industry. That’s you, battery makers!
Already the CPC has done considerable research to argue its case. While everyone agrees that the US electricity grid needs be strengthened, the real responsibility for critical power lies at a lower level, with counties, towns and individual companies. Hardening the grid alone simply won’t be enough.
The numbers the CPC has compiled in its White Paper on the subject are, as American say, awesome. “The North American grid is by far the largest network on the planet. The top tier of the grid is fuelled by coal, uranium or gas; each lower tier is typically fuelled, initially at least, by the electric power delivered from the tier above. Generating stations in the top tier dispatch electrical power through some 680,000 miles of high-voltage, long-haul transmission lines, which feed power into 100,000 substations. The substations distribute power, in turn, through 2.5 million miles of local distribution wires. The wires are extended and exposed, while the grid’s power plants are huge (because big plants burn fuel more efficiently) and thus comparatively few and far between. Nearly all the high-voltage lines run above ground and traverse open country, and a handful of high-voltage lines serve entire metropolitan regions. At the same time, a couple of large power plants can provide all the power required by a city of 0.5 million. Many communities are served by just a handful of smaller power plants, or fractional shares of a few bigger power plants.
“Taken together, these attributes make the public grid inherently vulnerable to major disruptions,” says Mills.
It’s plainly obvious that this massive network has to be supplemented by something else. So what’s out there already?
Based on annual UPS shipments and the typical operating lifetimes of these units, the Critical Power Coalition estimates that approximately 25 gigawatts (GW) of large UPS capacity is currently installed and running in businesses and government buildings in the US, with another 10 to 15 GW of capacity in smaller desktop-sized units in both businesses and residences.
These remarkable figures provide a direct, quantitative estimate of how much US power consumption is viewed as ‘critical’ by end users themselves. To put them in perspective, the public US grid as a whole is powered by roughly 790 GW of large coal, nuclear, gas-fired and hydroelectric plants – thus, about 3-5% of the grid’s capacity is complemented and conditioned by UPS capacity in buildings and factories.
Until recently the deployment of much of this hardware has been directed at power quality – smoothing out spikes and dips that last for only fractions of a second, or short-duration issues of power reliability – dealing with grid outages lasting from minutes up to an hour or so. In the new geopolitical environment, however, the coalition says planners must address the possibility of grid outages that last for many hours, days, or even longer. Assuring continuity during extended outages requires a different approach, and a different level of investment in local power infrastructure.
There are, for example, 13 two-megawatt diesel generators installed outside AOL’s two major centres in Prince William County and Herndon, Virginia. Real estate companies and data hotels like Equinix, Level 3 and Qwest have also become major owner-operators of distributed generation (DG) power systems. And all the major engine makers assemble and lease power-plants-on-wheels – tractor-trailers with hundreds of kilowatts to several megawatts of generating capability. These units are positioned around the country for emergencies, parked in substations (to meet peak demand, or replace power from lost transmission feeds), or in parking lots near critical loads.
The installed base of stand-by batteries provides a third – again retrospective – measure of what end users perceive to be their ‘critical power’ needs. The sale of long-life, high-performance backup lead-acid batteries soared through the year 2000 – doubling over a few years to the point of creating delivery shortages.
Even though the market is still working off that inventory, sales of new batteries remain 20% higher than five years ago – and the advent of data centres and wireless telecom has permanently moved such heavy-duty ‘industrial’ batteries to the lead position in a business formerly dominated by batteries used in more traditional industrial motive power applications, according to CPC’s findings.
There is thus a collective total of about one billion kilowatt-hours of electricity stored in lead-acid batteries distributed across the landscape.
For every 500kW of UPS there are typically five tons of batteries nearby. Some 249 batteries on steel racks stand behind the planet’s most precise atomic clock in Boulder, Colorado.
But is the standby power in the right place? That’s very unlikely, according to the CPC document.
It says it would be a serious mistake to infer from existing deployments of UPS systems, batteries and generators that the full extent of the need for such facilities has already been recognised and addressed. To begin with, many enterprises simply fail to plan for rare-but-catastrophic events until after the first one hits. Thus, for example, the four large, broad-scale power outages of the last ten years – Hurricane Andrew in Florida in 1992, Hurricane Fran in Virginia in 1996, and ice storms hitting the East Coast during the winters of 1998 and 2002 – precipitated a cascade of new orders for on-premises power supplies, and these orders continued to be placed for weeks after grid power had been restored.
Planning rationally for infrequent but grave contingencies is inherently difficult, and even risk-averse planners have a strong tendency to discount to zero hazards that are thought to be just ‘too unlikely to worry about’. Many essential services and businesses have critical power needs that have not been addressed only because they have never been systematically assessed.
It is impossible to estimate with any precision how many sites have critical power needs that simply remain unrecognised because they haven’t yet been hit by disaster.
It is certain that there are hundreds of thousands of 10 to 100kW sites nationwide – the electrical loads now created by tens of thousands of high-end wireless base stations, fibre repeater shacks and digital offices that, unlike the phone company’s central offices, have limited (and, sometimes, no) backup. The national banks and financial exchanges have already deployed their backup power systems (although, as earlier noted in a recent GAO report, many are not adequate for the new challenges), but many smaller commercial, investment, regional banking, credit and trading companies may not yet have done so. The federal Government’s buildings already have backup power, but state and particularly local governments lag far behind them. The general unwillingness to confront hazards that are both very grave and very remote has always been a problem. But it is an especially serious one when risk profiles change – as they surely have in the post-9/11 era. Countless enterprises that were inadequately prepared for hurricanes and ice storms are at even greater risk now that sabotage and terrorism have changed the profile of credible threats.
Most accidental grid interruptions last barely a second or two, and many ‘power quality’ issues involve problems that persist for only tens of milliseconds (one or two cycles). In most areas of the country grid outages of an hour or two occur, on average, no more than once or twice a year, and longer outages are much rarer than that. Accidental outages tend to be geographically confined as well; the most common ones involve blown circuits in a single building (and, most typically, caused by human error – ironically enough much of it ‘maintenance’ related), or interruptions confined to the area served by a single utility substation.
The possibility of deliberate attack on the grid, however, changes the risk profile fundamentally, and that possibility sharply raises the risk of outages that last a long time and that extend over wide areas. The planning challenge now shifts from issues of power quality or reliability to issues of business sustainability. Planning must now take into account outages that last not for seconds, or for a single hour, but for days. It was common knowledge, at least among the delegates to the recent peer review Electricity Storage Association meeting in Washington last November, that there have been a number of (so far unsuccessful) cyber attacks on the supervisory IT systems that control American power grids. And that’s more than have attacked financial services.
There is normally very little risk that several high-voltage lines feeding a metropolitan area from several different points on the compass will fail simultaneously, and when just one such line fails, all the resources at hand can be mobilised to repair it. Deliberate assaults, by contrast, are much more likely to disable multiple points on the network simultaneously. A National Academy of Sciences’ 2002 report drove this reality home with its stark observation: “[A] coordinated attack on a selected set of key points in the electrical system could result in a long-term, multistate blackout. While power might be restored in parts of the region within a matter of days or weeks, acute shortages could mandate rolling blackouts for as long as several years.” Users who have perceived no need to plan systematically even for those outages that fit the traditional statistical profiles may now require systems to address the new risks. Enterprises that can afford simply to shut down and wait out short black-outs may not be able to take that approach in response to the mounting threats of longer outages.
What’s desperately missing, according to Mills, is agreed standards, best practices and the means to assess what’s really needed in terms of the provisioning of sustainable power. There have been working groups looking at IT and financial services but none on power. And everyone assumes power to be someone else’s responsibility.
And there’s another concern: the digital economy. According to the CPC’s White Paper, some 60% of all new capital spending is on IT equipment, all of it powered by electricity; and the most recent data show that percentage rising. All the fastest growth sectors of the economy – information technology and telecom most notably – depend entirely on electricity.
According to surveys conducted by the University of Delaware’s Disaster Research Center, large and small businesses in five major business sectors see electricity as ‘the most critical lifeline service for business operations.
At the macroeconomic level, IT – if it uses its proportionate share of energy – would appear to account for at least 8% of all US energy use, and a disproportionately higher share of electric use).
It is impossible to estimate with any precision how much economic leverage to attribute to these all-digital loads. What is intuitively clear, however, is that securing power supplies to digital loads generally is a high priority, because so much else cannot continue to function when the microprocessors and digital communications systems shut down.
Even before 9/11 it had become clear that the digital economy requires much more than the grid alone can deliver. Utilities have traditionally defined an ‘outage’ to be an interruption of five minutes or more. But the Information Technology Industry Council (ITIC) in the guideline known as the ‘ITIC curve’ defines a power ‘failure’ as any voltage that falls below 70% of nominal for more than 0.02 seconds, or below 80% of nominal for more than 0.5 seconds. Additional parameters address voltages below 90% of nominal for more than 10 seconds, and over-voltage conditions that can (all too easily) fry sensitive electronics. The ‘brownout’ – a grid-wide reduction in voltage – is the utility’s first response to generating capacity shortages. But a brownout that merely dims bulbs can shut down digital equipment.
The challenge – and the opportunity – for both public and private planners is to address the critical power situation in ways that solve both problems. Mounting threats from the outside give increasing reason to question the grid’s reliability in any event. At the same time, every significant node in the digital economy defines a point of rising demand for power that is exceptionally clean, reliable, and sustainable – far more so than the grid can ever deliver, even in the absence of any threat of deliberate attack. In a recent survey, security directors at leading US businesses ranked the threat of terrorism among their top five concerns, but few expected to see any increase in their budgets in the next few years. The typical view is that security issues ‘won’t generate revenue, they’ll consume capital’. The pressure to reduce costs exceeds the pressure to improve security.
With power, however, these two objectives can often be complementary. For many in the digital economy, grid power is inadequate in any event; this is why there has been so much investment already in backup generators, uninterruptible power supplies and backup batteries. The challenge going forward is to extend investment in power quality and reliability – which many businesses need and are undertaking in any event – to assure continuity of operation in the event of larger and longer interruptions in grid-supplied power.
The federally run Center for Disease Control (CDC) compiles epidemiological databases and performs the analyses that public health officials can rely on in formulating responses. To that end, the CDC obtains information from state agencies, private entities and individuals, with suitable protections in place to protect both privacy and proprietary information.
So why isn’t there something similar for on site power, which will be needed to meet the current threat, argues the CPC?
SCADA systems are used by utilities and regional transmission authorities to monitor and manage power distribution grids and substations. Extensive arrays of sensors and dedicated communications links feed information to the major control centres that monitor the overall state of the grid, and control its constituent parts. Very similar data networks and supervisory systems perform the same functions on private premises, supervising and controlling grid feeds, static switches, batteries, backup generators and UPSs.
At present there is very little direct electronic linkage between the public and private networks that supervise and control the flow of power. This is a serious deficiency, and one that should be comparatively easy to rectify. Better communication is essential if utilities are to collaborate more closely with the owners of private generators, to shed loads (or even to draw privately generated power back into the grid) when large power plants or major transmission lines fail. And the owner-operators of private generators and grids would be much better positioned to protect their facilities from major problems propagating through the grid.
Mills has recognised a huge threat to the well-being of the USA which is almost invisible to most Americans. And while he may be smart enough to recognise the problem, he’s not going to provide a solution – he has other business interests. “We’re raising awareness and interest through companies and, hopefully by Spring 2006, we’ll have enough critical mass to hire someone to carry this forward”.
If you’re making or selling batteries, standby systems or anything related, you owe it to yourselves to give Mark a call.
 Making the Nation Safer: The Role of Science & Technology in Countering Terrorism, National Academy of Sciences, National Research Council (2002).
Contact: Mark P. Mills CPC Co-Chair (Partner, Digital Power Group)
Eileen Oh (Executive Assistant)
Phone: +1 202-367-7756