Computer World has an article which describes how the Blaster worm contributed to the severity of the power failure.
Seems that the worm delayed the signals between the power plants long enough to cause the automatic protections to run outside of specifications. Think of a public address system with run-away feedback. It's a sign of being unbalanced. The system actually oscillates and throws subsystems off. It's a result of engineers designing a system around what they think will be "normal" stresses to a system and not taking into account what is deemed unlikely. Protecting against the unlikely is usually not cost effective (i.e., no return on an expensive process.).
This is part of vulnerability analysis: reviewing what normal processes of a system are, what abnormal processes a system is designed to handle, and what abnormal processes the system is not designed to handle.
Unfortunately it is very difficult, if not impossible, to foresee every possible vulnerability a system has. (Note: Mother Nature/Fate/Kizmet often displays those unforeseen processes for us.)
No comments:
Post a Comment