Aiming for resilience

It’s not just your disks, file systems, backups, and redundant servers that you need to worry about these days. The infrastructure that powers, cools, and makes them accessible is at risk. While this isn’t something you’re likely to find yourself thinking about or even reading about very often, the risk is very real and worth considering. The danger that I’m referring to is called “EMP” and it just happens to be one of the greatest threats to data centers today — and that’s just a start.

EMP stands for “electromagnetic pulse”. What it entails is a short burst of electromagnetic energy that can be damaging to — if not destructive of — electronic equipment. In fact, the quick and intense nature of an electromagnetic pulse is what makes it particularly powerful and dangerous. Not all forms of EMP will take down electronic equipment. Some are mild and relatively inconsequential — like lightning and electrostatic discharge — while others can have devastating consequences. Some are natural. Some are man-made. And some pose threats to the electrical grid that could leave large portions of the country experiencing lengthy electrical shutdowns if an EMP strike of sufficient magnitude were launched.

A lightning bolt that hits the ground is a form of EMP and can damage or destroy nearby electronics as can power line surges. The types of EMP that are most threatening to the grid, however, are considerably more menacing. They include nuclear and non-nuclear weapons grade devices and massive solar flares. Weapons grade EMP strikes can be launched from satellites or autonomous drones.

What can EMP do?

Every piece of equipment that you use that relies on integrated circuits could be immediately disabled by an EMP strike -– and disabled so fast that no log files or other forms of fingerprinting will have a chance ot notating what happened. And, if the electrical grid in a huge area is instantly down, very little that you rely on for your normal everyday life would go unaffected.

An EMP strike could cause severe damage to the US’s antiquated power grid. Though some efforts are being made to ruggedize the grid, where we stand today remains very precarious. While EMP has been a known threat for a long time, the question of who pays for needed upgrades has been an ongoing issue. A commission appointed by Congress warned of the danger back in 2004 and again in 2008, but the resolve to address the threat has faded.

In particular, the electric grid is at risk. The electric grid is the transmission system for electricity — the network of synchronized power providers, distribution lines, control centers, and consumers that we all depend on for electric power. This grid would be severely damaged by a nuclear EMP attack — damaged in ways that would be very time-consuming to repair. A millisecond of EMP followed by many months or more than a year to repair the damage would leave millions struggling just to survive.

If you think that EMP is something that only people who wear tin foil hats worry about, then (as my mom would have said) you have another think coming. While rarely the subject of newscasts or talk shows, the threat of EMP has indeed grabbed the attention of top scientists, the Department of Energy, Homeland Security, and even some novelists (see the references below).

Why resilience?

For years we’ve been aiming at making our data centers more secure and rugged — striving for high availability, reliability, and redundancy. Resiliency moves the goal of the truly secure data center one step further. Resilience — the ability of a substance or system to spring back into shape — is a measure of our ability to survive a serious threat and, in the case of EMP, to continue functioning in the face of a severe threat to just about every piece of equipment that we use.

Setting up a data center to survive an EMP attack is not a simple thing, but some companies (e.g., see reference to Iron Mountian below) have done it. Pushing for needed upgrades to the grid is another matter. Making some assessment of your vulnerability — business and personal — is nearly unavoidable.

Critical infrastructures at risk

Segments of the national infrastructure that are at particular risk to EMP strikes include:

• Telecommunications
• Financial services
• Security services
• Electricity generation
• Transmission and distribution
• Public health and health records
• Gas production, transport, and distribution

What can be done?

Tom Popik from The Foundation for Resilient Societies claims that “by spending under $1B on current blocking devices at around 2,500 electric grid substations, we would gain an immediate nuclear deterrent against EMP attacks from North Korea and Iran”.

So, where do we go from here? Clearly, neither you nor I can make this happen, but we can stay informed. We can think about how our businesses and communities might survive. We can take a look at what companies like Iron Mountain have done to protect their data centers from EMP. We can support the work of organizations like The Foundation for Resilient Societies to be better prepared and to push for needed changes.

Resources

Read about EMP’s destruction of electronics at RedEdge.

Read about Iron Mountain’s EMP protection.

Check out what they’re doing in Texas.

Watch this presentation on whether the grid is safe.

Read the EPRI (Electric Power Research Institute) report.

Read IEEE’s document on building a smarter grid.

Read this document on the basics of grid security.

Read CNBC’s take on the threat from North Korea.

Read about the DoE’s resilience strategy.

Join forces with the Foundation for Resilient Societies.

Work with Infragard and its EMP SIG.

Check out novels on EMP strikes: One Second After, One Year After, and The Final Day by William R. Forstchen; Gamma Wind by Ellsworth Sanders.

Wrap Up

Resilience — springing back into shape — is wonderful for individuals but is critical for businesses and societies. We need to start thinking about how we would cope and how we might address the threat before it changes everything.