Software error caused US power failure 2003

greenspun.com : LUSENET : Y2K discussion group : One Thread

[translated from babelfish] Eight states in the northeast of the USA and parts of Canada remained in the August of the past yearly for five days without river.

Altogether were concerned 50 million humans. Debt at the Blackout was according to data of SecurityFocus a software fault of the management system for the monitoring and control of electricity mains at the producer FirstEnergy.

The system concerned XA/21 comes from General Electric and is far common at producers. The error was found after an intensive code audit of several weeks and is to have arisen so far only with the large Blackout. According to data of the speaker of FirstEnergy a special combination of events and alarms released the error, whereupon the system stopped its service. That on it substituting baking UP servers failed briefly likewise, since he was overtaxed with the number, but of the finished messages already accumulated.

In the consequence the system received accumulating alarms and did not pass it on not to the service personnel. In addition it came that it did not even notice to the operators that their system had already failed. One hour long is to have indicated the control station to outdated data. During arising disturbances inevitably the reaction was missing.

Normally a generator uncouples its net with larger losses of other electricity mains, in order to avoid further damage by overload. Thus a problem remains regionally limited. Since the alarms were however not registiert, the operators did not react.

FirstEnergy wants to exchange now its XA/21-Systeme against the products of a competitor. The North American Electric Reliability Council (NERC) has a guideline given change to avoid in which measures is described, incidents as on 14 August. Among other things FirstEnergy is requested to install up to the exchange their systems all necessary Patches for XA/21.

Since the time of the Blackouts and the outbreak of the Wurms Lovsan/Blaster overlapped, there were assumptions, the worm could the loss have caused. Also the CERT/CC warned at the beginning of of August before the fact that Lovsan Unix systems with Distributed Computing Environment (DCE) attacks and can to the crash bring. XA/21 is a EMS/SCADA system (Supervisory control and DATA Acquisition), which is based on Unix with x-Windows. There are safety gaps here plentifully. Thus it cannot be excluded in the future that worms, which found the way into a control center can affect such systems.

Heise Online

-- Anonymous, February 20, 2004


Moderation questions? read the FAQ