ISSSource White Papers

Posts Tagged ‘Germany’

Friday, September 18, 2015 @ 05:09 PM gHale

Two men ended up arrested suspected of being the authors of the CoinVault ransomware which managed to lock tens of thousands of users out of their sensitive files, Dutch police said.

CoinVault, first saw in action in November 2014, is a ransomware family that can encrypt a user’s files and then ask for payment in Bitcoin to decrypt them.

Trojan Suspects Arrested
Security Intern Guilty for Selling Malware
Guilty Plea in ATM Device Scam
Guilty: Darkode Member Faces 3 Years

Since its inception, Kaspersky Lab, which aided in the investigation, estimated around 1,500 Windows machines suffered from the malware, with most victims residing in Western European countries (France, Germany, UK, Netherlands) and the U.S., where affected users have enough funds at their disposal to pay the ransom.

As antivirus and security firms had a chance to analyze CoinVault, they eventually managed to provide decryption keys, which ended up made available in a public repository to help users get their files back.

CoinVault’s authors came out with various modifications to their malicious code, but most of the times, security firms were close on their heels, providing decryption keys a few days later.

This rush to upgrade CoinVault to constantly avoid antivirus detection has apparently been the downfall, leaving clues behind, which security researchers were quick to pick up.

According to Jornt van der Wiel, a security researcher at Kaspersky Lab, what tipped them off about the suspects’ country of origin was the presence of Dutch text in one of CoinVault’s binary files, which they discovered in April 2015.

“Dutch is a relatively difficult language to write without any mistakes, so we suspected from the beginning of our research that there was a Dutch connection to the alleged malware authors. This later turned out to be the case,” van der Wiel said.

Now, in a joint investigation between the National High Tech Crime Unit (NHTCU) of the Dutch Police and Russian-based Kaspersky Labs cyber-security firm, authorities arrested the two suspects in Amersfoort, Netherlands.

Kaspersky also credits Panda Security for helping with the investigation.

Monday, July 27, 2015 @ 06:07 PM gHale

This past March, Dyneon GmbH started operating the world’s first pilot plant to recycle end-of-life fluoropolymer materials in Burgkirchen, Germany.

To safeguard the plant’s depolymerization reactor, Dyneon selected a HIMatrix safety controller from safety specialist HIMA as the emergency shutdown (ESD) system.

If the process reaches excess temperatures, the safety system transitions the plant to a safe status to exclude the possibility of risks for people and the environment.

The compact, modular HIMatrix safety controller was developed especially for applications that require from just a few I/Os to several hundred I/Os. Its efficiency, compactness and simple assembly of the various control and remote I/O modules are advantages, especially for networked and time-critical applications.

Additional features, such as the capacity for easy integration and flexibility for modifications and extensions, were among the reasons that Dyneon cites for choosing HIMatrix.

Dyneon uses unique technology for treating wastes to achieve the environmentally-friendly, sustainable recovery of raw material at its new, high-temperature recycling plant in the Industrial Park Gendorf works. Through pyrolysis, the perfluorinated “end-of-life” waste is broken down into monomers, with an extremely high recovery rate of more than 90 percent. The monomers end up fed into the distillation system and can see use in the production of new fluoropolymers.

Tuesday, July 21, 2015 @ 12:07 PM gHale

Over the past 50 years, BPA has gone from miracle to menace. Its popularity soared after the 1950s, when scientists discovered it could make polycarbonate plastic — a hard, durable, and transparent material perfect for everything from water bottles to medical devices.

But recently, success has soured: A growing body of evidence shows even low doses of BPA might be harmful to human and environmental health. It now has a label as an endocrine disrupting compound, a substance that can derail the body’s hormone balance and potentially cause cancer or birth defects.

Finding Wind Farms Quicker, Cheaper
Unlocking Lignin for Biofuel Boost
Modified Switchgrass Means Better Biofuel
Converting Algal Oil to Fuels

Manufacturers are phasing BPA out of their products, particularly storage containers used for food and beverages, but it’s still a huge industry. Furthermore, BPA doesn’t break down easily, making it hard to safely dispose of the material. If it leeches into waterways, it may persist as an environmental toxin.

A new hybrid photocatalyst can break down BPA using visible light, said researchers at the University of Malaya, Kuala Lumpur, Malaysia; and Leibniz Universität Hannover, Hannover, Germany. Their findings could eventually see use to treat water supplies and to more safely dispose of BPA and materials like it.

This hybrid material breaks down BPA through photocatalytic oxidation, a process in which light activates an oxidizing chemical reaction. When light strikes a photocatalyst like titanium dioxide (TiO2) nanoparticles, the jolt of energy can kick one of its electrons up to an excited state and create a charge distribution imbalance. At the higher-energy electron band, there’s now an excess of negative charge due to the addition of an electron. Meanwhile, at the lower-energy electron band, there’s an excess of positive charge (known as a “hole”) because an electron has left. In this excited, unbalanced state, TiO2 can catalyze oxidation and reduction of materials around it. The excited electron will have a tendency to leave the TiO2 to reduce something nearby, while the hole will help another substance to oxidize by accepting one of its electrons.

However, pure TiO2 has a large bandgap — it takes a great deal of energy to excite electrons from one level to another — and only displays photocatalytic properties under ultraviolet light. Plus, the excited electron tends to quickly fall back down and recombine with the hole, giving the catalyst little time in its excited state to induce a reaction.

In order to turn TiO2 nanoparticles into a better photocatalyst, the researchers made several modifications. First, they added silver to the surface of the nanoparticles, a common technique to enhance the charge separation. When light strikes TiO2 and excites one of its electrons, the silver will pull that electron away so it can’t fall back down into the hole. The hole can then more readily assist in an oxidation reaction.

The addition of silver also shifted the wavelength at which the photocatalyst became excited by inducing localized surface plasmon resonance effects — a phenomenon in which energetic electrons at the surface of a material vibrate at a specific frequency and enhance light absorption over a narrow range of wavelengths. In this case, the silver shifted the wavelength of light necessary to activate the photocatalyst toward the visible light spectrum.

“The inclusion of a noble metal [like silver] in the ultraviolet-responsive TiO2 has significantly extended the spectrum toward the visible light through localized surface plasmon resonance effects,” said Pichiah Saravanan, a researcher from University of Malaya who lead the project.

Then, they wrapped the Ag/TiO2 nanoparticles in sheets of reduced graphene oxide (RGO), a thin layer of carbon atoms arranged in a honeycomb pattern. Like the silver, the addition of RGO helped the hole to persist by accepting excited electrons from TiO2. It also reduced the nanoparticles’ bandgap, decreasing the amount of energy necessary to activate the photocatalyst.

When the researchers mixed the hybrid nanoparticles with BPA solution under an artificial visible light source, they found BPA oxidized and broke down much more effectively than it did without the catalyst present. Furthermore, the RGO-Ag-TiO2 nanoparticles outperformed those where RGO or Ag alone added in to the TiO2, suggesting both modifications played a role in the enhanced catalytic activity under visible light.

Eventually, the team hopes to use their findings to help break down BPA and other contaminants in water supplies. “We strongly feel the developed nano-photocatalyst could be one of the nanomaterials that can sustainably address said problem,” said Saravanan.

Monday, June 1, 2015 @ 04:06 PM gHale

An attack focusing on small- and medium-sized businesses in different countries is working despite employing malware not very good at hiding.

Called “Grabit,” researchers at Kaspersky Labs found attackers were able to hit businesses in Thailand, India, the U.S., UAE, Germany, Israel, Canada, France, Austria, Sri Lanka, Chile and Belgium.

Flash Vulnerability Fixed, then Exploited
Social Networks: Moose on the Loose
PuTTY Malware Steals Credentials
Apache Fixes Security Manager Hole

The compromised organizations are from a wide range of sectors, chemicals, nanotechnology, education, agriculture, media, and construction.

Although the activity of the malware is easy to view, the levels of files exfiltrated is impressive, the researchers said. About 10,000 files ended up stolen from SMB organizations mainly from Thailand, India and the U.S.

Kaspersky found the attacker collects the information with a commercial keylogger called HawkEye (developed by HawkEye Products), along with a configuration module with several remote administration tools (RATs) to control the infected system.

Among the RATs identified is DarkComet, said Ido Naor, senior security researcher at Kaspersky’s Global Research and Analysis Team.

On one of the C&C servers the researchers found 2,887 passwords, 1,053 emails, and 3,023 usernames from almost 5,000 different hosts. The data ended up associated with Outlook, Facebook, Skype, Google mail, Pinterest, Yahoo, LinkedIn and Twitter, as well as bank accounts.

Grabit communicates with its command and control (C&C) server over random ports via an unencrypted channel (HTTP), which allows a clear view of the traffic. The stolen data ends up packed and encrypted, Naor said.

However, since traffic is in plain text, intercepting it revealed the credentials for the FTP/SMTP servers that received the stolen data.

The campaign started in late February and ended in mid-March, the researchers said.

Every sample they caught varied in size and activity from the others, the smallest one being 0.52MB and the largest weighing 1.57MB, suggesting the attacker experimented with features, packers and integration of “dead code” designed to make binary analysis more difficult.

Based on their findings, the researchers said those behind Grabit did not write all the code themselves and the group has more technical members than others, focusing on making the malware untraceable.

The attack arrives on the victim’s doorstep via an email attachment under the form of a Microsoft Word document laced with a malicious macro that transfers the keylogger from a compromised server.

Friday, May 8, 2015 @ 05:05 PM gHale

There is a new push in Europe to fight off increasingly sophisticated cyber attacks.

A new project called SAFEcrypto will draw together cryptographers and other IT experts from Germany, France, Switzerland, Britain and Ireland to devise urgent security solutions capable of withstanding attack from the next generation of hackers.

Stealth Malware Turns Servers into Spambots
ICANN Investigating Attack
Malware Delivers Trojan to Enterprises
Government Attacks via APT

The project, led by Queen’s University Belfast, will focus on an acute threat from emerging technologies including ‘quantum computers’ – capable of processing information much faster than silicon-based computers used today.

The project, which will run for four years at a cost of €3.8 million ($4.3 million), will concentrate on three main areas:
• Protecting information passed via satellites
• Protecting public-safety communications systems, eg those used by police, fire and ambulance services
• Safeguarding the privacy of data collected by municipal authorities

“(Centre for Secure Information Technologies) CSIT was among the first centers in the UK to be recognized as a center of academic excellence in cyber security research in 2012, and it is a natural progression for us to start working on a larger, pan-European stage,” said project lead professor Máire O’Neill from the CSIT at Queen’s. “Horizon 2020 has given us the opportunity to form a project consortium which is a true partnership between industry and academia.”

“Organizations are steadily increasing the level of spending on encryption products to protect their intellectual property and to maintain the privacy of customer details and personal information,” said O’Neill, who earned a UK Royal Academy of Engineering Silver Medal in 2014 and who is a former British Female Inventor of the Year (2007). “It is estimated that 25 percent of enterprises globally operate an internal public key encryption infrastructure (PKI). We believe these present day PKI systems will become vulnerable to attack by a new form of very powerful quantum computers in the near future.”

SAFEcrypto represents the first major project in Northern Ireland using funding from Horizon 2020, the biggest EU research and innovation program ever developed.

Tuesday, May 5, 2015 @ 02:05 PM gHale

German automaker, Audi, created its first batch of liquid “e-diesel” at a research facility in Dresden, Germany.

This e-diesel is the result of a “power to liquid” process, created by German clean tech company Sunfire, which is a partner of Audi.

Hiking Gasoline Production Efficiency
Engineering a Better Solar Cell
Nano Sandwich Improves Battery Life
Cobalt Film can Help Feed Fuel Cells

The process uses carbon dioxide, a common greenhouse gas, which can end up captured directly from air. Carbon dioxide is the result of burning fossil fuels and contributes to global warming. Sunfire said it can recycle the gas to make a more efficient, carbon-neutral fuel, according to a published report.

Unlike conventional fossil fuels, the “e-diesel” doesn’t contain sulphur and other contaminants. “The engine runs quieter and fewer pollutants are being created,” Sunfire’s Christian von Olshausen said.

They can make the fuel in three steps. First, the researchers heat up steam to very high temperatures to break it down into hydrogen and oxygen. This process requires temperatures over 1,470 degrees Fahrenheit and can end up powered by green energy such as solar or wind power.

Second, they mix the hydrogen with carbon dioxide under pressure and at high temperature to create what they call blue crude. The final step calls for the blue crude to end up refined into fuels in a similar way fossil crude oil is refined into gasoline.

Audi said lab tests shown the “e-diesel” can end up mixed with fossil fuels or used as a fuel on its own.

The new fuel underwent testing by German Education and Research minister Johanna Wanka last week. She put the first five liters into her official car, and declared the project a success.

“If we can make widespread use of CO2 as a raw material, we will make a crucial contribution to climate protection and the efficient use of resources, and put the fundamentals of the green economy in place,” she said.

Sunfire said its plant is set to produce more than 3,000 liters of “e-diesel” over the coming months. The company said it was aiming for a pre-tax price of between 1 and 1.20 euros per liter ($1.10 to $1.30), compared to the current German pre-tax price of around 0.6 euros per liter of gasoline.

Wednesday, September 3, 2014 @ 03:09 PM gHale

In a continuing effort to combat growing and more sophisticated attacks, Europol will launch a new taskforce with the mission of tackling cybercrime in the European Union and beyond.

The new Joint Cybercrime Action Taskforce (J-CAT) has its headquarters at the Europol’s European Cybercrime Center (EC3) and Andy Archibald, the deputy director of the National Cyber Crime Unit at the United Kingdom’s National Crime Agency (NCA), will lead the unit.

8 Years for Identity Theft Vendor
Jail Time for Cisco Counterfeiter
Engineer gets 15 Years for Espionage
Two Guilty of Stealing Trade Secrets

The United States, the United Kingdom, Canada, Austria, Germany, France, Italy, the Netherlands and Spain are part of the J-CAT in the six-month pilot during which the taskforce will coordinate international investigations targeting malware, underground forums and other cyber threats, Europol said. Colombia and Australia have also committed to the project.

The initiative is the result of collaboration between the EC3, the FBI, the NCA and the EU Cybercrime Taskforce. Cyber liaison officers from the EC3, European Union member states, and non-EU law enforcement partners are part of the J-CAT.

“Today is a good day for those fighting cybercrime in Europe and beyond. For the first time in modern police history a multi-lateral permanent cybercrime taskforce has been established in Europe to coordinate investigations against top cybercriminal networks. The Joint Cybercrime Action Taskforce will operate from secure offices in Europol’s HQ assisted by experts and analysts from the European Cybercrime Centre,” said Troels Oerting, head of the EC3. “The aim is not purely strategic, but also very operational. The goal is to prevent cybercrime, to disrupt it, catch crooks and seize their illegal profits”

The EC3 has worked in numerous international operations, including the one against the banking Trojan Shylock, and a recently disrupted global scheme targeting money transfer services in Europe. With the launch of the J-CAT, law enforcement agencies want to further strengthen anti-cybercrime efforts and make joint investigations as efficient as possible.

The new taskforce will collect data on malware development and distribution, botnets, online fraud, and cyber intrusions from national repositories, government agencies and private sector partners. The data will end up converted into actionable intelligence used in investigations. The J-CAT will also organize meetings to obtain input on online threats from computer emergency response teams (CERTs) and private companies.

“There are many challenges faced by law enforcement agencies with regards to cyber criminals and cyber attacks. This is why there needs to be a truly holistic and collaborative approach taken when tackling them,” Archibald said. “The J-CAT will, for the first time, bring together a coalition of countries across Europe and beyond to coordinate the operational response to the common current and emerging global cyber threats faced by J-CAT members.”

In June, Europol signed an agreement with the European Union Agency for Network and Information Security (ENISA) to help EU member states with combating and preventing cybercrime.

Tuesday, July 1, 2014 @ 11:07 AM gHale

Attackers mainly targeting the energy sector were able to get in and surreptitiously cull strategic information.

As more reports become public, it is apparent the attack, labeled Dragonfly, is a cyber espionage program mainly targeting energy grid operators, major electricity generation firms, petroleum pipeline operators, and energy industry industrial equipment providers, according to a report from Symantec. The majority of the victims were located in the United States, Spain, France, Italy, Germany, Turkey, and Poland.

Update to ICS Malware Alert
Feds: Malware Focusing on ICS
Malware Targets ICS/SCADA
Highway Sign Fix: Change Default Password

The attacker’s approach is very strategic and almost surgical in how they are able to get into various systems. The Dragonfly group has a range of malware tools at its disposal and is capable of launching attacks through a number of different vectors. Its most ambitious attack campaign saw it compromise a number of industrial control system (ICS) equipment providers, infecting their software with a remote access-type Trojan. This caused companies to install the malware when downloading software updates for computers running ICS equipment, Symantec report said. These infections not only gave the attackers a beachhead in the targeted organizations’ networks, but also gave them the means to mount sabotage operations against infected ICS computers.

As more information is releasing, ICS-CERT is continually issuing new reports on its public portal.

Dragonfly appears to have a broad focus with espionage and persistent access as its current objective with sabotage as an optional capability if required.

In addition to compromising ICS software, Dragonfly has used spam email campaigns and watering hole attacks to infect targeted organizations. The group has used two main malware tools: Backdoor.Oldrea and Trojan.Karagany. The former appears to be a custom piece of malware, either written by or for the attackers.

The Dragonfly group, also known by other vendors as Energetic Bear, appears to have been in operation since at least 2011 and may have been active even longer than that, according to the report. Dragonfly initially targeted defense and aviation companies in the U.S. and Canada before shifting its focus mainly to U.S. and European energy firms in early 2013.

Tactics Expand
The campaign against the European and American energy sector quickly expanded in scope. The group initially began sending malware in phishing emails to personnel in target firms, according to the report. Later, the group added watering hole attacks to its offensive, compromising websites visited by those working in energy in order to redirect them to websites hosting an exploit kit. The exploit kit in turn delivered malware to the victim’s computer. The third phase of the campaign was the Trojanizing of legitimate software bundles belonging to three different ICS equipment manufacturers.

Dragonfly bears the hallmarks of a state-sponsored operation, displaying a high degree of technical capability. The group is able to mount attacks through multiple vectors and compromise numerous third party websites in the process. Dragonfly has targeted multiple organizations in the energy sector over a long period of time. Its current main motive appears to be cyber espionage. But that also has the potential for sabotage.

Top 10 countries by active infections where attackers stole information from infected computers. Source: Symantec

Top 10 countries by active infections where attackers stole information from infected computers.
Source: Symantec

Analysis of the compilation timestamps on the malware used by the attackers indicates the group mostly worked between Monday and Friday, with activity mainly concentrated in a nine-hour period that corresponded to a 9 am to 6 pm working day in the UTC +4 time zone. Based on this information, it is likely the attackers are in Eastern Europe.

Dragonfly uses two main pieces of malware in its attacks. Both are remote access tool (RAT) type malware which provide the attackers with access and control of compromised computers. Dragonfly’s favored malware tool is Backdoor.Oldrea, also known as Havex or the Energetic Bear RAT. Oldrea acts as a back door for the attackers on to the victim’s computer, allowing them to extract data and install further malware.

Oldrea appears to be custom malware, either written by the group itself or created for it. This provides some indication of the capabilities and resources behind the Dragonfly group.

Once installed on a victim’s computer, Oldrea gathers system information, along with lists of files, programs installed, and root of available drives. It will also extract data from the computer’s Outlook address book and VPN configuration files. This data then writes to a temporary file in an encrypted format before sending to a remote command-and-control (C&C) server controlled by the attackers.

The majority of C&C servers appear to be on compromised servers running content management systems, indicating the attackers may have used the same exploit to gain control of each server. Oldrea has a basic control panel which allows an authenticated user to download a compressed version of the stolen data for each particular victim.

More Malware
The second main tool used is Trojan.Karagany. Unlike Oldrea, Karagany was available on the underground market. The source code for version 1 of Karagany leaked in 2010. Symantec believes Dragonfly may have taken this source code and modified it for its own use. Symantec detected this version as Trojan.Karagany!gen1.

Karagany is capable of uploading stolen data, downloading new files, and running executable files on an infected computer. It is also capable of running additional plugins, such as tools for collecting passwords, taking screenshots, and cataloging documents on infected computers.

Symantec found the majority of computers compromised by the attackers suffered infection with Oldrea. Karagany saw use in 5 percent of infections. The two pieces of malware are similar in functionality and what prompts the attackers to choose one tool over another remains unknown.

The Dragonfly group used at least three infection tactics against targets in the energy sector. The earliest method was an email campaign, which saw selected executives and senior employees in target companies receive emails containing a malicious PDF attachment. Infected emails had one of two subject lines: “The account” or “Settlement of delivery problem.” All of the emails were from a single Gmail address.

The spam campaign began in February 2013 and continued into June 2013. Symantec identified seven different organizations targeted in this campaign. The number of emails sent to each organization ranged from one to 84.

The attackers then shifted their focus to watering hole attacks, comprising a number of energy-related websites and injecting an iframe into each which redirected visitors to another compromised legitimate website hosting the Lightsout exploit kit. Lightsout exploits either Java or Internet Explorer in order to drop Oldrea or Karagany on the victim’s computer. The fact the attackers compromised multiple legitimate websites for each stage of the operation is further evidence that the group has strong technical capabilities.

In September 2013, Dragonfly began using a new version of this exploit kit, known as the Hello exploit kit. The landing page for this kit contains JavaScript which fingerprints the system, identifying installed browser plugins. The victim then ends up redirected to a URL which in turn determines the best exploit to use based on the information collected.

Going After ICS Vendors
The most ambitious attack vector used by Dragonfly was the compromise of a number of legitimate software packages. Three different ICS equipment providers ended up targeted and malware inserted into the software bundles they had made available for download on their websites. All three companies made equipment used in a number of industrial sectors, including energy.

The first identified Trojanized software was a product used to provide VPN access to programmable logic controller (PLC) type devices. The vendor discovered the attack shortly after it was mounted, but there had already been 250 unique downloads of the compromised software.

The second company to suffer compromise was a European manufacturer of specialist PLC type devices. In this instance, a software package containing a driver for one of its devices ended up compromised. Symantec estimated the Trojanized software was available for download for at least six weeks in June and July 2013.

The third firm attacked was a European company which develops systems to manage wind turbines, biogas plants, and other energy infrastructure. Symantec believes that compromised software may have been available for download for approximately ten days in April 2014.

The Dragonfly group is technically adept and able to think strategically. Given the size of some of its targets, the group found a “soft underbelly” by compromising their suppliers, which are invariably smaller, less protected companies.

Click here for more information on the Dragonfly attacks.

Wednesday, June 18, 2014 @ 04:06 PM gHale

XP may be gone in Microsoft’s eyes, but it is still going strong with small to medium businesses, a new study said.

Almost one in five small and medium businesses worldwide are currently exposed to major security risks as they are still using Windows XP after Microsoft ended support for the operating system in April, said security firm Bitdefender.

Warning over XP Update Trap
How to Mitigate Potential XP Vulnerabilities
Microsoft Extends Update Deadline
Microsoft Strengthens Cloud Security

The research, conducted in countries including the UK, Germany, Spain and the U.S., shows businesses still rely on the legacy Microsoft OS despite security concerns. Millions of malware attacks target companies every month and hackers try to steal confidential data by taking advantage of the system’s vulnerabilities.

The Bitdefender study, carried out from March to May 2014 on a sample of over 5,000 companies in areas including retail, healthcare and education, found enterprises that continue to run Windows XP since the April 8 end-of-support date are now more vulnerable to cyber attacks.

Users of the operating system no longer receive new security updates, non-security hotfixes, free or paid assisted support options or online technical content updates.

“A few weeks after the end of support announcement, a new Internet Explorer Zero Day vulnerability turned into a permanent threat for XP users,” said Catalin Cosoi, chief security strategist at Bitdefender. “That was until Microsoft issued a patch that was made available for Windows XP users as well. However, this was an exception that shouldn’t make enterprises believe it will happen again, so the swift migration from XP is a must for all users.”

The most targeted company in the three-month analysis was a web marketing business that had to deal with almost 800 million malware attacks. Other SMBs in the top targeted industries included a logistic services firm based in the UK and an Irish retail company.

Bitdefender’s research showed that 37 percent of SMB employees are working remotely or from home, increasing BYOD trends and security risks. At the same time, 17 percent of SMBs allow employee-owned mobile devices full access to the VPN.

The study also showed 53 percent of the companies upgraded to the more secure system Windows 7 Professional. Only a small percentage of the analyzed SMBs are using other Windows versions such as 7 Home Premium and Windows 8.1 Pro, while a few have also installed dedicated server products.

Tuesday, June 10, 2014 @ 03:06 PM gHale

By connecting dead ends, it is possible to significantly increase power grid stability.

As the input from renewable sources is volatile because of the uncertainty of things like how much and how hard the wind blows or if the sun is shining, there’s a higher risk of local power instabilities and potential blackouts.

Nanoparticles See the Solar Cell Light
Rust Solution Leads to Solar Fuel
Driving Down Costs to Solar Cells
Solar Cells get the Lead Out

In an effort to curb those issues, scientists from the Potsdam Institute for Climate Impact Research (PIK) in Potsdam, Germany, created a novel concept from nonlinear systems analysis called basin stability. They found by connecting dead ends can significantly increase power grid stability. The findings ended up confirmed via a case study of the Scandinavian power system.

“The cheapest and thus widespread way to implement new generators into a high-voltage power grid is by simply adding single connections, like creating dead-end streets in a road network,” said Peter J. Menck, lead author of a study on the subject.

To test the resulting system’s stability, the scientists simulated large perturbations in a standard electrical engineering model. “We found that in the power grid nodes close to the dead-end connections, the ability to withstand perturbations is largely reduced,” Menck said.

“Yet it turned out that this can be easily repaired by judiciously adding just a few transmission lines,” Menck said. Apparently, the provision of alternative routes in the network should allow for a dispersion of perturbation effects. Thereby, technical protection mechanisms at the different nodes of the grid can deal with problems, while dead ends make the effects culminate at single points of the network.

These new insights are the result of applying for the first time the novel mathematical concept of basin stability developed at PIK.

“From energy grids to the Amazon jungle or human body cells, systems possess multiple stable states,” said co-author Jürgen Kurths who leads the institute’s research domain “Transdisciplinary Methods and Concepts.”

“To understand blackouts, forest dieback, or cancer, it is crucial to quantify the stability of a system – and that’s precisely what we’re now able to do,” he said.

The concept conceives a system’s alternative states as points in a mountainous landscape with steep rocks and deep valleys. The likelihood that a system returns to a specific sink after suffering a severe blow depends on how big this basin is.

“Compared to the potential costs of a blackout, adding a few transmission lines would definitely be affordable,” said co-author Hans Joachim Schellnhuber, director of PIK. “The new study gives just one example that innovative solutions, in our case even based on already existing technology, can indeed help master the transformation of our energy system, for many good reasons such as climate stabilization.”

Archived Entries