It’s been nine years since the US government seriously addressed the threat of electromagnetic interference from a solar storm or nuclear event on the century-old US electrical grid.
Congress acted by proposing an upgrade to the grid at a cost of about $2 billion and the development of protections for 5,000 power-generation plants for an additional $250 million. The initiative stalled, and the movement to protect the country against electromagnetic pulses (EMPs) came to an abrupt halt.
And, when the Task Force on National and Homeland Security told Congress two years ago that EMPs pose “existential threats that could kill 9 of 10 Americans through starvation, disease, and societal collapse,” it raised some federal eyebrows but not much else.
Considering the critical nature of the potential (if obscure) threat, it’s a good thing that Mike Caruso’s crusade to push the government and the IT industry into action hasn't lost steam. For the past five years, the director of government and specialty business development at ETS-Lindgren has spoken at Data Center World, hoping to shed as much light as possible on the issue.
See also: Can Space Weather Kill the Cloud?
His efforts are paying big dividends today; and you might want to listen more closely than usual when Caruso takes the podium again July 12 at Data Center World Local in Chicago. He will talk about what data center professionals need to do now that the 2017 National Defense Authorization Act (NDAA) has been signed into law.
The NDAA Legislation requires that all 16 Critical Infrastructure Segments submit a preliminary study of what impact EMP would have on them. That includes any public or private company involved in: chemicals, commercial facilities, communications, critical manufacturing, dams, defense industrial base, emergency services, energy, financial services, food and agriculture, government facilities, healthcare and public heath, IT, nuclear reactors, sector-specific agencies, transportation, and water and wastewater systems.
“At this point only data centers with FedRAMP activity will be required to address EMP, but eventually all data centers serving any of the 16 Critical Infrastructure Segments will have to comply with regulations that the Department of Homeland Security (DHS) will create,” Caruso explained.
That’s required—but not funded—by the government.
FedRAMP is the certification program for companies that want to provide cloud services to federal agencies. More than 80 products are currently FedRAMP-authorized, with 65 additional ones in progress. They include cloud services by Amazon Web Services, Accenture, Adobe, Google, IBM, Microsoft, Hewlett Packard Enterprise, and Oracle.
“Because the critical infrastructure is comprised of mostly private/corporate ownership, the US government has not made plans to fund its EMP protection. However, in the case of utilities, there is the possibility of consumer rate increases to cover the capital expenses.”
The first step toward complying, Caruso suggested, would be to work with an expert to perform an evaluation of either their planned facility (early planning is essential) or their existing facility.
He said costs will vary according to the size and location of the data center. “New construction of an EMP- protected data center would be approximately 10 percent above the cost of a non-protected data center. Retrofitting an existing facility would be significantly more expensive and dependent upon the particular circumstances."
The good news for data centers is that the technology that can protect against EMP threats exists and is in use today. Caruso said RF shields and Faraday cages are affordable ways to protect either new facilities or existing ones. Both deflect electromagnetic energy.
To the naysayers who deny such threats exist, Caruso had this to say:
“I suggest they research the findings of the US government’s EMP Commission and consensus view of EMP experts who have advanced degrees in physics and electrical engineering along with several decades of experience in the field—with access to classified data throughout that time—and who have conducted EMP tests on a wide variety of electronic systems, beginning in 1963. Now, in today’s world, with the unfortunate reality of terrorists and rogue-nation activity, it’s not a matter of if a threat will impact the nation’s security, but when. That’s why we’re seeing legislation such as the NDAA enacted by the US government and increased involvement by the Department of Homeland Security.”
To learn more, come to Data Center World Local, Chicago next month.