Smart Grid Forensic Science: Applications, Challenges, and Open Issues

Transcription

1 ULTIMATE TECHNOLOGIES AND ADVANCES FOR FUTURE SMART GRID UTASG Smart Grid Forensic Science: Applications, Challenges, and Open Issues Melike Erol-Kantarci and Hussein T. Mouftah, University of Ottawa ABSTRACT Smart grid forensic science is a newly flourishing research area that is tightly coupled with cyber and physical security of the smart grid. Post-mortem analysis of a power system after a cyber attack or natural disaster generally provides the most accurate comprehension of the real-world vulnerabilities of the system and helps to protect the grid against similar attacks in the future as well as avoid failures during disasters. Besides increasing the security level of the smart grid, smart grid forensics aids evidence collection for the service of criminal justice. For instance, data extracted from smart meters and data collectors can provide evidence to legal proceedings in electricity theft matters. Furthermore, authentication and timestamping audio recordings using power grid frequency have been employed in several recent academic studies, as well as by the Metropolitan Police Forensic Audio Laboratory in London. Briefly, smart grid forensic science is emerging as a powerful security component of the power system. On the other hand, storage and processing of the enormous amount of data introduce significant challenges together with the privacy issue. In this article, we introduce the emerging application areas of smart grid forensic science, discuss the challenges, and outline the open issues in the topic. This article aims to serve as a roadmap for future smart grid forensic studies. INTRODUCTION SMART GRID, ATTACKS AND NATURAL DISASTERS Information and communication technologies (ICT) are the primary enablers of the smart grid while carrying the risk of increasing security vulnerabilities of the grid, and allowing attackers to easily access the power system to either manipulate internal operation or steal state secrets and intellectual property. Attacks may initiate from various parts of the power system including smart meters, advanced metering infrastructure (AMI), electric transportation infrastructure (e.g., plug-in hybrid electric vehicle, PHEV, charging stations), energy storage subsystem, wide area measurement and situational awareness component distribution automation subsystem, or supervisory control and data acquisition (SCADA) network, and target vital components of the smart grid. Several serious cyber attacks have been reported even before implementation of the smart grid. For instance, in [1], Amin reported that back in 2003, an SQL server worm disabled the safety monitoring system of a nuclear power plant in Oak Harbor, Ohio, for several hours. The same article includes information on another incident from CIA reports which state that hackers intended to disrupt the power supply of several foreign overseas cities in past years. In those incidents, the attackers and their motives are still unknown due to lack of forensic analysis capabilities. Meanwhile, the impact, coverage, and frequency of similar attacks are anticipated to increase in the smart grid setting. Therefore, forensic analysis of attacks becomes a significant research and development area for smart grid researchers. Smart grid forensic studies cover disaster aftermath as well, since the vulnerabilities of the physical security of the power grid may yield more serious failures than some attacks are capable of. In [2], Kwasinski has discussed the damage to the power grid caused by the recent earthquake in Japan, which was followed by a giant tsunami. The author s findings after the disaster in Japan give significant insights on the physical security of the power grid infrastructure. DIGITAL FORENSICS Smart grid forensic studies can benefit from the diverse literature in the field of digital forensic science. Digital forensics refers to mathematical, statistical, and computer science methods employed to digital data in order to collect, identify, analyze, and interpret digital evidence. Today, the advanced digital forensic /13/$ IEEE

2 methods are capable of extracting fingerprints of digital media. For instance, digital image forensics enables access to fingerprints of cameras [3], while computer network forensics can provide user fingerprints from wireless networks such as IEEE [4]. Similarly, electric network frequency (ENF) can be considered as the fingerprint of the power grid. Recently, the Metropolitan Police Forensic Audio Laboratory in London has employed ENF for verification of evidential audio recordings [5]. SMART GRID FORENSICS Smart grid forensic studies are anticipated to be useful in identification of persons involved in electricity theft and attackers, obtaining insights to disaster-related failures, verification of digital audio and video recordings for crime investigation, as well as determining and addressing cyber and physical vulnerabilities of the smart grid. Detailed consumption information collected by the smart meters and AMI offers sophisticated methods to determine electricity theft, which is often associated with marijuana-growing operations. Smart grid forensics can play a significant role in investigation and enforcement of law in electricity theft and related crimes. Smart grid forensic studies will play a key role in investigation of cyber crimes such as hacking, viruses, digital espionage, and cyber terrorism performed to manipulate the operation of the power grid or to steal valuable information including intellectual property and state secrets. Identification of the vulnerabilities, source of an attack, and compromised components can be feasible by integrating forensic capabilities into the SCADA system and the emerging wide-area measurement and situational awareness component. Natural disasters may be more disruptive than manmade attacks. Smart grid forensics deals with the investigation of power system failures after disasters. Furthermore, smart grid forensics may help in collection and analysis of power grid frequency in a systematic way that allows fast timestamping and authentication of audio recordings. Before the potential of smart grid forensics is fully utilized, there are several challenges that need to be addressed. The extremely high volume of data introduces challenges for storage and processing. Additionally, investigations may necessitate access to different administrative domains, which may make it hard to attain or require legal permits. Live analysis is also challenging; collecting forensic data during system operation may not be feasible. Furthermore, data from smart meters, sensors, or other instruments may be manipulated to mislead forensic analysis. Therefore, authentication of the analyzed data is also another challenge. ORGANIZATION This article is organized as follows. We present the role of smart meters and submetering devices in smart grid forensic studies. We discuss forensic tools for SCADA and a wide-area situational Utility headquarter Data collector Repeater Figure 1. Smart meters and advanced metering infrastructure. awareness system, respectively. We discuss the role of smart grid forensics in disaster investigations, and present the use of smart grid data in authentication and timestamping of audio recordings. We discuss the challenges of forensic analysis. Finally, we present the open issues and conclude the article. SMART METERS AND SUBMETERING Basic smart meter features include collecting detailed consumption information such as time of electricity use, reporting outages, and allowing remote metering via AMI, which is illustrated in Fig. 1. One of the expected revenues from smart meter installation is prevention of electricity theft. In underdeveloped countries, electricity theft by hooking up wires to overhead lines has been common for people who cannot afford to pay their bills. On the other hand, in developed countries electricity theft is usually related to marijuana growing operations, which require high amounts of energy to power up air conditioners and lights. For instance, an electric utility from British Columbia, Canada, has reported that most of the electricity theft within its service domain occurs in relation to marijuana growing operations. Smart meters and AMI can play a significant role in the investigation and prevention of electricity theft since smart meters have adopted several protection schemes against tampering. For instance, they are capable of sending outage notification in case of physical tampering, and they also store remote meter access attempts. Once unauthorized access attempts exceed a certain threshold, a smart meter can transmit a message to the utility company. Thus, smart meters may serve to collect evidence for criminal justice in cases related to electricity theft. Smart meters provide fine-grained consumption data compared to analog meters, but they measure and store the aggregate consumption of several appliances and consumer goods, while submetering at the plug can provide finergrained information. Accurate breakdown of consumption can be useful for detecting attacks implemented by compromised appliances. Devices on consumer premises are relatively eas- 69

3 Data will need to be compressed after being processed for billing and other utility management purposes. During compression data may be aggregated and lose some content that may be useful for future forensic investigations. In addition, processing the high amount data even within a short time frame is time and resource consuming. Internet Server Workstation Workstation Server Printer Corporate LAN Figure 2. SCADA network, corporate LAN, and remote sites. ier to compromise, and the utility has little or no control over these devices. Therefore, modified consumer data can easily be generated and transmitted to the utility, which may cause inconvenience for the grid operators. Smart grid forensics deals with finding out the compromised appliances and the attackers organizing such load alteration attacks. Briefly, smart meters can be useful in crime investigations in various ways such as preventing electricity theft and providing insights to attacks. Meanwhile, authentication and verification of smart meter data, that is, to verify that a certain metering device collected the data under investigation, is also a subject matter of smart grid forensics. As utilities other than electricity (e.g., gas and water) adopt smart meters, there will be a significant amount of data that could relate the presence of a person at the crime scene and his/ her activities at the spot. Such evidence can be considered valid under authenticated meter data. Furthermore, legitimate evidence collection methods need to be practiced. Unauthorized access to smart meter data should not be allowed. Data should be accessed only with a warrant from the court. Thus, the domain of smart grid forensics is not investigating private data of citizens. It is related to collecting evidence after a crime to prove whether a person has committed the crime or not. Even in this case, smart grid forensics needs to be augmented with other forensic methods. Smart meter and AMI data investigation is challenging from several aspects. For most of the cases, it is not possible to store raw smart meter data over a long time period due to storage limitations. Data will need to be compressed after being processed for billing and other utility management purposes. During compression data may be aggregated and lose some content that may be useful for future forensic investigations. In addition, processing the high amount data even within a short timeframe is time and resource consuming. Operator workstation Modem PLC Server Process LAN PLC RTU Sensor PLC Remote site 1 Remote site 2 Remote distributed sites Modem Sensor RTU SCADA NETWORK FORENSIC ANALYSIS Modem SCADA is the common monitoring and control system for the power grid. It is also widely employed in industry and other infrastructures such as oil refineries, water treatment facilities, and transportation systems. Common components of a SCADA system are a human-machine interface, a supervisory system, a communication network, remote terminal units (RTUs), I/O devices, and control devices. I/O devices are basically sensors and actors, while control devices are Programmable Logic Controllers (PLC) and Intelligent Electronic Devices (IED). A sample SCADA network, remote sites and their connection to the corporate LAN is presented in Fig. 2. SCADA has been initially employed in closed systems which were built on proprietary protocols and operating systems. Due to this relatively secure implementation setting, security of SCADA has not been elaborated well. As the networking and information systems dominated the enterprises and open standards became dominant, several incidents have shown that SCADA may have serious vulnerabilities. For instance, the waste water management system in the Sunshine Coast, Queensland, Australia, has leaked one million liters of untreated sewage in local waterways over a three-month period in This incident has been as a result of an attack implemented by an ex-contractor acting with a motive of revenge who penetrated to the SCADA system and controlled the water pumps [6]. The attack was discovered by a human operator after monitoring all the messages passing through the SCADA system. The traditional SCADA networks do not have mechanisms to make post-mortem analysis of attacks or employ live analysis mechanisms that would allow investigation while the system is in operation. In [7] the authors describe an architecture that allows forensic investigation of 70

4 SCADA network incidents for an industrial setting. The main focus of the authors has been discovering the identity of the perpetrator and the causes of the security breach. To this end, forensic agents have been placed at strategic locations that send synopses of the packets to a data warehouse for post-processing and storage. By this method, the authors have been able to reconstruct network events and obtain SCADA network history. This approach has several drawbacks since it includes additional agents and data warehouse, which may increase the cost while those components may as well introduce security vulnerabilities. Forensic readiness of SCADA is a new research and development field. Very few studies have attempted to provide forensic capabilities to SCADA in a general factory setting (e.g., [7]). When the extremely large scale of the smart grid is considered, those mechanisms do not scale. In the smart grid, a scalable solution that is able to collect adequate evidence from the SCADA system for conclusive proof of a security breach is an open issue. Furthermore, live analysis of the SCADA system is highly challenging since any outside attempt to mimic the attacker behavior may cause adverse effects on the stability of the power grid. WIDE AREA SYSTEM FORENSIC ANALYSIS The ability of the smart grid to improve the reliability and visualization of the power grid will mostly depend on wide area measurement and situational awareness systems. The North American SynchroPhasor Initiative (NASPI), which is a collaborative effort of the U.S. Department of Energy (DoE), the North American Electric Reliability Corporation (NERC), and several electric utilities, aims to realize this vision by deploying a large number of phasor measurement units (s) and other wide area measurement instruments to the U.S. power grid. Currently, the U.S. power grid houses approximately 200 s, most of which are installed in substations and power plants, and over 600 additional s are planned to be installed through 2013 [8]. s provide timestamped and synchronized phasor measurements, which are basically phase vectors representing the magnitude and the phase angle of voltage, current, and frequency signals. The difference between the phase angles of two nodes implies power flow from the node with higher phase angle toward the node with less phase angle, and the power flow increases with this difference. If the power flow exceeds a certain threshold, the power grid may become unstable; therefore, monitoring phasors is vital. Time synchronization of phasors is further necessary to obtain a complete view of the grid at a specific time. For this purpose, phasors are synchronized by the Global Positioning System (GPS), and synchronized phasors are called synchrophasors. s take 30 to 60 measurements every second, providing higher-resolution measurements than SCADA, which is capable of providing samples every few seconds. Data from Local Local Data storage Utility Utility domain Figure 3. s, s, storage and a super- under utility and ISO domains. multiple s are collected and time-aligned at the phasor data concentrators (s), as seen in Fig. 3. In general, several s may be present at the utility level while a super- is accommodated at the regional independent system operator (ISO) level. The ISO stores synchrophasor measurements from multiple utilities. Synchronized measurements are particularly important for real-time control operations and fine-tuned power system planning of the large interconnections with time differences between regions. Synchrophasors also play a significant role in forensic analysis of grid disturbances. Pre-disturbance and post-disturbance real-time pictures of an interconnection can provide insights to failures. Furthermore, forensic analysis of data may reveal the location of compromised nodes if the failure is due to an attack. Traditionally, wide area power systems have been a target of load-based attacks, which select the node with the heaviest load as the victim. However, recent research has reported that nodes which are able to cause more severe cascading failures have been selected by attackers in recent incidents [9]. Furthermore, GPS spoofing attacks may provide falsified timestamps to s in order to mislead the control decisions of the grid operators. Forensic analysis of wide area situational awareness (WASA) systems may help in identification of those attacks as well as determining the sources of attacks. The significance of forensic analysis for WASA will be more pronounced with the adoption of intermittent renewable energy generators and PHEVs. The distributed power resources and mobile storage are more likely to be compromised and exploited by attackers to disrupt power grid stability. In summary, s may provide valuable forensic information while their security requires careful handling. At present, security standards for the network are not clearly defined, although NERC s critical infrastructure protection standards (CIP-002 through CIP-009) are considered to be applicable in the future. Storage of the extremely large amount of data is also challenging. In [8], storage required for Data storage Super ISO domain 71

5 Forensic analysis of the disaster in Japan reveals that the centralized power generation and distribution, and lack of microgrids had made the Japanese power grid more vulnerable. The author s findings after Hurricane Katrina have been similar where even small damages to the power infrastructure had caused outage in large regions. 1 Regulations forbid the utilization of distributed energy sources during outage because this may risk the safety of utility workers. measurements over a year has been calculated to be around 60 Tbytes/ISO considering that 10 utilities are collected under an ISO, each having 40 s. data will need to be compressed and archived, so forensic studies call for sophisticated compression techniques as well as enhanced data processing techniques to perform analysis over the archived data. DISASTER FORENSIC ANALYSIS The power grid as well as other critical infrastructures are built to withstand moderate natural disasters, but they may fail under a severe disaster. The damage to the Japanese power grid after the earthquake and tsunami in March 2011 has been investigated by Kwasinski in his recent article [2]. The author reports that the Japanese power grid in the coastal region was destroyed, largely by the tsunami. However, electricity outage spanned a much larger region where even the lightly damaged inland power grid was not able to distribute electricity. Furthermore, although many houses had solar panels, those panels were not utilized due to regulations that forbid their usage under outages. 1 Forensic analysis of the disaster in Japan reveals that the centralized power generation and distribution, and lack of microgrids made the Japanese power grid more vulnerable. The author s findings after Hurricane Katrina were similar, where even small damages to the power infrastructure caused outages in large regions. The smart grid is introducing a number of enhancements in the control of the power grid that are anticipated to improve the physical security of the power grid. On the other hand, control of the grid is becoming more dependent on communication systems, which means that physical security of the communication systems is equally important as the security of the power grid assets. For this reason, smart grid forensic studies dealing with disaster aftermath should also include investigating damages to the communication system. It is also important to be able to collect information seconds before a failure. Event logging in critical assets similar to flight recorders are disaster forensic tools still to be developed. Furthermore, recent research has shown that networks of smart microgrids increase the survivability of the power grid [10]. The investigation of impacts of diasters on microgrid networks is an open issue. AUDIO/VIDEO AUTHENTICATION AND TIMESTAMPING Digital audio and video recordings include an additional frequency component around 60 Hz in Americas and 50 Hz in most parts of the rest of the world. This component is a result of the nominal frequency of the power grid, which is called ENF. Recording devices powered by mains receive ENF from the power socket, while battery-powered recording devices are affected by the electromagnetic fields emanating from nearby power lines. Due to variations in load and generation, ENF deviates around its nominal value. Being a random signal, it serves as the fingerprint of the power grid. ENF is clearly observed in the frequency domain of the down-sampled signals and can be filtered by a bandpass filter around the nominal value of the power grid frequency. In forensic analysis, this fingerprint is compared to the historical pattern database of the ENF signal, which can be retrieved from another piece of equipment in the same network. With this technique, the time of audio recordings longer than approximately 10 minutes can be resolved. Besides, authenticity of a recording can be determined since any manipulation of the signal such as copying and pasting impact the ENF signal and cause abrupt phase changes. ENF has been used by the Metropolitan Police Forensic Audio Laboratory in London for evidential recordings in several cases [5]. Smart-grid-aided audio authentication and timestamping experience similar challenges to the above mentioned applications due to their data-intensive nature. The ENF pattern database requires additional storage as well as processing capabilities. However, different from smart meter or WASA data, collection of ENF signals does not enforce any security and privacy measures since anyone with a digital recorder is already able to observe the signal. CHALLENGES OF SMART GRID FORENSICS Privacy and security are equally important and challenging issues in most of the smart grid forensic studies. Particularly, metering and submetering data may reveal private information such as health, mental, and economic conditions, as well as the activities and choices of a person. Recent research has presented that it is possible to obtain a detailed picture of the activities in a property, including the absence or presence of people, the number of individuals in the property, sleep cycles, meal times, and shower times [11, 12]. Forensic methods should not violate the privacy of citizens, yet be effective to provide evidence in case of a criminal act. It is highly important that data is not made available unless a legal warrant is present. Evidential data call for secure and large storage, which is challenging in terms of cost. Raw metering data and smart grid measurements require a large space over a long period of time. Therefore, old data is archived after compression and aggregation. The aggregated data may lose some content that is useful for forensic analysis. In this case, deriving associations from data may be challenging and require sophisticated data processing algorithms. Forensic analysis generally relies on accurate clocks on devices, while WASA systems may be prone to timestamp attacks. These attacks can easily be implemented by GPS spoofing and setting clocks incorrectly. Incorrectly timestamped measurements may mislead the substation automation and the decisions of grid operators, and further challenge forensic analysis. The challenges on the SCADA system are the difficulty of performing live analysis and the 72

6 Applications Challenges Open issues Metering SCADA network Wide area measurement and control Disaster forensics Audio/video authentication by ENF Privacy of personal information Secure data collection and storage Data storage and processing cost Scalability Lack of live analysis tools Data processing and storage Secure data collection and storage GPS spoofing attacks Data collection during severe disasters Smart grid control under communication system failure or damage Obtaining pattern database for old recordings Compression techniques that do not lose alarm content Sophisticated data processing algorithms to derive associations from high volume of data Scalable data collection Compression techniques that do not lose alarm content Sophisticated data processing algorithms to derive associations from high volume of data Event logging hardware for highly critical assets (similar to flight data recorders) Signal processing for short audio and video recordings Table 1. A summary of applications, challenges and open issues in smart grid forensic science. scalability of forensic methods. Logging all SCADA messages and control actions in a central data warehouse may be feasible for an industrial plant; however, in the power system, it would generate excessive communication overhead and challenge transmission of critical monitoring and control messages. The challenges of smart grid forensic science are summarized in Table 1. OPEN ISSUES AND CONCLUSIONS Smart grid forensic science is an emerging research and development field that aims to extract evidential data from the smart grid in a useful and legitimate manner. There are various open issues that need to be addressed before forensic analysis is exploited to its full potential. Security and privacy are the major issues. Systems designed for forensic analysis collect information that can easily become a target of an attack. Thus, data collected for forensic analysis requires secure communication links. Storage devices should employ authentication mechanisms to prevent unauthorized access. Another open issue is processing the huge amount of data and extracting useful features. Data collected from AMI, the SCADA network, and the network require sophisticated processing algorithms that can find associations between data. Additionally, data archiving should be implemented without losing alarms. Forensic readiness of SCADA systems is a newly emerging research and development field. Scalable solutions that are able to collect adequate evidence from SCADA have yet to be developed. Furthermore, events occurring seconds before a failure may provide valuable insights on system vulnerabilities. However, inexpensive and robust event logging hardware is not available even for the highly critical power grid assets. In the smart grid, the distributed nature of supply and mobile storage in the form of electric vehicles complicate forensic analysis. Forensic studies need to be able to make a solid distinction between unintentional misconfiguration and malicious behavior since distributed resources and mobile storage may be compromised, forced to act maliciously, and endanger grid stability. In this article, we have introduced smart grid forensic science, which is an emerging topic that requires the expertise of power grid and communications researchers, security experts, and criminal justice experts. We have identified some of the possible applications, outlined the challenges in the field, and pointed out the open issues. In Table 1, we have summarized the challenges and open issues in smart grid forensic application domains. This article aims to serve as a roadmap for future smart grid forensic studies. REFERENCES [1] M. Amin, Toward A More Secure, Strong and Smart Electric Power Grid, IEEE Smart Grid Newsletter, Jan [2] A. Kwasinski, Disaster Forensics, IEEE Spectrum, Dec [3] J. Fridrich Digital Image Forensics, IEEE Signal Proc. Mag., vol. 26, no. 2, 2009, pp [4] D. Takahashi et al., IEEE User Fingerprinting and Its Applications for Intrusion Detection, Computers and Mathematics with Applications, vol. 60, no. 2, July 2010, pp [5] A. Cooper, The Electric Network Frequency (ENF) as an Aid to Authenticating Forensic Digital Audio Recordings-an Automated Approach, Proc. 33rd Int l. Conf.: Audio Forensics Theory and Practice, June 2008, Denver, CO, USA. [6] J. Slay, E. Sitnikova, The Development of a Generic Framework for the Forensic Analysis of SCADA and Process Control Systems, Proc. Forensics in Telecommunications, Information and Multimedia, vol. 8, 2009, pp [7] T. Kilpatrick et al., Forensic Analysis of SCADA Systems and Networks, Int l. J. Security and Networks, vol. 3, no. 2, 2008, pp [8] M. Patel et al., Real-Time Application of Synchrophasors for Improving Reliability, Oct. 2010, nerc.com/filez/rapirtf.html; last accessed on Jan [9] W. Wang et al., Risk-aware Attacks and Catastrophic Cascading Failures in U.S. Power Grid, Proc. IEEE GLOBECOM, Houston, TX, Dec [10] M. Erol-Kantarci, B. Kantarci, and H. T. Mouftah, Reliable Overlay Topology Design for the Smart Microgrid Network, IEEE Network, Special Issue on Communication Infrastructures for Smart Grid, vol. 25, no. 5, Sept./Oct. 2011, pp

7 [11] Y. Yan et al., A Survey on Cyber Security for Smart Grid Communications, IEEE Commun. Surveys & Tutorials, vo. 14, no. 4, [12] M. A. Lisovich, D. K. Mulligan, and S. B. Wicker, Inferring Personal Information from Demand-Response Systems, IEEE Security & Privacy, vol. 8, no. 1, Jan. Feb. 2010, pp BIOGRAPHIES MELIKE EROL-KANTARCI (melike. erolkantarci@uottawa.ca) is a postdoctoral fellow at the School of Electrical Engineering and Computer Science, University of Ottawa. She received M. Sc. and Ph.D. degrees from the Department of Computer Engineering, Istanbul Technical University, Turkey, in 2004 and 2009, respectively. During her Ph.D. studies, she was a Fulbright visiting researcher at the Department of Computer Science, University of California at Los Angeles. She received her B.Sc. degree from the Department of Control and Computer Engineering of Istanbul Technical University, in Her main research interests are wireless sensor networks, smart grid communications, cyber-physical systems, and underwater sensor networks. She has over 40 refereed journal articles and conference papers. HUSSEIN MOUFTAH [F] (mouftah@uottawa.ca) joined the School of Information Technology and Engineering, University of Ottawa in September 2002 as a Canada Research Chair Professor. Previously he was with the ECE Department at Queen s University ( ), where he was prior to his departure a full professor and the department associate head. He has three years of industrial experience mainly at BNR of Ottawa, now Nortel Networks ( ). He served as Editor-in-Chief of IEEE Communications Magazine and IEEE ComSoc Director of Magazines, Chair of the Awards Committee, and Director of Education. He has been a Distinguished Speaker of IEEE ComSoc ( ). He is the author or coauthor of eight books, 57 book chapters, and more than 1200 technical papers and 12 patents in this area. He is a Fellow of the Canadian Academy of Engineering, the Engineering Institute of Canada, and the Royal Society of Canada RSC: The Academy of Science. 74