Managing Network Security

A Matter of Power

by Fred Cohen



Series Introduction

Networks dominate today's computing landscape and commercial technical protection is lagging behind attack technology. As a result, protection program success depends more on prudent management decisions than on the selection of technical safeguards. Managing Network Security takes a management view of protection and seeks to reconcile the need for security with the limitations of technology.


Crunch

In the last few months, California has started to suffer under the artificial power crunch and highly inflated prices that arise when the Republicans dominate the presidency and both houses of Congress. With the movement of one senator to party independence this has changed and prices are starting to ease while power availability is on the increase. The law suits will follow. Of course none of this has anything to do with the power crunch I am talking about in my article this month, but then what do you expect when I write these things on a Sunday morning...

The crunch I am referring to is the very real crunch associated with the effects of power - electrical power that is - on our buying decisions with regard to computers. But I am rushing ahead without beginning at the beginning...


Apollo 13

For those of you who did not live through it, the movie will do for our purposes - in fact it may be even better than the reality for our purposes. In the movie depicting the events surrounding the near disastrous flight of Apollo 13, the most vital key to the successful return of the astronauts came when the engineers on the ground came to understand that power was the most critical factor to making it home. Once this was realized, power was shut down beyond what was ever anticipated. But the batteries were still quite low and, ultimately, the problem arose of how to restart the computers necessary for successful reentry.

In the process of making a plan for the restarting of these computers, the real sticking point was that there was a maximum available level of power. If that level was exceeded at any time, the system would not restart and the crew would die before landing. They tried sequence after sequence on the ground until they found one that would work and the rest is history. Almost...


Mobile 25

At Mobile 25 at the Sandia National Laboratories (my day job), I run a group called the College Cyber Defenders. While we do lots of interesting things related to information protection... world, we have a problem... and the problem is one of power. The problem is that we are trying to get 250 computers into a workplace meant to house 25 people. As a result, there isn't enough power to really do the job. This leads to two major problems.

The first problem is that we cannot have all of the computers on at the same time. As a result, we have to schedule different projects for different times and cut back on work when we do demonstrations. The second problem is that we cannot turn many things on at the same time. The difference is that when you turn on computers and other equipment, there are turn on transients that tend to use more energy than when those devices operate at steady state.

For every problem there is a solution, even if it isn't necessarily one you might want to adopt... but we did. The solution was to create a database of the power consumption and turn on transient power consumption of every device we have. The database is then used to analyze how many of what kinds of computers can go on each circuit and to schedule power up sequences associated with the different devices in our environment. We implemented this database in 1999 and have been keeping it up since then.


Unintended Consequences

Naturally, when we thought we were doing one thing we were also doing other things that were related. In order to save money, we had used every old computer and display abandoned by everyone else in our local vicinity. It turned out that some of those displays were part of the problem we were having with power - they took a lot of it. We would take an 8 year old display and attach a $10 connector to get a working unit for next to nothing, but the power consumption was higher than a more recent display, so we were ending up paying more for electricity than we other wise would have had to. But it gets worse.

Along with higher electric bills, which we didn't have to pay because they were paid out of other budgets, we were generating more heat. This meant that the air conditioning load increased, generating more power consumption and higher temperatures. A side effect of higher temperatures is more rapid degradation of computing devices resulting in shorter lifetimes and more failures. On several occasions we overheated computers during demonstrations of distributed computing facilities and had partial failures. Fortunately our design allowed for such failures, but it doesn't look good and it certainly doesn't help ease the apprehensions associated with demonstrations.

All of these went largely unnoticed until the power crunches started to come. With the energy shortages in California, came power warning situations in which all unnecessary equipment had to be shut down. We have almost no necessary equipment, so that was not such a big issue, but we did have a lot of data on the power consumption of the equipment we had. As a result, we were uniquely positioned to start to use that information to our advantage.


Let the Calculations Begin

The data on power consumption was already in spreadsheets so that we could work the issues of controlling power allocation to sources, so with a relatively small amount of effort, we were able to reorganize the data we had so as to take cost per performance into account. By the time we were done, we were amazed at how bad many of our decisions had been.

The first thing we noticed was that different computers differ greatly in their power consumption. If you take into account their computing power, the power cost per million instructions per second (MIPS) of computing varies by more than a factor of 4 between different computers. At 10 cents per kilowatt hour - the price we expect to be at or near for quite some time to come - the cost differential between buying decisions from power consumption alone can easily reach $50 per year, or about $150 over the lifetime of the computing capability. The cost differential in buying more power efficient computers is on the order of $5-$10, and the cost is not always more for the lower power consumption computer. This holds true until you try to get the last little bit of power by going to a laptop design rather than a desktop design, at which point the price goes up considerably.

But it gets better. Every watt of power you save in computer energy, you save again several times over in air conditioning cost. Where I live, the summers get pretty hot. As a result, we need to air condition about 9 months of the year. Since almost all of the energy used by computers goes to heat, we have to pay for the power we use in computers twice. Once for their use and once for the removal of their resultant heat. So reducing power costs cools you twice.


Let's Monitor That

These results were quite stunning. But when we looked at our computer monitors, were were even more surprised. The price difference between a flat panel display and an old fashioned computer monitor has come down to only about $50 at the 15 inch size and you get 1024x768 resolution with no problem at all. But the power consumption for a flat panel display is about 1/5 the power consumption of a typical monitor. The resulting power cost savings is relatively minor because monitors don't use that much power and, while they tend to be used for 8-10 years, they also tend to be used for only 8 hours a day except in large data and control centers where they are less consequential because there are typically many computers per monitor. But the real savings comes in a very different form.

It turns out that flat panel displays take up about a square foot less space than comparable CRT displays. The net effect is that you save a square foot of desk or floor space. Prices for office space vary, but around here they are on the order of $20-$30 per square foot per month. At $20 this comes to $240 per year in savings by going to the flat panel displays. We need smaller desk areas for the same tasks and can fit more work in less space. The savings from this difference far outweigh any other savings we could find.

But the biggest benefit of all comes in a completely different way. Not only o people tend to prefer flat panel displays, it turns out that the use of reflective light instead of projected light is better for peoples' eyes. These screens reduce eye strain, are better from an ergonomic perspective, and cause fewer lifting injuries. They fit into places other displays would not be able to fit, they are quieter, and they are less fragile and dangerous in earthquakes, which we have in California.


Conclusions

You may rightly ask what this article is doing in this series, so I will explain myself. Security is not just about bits coming at you from over the wire. It's also about improved safety and health. Less heat generation, less air conditioning, less power consumption, less noise in the workplace, less eye strain, fewer lifting injuries, and lower cost. They sound like benefits to our security to me.

In my laboratory we are now buying flat panel displays at a rate of a dozen a month while replacing our oldest, largest, and most power consumptive displays. Within a few months we will have completed the conversion. We are also making smarter buying decisions as we replace computers. We aren't throwing out the ones we have recently bought, but in the replacement cycle we have chosen to include power costs in our calculation of lifecycle and acquisition costs.

Finally, I want to invite all of you to join us. Here's a good reason. The current statistics for California are that 1/3 of all the power used today is used by computers, much of it in data centers and in offices. By adding power and space costs to the buying decisions for computers and displays, it is a good estimate that 50% reduction in cost per performance can be attained over buying decisions that have not taken power into account. That translates into a 15% savings in power consumption for the state of California, and probably similar savings in many other places. Conservation can be attained by simply including the cost of power and space in your buying decisions. It is good for you and good for all of us.


About The Author:

Fred Cohen is thinking inside a bigger box as a Principal Member of Technical Staff at Sandia National Laboratories, helping clients meet their information protection needs at Fred Cohen and Associates, and educating defenders over-the-Internet on all aspects of information protection at the University of New Haven. He can be reached by sending email to fred at all.net or visiting http://all.net/