Gift Guide

Securing the Smart Grid: Next Generation Power Grid Security


Securing the Smart Grid discusses the features of the smart grid, particularly its strengths and weaknesses, to better understand threats and attacks, and to prevent insecure deployments of smart grid technologies. A smart grid is a modernized electric grid that uses information and communications technology to be able to process information, such as the behaviors of suppliers and consumers.
The book discusses different infrastructures in a smart grid, such as the automatic ...

See more details below
Other sellers (Paperback)
  • All (8) from $15.00   
  • New (6) from $28.08   
  • Used (2) from $15.00   
Securing the Smart Grid: Next Generation Power Grid Security

Available on NOOK devices and apps  
  • NOOK Devices
  • Samsung Galaxy Tab 4 NOOK 7.0
  • Samsung Galaxy Tab 4 NOOK 10.1
  • NOOK HD Tablet
  • NOOK HD+ Tablet
  • NOOK eReaders
  • NOOK Color
  • NOOK Tablet
  • Tablet/Phone
  • NOOK for Windows 8 Tablet
  • NOOK for iOS
  • NOOK for Android
  • NOOK Kids for iPad
  • PC/Mac
  • NOOK for Windows 8
  • NOOK for PC
  • NOOK for Mac
  • NOOK for Web

Want a NOOK? Explore Now

NOOK Book (eBook)
$28.49 price
(Save 42%)$49.95 List Price


Securing the Smart Grid discusses the features of the smart grid, particularly its strengths and weaknesses, to better understand threats and attacks, and to prevent insecure deployments of smart grid technologies. A smart grid is a modernized electric grid that uses information and communications technology to be able to process information, such as the behaviors of suppliers and consumers.
The book discusses different infrastructures in a smart grid, such as the automatic metering infrastructure (AMI). It also discusses the controls that consumers, device manufacturers, and utility companies can use to minimize the risk associated with the smart grid. It explains the smart grid components in detail so readers can understand how the confidentiality, integrity, and availability of these components can be secured or compromised.
This book will be a valuable reference for readers who secure the networks of smart grid deployments, as well as consumers who use smart grid devices.

  • Details how old and new hacking techniques can be used against the grid and how to defend against them
  • Discusses current security initiatives and how they fall short of what is needed
  • Find out how hackers can use the new infrastructure against itself
Read More Show Less

Editorial Reviews

From the Publisher
"The first step in securing the Smart Grid is to fully understand the threat landscape. This book provides both a timely and relevant overview of the subject - a must-read for anyone responsible for securing the grid as well as consumers looking to implement the technology!."— Dr. Patrick Engebretson, Assistant Professor of Computer Security, Dakota State University.

"Easy to read and full of valuable information, this book provides a wide-eyed view of our future and the security challenges we will be facing in our day-to-day lives. Exploring everything from home systems to large-scale power plants, this is a must-read for everyone in our technological society."— Thomas Wilhelm, ISSMP, CISSP, SCSECA, SCNA, SCSA, IEM, IAM

"Overall, Securing the Smart Grid: Next Generation Power Grid Securityprovides an excellent overview of the state of smart grid technology and its related security, privacy and regulatory issues. The book provides an excellent introduction for anyone looking to understand what smart grid is all about and its security and privacy issues."—Ben Rothke, Slashdot

Read More Show Less

Product Details

  • ISBN-13: 9781597495707
  • Publisher: Elsevier Science
  • Publication date: 10/7/2010
  • Pages: 320
  • Sales rank: 1,312,239
  • Product dimensions: 7.50 (w) x 9.20 (h) x 0.90 (d)

Meet the Author

Tony Flick has been working in the Information Security field for more than six years and is currently a Principal with FYRM Associates. Mr. Flick has assisted numerous organizations in achieving compliance with federal regulations and industry standards. His expertise includes risk management and compliance, assessments and audits, and research in emerging technologies. Mr. Flick has presented at Black Hat USA, DEFCON, and the OWASP Tampa local chapter on smart grid and application security concepts. Mr. Flick holds the CISSP certification. Additionally, Mr. Flick earned a Bachelors of Science in Computer Science and a Bachelors of Science in Mathematics.

Justin Morehouse is an Information Security professional with over 10 years of experience assisting Fortune 100 companies and Federal Government Agencies mature their Information Security programs. Over the past six years Mr. Morehouse has focused on the areas of attack and penetration, performing nearly 200 Security Assessments utilizing both NIST SP800-42’s “Blue Teaming” and “Red Teaming” approaches. Mr. Morehouse is the OWASP Tampa chapter leader and presented at IEEE’s EntNet. Mr. Morehouse holds the following degrees and certifications: CISSP, CISM, MCSE, MSIA, and QSA (Former). He is currently an adjunct professor at DeVry University.

Read More Show Less

Read an Excerpt

Securing the Smart Grid

Next Generation Power Grid Security
By Tony Flick Justin Morehouse


Copyright © 2011 Elsevier Inc.
All right reserved.

ISBN: 978-1-59749-571-4

Chapter One

Smart Grid: What Is It?


• A Brief History of Electrical Grids

• What Is Automatic Meter Reading (AMR)?

• Future Infrastructure

• What Is a Smart Grid?

• What Is AMI?

• International Initiatives

• Why Do We Need to Secure the Smart Grid?

Over the past several years, the promise of smart grids and their benefits has been widely publicized. Bringing updated technologies to power generation, transmission, and consumption, smart grids are touted to revolutionize our economy, environment, and national security. Corporations large and small foresaw the emerging markets for smart grid technologies and rushed to be the first to deliver. More often than not, security has taken a backseat to the rush to implement. This book will take a look at the potential consequences of designing and implementing smart grid technologies without integrating security. We will also offer recommendations on how to address these consequences so that the promise of smart grids can be fulfilled ... securely.


Technologies related to electric grids have roots dating back to the late nineteenth century. Thomas Edison's, as shown in Figure 1.1, direct current (DC) and Nikola Tesla's, as shown in Figure 1.2, alternating current (AC) continue to be utilized to this day. Today, electricity is transmitted using AC, while DC has special applications, usually within residential and commercial buildings.

What Is an Electric Grid?

Electric grids perform three major functions: power generation, transmission, and distribution. Power generation is the first step in delivering electricity and is performed at power station (coal, nuclear, geothermal, hydro, and so on). Power transmission is the second step in delivering electricity and involves the transfer of electricity from the power stations to power companies' distribution systems. Finally, power distribution completes the electric grids' functions by delivering power to consumers. The major difference between power transmission and power distribution is that power transmission utilizes infrastructure that can handle high voltage (110+ kV), whereas power distribution utilizes infrastructure that can handle medium (<50 kV) and low (<1 kV) voltage.

Grid Topologies

In its simplest form, an electric grid is a network. The use of the term "grid" can refer to a complete infrastructure that encompasses power generation, transmission, and distribution, or it can refer to a subset of a larger infrastructure.

Distribution networks are less complicated than that of transmission networks, as transmission networks are often interconnected with other regional transmission networks to provide greater redundancy. At first glance, this interconnection appears to provide greater reliability in feeding distribution networks, but many factors come into play in ensuring continuous power to end consumers.

Transmission networks must effectively manage both power generation and consumption as a power failure, or spike in consumption in one area may result in adverse affects in another area of the network. The United States established the North American Electric Reliability Corporation (NERC — to ensure the reliability of the bulk power system in North America. This nonprofit organization's area of responsibility includes the contiguous United States, Canada, and part of the Baja peninsula in Mexico.

There are two primary topologies in use in the United States for power distribution. The most common topology is the radial grid, as shown in Figure 1.3. In a radial grid, electricity is distributed from a substation in a pattern that resembles a tree with many branches and leaves. As the electricity is carried across the power lines, its strength is reduced until it reaches its final destination. The other primary topology utilized for power distribution is mesh grid, as shown in Figure 1.4. Mesh grids provide greater reliability than radial grids because in a radial grid, each branch and leaf receives power from a single source (the tree), whereas in a mesh grid, power can be provided through other sources (other branches and leaves). Radial grids do provide limited redundancy, in that a second substation in close proximity can feed into the grid, but this assumes that the secondary substation is not suffering from the same condition as the primary.

The looped topology, utilized primarily in Europe, is a mix between the radial and mesh topologies. A looped topology, as shown in Figure 1.5, is much like a radial topology, except that each branch and leaf has two separate paths from the substation. Where the radial topology is vulnerable to single points of failure, the looped topology provides greater reliability. The goal of the looped topology is to be able to withstand a disruption in the grid, regardless of where it may occur. Much like the mesh topology, the looped topology is costlier than the radial topology, as each end of the loop must meet the requirements for power and voltage drops.

Modernizing the Electric Grids

Currently, the electrical infrastructure in the United States is not up to the task of powering America's future. According to Carol Browner, director of the White House Office of Energy and Climate Change, "We [the United States] have a very antiquated (electric grid) system in our country ... The current system is outdated, it's dilapidated." Across all three functions of an electrical grid, significant improvements can be made to increase the reliability and efficiency of power generation, transmission, and distribution.

Deregulation is often touted as a means to modernizing today's electrical grids. Deregulation encompasses moving from today's regulated landscape where often larger power companies are granted monopoly status and control power generation, transmission, and distribution for a geographic area to a deregulated landscape where the free markets would dictate all three functions of the electrical grids. In a deregulated landscape, power generation, transmission, and distribution could be handled by separate companies, all working to provide more efficient, reliable, and cost-effective solutions.

Many other ideas exist to modernize today's electrical grids. The most prominent of which is the smart grid. Recent initiatives championed by the Obama Administration, including $3.4 billion awarded for projects such as smart meter implementations, grid infrastructure advancement, and manufacturing smart appliances will soon be a reality.


Evolving from Tesla's design, the automatic meter reading (AMR) infrastructure introduced automation to the electric grid in 1977 (read more at www.metretekfl. com). Through a combination of technologies, including wired and wireless networks, AMR's most significant advancement resulted in electric companies being able to remotely read meters. Once AMR was implemented, the electric companies could more easily obtain meter readings in near real time, and provide customers with consumption-based bills. Previously, the electric companies relied on estimates when billing customers. With better, timelier information, electric companies were able to improve energy production through tighter control during peak and low demand periods.

AMR Technologies

To support the advancements of the AMR infrastructure, several technologies are utilized. For data collection, utility employees leverage handhelds and notebook computers. For data transport, wired and wireless networks are deployed to remotely read meter data.


Supporting utility employees' efforts to quickly and efficiently obtain meter readings, handheld devices, much like your common Personal Digital Assistant (PDA), as shown in Figure 1.6, are utilized. These devices read meter data in one of two ways. First, the electric worker can utilize "touch" technology to read a meter by simply touching the meter with a probe. This probe stores the meter data to the handheld for later retrieval and processing. Second, the handheld device may instead be fitted with a wireless receiver that reads the data transmitted by the meter, again with the data stored for later retrieval and processing.

Notebook Computers

Utility employees also utilize traditional mobile computers in meter reading. Rather than physically visiting each meter, as with the handheld devices, a mobile computer can be installed inside of an electric worker's vehicle to wirelessly read meters. Usually these deployments involve a combination of technologies, including a wireless technology, software, and the necessary hardware (GPS, antennas, and so on).

Wireless Networks

For data transport, a broad range of wireless technologies are utilized by the electric companies to read meter data. Radio Frequency (RF), Wi-Fi, Bluetooth, and even cellular technologies are currently in use. A majority of AMR devices utilize RF wireless technologies, with narrow band, direct-sequence spread spectrum (DSSS), and frequency-hopping spread spectrum (FHSS) being the most common. Less common technologies such as Zigbee and Wavenis have found their way into AMR deployments. When wireless communications are utilized, device makers either license frequencies from government agencies such as the Federal Communications Commission (FCC) or use unlicensed frequencies.

When Wi-Fi is chosen as the technology for remote data transport, traditionally the meters are not themselves Wi-Fi enabled, rather a management station that they report to (through RF) utilizes Wi-Fi to communicate its aggregated data to the electric company. This is the deployment model utilized by the city of Corpus Christi in Texas. In this deployment, the power meters mostly rely on the use of batteries and thus utilizing Wi-Fi was impractical because of its relatively high power consumption, when compared with RF. The power consumption requirements of Wi-Fi technology remain a barrier to its inclusion in AMR deployments.

Power Line Communication (PLC)

Power line communication (PLC) provides a completely remote solution for reading meter data. Data from meters is transmitted across the existing power line infrastructure to the local substation. From the local substation, data is then transported to the electric companies for processing and analysis. This type of dedicated infrastructure from the meter to the electric company is commonly referred to as a "fixed" network.

Hybrid Models

Although some AMR deployments may rely on a single technology for each part of its deployment, others utilize a hybrid model where multiple technologies are used. For example, data transport may primarily rely on PLC, but RF may be utilized if the PLC is unavailable. Other hybrid models may rely on RF to send data to aggregation points and then utilize PLC or Wi-Fi to transport data to the electric company.

AMR Network Topologies

Utilizing one or a combination of the aforementioned technologies, electric companies create a network from which meter information is obtained. These networks take on one of several topologies, including the following:

• Star network — A star network topology is implemented when meters transmit data to a central location. This central location can be a repeater, which then forwards the data to the electric companies, or it can simply act as data storage. A star network topology can utilize wireless technologies, PLC, or both.

• Mesh network — A mesh network topology is implemented when the meters themselves both transmit and receive data from other meters. Meters act much like the repeaters in a star network, and eventually data reaches the electric companies or a data storage device.

What Does It All Mean?

Looking at all of the parts that make up an AMR infrastructure, it is easy to see that security needs to be included from the design phase. With such a wide range of technologies possessing the ability to impact the confidentiality, availability, and integrity of data being transmitted across the AMR infrastructure, it is imperative to evaluate the security posture of each individual technology, as well as its interactions with other technologies.


As described in "A Brief History of Electrical Grids" section of this chapter, the current electric power infrastructure was designed to utilize existing technology and handle the requirements defined during the nineteenth and twentieth centuries. The increasing demands on an aging infrastructure can only be met by the fine-grain control and insight into consumer demand that the smart grid promises to deliver.

Justifications for Smart Grids

The proposed smart grids seek to remediate these issues, as well as numerous others. The major justifications for smart grids tend to fall into three categories: economic, environmental, and reliability. The United States Department of Energy (DOE) defines the goals of a smart grid as follows:

• Ensuring its reliability to degrees never before possible

• Maintaining its affordability

• Reinforcing our global competitiveness

• Fully accommodating renewable and traditional energy sources

• Potentially reducing our carbon footprint

• Introducing advancements and efficiencies yet to be envisioned.


Electricity must be consumed as soon as it is produced and consumers have grown accustom to the on-demand availability of electricity. Currently, this combination requires utility companies to generate enough supply to meet the electrical demand at any given moment. Because the exact demand is unknown, utility companies generate more electricity than is needed to compensate for the unexpected rise in consumption and achieve this level of service. This system of supply and demand results in waste when demand is overestimated and rolling blackouts when demand is underestimated.


In addition to waste, the reliability of the electric grid can be disrupted by numerous factors. Specifically, a drop in voltage from a power supply can cause brownouts, whereas environmental factors ranging from falling trees to thunderstorms and hurricanes can cause blackouts. Although these reliability problems tend to occur on a local scale, they can lead to more widespread problems that affect larger areas. Table 1.1 describes the different categories of power outages.

Renewable Energy Sources

Traditional power generation relies on an inexhaustible supply of energy resources that has no negative effects on the world. In such a scenario, centralized power generation that relies on an endless supply of the traditional energy resources would excel. However, limited resources and concerns over environmental impact are driving the movement for clean and renewable energy sources, such as wind and solar. Unfortunately, these types of clean, renewable resources have problems of their own including localization and continuity. For example, a solar power plant could generate large amounts of electricity if located in Florida; however, the output would be negligible if located in Antarctica. Additionally, current solar power plants all but cease to generate power during the night or during severe weather such as thunderstorms and hurricanes, which would drive the need for alternate sources of energy to meet demand. As a result, the current electric grid simply does not properly accommodate renewable energy sources.


A smart grid is not a single device, application, system, network, or even idea. There is no single, authoritative definition for the question: What is a smart grid? However, the definitions from the various authoritative organizations, such as DOE, NERC, and SmartGrids Technology Platform (, follow a common theme: Smart grids utilize communication technology and information to optimally transmit and distribute electricity from suppliers to consumers. Figure 1.7 illustrates the basic concepts of a smart grid. Additionally, smart grid is not a static concept. It will continue to evolve as the existing technologies evolve and new technologies are developed. The type, configuration, and implementation of these technologies and the access to and transmission and use of relevant information are of primary concern in securing smart grids and for this book.


Excerpted from Securing the Smart Grid by Tony Flick Justin Morehouse Copyright © 2011 by Elsevier Inc.. Excerpted by permission of Syngress. All rights reserved. No part of this excerpt may be reproduced or reprinted without permission in writing from the publisher.
Excerpts are provided by Dial-A-Book Inc. solely for the personal use of visitors to this web site.

Read More Show Less

Table of Contents

Acknowledgments Tony Flick Flick, Tony

Acknowledgments Justin Morehouse Morehouse, Justin

About the Authors

About the Technical Editor


Chapter 1 Smart Grid: What is it? 1

A Brief History of Electrical Grids 1

What is an Electric Grid? 1

Grid Topologies 2

Modernizing the Electric Grids 4

What is Automatic Meter Reading (AMR)? 6

AMR Technologies 6

AMR Network Topologies 8

Future Infrastructure 8

Justifications for Smart Grids 8

What is a Smart Grid? 10

Components 10

What is AMI? 13

International Initiatives 14

Australia 14

Canada 14

China 15

Europe 15

Why do We Need to Secure the Smart Grid? 15

Smart Grid versus Security 16

Mapping Smart Grid Goals to Security 16

Summary 18

Endnotes 18

Chapter 2 Threats and Impacts: Consumers 19

Consumer Threats 19

Naturally Occurring Threats 20

Weather and Other Natural Disasters 21

Individual and Organizational Threats 22

Smart Thieves and Stalkers 22

Hackers 23

Terrorism 25

Government 26

Utility Companies 27

Impacts on Consumers 28

Privacy 29

Impacts on Availability 30

Personal Availability 30

Mobility 31

Emergency Services 31

Financial Impacts 31

Likelihood of Attack 32

Summary 32

Endnotes 32

Chapter 3 Threats and Impacts: Utility Companies and Beyond 35

Confidentiality 36

Consumer Privacy 36

Proprietary Information 37

Integrity 38

Service Fraud 38

Sensor Data Manipulation 39

Availability 40

Consumer Targets 40

Organizational Targets 41

Vertical Targets 42

Market Manipulation 43

National Security Target 44

Summary 47

Endnotes 48

Chapter 4 Federal Effort to Secure Smart Grids 49

U.S. Federal Government 49

Energy and Independence Security Act of 2007 50

American Recovery and Reinvestment Act of 2009 50

DOE 53

Legacy Electric Grid Technologies 54

Current Smart Grid Technologies 55

Lack of Deployment Equals Lack of Risk 56


Mandatory Reliability Standards 57

Smart Grid Policy 57


NIST SP 1108 58

Smart Grid Cyber Security Strategy and Requirements 62


Sector-Specific Plans 67

Other Applicable Laws 67

The Identity Theft Enforcement and Restitution Act of 2008 67

Electronic Communications Privacy Act of 1986 68

Breach Notification Laws 69

Personal Information Protection and Electronic Documents Act 69

Sponsoring Security 70

Bureaucracy and Politics in Smart Grid Security 70

Summary 70

Endnotes 71

Chapter 5 State and Local Security Initiatives 73

State Government 73

State Laws 73

State Regulatory Bodies 75

National Association of Regulatory Utility Commissioners 76

Colorado PUC 78

PUC of Texas 79

Planning for the Future 80

State Courts 81

Colorado Court of Appeals 81

Implications 81

Promoting Security Education 82

Politics and the Smart Grid 83

Summary 83

Endnotes 84

Chapter 6 Public and Private Companies 85

Industry Plans for Self-Policing 85

NERC Critical Infrastructure Protection Standards 86

Compliance Versus Security 104

How Technology Vendors Can Fill the Gaps 105

How Utility Companies Can Fill the Gaps 106

Summary 106

Endnotes 106

Chapter 7 Attacking the Utility Companies 109

Motivation 109

Vulnerability Assessment versus Penetration Test 110

Other Aspects of a Security Assessment 111

Network Attacks 112

Methodologies 114

System Attacks 119


Legacy Systems 120

Application Attacks 121

Life-Imitating Art 121

Attacking Utility Company Web Applications 122

Attacking Compiled Code Applications 134

Wireless Attacks 135

Wireless Clients 137

Wi-Fi 138

Bluetooth 138

Cellular 138

Social Engineering Attacks 138

Selecting Targets 139

Physical Attacks 139

Attacking with a Friend 139

Putting It All Together 140

Summary 141

Endnotes 141

Chapter 8 Securing the Utility Companies 143

Smart Grid Security Program 143

ISO/IEC 27000 144

Top 12 Technical Practices to Secure the Smart Grid 153

Threat Modeling 153

Segmentation 154

Default Deny Firewall Rules 155

Code and Command Signing 155

Honeypots 156

Encryption 156

Vulnerability Management 156

Penetration Testing 157

Source Code Review 157

Configuration Hardening 158

Strong Authentication 158

Logging and Monitoring 158

Summary 159

Endnotes 159

Chapter 9 Third-Party Services 161

Service Providers 161

Billing 161

Consumer Interfaces 162

Device Support 166

Attacking Consumers 167

Functionality Undermines Security 167

Microsoft Hohm and Google PowerMeter 167

Smart Devices Gone Wild 169

Attacking Service Providers 170

Securing Third-Party Access to the Smart Grid 171

Trust 171

Data Access 172

Network Access 173

Secure Transport 174

Assessing the Third Party 175

Securing the Third Party 176

Summary 177

Endnotes 177

Chapter 10 Mobile Applications and Devices 179

Why Mobile Applications? 179

Platforms 180

Trust 180

Trusting Strangers 181

Attacks 182

Why Attack the Handset? 183

SMS 183

E-mail 183

Malicious Web Sites 184

Physical 184

Securing Mobile Devices 186

Traditional Security Controls 187

Secure Syncing 187

Disk Encryption 187

Screen Lock 188

Wiping the Device 190

Recovery 190

Forensics 190

Education 191

Secure Mobile Applications 191

Mobile Application Security Controls 191

Encryption 192

Summary 192

Endnotes 192

Chapter 11 Social Networking and the Smart Grid 195

The Smart Grid Gets Social 195

Twitter 195

Facebook 199

Social Networking Threats 203

Information Disclosure 204

Smart Grid Social Networking Security Checklist 207

Before You Begin 207

Basic Controls 207

Summary 209

Endnotes 210

Chapter 12 Attacking Smart Meters 211

Open Source Security Testing Methodology Manual (OSSTMM) 211

Information Security 213

Process Security Testing 214

Internet Technology Security Testing 215

Communication Security Testing 223

Wireless Security Testing 223

Physical Security Testing 225

NIST Special Publication 800-42: Guideline on Network Security Testing 226

Security Testing Techniques 226

Summary 231

Endnotes 231

Chapter 13 Attacking Smart Devices 233

Selecting a Target Smart Device 233

Attacking a Smart Device 235

Network Surveying 236

Port Scanning 238

Services Identification and System Identification 239

Vulnerability Research and Verification 241

Internet Application Testing 245

Password Cracking 251

Denial-of-Service Testing 254

Exploit Testing 255

Summary 256

Endnotes 256

Chapter 14 What's Next? 257

Timeline 257

What Should Consumers Expect? 258

Smart Devices 259

Smart Meters 261

Home Area Network 266

Electric Vehicles 267

Personal Power Plant 268

Privacy 268

What Should Smart Grid Technology Vendors Expect? 269

What Should Utility Companies Expect? 270

Reducing Energy Demand to Reduce Costs and Security 270

Diagnosing Problems Faster 271

Beyond Electricity 272

Curiosity Attacks 273

What Should Security Professionals Expect and What Do They Predict? 273

Security versus Functionality 273

Security Devices 275

Visions of Gloom and Doom 275

Smart Grid Community 276

Conferences 276

Agencies and Groups 276

Blogs, News Web Sites, and RSS Feeds 278

Summary 279

Endnotes 279

Index 283

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star


4 Star


3 Star


2 Star


1 Star


Your Rating:

Your Name: Create a Pen Name or

Barnes & Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation


  • - By submitting a review, you grant to Barnes & and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Terms of Use.
  • - Barnes & reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)