Cyber Defense Tool Is an Early Warning System for Grid Attacks
David Wagman | March 28, 2018
A rifle attack on an electrical substation near California’s Silicon Valley in April 2013 led to the development of a new tool for grid operators that will enable them to better detect not only a brutal physical attack but also the slightest hint of a hacker looking for vulnerabilities in these critical links in the grid.
A rifle assault means the attacker has to come close enough to blast away at a substation. Perhaps more worrisome to grid operators, however, is the possibility of a cyberattack launched remotely from anywhere on the globe.
Stoking those concerns is the fear that a seminal event in using computer networks to bring down a nation’s infrastructure — the December 2015 assault on Ukraine’s power grid — will happen again. In that attack, hackers switched off 30 substations across three energy distribution companies, disrupting electricity supply to around 230,000 end users for up to six hours.
Against those background events, a team of researchers working at the U.S. Energy Department’s Lawrence Berkeley National Laboratory completed work earlier this year on a project to design and implement a tool they say can detect cyberattacks and physical assaults on power distribution networks.
Their tool, developed after three years of work, uses micro phasor measurement units (μPMUs) to collect information about the physical state of the power distribution grid. Combining that data with SCADA (supervisory control and data acquisition) information provides real-time insights into system performance and alerts grid operators to even a minor disruption. (Read more.)