Detecting and blocking grid cyberattacks demonstrated
Researchers from Idaho National Laboratory and New Mexico-based Visgence developed a technology way to block cyberattacks from impacting the nation’s electric power grid.
Recently demonstrated at INL’s Critical Infrastructure Test Range Complex, the Constrained Cyber Communication Device (C3D) was tested against a series of remote access attempts indicative of a cyberattack. The device alerted operators to the abnormal commands and blocked them automatically, preventing attacks from accessing and damaging critical power grid components.
The C3D device uses advanced communication capabilities to autonomously review and filter commands sent to protective relay devices. Relays are designed to rapidly command breakers to turn off the flow of electricity when a disturbance is detected. However, relays do not block the speed and stealth of a cyberattack. To prevent this kind of attack, an intelligent and automatic filtering technology is necessary.
Researchers designed an electronic device that could be wired into a protective relay’s communication network and constructed a 36-foot mobile substation, onnecting it to INL’s full-scale electric power grid test bed to establish an at-scale power grid environment.
For the demonstration, researchers sent a sudden power spike command to the substation relays and monitored the effects from a nearby command center. Instantly, the C3D device blocked the command and prevented the attack from damaging the larger grid.
The development of the device was funded by DOE’s Office of Electricity
Original Release: Eureka Alert