The latest resilience news from around the world

Substations are a relatively weak link in power supply networks; now a new research project is working on developing a way to detect, mitigate, and recover from substation cyber attacks.

Chen-Ching Liu, American Electric Power Professor in the Bradley Department of Electrical and Computer Engineering at Virginia Tech and director of the Power and Energy Center, will work alongside academics, industry professionals, and the US Department of Energy for the next three years to improve power grid cyber resilience.

The $3 million grant funded by the Department of Energy comes at a time when cyber attacks on the electrical grid are not only possible but demonstrably devastating. In 2015, six substations in Ukraine’s electrical grid were attacked through remote control of the circuit breakers, resulting in a large-scale blackout that lasted nearly six hours. This attack revealed the vulnerabilities of the smart grid and was the first known cyber attack causing a major power outage.

Substations are usually unstaffed and often in remote locations. In addition, substations far outnumber power plants and control centers, making them a prime target for cyber attackers looking to cause as much damage as possible.

To combat these risks and prevent a similar attack to the US electrical grid, Liu and his team are developing Cyber-REsilience for SubsTations (CREST) technology. CREST operates in three main phases: detection, mitigation, and recovery. This new methodology emphasizes the detection of cyber threats and mitigation of these threats by enhancing cyber resilience.

“Recovery from a catastrophic power outage caused by cyber attacks is a new challenge to the industry,” said Liu. “In the past, power system restoration has been primarily concerned with recovery of the physical grid from weather-related events. The recovery of compromised cyber systems together with the physical grid is a new issue to be addressed.”

A key component of this research is the protection and enhancement of intelligent electronic devices. These devices, which already exist in the current power grid technology, allow portions of the substations and power grid to communicate with each other. Using machine-learning algorithms and artificial intelligence, Liu’s team will mimic cyber attacks that can be detected and stopped in their tracks to prevent the spread of malevolence to other points in the grid.

While detection and mitigation are preferred, Liu and his team also understand that recovery methods will still be necessary – especially as attackers become more persistent and successful at their craft. To aid in this recovery, Ming Jin, assistant professor in electrical and computer engineering and machine-learning expert, will develop Smart Cyber Switching technology. This smart switch will allow for compromised intelligent electronic devices to switch over to their healthy counterparts, restoring electricity and preventing further damage and infiltration of the substation.

To test this new methodology, the Commonwealth Cyber Initiative has provided the use of its computational testbed, which is “critically needed to provide a realistic environment to create a wide range of attack scenarios, evaluate the impact and validate the effectiveness of these new defense measures.” Other team members involved in the project include the University of Michigan-Dearborn as well as industry representatives from Southern Company research and development (R&D) and General Electric. 

Liu and the team expect to validate the proposed CREST solution at a substation in the Southern Company system in 2024. By testing hardware-in-the-loop with real-time digital simulators and network communications software, cyber attack scenarios will be introduced and evaluated. By collaborating with Southern Company’s R&D organization and General Electric, the team aims to develop a commercially viable cyber security solution.

“With the increasing risk of cyber attacks on the power grid, Southern Company R&D is looking forward to working with Virginia Tech and this project team to demonstrate cyber resilient technologies that can detect cyber attacks, mitigate the issue, and recover the functions they serve on the grid,” said Clifton Black, principal research engineer at Southern Company R&D. “This proposed work is both extremely valuable and timely.”

Liu and his team are optimistic about the future of this technology as well as the positive impacts it could have in terms of cyber attack prevention for consumers.

“As we adopt the technologies to increase the efficiency and reliability of the power grid, we must also develop the ‘shock absorption’ resilience to detect cyber attacks and mitigate their impact,” said Liu. “Our goal with CREST is to do just that.”

Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.