Advanced sensors are viewed as important for improving operations in critical facilities such as power plants – but can they ultimately undermine cyber defenses? New research recently published in IEEE Transactions on Power Systems prepares for not if, but when that day will come.
In the wake of large government investments made to modernize the electric power grid, advanced sensors that communicate via shared IP and internet networks are being implemented to deliver higher volumes of data, quicker. Initiatives like the North American Synchrophasor Initiative (NASPI) specifically encourage the use of these sensors because they offer nearly 100% visibility into the bulk power system, which allows facilities to more efficiently and affordably manage their operations using real-time data.
But from a cyber-security standpoint, that data could be vulnerable to hacking and manipulation, which could pose a threat to national grids.
One particular IP sensor elevating the observability – and vulnerability – of the power grid is the phasor measurement unit (PMU). PMUs measure voltage angle and magnitude of electricity, which are key to achieving optimal power flow and keeping the grid stable. Five years ago there were only 200 PMUs in North America, whereas today there are more than 1,700 PMUs deployed across the U.S. and Canada*. Despite their high price, PMU usage continues to rise exponentially.
If one PMU is compromised by an attacker, they can rapidly infect each other, threatening security at a mass-scale.
Recognizing that PMUs are here to stay, a research team from Clarkson and Auburn Universities, led by Seyedamirabbas “Amir” Mousavian, proposes a model for controlling damage caused by cyber-attacks. The team’s model uses mixed integer linear programming (MILP) to disable not only sensors contaminated by the attack, but also uncontaminated sensors based on the likelihood of contagion. The goal of the model is to stay one step ahead of attackers by disabling at-risk PMUs while keeping enough PMUs connected to not lose observability of the network. After an attack, disabled PMUs can be inspected and cleansed for full restoration.
“PMU technology advances the reliability of the grid, and its market growth is undeniable,” said Mousavian. “That said, if one PMU is compromised by an attacker, they can rapidly infect each other, threatening security at a mass-scale. Our model offers a flexible prevention method that will only become more beneficial as PMUs become more widespread.”
The team tested its approach on two power systems, and the results in both cases significantly slowed the spread of the cyber-attacks. The model was effective in the most likely scenario, a single attack on a smaller or mid-sized power system, though the team suggests adjustments for larger-systems solutions.
While increasingly forecasted, a cyber-attack has yet to collapse the national grid, and perhaps administering a robust counter-maneuver like MILP can keep it that way.
You can also find more articles about “PMUs” in IEEE Xplore.
*Intelligent Utility, Alison Silverstein (NASPI), Nov/Dec 2014
