Cybersecurity for the Power Grid
- September 14, 2018
- 668 views
In my view, cybersecurity is like a race that never ends. Attackers are building their capabilities even as organizations improve their defences.
Many nation states and rogue organizations are developing their cyber attack capabilities. In addition to attacks aimed at stealing money, we've seen attacks against power grid control systems to create widespread outages (e.g. Ukraine).
As a former officer at a large U.S. utility, I am familiar with incident reponse planning and the execution of restoration operations. I'm now in my "second career" at my alma mater, Worcester Polytechnic Institute (WPI), and I've taught classes about the North American Electric Reliability Corporation's Critical Infrastructure Protection (NERC CIP) Standards. These Standards include mandatory requirements for specific actions to protect the power grid from both physical and cyber attacks. These CIP Standards are:
- updated regularly to address emerging threats (e.g. attacks on utility supply-chain organizations aimed at embedding malware in devices); and
- enforced by vigorous, independent auditors backed by Federal Energy Regulatory Commission (FERC) fines for noncompliance.
The result of these regulations and their enforcement is reduced risk of attacks that create widespread power outages.
I also lead a WPI research team supporting BAE Systems as part of the Defense Advanced Research Project Agency's Rapid Attack Detection, Isolation, and Characterization Systems (DARPA RADICS) intitative. This initiative:
" . . . is to enable black start recovery of the power grid amidst a cyber-attack on the U.S. energy sector’s critical infrastructure. RADICS research is developing technology that cybersecurity personnel, power engineers, and first responders can utilize to accelerate restoration of cyber-impacted electrical systems.". (Source: https://www.darpa.mil/program/rapid-attack-detection-isolation-and-chara... ).
In conclusion, the U.S. Industry is improving defences and the U.S. Government is conducting research to add new restoration capabilities. Here at WPI, a National Security Agency/ Department of Homeland Security designated "Center of Excellence" in Cybersecurity, we're pleased to participate in this worthwhile research and to educate people on how to better defend their computer networks.