This group is the default community for every Energy Central registered member. We discuss and share a variety of topics related to the global power industry. 

212,392 Members

Post

Cybersecurity for the Power Grid

In my view, cybersecurity is like a race that never ends.  Attackers are building their capabilities even as organizations improve their defences.  

Many nation states and rogue organizations are developing their cyber attack capabilities.  In addition to attacks aimed at stealing money, we've seen attacks against power grid control systems to create widespread outages (e.g. Ukraine). 

As a former officer at a large U.S. utility, I am familiar with incident reponse planning and the execution of restoration operations.  I'm now in my "second career" at my alma mater, Worcester Polytechnic Institute (WPI), and I've taught classes about the North American Electric Reliability Corporation's Critical Infrastructure Protection (NERC CIP) Standards.  These Standards include mandatory requirements for specific actions to protect the power grid from both physical and cyber attacks.  These CIP Standards are:

  1. updated regularly to address emerging threats (e.g. attacks on utility supply-chain organizations aimed at embedding malware in devices); and
  2. enforced by vigorous, independent auditors backed by Federal Energy Regulatory Commission (FERC) fines for noncompliance. 

The result of these regulations and their enforcement is reduced risk of attacks that create widespread power outages.

I also lead a WPI research team supporting BAE Systems as part of the Defense Advanced Research Project Agency's Rapid Attack Detection, Isolation, and Characterization Systems (DARPA RADICS) intitative.  This initiative:

" . . . is to enable black start recovery of the power grid amidst a cyber-attack on the U.S. energy sector’s critical infrastructure. RADICS research is developing technology that cybersecurity personnel, power engineers, and first responders can utilize to accelerate restoration of cyber-impacted electrical systems.".  (Source:  https://www.darpa.mil/program/rapid-attack-detection-isolation-and-chara... ).

In conclusion, the U.S. Industry is improving defences and the U.S. Government is conducting research to add new restoration capabilities.  Here at WPI, a National Security Agency/ Department of Homeland Security designated "Center of Excellence" in Cybersecurity, we're pleased to participate in this worthwhile research and to educate people on how to better defend their computer networks.

Mike Ahern's picture

Thank Mike for the Post!

Energy Central contributors share their experience and insights for the benefit of other Members (like you). Please show them your appreciation by leaving a comment, 'liking' this post, or following this Member.

Discussions

No discussions yet. Start a discussion below.

Get Published - Build a Following

The Energy Central Power Industry Network is based on one core idea - power industry professionals helping each other and advancing the industry by sharing and learning from each other.

If you have an experience or insight to share or have learned something from a conference or seminar, your peers and colleagues on Energy Central want to hear about it. It's also easy to share a link to an article you've liked or an industry resource that you think would be helpful.

                 Learn more about posting on Energy Central »