Today's electric grid increasingly uses “smart” devices that can be controlled remotely -- letting operators manage the grid better and more efficiently. But as the electric grid becomes smarter, it also becomes more vulnerable to hackers. That’s why a new initiative underway at the National Renewable Energy Laboratory (NREL) aims to prevent hackers from gaining control of parts of the nation's power grid, which could damage electrical equipment and cause localized power outages.
Tackling the challenge is Erfan Ibrahim and his team at NREL's Cyber Physical Systems Security and Resilience Center. Ibrahim's team launched an effort to build the Test Bed for Secure Distributed Grid Management. It’s a hardware system that mimics the communications, power systems, and cybersecurity layers for a utility's power distribution system, the part of the power grid that carries power from substations to homes and businesses.
The test bed incorporates a lot of brand-new cybersecurity technologies that need to be tested in order to make the system as secure as possible. So, naturally, they tried to break it. Specifically, they tried to hack the system.
Approaching the system from three different angles, they found a single vulnerability, which was due to a misconfigured cybersecurity device. Through that one cyber vulnerability, a designated white hat hacker was able to get into the system, gain administrator rights, and launch a denial of service attack that disabled the entire testbed. That’s the type of insight the test bed is designed to provide. One of the cybersecurity firms actually refined its product after seeing how it performed on the test bed.
"In three and a half months, we were able to pull a real-scale test bed together, attack it, and figure out what works and what doesn't work from a protection perspective," Ibrahim said. "Now we're sharing our findings with the industry to accelerate the adoption of empirically proven cybersecurity controls to systemically protect critical infrastructure."
Why the focus on cybersecurity? The White House and the Energy Department have called for our nation's power grid to transition to a smart grid, which will be more responsive to changing power needs, more able to integrate renewable energy, more efficient, and more reliable. In fact, the American Recovery and Reinvestment Act of 2009 provided the Energy Department with $4.5 billion to modernize the electric power grid. One key to this transition is adding communication and control devices to distant corners of the power grid, so that utilities have better picture of their grid and can respond quickly to problems. But the new technologies being added to the grid can be subject to hacker attacks, and they need a strong cybersecurity system.
The systems on the Test Bed aim to do just that. For example, keeping the communications, control, and cybersecurity systems separate help isolate any unwanted intrusions. And visualization tools show any unusual, unexpected connections or any strange behavior, like when the command arriving at a field device is not the same command that came from the control center
Part of the lesson learned is that cybersecurity is expensive, so NREL's advice to utilities might specify which approaches are cost-effective, and which are too expensive. Ibrahim also sees a potential industrial use of the test bed in verifying the cybersecurity of new grid-connected commercial products. "Before you go deploying something out in the field, don't just take a point test in the lab and extrapolate to production; you need something in between," Ibrahim said. "And that's the test bed. We can scale up and run full-scale experiments--some real, some simulated--before a company goes into production with a new product."
And although the test bed was designed to handle power distribution grids, Ibrahim says it can be applied easily to cybersecurity for other online energy devices, like electric vehicles, wind turbines, home energy networks, thermostats, and even demand response systems. As our energy world continues to expand with more Internet-connected devices, NREL's cybersecurity test bed will help to assure that those devices stay controlled by you, the user, and not some distant hacker or an insider threat.