An attack on that grid would involve getting out and cutting lines or dropping towers.
But there鈥檚 another, less visible piece to the grid 鈥 all the computers and communication networks that make it work. Attackers can go after the cyber grid, too. They can do it from a desktop. At no real cost. Potentially from anywhere in the world. With few if any clues left behind.
鈥淔rom an attack standpoint, that鈥檚 the cheapest form of attack with the lowest chance of being caught,鈥 said Doug Jacobson, a University Professor of Electrical and Computer Engineering at Iowa State University. 鈥淚t鈥檚 asymmetrical warfare at its best. A single individual can cause enormous damage.
鈥淚t鈥檚 not fair.鈥
And it鈥檚 real. Just last month, hackers knocked out dozens of Ukraine鈥檚 power substations, blacking out more than a hundred cities and partially blacking out nearly 200 more.
To minimize the threat of that kind of attack, Jacobson and Manimaran Govindarasu, Iowa State鈥檚 Ross Martin Mehl and Marylyne Munas Mehl Computer Engineering Professor, are leading studies of grid cyber security while also training industry professionals and educating students to protect the nation鈥檚 critical infrastructure.
A major part of their project is developing a high-fidelity, open-access testbed to help secure the power grid. They call it 鈥淧owerCyber鈥 and it鈥檚 designed to do vulnerability analysis, risk assessment, attack-defense evaluations and other tests.
The power grid is a complex cyber-physical system, Govindarasu said. There are the communication networks with Internet connections, algorithms and software. Then there are the power lines, towers, sensors, relays, actuators and other hardware.
PowerCyber integrates all of those elements 鈥 including actual relay equipment and other hardware 鈥 then adds sophisticated models of the grid system and virtual Internet technology. That Internet technology is based on ISEAGE (pronounced 鈥渋ce age,鈥 the Internet-Scale Event and Attack Generation Environment), a controlled, simulated Internet for cyber security studies. Jacobson developed the technology at Iowa State with support from the U.S. Department of Justice.
鈥淲e can use this testbed to run attacks and see the consequences on the power system,鈥 Govindarasu said. 鈥淚f it鈥檚 a blackout, how do we mitigate that? We can also prepare for these attacks and for our defenses.鈥
Industry, for example, could develop and test strategies for beating back repeated attacks.
鈥淭he biggest problem with malicious actors is their ability to keep hitting you,鈥 Jacobson said. 鈥淲ithout preparing for that, you have a hard time getting back online.鈥
The PowerCyber testbed is being developed with support from the National Science Foundation and the U.S. Department of Homeland Security. The U.S. Department of Energy is also supporting other Iowa State projects related to the cyber defense of the country鈥檚 power grid infrastructure.
So far, the testbed has been used in industry training and graduate courses. It has also been used as a resource for researchers in industry, at other universities and at national laboratories.
鈥淭his is one testbed that we can customize for specific needs,鈥 Jacobson said. 鈥淚t operates on a wide continuum. It鈥檚 not seven testbeds for seven needs.鈥
One unique need for the testbed is the country鈥檚 first Cyber-Physical System Cyber Defense Competition next month at Iowa State. Using Iowa State鈥檚 virtual Internet technologies, teams of students and professionals will work to protect power and water systems from simulated cyber attacks during an eight-hour competition.
The end goal of all that researching, developing, training and educating?
鈥淎 future electric power grid that is secure and resilient,鈥 the Iowa State engineers wrote in a project summary. After all, 鈥淐ybersecurity and resiliency of the power grid is of paramount importance to national security and economic well-being.鈥
鈥 30 鈥
RSS