The power grid can go down for a number of reasons. But, the risk of malicious, human-caused shutdowns could become less likely thanks to work recently completed by Hailey-headquartered Power Engineers.
Power recently helped “bench test” a device known as the Constrained Cyber Communication Device, or C3D, against a series of remote access attempts indicative of a cyberattack during a demonstration at the Idaho National Laboratory’s (INL) Critical Infrastructure Test Range Complex near Idaho Falls.
“It worked perfectly,” said Jake Gentle, a senior power systems engineer for the Idaho National Laboratory. “This is an innovative approach. There is nothing like it. It was meant to fill a gap that the energy industry had recognized.”
During the test, the device alerted operators to abnormal commands and blocked them automatically, preventing the attacks from accessing and damaging critical power grid components. In other words, it functions like the lock on a very complex door, Gentle said.
“In a house, we can control the door lock with a deadbolt from inside or open it with key from outside,” Gentle said. “The C3D prevents the use of that external key. It is intended to be in use all the time, unless disabled for certain reasons, such as maintenance.”
INL teamed up with Power Engineers and Visgence, Inc., as well as academic researchers to develop the device. Power played an advisory role in testing it. Gentle said the C3D project was three years in planning and production.
Gentle said the U.S has been fortunate to avoid widespread malicious power grid disturbances, but other infrastructure has been shown to be vulnerable. The Colonial Pipeline, for example, shut down on May 7 due to a ransomware cyberattack that impacted computerized equipment managing the fuel pipeline in the Southeastern U.S.
“There could be a parallel power grid attack,” Gentle said. “It could begin with a ransomware attack, but the C3D would provide a last line of impenetrable defense against such an attack. It constrains communication from an outside source to an electrical relay, which controls a breaker.”
According to a press release from Power Engineers, relays are critical to the nation’s power grid and are designed to rapidly command breakers to turn off the flow of electricity when a disturbance is detected.
“For instance, relays can prevent expensive equipment from being damaged when a power line fails because of a severe storm,” The press release states. “Relays are not traditionally designed to block the speed and stealth of a cyberattack, which can send wild commands to grid equipment in milliseconds. Stopping this kind of attack requires intelligent and automatic filtering technology.”
Before moving the C3D to its test range complex, INL tested the technology at Power Engineer’s lab in Boise in a prototype “hardware-in-the-loop” environment separate from the actual power grid to ensure that the solution worked across multiple equipment types and vendors.
“This bench scale testing was the first step in determining if the technology could achieve the desired result of increased resilience across a diverse technology and equipment set,” it states.
The development of the device was funded by the U.S. Department of Energy’s Office of Electricity under the Protective Relay Permission Communication Project. The technology and an associated software package will undergo further testing before being made available for licensing to private industry.
Gentle said INL would eventually license the technology to industry partners, consultants, and service providers. The next step for the device is to have it tested on a section of the power grid within the Western Area Power Administration.
“It’s still in prototype phase, he said, “but we are in discussion with potential licensees.”