Skip to main content

New technology shows promise in detecting, blocking grid cyberattacks

INL News Release
FOR IMMEDIATE RELEASE
July 20, 2021

NEWS MEDIA CONTACTS:

Ethan Huffman, 208-716-4594, ethan.huffman@inl.gov

Sarah Neumann, 208-526-0490, sarah.neumann@inl.gov              

Editor's note: Photos are available for download at this link. Captions are below.

New technology shows promise in detecting, blocking grid cyberattacks

Researchers from Idaho National Laboratory and New Mexico-based Visgence Inc. have designed and demonstrated a technology that can block cyberattacks from impacting the nation’s electric power grid.

During a recent live demonstration at INL’s Critical Infrastructure Test Range Complex, the Constrained Cyber Communication Device (C3D) was tested against a series of remote access attempts indicative of a cyberattack. The device alerted operators to the abnormal commands and blocked them automatically, preventing the attacks from accessing and damaging critical power grid components.

“Protecting our critical infrastructure from foreign adversaries is a key component in the department’s national security posture,” said Patricia Hoffman, acting assistant secretary for the U.S. Department of Energy. “It’s accomplishments like this that expand our efforts to strengthen our electric system against threats while mitigating vulnerabilities. Leveraging the capabilities of Idaho National Laboratory and the other national laboratories will accelerate the modernization of our grid hardware, protecting us from cyberattacks.”

The C3D device uses advanced communication capabilities to autonomously review and filter commands being sent to protective relay devices. Relays are the heart and soul of the nation’s power grid and are designed to rapidly command breakers to turn off the flow of electricity when a disturbance is detected. For instance, relays can prevent expensive equipment from being damaged when a power line fails because of a severe storm.

However, relays are not traditionally designed to block the speed and stealthiness of a cyberattack, which can send wild commands to grid equipment in milliseconds. To prevent this kind of attack, an intelligent and automatic filtering technology is needed.

“As cyberattacks against the nation’s critical infrastructure have grown more sophisticated, there is a need for a device to provide a last line of defense against threats,” said INL program manager Jake Gentle. “The C3D device sits deep inside a utility’s network, monitoring and blocking cyberattacks before they impact relay operations.”

To test the technology’s effectiveness, researchers spent nearly a year collaborating with industry experts, including longtime partners from Power Engineers, an international engineering and environmental consulting firm. INL and the Department of Energy also established an industry advisory board consisting of power grid and cybersecurity experts from across the federal government, private industry and academia.

After thoroughly assessing industry needs and analyzing the makeup of modern cyber threats, researchers designed an electronic device that could be wired into a protective relay’s communication network. Then they constructed a 36-foot mobile substation and connected it to INL’s full-scale electric power grid test bed to establish an at-scale power grid environment.

With the entire system online, researchers sent a sudden power spike command to the substation relays and monitored the effects from a nearby command center. Instantly, the C3D device blocked the command and prevented the attack from damaging the larger grid.

The development of the device was funded by DOE’s Office of Electricity under the Protective Relay Permission Communication project. The technology and an associated software package will undergo further testing over the next several months before being made available for licensing to private industry. 

Click here to watch a video on this technology.

About INL:

INL is a U.S. Department of Energy (DOE) national laboratory that performs work in each of DOE’s strategic goal areas: energy, national security, science and environment. INL is the nation’s center for nuclear energy research and development. Day-to-day management and operation of the laboratory is the responsibility of Battelle Energy Alliance.

See more INL news at www.inl.gov. Follow us on social media: Twitter, Facebook, Instagram and LinkedIn.

—INL-21-029—

Photo captions:

P-10761-27 – To demonstrate the ability of the Constrained Cyber Communication device to block a cyberattack on the power grid, researchers constructed a 36-foot long mobile substation and connected it to INL’s full-scale Power Grid Test Bed.

P-10761-39 – The Constrained Cyber Communication device connected to a protective relay prior to the demonstration.

P-10761-84 – Idaho National Laboratory project manager Jake Gentle stands next to the mobile substation constructed to demonstrate the capabilities of the Constrained Cyber Communication device.

P-10767-2 – A picture of the Constrained Cyber Communication device (top) next to a power grid protective relay and a laptop running monitoring software.

P-10767-4 – Several members of the research team responsible for designing and testing the Constrained Cyber Communication device stand next to their invention.

P-10768-04 – The project demonstration site for the Constrained Cyber Communication device.

Back to top