Effort Name:
Supporting Cyber Security of Power Distribution Systems by Detecting Differences Between Real-time Micro-Synchrophasor Measurements and Cyber-Reported SCADA
Lead Organization:

Lawrence Berkeley National Laboratory

Lawrence Berkeley National Laboratory (LBNL) is a member of the national laboratory system supported by the U.S. Department of Energy (DOE) through its Office of Science (SC). It is managed by the University of California (UC) and is charged with conducting unclassified research across a wide range of scientific disciplines. Berkeley Lab's Computing Sciences organization researches, develops, and deploys new tools and technologies to meet these needs and to advance research in such areas as global climate change, new energy sources, increased energy efficiency, new materials, biology and astrophysics. Computing Sciences carries out its mission by operating two national user facilities — NERSC and ESnet — and by conducting applied research and development in computer science, computational science, and applied mathematics — the three essential elements of computational modeling and simulation.
Contacts:
Primary Contact

Sean Peisert


Effort Start Date:
10/1/2014
Funding Source:

Lawrence Berkeley National Laboratory

Lawrence Berkeley National Laboratory (LBNL) is a member of the national laboratory system supported by the U.S. Department of Energy (DOE) through its Office of Science (SC). It is managed by the University of California (UC) and is charged with conducting unclassified research across a wide range of scientific disciplines. Berkeley Lab's Computing Sciences organization researches, develops, and deploys new tools and technologies to meet these needs and to advance research in such areas as global climate change, new energy sources, increased energy efficiency, new materials, biology and astrophysics. Computing Sciences carries out its mission by operating two national user facilities — NERSC and ESnet — and by conducting applied research and development in computer science, computational science, and applied mathematics — the three essential elements of computational modeling and simulation.
Funding To Date:
$500-$1M
Technology Readiness:
(Only for R&D)
Prototype Development
50%
Effort Description:
Traditional IT security techniques tend to leave a gap in safety and protection when applied to cyber-physical devices because they do not consider physical information known about the cyber-physical device they are protecting.  The goal of this project is to design and implement a measurement network, which can detect and report the resultant impact of cyber security attacks on the distribution system network. To do this, this project uses micro phasor measurement units to capture information about the physical state of the power distribution grid and combines this with SCADA command monitoring in real time. The project will build models of safe and unsafe states of the distribution grid so that certain classes cyber attacks can potentially be detected by their physical effects on the power distribution grid alone. The result will be a system that provides an independent, integrated picture of the distribution grid's physical state, which will be difficult for a cyber-attacker to subvert using data-spoofing techniques.

Web sites:


​​
Results/Deliverables:
This effort is designing and implementing systems to monitor the physical state of the power distribution grid and SCADA commands in real time. It is also building models of safe and unsafe states of the distribution grid so that certain classes cyber attacks can potentially be detected by their physical effects on the power distribution grid alone. 

Key deliverables include:

  • Document providing table of identifiable substation cyber attack scenarios and their potential for detection using uPMU data techniques
  • Requirement Documentation used to validate distribution models and simulation attack signatures as part of the go/no-go decision point
  • Report on analysis algorithm design and selection – including discussion of planned attack notification mechanisms
  • Report of µPMU placement selections at LBNL and the first utility– including discussion of alternative instrumentation placement sites and criteria used for selection
  • Report on pilot site deployments
Participating Organizations:

Arizona State University

Arizona State University (ASU) is a top-ranked research university in the greater Phoenix metropolitan area. CREDC researchers are affiliated with the ASU Global Security Initiative (GSI), a university-wide interdisciplinary hub for global security research that focuses on openness, inclusiveness and connections to the global defense, development and diplomacy communities. The initiative addresses emerging global challenges characterized by complex interdependencies and conflicting objectives, where there may not be obvious solutions.

Electric Power Research Institute (EPRI)

The Electric Power Research Institute, Inc. (EPRI) conducts research and development relating to the generation, delivery and use of electricity for the benefit of the public. An independent, nonprofit organization, EPRI brings together its scientists and engineers as well as experts from academia and industry to help address challenges in electricity, including reliability, efficiency, health, safety and the environment. EPRI's members represent approximately 90 percent of the electricity generated and delivered in the United States, and international participation extends to more than 30 countries.

EnerNex

EnerNex is an electric power engineering and consulting firm specializing in the development and application of new electric power technologies. We understand the big picture and all of the elements of electric power engineering and how they fit together. We have a passion for developing solutions to the challenges facing the electric power industry.

Power Systems Lab

Project Mapped To:
2. Assess and Monitor Risk
2.3 Tools for real-time security state monitoring and risk assessment of all energy delivery system architecture levels and across cyber-physical domains commercially available
4. Manage Incidents
4.2 Tools to support and implement cyber attack response decision making for the human operator commercially available
Related Documents:
12/2016
838.7 KB
Presentation by LBNL for the 2016 Cybersecurity for Energy Delivery Systems