Researchers have designed and demonstrated C3D, a technology that can block cyberattacks from impacting the national electricity grid in the US.
During a recent live demonstration at INL’s Critical Infrastructure Test Range Complex, the Constrained Cyber Communication Device (C3D) was tested against a series of remote access attempts indicative of a cyberattack. The device alerted operators to the abnormal commands and blocked them automatically, preventing the attacks from accessing and damaging critical power grid components.
“Protecting our critical infrastructure from foreign adversaries is a key component in the department’s national security posture,” said Patricia Hoffman, acting assistant secretary for the US Department of Energy. “It’s accomplishments like this that expand our efforts to strengthen our electric system against threats while mitigating vulnerabilities.”
The C3D device was designed and demonstrated by a team from Idaho National Laboratory and New Mexico-based Visgence Inc. C3D uses advanced communication capabilities to autonomously review and filter commands being sent to relay devices, which are designed to rapidly command breakers to turn off the flow of electricity when a disturbance is detected. Relays are not, however, designed to block the speed and stealth of a cyberattack.
“As cyberattacks against the nation’s critical infrastructure have grown more sophisticated, there is a need for a device to provide a last line of defence against threats,” INL program manager Jake Gentle said in a statement. “The C3D device sits deep inside a utility’s network, monitoring and blocking cyberattacks before they impact relay operations.”
To test the technology’s effectiveness, researchers are said to have spent nearly a year collaborating with industry experts, including Power Engineers, an international engineering and environmental consulting firm. INL and the US Department of Energy also established an industry advisory board consisting of power grid and cybersecurity experts from across the federal government, private industry and academia.
After assessing industry needs and analysing modern cyber threats, researchers designed an electronic device that could be wired into a protective relay’s communication network. Then they constructed a 36-foot mobile substation and connected it to INL’s full-scale electric power grid test bed to establish an at-scale power grid environment.
With the entire system online, researchers sent a sudden power spike command to the substation relays and monitored the effects from a nearby command centre. The C3D device instantly blocked the command and prevented the attack from damaging the larger grid.
The development of the device was funded by the US Department of Energy’s Office of Electricity under the Protective Relay Permission Communication project. The technology and an associated software package will undergo further testing before being made available for licensing to private industry.