Assessment of Low-Budget Targeted Cyberattacks Against Power Systems

Xiao Rui Liu, Anastasis Keliris, Charalambos Konstantinou, Marios Sazos, Michail Maniatakos

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Scopus citations

Abstract

The security and well-being of societies and economies are tied to the reliable and resilient operation of power systems. In the next decades, power systems are expected to become more heavily loaded and operate closer to their stability limits and operating constraints. On top of that, in recent years, cyberattacks against computing systems and networks integrated in the power grid infrastructure are a real and growing threat. Such actions, especially in industrial environments such as power systems, are generally deemed feasible only by resource-wealthy nation state actors. This chapter challenges this perception and presents a methodology, named Open Source Exploitation (OSEXP), which utilizes information from public infrastructure to assess an advanced attack vector on power systems. The attack targets Phasor Measurement Units (PMUs) which depend on Global Positioning System (GPS) signals to provide time-stamped circuit quantities of power lines. Specifically, we present a GPS time spoofing attack using low-cost commercial devices and open source software. The necessary information for the instantiation of the OSEXP attack is extracted by developing a test case model of the power system in a digital real-time simulator (DRTS). DRTS is also employed to evaluate the effectiveness and impact of the developed OSEXP attack methodology. The presented targeted attack demonstrates that an actor with limited budget has the ability to cause significant disruption to a nation.
Original languageEnglish (US)
Title of host publicationIFIP Advances in Information and Communication Technology
PublisherSpringer New York LLCbarbara.b.bertram@gsk.com
Pages232-256
Number of pages25
ISBN (Print)9783030234249
DOIs
StatePublished - Jan 1 2019
Externally publishedYes

ASJC Scopus subject areas

  • Information Systems and Management

Fingerprint

Dive into the research topics of 'Assessment of Low-Budget Targeted Cyberattacks Against Power Systems'. Together they form a unique fingerprint.

Cite this