Attack and defend tools for remotely accessible control and protection equipment in electric power systems

摘要

The industry trend to increase the level of power system automation and remote accessibility, coupled with a dramatic increase in the number and sophistication of Internet and telephone based cyber attacks, is exposing the electric power industry to a growing risk of electronic intrusion. Furthermore, our electric power infrastructure is a potentially high-value target for individuals, organizations, and nations with anti-U.S. sentiments or political agendas. As a result, there is a very real and rapidly increasing probability that malicious individuals will attempt to gam remote access to your power control equipment in order to destabilize the power grid and/or destroy parts of your power system. Similar attacks have been launched against telecommunications companies and E-commerce sites for several years now. Fortunately, we can learn from their experiences. Many defensive techniques and practices have been used to reduce the chances of cyber attack and electronic intrusion, including password protection, audit logging, multi-tiered access levels, alarm conditions, remote authentication, redundant controllers, time-out communication parameters, virus protection, firewalls, encryption, and intrusion detection systems. However, to understand these defensive practices you first need to understand the offensive techniques that may be used to carry out a cyber attack or intrusion. In this paper, we describe the offensive techniques and capabilities of individuals (malicious and otherwise) so that you can counteract their actions with equally effective defensive measures. For each offensive procedure, we provide defensive tools and techniques that you can apply to your power system automation solutions. We note, however, that no system is ever 100 percent secure - only continued vigilance can ensure reliable operation of our electric power systems.