Transcript Presentation - CURENT Education

Vulnerability Assessment of Phasor Networks
Terryl Dodson & Madeline Phillips
Project Presentation
Monday, July 18th
University of Tennessee
Acknowledgements
This work was supported primarily by the ERC Program of the
National Science Foundation and DOE under NSF Award Number
EEC-1041877.
Other US government and industrial sponsors of CURENT
research are also gratefully acknowledged.
2
Introduction
• “Phasor Networks” are the energy grid’s method of
transporting crucial information regarding its operation.
• Phasor Measurement Units (PMU’s) collect data from the
grid and send it to Phasor Data Concentrators (PDC’s).
• Unfortunately, the connection between the PMU’s and
PDC’s is entirely unprotected, leaving the devices and
their information completely vulnerable to cyber-attack.
5-3
Objective
• The objective of our project is first to prove the
vulnerability of phasor networks and second suggest
methods to secure the network.
• To prove its vulnerability, we will simulate a phasor
network, then both intercept the data sent within it and
disable the PMU using captured commands.
• To suggest methods to secure the network, we will
analyze the method of our attack and determine the best
way to counter it.
5-4
Literature Review
• We used Lynda.com to watch videos relating to the topics
we would need to understand to complete our project
• Once this was completed, we started using Google for
outside sources to gain additional knowledge
5-5
Weekly Summary
• First week (June 27th – July 1st) – The very first week, we
were introduced to the Python programming language and
watched educational videos to establish a basic
understanding of networking
• Second week (July 4th – July 8th) – The next week, we
continued watching networking videos and set up the
simulated phasor network to be attacked.
• Third week (July 11th – July 15th) – During the third week, we
started to intercept and manipulate the data being transferred
from the PMU to the PDC using a software called Scapy.
5-6
Results
• Using Scapy and Wireshark, we were able to capture the
PDC’s command signals to the PMU.
5-7
Results
• Although we don’t fully understand the command spoofing
program, we were able to intercept all the traffic in the
network and get all the MAC address/IP pairs.
• This could allow us to independently control the PMU’s
functions.
• However, to re-send the commands to the PMU we
needed to re-calculate the verification information, which
is beyond us. Still, a more experienced programmer could
have handled the task easily.
5-8
Discussion
• As evidenced by our ability to capture the phasor network
commands, its unsecured attributes could pose a danger
to the energy grid.
• Not only can information be sabotaged in the form of
deletion and loss, it can also be falsified to provide
misleading results, possibly affecting vital research.
• Additionally, the PMU’s data transmission to the PDC
could be manipulated to conceal a failure in a section of
the energy grid.
5-9
Discussion
• A possible solution for strengthening the phasor network’s
security would be to encrypt the communications within
the network.
• This way, even though an attacker could still intercept
data and commands, they would be useless to him
without first being decrypted.
5-10
Conclusion
• Currently, the phasor network’s vulnerability poses a
danger to both the functionality of the energy grid and the
reliability of the data received from it.
• Steps should be taken to secure the network, one of
which could be the implementation of an digital signature
scheme, such as RSA.
5-11
Questions and Answers
12