This post is also available in: heעברית (Hebrew)

The smart power grid digitizes energy network delivering electricity in an optimal way, from source to consumer. This aspect embedded in the smart city model is achieved by integrating information, telecommunication and power technologies with the existing electricity system. New sensing technologies and software applications allow for real-time monitoring of the grid, so utility companies can pre-emptively reroute, generate, inject or even store power to avoid outages.

However, the interconnectedness of the smart grid with the Internet of Things creates new vulnerabilities that require cyber resilience strategies. It exposes the grid to synchronization cyber attacks, thus putting at risk critical infrastructure security.

Ideally, the smart grid should be self-healing from disturbances, operating resiliently against physical and cyberattacks. That necessitates more security. 

New research offers an innovative approach to the prevention, detection and mitigation of cyberattacks. It was conducted by Bassam Moussa, the Security Research Centre in the Gina Cody School of Engineering and Computer Science, Concordia University in Canada.

The research assessed the security of one of the essential building blocks of the smart grid’s functionality — namely, time synchronization mechanisms. Timestamping facilitates the grid’s monitoring, protection and control on a wide scale. 

“We focused on the standardized IEC 61850 substation, another basic block of the smart grid, along with the Precision Time Protocol (PTP) mechanism used to distribute the time signal over the substation’s local area network.”

The research was conducted using a smart grid testbed made of real hardware from the field, according to concordia.ca. “We managed to manipulate the timestamp for one of those measurements coming from one source, so those measurements became malicious,” says the researcher. “By manipulating the timestamp, we ‘poisoned’ the collector so that it drops measurements collected from benign devices and instead gets data from malicious sources.”

Once it was determined that the PTP protocol suffers from vulnerabilities, the researcher proposed solutions. “I formally defined those solutions to secure this protocol against some synchronization cyberattacks that are crafted for this specific protocol, such as fake timestamps injected through a compromised component and a delay attack, where a PTP packet is captured and held for microseconds, then released, to destabilize the synchronization.”

Undoubtedly, as critical infrastructures are becoming part of the IoT network, it is essential to find for them advanced cyberseucrity solutions to grant the continuity of their operations.