DARPA program brings new tech to bear for electric grid restoration after cyberattacks
Recognizing the threat that cyberattacks pose to critical modern infrastructure such as the electric grid, the Defense Advanced Research Projects Agency (DARPA) RADICS program has set about developing technologies to rapidly recover from such attacks and provide a testbed for program evaluations.
The RADICS program, or Rapid Attack Detection, Isolation and Characterization Systems, was first created in 2016. Since then, its goal has been to make it possible to restore power to an electric substation or part of the grid that has experienced full or partial shutdowns without relying on external power transmission networks to get things back online – a so-called black start recovery.
“Cyberattacks on the grid can essentially do two things – make the grid not tell you the truth, and make the grid operate in an unexpected way,” Walter Weiss, the program manager responsible for RADICS, said. “For example, the grid could show you that a substation has power when in reality it does not. This could unintentionally prevent power restoration to an entire area since no one thinks there is a need to bring power back online. The technologies developed under RADICS help provide ground truth around grid status, giving responders the ability to quickly detect anomalies and then chart a path towards recovery.”
Thanks to RADICS, new technologies are available that can provide more accurate and timely information about grids for grid operators before, during, and after attacks. This allows them to move quickly to halt damage to physical infrastructure. New technology also allows for the isolation of emergency networks for the protection of responder coordination and communications. At the same time, new countermeasures allow the automatic mapping and assessment of the state and configuration of electrical power networks, as well as the detection and identification of malware in the power grid, allowing disruption of attacks.
All of the technology was examined through the program’s custom-built testbed, allowing researchers to replicate real world conditions faced by utilities and first responders. It consists of miniaturized substations designed to operate as their real world counterparts do, but with added safeguards. A distributed computer network also allowed researchers to pursue data collection, dynamic reconfiguration, and adaptation of the environment.
In partnership with utilities and the Department of Homeland Security, a series of exercises were conducted that helped develop the technologies to where they are today.
“There was significant participation from our energy sector partners over the two year partnership between DOE CESER and DARPA, resulting in a total of 12 private sector entities sending teams of cyber and power professionals to take part in the exercise and assist DARPA in developing and refining tools” said Michael Toecker, Senior Cybersecurity Advisor in DOE’s Office of Cybersecurity, Energy Security, and Emergency Response (CESER). “The partnership was equally valuable to our energy sector partners, who had the opportunity to observe and respond to simulated attacks in a consequence-free environment not unlike their own electric power environments.”
Given that some 330 million Americans rely on critical infrastructure for power, such technologies and data could prove invaluable, particularly as hackers only grow more creative with time.
