Grid securityRapidly Restoring the Electrical Grid after Cyberattack
Some 330 million Americans rely on the nation’s critical infrastructure to keep the country humming. Disruptions to electrical grids, communications systems, and supply chains can be catastrophic, yet all of these are vulnerable to cyberattack. RADICS program delivers novel technologies, custom testbed, and evaluation exercises to enable utilities and first responders to quickly restore critical infrastructure amidst a cyberattack.
Some 330 million Americans rely on the nation’s critical infrastructure to keep the country humming. Disruptions to electrical grids, communications systems, and supply chains can be catastrophic, yet all of these are vulnerable to cyberattack. According to the government’s 2019 World Wide Threats Hearing, certain adversaries are capable of launching cyberattacks that can disrupt the nation’s critical infrastructure – including electrical distribution networks.
In recognition of the disruptions cyberattacks can cause, DARPA in 2016 established the Rapid Attack Detection, Isolation and Characterization Systems (RADICS) program. The goal of RADICS has been to enable black-start recovery during a cyberattack. Black start is the process of restoring power to an electric substation or part of the grid that has experienced a total or partial shutdown without relying on an external power transmission network to get things back online. Researchers in the program have spent the past four years developing tools and technologies that cybersecurity personnel, utilities, and first responders could use to understand and characterize an attack, isolate networks during remediation, and ultimately accelerate the restoration of power to the part of the grid that has been affected. The idea is that, if the U.S. can handle the worst case scenario, it will be well positioned to handle other attacks.
“Cyberattacks on the grid can essentially do two things – make the grid not tell you the truth, and make the grid operate in an unexpected way,” said Walter Weiss, the program manager responsible for RADICS. “For example, the grid could show you that a substation has power when in reality it does not. This could unintentionally prevent power restoration to an entire area since no one thinks there is a need to bring power back online. The technologies developed under RADICS help provide ground truth around grid status, giving responders the ability to quickly detect anomalies and then chart a path towards recovery.”
Delivering a Greater Grid
RADICS researchers developed technologies that deliver enhanced situational awareness to grid operators by providing accurate and timely information about grid state before, during, and after an attack. With this improved awareness, operators are better able to thwart an attack or blunt its effects before it can cause significant damage to any physical infrastructure. To prevent an adversary from continuing attacks on a compromised network during recovery efforts, researchers also developed technologies that isolate emergency networks, allowing for secure responder coordination and communication.
In addition to improving situational awareness, RADICS
