GPS World

Tag: power grid

  • Percepto drones to inspect Florida Power & Light facilities

    Percepto drones to inspect Florida Power & Light facilities

    Image: Percepto
    Image: Percepto

    Florida Power & Light to deploy 13 autonomous drones, with plans for hundreds more in coming years to monitor statewide power grid

    UAV company Percepto will deploy autonomous drones to monitor Florida power substations and distribution grids across the state.

    Florida Power & Light (FPL) will deploy drone-in-a-box technology statewide, which Percepto claims is the largest commercial autonomous drone project in the world.

    Image: Florida Public Service Commission
    FPL serves the northeast and southern half of Florida. (Image: Florida Public Service Commission)

    Serving more than 11 million people in Florida, FPL uses Percepto’s Autonomous Inspection and Monitoring (AIM) solution powered by drones to perform routine infrastructure inspection and monitoring.

    In the first phase of the project, 13 drones will take flight in the West Palm Beach area this year, with long-term plans to field hundreds of Percepto over the next five years.

    The drone-in-a-box solution was the first to pass Level 5 hurricane testing at a wind speed of up to 155 mph, making it suitable for minimizing incident response times and power outages in Florida.

    Percepto has served FPL since 2018, working closely to develop optimized drone monitoring solutions and build consensus and compliance with Federal Aviation Administration (FAA) regulations. The FAA issued a nationwide waiver for FPL to fly Percepto drones for surveillance and inspection purposes at sites owned and serviced by FPL.

    As part of its ongoing work with the FAA, Percepto is a member of the Beyond Visual Line of Sight (BVLOS) Aviation Rulemaking Committee (ARC) that has provided its regulatory recommendations to fully incorporate highly automated BVLOS operations flights in the national airspace.

    The drones in operation across the state will be coordinated on a single platform through Percepto’s AIM solution. With Percepto AIM, drones can be operated remotely to ensure that they work together in sync, providing maximum coverage at the sites they monitor.

  • UrsaNav trials eLoran as GNSS backup with ADVA grandmaster clock

    UrsaNav trials eLoran as GNSS backup with ADVA grandmaster clock

    Successful eLoran field trial using ADVA’s OSA 5420 Series demonstrates same accuracy and stability as GPS with much-improved resilience

    UrsaNav and ADVA have conducted an enhanced long-range navigation (eLoran) field trial using UrsaNav’s eLoran receiver and ADVA’s Oscilloquartz grandmaster clock technology. The successful demonstration shows that eLoran offers a robust and reliable backup for GPS and other GNSS, and could be used to provide an assured position, navigation and timing (PNT) service.

    The trial follows U.S. PNT Executive Order 13905 aimed at strengthening national resilience through PNT services, including protecting critical infrastructure such as electrical power grid and communication networks from rising cyber threats. By harnessing ADVA’s flexible OSA 5420 series, designed with assured PNT (A-PNT) technology, UrsaNav has shown that eLoran can provide a new layer of protection and significantly boost timing resilience and security.

    “The success of this field trial demonstrates how eLoran, as part of ADVA’s assured PNT solution, can serve as a crucial backup for GPS,” said Charles Schue, CEO, UrsaNav. “We have shown how our technology enables ADVA’s grandmaster clock to receive UTC timing from the eLoran system for a period of several days with the same accuracy and stability as GPS. Of course, this capability is extensible to other GNSS as well. eLoran is far less vulnerable to unintentional jamming and spoofing disruptions or intentional attacks, thereby delivering nanosecond precision with even more resilience.”

    “By partnering with ADVA, we’ve been able to show that our eLoran receiver interoperates with the best network timing toolkit available,” Schue said. “The OSA 5420 Series is a great product — highly efficient and easy to operate. Together with ADVA, we’re paving the way for tomorrow’s more robust assured PNT synchronization architecture. Now that UrsaNav has demonstrated the power of our OSA 5420 Series to utilize eLoran in the event of outages, we have another very important tool to ensure the quality and availability of time-sensitive services.”

    UrsaNav’s latest trial used the OSA 5420 series grandmaster clock with built-in GNSS receiver. Timing stability from GPS was measured for several days. This was then replaced with eLoran for the same period with no loss of stability.

    The test was conducted indoors where GNSS signals are not usually available, potentially extending the availability of precise UTC timing to many more environments.

    “Commercially available GNSS jammers and spoofers are easy and cheap for attackers to acquire,” explained Nir Laufer, VP, product line management, Oscilloquartz, ADVA. “That’s part of the reason why we’re seeing a growing number of incidents across the world of blocked or misleading signals. If power utilities, enterprises, service providers and governments continue to rely on GNSS alone, it’s only a matter of time before the consequences become very serious. That’s why we’re committed to tackling GNSS vulnerabilities with advanced technologies like our ePRTC offering, cesium atomic clocks and our optical timing channel solution. Now that UrsaNav has demonstrated the power of our OSA 5420 series to utilize eLoran in the event of outages, we have another very important tool to ensure the quality and availability of time-sensitive services.”

    A demo showed how ADVA’s synchronization technology enables protection for critical infrastructure that needs ultra-reliable aPNT solutions. (Photo: Business Wire)
    The demo showed how ADVA’s synchronization technology enables protection for critical infrastructure that needs ultra-reliable aPNT solutions. (Photo: Business Wire)
  • A day without satellites would affect us all

    A day without satellites would affect us all

    A solar flare in 2015. (Photo: Photo: Solar Dynamics Observatory, NASA)
    A solar flare in 2015. (Photo: Photo: Solar Dynamics Observatory, NASA)

    You wake up and turn on the TV. Your usual shows aren’t airing. You flip on the radio and learn that the Paris and Tokyo stock markets have closed. Back on TV, CNN is trying to use Skype in an attempt to cover what’s happening around the world following a solar superstorm.

    In a U.S. bunker, the military has lost contact with armed drones flying over hostile areas in the Middle East. Loss of global communication satellites makes it difficult to send commands and surveillance data to soldiers, ships and aircraft, rendering them vulnerable to attack.

    Throughout the day, more challenges arise. First responders don’t have access to their location systems. Delays in ground and air traffic begin to develop. Systems that depend on GPS time stamps — ATMs, power grids, computer-data and cell-phone networks — begin to fail, and the cloud becomes unstable. The internet soon collapses.

    These events take place just a few hours into “A Day Without Satellites” as presented by Pål Brekke, solar physicist and senior advisor at the Norwegian Space Agency. Brekke spoke at the plenary session of ION GNSS+ on Sept. 17 in Miami.

    Brekke reviewed the Carrington Event of September 1859, the first documented solar superstorm. In that event, a solar coronal mass ejection (CME) hit Earth’s magnetosphere, and its effects were observed and recorded by British astronomers. The storm wrought havoc with telegraph systems.

    Today, a solar storm of this magnitude would cause widespread disruptions, blackouts and damage from extended outages of the power grid, communications networks, and of course, GNSS. The solar storm of 2012 was probably as big, but we were lucky — Earth wasn’t in the ejection path.

    Without more data, it’s difficult to predict how often such superstorms take place, but it’s a sure bet that the scenario Brekke presented will happen eventually. To prepare, agencies around the world are studying and planning for the phenomenon, including the United Nations Office for Outer Space Affairs (COPUOS), the World Meteorological Organization (WMO) and the International Civil Aviation Organization (ICAO). Space and emergency agencies in the U.S, European countries and other countries are also developing plans.

    Good to hear in the face of a threat that would undoubtedly affect us all.

  • MMC strings mountain power lines using UAVs

    MMC strings mountain power lines using UAVs

    MMC-power-line-stringing-WOn March 15, drone-maker MMC strung power lines across the Ragged Mountain in Thailand using its Spider drone and specialized wire-pulling tools.

    The project was carried out for EGAT (Electricity Generating Authority of Thailand) and served as a transnational demonstration for MMC. By cooperating with MMC, EGAT hopes to use professional drones to string more lines helps the nation in its quest for 100 percent electrification in Thailand.

    In recent years, the Thai government has increased the investment in the development of power projects to meet the requirement of its rapid economic growth. The traditional method of stringing power lines using human labor doesn’t fit with the green economy and humanism, wasting time, human resources and sacrificing the environment, EGAT said.

    Learn more about the project here.

  • Raytheon, DARPA developing tech to protect power grid against cyber attack

    The Pentagon’s Defense Advanced Research Projects Agency, better known as DARPA, has awarded Raytheon multiple contracts to research and develop technologies that will detect and respond to cyber attacks on the U.S. power grid infrastructure.

    The contracts, which total $9 million, were awarded under DARPA’s Rapid Attack Detection, Isolation and Characterization Systems program.

    “During the last two decades, industrial control systems have evolved so that most are now connected to the Internet, making them vulnerable to cyber attack,” said Jason Redi, vice president for the Raytheon BBN Technologies Networking and Communications unit. “A significant power disruption would have profound economic and human costs in the U.S, so our goals are to prevent attacks and to reduce the time required to restore power after an attack.”

    Raytheon BBN will create technologies to enhance situational awareness by providing early warning of an impending attack and detecting adversary spoofing of power grid data collection and communication. These technologies will also maintain situational awareness in the immediate aftermath of an attack.

    The company will also examine methods to maintain secure emergency communication networks in the aftermath of an attack. Raytheon BBN’s approach seeks to isolate affected organizations from the internet and establish a secure emergency network to coordinate power restoration without depending on external networks.

    Raytheon BBN Technologies is a wholly owned subsidiary of Raytheon Company.

  • Going Up Against Time: The Power Grid’s Vulnerability to GPS Spoofing Attacks

    By Daniel P. Shepard, Todd E. Humphreys, and Aaron A. Fansler

    Spoofing tests against phasor measurement units demonstrate their vulnerability to attack. A generator trip in an automatic control scheme could be falsely activated by the GPS spoofing, possibly leading to cascading faults and a large-scale power blackout.

     

    As electric power grids continue to expand throughout the world and as transmission lines are pushed to their operating limits, the dynamic operation of the power system has become a serious concern and increasingly difficult to accurately model. More effective real-time system control is now seen as key to preventing wide-scale cascading outages like the 2003 Northeast Blackout.

    For years, electric power control centers have estimated the state of the power system (the positive sequence voltage magnitude and phase angle at each network node) from measurements of power flows. But for improved accuracy in the so-called power system state estimates, it will be necessary to feed existing estimators with a richer measurement ensemble or to measure the grid state directly.

    Alternating current (AC) quantities have been analyzed for over 100 years using a construct developed by Charles Proteus Steinmetz in 1893, known as a phasor. In power systems, the phasor construct has commonly been used for analyzing AC quantities, assuming a constant frequency. A relatively new synchronization technique which allows referencing measured current or voltage phasors to absolute time has been developed and is currently being implemented throughout the world. The measurements produced by this technique are known as synchronized phasor measurements or synchrophasors.

    Synchrophasors provide a real-time snapshot of current and voltage amplitudes and phases across a power system, and so can give a complete picture of the state of a power system at any instant in time.  This makes synchrophasors useful for control, measurement, and analysis of the power system.

    A device used to measure synchrophasors is called a phasor measurement unit (PMU). In a typical deployment, PMUs are integrated in protective relays and are sampled from widely dispersed locations in the power system network. They are synchronized with respect to the common time source of a GPS clock. PMUs basically measure AC voltage (or current) and absolute phase angles at selected locations in an electric transmission or distribution system.

    GPS Spoofing

    GPS spoofing is the act of producing a falsified version of the GPS signal with the goal of taking control of a GPS receiver’s position-velocity-time (PVT) solution. This is most effectively accomplished when the spoofer has knowledge of the GPS signal as seen by the target receiver so that the spoofer can produce a matched, falsified version of the signal. In the case of military signals, this type of attack is nearly impossible because the military signal is encrypted and therefore unpredictable. On the other hand, the civil GPS signal is publicly-known and readily predictable.

    In recent years, civil GPS spoofing is becoming recognized as a serious threat to many critical infrastructure applications which rely heavily on the publicly-known civil GPS signal. A number of promising methods are currently being developed to defend against civil GPS spoofing attacks, but it will still take a number of years before these technologies mature and are implemented on a wide scale. Currently, there is a complete absence of any off-the-shelf defense against a GPS spoofing attack.

    See “Generation, Transmission” sidebar at the end of this article for background on the following tests.

    The Tests. The minimum threshold for success was to show that a GPS spoofer could force a PMU to violate the IEEE C37.118 Standard “Synchrophasors for Power Systems,” which defines accuracy as a vectorial difference between the measured and expected value of the phasor for the measurement at a given instant of time, called the total vector error (TVE).  TVE blends three possible sources of error: magnitude, phase angle, and timing. An error in timing appears identical to an error in phase angle. Without timing and magnitude errors, a phase angle error of 0.573o corresponds to a 1 percent TVE, the maximum allowable by the IEEE C37.118 Standard. This phase angle error could be equivalently and indistinguishably caused by a timing error of 26.5 µs, which was chosen as the threshold for success in the spoofing tests.

    The Spoofer

    The civil GPS spoofer used for these tests is an advanced version of the spoofer reported in “Assessing the Spoofing Threat,” GPS World, January 2009. A block diagram of the spoofer is shown in Figure 1. It is the same spoofer used in the tests described in “Drone Hack” in this issue of the magazine, and a detailed description is given in that article.

    The spoofer can carry out a sophisticated spoofing attack in which no obvious clues remain to suggest that an attack is underway. The University of Texas spoofer and attack strategy have been tested against a wide variety of GPS receivers and has always been successful in commandeering the target receiver.

    Figure 1. Block diagram of the University of Texas spoofer used to attack the phasor unit.
    Figure 1. Block diagram of the University of Texas spoofer used to attack the phasor unit.
    Test Setup

    Figure 2 shows a schematic of the setup used for the open-air tests. The signals received at the roof were routed into the spoofer for use in producing the counterfeit signals and into the RF shielded tent for rebroadcasting. The counterfeit signals were also routed into the tent for broadcasting. In addition to the antennas broadcasting the authentic and counterfeit signals, a third antenna was setup inside the tent to receive the combination of authentic and spoofed signals. This setup is representative of an actual attack scenario where the malefactor does not have physical access to the victim receiver’s antenna input but rather broadcasts the spoofed signals over-the-air. For cable-only tests, the entire setup inside the tent was replaced with a signal combiner that summed the authentic and spoofed signals.

    Figure 2. Schematic of the test setup.
    Figure 2. Schematic of the test setup.

    The combined authentic and spoofed signals were fed to the victim GPS time reference receiver. The output timing signal from the victim receiver was used as the synchronization reference for one PMU, whereas a second PMU was given timing from a separate GPS time reference receiver that was tracking only authentic GPS signals. Since the PMUs were in the same room and measured the local voltage and carrier phasors, both PMUs would report roughly the same phasor measurements under normal circumstances. Thus, any significant differences in the phase angle measurements between the two PMUs could be attributed to the effects of spoofing.

    Test Results

    Both the cable-only and the over-the-air spoofing attacks were successful in leading the PMU phase measurements off from the truth. Figure 3 shows the measured phase angle difference between the reference PMU, which was fed the true GPS signal, and the spoofed PMU throughout one entire test. This value would normally be less than a few degrees in the absence of spoofing, since the two PMUs are co-located. After the initial ten minute capture-and-carry-off, which proceeds slowly to avoid detection, the spoofer accelerates its carry-off and the reference and spoofed phase angles quickly diverge.

    Figure 2. Schematic of the test setup.
    Figure 3. A plot of the phase angle difference between the reference and the spoofed PMUs. Normally the phase angle difference would be nearly zero in the absence of a spoofing attack. Point 1 marks the start of the test. Point 2 marks the point at which the spoofer has completely captured the victim receiver. Point 3 marks the point at which the IEEE C37.118 Standard has been broken. Point 4 marks the point at which the spoofer-induced velocity has reached its maximum value for the test. Point 5 marks the point at which the spoofed signal was removed.

    Figure 4 shows pictures of an oscilloscope and the Synchrowave screen at the start of the test. The oscilloscope shows two pulse-per-second (PPS) signals, with the upper yellow pulse coming from a reference clock being fed true GPS and the lower blue pulse coming from the spoofed timing receiver. Both PPS signals are initially aligned with each other. The Synchrowave screen displays the PMU phase angle data in real-time as phasors with the nominal 60 Hz operating frequency subtracted from the phase angle. The red and green phasors show the phase data from the reference and spoofed PMUs respectively. These phasors are within a few degrees of each other at the beginning of the test.

    Figure 4. Oscilloscope (left) and Synchrowave (right) screen at the start of the test, which is marked as point 1 in Figure 3.
    Figure 4. Oscilloscope (left) and Synchrowave (right) screen at the start of the test, which is marked as point 1 in Figure 3.

    Figure 5 shows pictures of the Oscilloscope and the Synchrowave screen at about 620 seconds into the test. At this point, the spoofer has moved the victim receiver 2 µs off in time and has completely captured the receiver.  The delicate initial capture-and-carry-off is performed at a slow rate to suppress any evidence of the spoofer’s presence. However, this process could be done quicker because the receiver was not looking for such evidence of foul play. At this stage of the test, there is not yet any significant difference between the two phasors on the Synchrowave screen, since the spoofed time offset remains relatively small. The oscilloscope, however, reveals that the PPS output from the victim receiver has moved by about 2 µs relative to the reference PPS. At this point, the spoofer begins to accelerate the victim receiver’s time solution at a distance-equivalent rate of 4 m/s2 until it reaches a final distance-equivalent velocity of 1000 m/s. Distance-equivalent velocity can be converted into the actual time rate of change of time by dividing by the speed of light.

    Figure 5. Oscilloscope and Synchrowave screen at about 620 seconds, point 2 in Figure 3.
    Figure 5. Oscilloscope and Synchrowave screen at about 620 seconds, point 2 in Figure 3.

    The acceleration segment of the attack must be tailored to the individual receiver’s ability to track the spoofer-induced dynamics. Otherwise, the spoofer risks losing control of the victim receiver’s tracking loops by moving too quickly for the receiver to track or by raising alarms. Alternatively, a malefactor could survey possible GPS time reference receivers that might be used and tailor the spoofing attack such that any of the receivers would track and believe the spoofed signals. This would place severe limits on the spoofer’s ability to manipulate timing, but would not make the attack impossible or implausible.

    Figure 6 shows the oscilloscope and Synchrowave screen at about 680 seconds into the test. At this point, the spoofer has broken the IEEE C37.118 Standard for PMUs, which requires accuracy in the measured phase angle of 0.573o. This demonstrates a significant vulnerability for PMU-based monitoring and control, since these applications leverage the accuracy supposedly guaranteed by the standard. There is yet no noticeable difference on the Synchrowave screen, but the oscilloscope clearly shows that the victim receiver has now been offset in time by about 20 µs.

    Figure 6. Oscilloscope and Synchrowave screen at about 680 seconds, point 3 in Figure. 3.
    Figure 6. Oscilloscope and Synchrowave screen at about 680 seconds, point 3 in Figure. 3.

    Figure 7 shows pictures of the oscilloscope and the Synchrowave screen at about 870 seconds into the test. At this point, the spoofer has reached its final velocity of 1000 m/s. A phase angle offset of 10o has also been introduced in a matter of minutes. As expected, there is a marked difference in the phasors on the Synchrowave screen. The oscilloscope also shows a time offset of 400 µs has been induced in the victim receiver.

    Figure 7. Oscilloscope and Synchrowave screen at about 870 seconds, point 4 in Figure 3.
    Figure 7. Oscilloscope and Synchrowave screen at about 870 seconds, point 4 in Figure 3.

    Figure 8 shows pictures of the oscilloscope and the Synchrowave screen at about 1370 seconds into the test. At this point, the spoofed signal was heavily attenuated and instantly realigned with the authentic signals. This was intended to be the end of the test, but when this particular receiver lost lock on the signal it continued to send out a valid time signal to the PMU while fly-wheeling off its internal clock. This caused an alarm to issue on the front panel of the time reference receiver indicating loss of GPS signal lock. The downstream PMU, however, was oblivious to this loss of lock. This state persisted for about half an hour before the clock finally reacquired the authentic signal and instantly realigned its time output, which caused the phasors to realign.  Figure 3 does not show the phase angle data for this entire period, but does show that the phase angle difference exceeds at least 70o before the time reference receiver reacquires the authentic signal.

    Figure 8. Oscilloscope and Synchrowave screen at about 1370 seconds, point 5 in Figure 3.
    Figure 8. Oscilloscope and Synchrowave screen at about 1370 seconds, point 5 in Figure 3.
    Implications

    Synchrophasor data provides a clear picture of the state of the power system in real-time. As the size of the power grid grows and stability margins are reduced (to provide more efficient distribution of power), it will become desirable to use synchrophasors for control purposes. PMU manufacturers are currently selling PMUs capable of implementing automated control schemes that offer response times less than 4 cycles.  Such swift response times are seen as necessary to prevent grid instability or damage to equipment.

    Control schemes based on synchrophasors rely on phase angle differences between two nodes as an indicator of a fault condition. One example of a currently operational synchrophasor-based control system is the Chicoasen-Angostura transmission link in Mexico. This transmission line links together large hydroelectric generators in Agostura to large loads in Chicoasen through two 400-kV transmission lines and one 115-kV transmission line. If a fault occurs in which both of the 400-kV lines are lost, then the hydroelectric generators may experience angular instability. In order to prevent this, a PMU was set up at each end of the transmission lines with a direct communications link between them. It was found that under nominal and single-fault (only one 400-kV line lost) conditions, the phase angle difference between the two locations was less than 7o, whereas a double-fault (both 400-kV lines lost) produced a phase angle difference of 14o. Based on this finding, the PMUs were configured so that if the phase angle difference exceeded 10o, the hydroelectric generators would be automatically tripped.

    If a spoofer were to attack this system in Mexico or a similar implementation elsewhere, then the spoofer could cause a generator trip. In the test described in the previous section, a 10o offset, the threshold for the Chicoasen-Angostura link, was induced by the spoofer about 250 s after capturing the target receiver, as seen in Figures 3 and 7. A malefactor could even lead the phase angle off in the opposite direction (say 7o) before cutting both 400-kV transmission lines. Instead of causing a generator to unnecessarily trip, this would prevent PMUs from tripping the generator when required and potentially cause damage to the generator or remaining transmission lines.

    Beyond tripping a single generator, there is potential for the effects of the attack to propagate through the grid and cause cascading faults across the grid. One example of this type of cascading failure is the 2003 Northeast blackout. Although this blackout did not involve PMUs or a spoofing attack, it demonstrates how an appropriately targeted attack against PMUs used for control on the power grid could cause large scale blackouts that originate with a single generator or transmission line trip.

    On August 14, 2003, at 3:05 p.m., a 345-kV transmission line in Ohio began to sag from increased flow of electric power. When the line sagged too close to a tree, it caused a short-to-ground and tripped offline. This is something that happens fairly frequently on the massive U.S. electrical grid and is usually easily dealt with. However, the tripping of that line in northern Ohio began a cascade of failures that, in a little more than an hour, led to a near total power loss for more than 50 million people in the northeastern U.S. and parts of Canada.

    The blackout is estimated to have cost approximately $6 billion for only four days of power loss. This led the Department of Energy and the North American Electric Reliability Corporation (NERC) to fund and push for an improved “smart grid” with synchrophasor technology as a major component.

    As previously pointed out, PMUs are high-speed, real-time synchronized measurement devices used to diagnose the health of the electricity grid. With synchrophasor data, electric utilities can use existing power more efficiently and push more power through the grid while reducing the likelihood of power disruptions like blackouts. Synchrophasor measurements are being looked at to reduce the likelihood of false and inappropriate triggers of transmission system circuit breakers that protectively shut down electrical flow and contribute to cascading blackouts. However, GPS spoofing poses a significant threat to these objectives for PMUs and can make synchrophasor-based control the cause for these events instead of the cure.

    Conclusions

    Spoofing poses a threat to the integrity of synchrophasor measurements. A spoofer can introduce a time offset in the time reference receiver that provides the timing signal for a PMU without having physical access to the receiver itself. This produces a corresponding phase offset in the synchrophasor data coming from that PMU. Tests demonstrated that a PMU could be made to violate the IEEE C37.118 Standard for synchrophasors in about 11 minutes from the start of a spoofing attack.

    As PMU usage continues to grow throughout the world, PMUs will increasingly be used for automatic control purposes instead of just grid monitoring. The tests described here demonstrate that a spoofer could cause control schemes to falsely trip a generator.  In the presence of other exacerbating factors, this could lead to a cascade of faults and a large scale blackout.

    Daniel P. Shepard is pursuing M.S. and Ph.D. degrees in aerospace engineering at the University of Texas at Austin. He is a member of the Radionavigation Laboratory.

    Todd E. Humphreys is an assistant professor of aerospace engineering and engineering mechanics at the University of Texas at Austin and director of the Radionavigation Laboratory. He received a Ph.D. in aerospace engineering from Cornell University.

    Aaron A. Fansler serves as cyber critical infrastructure protection (CCIP) program manager for Northrop Grumman Information System. He obtained a Master’s degree from Capitol College in information assurance and is currently working on a Ph.D. in that field.

     

    Generation, Transmission

    The generation, transmission, and distribution of electric power make the power grid the most critical of critical infrastructures in the United States. Past events and numerous government demonstrations have shown just how vulnerable the power grid can be, not only to natural disasters, but more importantly to malicious cyber activity, which is on the rise.  Past consequences of power disruption were annoyance and some economic cost; future disruptions from intentional malicious activity could cascade into crippling failures. Cyber threats now rival the consequences of physical attacks.

    Over the past decade, the power industry has seen an explosion in the use of accurate, synchronized time incorporated into its controlling networks. Accurate timing signals are exploited in power systems from the generation plant down to the distribution substation and now down to individual smart grid component.

    The value of time synchronization is best understood by recognizing that the power grid is a single, complex, interconnected, and interdependent network. What happens in one part of the grid affects operation elsewhere, and in other systems reliant on stable power, as was observed in the 2003 Northeast Blackout.

    With the transition to smart technologies and a unified, synchronized grid, the potential for catastrophic cascading failures increases if proper control measures are not implemented. Time-synchronized measurements are changing the way electric power systems are controlled to protect against these events. Phasor measurement units (PMUs) have recently emerged as one technology which has the potential to one day anticipate failures, making it possible to take remedial actions before failures spread across the network.

    PMUs rely on GPS to provide accurate, synchronized time across the power grid. This reliance creates a vulnerability to a particular type of malicious attack: GPS spoofing. Spoofers generate counterfeit GPS signals that commandeer a victim receiver’s tracking loops and induce spoofer-controlled time or position offsets. The 2001 USDOT Volpe Report noted the absence of any off-the-shelf defense against civilian spoofing. In 2008, researchers demonstrated that an inexpensive portable software-defined GPS spoofer could be built from off-the-shelf components.

    Northrop Grumman Information Systems (NGIS) and the University of Texas (UT) conducted a functional test and evaluation of the effects a spoofed GPS timing signal would have on synchrophasors, to determine if adverse effects could be produced on a sensitive timing-signal-dependent network such as a Supervisor Control and Data Acquisition (SCADA) network and the network devices such as PMUs. This article describes the test.