Assessment of Low-Budget Targeted Cyberattacks Against Power Systems

Xiao Rui Liu, Anastasis Keliris, Charalambos Konstantinou, Marios Sazos, Michail Maniatakos

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

The security and well-being of societies and economies are tied to the reliable and resilient operation of power systems. In the next decades, power systems are expected to become more heavily loaded and operate closer to their stability limits and operating constraints. On top of that, in recent years, cyberattacks against computing systems and networks integrated in the power grid infrastructure are a real and growing threat. Such actions, especially in industrial environments such as power systems, are generally deemed feasible only by resource-wealthy nation state actors. This chapter challenges this perception and presents a methodology, named Open Source Exploitation (OSEXP), which utilizes information from public infrastructure to assess an advanced attack vector on power systems. The attack targets Phasor Measurement Units (PMUs) which depend on Global Positioning System (GPS) signals to provide time-stamped circuit quantities of power lines. Specifically, we present a GPS time spoofing attack using low-cost commercial devices and open source software. The necessary information for the instantiation of the OSEXP attack is extracted by developing a test case model of the power system in a digital real-time simulator (DRTS). DRTS is also employed to evaluate the effectiveness and impact of the developed OSEXP attack methodology. The presented targeted attack demonstrates that an actor with limited budget has the ability to cause significant disruption to a nation.

Original languageEnglish (US)
Title of host publicationVLSI-SoC
Subtitle of host publicationDesign and Engineering of Electronics Systems Based on New Computing Paradigms - 26th IFIP WG 10.5/IEEE International Conference on Very Large Scale Integration, VLSI-SoC 2018, Revised and Extended Selected Papers
EditorsRicardo Reis, Nicola Bombieri, Graziano Pravadelli, Masahiro Fujita, Todd Austin
PublisherSpringer New York LLC
Pages232-256
Number of pages25
ISBN (Print)9783030234249
DOIs
StatePublished - Jan 1 2019
Event26th IFIP/IEEE WG 10.5 International Conference on Very Large Scale Integration, VLSI-SoC 2018 - Verona, Italy
Duration: Oct 8 2018Oct 10 2018

Publication series

NameIFIP Advances in Information and Communication Technology
Volume561
ISSN (Print)1868-4238

Conference

Conference26th IFIP/IEEE WG 10.5 International Conference on Very Large Scale Integration, VLSI-SoC 2018
CountryItaly
CityVerona
Period10/8/1810/10/18

Fingerprint

Power system
Attack
Exploitation
Open source
Global positioning system
Methodology
Well-being
Disruption
Resources
Grid
Costs
Integrated
Public infrastructure
Nation-state
Threat
Open source software

ASJC Scopus subject areas

  • Information Systems and Management

Cite this

Liu, X. R., Keliris, A., Konstantinou, C., Sazos, M., & Maniatakos, M. (2019). Assessment of Low-Budget Targeted Cyberattacks Against Power Systems. In R. Reis, N. Bombieri, G. Pravadelli, M. Fujita, & T. Austin (Eds.), VLSI-SoC: Design and Engineering of Electronics Systems Based on New Computing Paradigms - 26th IFIP WG 10.5/IEEE International Conference on Very Large Scale Integration, VLSI-SoC 2018, Revised and Extended Selected Papers (pp. 232-256). (IFIP Advances in Information and Communication Technology; Vol. 561). Springer New York LLC. https://doi.org/10.1007/978-3-030-23425-6_12

Assessment of Low-Budget Targeted Cyberattacks Against Power Systems. / Liu, Xiao Rui; Keliris, Anastasis; Konstantinou, Charalambos; Sazos, Marios; Maniatakos, Michail.

VLSI-SoC: Design and Engineering of Electronics Systems Based on New Computing Paradigms - 26th IFIP WG 10.5/IEEE International Conference on Very Large Scale Integration, VLSI-SoC 2018, Revised and Extended Selected Papers. ed. / Ricardo Reis; Nicola Bombieri; Graziano Pravadelli; Masahiro Fujita; Todd Austin. Springer New York LLC, 2019. p. 232-256 (IFIP Advances in Information and Communication Technology; Vol. 561).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Liu, XR, Keliris, A, Konstantinou, C, Sazos, M & Maniatakos, M 2019, Assessment of Low-Budget Targeted Cyberattacks Against Power Systems. in R Reis, N Bombieri, G Pravadelli, M Fujita & T Austin (eds), VLSI-SoC: Design and Engineering of Electronics Systems Based on New Computing Paradigms - 26th IFIP WG 10.5/IEEE International Conference on Very Large Scale Integration, VLSI-SoC 2018, Revised and Extended Selected Papers. IFIP Advances in Information and Communication Technology, vol. 561, Springer New York LLC, pp. 232-256, 26th IFIP/IEEE WG 10.5 International Conference on Very Large Scale Integration, VLSI-SoC 2018, Verona, Italy, 10/8/18. https://doi.org/10.1007/978-3-030-23425-6_12
Liu XR, Keliris A, Konstantinou C, Sazos M, Maniatakos M. Assessment of Low-Budget Targeted Cyberattacks Against Power Systems. In Reis R, Bombieri N, Pravadelli G, Fujita M, Austin T, editors, VLSI-SoC: Design and Engineering of Electronics Systems Based on New Computing Paradigms - 26th IFIP WG 10.5/IEEE International Conference on Very Large Scale Integration, VLSI-SoC 2018, Revised and Extended Selected Papers. Springer New York LLC. 2019. p. 232-256. (IFIP Advances in Information and Communication Technology). https://doi.org/10.1007/978-3-030-23425-6_12
Liu, Xiao Rui ; Keliris, Anastasis ; Konstantinou, Charalambos ; Sazos, Marios ; Maniatakos, Michail. / Assessment of Low-Budget Targeted Cyberattacks Against Power Systems. VLSI-SoC: Design and Engineering of Electronics Systems Based on New Computing Paradigms - 26th IFIP WG 10.5/IEEE International Conference on Very Large Scale Integration, VLSI-SoC 2018, Revised and Extended Selected Papers. editor / Ricardo Reis ; Nicola Bombieri ; Graziano Pravadelli ; Masahiro Fujita ; Todd Austin. Springer New York LLC, 2019. pp. 232-256 (IFIP Advances in Information and Communication Technology).
@inproceedings{1c53ed7dfc71463a9e182b9a547cf878,
title = "Assessment of Low-Budget Targeted Cyberattacks Against Power Systems",
abstract = "The security and well-being of societies and economies are tied to the reliable and resilient operation of power systems. In the next decades, power systems are expected to become more heavily loaded and operate closer to their stability limits and operating constraints. On top of that, in recent years, cyberattacks against computing systems and networks integrated in the power grid infrastructure are a real and growing threat. Such actions, especially in industrial environments such as power systems, are generally deemed feasible only by resource-wealthy nation state actors. This chapter challenges this perception and presents a methodology, named Open Source Exploitation (OSEXP), which utilizes information from public infrastructure to assess an advanced attack vector on power systems. The attack targets Phasor Measurement Units (PMUs) which depend on Global Positioning System (GPS) signals to provide time-stamped circuit quantities of power lines. Specifically, we present a GPS time spoofing attack using low-cost commercial devices and open source software. The necessary information for the instantiation of the OSEXP attack is extracted by developing a test case model of the power system in a digital real-time simulator (DRTS). DRTS is also employed to evaluate the effectiveness and impact of the developed OSEXP attack methodology. The presented targeted attack demonstrates that an actor with limited budget has the ability to cause significant disruption to a nation.",
author = "Liu, {Xiao Rui} and Anastasis Keliris and Charalambos Konstantinou and Marios Sazos and Michail Maniatakos",
year = "2019",
month = "1",
day = "1",
doi = "10.1007/978-3-030-23425-6_12",
language = "English (US)",
isbn = "9783030234249",
series = "IFIP Advances in Information and Communication Technology",
publisher = "Springer New York LLC",
pages = "232--256",
editor = "Ricardo Reis and Nicola Bombieri and Graziano Pravadelli and Masahiro Fujita and Todd Austin",
booktitle = "VLSI-SoC",

}

TY - GEN

T1 - Assessment of Low-Budget Targeted Cyberattacks Against Power Systems

AU - Liu, Xiao Rui

AU - Keliris, Anastasis

AU - Konstantinou, Charalambos

AU - Sazos, Marios

AU - Maniatakos, Michail

PY - 2019/1/1

Y1 - 2019/1/1

N2 - The security and well-being of societies and economies are tied to the reliable and resilient operation of power systems. In the next decades, power systems are expected to become more heavily loaded and operate closer to their stability limits and operating constraints. On top of that, in recent years, cyberattacks against computing systems and networks integrated in the power grid infrastructure are a real and growing threat. Such actions, especially in industrial environments such as power systems, are generally deemed feasible only by resource-wealthy nation state actors. This chapter challenges this perception and presents a methodology, named Open Source Exploitation (OSEXP), which utilizes information from public infrastructure to assess an advanced attack vector on power systems. The attack targets Phasor Measurement Units (PMUs) which depend on Global Positioning System (GPS) signals to provide time-stamped circuit quantities of power lines. Specifically, we present a GPS time spoofing attack using low-cost commercial devices and open source software. The necessary information for the instantiation of the OSEXP attack is extracted by developing a test case model of the power system in a digital real-time simulator (DRTS). DRTS is also employed to evaluate the effectiveness and impact of the developed OSEXP attack methodology. The presented targeted attack demonstrates that an actor with limited budget has the ability to cause significant disruption to a nation.

AB - The security and well-being of societies and economies are tied to the reliable and resilient operation of power systems. In the next decades, power systems are expected to become more heavily loaded and operate closer to their stability limits and operating constraints. On top of that, in recent years, cyberattacks against computing systems and networks integrated in the power grid infrastructure are a real and growing threat. Such actions, especially in industrial environments such as power systems, are generally deemed feasible only by resource-wealthy nation state actors. This chapter challenges this perception and presents a methodology, named Open Source Exploitation (OSEXP), which utilizes information from public infrastructure to assess an advanced attack vector on power systems. The attack targets Phasor Measurement Units (PMUs) which depend on Global Positioning System (GPS) signals to provide time-stamped circuit quantities of power lines. Specifically, we present a GPS time spoofing attack using low-cost commercial devices and open source software. The necessary information for the instantiation of the OSEXP attack is extracted by developing a test case model of the power system in a digital real-time simulator (DRTS). DRTS is also employed to evaluate the effectiveness and impact of the developed OSEXP attack methodology. The presented targeted attack demonstrates that an actor with limited budget has the ability to cause significant disruption to a nation.

UR - http://www.scopus.com/inward/record.url?scp=85068600784&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85068600784&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-23425-6_12

DO - 10.1007/978-3-030-23425-6_12

M3 - Conference contribution

AN - SCOPUS:85068600784

SN - 9783030234249

T3 - IFIP Advances in Information and Communication Technology

SP - 232

EP - 256

BT - VLSI-SoC

A2 - Reis, Ricardo

A2 - Bombieri, Nicola

A2 - Pravadelli, Graziano

A2 - Fujita, Masahiro

A2 - Austin, Todd

PB - Springer New York LLC

ER -