education.curent.utk.edu · Web viewWe downloaded LiClipse, an IDE for Python 3, to practice ....
Transcript of education.curent.utk.edu · Web viewWe downloaded LiClipse, an IDE for Python 3, to practice ....
Vulnerability Assessment of
Phasor Networks
`
Terryl Dodson, Madeline Phillips – L&N STEM Academy
Xiangyu Niu
Abstract – Phasor networks transmit vital information about the energy grid, and
consist of data-collecting PMU’s, or phasor measurement units, that transfer the
information to data-consolidating PDC’s, or phasor data concentrators. We
conducted experiments that prove how vulnerable the network is to attack. This
vulnerability is an issue because the network’s data can be captured and
manipulated to conceal energy grid disturbances; the best solution to this issue
would be to encrypt the phasor networks.
I. INTRODUCTION
Phasor Networks are the data transmission method widely used across North
America’s energy grid. Sent through these networks is crucial information regarding the
energy grid’s operation: the status of the electrical waves using a universal time source.
This common timekeeper allows a standard to be applied to electrical waves from all
across the country. By monitoring the electrical waves on the grid, supervisors can tell if
there’s a power disturbance or outage anywhere, and take action to rectify this issue.
Additionally, researchers use the data from the phasor networks to make the grid more
efficient.
Phasor measurement units, or PMU’s, are located all across the energy grid.
These are the devices that collect the electrical wave information and transmit it back to
phasor data concentrators, or PDC’s. Many PMU’s connect to one PDC, creating a
phasor network. Unfortunately, the transmissions within phasor networks are entirely
unsecured, leaving all the information vulnerable to interception and manipulation. This
is an issue because attackers can easily penetrate the network and alter the data being sent
to the PDC’s. With this ability, they could inflict a variety of damage: anything from
concealing a power grid failure to changing the results of a researcher’s experiment.
II. LITERATURE REVIEW
We were provided with access to a Lynda.com account that we used to learn both
Python 3 and networking basics, such as the OSI and TCP/IP models. We also used
Google and YouTube to gain a fuller understanding of networking, with a focus on
phasor networks. We downloaded LiClipse, an IDE for Python 3, to practice
programming. After learning about RSA encryption, we wrote a program that would
encrypt and decrypt a user’s message using RSA (Figure 1).
Throughout the entire project, we became familiar with Kali Linux and programs
designed for it, such as Wireshark and Scapy. We were also required to become
comfortable with the operation of the Linux terminal, an understanding that is necessary
for many basic functions in the operating system. Overall, the project gave us a better
concept regarding the ways computers communicate with one another, and a higher
comfort level with the jargon relating to this communication.
III. METHOD
To start, we installed a PDC simulator on one computer and a PMU simulator on
a second one (The simulator we used: ipdc.codeplex.com). Then, we configured them so
that the PMU would send data to the PDC, and the PDC could control the PMU—just
like a real-world phasor network (See Figure 2).
RSA Encryption/Decryption (Figure 1)
PMU simulator sending data to PDC simulator (Figure 2)
Next, we configured Wireshark to only capture the transmission between the IP
addresses of the two computers, and we began the capture process. We instructed the
PDC simulator to both start and stop the data stream from the PMU. We were able to
successfully intercept the transmission. Afterward, we exported the PDC’s captured
command signals to a *.pcap file.
Now, we opened Scapy in the terminal and attempted to use it to re-send the
command signals to the PMU in order to disable it without a command from the PDC
(See Figure 3).
Sending command packets using Scapy (Figure 3)
Although we were able to successfully send the command packet, the PMU would
not accept or respond to it because the validation information had not been updated.
IV. RESULTS
Using Wireshark, we were able to capture the transmission from the PMU to the
PDC (Figure 4). This included the command signals and simulated electrical grid data.
We were also able to determine the IP/MAC address pairs for all the devices on the
network.
Although we were also able to use Scapy to send the captured command packets
to the PMU, it did not disable the PMU as intended, due to the fact that we had not fixed
the timestamp or re-calculated the checksums—necessary steps for the commands to pass
the verification steps.
V. DISCUSSION
As evidenced by our ability to capture the phasor network commands, its
unsecured attributes could pose a danger to the energy grid. First and foremost in
concern, attackers could intercept and manipulate the PMU’s data to conceal a
disturbance in the grid. On one hand, too much energy could be routed to one section of
the grid and attackers could falsify data to mask the transformer overload. The resultant
Data captured by Wireshark (Figure 4)
transformer explosions could result in millions of dollars of damage and only a ghost on
which to pin the blame. On the other hand, an accident or natural disaster could disable
electricity flow in a section of the grid, and similarly the data could be altered to look
stable. In this case, customers could face an extended power outage without the
knowledge of the power supplier, and the company’s reliability ratings might decrease. In
either scenario, the functionality of the energy grid is interrupted with monetary and
social consequences. Perhaps less damaging, but still concerning, instead of manipulating
data streaming from a PMU, an attacker could simply halt the operation of the PMU
using the captured control packets. Although such an attack would not be as insipid due
to supervisors’ ability to recognize the appearance of a problem after noticing the halt of
the data transmission, it would still prove to be an inconvenience in its disruption of the
grid’s data flow.
Second, an attacker could wreak major havoc in the results of a scientist or
researcher who is using data from the energy grid for any purpose: for example, a
researcher studying ways to make the grid more efficient by analyzing electrical waves. If
there were a spike in the energy grid and an attacker used their control over the
surrounding PMU’s to conceal the ripple effect across the grid, the researcher could draw
mistaken conclusions regarding the significance and impact of energy spikes. In effect,
the final product of the research could contain flaws that would make in an unviable
candidate for real-world implementation.
The best solution to this issue would be to encrypt the phasor networks. Though it
is impossible to stop attackers from being able to intercept data within the phasor
network, encryption could make it unusable and immutable to them. One common and
efficient method of encryption is the RSA cryptosystem. By using RSA, the data, control
commands, and IP/MAC address pairs on the network would be converted into
indecipherable numeric strings. Without the decryption formula, an attacker would be
helpless to understand the intercepted data, much less abuse it. RSA’s complex
encryption/decryption formula generation process and its being tailored specifically to
securing data transmissions make it the ideal fit for securing the currently vulnerable
phasor networks.
VI. CONCLUSION
At the start of this project, we intended to accomplish several objectives: first to
intercept the data transmission from the PMU to PDC, second to disable the PMU using
the captured control commands, and third to alter the intercepted data before sending it
on to the PDC. However, as we delved deeper into our research and began to understand
the operations of the systems better, we realized that the scope of our intended project
was much larger than the time we had to work with. Thus, we shortened the objective of
our project to simply capturing the data transmission, disabling the PMU, and suggesting
methods to secure the network. Although disabling the PMU turned out to be too
advanced for us due to our programming skills being too weak to recalculate checksums,
we were able to accomplish the other two objectives.
VII. ACKNOWLEDGEMENTS
Thank you to our amazing mentor Xiangyu Niu who devoted so much of his time
to help us understand our project.
This work was supported in part by the Engineering Research Center
Program of the National Science Foundation and the Department of Energy
under NSF Award Number EEC-1041877 and the CURENT Industry Partnership
Program.
VIII. REFERENCES
"Definition: Phasor Data Concentrator (PDC)." OpenEI. U.S. Department of Energy, n.d.
Web.
"Synchrophasor Applications in Transmission Systems." SmartGrid.gov. U.S.
Department of Energy, n.d. Web.
Weisstein, Eric W. "RSA Encryption." MathWorld. Wolfram Research, Inc., n.d. Web.