Visible to the public Experimental Setup for Grid Control Device Software Updates in Supply Chain Cyber-Security

TitleExperimental Setup for Grid Control Device Software Updates in Supply Chain Cyber-Security
Publication TypeConference Paper
Year of Publication2022
AuthorsKeller, Joseph, Paul, Shuva, Grijalva, Santiago, Mooney, Vincent J.
Conference Name2022 North American Power Symposium (NAPS)
Keywordscontrol device software update, Cybersecurity Damage Assessment, hardware-in-the-loop simulation, maintenance engineering, Malware, performance evaluation, power grids, protection relay, pubcrawl, Relays, resilience, Resiliency, Supply Chain Cybersecurity, Supply chains
AbstractSupply chain cyberattacks that exploit insecure third-party software are a growing concern for the security of the electric power grid. These attacks seek to deploy malicious software in grid control devices during the fabrication, shipment, installation, and maintenance stages, or as part of routine software updates. Malicious software on grid control devices may inject bad data or execute bad commands, which can cause blackouts and damage power equipment. This paper describes an experimental setup to simulate the software update process of a commercial power relay as part of a hardware-in-the-loop simulation for grid supply chain cyber-security assessment. The laboratory setup was successfully utilized to study three supply chain cyber-security use cases.
DOI10.1109/NAPS56150.2022.10012179
Citation Keykeller_experimental_2022