Mitigating the Aurora Vulnerability : vTools Events

IEEE.org | IEEE Xplore Digital Library | IEEE Standards | IEEE Spectrum | More Sites

Mitigating the Aurora Vulnerability

#PES/IAS #Aurora #Effect

Description: Idaho National Laboratory ran the Aurora Generator Test in 2007 to demonstrate how a cyber attack could destroy physical components of the electric grid. The experiment used a computer program to rapidly open and close a diesel generator's circuit breakers out of phase from the rest of the grid and explode. This vulnerability is referred to as the Aurora Vulnerability.

The Aurora Vulnerability is especially a concern because much grid equipment supports using Modbus and other legacy communications protocols that were designed without security in mind. As such, they don't support authentication, confidentiality, or replay protection, which means any attacker that can communicate with the device can control it and use the Aurora Vulnerability to destroy it. This is a serious concern, as the failure of even a single generator could cause widespread outages and possibly cascading failure of the entire power grid, like what occurred in the Northeast blackout of 2003. Additionally, even if there are no outages from the removal of a single component (N-1 resilience), there is a large window for a second attack or failure, as it could take more than a year to replace it, because many generators and transformers are custom-built for the substation.

The Aurora Vulnerability can be mitigated by preventing the out-of-phase opening and closing of the breakers. Some suggested methods include adding functionality in protective relays to ensure synchronism and adding a time delay for closing breakers.

Speaker: Joshua Hughes, Field Application Engineer, Schweitzer Engineering Labs

One Professional Development Hour will be available for attending this event.

Dinner provided: $10 IEEE & TSPE members, $20 non-members. Please include any special dietary requests in your registration.

Registration required by March 11th @ 5pm

Joshua Hughes graduated from Tennessee Technological University in 2004 with a BSEE focused on digital signals. He worked as a system engineer at Tennessee Valley Authority's nuclear substations for five years. In 2009, Joshua joined Schweitzer Engineering Laboratories, Inc., where he served as a project engineer for Engineering Services in Vacaville, California. He currently holds the title of field application engineer and works in Soddy Daisy, Tennessee where his work includes providing application and product support and technical training for protective relay users. Joshua is a member of the IEEE and is a registered professional engineer in the state of Tennessee.

Date and Time

Location

Hosts

Registration

Add Event to Calendar
iCal
Google Calendar

9180 Crestwyn Hills Drive
Memphis, Tennessee
United States 38125

Contact Event Host
Brian King, bking@fisherarnold.com
Co-sponsored by PES/IAS & TSPE

Starts 03 March 2015 06:00 AM UTC
Ends 12 March 2015 02:00 PM UTC

Admission fee (optional) ?

Agenda

Please include any special dietary requests in your registration. Thank you.