Visible to the public A Collaborative Defense for Securing Protective Relay Settings in Electrical Cyber Physical Systems

TitleA Collaborative Defense for Securing Protective Relay Settings in Electrical Cyber Physical Systems
Publication TypeConference Paper
Year of Publication2018
AuthorsNuqui, Reynaldo, Hong, Junho, Kondabathini, Anil, Ishchenko, Dmitry, Coats, David
Conference Name2018 Resilience Week (RWS)
Date Publishedaug
Keywordsactual relays, circuit breakers, Collaboration, Collaborative Defense, computing technologies, control layer, CPS Resilience, critical infrastructure protection, cyber physical security, cyber physical systems, cyber security, cyber-attack, Cyber-physical systems, cyber-physical test bed, defense systems, domain based rules, electrical cyber physical systems, Embedded systems, energy cyber-physical systems, IEC 61850, IEC 61850 GOOSE messages, IEC standards, malicious change, modern power systems, neighboring devices, peer-to-peer communication, power engineering computing, power system faults, Power system protection, power system reliability, power systems infrastructures, protection and control, protection settings, Protective relaying, Protective Relays, pubcrawl, relay coordination, relay coordination principles, relay protection, resilience, Resiliency, securing protective relay settings, security, security of data, setting changes, setting rules, simulated cyber-attacks, substation automation, Substations
AbstractModern power systems today are protected and controlled increasingly by embedded systems of computing technologies with a great degree of collaboration enabled by communication. Energy cyber-physical systems such as power systems infrastructures are increasingly vulnerable to cyber-attacks on the protection and control layer. We present a method of securing protective relays from malicious change in protective relay settings via collaboration of devices. Each device checks the proposed setting changes of its neighboring devices for consistency and coordination with its own settings using setting rules based on relay coordination principles. The method is enabled via peer-to-peer communication between IEDs. It is validated in a cyber-physical test bed containing a real time digital simulator and actual relays that communicate via IEC 61850 GOOSE messages. Test results showed improvement in cyber physical security by using domain based rules to block malicious changes in protection settings caused by simulated cyber-attacks. The method promotes the use of defense systems that are aware of the physical systems which they are designed to secure.
Citation Keynuqui_collaborative_2018